Professional Documents
Culture Documents
SC23-5987-04
Lotus Sametime
®
SC23-5987-04
Note
Before using this information and the product it supports, read the information in “Notices” on page 637.
Edition notice
This edition applies to version 8.5 of IBM Lotus Sametime (program number 5724–J23) and to all subsequent
releases and modifications until otherwise indicated in new editions.
© Copyright International Business Machines Corporation 1996, 2009.
US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract
with IBM Corp.
Contents
Chapter 1. Overview . . . . . . . . . 1 Installing DB2 on Linux and Windows . . . . 57
Accessibility features for Lotus Sametime . . . . . 1 Installing the Lotus Sametime System Console. . 59
What’s new in Lotus Sametime 8.5? . . . . . . 2 Connecting to an LDAP server . . . . . . . 64
What is Lotus Sametime? . . . . . . . . . . 3 Installing a Lotus Sametime Community Server
Lotus Sametime server architecture . . . . . . 6 and supporting software . . . . . . . . . 69
Lotus Sametime System Console . . . . . . . 8 Installing a Lotus Sametime Proxy Server . . . 101
Lotus Sametime Community Server . . . . . 8 Installing a Lotus Sametime Media Manager . . 107
Lotus Sametime Proxy Server . . . . . . . . 9 Installing a Lotus Sametime Meeting Server . . 115
Lotus Sametime Media Manager. . . . . . . 9 Installing a Lotus Sametime Gateway server . . 122
Lotus Sametime Meeting Server . . . . . . 10 Installing the WebSphere Application Server
Lotus Sametime Gateway. . . . . . . . . 10 Update Installer . . . . . . . . . . . 196
Lotus Sametime clients . . . . . . . . . 11 Deploying the Sametime client to users. . . . 199
Meeting features in Connect versus Web clients . . 13 Starting and stopping servers in a Lotus
Glossary . . . . . . . . . . . . . . . 16 Sametime deployment . . . . . . . . . 230
Uninstalling . . . . . . . . . . . . . 240
Chapter 2. Planning . . . . . . . . . 23 Installing on IBM i . . . . . . . . . . . 248
Preparing to install Lotus Sametime on IBM i 249
Skills needed for Sametime administration . . . . 23
Installing the Lotus Sametime System Console 250
System requirements . . . . . . . . . . . 24
Connecting to an LDAP server . . . . . . 255
Downloading Lotus Sametime files for installation 24
Installing a Lotus Sametime Community Server
Supporting IPv6 addressing in a Lotus Sametime
and supporting software . . . . . . . . 260
deployment . . . . . . . . . . . . . . 25
Installing a Lotus Sametime Proxy Server . . . 312
Supporting IPv4, IPv6, or both protocols. . . . 26
Installing a Lotus Sametime Meeting Server . . 318
Enabling support for IPv6 . . . . . . . . 28
Installing a Lotus Sametime Gateway server . . 327
Planning deployment topologies . . . . . . . 33
Installing the WebSphere Application Server
Deploying instant messaging and presence only 33
Update Installer on IBM i . . . . . . . . 397
Deploying instant messaging and meetings . . . 34
Deploying the Sametime client to users. . . . 399
Deploying instant messaging, meetings, and Web
Starting and stopping servers in a Lotus
clients . . . . . . . . . . . . . . . 34
Sametime deployment . . . . . . . . . 417
Deploying instant messaging, meetings, Web
Uninstalling . . . . . . . . . . . . . 423
clients, audio, and video . . . . . . . . . 34
Deploying instant messaging to external
messaging communities . . . . . . . . . 35 Chapter 4. Migrating and upgrading 431
Planning for an LDAP directory . . . . . . . 40 Upgrading Lotus Sametime. . . . . . . . . 431
Planning a Community Server installation . . . . 41 Upgrading Lotus Sametime on AIX, Linux,
Audio/video considerations . . . . . . . . 42 Solaris, or Windows . . . . . . . . . . 431
Planning for the dedicated Domino server for Upgrading Lotus Sametime on IBM i . . . . 502
Lotus Sametime . . . . . . . . . . . . 43 Upgrading Lotus Sametime Gateway . . . . . 578
Deploying a stand-alone Community Server Mux 44 Upgrading the DB2 server . . . . . . . . 579
Planning a Lotus Sametime Media Manager Upgrading Lotus Sametime Gateway servers 579
installation . . . . . . . . . . . . . . 47 Upgrading Sametime clients . . . . . . . . 631
Audio and video considerations . . . . . . 48 Considerations for upgrading the Sametime
Planning a Lotus Sametime Gateway installation . . 50 Connect client . . . . . . . . . . . . 631
Planning for migration from an earlier release . . . 53 Retiring older Sametime clients . . . . . . 632
Clustering Sametime servers for high availability . . 55 Installing the new Lotus Sametime client . . . 636
Giving users a preview guide . . . . . . . . 56
Notices . . . . . . . . . . . . . . 637
Chapter 3. Installing . . . . . . . . . 57 Trademarks . . . . . . . . . . . . . . 639
Installing on AIX, Linux, Solaris, and Windows . . 57
This section contains an overview of the components of IBM Lotus Sametime for
installers and administrators.
Accessibility features
The Lotus Sametime System Console is based on the IBM WebSphere Application
Server Integrated Console, and shares the same accessibility features, described
below.
v The following features are for vision-impaired users:
– Can be operated by using only the keyboard
– Communicates all information independent of color
– Supports interfaces commonly used by screen readers and screen magnifiers
– Supports the attachment of alternate output devices
– Provides help information in an accessible format
– Supports high contrast using a white background (some icons may not
display properly on a colored background)
v The following features are for users who have mobility impairments or limited
use of their hands:
– Allows the user to request more time to complete timed responses
– Can be operated by using only the keyboard
– Supports the attachment of alternative input and output devices
v The following features are for the deaf and hard of hearing users:
– Supports alternatives to audio information
– Supports adjustable volume control
v The console does not flash the screen at rates that could induce epileptic seizures
The help system for Integrated Solutions Console has the following accessibility
features:
v Uses the accessibility support enabled by the browser that is used to display the
help
v Enables navigation by using the keyboard
To move through the controls on a particular page, use the Tab key.
To click a link or control on a page using the keyboard, navigate to the link or
control and press Enter.
To change the navigation view using the keyboard, follow these steps:
1. Navigate to the View selection list using the Tab key.
2. Use the up and down arrows to change the value of the selection list.
3. Press Enter.
The tasks displayed in the navigation are changed according to your selection.
When you administer WebSphere Application Server settings, you work in the
Integrated Solutions Console. Detailed information on console accessibility is
provided in the WebSphere Application Server information center.
See the IBM Human Ability and Accessibility Center for more information about
the commitment that IBM has to accessibility:
The focus of Sametime 8.5 is to make unified communications seamless to the user
by introducing a range of new capabilities and improvements:
v A new online meeting experience is fully integrated into the Sametime Connect
client.
v A new Sametime Meetings panel provides a consolidated view of a user’s
meetings and calendar and makes starting or joining a meeting a single-click
process. Users can easily invite others to meetings by dragging their names from
the Contact list. They can accept meeting invitations with a single click, just like
joining a group chat. Users can move seamlessly from a text chat to a voice or
video chat to a meeting. To upload meeting materials, they simply drag and
drop the items they need.
v New, zero-download, browser-based chat and meeting clients extend the desktop
experience to wherever the user is working.
Chapter 1. Overview 3
Meeting rooms – While awareness lists support instant collaboration with other
online users, the Lotus Sametime Meeting Room Center provides a central meeting
place for members of the community. In the Meeting Room Center, users can create
meeting rooms and use them whenever they want to meet with their colleagues.
Users access the Lotus Sametime Meeting Room Center with Web browsers or
from the Meetings panel in the Lotus Sametime Connect client.
Instant messaging – The Lotus Sametime client is a Java™ application that uses the
Eclipse-based IBM Lotus Expeditor. The Lotus Sametime client leverages the
Eclipse plug-in framework to provide developers with extensibility features that go
far beyond those available in previous Lotus Sametime releases. Partners,
independent software vendors (ISVs), customers, and internal developers use these
features to integrate with the Lotus Sametime client to extend its capabilities.
Instant meetings – Instant meetings are meetings that Lotus Sametime Connect
users can create on the fly, and are perfect for quick meetings when you don’t
need to save the meeting room, its content, and related information.
Voice chat – The Lotus Sametime client allows users to talk to other Lotus
Sametime users through their computer’s audio features and Voice-over-IP (VoIP)
technology. VoIP is becoming increasingly popular, since it allows users anywhere
in the world to talk inexpensively. Voice-over-IP allows users to click the
microphone icon to call another user for instant voice chats over the intranet.
Telephony– Voice chat is one of two telephony capabilities in the Lotus Sametime
IM client. The other is click-to-call (also called click-to-dial), which allows a user to
instantly create a telephone conference with one or more other users. In both cases,
a user invites other users in a chat window or on the buddy list to join a call, and
the invitees are given the opportunity to either join or decline. Those users who
choose to join can connect to the call by clicking an icon. If voice chat is used to
initiate the call, all connected parties communicate using their computer’s
microphone and speakers. If click-to-call is used, a third-party telephony service
calls each user at the appropriate number.
Video chat – Users who are equipped with video components can see each other
on their screens during a chat.
Location awareness – Lotus Sametime includes location awareness of the user, and
an extensible resource area at the bottom of the left pane that can be customized to
reflect different locations.
Contact information – The Business Card features provides the user with
telephone number, e-mail address, photo, name, title, and location displayed in the
Business Card hover-over feature and in the chat window. Business cards can be
provided by the Lotus Sametime Community Server or a Lotus Connections server.
Quick find – Users can start typing name in the Quick Find box to find a person
they want to chat with, and then click the name to initiate a chat.
Time stamp – The time of day is provided in the Chat window along side the text.
The two primary Lotus Sametime client applications are the Lotus Sametime
Connect client and the Lotus Sametime Meeting Room. The Lotus Sametime
Connect client contains a presence list that displays selected members of the
community who are online. FromLotus Sametime Connect, a user can collaborate
by sending instant messages or by starting an instant meeting with any other
online member of the community.
The Lotus Sametime Meeting Room runs in a user’s Web browser whenever the
user attends a meeting. The Lotus Sametime Meeting Room contains components
that support the full range of Lotus Sametime collaborative activities, including
interactive audio and video.
Lotus Sametime Standard is the full Lotus Sametime product offering, Lotus
Sametime Standard provides awareness, instant messaging, and meeting room
functionality.
Lotus Sametime Entry is a limited offering, providing a core set of awareness and
instant messaging capabilities either from stand-alone Lotus Sametime clients or
from within Lotus Notes®. Lotus Sametime Entry does not support meeting rooms.
In addition, Lotus Sametime Entry is sometimes packaged with other IBM
products.
You can expand your real-time collaboration capabilities in Lotus Sametime Entry
by purchasing the Lotus Sametime Standard server to add meeting room
capabilities and a richer instant messaging client to your environment.
The following table compares the features of Lotus Sametime Entry and Lotus
Sametime Standard.
Chapter 1. Overview 5
Available with Lotus Available with Lotus
Capability Sametime Entry Sametime Standard
Show short names yes yes
Show those online only yes yes
Time stamps on chats yes yes
Chat history yes yes
Rich text yes yes
Emoticons yes yes
Emoticon palettes yes yes
Business card display yes yes
Contact type ahead yes yes
Spell check in chat yes yes
Standalone Sametime yes yes
Connect client
Microsoft Office integration yes yes
Meeting rooms and instant no yes
meetings
Sametime toolkits including no yes
embedded IM through
STlinks
Sametime gateway (to public no yes
IM)
Sametime mobile access no yes
Selective ’who can see me’ no yes
Alerts setting no yes
File transfer no yes
Telephony (with 3rd party) no yes
Voice chat no yes
Video chat (native no yes
point-to-point)
Multiple communities no yes
Geographic locating no yes
Screen capture tool no yes
Selective do-not-disturb no yes
status
Lotus Sametime plug-ins no yes
The illustration below shows the different types of servers you can have in a
Sametime deployment. The second illustration names each type of server.
Chapter 1. Overview 7
Lotus Sametime System Console
The Lotus Sametime System Console is a Web-based application that provides a
central location for installing, configuring, administering, and monitoring the
Sametime family of products.
The Lotus Sametime Proxy Server communicates with the Lotus Sametime
Community Server, Lotus Sametime Meeting server, Lotus Sametime Connections
Server, and Lotus Sametime Unified Telephony Server or TCSPI-enabled server.
The Lotus Sametime Media Manager uses the Session Initiation Protocol (SIP) to
provide support for point-to-point and multipoint calls. It is designed to support
standard audio and video codecs so that it works with other external audio and
video vendors.
Chapter 1. Overview 9
v Proxy and Registrar
The Proxy and Registrar is responsible for location service and forwarding SIP
messages to a destination. It requires access to LDAP. You may also install and
configure a database to be used with it.
v Packet switcher
The Packet switcher is responsible for receiving and sending media streams from
endpoints to other endpoints in a conference. The Switcher works on audio
streams to determine the active video stream to send to the participants, a
process known as Voice-Activated Switching (VAS).
The Packet switcher requires access to LDAP, Conference server, and media
ports (1 or a range of ports for audio, and 1 or a range of ports for video). If the
switchers are installed on the same machine, ensure that are no port conflicts.
Use Lotus Sametime Gateway to connect with any of the following gateways or
communities:
v Lotus Sametime communities deployed outside of your firewall
v AOL Instant Messenger
v Google Talk
v Jabber
v Yahoo Messenger
You can install one Lotus Sametime Gateway server or cluster of Lotus Lotus
Sametime Gateway servers for a local Sametime community. A local community
can be made up of one Sametime server, or a cluster of Sametime servers
connected by a common LDAP directory. Lotus Lotus Sametime Gateway does not
support more than one local Sametime community and uses the same LDAP
directory used by the local Sametime community.
Instant messaging and presence through the Lotus Sametime Gateway depend on
direct connections between companies. The following illustration shows a local
Chapter 1. Overview 11
v Sametime Meeting Room Center in a browser - online access to Sametime
meeting rooms
v Sametime Classic Meetings client - Java-based meeting room client interacts with
the Sametime Classic Meeting Server.
Lotus Sametime 8.5 supports the following clients on Windows XP and Vista:
v Lotus Sametime Connect 8.5
v Lotus Sametime Connect 8.5 embedded in Lotus Notes 8.5.1
v Lotus Sametime Connect 8.0.2 embedded in Lotus Notes 8.5.1
v Lotus Sametime Connect 8.0.2 with the Lotus Sametime Advanced plug-in
v Lotus Sametime Connect 8.0.2 with the Lotus Sametime Unified Telephony
plug-ins
v Lotus Sametime Connect 8.0.2 with the Lotus Sametime Unified Telephony
plug-ins embedded in Notes® 8.5.1
v Lotus Sametime Connect 8.0.2 with the Lotus Sametime Advanced and Lotus
Sametime Unified Telephony plug-ins.
For Lotus Sametime Advanced, you can ensure that users get the correct plug-in
by delivering the correct version of the Lotus Sametime Advanced update site for
the Sametime or Notes client that they are using. The Lotus Sametime Advanced
update site for Lotus Sametime Connect 8.0.2 is available, now. Once the Lotus
Sametime Advanced update sites for Lotus Sametime Connect 8.5 and Lotus Notes
8.5.1 are available, then users can upgrade to the Lotus Sametime Connect 8.5 or
Lotus Notes 8.5.1 clients with the Lotus Sametime Advanced plug-ins.
For more information, see the system requirements for the Lotus Sametime family
of products at:
http://www.ibm.com/support/docview.wss?rs=477&uid=swg27016451
Chapter 1. Overview 13
Features Connect client Web client
Instantly create a Sametime yes yes
Meeting Room from
Sametime Connect Client or
browser based Meeting
Room Center
Join or create a Sametime yes no
Instant Meeting from a
1-on-1 or group chat
Assign and enter meeting yes yes
rooms from Notes, Outlook
invitations
View your calendar from yes no
Sametime Connect with one
click access to meeting rooms
One click access to Meeting yes no
rooms you own
One click access to your yes no
recently used Meeting
Rooms
Find Meeting Rooms by yes yes
owner or room name
Set passwords and hide yes yes
meeting rooms
Anonymous or guest access no yes
to meetings
Set permissions to control yes yes
whether users can share their
screens or just observe
Control who else can manage yes yes
room permissions
Invite users to meeting by yes no
drag and drop from contact
list
Browser users can participate yes yes
in meetings without any
client download
Photo and list view of yes yes
attendees
Sort participant list yes no
alphabetically or by users
with raised hands
Application and screen yes yes
sharing
Application sharing remote yes no
control (peer-to-peer)
Each meeting room has its yes yes
own, private file library
Load files into library by yes no
drag and drop
Chapter 1. Overview 15
Features Connect client Web client
Reset meeting room by yes yes
clearing out all room content
Administrators can use yes yes
policies to control in-meeting
discussion and file sharing
Reporting tool for yes yes
administrators to generate
meeting statics and usage
reports
Use HTTP/HTTPS to yes yes
connect all users, simplifying
internal and external
collaboration
Built-in failover and yes yes
clustering
Glossary
Familiarize yourself with terminology used in IBM Lotus Sametime.
Terms
breakout sessions
Users who are attending a meeting see a list of all meeting participants in
the Participant List component of the Meeting Room client. While the
meeting is in progress, a user who has Instant Meeting Policy permission
can start a ″breakout session″ with any user displayed in the Participant
List. A breakout session is an instant meeting that is started from the
Participant List of a meeting that is currently active.
Users must also be allowed by their Policy to create instant meetings in
order to create a breakout session.
chat Lotus Sametime supports text-based chat and instant messaging. A chat
session can consist of two (or more) users exchanging instant messages.
Chat or instant messaging sessions can be initiated from any contact list in
a Sametime client.
There are three basic kinds of voice chat that can be used with Sametime
Instant Messaging and Instant Meetings, and with scheduled meetings.
These are: the traditional Codec-style voice that comes with the client
workstation that is equipped with sound card and speakers, the
Sametime-ready third-party IP telephony, and the new IBM community
tools plug-in that uses voice-over-IP technology. For IP telephony,
Sametime provides a new client-side telephony application program
interface (API) that allows partners to easily integrate their telephony
service with the Instant Messaging client.
All instant messaging and chat activity is supported by Community
Services on the Sametime server.
clearinghouse
A federated community of users linked by an enterprise’s message router
that translates protocols and routes messages. When a message contains
destination domains not found elsewhere in a routing configuration, the
Chapter 1. Overview 17
multiple users to transmit and receive video packets over an IP network. In
a meeting that includes interactive IP video, the video follows the audio.
The video component of the Sametime Meeting Room client includes a
Remote and Local video window. The Remote window displays images
from the camera of the person who is speaking and the Local window
displays the image from a user’s local camera.
LDAP directory
The administrator can configure the Lotus Sametime server to connect to a
Lightweight Directory Access Protocol (LDAP) server. This capability
enables an administrator to integrate Sametime into an environment in
which LDAP servers and LDAP directories are already deployed. When
Sametime is configured to connect to an LDAP server, the Sametime server
searches and authenticates user names against entries in the LDAP
directory on the third-party LDAP server. The LDAP directory replaces the
Domino Directory as the user repository in the community. The community
is defined by the users in the LDAP directory.
logging
The Sametime server logging tools include the Sametime log and the
Domino® log. The Sametime log records events in the Sametime log
database (stlog.nsf). The Sametime Administration Tool includes logging
settings that enable you to control whether activities are logged to a
database or to text files and to determine which activities are logged. If
you log Sametime information to a database, you can view the Sametime
log from the Sametime Administration Tool.
The Sametime Administration Tool also allows an administrator to launch
the Domino Web Administration Tool to view the Domino log. The
Domino log includes information about available memory and disk space,
server performance, and databases that need maintenance.
meetings
Lotus Sametime meetings are either ″instant″ or ″scheduled.″ An instant
meeting is started immediately from a presence list in any Sametime client.
Whiteboard files cannot be saved during instant meetings. Instant meetings
cannot be recorded. A scheduled meeting is scheduled to start at a
particular time and date. Scheduled meetings are created in advance in the
Sametime Meeting Center application (stconf.nsf) on the Sametime server.
The Meeting Services and the Community Services support the starting,
stopping, and creation of meetings on the Sametime server. Components of
the Sametime Meeting Room clients interact with the Meeting Services,
Community Services, and Audio/Video Services when participating in
Sametime meetings. The Meeting Room Client provides telephony and
video features for meetings (Web conferences). When attending a meeting,
a participant can click the ’Join the call’ button on the Meeting page.
Teleconferencing services are extensible through the use of Telephony
Conferencing SPI (TCSPI) For Audio teleconferencing, telephone services
can be made available for meetings and chats, allowing the user to initiate
a call for selected users or for everyone in the meeting/chat, using
telephone network or voice over IP (VoIP). Server establishes the phone
conference by calling each participant. Audio/video services include VoIP
and video services for meetings, using G.711 and G.723 audio codecs, and
H.263+,, and can be selected when a user schedules a meeting or launches
an instant meeting.
monitoring
The Sametime server includes charts that allow you to monitor current
Chapter 1. Overview 19
Sametime Administration Tool
The Sametime®Administration Tool is an HTML and XML based
application that runs in a Web browser. You open the Sametime
Administration Tool by clicking ″Administer the Server″ on the Sametime
server home page. The Sametime Administration Tool is the primary
administration tool for the Sametime server.
Sametime Gateway
IBM Lotus Sametime Gateway serves as the clearinghouse of presence,
using Extensible Messaging and Presence Protocol (XMPP), Virtual Place
(VP) protocol, and Session Initiation Protocol (SIP) to connect clients both
inside and outside your corporate environment. The Sametime Gateway
opens Sametime to external instant messaging access. You can enable this
functionality to allow users in your community to communicate with users
in another Sametime community that contains a Sametime server with the
Sametime Gateway functionality enabled. Enabling the Sametime Gateway
functionality requires the installation of separate components
Sametime Meeting Center (stconf.nsf)
The Sametime Meeting Center is an application (a Lotus Notes® database
named stconf.nsf) on the Sametime server that is accessed by a Web
browser. This application is a central meeting place for members of the
Sametime community. From the Sametime Meeting Center, you can
schedule a meeting, start a meeting immediately, attend a meeting, and
view information about scheduled and finished meetings. All scheduled
meetings in Sametime are created in the Sametime Meeting Center. A user
who starts an instant meeting from a contact list does not access the
Sametime Meeting Center. Anonymous access is allowed to the Sametime
Meeting Center database by default. With anonymous access, users are not
required to authenticate when accessing the Sametime Meeting Center.
Sametime server
The term Sametime server is used throughout the documentation to refer
to a server that has both Lotus Sametime and Domino installed.
Sametime server clusters
The Sametime server supports Sametime server clustering. Sametime
server clusters enhance server scalability and reliability to enable Sametime
to meet the demands of large user populations, and provide load balancing
and failover capabilities for Sametime Community Services and Meeting
Services.
Sametime server home page (stcenter.nsf)
The Lotus Sametime server home page is an HTML page that exists in the
Sametime Center database (stcenter.nsf). The Sametime server home page
can only be accessed by a Web browser and is the user entry point to the
Sametime server. After installing the Sametime server on the Domino
server, you must set stcenter.nsf as the Home URL for the server. To do
this, open the Server document for the Domino server that includes
Sametime, select the Internet Protocols tab, select the HTTP tab, and enter
stcenter.nsf in the Home URL field of the Mapping section of the Server
document.
screen sharing
Screen sharing is a Lotus Sametime collaborative activity that enables
multiple users to work within a single application on one user’s computer.
Geographically dispersed users in remote locations can collaborate within a
single application to produce a document, spreadsheet, blueprint, or any
Chapter 1. Overview 21
send web pages
Send Web Pages is a Lotus Sametime collaborative activity that enables a
Meeting Moderator to send a Web page URL to all participants in a
meeting. When the Moderator sends a Web page URL to the meeting
participants, a browser window opens on each participant’s screen and
displays the Web page. If the Moderator sends an additional Web page
URL to the meeting participants, the new Web page replaces the previous
Web page in the Web browser window.
The administrator controls whether this collaborative activity is available
for meetings on the Sametime server from the Configuration - Meeting
Services - General settings of the Sametime Administration Tool.
shared whiteboard and slides tools
The slides and shared whiteboard tools are Lotus Sametime collaborative
activities. The slides tab in the meeting room supports uploaded
presentations and other documents, while the whiteboard tab provides a
white page on which meeting participants can draw. Both activities
provide annotation tools that can be used for drawing and highlighting.
In a slides presentation of a web conference or e-meeting, the meeting
chair or other presenter displays a slide visible to participants on their
computers. Remote meeting participants can view the images and annotate
the images using the annotation tools in the Sametime Meeting Room.
Before slides can be presented in a meeting, a file containing the slide(s)
must be attached to the meeting.
The meeting chair or creator can attach files before or during meetings,
and any presenter can attach files during meetings.
StdebugTool.exe utility
You can use the StdebugTool.exe utility to produce trace files and create
new trace file sets for troubleshooting purposes. These trace files contain
debug messages that aid IBM Technical Support in troubleshooting
Sametime server problems. If you have never worked with Sametime trace
files before, you should use the StdebugTool.exe utility only under the
guidance of IBM Technical Support.
transfer files
Transferring files is a Lotus Sametime collaborative activity that enables
users to send a file to another user via a contact list in the Sametime
Meeting Room or the Sametime Connect client. Users must transfer one file
at a time to one person at a time. File transfers are automatically
encrypted. The administrator can enable or disable this feature. When you
enable this feature, both authenticated and anonymous users can transfer
files. The administrator can also disallow certain file types such as .exe file
types.
The file transfer feature does not work with Sametime Links. For more
information about Sametime Links, see the Sametime Directory and
Database Access Toolkit documentation available from IBM
DeveloperWorks (http://www.ibm.com/developerworks/lotus/products/
instantmessaging/.
Manage users
Audio/Video technology
System requirements
System requirements for installing IBM Lotus Sametime, including supported
operating systems, databases, LDAP servers, Lotus Sametime servers, browsers,
and JDKs.
System requirements for this release of the Lotus Sametime family of products is
maintained as an IBM Tech Note at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=swg27016451
Chapter 2. Planning 25
Note: For more information on IPv6 addressing with Lotus Sametime, see the
article Best practices for moving to IPv6.
In this release of Lotus Sametime, some components have some limitations when
supporting IPv6 addressing:
v Lotus Sametime Gateway
You must install the Gateway with a special parameter to enable it for IPv6
addressing; you cannot enable it for support after deployment. The instructions
for installing a Lotus Sametime Gateway server include information on the
parameter and how to use it.
v Lotus Sametime Media Manager
The Media Manager does not support IPv6 addressing in this release. If your
Lotus Sametime deployment includes a Media Manager server, you cannot
enable IPv6 addressing at this time. IPv6 addressing will be supported in an
upcoming release of Lotus Sametime Media Manager.
v Lotus Sametime Connect clients
If you support only IPv6 addressing, clients from releases earlier than 8.0.2 will
not generate error messages but will appear ″broken″ to users because they
cannot communicate with the IPv6–enabled servers. To avoid lengthy
investigations of problems caused by attempts to use older clients with servers
where only IPv6 addressing is enabled, you should only use clients from release
8.0.2 or later. If you support both IPv4 and IPv6 addressing, all Lotus Sametime
clients can communicate all Lotus Sametime servers provided you configure
those servers to listen for IPv4–format addresses as well as IPv6–format
addresses.
v Lotus Sametime Advanced
Lotus Sametime Advanced has not been updated to release 8.0.2 and does not
yet support IPv6 addressing. If your Lotus Sametime deployment includes Lotus
Sametime Advanced, you cannot enable IPv6 at this time. IPv6 addressing will
be supported in an upcoming release of Lotus Sametime Advanced.
v Lotus Sametime Unified Telephony
Lotus Sametime Unified Telephony has not been updated to release 8.0.2 and
does not yet support IPv6 addressing. If your Lotus Sametime deployment
includes Lotus Sametime Unified Telephony, you cannot enable IPv6 at this time.
IPv6 addressing will be supported in an upcoming release of Lotus Sametime
Unified Telephony.
Existing Lotus Sametime deployments use IPv4 addressing only. Rather than
completely switch over to IPv6 addressing, you will probably want to phase it in
and support both protocols for some time until you are satisfied with your IPv6
support. There are some requirements and limitations for each type of addressing,
so review the sections below before implementing any changes.
IPv4 (Internet Protocol version 4) and IPv6 (Internet Protocol version 6) are names
of protocols that define how you address computers on the Internet. The IPv6
protocol was introduced to provide not only a larger number of addresses for the
increasing number of computers on the Internet, but also to enhance the security of
Internet communications.
When entering an IPv4 address, you format it using four sets of digits, separated
with dots like this:
205.188.21.22
IPv6 addresses use eight sets of hexadecimal digits separated with colons like this:
2001:0db8:85a3:0000:0000:8a2e:0370:7334
If the URL includes a port, add the :port value outside of the brackets like this:
https://[2001:0db8:85a3:08d3:1319:8a2e:0370:7348]:443/
Prior to release 8.0.2, Lotus Sametime products supported only IPv4 addresses,
listening only for connections from clients using the IPv4 protocol and ignoring
connections using the IPv6 protocol. An IPv4–only deployment requires no special
configuration and can combine Lotus Sametime components from release 8.0.2 and
later with those from prior releases.
Lotus Sametime release 8.0.2 introduced support for IPv6 addressing, but
additionally continued support for IPv4 addressing. This allows you to update
your Lotus Sametime deployment gradually by combining servers that support
both protocols.
Chapter 2. Planning 27
Supporting IPv6–only addressing
Enable support for the IPv6 addressing protocol in your server and client operating
systems before you install Lotus Sametime:
The configuration changes needed for supporting IPv6 with Lotus Sametime vary
with the operating system and whether you are using it as a server or a client:
The configuration changes needed for supporting IPv6 with Lotus Sametime vary
with the server’s operating system:
To see which versions of AIX are supported by IBM Lotus Sametime, see the
Sametime Requirements Tech Note.
You must be using IBM i V6R1 with Lotus Sametime if you want to support IPv6
addressing; if you are using an older version of i5/OS®, upgrade to V6R1 before
configuring the operating system to support IPv6 as described below. To see the
complete list of IBM i and i5/OS versions supported by Lotus Sametime, see the
Sametime Requirements Tech Note.
For information on the IBM i operating system, visit the IBM System i information
center.
Follow the steps below to update the IBM i TCP/IP configuration for the IPv6
address you will use for your Lotus Sametime server:
Important: Some of the components of a Lotus Sametime server require the use of
an IPv4-formatted loopback address. To ensure that your Lotus Sametime server
functions properly, do not disable IPv4 support in your server operating system –
instead, enable support for both IPv4 and IPv6 addressing.
1. Add the IPv6–formatted IP address that you will use for your Sametime server.
For more information, see Adding a TCP/IP address on IBM i.
2. Add an entry in the local host table for the IPv6 IP address.
For more information, see Updating the host table on IBM i.
Specify the same fully qualified host name that you used for the original IPv4
address.
3. Update the Domain Name Server.
The contents of the Domain Name Server should be similar to the local host
table, with two DNS entries for the host name of your Sametime server: one
entry that maps the host name to the IPv4 address and another that maps it to
the IPv6 address.
See Updating the Domain Name Server for IBM i for special considerations
when TCP/IP is configured to check the DNS before the local host table.
By default, the versions of Linux SUSE and Linux RHEL required by IBM Lotus
Sametime are enabled for IPv6 addressing; however, you should verify that
support is enabled before attempting to configure IPv6 support in Lotus Sametime.
Chapter 2. Planning 29
Before you begin
To see which versions of Linux are supported by Lotus Sametime, see the
Sametime Requirements Tech Note.
v Red Hat Enterprise Linux
Red Hat Enterprise Linux supports IPv6 firewall rules using the Netfilter 6
subsystem and the ip6tables command. In Red Hat Enterprise Linux 5, both IPv4
and IPv6 services are enabled by default. For more information on IPv6 support
in Red Hat, visit the Red Hat Web site.
v SUSE Linux
SUSE Linux supports IPv6 addressing, which is enabled by default; for more
information on IPv6 support in Linux SUSE, see the SUSE Linux 10 Reference
Guide.
IPv6 addressing is enabled by default on Linux SUSE servers, but may have been
disabled to improve performance while running applications that did not support
this protocol.
1. If you suspect that IPv6 addressing was disabled on your Linux SUSE server,
you can check by logging in as the root user and running the following
command:
ifconfig
The system output will look like this:
eth0 Link encap:Ethernet HWaddr 00:0F:1F:89:8F:D5
inet addr:192.168.1.100 Bcast:140.171.243.255 Mask:255.255.254.0
inet6 addr: fe80::20f:1fff:fe89:8fd5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:33386388 errors:0 dropped:0 overruns:0 frame:0
TX packets:2947979 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2211978470 (2109.5 Mb) TX bytes:380978644 (363.3 Mb)
Base address:0xdf40 Memory:feae0000-feb00000
To see which versions of Solaris are supported by Lotus Sametime, see the
Sametime Requirements Tech Note.
Support for IPv6 addressing can be enabled during installation of a Solaris server.
For information on enabling and verifying IPv6 support on Sun Solaris servers, see
the Sun IPv6 Administration Guide:
Important: Some of the components of a Lotus Sametime server require the use of
an IPv4-formatted loopback address. To ensure that your Lotus Sametime server
functions properly, do not disable IPv4 support in your server operating system –
instead, enable support for both IPv4 and IPv6 addressing.
To see which versions of Windows are supported by Lotus Sametime, see the
Sametime Requirements Tech Note.
The Microsoft TechNet Web site includes information on how IPv6 addressing
affects Microsoft operating systems.
Chapter 2. Planning 31
Enable IPv6 addressing for your Windows operating system by following the steps
below. Note that the names of commands and dialog boxes may be different for
your particular Windows operating system.
1. Open the ″Network Connections″ dialog box; for example, by clicking Start →
Control Panel → Network Connections.
2. In the ″Network Connections″ dialog box, right-click on Local Area
Connection, and click Properties.
a. In the ″Local Area Connection Properties″ dialog box, make sure you are
viewing the ″General″ tab.
b. On the ″General″ tab, click the Install button (below the list of connection
items).
c. In the ″Select Network Component″ dialog box, click Protocol in the list of
network components, and then click the Add button.
d. In the ″Select Network Protocol″ dialog box, click Microsoft TCP/IP version
6, and then click OK.
Support for IPv6 is installed immediately, and the ″Network Component″
and the ″Network Protocol″ dialog boxes close automatically.
Back in the ″Local Area Connection Properties″ dialog box. you can enable
or disable the IPv6 protocol on your computer using the checkbox that
appears next to Microsoft TCP/IP version 6.
e. Close the ″Local Area Connection Properties″ dialog box by clicking the
Close button.
3. To assign an IP address to your computer, use the netsh command.
The Microsoft TechNet Web site contains a Netsh Technical Reference section
that explains how to use the netsh command.
To see which operating systems are supported by Lotus Sametime Connect, see the
Sametime Requirements Tech Note.
The configuration changes needed for supporting IPv6 with Lotus Sametime vary
with the client computer’s operating system:
Chapter 2. Planning 33
Deploying instant messaging and meetings
To provide instant messaging and presence, use a Sametime Community Server or
cluster of servers running on Domino. To provide meeting rooms, use a Sametime
Meeting Server or cluster of servers running on WebSphere Application Server.
In addition to the topologies described here, you can read about deploying Lotus
Sametime Gateway on the wiki, available at the following Web address:
http://www.ibm.com/developerworks/wikis/display/sametime/Sametime+Gateway+deployments
Chapter 2. Planning 35
between two firewalls, where users from the Internet are permitted limited access
over a defined set of network ports and to predefined servers or hosts. A DMZ is
used as a boundary between the Internet and your company’s internal network.
The network DMZ is the only place on a corporate network where Internet users
and internal users are allowed at the same time.
There is no risk of data being compromised as Lotus Sametime Gateway itself does
not contain data. There is no need to install reverse proxies or other servers, such
as IP sprayers or load balancers in front of Lotus Sametime Gateway. Lotus
Sametime Gateway is secure because:
v Firewall restrictions make it impossible for users from the Internet to directly
access a Sametime community server on your corporate intranet, but Internet
users can access Lotus Sametime Gateway in the network DMZ.
v Sametime community servers, behind the internal firewall, are accessible only
over an encrypted VP protocol.
v DB2 is behind the internal firewall, restricted by host and port access.
v LDAP is behind the internal firewall, accessible over SSL and restricted by host
and port access
v Lotus Sametime Gateway exchanges with other instant messaging providers
over SIP can be encrypted with SSL.
Components perform best when installed on their own machines and are most
secure when behind the internal firewall.
The following illustration shows a typical of Sametime Gateway cluster and the
ports that must be open in the firewalls to connect with DB2 and LDAP, and
exchange instant messages and presence between the local Sametime community
and external instant messaging communities.
Chapter 2. Planning 37
v Clustering support, robust failover capability using the High Availability
Manager
v Session Initiation Protocol (SIP) Infrastructure, including stateless SIP Proxy and
SIP IP sprayer provided by the platform
v Open, extensible platform support. Additional plug-in services can configured in
a flexible manner
v A central place to administer system configuration and monitoring and security
policies through the Integrated Solutions Console and wsadmin script
commands.
DB2 is the storage for the Lotus Sametime Gateway policies and logging. DB2 can
be clustered for failover and load-balancing purposes. DB2 is part of the Lotus
common storage strategy. Lotus Domino can use DB2 as an alternative repository,
and Lotus Sametime Enterprise Meeting Server also uses DB2 for storing and
sharing configuration data across servers. DB2 should be installed on a separate
machine behind the internal firewall.
Note: When you set up a connection with AOL, you have the option of connecting
with AOL users only, or connecting with the AOL clearinghouse community that
includes AOL, ICQ, iChat, and other users from AOL Enterprise Federation Partner
communities, including external Sametime communities. IBM recommends that
you do not configure both communities, as users served by the AOL clearinghouse
are a superset of users served by the AOL community. If you set up AOL only, and
later decide to connect with the AOL clearinghouse community, delete the AOL
community first before adding the AOL clearinghouse community to Lotus
Sametime Gateway.
When you connect to other Lotus Sametime companies, you can connect business
users of different companies. This deployment is very useful in case of acquisitions
when IT infrastructure is still separate, when you want to interconnect vendors
over the Internet. Connections are made secure by using an SSL certificate
exchange.
For small, test configurations only, you can install Lotus Sametime Gateway on the
same machine as Sametime Server, DB2, or other applications. For a production
environment, your Sametime Community server should be installed on a separate
machine from your Lotus Sametime Gateway.
You can deploy a Network Address Translator (NAT) between local Lotus
Sametime community servers and Lotus Sametime Gateway. However, deploying a
NAT device between Lotus Sametime Gateway and the Internet is not supported
when trying to connect Lotus Sametime Gateway to AOL, Yahoo, or TLS-encrypted
SIP-based external communities. While there are SIP-aware NAT devices, they are
not sufficient because both AOL and Yahoo communities require secure SIP
(SSL/TLS) communication, and a NAT device would not be able to decrypt and
translate the packets for proper operation. NAT has no affect on the XMPP
protocol, so exchanges using Google Talk over XMPP are always permitted to pass
through a NAT-enabled firewall that is between Lotus Sametime Gateway and the
Internet.
Chapter 2. Planning 39
Multiple Network Interface Cards
To simulate a NAT, you can use two Network Interface Cards (NICs), one for an
internal IP address and the other for an external IP address. If you use this
configuration, you must update the default host using the Integrated Solutions
Console. See the help topic on configuring multiple NICs.
System requirements
Follow the guidelines for your operating system before setting up an LDAP server:
v AIX, Linux, Solaris, and Windows:
To avoid resource conflicts that may degrade performance, do not host the
directory on the same computer as the Sametime Community Server.
v IBM i:
The directory and the Lotus Sametime Community Server can reside on the
same system. If using LDAP to access the contents of the Domino directory, the
LDAP service and the community server must run on separate Domino servers.
After installing the Sametime System Console, you will be instructed to connect it
to the LDAP server. These other servers require that an LDAP directory be set up
and running to be able to complete the installation:
v The Lotus Sametime Meeting Server
v The IBM Lotus Sametime Community Server, when installed with a deployment
plan through the Sametime System Console
An IBM Lotus Sametime Community Server integrated with the Lotus Sametime
System Console must connect to a user directory in LDAP format.
If you use multiple LDAP repositories, you must ensure that the base entries do
not overlap, as that causes problems when Secure Socket Layer (SSL) is enabled.
For example, the following base entries have a field in common, so they overlap:
Lotus Sametime 8.5 requires authenticated users to have a mail attribute assigned
in the LDAP directory. The mail attribute must be a unique string, which
preferably follows the syntax and length restrictions of e-mail addresses.
This attribute is not used for e-mail purposes, and does not have to be assigned as
a user name for logging into Lotus Sametime. Instead, the ″mail″ attribute serves
as a common attribute between the various Lotus Sametime subsystems, such as
Calendar Integration, Business Cards, LDAP, and REST APIs. This attribute is also
used when generating a URL for a user’s persistent meeting room (for example,
http://meetings.company.com/stmeetings/room/user@company.com/users-room). In
addition, using the ″mail″ attribute provides certain performance advantages since
translation between attributes is not required; it also provides consistency and
integrity by using a common and well-understood attribute.
Note: Not all users need to be authenticated to use the server; the mail attribute is
not required for anonymous (guest) users.
Therefore, IBM recommends that the user repository (LDAP server) create a mail
attribute for users who plan to authenticate with the Lotus Sametime servers. The
mail attribute must be a unique string, which preferably follows the syntax and
length restrictions of e-mail addresses.
Upgrade considerations
If you used a Lotus Domino Directory in its native format with a previous release
of Lotus Sametime, you have two options for setting up your user directory:
v Convert the existing Lotus Domino Directory to LDAP format. The LDAP
service and the community server must run on separate Domino servers.
v Set up a dedicated LDAP directory for use with Lotus Sametime
Best Practices
Best Practices for using LDAP with Lotus Sametime article on the Sametime wiki
contains an overview of LDAP components and describes how the Lotus Sametime
Community Server works with LDAP to provide authentication, name lookups,
and name resolution. The article describes best practices for creating search filters,
setting sametime.ini parameters, and enhancing Sametime and LDAP
performance.
Chapter 2. Planning 41
Directory Type
Network performance
If you have a large number of Lotus Sametime users, you can install multiple
community servers and cluster them for load balancing and to reduce network
usage.
Even if you have decided not to cluster your community servers, there are special
considerations when installing more than one Community Server; for example, you
must synchronize all of the community servers to operate as a single community.
You do not need to select a language when installing a Community Server. The
language displayed for Lotus Sametime interfaces is primarily determined by the
individual user’s language settings. However, it is recommended that you install
the Lotus Domino language pack that corresponds to the language used by the
majority of your Lotus Sametime users. If no language pack exists for your
language on your preferred platform, see the IBM Technotes, available at
www.ibm.com/software/support, for information on how to localize the Lotus
Domino server.
Related concepts
“Clustering Sametime servers for high availability” on page 55
In a production environment, use clustering to provide failover and load balancing
by creating a cluster of multiple Sametime servers of the same type. Each cluster of
servers can be managed by the Sametime System Console.
Audio/video considerations
Audio and video services provided by the IBM Lotus Sametime Reflector (a Lotus
Sametime server application that helps to establish multimedia sessions between
clients across a firewall) will not be available in this release to assist Sametime 8.5
client to Sametime 8.5 client multimedia (audio/video) communication. The service
may appear to be running, but will not function.
The Lotus Sametime Community Server uses the directory, security, and replication
features of the Domino server. Do not use the Sametime Community Server for
other high-demand Domino services such as mail storage and routing, application
and database storage, or centralized directory and administration services.
IBM AIX, Linux, Sun Solaris and IBM i can run multiple partitioned Domino
servers on the same system. For these server platforms, you can create a new
Domino server on the same system as your existing production server. This
configuration is not supported in Microsoft Windows. Adding Lotus Sametime to
an existing production server is not supported.
To find out which Domino releases are supported for Lotus Sametime, see the
following document:
http://www.ibm.com/support/docview.wss?rs=477&uid=swg27016451
Directory considerations
If your Community Server will be integrated with the Lotus Sametime System
Console, then you must initially configure the console with an LDAP server. The
Community Server must also use the LDAP server. If your user information is
stored in a Lotus Domino Directory, you can configure Sametime to access the
Domino Directory using LDAP. However, the LDAP service and the community
server must run on separate Domino servers.
While an LDAP directory is highly recommended, you can configure the Lotus
Sametime Community Server to directly access the Lotus Domino Directory if you
do not plan to use the Lotus Sametime System Console. Keep in mind that
changing the Community Server to use an LDAP server at a later time is more
complicated than initially configuring it to use LDAP.
v If you install the Domino server in a new domain, no users are in the Domino
Directory at the time the server is created, other than the server administrator.
Therefore, if you select the Domino Directory as the user repository for your
Chapter 2. Planning 43
Lotus Sametime Community Server, you will need to add all of your Lotus
Sametime users to the Domino Directory. When you install the Domino server
into an existing domain, you will not need to add these users to the directory.
However, before a user can use Sametime, the user’s directory entry must be
updated with the name of a home Lotus Sametime server and an Internet
password.
v To add a new Lotus Sametime user to the Domino Directory, create a Person
document for the user in the directory that includes (at minimum) a Last Name,
a User Name and an Internet password. The Person document must also include
a home Sametime server. You can use any of the following tools to create a
Person document: an IBM Lotus Notes client, a Lotus Domino Administrator
client, or the Sametime server self-registration feature.
You can deploy a stand-alone Community Mux to operate with one or more
unclustered Community Servers, or to operate with a cluster. You can also deploy
multiple stand-alone multiplexers and use a load-balancer to distribute client
connections among them.
Chapter 2. Planning 45
Number of Community Services
Multiplexer deployment connections
Two Sametime servers with the multiplexers v Each Sametime Community Server can
installed on different computes (as seen in service approximately 100,000 active
the illustration above) connections.
v Each Community Server multiplexer
machine can handle as many as 20,000 to
30,000 live IP port connections, for a
possible total of 60,000 connections.
v The machines in the illustration above
might be able to handle 160,000 active
connections. You can increase the load
handling capability further by adding
additional Community Server
multiplexers in front of the two Sametime
Community Servers. For example, adding
two more Community Server multiplexers
to the cluster shown above might
accommodate as many as 120,000 active
connections (4 x 30,000 connections per
Community Server multiplexer).
Note: The server capacity numbers used above are approximations meant to
provide a rough estimate of the possible load-handling improvement if you deploy
Community Server multiplexers on separate computers. The actual server capacity
is affected by variables such as:
v The average number of users in the contact lists of all Sametime clients
v The number of instant messages that users send
Chapter 2. Planning 47
Important: In this release, a Lotus Sametime deployment can support only one
stand-alone Media Manager server, or one cluster of Media Manager servers.
The Packet Switcher is not administered from the console, so it is not affected by
this limitation; however the Conference Manager and the SIP Proxy and Registrar
components are administered from the console, so your planning must take this
limitation into consideration.
Example 2: A Conference Manager cluster and a SIP Proxy and Registrar cluster
can both be administered from the same console. This is the recommended
topology for enterprise customers.
This restriction is due to a limitation with the current version of the Lotus
Sametime System Console.
Related concepts
“Lotus Sametime Media Manager” on page 9
The IBM Lotus Sametime Media Manager runs on WebSphere Application Server
to provide audio visual services for chats and meetings. It requires a Lotus
ametime Community Server.
Bandwidth considerations
In the Lotus Sametime System Console, the codecs used for audio and video
transfer can be tuned to the values required. The selected audio and video codec
will effect the bandwidth used and the processing power required to encode and
Within the specification of the video codec, it is also possible to adjust the video
resolution and bit-rate which will be used for video streams. Generally, the lower
the resolution and the bit-rate, the lower the bandwidth used and the lower the
processing power required to send and receive the video streams. However, the
lower resolutions and bandwidth, the lower the quality of the video image.
Likewise, the higher the bit-rate and resolution, the higher the required bandwidth
and processing power, and the higher the quality of the video.
For example, if you are using low bandwidth networks and older machines with
less processing power, it might be necessary to select a lower video bit rate. If the
quality of the video image is important, and enough processing power and
network bandwidth is available, a higher video bit-rate can be used.
Sametime video codecs provide many resolution choices, from SQCIF to Wide Full
HD (1080p). The higher the resolution, the more CPU, display memory, and
graphics card power are required. Machines equivalent to Lenovo T60 can handle
CIF and VGA, but HD will require Intel® Core 2 Quad or better CPU and at least
256 megabytes of display memory.
The total number of participants in audio and video conferences can also be
capped, limiting the amount of bandwidth that any single call can use as a sum of
the other parameters and the number of people participating in the conference.
Video Conferencing
Audio and video services provided by the Sametime Media Manager have been
tested and optimized for sessions with six participants. The actual number of
participants will vary up or down based on network and environmental conditions
Another consideration for networks is latency, which can cause undesirable results.
Latency of less than 150ms end-to-end is normally acceptable in interactive real-time
audio video conferencing.
Video driver
It is strongly recommended that you use the up-to-date driver that comes with the
video camera, as some cameras do not work well with the generic video driver.
Chapter 2. Planning 49
Sametime Reflector
Audio and video services provided by the IBM Lotus Sametime Reflector (a Lotus
Sametime server application that helps to establish multimedia sessions between
clients across a firewall) will not be available in this release to assist Sametime 8.5
client-to-client audio/video communication. The service may appear to be running,
but will not function.
Client interoperability
In the initial release of Lotus Sametime 8.5, the 8.5 client can only establish audio
and video connections with other 8.5 clients. Release 8.5 audio/video services can
co-exist with release 7.5.x and 8.0.x audio/video services, with the following
restrictions:
v The 8.5 client cannot establish an audio or video call with 7.5.x or 8.0.x clients.
v The 7.5.x and 8.0.x clients cannot establish an audio or video call with the 8.5
client.
v The 8.5 client cannot use the Lotus Sametime Reflector.
Best Practices
For information on using the best practices for ensuring a good audio/visual
experience, see Audio/Visual Best Practices in the Sametime wiki.
Collecting information about servers and ports now will make it easier to supply
correct information during the Lotus Sametime Gateway installation.
1. Review the deployment scenarios and refer to the software and hardware
requirements as you size your deployment. Determine if you are installing a
standalone Sametime Gateway server, or a cluster of Sametime Gateway
servers. Clusters provide enhanced scalability and failover capabilities and are
recommended for large organizations and deployments with many users.
Standalone deployments are recommended for small and medium
deployments, or pilot deployments.
2. Talk with the systems administrators in your company who oversee DB2,
LDAP, and DNS servers about Sametime Gateway requirements. Make sure
everyone in your organization knows that this product requires these services.
A well-designed and well-thought out process makes the deployment of new
software systems roll out smoother and faster.
3. Consult the network firewall administrator about requirements to open ports
in the firewalls. Sametime Gateway is installed in the DMZ between the
internal and external firewalls. See the deployment scenario diagrams to
understand the ports that need to be open:
4. The Sametime Gateway servers must have access to a DNS server that can
resolve public DNS records (A records, SRV records, and PTR records). For
example, the following commands should be able to resolve successfully:
nslookup sip.oscar.aol.com
nslookup 64.12.162.248
nslookup -type=all -class=all _xmpp-server._tcp.google.com
5. If you are installing a standalone deployment of Sametime Gateway, what
machine will you use?
6. If you plan to configure a cluster, determine what machines and how many
you will need before installing the Network Deployment:
Chapter 2. Planning 51
Node type Number allowed Notes
Secondary node 1 In this release, a cluster can
only support two nodes.
Install the secondary node on
its own machine, or on the
same machine with proxy
servers.
SIP proxy server 1 If you have a clustered
deployment, you must install
a SIP proxy server to connect
to other Sametime
communities, AOL, or Yahoo!
Messenger communities. The
best practice is to install
proxy servers on a separate
machine to isolate the proxy
processing from the
Sametime Gateway cluster.
XMPP proxy server 1 If you have a clustered
deployment, you must install
an XMPP proxy server to
connect to a Google Talk or
Jabber community.
10. What are the node names for the Deployment Manager, primary node, proxy
server node, and additional secondary nodes? The installation wizard
provides a name that you can change if needed. Node names must be unique
and cannot contain spaces or special characters.
11. What is the fully qualified host name or IP address of the Lotus Sametime
Community Server in your local Lotus Sametime community?
12. How will you install Sametime Gateway? You can use an installation wizard,
console mode, or silent installation.
Note: If your server runs on IBM i and it is enabled for IPv6 addressing, you
must install Lotus Sametime Gateway in console mode with input validation
disabled, as noted in the installation instructions.
13. Download the installation images and either burn a CD or copy the install
images to each machine where you plan to install Sametime Gateway.
14. Sketch a deployment diagram that shows where your firewalls, Deployment
Manager, primary node, secondary nodes, and proxy servers will be installed
related to the hardware. List the node names and host names that you plan to
use. Identify where you should check network connectivity and other
environmental issues that may interfere with a smooth installation process.
In Lotus Sametime 8.5, meeting services and community services have been moved
to separate servers. Existing Lotus Sametime servers and Lotus Sametime Gateway
servers can be upgraded to Lotus Sametime 8.5. In addition, you may choose to
install additional components to take advantage of new features and capabilities.
You can upgrade a Lotus Sametime running release 7.5.1 or later directly to Lotus
Sametime 8.5 Community Server, preserving legacy data and supporting instant
messaging just as in earlier releases.
Note: If your Lotus Sametime server is running a release prior to 7.5.1, you will
need to complete an interim upgrade to release 7.5.1 or later before upgrading to
Lotus Sametime 8.5.
If your legacy Lotus Sametime server has the online meetings feature enabled, you
have two options:
Chapter 2. Planning 53
v Continue creating and hosting online meetings on the upgraded server
If the online meetings feature was enabled in your previous release of Lotus
Sametime, it remains enabled when you upgrade and features work just as in
the earlier release.
Note: The Lotus Sametime Enterprise Meeting Server is not supported by Lotus
Sametime release 8.5. If your meeting rooms are clustered with Lotus Sametime
Enterprise Meeting Server, you will have to remove the servers from the cluster.
v Install additional Lotus Sametime 8.5 components to support the Lotus
Sametime 8.5 Meeting Server
All your legacy meeting data is still preserved, but rather than continue creating
and hosting meetings on the upgraded server, you can set up URL redirects to
route users to the Lotus Sametime 8.5 Meeting Server for creating and attending
meetings. Expanding the deployment to include a stand-alone Meeting Server
requires that you install these additional components:
– LDAP user directory
Because the new components in Lotus Sametime 8.5 run on IBM WebSphere
Application Server, you must use an LDAP directory to ensure all
components can authenticate users. If your previous deployment used the
native Lotus Domino Directory for user management, you can convert it to
LDAP format for use with the expanded deployment.
– IBM DB2 database
The database stores information used by several of the components in the
deployment.
– Lotus Sametime 8.5 System Console
The Lotus Sametime System Console provides a central point for
administering all servers in the deployment. If you cluster any of the
WebSphere-based servers, you can use the system console as the Deployment
Manager; the console can serve as Deployment Manager for multiple clusters.
– Lotus Sametime 8.5 Proxy Server
The Lotus Sametime Proxy Server enables browser-based clients to participate
in Lotus Sametime instant messaging and online meetings. In addition, the
Lotus Sametime Proxy Server works with Lotus Sametime Community Server
or Lotus Connections to enable the business card feature in Lotus Sametime,
and with Lotus Sametime Unified Telephony or other TCSPI-enabled products
to enable the Lotus Sametime click-to-call feature. The Lotus Sametime Proxy
Server also provides live names awareness, and can replace the Links Toolkit
used in earlier releases of Lotus Sametime.
– Lotus Sametime 8.5 Meeting Server
The Lotus Sametime Meeting Server provides an online meeting feature in a
stand-alone server, rather than combining them with community services as
in the past. Because it runs on WebSphere Application Server, the meeting
server can be clustered using a WebSphere network deployment.
If you choose to expand your deployment this way, you may additionally choose
install to these remaining components:
v Lotus Sametime 8.5 Media Manager
The Lotus Sametime Media Manager provides audio and video features for
instant messaging and online meetings.
v Lotus Sametime 8.5 Gateway
You can upgrade Lotus Sametime Gateway 8.0.2 directly to release 8.5; if you have
an earlier release you will need to complete an interim upgrade before you can
upgrade to Lotus Sametime Gateway 8.5. Upgrading Lotus Sametime Gateway
includes upgrading the WebSphere Application Server on which it runs from
version 6 to version 7.
Although a new deployment of Lotus Sametime Gateway uses DB2 9.5 Limited
Use, an upgraded gateway will continue to use DB2 9.1 Enterprise Server Edition;
the database schema will be updated automatically by scripts that run during
gateway product installation.
Before upgrading Lotus Sametime Gateway servers in a cluster, you will have to
remove each node from the cluster. Once the server upgrades are complete, you
can add the nodes back into the cluster.
Note: In this release, a Lotus Sametime Gateway cluster can only have one
Secondary Node.
Lotus Sametime Connect and Lotus Sametime embedded clients running release
7.5.1 or later can be upgraded directly to release 8.5. If your users are running
clients older than release 7.5.1, their workstations must be upgraded to release 7.5.1
or later before you can upgrade them to release 8.5.
Clusters are groups of servers that are managed together and participate in
workload management. A cluster can contain nodes or individual application
servers. A node is usually a physical computer system with a distinct host IP
address that is running one or more application servers. Clusters can be grouped
under the configuration of a cell, which logically associates many servers and
clusters with different configurations and applications with one another depending
on the discretion of the administrator and what makes sense in their organizational
environments.
Clusters are responsible for balancing workload among servers. Servers that are a
part of a cluster are called cluster members. When you install an application on a
cluster, the application is automatically installed on each cluster member. You can
configure a cluster to provide workload balancing with service integration or with
message driven beans in the application server.
Chapter 2. Planning 55
Related tasks
“Installing Gateway servers in a cluster” on page 138
Complete these steps to install a cluster of Lotus Sametime Gateway servers in a
network deployment. A cluster is a group of application servers that are managed
together and participate in workload management. A network deployment is a group
of nodes administered by the same cell, and controlled by a Deployment Manager.
Lotus Sametime Gateway supports cluster members on multiple nodes across
many nodes in a cell, with nodes either coexisting on the same hardware, or
running on dedicated systems. At a minimum, a network deployment is made up
of a Deployment Manager, which manages the cell, a primary node, a primary
server (primary cluster member), and a secondary cluster member. You expand the
cluster by adding additional cluster members either on existing nodes, or by
adding a new secondary node and then adding the member to the new node.
“Installing Gateway servers in a cluster” on page 340
Complete these steps to install a cluster of Lotus Sametime Gateway servers in a
network deployment. A cluster is a group of application servers that are managed
together and participate in workload management. A network deployment is a group
of nodes administered by the same cell, and controlled by a Deployment Manager.
Lotus Sametime Gateway supports cluster members on multiple nodes across
many nodes in a cell, with nodes either coexisting on the same hardware, or
running on dedicated systems. At a minimum, a network deployment is made up
of a Deployment Manager, which manages the cell, a primary node, a primary
server (primary cluster member), and a secondary cluster member. You expand the
cluster by adding additional cluster members either on existing nodes, or by
adding a new secondary node and then adding the member to the new node.
For starters, there are materials you can use to provide your users with a preview
of the new features coming to their desktops: Administrators: Previewing Lotus
Sametime for your users. The ready-to-distribute PDF file gives a quick overview
of what is new and changed in this release. The Lotus Symphony™ file includes the
same information as the PDF file, with instructions on how to customize the file
with information specific to your site and how to create your own PDF. Note: Be
sure to read the customization instructions in blue text.
The Lotus Sametime Getting started section of the wiki provides your users with
links to Flash demonstrations, videos, reference cards, Web seminars, product
tours, and other materials for learning more about Lotus Sametime: Lotus
Sametime Media Gallery.
The DB2 installation provided with Lotus Sametime supports Linux 32-bit systems
and Windows 32-bit or 64-bit systems. If you have a 64-bit Linux system, either
install DB2 for Windows or install DB2 on a 32-bit Linux system instead. IBM i
includes DB2.
Important: This user cannot previously exist on the system. This user will be
created as a local operating system user during the DB2 installation process; if
your organization does not allow creation of local operating system users for
security reasons, exit this installer and install DB2 v9.5 using a different
package. This installer will not check to see if the user already exists.
Make a note of the DB2 Application User name and password. This user has
database administration authority and you will supply the name and
password when you install the Lotus Sametime System Console and when
you connect to DB2 databases later.
Then click Next.
14. At the summary panel, review the settings, then click Install to start the
installation.
The installation may take up to 20 minutes to install. You will receive
confirmation when it is complete.
Results
If the installation fails, click View Log File for more information. Logs are stored
in the following locations.
Linux
/var/ibm/InstallationManager/logs
Windows 2008
%ALLUSERSPROFILE%\IBM\Installation Manager\logs
Windows 2003
%ALLUSERSPROFILE%\Application Data\IBM\Installation Manager\logs
What to do next
“Creating a database for the Lotus Sametime System Console on AIX, Linux,
Solaris, and Windows”
Install and configure prerequisite applications, then install the IBM Lotus Sametime
System Console, which you will use for preparing for server installations and for
managing your Lotus Sametime deployment.
Make sure you have installed DB2. If you previously created a System Console
database and want to run the script again to create a database of the same name,
use the DB2 DROP DATABASE command first to delete all user data and log files,
as well as any back/restore history for the original database. Also note that
uninstalling DB2 does not remove the data and log files.
Run the scripts that come with Lotus Sametime in the DB2 installation package to
create the database for the Lotus Sametime System Console.
1. On the DB2 server, log in to the system as the DB2 administrator created
during DB2 installation if you are not already logged in.
Linux and Windows: Now proceed to Step 3.
AIX and Solaris: Now proceed to Step 2.
Chapter 3. Installing 59
2. Download the DB2 installation package if you have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers to the system
on which you are installing.
c. Extract the files to a local directory.
d. Verify that you have at least 1 GB of temporary space to run the installation
in your %TEMP% or /tmp directory.
3. Open a command prompt and navigate to the folder where you extracted the
DB2 installation package.
4. Create the database by running one of the following commands from the disk 1
folder:
AIX, Linux, and Solaris
./createSCDb.sh STSC
Windows
createSCDb.bat STSC
Replace ″STSC″ in the command if you want to choose a different database
name. Names can be from 1 - 8 characters, but cannot contain special or
multibyte characters.
Follow the rules for your operating system when naming DB2 objects.
5. Close the command window.
6. Open the DB2 Control Center.
AIX, Linux, and Solaris
Open the IBM DB2 folder on the desktop and click Control Center.
Windows
Click Start → Programs → IBM DB2 → installed_DB2_instance → General
Administration Tools → Control Center.
7. Verify that the new database was created.
Related tasks
“Installing DB2 on Linux and Windows” on page 57
IBM DB2 is a prerequisite for IBM Lotus Sametime and is included with the
Sametime installation package for Linux and Windows. The package does not
include DB2 for AIX or Solaris.
Ensure that your DB2 server is installed and running with the db2start command,
and that the Lotus Sametime System Console database has been created.
AIX, Linux, and Solaris: The launchpad install program needs to be able to launch
a Web browser to start. You will need to be on the console or have an X server and
Chapter 3. Installing 61
10. Select Create a new package group. Accept the installation directory. Then
click Next.
11. Verify that IBM Sametime System Console server 8.5.x is selected as the
feature to install and click Next.
12. At the Common Configurations screen, verify the cell, node, and host name.
The Lotus Sametime System Console is a Deployment Manager and
administers a cell and any nodes federated into the cell for other Sametime
servers. In a production environment, the servers are in one geographic region
and in a pilot environment, the servers are all installed on one machine.
v Cell: This is the name of the WebSphere cell that will be created for the
System Console, such as systemNameSSCCell.
v Node: This is the name of the WebSphere node that will run the Sametime
applications in the Sametime System Console. It will be federated into the
cell during the installation process.
v Host Name: Use the fully qualified DNS name of the server you are
installing the Sametime System Console on. Make sure this DNS name is
resolvable from other servers you will be installing products on. Do not use
an IP address, a short host name, or localhost.
13. Create the WebSphere Application Server User ID user name and password,
then confirm the password.
This user will be created in a WebSphere local file system repository and does
not exist on the operating system or in an LDAP directory. It will be used to
administer the Sametime System Console server.
Make a note of the ID and password because you will need them later for
additional product installations and configuration. It will also be used to
administer the Sametime System Console server. Click Next.
14. At the Configure DB2 for the System Console screen, provide information for
connecting to the Sametime System Console database. Then click Next.
v Host Name: Use the fully qualified domain name of the server where you
installed DB2. Do not use an IP address or a short host name.
v The Port field shows the default port of 50000. Accept the default unless
you specified a different port during DB2 installation or your server is
using a different port.
Linux: The default is typically 50000, but will vary based on port
availability. Check the /etc/services file on the DB2 server to verify the port
number being used.
v Database Name for the System Console/Policy: Enter the name of the
database you want to connect to. If you used the recommended name when
you created the Sametime System Console, the name is STSC.
v Application user ID: Enter the name of the database administrator you
created when installing DB2. The default is db2admin.
v Application password: Supply the password that you created when you
installed DB2, such as db2password.
15. Click Validate.
16. When the button label changes to Validated, click Next.
If the database connection is not successful, use the dbverify.log to debug the
problem. The log can be found in the temp directory for your operating
system.
AIX, Linux, and Solaris
/tmp
Results
After a successful installation, the three components that are needed to run the
console start automatically: the Deployment Manager, the node agent, and the
Sametime System Console server. These must always be started before you can use
the system console.
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix any problems,
then uninstall all components and reinstall. Find information in the logs directory
and the ant and native subdirectories.
/var/ibm/InstallationManager/logs
Windows 2008
%ALLUSERSPROFILE%\IBM\Installation Manager\logs
Windows 2003
%ALLUSERSPROFILE%\Application Data\IBM\Installation Manager\logs
What to do next
Chapter 3. Installing 63
About this task
With the Lotus Sametime System Console started, follow these steps to log in.
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
Specify port 8700 for all platforms except IBM i.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary. To check the port, open
the AboutThisProfile.txt file for the Sametime System Console Deployment
Manager Profile and use the setting specified for the ″Administrative console
port.″ For the default profile name (STSCDmgrProfile), the file is located here:
/QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDmgrProfile/logs/AboutThisProfile.txt
Note: During the install process, WebSphere security is enabled. SSL is enabled
as part of the WebSphere security process and you will be directed to another
port which listens for https connections.
The WebSphere Application Server Integrated Solutions Console opens.
2. Enter the WebSphere Application Server User ID and password that you
created when you installed Lotus Sametime System Console.
The default name is wasadmin.
3. Click the Sametime System Console task to open it in the navigation tree.
What to do next
Start the LDAP server and the Lotus Sametime System Console if they are not
already running.
If you have not already opened the Connect to LDAP Servers activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified host name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
Connect IBM Lotus Sametime servers to the LDAP server. Once your Lotus
Sametime server connects to the LDAP server, it can search the LDAP directory
and authenticate Sametime users. If you have already connected Sametime to an
LDAP server, but now you want to edit or delete a connection, use this activity.
Note: If you are using Active Directory as the LDAP, a common attribute to use
for authentication is the saMAccountName attribute. When an Active Directory
LDAP is being used, WebSphere automatically maps uid to saMAccountName, so
saMACccountName should not be explicitly stated as an attribute. If you want to
use saMAccountName for any LDAP attribute field, you must specify uid. Specifying
saMACccountName as a login or search property causes installation to fail. You can
find more information in this TechNote: http://www-01.ibm.com/support/
docview.wss?uid=swg21253331.
1. Connect to LDAP server.
In Connect to LDAP servers, click Add.
If you want to edit or delete an LDAP connection instead, then click the
appropriate button. You can only edit or delete an LDAP connection if it has
not been used to install a product.
2. Bind to LDAP.
a. Click either Anonymous access or Authenticated access.
Chapter 3. Installing 65
When a Lotus Sametime server connects to the LDAP server, this can be
done either anonymously or using credentials to authenticate with the
LDAP server. If you select Authenticated access, you will be prompted with
the Bind distinguished name (DN) and Password fields to enter this
information. If you select Anonymous access, these fields will be hidden as
they are not required.
b. Enter a Deployment Name for this LDAP connection. This is name you
provide to this LDAP connection for easy reference. It does not need to map
to any existing server name or value and is intended as an easy way to
identify this object when you reference it in the future.
c. Enter the fully qualified domain name of the LDAP server you wish to
connect to in the Host name field. Do not use an IP address or a short host
name.
d. Enter the Port of the LDAP server. The default value is 389. If your LDAP
server is running on a different port, enter the correct port value here. If
this is an SSL connection, click Is secure LDAP connection?.
e. If you have selected Authenticated Access, enter the Bind distinguished
name (DN) and Password fields. These are the user credentials you will use
to authenticate with your LDAP server. If you have selected Anonymous
Access, these fields will not be shown. For example:
cn=John Smith,ou=managers,o=acme,st=Massachusetts,c=US
f. Verify that the check box for Is used by Sametime System Console? is
selected. It is selected by default so that the LDAP server is used by the
Sametime System Console for authentication and policy management.
g. Click Next.
When designating an authenticated user, IBM recommends that you create a
unique directory entry that is used only for the purpose of authenticating
connections from the Lotus Sametime server to the LDAP server. After creating
the directory entry, you must ensure this directory entry has at least read access
to the attributes of the LDAP directory entries.
3. Base Distinguished Name and Filter for Searches.
Enter the base distinguished name and filter for searches information.
a. Select your base distinguished name and filter for searches from the
dropdown list, or if it was not found, enter it into the field. Selecting one
that was found from the dropdown list will populate the field for you. You
specify the basic LDAP parameters required to conduct searches for people,
and for groups, in an LDAP directory. Some of these parameters are also
necessary for displaying the names of users in the IBM Lotus Sametime
user interface.
Note: A dropdown list typically displays from which you select a base DN
that is detected by the guided activity; however, the list does not display
when Domino LDAP is being used. Additionally, Domino LDAP is the only
LDAP that uses a blank base DN, while WebSphere requires a base DN for
federating repositories. Since WebSphere does not let you federate an LDAP
directory with an empty base DN, it sets the base DN to C=US. The LDAP
repositories are listed by base DN after they are federated.
If your site uses single sign-on (SSO) for awareness, you must manually
modify the base DN in both the Lotus Sametime Community Server and
Lotus Sametime Meeting Server so they match. Update the Sametime
Community Server’s LDAP connections in the stconfig.nsf and da.nsf to
Chapter 3. Installing 67
Table 2. Person Attributes (continued)
Attribute Description
e-mail address Contains the user’s e-mail address in the
field.
Home Sametime Server Enter the fully qualified host name of the
home Sametime Community Server. If your
environment includes multiple Lotus
Sametime Community Servers or you have
deployed other applications enabled with
Sametime technology, every user must be
assigned to a home Sametime Community
Server.
c. Click Next.
5. Collect Group Settings. To search for a group name, a Sametime user enters a
text string in the user interface of a Sametime client. This setting defines the
LDAP search filter responsible for selecting a group name from the LDAP
directory. The search filter matches the text string provided by the user to
information contained within the attributes of LDAP directory group entries.
a. Enter the search filter attributes of an LDAP person entry.
Table 3. Search Filter
Attribute Description
Search Attributes Use for searching the directory for groups.
Object Class Specifies the attribute of a directory entry
that identifies the entry as a group. Lotus
Sametime determines whether a directory
entry returned by a search is a person or
group entry. Lotus Sametime assumes that
groups are represented by entries with a
unique object class. Lotus Sametime
compares the name of the object class
specified in this setting to the object class
values of each entry to decide whether the
entry is a group or a person.
c. Click Next.
What to do next
Go to System Administration → Nodes. Select all the available nodes, and click
Synchronize. This ensures the LDAP changes are pushed to the nodes.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
“Starting and stopping the Deployment Manager” on page 417
The Deployment Manager manages the Lotus Sametime System Console and all
Lotus Sametime Server cells.
Related reference
“Command reference for starting and stopping servers” on page 232
You may use a command window to start and stop Sametime components running
on WebSphere Application Server. To stop servers, you will supply the WebSphere
Application Server administrator password that was established when you
installed the server. Important: Verify that the Deployment Manager for the cell is
running before starting any server.
Chapter 3. Installing 69
Before you begin
If you have never installed and set up a Lotus Domino server, it is strongly
recommended that you refer to the Lotus Domino documentation to get a full
understanding of how to install and set up a Domino server.
If you are installing a new IBM Lotus Domino server for your IBM Lotus
Sametime server, use these general directions to remind you of the necessary steps
to install Lotus Domino; this procedure assumes that you have a working
knowledge of Domino administration.
If you are adding a server to an existing Lotus Domino domain, you need to
register the server before you can install Lotus Domino. The registration process
creates a Server document in the Domino Directory.
What to do next
Using the Domino Server Setup Program Locally: After installing Domino, the
first time you start the server, the Domino Server Setup Program launches. The
Server Setup program asks a series of questions and guides you through the setup
process.
If you are installing a new IBM Lotus Domino server, use these general directions
to remind you of the steps for installing Lotus Domino. This procedure assumes
that you have a working knowledge of Domino administration.
If you are adding a server to an existing Lotus Domino domain, you need to
register the server before you can install Lotus Domino. The registration process
creates a Server document in the Domino Directory.
The Lotus Domino installation programs for AIX, Linux, and Solaris use scripts
that ask for configuration information and then install the software in the
appropriate directories.
1. Place the CD in the CD-ROM drive.
2. Become the root user by logging in as the root user or using the ″su″ command.
Open Operations Navigator.
3. Mount the Lotus Domino CD for your server platform (AIX, Solaris or Linux)
to make it available. You can mount the CD using the SMIT utility or the
appropriate version of the following command:
mount -r -v -cdrfs /dev/cd0 /cdrom
4. Using the above example, change to the /cdrom directory and start the
installation script using the following command:
./install
5. Follow the directions on each panel of the script, making sure to retain the
information you provide for the location of the Domino executable directory
and the Domino data directory. You will need this information when you install
the Lotus Sametime Community Server.
Installing Domino on partitioned servers:
a. When prompted to install more than one Lotus Domino server on this
computer, click Yes.
Chapter 3. Installing 71
b. When prompted for the location of the data directory and the Notes user
account, be sure to specify a unique location for the data directory and the
appropriate user name for each partitioned server.
6. (Domino 8.5 only) Create a file to modify XML transforms needed by
Sametime:
a. Navigate to the Domino_program_directory/jvm/lib/jaxp.properties
directory.
b. Create a file called jaxp.properties.
c. Add the following line to the file:
javax.xml.transform.TransformerFactory=org.apache.xalan.processor.TransformerFactoryImpl
d. Save and close the file.
e. If the Domino server is running, restart it so this change can take effect.
What to do next
After you have installed the Domino server, you must start and stop the Domino
server at least once before installing the Sametime server. This allows certain files
to be created that Lotus Sametime needs in order to install correctly.
Related tasks
“Starting and stopping servers in a Lotus Sametime deployment” on page 230
An IBM Lotus Sametime deployment is made of up several component servers that
can be started and stopped independently.
Set up the environment on a computer running IBM AIX, Linux, or Sun Solaris
before installing IBM Lotus Domino.
1. You must log in as the root user to install the Lotus Domino and Lotus
Sametime server.
2. You must have a designated operating system user who can start the Lotus
Sametime server, and this user must be a part of a designated operating system
group.
The default user is ″notes″ and the default group is also ″notes,″ but any
non-root username and group can be used. To verify that the designated
operating system user is part of the operating system group, type the
following, where dominoUserName is the name of the Notes user.
groups dominoUserName
For example, if you type groups notes and get the return value of notes, this
indicates that the user name ″notes″ is a part of the group ″notes″.
3. Verify the amount of disk space you have. Make sure that the file system has at
least 1GB of disk space. Type the following command: type ″df -k″
Note: If you are installing from a downloaded image rather than a CD, you
must also consider the disk space required for the *.tar install files and the
unpacked install files, which require approximately 2GB of disk space.
4. (AIX only) The Input Output Completion Protocol (IOCP) must be installed
and configured.
If not, it will not allow the Lotus Domino setup to begin, and you will get the
following error:
Prepare IBM Lotus Domino partitioned servers before installing the Lotus
Sametime Community Server on AIX, Linux, or Solaris. Partitioned Domino servers
are not supported on Microsoft Windows.
Follow these steps to configure each server. Use the appropriate Notes user
account for each server you want to configure. For example, log in as notes and
configure the first server. Then log out, log in as notes2 and configure the second
server, and so on.
1. Log in with the first Notes user account and run the following command:
/opt/lotus/bin/server
2. During configuration, make sure that any field referring to the server’s name or
IP address is set up properly. By default, the IP address and server name fields
for each configuration contain the IP address and server name of the first
server. For each additional server, you must update these fields so that they are
appropriate for that partition.
3. After configuration for each server is complete, provide the host name for each
partitioned Lotus Domino server:
a. Start the Lotus Domino server.
Chapter 3. Installing 73
b. Open a browser and go to the server’s Lotus Domino Directory (usually
names.nsf).
c. Open the Server document for this particular Lotus Domino server.
d. Choose Internet Protocols / HTTP tab and fill in the Host name with the
fully qualified name of the server, and then enable Bind to host name. For
Multi-homed, do not enter the Host name; instead enter all IP addresses
into the Host name field.
e. Save and close the server document.
f. Open the notes.ini file and add the following field:
TCPIP_TcpIpAddress=0,(server_ip):1352
4. Log out.
5. Access the Community Services Network settings from the Sametime
Administration Tool by selecting Configuration > Connectivity > Networks and
Ports. You must change the Event Server port and the Token Server port for
each additional partition you install. Ensure that the values are unique and that
they are not in use by another Sametime server or process. Recommendation:
Use ports above 9098.
6. Repeat the process until you have configured all the partitioned Notes servers.
What to do next
1. Start each partitioned Lotus Domino server, one at a time.
2. Verify each server has successfully started.
3. Verify no errors are reported.
4. Stop each Lotus Domino server.
To administer the Lotus Domino server, you must install and configure at least one
Microsoft Windows PC as the administration workstation.
Before you can install the Lotus Domino and Lotus Notes clients, you must have
installed and set up the Lotus Domino server.
Use the IBM Lotus Domino software that shipped with IBM Lotus Sametime to
install and configure the Lotus Domino Administrator and IBM Lotus Notes clients
on the administration workstation.
1. If you are installing from physical media, insert the Lotus Notes Client CD into
the PC you plan to use as the administrator’s workstation.
2. Start the installation wizard.
3. Follow the instructions on each panel of the Lotus Notes installation wizard,
selecting to install both the Lotus Domino Administrator and Lotus Notes
clients.
4. Copy the certifier ID and administrator ID files from the Domino data directory
of your Lotus Domino server to the Lotus Notes data directory of the
Administrator workstation. You can use File Transfer Protocol (FTP) or another
method, or you can let the initial communications between the server and
administration workstation copy the files for you automatically.
5. If necessary, start the Lotus Domino Server.
What to do next
When you have set up the Lotus Domino Administrator and Lotus Notes clients,
you are ready to begin preparing the Domino server for Lotus Sametime
installation
After installing the Lotus Domino server and before installing Lotus Sametime
Community Server, you should edit the Lotus Domino server document to make
sure the fields are completed as described below.
Fully qualified Internet host name This field is completed during the Domino
server install, and should contain the fully
qualified host name as known by the DNS
server.
Chapter 3. Installing 75
Server Document Values
Directory assistance database name If a Directory Assistance database does not
already exist on the server, Sametime will
create one during server installation and this
field will be set to da.nsf
Security tab
Run unrestricted methods and operations After you install the Sametime server, this
field should include these entries:
v The name of the server
v The name of the administrator
v Sametime Development/Lotus Notes
Companion Products
Note: If you have signed agents with an
additional signature, include that name here
as well.
Port TCPIP
Note: This must be typed exactly as shown
in all uppercase letters or you will not be
able to add Lotus Sametime to this server.
Protocol TCP
Anonymous Yes
Chapter 3. Installing 77
Server Document Values
Allow HTTP clients to browse databases Yes (enable) for portals, otherwise, not
necessary
Before installing IBM Lotus Sametime, verify that the IBM Lotus Domino server is
accessible from client workstations.
Test client access (using HTTP) to a Lotus Notes database hosted on your Lotus
Domino server.
Start a Web browser on the workstation and attempt to access names.nsf (or some
other convenient database) by entering the following address into the location bar:
If you have set names.nsf to be inaccessible from clients, test with a database that
clients can access.
http://hostname.yourco.com/names.nsf
If you can sign on using the server administrator ID and internet password to
view the contents of names.nsf, the Domino server is accessible and ready for
installation of Sametime.
Use the Lotus Sametime System Console to prepare to install a Lotus Sametime
Community Server by pre-populating values required for installation.
Start the Lotus Sametime System Console if it is not already running. Start the
Domino server to allow validation of the Domino administrator during the
installation.
If you have not already opened the Install Lotus Sametime Community Server
guided activity, follow these steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Guided Activities → Install Sametime Community Server.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This guided activity takes you through the steps of creating a deployment plan,
which collects information that pre-populates installation screens.
You have installed and prepared the IBM Lotus Domino server environment on the
server where you plan to install the Lotus Sametime Community Server and
started the Domino server. If you plan to connect to a separate slide conversion
server, you have configured the server and know its name and port number.
Follow these steps to store a deployment plan on the Lotus Sametime System
Console to be used when you run the installation program for Lotus Sametime
Community Server.
1. Plan a product installation.
In the Install Sametime Community Server portlet, click Create a New
Deployment Plan, and then click Next.
2. Deployment Name.
Give the deployment plan a unique, recognizable name, which will be shown
only in the Sametime System Console, and then click Next.
The name should include the installation and node type, such as stComm. You
can include multibyte characters, symbols, and spaces in the name. The name
can be up to 256 characters and is not case sensitive.
Chapter 3. Installing 79
3. Server Host Name.
Provide the fully qualified host name for this Lotus Sametime Community
Server. Do not use an IP address or the host’s short name.
4. Connect to Domino Server.
Enter the existing Domino administrator’s user ID and password, and then
click Next.
Use the common-name portion of the ID (not the hierarchical name that
includes slashes). The Sametime System Console validates the administrator
credentials on the Domino server.
5. Slide Conversion.
Do one of the following:
Select Use the Sametime server to host the slide conversion feature on the
current server, and then click Next.
Select Use Sametime slide conversion server to host the slide conversion
feature on a different Community Server, provide the host name and port to
connect to that server, and then click Next.
6. Connect to an LDAP Server.
Click the LDAP directory that you configured with the Lotus Sametime System
Console guided activity, and then click Next.
7. HTTP Tunneling.
To allow Sametime clients to make HTTP-tunneled connections on port 80 to a
server with a single IP address, click Enable HTTP Tunneling, and then click
Next.
Selecting this feature increases the possibility that users in restrictive network
environments can exchange data in chats on a Sametime Community Server
that is extended to the Internet.
8. Deployment Summary.
Review the summary screen, and then click Finish.
The deployment plan is ready to be used for the server installation. If you need
to make any changes, click Modify an Existing Deployment Plan and update
the plan. All changes must be made prior to running installation.
What to do next
You create a deployment plan on the Lotus Sametime System Console. When you
install the Lotus Sametime Community Server and indicate that you want to use
the deployment plan, the Lotus Sametime Community Server’s installation
program retrieves the deployment plan from the Lotus Sametime System Console.
The installation program does not support IPv6 addressing; however, if your
This task is only necessary when all of the following conditions are true:
v You are installing the Lotus Sametime Community Server using a deployment
plan (already created and stored on the Lotus Sametime System Console).
If you will not be using a deployment plan, then there is no reason to complete
this task.
v You are installing the Lotus Sametime Community Server on either IBM AIX,
Linux, Solaris, or Microsoft Windows.
If you are installing the Lotus Sametime Community Server on IBM i, you
cannot use a deployment plan, so there is no reason to complete this task.
v The Lotus Sametime System Console supports both IPv4 and IPv6 protocols.
If the Lotus Sametime System Console supports only IPv4, this task is not
needed. If the Lotus Sametime System Console supports only IPv6, there is no
IPv4 address to map to the host name and there is no reason to complete this
task.
Important: For an IPv6-only deployment, you cannot use a deployment plan for
the Lotus Sametime Community Server. Instead, install the server by running
the installation program without connecting to the Lotus Sametime System
Console, and then register the Lotus Sametime Community Server with the
console afterward.
1. Log on to the computer where you will install the Lotus Sametime Community
Server as a user with root (AIX, Linux, Solaris), or administrator (Windows)
privileges.
2. Navigate to the directory containing the /etc/hosts file:
v AIX, Linux: /etc/hosts
v Solaris: /etc/inet/hosts
v Windows: C:/WINDOWS/system32/drivers/etc/hosts
3. Add the following statements to the hosts file to map the Lotus Sametime
System Console’s IPv4 address and its IPv6 address to the same host:
Explicit_IPv6_address Fully_qualified_host_name Short_name
Explicit_IPv4_address Fully_qualified_host_name Short_name
Where:
v Explicit_IPv6_address specifies the IPv6-formatted address for the Lotus
Sametime System Console.
v Explicit_IPv4_address specifies the IPv4-formatted address for the Lotus
Sametime System Console.
v Fully_qualified_host_name specifies the fully qualified host name
(server.domain) for the Lotus Sametime System Console. This value is the
same for both statements.
v Short_name specifies the short host name for the Lotus Sametime System
Console. This value is the same for both statements.
Example:
2002:97d:eec3:623:9:123:118:101 stsyscon.acme.com stsyscon
9.123.118.101 stsyscon.acme.com stsyscon
4. Save and close the file.
Chapter 3. Installing 81
5. Restart the server before attempting to run the Lotus Sametime Community
Server installation program.
Run the installation program on the machine where you plan to install a Lotus
Sametime Community Server. It must be on its own machine.
You should have already created a deployment plan for the Lotus Sametime
Community Server and started the Lotus Sametime System Console server. If you
have opened the Sametime System Console in a browser, close it before continuing.
Also close any open Sametime clients.
Complete any pending reboot actions you may have from installing other
applications. Make sure that all applications on the server computer (including the
Domino Server Administrator and the Web browser) are closed. All Domino
services must be stopped. Otherwise, you might corrupt any shared files and the
installation program might not run properly.
By using the deployment plan you created earlier, you have fewer selections to
make when you run the installation program.
1. (Linux RHEL only) Disable SELinux on any RedHat operating system:
a. Log in as root on the Linux RedHat server where you will install the Lotus
Sametime server.
b. Open the /etc/selinux/config file for editing.
c. Locate the SELINUX setting. Change its value to either disable or
permissive.
d. Save and close the file.
e. Restart the Linux server.
2. Log in to your computer as the system administrator (Microsoft Windows) or
as root (IBM AIX, Linux, Solaris).
Solaris only: Solaris installs must be performed by the root user using su or a
normal login session. Third-party sudo packages are not supported on Solaris.
3. Download the Sametime Community Server installation package if you have
not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers to the system
on which you are installing.
c. Extract the files to a local directory.
d. Verify that you have at least 1 GB of temporary space to run the
installation in your %TEMP% or /tmp directory.
Results
Chapter 3. Installing 83
SametimeIniParser.log: This log may be in /tmp or in the Domino data directory.
Windows
Add the IBM Lotus Sametime Administrator account to the stconfig.nsf database to
enable the administrator to manage the Lotus Sametime Community Server.
When you use a deployment plan to install the Lotus Sametime Community
Server, the Lotus Sametime Administrator listed in the LDAP directory does not
automatically have access to manage the server. Add the Sametime Administrator
to the server’s Access Control List to ensure that user account has the appropriate
access.
Note: This task is not necessary if you installed the Community Server without
using a deployment plan, or if you upgraded the Community Server from an
earlier release.
1. If the Lotus Sametime Community Server is running, stop it now:
Only stop the Lotus Sametime server; you will need to have the Lotus Domino
server running to complete this task.
a. Open a command window.
84 Lotus Sametime: Installation and Administration Guide Part 1
b. Navigate to the Lotus Domino installation directory.
c. Start the Lotus Domino server console by typing jconsole and then
pressing Enter.
d. In the Lotus Domino server console, stop the Lotus Sametime server by
typing Tell STADDIN Quit and then pressing Enter.
2. Open the Lotus Notes client on this server.
3. Open the ″Sametime Configuration″ (stconfig.nsf) database:
a. Click File → Lotus Notes Application → Open.
b. In the Look in field, select the server where the Lotus Sametime
Community Server is installed.
If you are using a Lotus Notes client on the same server, the location is
″Local″.
c. In the Open Application dialog box, click the ″Data″ folder and then click
Open.
d. In that folder, locate the ″Sametime Configuration″(stconfig.nsf) database
and click Open.
4. Add the Lotus Sametime Administrator to the Access Control List for this
database:
a. Click File → Application → Access Control.
b. In the Access Control List dialog box, locate the following name:
(&(objectclass=groupOfNames)(member=%s)).
This user is included by default but is not needed; rather than creating a
new user, you can simply change this user’s name.
c. Click the name, and then click the Rename button below the list.
d. Type the name of the Lotus Sametime Administrator account that is listed in
your LDAP directory, and then click OK.
e. Click OK to close the Access Control List dialog box.
5. Close the Lotus Notes client.
After installing the Lotus Sametime Community server in a IBM Lotus Domino
partitioned server environment on AIX, Linux, or Solaris, configure the partitioned
servers to avoid IP conflicts.
If your server has multiple IP addresses but they do not all translate to single DNS
names, then you will need to configure Sametime and indicate which IP addresses
to trust:
1. Open the sametime.ini file and make the following change before saving the
file: Under [Config], add:
Chapter 3. Installing 85
VPS_TRUSTED_IPS=comma_separated_list_of_IPv4_addresses_for_all_network_
interfaces_on_server
For example:
VPS_TRUSTED_IPS=9.51.251.231,9.51.251.232,9.51.251.233,
9.51.251.234,9.51.251.238
2. Using the IBM Lotus Notes Client, open the stconfig.nsf database, which is
located on the Sametime server.
3. Modify the Community Trusted IPs setting to equal the list of IPv4 addresses
that you specified in step 1.
By default, Broadcast Server will only bind to a single IP address and port. If
multiple IP addresses resolve to the same DNS name, then you will need to bind
all of them to the Broadcast Server by completing the following steps:
1. Start the Sametime server.
2. Log in as Administrator, and open the Sametime Administration Tool by
clicking Administer the Server.
3. Click Configuration → Connectivity → Broadcast gateway address for client
connections.
4. Do one of the following:
v Enter the specific IP Address you wish to use for Broadcast connections.
v Specify that the Broadcast Server should bind to ALL IP addresses on the
server.
5. Close the Sametime Administration Tool.
6. Open the meetingserver.ini file and make the following change before saving
the file: Under [SOFTWARE\Lotus\Sametime\BroadcastGateway\DBNL],
locate the entry:
IPBindAll=0
and change it to
IPBindAll=1
If you are specifying a DNS name for the Address for client connections → Host
name and Address for HTTP tunneled client connections → Host name fields,
then you must specify a dotted IPv4 Address that your Fully Qualified Domain
Name resolves to:
1. Start the Sametime server.
2. Log in as Administrator, and open the Sametime Administration Tool by
clicking Administer the Server.
3. Click Configuration → Connectivity.
4. Enter the dotted IPv4 Address in the following fields:
v Address for client connections → Host name
v Address for HTTP tunneled client connections → Host name
Follow these steps to confirm that you can connect to the community server.
1. On the Domino server, start the Domino server and Sametime Community
Server.
2. On the Sametime System Console system, start the Lotus Sametime System
Console.
3. Start the Deployment Manager for the cell.
4. From a browser, log in to the Integrated Solutions Console:
a. Enter the following URL, replacing serverhostname.domain with the fully
qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
b. Enter the WebSphere Application Server User ID and password that you
created when you installed Lotus Sametime System Console.
5. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
6. In the Sametime Community Servers list, click the deployment name of the
server you installed.
7. Click any of the tabs to see the types of settings you can change. You will make
most configuration changes from these tabs.
8. Log in to the Sametime Administration Tool.
a. Using a browser, enter the URL http://serverhostname.domain:port/
stcenter.nsf
Replace serverhostname.domain with your Community Server name and add
the port number if you determined it is not the default port number 80. For
example: http://st85comm1.acme.com/stcenter.nsf
b. Log in with the Domino administrator’s name and password.
c. On the Sametime Welcome page, under Administrator Tools, click
Administer the server. You use the Sametime Administration Tool for some
server administration tasks.
Related concepts
“Starting and stopping servers running on Lotus Domino” on page 235
The IBM Lotus Sametime Community Server is configured as a set of services that
start and stop automatically when the Domino server is stopped or started.
Related tasks
“Guided activity: Preparing to install a Lotus Sametime Community Server” on
page 79
This guided activity takes you through the steps of creating a deployment plan,
which collects information that pre-populates installation screens.
Chapter 3. Installing 87
Before you begin
Important: Due to the way the Lotus Sametime Community Server functions, you
must not disable IPv4 addressing in the server’s operating system. Even if you will
use IPv6-only addressing with the Lotus Sametime Community Server and with
your network, internal server components use IPv4 addresses (for example, in
loopback addresses) and will fail if the operating system does not support IPv4
addressing.
To enable support for IPv6 addressing on the Lotus Sametime Community Server,
modify the configuration settings for Lotus Domino and for Lotus Sametime as
explained in the following topics:
The IBM Lotus Sametime Community Server is hosted on Lotus Domino. When
you enable support for IPv6 addressing on the Community Server, you must
additionally ensure that the underlying Lotus Domino server also supports IPv6.
Lotus Sametime supports IPv6 addressing only with Lotus Domino 8.0 or later. If
you use an earlier release of Lotus Domino, you must upgrade it to release 8.x
before you can configure it for IPv6 addressing.
The steps to enabling IPv6 support in Lotus Domino vary with the operating
system:
Before an IBM Lotus Sametime server can support IPv6 addressing on IBM AIX,
Linux, or Solaris, you must configure IPv6 support for the Lotus Domino server on
which it is hosted.
Lotus Domino and the Lotus Sametime Community server must be installed; the
Lotus Domino server must be running (it does not matter whether the Community
Server is also running at this point).
Note: If you will only support IPv6 addressing, skip this step.
a. On the Lotus Domino/Lotus Sametime Community Server, start the
Domino Administrator client.
b. In the Domino Administrator, navigate to the Server pane and double-click
your Community Server’s name to select it.
This opens the corresponding ″Server″ document.
c. In the ″Server″ document, navigate to the Internet Protocols → HTTP tab.
d. Update the HTTP hostname field by entering the Community Server’s fully
qualified host name, followed by the explicit IPv4 and IPv6 IP addresses for
this server.
Attention: When you fill out this field, you must enter the values using
the following format:
v The first value in the field must a fully qualified host name (for example:
commsvr1.acme.com).
v The second and third values must be the explicit IP addresses (using IPv4
dot notation or IPv6 colon notation) that correspond to that host name;
the order of these two IP addresses does not matter.
v Separate values with a carriage return by pressing the ENTER key before
adding another value.
e. Save and close the ″Server″ document.
f. Restart the HTTP service on the Lotus Domino server by running the
following command in the console:
tell http restart
2. Enable support for IPv6 addresses by adding the following setting to the
notes.ini file, located in the Lotus Domino server data directory:
tcp_enableipv6=1
DONT_USE_REMEMBERED_ADDRESSES=1
Leave this file open for the next step.
3. (AIX and Solaris only) Add the following setting to the notes.ini file to define
the default zone for your server:
tcp_defaultzone=zone
In this statement, zone is the default zone; this information can be obtained by
running the ifconfig -a command.
4. Restart the Lotus Domino server so your changes can take effect.
Before an IBM Lotus Sametime Community Server can support IPv6 addressing on
Microsoft Windows, you must configure IPv6 support for the IBM Lotus Domino
server on which it is hosted.
Chapter 3. Installing 89
Before you begin
Lotus Domino and the Lotus Sametime Community server must be installed; the
Lotus Domino server must be running (it does not matter whether the Community
Server is also running at this point).
For information on supporting IPv6 with Lotus Domino, see ″IPv6 and Lotus
Domino″ in the Lotus Domino Administration information center at:
Lotus Domino Administration information center
1. To support both IPv4 and IPv6 addressing, update the ″Server″ document for
the Community Server so that both formats will be accepted:
Note: If you will only support IPv6 addressing, skip this step.
a. On the Lotus Domino/Lotus Sametime Community Server, start the
Domino Administrator client.
b. In the Domino Administrator, navigate to the Server pane and double-click
your Community Server’s name to select it.
This opens the corresponding ″Server″ document.
c. In the ″Server″ document, navigate to the Internet Protocols → HTTP tab.
d. Update the HTTP hostname field by entering the fully qualified host name,
followed by the explicit IPv4 and IPv6 IP addresses for this server.
Attention: When you fill out this field, you must enter the values using
the following format:
v The first value in the field must a fully qualified DNS (for example:
commsvr1.acme.com).
v The second and third values must be the explicit IP addresses (using IPv4
dot notation or IPv6 colon notation) that correspond to that host name;
the order of these two IP addresses does not matter.
v Separate values with a carriage return by pressing the ENTER key before
adding another value.
e. Save and close the ″Server″ document.
f. Restart the HTTP service on the Lotus Domino server by running the
following command in the console:
tell http restart
2. Enable support for IPv6 addresses by adding the following settings to the
notes.ini file, located in the Lotus Domino server data directory:
tcp_enableipv6=1
DONT_USE_REMEMBERED_ADDRESSES=1
In the next statement, zone is the default zone; this information can be obtained
by running the ipconfig /all command.
tcp_defaultzone=zone
This set of statements creates one port for IPv4 addressing (TCPIP) and another
port for IPv6 addressing (TCPIPV6):
Configure settings to establish connectivity and resolve addresses when using IPv6
addressing on the IBM Lotus Sametime Community Server.
Enable support for IPv6 addresses on the Lotus Domino server hosting this Lotus
Sametime Community Server.
Important: Due to the way the Lotus Sametime Community Server functions, you
must not disable IPv4 addressing in the server’s operating system. Even if you will
use IPv6-only addressing with the Lotus Sametime Community Server and with
your network, internal server components use IPv4 addresses (for example, in
loopback addresses) and will fail if the operating system does not support IPv4
addressing.
Follow the steps below to configure IPv6 support on the Lotus Sametime
Community Server:
1. Stop the Community Server.
2. Locate the sametime.ini file in the Lotus Sametime Community Server’s data
directory, and open the file so you can edit it.
3. In the [Connectivity] section, add (or modify) the following statements:
UCM_RESOLVE_PREFERRED_IP_VER=IPv4_or_IPv6_selection
VPS_HOST=Explicit_IP_address_of_this_server
UCM_LOCAL_IP=Explicit_IP_address_of_this_server
VPHMX_HTTP_SERVER_IP=IP_address_of_Domino_HTTP_server
VPHMX_HTTP_SERVER_PORT=Domino_HTTP_port
where:
v UCM_RESOLVE_PREFERRED_IP_VER specifies which type of addresses should be
preferred when a domain name resolves to multiple addresses of both
protocols:
– If you support only IPv6 addressing, set this to ″6″ to disallow
IPv4–formatted addresses.
– If you support both IPv4 and IPv6 addressing, set this to ″4″ to allow both
protocols but attempt to resolve addresses, using IPv4 protocol first.
v VPS_HOST specifies the explicit IP address of this Lotus Sametime Community
Server. Use the IP address that matches the setting in
UCM_RESOLVE_PREFERRED_IP_VER. For example, if you set that value to ″4″ then
specify an IPv4–format address, but if you set that value to ″6″ then specify
an IPv6–format address.
v UCM_LOCAL_IP specifies the explicit IP address of this Lotus Sametime
Community Server. Use the IP address that matches the setting in
Chapter 3. Installing 91
UCM_RESOLVE_PREFERRED_IP_VER. For example, if you set that value to ″4″ then
specify an IPv4–format address, but if you set that value to ″6″ then specify
an IPv6–format address.
v VPHMX_HTTP_SERVER_IP specifies the IP address of the Lotus Domino HTTP
server running on this computer.
v VPHMX_HTTP_SERVER_PORT specifies the port used by the Lotus Domino HTTP
server running on this computer; normally this is port 80.
4. In the [Config] section, add (or modify) the following statement:
STLINKS_HOST=Explicit_IP_address_of_this_server
where STLINKS_HOST specifies the explicit IP address of this Lotus Sametime
Community Server. Use the IP address that matches the setting in
UCM_RESOLVE_PREFERRED_IP_VER. For example, if you set that value to ″4″ then
specify an IPv4–format address, but if you set that value to ″6″ then specify an
IPv6–format address.
Table 5. Accepted values for STLINKS_HOST
Type of address Example
IPv4 explicit address (dot notation) 9.42.127.134
IPv6 explicit address using colon notation 2002:92a:8f7a:200:9:42:127:134
IPv6 explicit address using double-colon 3ef0::bee7:994:2e66
notation
IPv6 explicit address using IPv4–suffix 3ef0::bee7:9.148.46.102
notation
IPv4 ″any″ (four zeroes) 0.0.0.0
IPv6 ″any″ (a double colon) ::
5. Add (or modify) the following statements in the [Debug] section within the
sametime.ini file:
v If this Lotus Sametime Community Server will support both IPv4 and IPv6
addressing:
VPMX_DISABLE_CONFIGURATION_UPDATE=1
VPMX_HOSTNAME=::,0.0.0.0
VPMX_PORT=1533
VPHMX_HOSTNAME=::,0.0.0.0
VPHMX_PORT=8082
Where:
– VPMX_DISABLE_CONFIGURATION_UPDATE=1 requires all four of the statements
that follow it.
– VPMX_HOSTNAME specifies the addresses where the multiplexer residing on
this server handles Lotus Sametime client communications. (The
multiplexer was installed automatically as a part of the Lotus Sametime
Community Server; if you will additionally install a stand-alone
Community Mux, you will need to enable support for IPv6 addressing on
that server as well).
Table 6. Accepted values for VPMX_HOSTNAME
Type of address Example
IPv4 explicit address (dot notation) 9.42.127.134
IPv6 explicit address using colon notation 2002:92a:8f7a:200:9:42:127:134
IPv6 explicit address using double-colon 3ef0::bee7:994:2e66
notation
For example, set this to ::,0.0.0.0 to accept ″any″ address using either IP
protocol.
– VPMX_PORT specifies the port on which the multiplexer residing on this
server listens for client connections, normally port 1533.
– VPHMX_HOSTNAME specifies the addresses where the multiplexer residing on
this server handles HTTP client communications.
Table 7. Accepted values for VPHMX_HOSTNAME
Type of address Example
IPv4 explicit address (dot notation) 9.42.127.134
IPv6 explicit address using colon notation 2002:92a:8f7a:200:9:42:127:134
IPv6 explicit address using double-colon 3ef0::bee7:994:2e66
notation
IPv6 explicit address using IPv4–suffix 3ef0::bee7:9.148.46.102
notation
IPv4 ″any″ (four zeroes) 0.0.0.0
IPv6 ″any″ (a double colon) ::
For example, set this to ::,0.0.0.0 to accept ″any″ address using either IP
protocol.
– VPHMX_PORT specifies the port on which the multiplexer residing on this
server listens for HTTP client connections, normally port 8082.
v If this Lotus Sametime Community Server will support only IPv6 addressing:
[Debug]
VPMX_DISABLE_CONFIGURATION_UPDATE=1
VPMX_HOSTNAME=::
VPMX_PORT=1533
VPHMX_HOSTNAME=::
VPHMX_PORT=8082
6. IBM i only: If you will support both IPv4 and IPv6 addressing, replace all of
the remaining Lotus Sametime Community Server host names in the
sametime.ini file with the correct IPv4 or IPv6 address, based on your address
preference as specified with the UCM_RESOLVE_PREFERRED_IP_VER setting.
For example:
v If the UCM_RESOLVE_PREFERRED_IP_VER setting is ″6″, change every occurrence
of stserver1.acme.com to 2001:db8:85a3:0:0:8a2e:370:7334 (the
corresponding IPv6 address).
v If the UCM_RESOLVE_PREFERRED_IP_VER setting is ″4″, change every occurrence
of stserver1.acme.com to 9.42.127.134 (the corresponding IPv4 address).
7. Save and close the file.
8. Start the Community Server.
Chapter 3. Installing 93
What to do next
If your Lotus Sametime Community Server is hosted on a Linux SuSE server, you
will additionally need to edit the ststart script to enable support for IPv6
addressing in SuSE as described in the next topic.
By default, support for IPv6 addressing is disabled in the version of IBM Lotus
Sametime that runs on Linux SuSE operating systems; you must enable IPv6
support in the ″ststart″ script used by Lotus Sametime on a Linux SuSE server.
Previous releases of Lotus Sametime did not support IPv6 addressing. Because the
Linux SuSE operating system already supported IPv6 by default, it was necessary
to specifically disable IPv6 for Lotus Sametime on those servers. If you want to
support the use of IPv6 addresses with Lotus Sametime on a Linux SuSE server,
you must re-enable support for IPv6 by modifying the ststart script.
Use the IBM Lotus Sametime System Console to connect to a Lotus Sametime
Community Mux and validate its settings.
If you have not already opened the Connect to Sametime Community Mux Servers
activity, follow these steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified host name of the Lotus Sametime System Console server (for
example stconsole.acme.com).
http://serverhostname.domain:8700/ibm/console
Chapter 3. Installing 95
If you are prompted with a security exception, accept the certificate, and
continue.
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Expand Sametime Prerequisites, and click Connect to Sametime Community
Mux Servers.
Related concepts
“Planning for an LDAP directory” on page 40
The IBM Lotus Sametime 8.5 multiple-server environment requires an LDAP
directory for user authentication. The LDAP server should be set up and running
before deploying Sametime.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
Validate the host name and ports specified for a new IBM Lotus Sametime
Community Mux server.
Use this page to validate the host name of a new Community Mux, along with the
ports on which it will listen for client connections. This ensures you have a
working multiplexer before you attempt to connect it to a Lotus Sametime
Community Server or cluster.
1. Connect to Sametime Community Mux Servers.
Click Add to begin the guided activity, which lets you validate your installed
Lotus Sametime Community Mux servers before connecting them to
Community Servers.
You can optionally edit or delete connections to Community Mux servers. Click
Refresh to view your most recent changes.
2. Add Sametime Community Mux Servers.
a. In ″Connect to Sametime Community Mux Servers″, click Add.
b. In the Host Name field, type the fully qualified host name of the new
Sametime Community Mux (for example: mux1.acme.com).
c. Accept the default settings for the Client Port and Client HTTP Port fields.
These settings indicate the ports that the multiplexer will listen on for
connections from Lotus Sametime Connect clients and from Web clients,
respectively.
d. Click Save.
The connection to the Lotus Sametime Community Mux is validated when
you save the settings.
Follow these steps to confirm or change the settings for VPS_HOST, VPS_PORT,
and VPMX_CAPACITY, open the sametime.ini file on the Community Server
multiplexer machine.
1. Open a text editor on the Community Server multiplexer machine.
2. Open the Sametime.ini file located in the Sametime server installation directory
(the default directory in Windows is C:\program files\lotus\domino).
3. Confirm the host name (VPS_HOST) of the Sametime server to which the
Community Services multiplexer connects (specified during the Community
Services multiplexer installation and in the stconfig.nsf database.
Chapter 3. Installing 97
4. Confirm the port (VPS_PORT) the Community Services multiplexer uses to
establish the connection with the Sametime server (default port 1516).
5. Confirm or change the maximum number of simultaneous connections allowed
to the multiplexer (VPMX_CAPACITY).
The default value is 20,000 connections:
VPMX_CAPACITY=20000
6. Save the sametime.ini file.
Note: The first three settings must match the values used for the Lotus
Sametime server where Community Services are hosted; these values must use
the same IP protocol as well.
UCM_RESOLVE_PREFERRED_IP_VER=IPv4_or_IPv6_selection
VPS_HOST=Explicit_IP_address_of_Sametime_server
UCM_LOCAL_IP=Explicit_IP_address_of_Community_Mux
VPHMX_HTTP_SERVER_IP=IP_address_of_Domino_HTTP_server
VPHMX_HTTP_SERVER_PORT=Domino_HTTP_port
where:
v UCM_RESOLVE_PREFERRED_IP_VER specifies which type of addresses should be
preferred when a domain name resolves to multiple addresses of both
protocols:
– If you support both IPv4 and IPv6 addressing, set this to ″4″ to allow both
protocols but attempt to resolve addresses using IPv4 protocol first.
– If you support only IPv6 addressing, set this to ″6″ -- this will still allow
both protocols, but will attempt to resolve addresses using IPv6 protocol
first in case your operating system is enabled for both IP protocols.
v VPS_HOST specifies the explicit IP address of the Lotus Sametime server to
which this Community Services multiplexer connects. This value must use
the format specified in UCM_RESOLVE_PREFERRED_IP_VER; for example if you
entered a ″4″ for that setting, then you must provide an IPv4–format IP
address here.
v UCM_LOCAL_IP specifies the explicit IP address of the Community Mux
machine (using dot notation for IPv4 protocol or colon notation for IPv6
For example, set this to ::,0.0.0.0 to accept ″any″ address using either IP
protocol.
– VPMX_PORT specifies the port on which this multiplexer listens for client
connections, normally port 1533.
– VPHMX_HOSTNAME specifies the addresses where this multiplexer serves
HTTP client communications.
Table 9. Accepted values for VPHMX_HOSTNAME
Type of address Example
IPv4 explicit address (dot notation) 9.42.127.134
IPv6 explicit address using colon notation 2002:92a:8f7a:200:9:42:127:134
IPv6 explicit address using double-colon 3ef0::bee7:994:2e66
notation
IPv6 explicit address using IPv4–suffix 3ef0::bee7:9.148.46.102
notation
IPv4 ″any″ (four zeroes) 0.0.0.0
IPv6 ″any″ (a double colon) ::
Chapter 3. Installing 99
For example, set this to ::,0.0.0.0 to accept ″any″ address using either IP
protocol.
– VPHMX_PORT specifies the port on which the stand-alone Community Mux
listens for HTTP client connections, normally port 8082.
v If this Lotus Sametime server will support only IPv6 addressing:
[Debug]
VPMX_DISABLE_CONFIGURATION_UPDATE=1
VPMX_HOSTNAME=::
VPMX_PORT=1533
VPHMX_HOSTNAME=::
VPHMX_PORT=8082
5. Save and close the file.
6. Restart the Community Mux so your changes can take effect.
After you have configured the Community Server multiplexer, give users the DNS
name of the multiplexer and instruct them to set up their Sametime Connect
preferences to connect to the multiplexer instead of the Sametime Community
Server.
Each user must update the Sametime Connect client with the DNS name of the
multiplexer. If you have deployed multiple Community Server multiplexers,
distribute users evenly among the machines. For example, with two multiplexers,
direct half of your users to use multiplexer 1 and the other half to use multiplexer
2.
1. Open Sametime Connect.
2. Choose File → Preferences → Server Communities.
3. In the Server Community field, type the DNS name of the Community Server
multiplexer machine, such as messaging.acme.com, as instructed by the
administrator.
If you have not already opened the Install Lotus Sametime Proxy Server guided
activity, follow these steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Guided Activities → Install Sametime Proxy Server.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This guided activity takes you through the steps of creating a deployment plan,
which collects information that pre-populates installation screens.
Follow these steps to store a deployment plan on the Sametime System Console to
be used when you run the installation program for Lotus Sametime Proxy Server.
1. Plan a product installation.
Important: This must be a unique user ID that does not exist in the LDAP
directory.
5. Deployment Summary.
Review the summary screen, and then click Finish.
The deployment plan is ready to be used for the server installation. If you need
to make any changes, click Modify an Existing Deployment Plan and update
the plan. All changes must be made prior to running installation.
What to do next
You should have already created a deployment plan for the Lotus Sametime Proxy
Server and started the Lotus Sametime System Console server. If you are logged
into the Sametime System Console, log out and close the browser before
continuing.
By using the deployment plan you created earlier, you have fewer selections to
make when you run the installation program.
1. (Linux RHEL only) Disable SELinux on any RedHat operating system:
a. Log in as root on the Linux RedHat server where you will install the Lotus
Sametime server.
b. Open the /etc/selinux/config file for editing.
c. Locate the SELINUX setting. Change its value to either disable or
permissive.
d. Save and close the file.
e. Restart the Linux server.
2. Log in to your computer as the system administrator (Microsoft Windows) or
as root (IBM AIX, Linux, Solaris).
Solaris only: Solaris installs must be performed by the root user using su or a
normal login session. Third-party sudo packages are not supported on Solaris.
3. Download the installation package if you have not already done so. This
installation uses SametimeProxyServer.zip.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers to the system
on which you are installing.
c. Extract the files to a local directory.
d. Verify that you have at least 1 GB of temporary space to run the
installation in your %TEMP% or /tmp directory.
4. Navigate to the folder where you stored the downloaded files for Lotus
Sametime and start the installation program by running one of the following
commands from the disk 1 folder:
AIX, Linux, Solaris
./launchpad.sh
Windows
launchpad.exe
5. If necessary, select a language other than English from the ″Select a language″
dropdown list.
6. Click Install IBM Lotus Sametime Proxy Server and click Launch IBM Lotus
Sametime Proxy Server 8.5 installation.
7. Select the packages you want to install and click Next.
8. At the Licenses screen, click the I accept the terms in the license agreements
option and click Next.
9. Select a package group option and accept the installation directory. Then click
Next.
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix any problems,
then uninstall all components and reinstall. Find information in the logs directory
and the ant and native subdirectories.
/var/ibm/InstallationManager/logs
Windows 2008
%ALLUSERSPROFILE%\IBM\Installation Manager\logs
Windows 2003
%ALLUSERSPROFILE%\Application Data\IBM\Installation Manager\logs
What to do next
Open the Sametime Web client to verify that the installation was successful.
Tip: To verify the port number being used by the Lotus Sametime Proxy
Server, log in the Lotus Sametime System Console. In the WebSphere
Application Server administrative console, click Servers → WebSphere
application servers → STProxyServer → ports → WC_defaulthost to find the port
number.
For example: http://st85proxy1.acme.com:9081/stwebclient/index.jsp
2. Verify that you can create or view contacts.
Related tasks
“Logging in to the Lotus Sametime System Console” on page 63
Use the IBM Lotus Sametime System Console to prepare to install new servers,
start Sametime servers that have been installed, use guided activities to perform
configuration tasks, and administer any Sametime servers managed by the console.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
You should have already installed the IBM Lotus Sametime Server Console and the
Lotus Sametime Proxy Server.
To maintain FIPS 140-compliance for all data exchanged between clients and Lotus
Sametime Community Servers, you must install the FIPS Server on the Lotus
Sametime Proxy Server to accept data on behalf of Lotus Sametime Community
Servers.
If you do not install the FIPS administration portlet, you can manage the FIPS
Server using information in FIPS Support for IBM Lotus Sametime 8.
1. Install the FIPS administration portlet into the Sametime System Console of
the Integrated Solutions Console. Go to WebSphere\STSCServerCell\
optionalConsoleApps\fips.proxyadmin and install the portlet using the
instructions in the readme.txt.
2. Copy sametimefipsproxy.war from setup\STIPLaunchpad\disk1\FIPSProxy on
the image disk to your local drive.
3. Log in to the Integrated Solutions Console on the machine where you are
installing the FIPS Server.
4. Click Applications → Application Types → Websphere Enterprise
Applications.
5. On the Enterprise Applications page, click Install. .
6. Under Path to the new application, browse to the sametimefipsproxy.war file.
Keep the default settings to install the server, and then click Next
7. Enter the context root that you want for the FIPS Server.
8. Click Finish and save the configuration.
9. Restart the Lotus Sametime Proxy Server to automatically start the FIPS
Server.
10. Log in to the Integrated Solutions Console.
11. Click Sametime System Console → Sametime Servers → FIPS Proxy Servers.
You can only edit data for FIPS if the FIPS war is running on the installed
server. Make sure that your FIPS Server is running in order to administer it.
If you have not already opened the Install Lotus Sametime Media Manager guided
activity, follow these steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Guided Activities → Install Sametime Media Manager.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This guided activity takes you through the steps of creating a deployment plan,
which collects information that pre-populates installation screens. The IBM Lotus
Sametime Media Manager runs on Linux and Microsoft Windows only. The media
manager is comprised of three components: Proxy/Registrar, Conference Manager,
and Packet Switcher. In a production environment, you should install these Media
Manager components on separate machines for better performance.
The instructions below assume you have decided what type of deployment plan
you are setting up for the Media Manager. A pilot deployment uses one machine
and one deployment plan. A production deployment typically distributes each
Media Manager component on a separate machine and therefore uses multiple
deployment plans. In addition, you can cluster the Proxy/Registrar and Conference
Manager components, which requires a deployment plan for the component’s
primary node and another deployment plan for secondary nodes. Clustering is not
available for the Packet Switcher; it is also not available for an ″All Components″
installation of the Media Manager, which includes the Packet Switcher.
v Pilot deployment prerequisite
You must have installed a Lotus Sametime Community server using a
deployment plan.
v Production deployment prerequisites
The SIP Proxy and Registrar requires that you have installed a Lotus Sametime
Community server using a deployment plan.
The Conference Manager requires that you have installed a Lotus Sametime
Community server and a SIP Proxy and Registrar using deployment plans.
The Packet Switcher requires that you have installed a Lotus Sametime
Community server and a Conference Manager using deployment plans.
Create deployment plans and install each component in this order to meet
prerequisites:
1. SIP Proxy and Registrar
2. Conference Manager
3. Packet Switcher
Follow these steps to store a deployment plan on the Sametime System Console to
be used when you run the installation program for Lotus Sametime Media
Manager or one of its components.
1. Plan a product installation.
In the Install Sametime Media Manager portlet, click Create a New
Deployment Plan, and then click Next.
2. Deployment Name.
Give the deployment plan a unique, recognizable name, which will be shown
only in the Sametime System Console, and then click Next.
The name should include the installation and node type, such as
stMedia_primary or stMediaProxReg_primary. You can include multibyte
characters, symbols, and spaces in the name. The name can be up to 256
characters and is not case sensitive.
3. Media Manager Feature Installation.
Select which components to install, and then click Next:
Pilot use: Click Install All Components to install all media manager
components on the same computer.
Production use: Select the component to install on the current computer.
v Install Proxy/Registrar
v Install Conference Manager
v Install Packet Switcher
Important: This must be a unique user ID that does not exist in the LDAP
directory.
6. Connect to Community Server.
Select the deployment plan that represents the Community Server to which this
Media Manager component (or components) connect, and then click Next.
For a Conference Manager deployment plan, also select the existing
Proxy/Registrar deployment plan. For a Packet Switcher deployment plan, also
select the existing Conference Manager deployment plan.
7. Deployment Summary.
Review the summary screen, and then click Finish.
The deployment plan is ready to be used for the server installation. If you need
to make any changes, click Modify an Existing Deployment Plan and update
the plan. All changes must be made prior to running installation.
Repeat this guided activity for each media manager component you plan to
install on a separate computer.
What to do next
You should have already created a deployment plan for the Lotus Sametime Media
Manager and started the Lotus Sametime System Console server. If you are logged
into the Sametime System Console, log out and close the browser before
continuing.
Linux: The launchpad install program needs to be able to launch a Web browser to
start. You will need to be on the console or have an X server and a Web browser
installed and configured. (VNC or a remote X term session will work as well).
By using the deployment plan you created earlier, you have fewer selections to
make when you run the installation program.
1. (Linux RHEL only) Disable SELinux on any RedHat operating system:
a. Log in as root on the Linux RedHat server where you will install the Lotus
Sametime server.
b. Open the /etc/selinux/config file for editing.
c. Locate the SELINUX setting. Change its value to either disable or
permissive.
d. Save and close the file.
e. Restart the Linux server.
2. Log in to your computer as the system administrator (Microsoft Windows) or
as root (Linux).
110 Lotus Sametime: Installation and Administration Guide Part 1
3. Download the installation package for the Sametime Media Manager if you
have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers to the system
on which you are installing.
c. Extract the files to a local directory.
d. Verify that you have at least 1 GB of temporary space to run the
installation in your %TEMP% or /tmp directory.
4. Navigate to the folder where you stored the downloaded files for Lotus
Sametime and start the installation program by running one of the following
commands from the disk 1 folder:
Linux
./launchpad.sh
Windows
launchpad.exe
5. If necessary, select a language other than English from the ″Select a language″
dropdown list.
6. Click Install IBM Lotus Sametime Media Manager and click Launch IBM
Lotus Sametime Media Manager 8.5 installation.
7. Select the version you want to install and click Next.
8. At the Licenses screen, click the I accept the terms in the license agreements
option and click Next.
9. Select a package group option and accept the installation directory. Then click
Next.
Select Create a new package group if you have not installed any other
Sametime software on this machine.
Leave Use the existing package group selected if you are installing several
Sametime servers on the same machine.
10. Select IBM Sametime Media Manager as the feature to install and select Use
Lotus Sametime System Console to install. Click Next.
11. At the SSC Login screen, supply values for connecting to the Lotus Sametime
System Console.
v Host name: Provide the fully qualified domain name in the Host Name
field for the Lotus Sametime System Console. The host name was
determined when you installed the Lotus Sametime System Console.
v Use SSL: Leave this option selected to run the server over a secure
connection.
v HTTPs port: Leave 9443 as the default value.
v User ID and password: Provide the WebSphere Application Server User ID
and password that you created when you installed the Lotus Sametime
System Console.
12. Provide the host name for the machine you are currently using, which is the
same name you used when you created the deployment plan for this
installation.
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix any problems,
then uninstall all components and reinstall. Find information in the logs directory
and the ant and native subdirectories.
Linux
/var/ibm/InstallationManager/logs
Windows 2008
%ALLUSERSPROFILE%\IBM\Installation Manager\logs
Windows 2003
%ALLUSERSPROFILE%\Application Data\IBM\Installation Manager\logs
What to do next
Related tasks
“Guided activity: Preparing to install a Lotus Sametime Media Manager” on page
108
This guided activity takes you through the steps of creating a deployment plan,
which collects information that pre-populates installation screens. The IBM Lotus
Sametime Media Manager runs on Linux and Microsoft Windows only. The media
manager is comprised of three components: Proxy/Registrar, Conference Manager,
and Packet Switcher. In a production environment, you should install these Media
Manager components on separate machines for better performance.
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
Increasing the heap size for a non-clustered SIP Proxy and Registrar
component:
If you installed the IBM Lotus Sametime Media Manager using the Cell profile
option to create a non-clustered server, increase the maximum heap size for the SIP
Proxy and Registrar component. Complete this task regardless of whether the SIP
Proxy and Registrar component is hosted on a computer with other media
manager components, or is hosted separately.
Install the Lotus Sametime Media Manager using the Cell profile to create a
non-clustered server. If you installed the SIP Proxy and Registrar on a separate
computer, complete this task on that server.
Typically, the total value of all server instance JVM heap sizes on a specific node
must be less than half of the total RAM of that computer.
1. Log in to the SIP Proxy and Registrar’s Integrated Solutions Console as the
WebSphere administrator.
2. Click Servers → Server Types → WebSphere application servers → .
3. Click a server name to display the ″Configuration″ page for the server.
4. In the Server Infrastructure section, click Java and process management, and
then click Process definition.
5. Under ″Additional Properties″ click Java virtual machine.
6. Under ″General Properties″ specify the heap size settings as follows:
Table 10. Heap settings for the SIP Proxy and Registrar
Initial heap size 256
Maximum heap size 1024
7. In the Generic JVM arguments field, type the following information exactly as
shown:
-Xverbosegclog:${SERVER_LOG_ROOT}/gc.log,1,14000
This will create an approximately 20MB rolling verbose GC log file, stored in
the server logs directory.
8. Click OK.
9. Save your changes by clicking the Save link in the ″Messages″ box at the top of
the page.
After installing the Lotus Sametime Media Manager, verify that you can use
audio-visual services.
Follow these steps to verify that the server started automatically after installation
and that you can use audio-visual services from the Sametime Connect client.
1. Check the WebSphere Application Server systemout.log and systemerr.log for
any exceptions.
2. From a browser, log in to the Lotus Sametime System Console:
a. Enter the following URL, replacing serverhostname.domain with the fully
qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
b. Enter the WebSphere Application Server User ID and password that you
created when you installed Lotus Sametime System Console.
c. Click the Sametime System Console task to open it in the navigation tree.
3. Click Servers → Server types → WebSphere application servers.
If you previously created a Meeting Server database and want to run the script
again to create a database of the same name, use the DB2 DROP DATABASE
command to delete all user data and log files, as well as any back/restore history
for the original database. Also note that uninstalling DB2 does not remove the data
and log files.
Run the scripts that come with Lotus Sametime in the DB2 installation package to
create the database for the Lotus Sametime Meeting Server.
1. On the DB2 server, log in to the system as the DB2 administrator created
during DB2 installation.
2. Open a command prompt and navigate to the folder where you extracted the
DB2 installation package.
3. Create the database by running one of the following commands from the disk 1
folder:
AIX, Linux, and Solaris
./createMeetingDb.sh STMS
Windows
createMeetingDb.bat STMS
Replace ″STMS″ in the command if you want to choose a different database
name. Names can be from 1 - 8 characters, but cannot contain special or
multibyte characters.
Follow the rules for your operating system when naming DB2 objects.
4. Close the DB2 command window.
5. Open the DB2 Control Center.
AIX, Linux, and Solaris:
Open the IBM DB2 folder on the desktop and click Control Center.
Windows:
Click Start → Programs → IBM DB2 → General Administration Tools → Control
Center.
6. Verify that the new database was created.
If you have not already opened the Connect to DB2 Databases activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary or use the setting
specified for the Administrative console secure port in the AboutThisProfile.txt
file. For the Sametime System Console Deployment Manager Profile
(STSCDmgrProfile), the file is located in the following path:
/QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDmgrProfile/logs/AboutThisProfile.txt
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Prerequisites → Connect to DB2 Databases.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This activity takes you through the steps for connecting to the Meeting Server or
Gateway database you created.
AIX, Linux, Solaris, Windows: Ensure that IBM DB2 has been installed and that
you have created the Sametime Meeting Server or Gateway database.
IBM i: Ensure that you have created the required database schemas and tables.
In the Connect to DB2 Databases portlet, verify that the Lotus Sametime System
Console database you created earlier is already displayed in the list of databases.
Follow these steps to connect to the Meeting Server or Gateway database. You
must do this before you can install the Meeting Server using the Sametime System
Console. If you installed the server without using the System Console (as is the
case with the Sametime Meeting Server on IBM i and Sametime Gateway on any
platform), do this step before registering the server with the System Console.
1. DB2 Configuration Guided Activity.
Click Add to begin the guided activity that will connect your server to the DB2
database. If a connection already exists, you can optionally edit or delete it.
2. Add a new database.
a. In the Connect to DB2 Databases portlet, click Add.
If you want to edit or delete a database instead, then select one, and click
the appropriate button.
b. Enter the fully qualified host name of the DB2 server in the Host name
field.
Do not enter an IP address or a short host name.
c. The Port field shows the default port of 50000. Accept the default unless
you specified a different port during DB2 installation or your server is using
a different port.
Linux: The default is typically 50001, but will vary based on port
availability. Check the /etc/services file on the DB2 server to verify the
port number being used.
d. In the Database name, field, enter the name of the database you want to
connect to.
Meeting Server database
On AIX, Linux, Solaris, and Windows, the database name is STMS unless
you changed it.
On IBM i, the name is always STMS.
Gateway database
For AIX, Linux, Solaris, and Windows, the database name is STGWDB
unless you changed it.
For IBM i, use the name you specified when creating the database schemas.
e. In the Application user ID field, supply the DB2 application’s
administrative user name that you created when you installed DB2, such as
db2admin. This user has database administration authority and you will use
this user ID and password whenever you work with DB2 databases for
Lotus Sametime. On IBM i, this is the user profile you specified as the
owner of the Meeting Server database schemas in your copy of the
stms.default.response.properties file or the user profile you logged in with
when you created the Gateway database schemas.
f. In the Application password field, enter the password for the DB2
administrative user ID.
g. If you are connecting to a database on an IBM i server, click Hosted on
IBM i.
h. Click Finish.
If you have not already opened the Install Lotus Sametime Meeting Server guided
activity, follow these steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Guided Activities → Install Sametime Meeting Server.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This guided activity takes you through the steps of creating a deployment plan,
which collects information that pre-populates installation screens.
You have set up an IBM DB2 database and an LDAP server, and have run the
guided activities for connecting to the DB2 database and to the LDAP server.
Follow these steps to store a deployment plan on the Lotus Sametime System
Console to be used when you run the installation program for Lotus Sametime
Meeting Server.
1. Plan a product installation.
In the Install Sametime Meeting Server portlet, click Create a New
Deployment Plan, and then click Next.
2. Deployment Name.
Give the deployment plan a unique, recognizable name, which will be shown
only in the Sametime System Console, and then click Next.
The name should include the installation and node type, such as
stMeeting_primary. You can include multibyte characters, symbols, and spaces
in the name. The name can be up to 256 characters and is not case sensitive.
3. Choose the configuration type.
Select the profile type for this installation, and then click Next:
Pilot use: Select Cell Profile.
Production use:
Add this server to the Sametime System Console cell by selecting the
appropriate Network Deployment option.
v First server of this type: Select Network Deployment - Primary Node.
Important: This must be a unique user ID that does not exist in the LDAP
directory.
5. Choose a database for this deployment.
Select the Lotus Sametime Meeting Server database that you configured with
the Lotus Sametime System Console activity, and then click Next.
If you used the recommended name when you created the Sametime Meeting
Server database, the name is STMS.
6. Connect to an LDAP Server.
Select the LDAP directory that you configured with the Lotus Sametime System
Console guided activity, and then click Next.
7. Deployment Summary.
Review the summary screen, and then click Finish.
The deployment plan is ready to be used for the server installation. If you need
to make any changes, click Modify an Existing Deployment Plan and update
the plan. All changes must be made prior to running installation.
What to do next
You should have already created a deployment plan for the Lotus Sametime
Meeting Server and started the Lotus Sametime System Console server. If you are
logged into the Sametime System Console, log out and close the browser before
continuing.
AIX, Linux, and Solaris: The launchpad install program needs to be able to launch
a Web browser to start. You will need to be on the console or have an X server and
a Web browser installed and configured. (VNC or a remote X term session will
work as well).
By using the deployment plan you created earlier, you have fewer selections to
make when you run the installation program.
1. (Linux RHEL only) Disable SELinux on any RedHat operating system:
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix any problems,
then uninstall all components and reinstall. Find information in the logs directory
and the ant and native subdirectories.
/var/ibm/InstallationManager/logs
Windows 2008
%ALLUSERSPROFILE%\IBM\Installation Manager\logs
Windows 2003
%ALLUSERSPROFILE%\Application Data\IBM\Installation Manager\logs
Log in to the Lotus Sametime Meeting Server to verify that the installation was
successful.
Verify the installation by logging in to the server and creating a new meeting
room.
1. From a Web browser, navigate to the Meeting Room Center by entering the
following URL:
http://serverhostname.domain:port/stmeetings
Replace serverhostname.domain with the fully qualified domain name of the
Meeting server; for example:
Tip: To verify the HTTP port number being used by the Lotus Sametime
Meeting Server, open the AboutThisProfile.txt file for the Sametime Meeting
Application Server Profile and use the setting specified for the HTTP transport
port. The default profile name is STMAppProfile. On IBM i, look for the
AboutThisProfile.txt file in the following location: /QIBM/UserData/Websphere/
AppServer/V7/SametimeWAS/profiles/STMAppProfile/logs/
AboutThisProfile.txt
http://st85ms1.acme.com:9080/stmeetings
Note: By default, the WebSphere proxy listens on port 80, and forwards to the
Lotus Sametime Meeting Server on port 9080.
2. Click Log In and then enter your User name and Password to log in to the
Meeting Center.
3. Click New Meeting Room, then fill in the fields and click Save.
4. The new meeting appears in the list of meetings that you own. Click Enter
Meeting Room below the name of the new meeting to join the meeting.
The fully qualified domain name of the Lotus Sametime Gateway server must be
externally resolvable by the domain name server, and must not be set in the
″hosts″ file. Verify that this is true before installing the Lotus Sametime Gateway.
Unlike other Lotus Sametime components, the Lotus Sametime Gateway does not
install with a deployment plan created on the Lotus Sametime System Console.
Instead, you enter required information as you proceed through the installation
program. Once the installation is complete, you will register the Gateway with the
Lotus Sametime System Console; from then on, you will administer the Gateway
server from the System Console, just like all the other Lotus Sametime
components.
Expected state: DB2 is installed. The DB2 database is created and DB2 is running.
Because your input will not be verified during installation, you should take
extra care when typing values.
10. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
11. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
appropriate radio button option to accept the terms if you agree with the
statement and click Next to proceed with the installation.
12. Select Standalone server and then click Next.
13. Type or click Browse to select the path to where you extracted the WebSphere
Application Server installation files from the CD. Do not use quotation marks.
This directory should contain the WAS and JDK subdirectories. It is very
important that you select the parent directory and not the subdirectory. For
example: use C:\TMP\WASCD\ifpackage but do not use C:\TMP\WASCD\
ifpackage\WAS or C:\TMP\WASCD\ifpackage\JDK.
14. Click Next to see the default directory path where WebSphere Application
Server will be installed is displayed. To change the installation location of
WebSphere Application Server, click Browse and select a desired location, or
type a new path.
15. Click Next to see node, cell, and host name profile information provided by
the installer. If the supplied information is correct, click Next.
Option Description
Node Logical name for the node. For example,
acmeNode.
Cell Name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCell.
16. Create a user ID and password to log in to the Integrated Solutions Console,
the administrative interface for managing Lotus Sametime Gateway. The user
ID must not exist in the LDAP directory. Passwords must not contain accented
characters or any of the following characters:
;*!?"/<>|+&'`[]%^
17. Click Next to see the default directory path where Lotus Sametime Gateway
will be installed. To change the location, click Browse and select a desired
location, or type a new path.
18. Click Next to enter database properties.
Option Description
Host name Fully qualified host name or TCP/IP
address of the database server.
Port Port number on the database server.
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
Schema user ID The ID for the user that has appropriate
permissions to create tables in the database.
You may need to get this information from
the database administrator. The schema user
ID is often the same as the application user
ID.
Schema password The password for the schema owner. You
may need to get this information from the
database administrator. The schema
password is often the same as the
application password.
19. Click Next to connect to an LDAP server at this time. The LDAP server must
be the same LDAP used by Lotus Sametime.
20. Select an LDAP host name from list of Registered host names and ports in
your domain, or select Other and enter a host name or IP address in the Host
name field. The default port number is 389. Click Next.
21. If anonymous access is successful to the LDAP host name, you may have the
option of continuing with anonymous access or changing the access to
authenticated access. If anonymous access is not permitted, you will not have
this option because you must supply a bind distinguished name and
password.
Option Description
Anonymous access Select this option if you don’t need
authenticated access to the LDAP server.
Lotus Sametime Gateway only requires
anonymous access to an LDAP server.
Authenticated access Select this option if your LDAP server
requires authenticated access. You must
provide an authentication identity, including
a bind distinguished name and password
from the LDAP administrator.
22. Enter the Bind distinguished name (DN) and Bind password. The bind
distinguished name can be any user with read permission for the directory
server. The bind DN need not be the LDAP administrator. For example:
v Bind distinguished name:
uid=ldapadmin,cn=users,l=shipley,st=kansas,c=us,ou=acme,o=medical,DC=ACME,DC=COM
v Bind password:
C@pital1
23. Click Next. Choose a base distinguished name from the list of Suggested base
distinguished names in your LDAP or enter a base DN in the Base
distinguished name field. The base distinguished name indicates the starting
point for LDAP searches of the directory service. For example, for the bind
distinguished name given as an example in the previous step, you can specify
the base DN as: DC=ACME,DC=COM. For authorization purposes, this field is case
sensitive. This panel is not shown if you are connecting to Domino LDAP.
24. Click Next to see the Lotus Sametime Gateway installation summary. You can
review the installation summary settings and, if necessary, click Back to make
changes.
25. Click Install to begin copying files. A progress bar is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
Complete these steps to install a single Lotus Sametime Gateway server on an AIX,
Linux, or a Solaris machine, to create an administrative user ID for WebSphere
Application Server, and to connect to an LDAP server. This installation requires
installing the WebSphere Application Server Network Deployment edition, even if
you are installing a single server. If you need to create a cluster of Lotus Sametime
Gateway servers later, follow the procedure for installing a cluster of servers using
the wizard.
Expected state: DB2 or the DBMS Administration Client is installed. The DB2
database is created and DB2 is running.
The Lotus Sametime Gateway install wizard deploys both the WebSphere
Application Server and the Lotus Sametime Gateway server application in one
installation.
1. Log in as root on the server where you will install Lotus Sametime Gateway.
2. (Linux RHEL only) Disable SELinux on any RedHat operating system:
a. Open the /etc/selinux/config file for editing.
b. Locate the SELINUX setting.
c. Change its value to either disable or permissive.
d. Save and close the file.
e. Restart the Linux server.
3. Create the temporary file folder /TMP/WASCD.
4. From the installation media, copy the WebSphere Application Server
installation image for your operating system to /TMP/WASCD.
5. Open a command window and navigate to the directory /TMP/WASCD.
6. Run the following command to uncompress the files:
gunzip -c part_number.tar.gz | tar -xvf -
When you are done extracting the files, you should have the following folder:
/TMP/WASCD/ifpackage
Verify that you have WAS and JDK folders inside the ifpackage folder.
7. From the installation media, copy the Lotus Sametime Gateway installation
image part_number.tar to the temporary directory /TMP.
8. Navigate to the /TMP directory and uncompress the following file:
unzip part_number.tar
Because your input will not be verified during installation, you should take
extra care when typing values.
v To run the installer in console mode, perform these steps:
a. Copy the directory /TMP/SametimeGateway to the IFS of the IBM i system.
b. Start a QSHELL session.
c. Navigate to the /TMP/SametimeGateway directory and type the following
command:
install.sh -console
Because your input will not be verified during installation, you should
take extra care when typing values.
10. Select the language to be used for the installation and click OK. The Lotus
Sametime Gateway Welcome screen is displayed.
11. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
appropriate radio button option to accept the terms if you agree with the
statement and click Next to proceed with the installation.
12. Select Standalone server, and then click Next.
13. Type or click Browse to select the path to where you extracted the WebSphere
Application Server installation files from the CD. This directory should
contain the WAS and JDK subdirectories. It is very important that you select
the parent directory and not the subdirectory. For example: use
/TMP/WASCD/ifpackage but do not use /TMP/WASCD/ifpackage/WAS or
/TMP/WASCD/ifpackage/JDK.
14. Click Next to see the default directory path where WebSphere Application
Server will be installed is displayed. To change the installation location of
WebSphere Application Server, click Browse and select a desired location, or
type a new path.
15. Click Next to see node, cell, and host name profile information provided by
the installer. If the supplied information is correct, click Next.
16. Create a user ID and password to log in to the Integrated Solutions Console,
the administrative interface for managing Lotus Sametime Gateway. The user
ID must not exist in the LDAP directory. Passwords must not contain accented
characters or any of the following characters:
;*!?"/<>|+&'`[]%^
17. Click Next to see the default directory path where Lotus Sametime Gateway
will be installed. To change the location, click Browse and select a desired
location, or type a new path.
18. Click Next to enter properties required by DB2:
Option Description
Host name Fully qualified host name or TCP/IP
address of the database server.
Port Port number on the database server.
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
Schema user ID The ID for the user that has appropriate
permissions to create tables in the database.
You may need to get this information from
the database administrator. The schema user
ID is often the same as the application user
ID.
19. Click Next to connect to an LDAP server at this time. The LDAP server must
be the same LDAP used by Lotus Sametime.
Option Description
Configure LDAP now Select if you want to set up a connection
between Sametime Gateway and LDAP that
does not need an SSL connection. You will
need to know the host name and port of the
LDAP server.
Configure LDAP after the installation Select this option if you need to set up an
SSL connection with LDAP, or if you do not
know the host name and port number used
by LDAP. If you are installing Lotus
Sametime Gateway outside the firewall and
the LDAP directory is located inside the
firewall, choose this option, and skip to step
23.
20. Select an LDAP host name from list of Registered host names and ports in
your domain, or select Other and enter a host name or IP address in the Host
name field. The default port number is 389. Click Next.
21. If anonymous access is successful to the LDAP host name, you may have the
option of continuing with anonymous access or changing the access to
authenticated access. If anonymous access is not permitted, you will not have
this option because you must supply a bind distinguished name and
password.
Option Description
Anonymous access Select this option if you don’t need
authenticated access to the LDAP server.
Lotus Sametime Gateway only requires
anonymous access to an LDAP server.
Authenticated access Select this option if your LDAP server
requires authenticated access. You must
provide an authentication identity, including
a bind distinguished name and password
from the LDAP administrator.
22. Enter the Bind distinguished name (DN) and Bind password. The bind
distinguished name can be any user with read permission for the directory
server. The bind DN need not be the LDAP administrator. For example:
v Bind distinguished name:
uid=ldapadmin,cn=users,l=shipley,st=kansas,c=us,ou=acme,o=medical,DC=ACME,DC=COM
v Bind password:
C@pital1
23. Click Next. Choose a base distinguished name from the list of Suggested base
distinguished names in your LDAP or enter a base DN in the Base
distinguished name field. The base distinguished name indicates the starting
Chapter 3. Installing 131
point for LDAP searches of the directory service. For example, for the bind
distinguished name given as an example in the previous step, you can specify
the base DN as: DC=ACME,DC=COM. For authorization purposes, this field is case
sensitive. This panel is not shown if you are connecting to Domino LDAP.
24. Click Next to see the Lotus Sametime Gateway installation summary. You can
review the installation summary settings and, if necessary, click Back to make
changes.
25. Click Install to begin copying files. A progress bar is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 minutes to complete. When the installation is complete, the
wizard displays a message indicating a successful installation.
26. Read the summary and click Finish. To view the installation log, click View
log file or open the log file at stgw_server_root/logs/installlog.txt
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
This section explains how to start a standalone Lotus Sametime Gateway server.
Skip these steps if you are setting up a cluster.
Single server configurations must have the Lotus Sametime Gateway server
running to access the Integrated Solutions Console, while a Lotus Sametime
Gateway cluster must have the Deployment Manager running to access the
Integrated Solutions Console. Do not start Lotus Sametime Gateway at this time if
you are creating a cluster of Lotus Sametime Gateway servers.
1. Log in to the server machine as a user with administrative privileges.
2. Navigate to the Lotus Sametime Gateway profile directory that contains
binaries: stgw_profile_root\bin
3. Type the following command to start Lotus Sametime Gateway. Note that
RTCGWServer is case-sensitive.
AIX, Linux, and Solaris
./startServer.sh RTCGWServer
Windows
startServer.bat RTCGWServer
IBM i
startServer RTCGWServer
Use the Lotus Sametime System Console to connect to the Lotus Sametime Meeting
Server or Lotus Sametime Gateway database before installing the server from the
System Console. If you installed the server without using the System Console (as is
the case with the Sametime Meeting Server on IBM i and Sametime Gateway on
any platform), do this step before registering the server with the System Console.
If you have not already opened the Connect to DB2 Databases activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary or use the setting
specified for the Administrative console secure port in the AboutThisProfile.txt
file. For the Sametime System Console Deployment Manager Profile
(STSCDmgrProfile), the file is located in the following path:
/QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDmgrProfile/logs/AboutThisProfile.txt
This activity takes you through the steps for connecting to the Meeting Server or
Gateway database you created.
AIX, Linux, Solaris, Windows: Ensure that IBM DB2 has been installed and that
you have created the Sametime Meeting Server or Gateway database.
IBM i: Ensure that you have created the required database schemas and tables.
In the Connect to DB2 Databases portlet, verify that the Lotus Sametime System
Console database you created earlier is already displayed in the list of databases.
Follow these steps to connect to the Meeting Server or Gateway database. You
must do this before you can install the Meeting Server using the Sametime System
Console. If you installed the server without using the System Console (as is the
case with the Sametime Meeting Server on IBM i and Sametime Gateway on any
platform), do this step before registering the server with the System Console.
1. DB2 Configuration Guided Activity.
Click Add to begin the guided activity that will connect your server to the DB2
database. If a connection already exists, you can optionally edit or delete it.
2. Add a new database.
a. In the Connect to DB2 Databases portlet, click Add.
If you want to edit or delete a database instead, then select one, and click
the appropriate button.
b. Enter the fully qualified host name of the DB2 server in the Host name
field.
Do not enter an IP address or a short host name.
c. The Port field shows the default port of 50000. Accept the default unless
you specified a different port during DB2 installation or your server is using
a different port.
Linux: The default is typically 50001, but will vary based on port
availability. Check the /etc/services file on the DB2 server to verify the
port number being used.
d. In the Database name, field, enter the name of the database you want to
connect to.
Meeting Server database
On AIX, Linux, Solaris, and Windows, the database name is STMS unless
you changed it.
After installing an IBM Lotus Sametime Gateway server on IBM AIX, Linux, Sun
Solaris, or Microsoft Windows, register it with the Lotus Sametime System Console,
so you can manage all of the Lotus Sametime servers from a central location.
Before you register the server, verify that you have completed the following tasks,
which are described in the Installing on AIX, Linux, Solaris, and Windows section
of this information center.
v The Lotus Sametime System Console must be started.
v The LDAP server must be connected to the System Console and must be started.
v The Gateway database must be connected to the System Console and must be
started.
v The Community Server that the Gateway server connects to must already be
registered with the Console and must be started.
Working from the server that you want to connect to the console, follow these
steps to update properties files and run the registration utility.
During this task you will edit the following files; click the topic titles below to see
details on each file. Use Ctrl+Click to open the topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. On the Lotus Sametime Gateway server, navigate to the stgw_server_root/IBM/
WebSphere/STgateway/console directory.
2. Make backup copies (using different names) of the console.properties and
productConfig.properties files.
After you complete your IBM Lotus Sametime Gateway installation, you can
optionally modify some network configuration settings.
Outgoing SIP messages include a ″Contact″ field, which is used as the return
address for opening a new connection back to the sender. By default, the ″Contact″
Use the name you specified as the host name when you installed this Lotus
Sametime Gateway server.
7. Click SIP_DEFAULTHOST_SECURE.
8. In the Host field, type the WebSphere Application Server installation’s host
name address, and then click OK.
Specify a fully qualified domain name in this field; for example:
server1.acme.com
Use the name you specified as the host name when you installed this Lotus
Sametime Gateway server.
9. Restart the Lotus Sametime Gateway server.
This optional procedure describes how to you can simulate a Network Address
Translator (NAT) to provide additional security by using two Network Interface
Cards (NICs), one for an internal IP address facing the Sametime community
server, and the other for an external IP address facing the Internet. This procedure
applies to standalone Sametime Gateway deployments only. If you use this
configuration, you must update the default host using the Integrated Solutions
Console.
The procedure applies to single server installations only. If you have a cluster of
Sametime Gateway servers, and you want to set up two Network Interface Cards,
install the NICs on the proxy server node in the cluster. The proxy server node is
smart enough to handle incoming and outgoing addresses on two different IP
addresses without additional configuration.
Before you begin, upgrade existing Lotus Sametime Gateway servers to the current
release before you install new servers.
Except in the case of IBM i, the Lotus Sametime Gateway install wizard deploys
both WebSphere Application Server and the Lotus Sametime Gateway server
application in one installation.
Install the Deployment Manager on the same machine as the primary server, or on
a separate machine. The installation program also creates a non-SSL connection to
LDAP.
Expected state: The DB2 server is installed, the DB2 database has been created, and
DB2 is running.
You can install the Deployment Manager and the primary server on the same
machine, or each on its own machine. Additional nodes must be installed on their
own machines.
1. Log in as the Windows administrator on the server where you will install
Lotus Sametime Gateway.
2. Create two temporary file folders: \TMP\WASCD and \TMP\SametimeGateway.
3. From the installation media, copy the WebSphere Application Server
installation image part_number.exe to the folder \TMP\WASCD.
4. Open a command window and navigate to the folder \TMP\WASCD.
5. Extract all files to the temporary directory \TMP\WASCD. When you are done
extracting the files, you should have a \TMP\WASCD\ifpackage folder with WAS
and JDK folders inside the ifpackage folder.
6. Extract the files in Sametime Gateway installation image part_number.exe to
the \TMP\SametimeGateway folder.
7. Open a command window and type the following command:
v For wizard mode: install.bat
v For console mode: install.bat -console
Because your input will not be verified during installation, you should take
extra care when typing values.
Option Description
Node Logical name for the node. For example,
acmeDMNode.
Cell Every WebSphere Application Server is
created on a node inside a cell. A cell is a
collection of nodes for administration and
workload management. For example,
acmeDMCell.
Host name Fully qualified domain name name of the
machine on which you are installing
WebSphere Application Server. For example:
server1.acme.com
Note: If the server where you are installing
has multiple NICs/IPs/DNS names, or for
more information about considerations in
choosing a host name, read the section ″Host
name considerations″ in the WebSphere
Application Server information center topic,
Creating an application server profile.
14. Create a user ID and password for logging into the Integrated Solutions
Console, the administrative interface for managing Lotus Sametime Gateway.
The user ID must not exist in the LDAP directory. Passwords must not contain
accented characters or any of the following characters:
;*!?"/<>|+&'`[]%^
15. Click Next to see the default directory path where Lotus Sametime Gateway
will be installed. To change the location, click Browse and select a desired
location, or type a new path.
16. Click Next to enter properties required by DB2:
Option Description
Host name Fully qualified host name or TCP/IP
address of the database server.
17. Click Next to connect to an LDAP server at this time. The LDAP server must
be the same LDAP used by Lotus Sametime.
Option Description
Configure LDAP now Select if you want to set up a connection
between Sametime Gateway and LDAP that
does not need an SSL connection. You will
need to know the host name and port of the
LDAP server.
18. Select an LDAP host name from list of Registered host names and ports in
your domain, or select Other and enter a host name or IP address in the Host
name field. The default port number is 389. Click Next.
19. If anonymous access is successful to the LDAP host name, you may have the
option of continuing with anonymous access or changing the access to
authenticated access. If anonymous access is not permitted, you will not have
this option because you must supply a bind distinguished name and
password.
Option Description
Anonymous access Select this option if you don’t need
authenticated access to the LDAP server.
Lotus Sametime Gateway only requires
anonymous access to an LDAP server.
Authenticated access Select this option if your LDAP server
requires authenticated access. You must
provide an authentication identity, including
a bind distinguished name and password
from the LDAP administrator.
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
Complete these steps to install the Deployment Manager server on AIX, Linux, or
Solaris. Install the Deployment Manager on the same machine as the primary
server, or on its own machine. The installation program also creates a non-SSL
connection to LDAP.
Expected state: DB2 or the DBMS Administration Client is installed. The DB2
database is created and DB2 is running.
Note that there are special naming rules for each node and cell that are part of a
cluster. When installing each node, the node name and the cell name must be
unique across all machines. No two nodes can have the same cell name. Later, when
you federate each node into the cluster, the cell name is automatically changed to
the Deployment Manager’s cell name.
When you are done extracting the files, you should have a
/TMP/WASCD/ifpackage folder with WAS and JDK folders inside the ifpackage
folder.
7. From the installation media, copy the Sametime Gateway installation image
part_number.tar to the /TMP folder.
8. Unzip the files in part_number.tar. This step creates the folder
/TMP/SametimeGateway.
9. In the DB2 profile window, navigate to the /TMP/SametimeGateway directory,
and execute the following command:
v . /install.sh (wizard installation)
v . /install.sh -console (console installation)
Because your input will not be verified during installation, you should take
extra care when typing values.
10. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
11. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
appropriate radio button option to accept the terms if you agree with the
statement and click Next to proceed with the installation.
12. Select Deployment Manager, and then click Next.
13. The WebSphere Application Server installation directory dialog is displayed.
Type the root to the path where you copied the WebSphere Application Server
installation files from the CD. This directory should contain the WAS and JDK
subdirectories. It is very important that you select the parent directory and not
the subdirectory. For example: use /TMP/WASCD/ifpackage but do not use
/TMP/WASCD/ifpackage/WAS or /TMP/WASCD/ifpackage/JDK.
14. Click Next to see the default directory path where WebSphere Application
Server will be installed is displayed. To change the installation location of
WebSphere Application Server, click Browse and select a desired location, or
type a new path.
15. Click Next to see node, cell, and host name profile information provided by
the installer. If the supplied information is okay, click Next.
16. Create a user ID and password for logging into the Integrated Solutions
Console, the administrative interface for managing Lotus Sametime Gateway.
The user ID must not exist in the LDAP directory. Passwords must not contain
accented characters or any of the following characters:
;*!?"/<>|+&'`[]%^
17. Click Next to see the default directory path where Lotus Sametime Gateway
will be installed. To change the location, click Browse and select a desired
location, or type a new path.
18. Click Next to enter properties required by DB2:
Option Description
Host name Fully qualified host name or TCP/IP
address of the database server.
Port Port number on the database server.
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
19. Click Next to connect to an LDAP server at this time. The LDAP server must
be the same LDAP used by Lotus Sametime.
20. Select an LDAP host name from list of Registered host names and ports in
your domain, or select Other and enter a host name or IP address in the Host
name field. The default port number is 389. Click Next.
21. If anonymous access is successful to the LDAP host name, you may have the
option of continuing with anonymous access or changing the access to
authenticated access. If anonymous access is not permitted, you will not have
this option because you must supply a bind distinguished name and
password.
Option Description
Anonymous access Select this option if you don’t need
authenticated access to the LDAP server.
Lotus Sametime Gateway only requires
anonymous access to an LDAP server.
Authenticated access Select this option if your LDAP server
requires authenticated access. You must
provide an authentication identity, including
a bind distinguished name and password
from the LDAP administrator.
22. Enter the Bind distinguished name (DN) and Bind password. The bind
distinguished name can be any user with read permission for the directory
server. The bind DN need not be the LDAP administrator. For example:
v Bind distinguished name:
uid=ldapadmin,cn=users,l=shipley,st=kansas,c=us,ou=acme,o=medical,DC=ACME,DC=COM
v Bind password:
C@pital1
23. Click Next. Choose a base distinguished name from the list of Suggested base
distinguished names in your LDAP or enter a base DN in the Base
distinguished name field. The base distinguished name indicates the starting
point for LDAP searches of the directory service. For example, for the bind
distinguished name given as an example in the previous step, you can specify
the base DN as: DC=ACME,DC=COM. For authorization purposes, this field is case
sensitive. Note that this panel is now shown if you are connecting to Domino
LDAP.
What to do next
Note: Do not start the server at this time (skip step 3 – restart the server – in the
steps below).
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
Install a primary node for a cluster. You can install the primary node and the
Deployment Manager on the same machine. Installing the primary node on the
same machine as the Deployment Manager provides the efficiency of multiple Java
Virtual Machines and takes advantage of a fast CPU. If you are installing the
primary node on the same machine with an existing Deployment Manager from a
previous release, upgrade the Deployment Manager to the present release before
installing the primary node.
Complete these steps to install the primary node of a Lotus Sametime Gateway
cluster on Windows. You can install both the primary node and Deployment
Manager on the same machine.
Expected state: DB2 or the DBMS Administration Client is installed. The DB2
database is created and DB2 is running. The Deployment Manager is installed and
running.
The following steps show the installation of a primary node on a separate machine
from the Deployment Manager. If you are installing the primary node on the same
system as the Deployment Manager, you do not have to copy the WebSphere
Application Server media to the server. Instead, the install program reuses the
shared binaries that are installed with the Deployment Manager.
1. Log in as the Windows administrator on the server where you will install
Lotus Sametime Gateway.
2. Complete the following substeps only if you are installing the primary node
on its own machine. If you plan to install the primary node on the same
machine as the Deployment manager, skip to step 3.
Because your input will not be verified during installation, you should take
extra care when typing values.
5. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
6. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
appropriate radio button option to accept the terms if you agree with the
statement and click Next to proceed with the installation.
7. Do one of the following
v If you are installing the primary node on the same computer as the
Deployment Manager, click Next, and then click Next again.
v If you are installing the primary node on a separate computer, select
Primary node, and then click Next.
8. Check the node name, cell name, and host name that are supplied by the
installer. Make sure that the cell and node names do not match the cell and
node names you used when installing the Deployment Manager. Choose a
unique node name and cell name for this installation. If the supplied
information is okay, click Next.
Option Description
Node The logical name for the node. For example,
acmeNodePrimary.
Cell A name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCellPrimary.
9. Type the administrative user ID and password used to log in to the Integrated
Solutions Console, the administrative interface for managing Lotus Sametime
Gateway. Use the same user ID and password that you created when you
installed the Deployment Manager. The user ID must not exist in the LDAP
directory.
10. Click Next to see the default directory path where Lotus Sametime Gateway
will be installed. To change the location, click Browse and select a desired
location, or type a new path.
11. Type the required information for the database as follows:
Option Description
Host name The fully qualified host name or TCP/IP
address of the database server.
Port The port number on the database server.
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
Schema user ID The ID for the user that has appropriate
permissions to create tables in the database.
You may need to get this information from
the database administrator. The schema user
ID is often the same as the application user
ID.
Schema password The password for the schema owner. You
may need to get this information from the
database administrator. The schema
password is often the same as the
application password.
12. Click Next to see the Lotus Sametime Gateway installation summary. You can
review the installation summary settings and, if necessary, click Back to make
changes.
13. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
Install the primary node of a Lotus Sametime Gateway cluster on Windows. You
can install both the primary node and Deployment Manager on the same machine.
Expected state: DB2 or the DBMS Administration Client is installed. The DB2
database is created and DB2 is running. The Deployment Manager is installed and
running.
The Lotus Sametime Gateway install wizard deploys both the WebSphere
Application Server and the Lotus Sametime Gateway server application in one
installation.
1. Log in as root on the server where you will install Lotus Sametime Gateway.
2. (Linux RHEL only) Disable SELinux on any RedHat operating system:
a. Open the /etc/selinux/config file for editing.
b. Locate the SELINUX setting.
c. Change its value to either disable or permissive.
d. Save and close the file.
e. Restart the Linux server.
3. If you are not installing the primary node on the Deployment Manager
machine, complete the following sub steps:
a. Create the temporary file folder /TMP/WASCD .
b. Open a command window and navigate to the folder /TMP/WASCD.
c. Extract all files to the temporary directory /TMP/WASCD. When you are done
extracting the files, you should have a /TMP/WASCD/ifpackage folder with
WAS and JDK folders inside the ifpackage folder.
d. Run the following command to extract the files:
gunzip -c part_number.tar.gz | tar -xvf -
When you are done extracting the files, you should have a
/TMP/WASCD/ifpackage folder with WAS and JDK folders inside the ifpackage
folder.
4. From the installation media, copy the Lotus Sametime Gateway installation
image part_number.tar to the temporary directory /TMP/SametimeGateway.
5. Extract the following file to the /TMP/SametimeGateway folder:
tar -xvf part_number.tar
6. Navigate to the temporary directory /TMP/SametimeGateway and type one of
the following commands:
v For wizard mode: ./install.sh
v For console mode: ./install.sh -console
Because your input will not be verified during installation, you should take
extra care when typing values.
Option Description
Node Logical name for the node. For example,
acmeNodePrimary.
Cell Name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCellPrimary.
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Note: If the server where you are installing
has multiple NICs/IPs/DNS names, or for
more information about considerations in
choosing a host name, read the section ″Host
name considerations″ in the WebSphere
Application Server information center topic,
Creating an application server profile.
Option Description
Host name Fully qualified host name or TCP/IP
address of the database server.
Port Port number on the database server.
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
Schema user ID The ID for the user that has appropriate
permissions to create tables in the database.
You may need to get this information from
the database administrator. The schema user
ID is often the same as the application user
ID.
Schema password The password for the schema owner. You
may need to get this information from the
database administrator. The schema
password is often the same as the
application password.
16. Click Next to see the Lotus Sametime Gateway installation summary. You can
review the installation summary settings and, if necessary, click Back to make
changes.
17. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating a successful installation.
18. Read the summary and click Finish. To view the installation log, click View
log file or open the log file at stgw_server_root/logs/installlog.txt
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
After you create the primary node you must add the primary node to the
Deployment Manager’s cell.
Add the primary node to the Deployment Manager’s cell. Adding the primary
node to the cell allows a central point of administration for the network
deployment by using the Deployment Manager’s Integrated Solutions Console. You
will not be able log into the primary node’s Integrated Solutions Console after this
step.
Federating the primary node into the cell on AIX, Linux, and Solaris:
Add the primary node to the Deployment Manager’s cell on AIX, Linux, or Solaris
platforms. Adding the primary node to the cell allows a central point of
administration for the network deployment by using the Deployment Manager’s
Integrated Solutions Console. You will not be able log into the primary node’s
Integrated Solutions Console after this step.
Port 8879 is the default port on which the Deployment Manager listens.
6. To verify that the primary node has joined the Deployment Manager’s cell, log
into the Integrated Solutions Console (http://localhost:9060/ibm/console)
using your administrative user ID and password and click Servers →
Application servers. Make sure you can see the primary node’s information.
If you already logged in, you must log out and then log in again before you
can see changes.
What happens when you federate the primary node into the cell?:
When you federate the primary node into the Deployment Manager’s cell, the
primary node’s original configuration is backed up. This means that you can
remove the primary node from the Deployment Manager at a later time, and you
can restore the profile configuration to the state it was in before federation.
The primary node’s scope changes to include the Deployment Manager’s cell.
Before federation, the scope of the RTCGWServer was:
cell:<PrimaryCell>/node:<PrimaryNode>/server:RTCGWServer
When you federate, the Integrated Solutions Console of the primary node is
disabled because you will be using the Integrated Solutions Console from the
Deployment Manager. The primary node inherits all the cell level configuration
data from the Deployment Manager. Any information you can see through the
Deployment Manager’s Integrated Solutions Console is now stored in XML on the
primary node, so it is accessible from any application. The applications that were
installed to RTCGWServer are now included on the RTCGWServer in the
Deployment Manager’s cell. If you attempt to federate another node that contains
these same applications, they are excluded.
When you federate the primary server into the cell, a single server of Sametime
Gateway can be managed by a Deployment Manager. You can actually run a real
environment and configure your Sametime communities just as you would in a
standalone server environment. What is lacking is failover and load balancing
capabilities. In order to add those features, you need to add a secondary node and
create a cluster in the later steps.
Note: In this release, a Lotus Sametime Gateway cluster can support only two
nodes.
Complete these steps to install a secondary node on Windows that will be part of a
cluster of Sametime Gateway servers.
A secondary node for the cluster must be installed on its own machine. A
secondary cannot be installed on the same machine as the primary server or the
Deployment Manager.
Because your input will not be verified during installation, you should take
extra care when typing values.
8. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
9. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
Option Description
Node Logical name for the node. For example,
acmeNode.
Cell Name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCell.
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Note: If the server where you are installing
has multiple NICs/IPs/DNS names, or for
more information about considerations in
choosing a host name, read the section ″Host
name considerations″ in the WebSphere
Application Server information center topic,
Creating an application server profile.
14. Create a user ID and password to log in to the Integrated Solutions Console,
the administrative interface for managing Lotus Sametime Gateway. Use the
same administrative user ID and password that you created when installing
the Deployment Manager and primary node. The user ID must not exist in the
LDAP directory. Passwords must not contain accented characters or any of the
following characters:
;*!?"/<>|+&'`[]%^
15. Click Next to see the default directory path where Lotus Sametime Gateway
will be installed. To change the location, click Browse and select a desired
location, or type a new path.
16. Click Next to enter database properties:
Option Description
Host name Fully qualified host name or TCP/IP
address of the database server.
17. Click Next to see the Lotus Sametime Gateway installation summary. You can
review the installation summary settings and, if necessary, click Back to make
changes.
18. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 minutes to complete. When the installation is complete, the
wizard displays a message indicating a successful installation.
19. Read the summary and click Install.
To view the installation log, click View log file or open the log file at
stgw_server_root\logs\installlog.txt\
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
Complete these steps to install a secondary node on AIX, Linux, or Solaris that will
be part of a cluster of Sametime Gateway servers.
A secondary node for the cluster must be installed on its own machine and cannot
be installed on the same machine as the primary server or the Deployment
Manager.
When you are finished extracting the files, you should have a
/TMP/WASCD/ifpackage folder with WAS and JDK folders inside the ifpackage
folder.
7. From the installation media, copy the Lotus Sametime Gateway installation
image part_number.tar to the temporary directory /TMP/SametimeGateway.
8. In the DB2 profile window, navigate to the temporary directory /TMP.
9. Unzip the following file to the /TMP/SametimeGateway folder:
unzip part_number.tar
10. Navigate to the folder /TMP/SametimeGateway and type one of the following
commands:
v For wizard mode: . /install.sh
v For console mode: . /install.sh -console
Because your input will not be verified during installation, you should take
extra care when typing values.
The Language Selection dialog is displayed.
11. Select the language to be used for the installation and click OK. The Lotus
Sametime Gateway Welcome screen is displayed.
12. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Please make sure to read the license agreement carefully.
13. Select the appropriate radio button option to accept the license agreement if
you agree with the statement and click Next to proceed with the installation.
If you accepted the terms, the Installation Type dialog is displayed.
14. Select Secondary node as the type of installation, and then click Next.
15. The WebSphere Application Server 6.1 installation directory dialog is
displayed. Type the root to the path where you copied the WebSphere
Application Server installation files from the CD. This directory should
contain the WAS and JDK subdirectories. It is very important that you select
the parent directory and not the subdirectory. For example: use
/TMP/WASCD/ifpackage but do not use /TMP/WASCD/ifpackage/WAS or
/TMP/WASCD/ifpackage/JDK.
16. Click Next to continue with the installation. The WebSphere Application
Server Location dialog is displayed. If you wish to change the location for the
installation of WebSphere Application Server, click Browse and select the
desired location.
17. Click Next to see node, cell, and host name profile information provided by
the installer. Make sure that the cell and node names do not match the cell
and node names that you used when installing the Deployment Manager or
the primary node, or any previously created secondary nodes. If the supplied
information is okay, click Next.
Option Description
Node Logical name for the node. For example,
acmeNode.
Cell Name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCell.
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Note: If the server where you are installing
has multiple NICs/IPs/DNS names, or for
more information about considerations in
choosing a host name, read the section ″Host
name considerations″ in the WebSphere
Application Server information center topic,
Creating an application server profile.
Option Description
Host name Fully qualified host name or TCP/IP
address of the database server.
Port Port number on the database server.
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
21. You can review the installation summary settings and if necessary click Back
to make changes.
22. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating the successful installation of the
Lotus Sametime Gateway and WebSphere Application Server products.
23. Read the summary and click Finish to complete the installation. Do not start
the server or first steps at this time.
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
In this release, a Lotus Sametime Gateway cluster can support only two nodes: one
Primary Node and one Secondary Node.
Add a secondary node to the Deployment Manager’s cell. Adding secondary nodes
to the cell allows a central point of administration for the network deployment by
using the Deployment Manager’s Integrated Solutions Console.
Where DM_hostname is the host name of the Deployment Manager server. For
example:
addNode.bat gateway_dm.acme.com 8879
5. When prompted, provide the Deployment Manager’s administrative user ID
and password. Wait for the operation to complete before proceeding. Look for a
success message similar to the following when complete:
Node Machine22NodeSecondary has been successfully federated.
Port 8879 is the default port on which the Deployment Manager listens.
6. For each additional secondary node, repeat the preceding steps.
7. Restart the Deployment Manager by typing the following commands. Wait for
the first command to finish before starting the Deployment Manager:
stopManager
startManager
What to do next
When you have finished installing and federating secondary nodes into the
Deployment manager, continue with the cluster configuration as instructed in the
topic, “Creating a cluster and proxy servers” on page 167.
Federating a secondary node on AIX, Linux, and Solaris into the cell:
Where DM_hostname is the host name of the Deployment Manager server. For
example:
./addNode.sh gateway_dm.acme.com 8879
5. When prompted, provide the Deployment Manager’s administrative user ID
and password. Wait for the operation to complete before proceeding. Look for a
success message similar to the following when complete:
Node Machine22NodeSecondary has been successfully federated.
What to do next
When you have finished installing and federating secondary nodes into the
Deployment manager, continue with the cluster configuration as instructed in the
topic, “Creating a cluster and proxy servers” on page 167.
Typically, a network deployment contains one node per physical computer. This is
not a requirement. Nodes are logical groupings of application servers, so you can
have more than one node installed on a physical system. For performance reasons,
most installations have only one cluster member per node, since each cluster
member creates its own JVM footprint.
In a network deployment, all nodes are federated into the deployment manager’s
cell. This allows the deployment manager to do its purpose in life- Manage the
Deployment. A Deployment Manager is nothing more than a node that is
responsible for administering a cell. In Lotus Sametime Gateway, the only things
configured on the Deployment Manager node are a few minor cell level attributes,
and the Lotus Sametime Gateway administrative portlet plugin extensions. Lotus
Sametime Gateway application files all run on the cluster member application
servers.
The primary node is basically the same thing as a standalone node installation,
minus a few cell level configurations that will be trumped by the Deployment
Manager’s configuration. The primary node contains all the applications and
WebSphere Application Server components that are required to run Lotus
Sametime Gateway. When you install a primary node, you create a server instance
called RTCGWServer. This server instance is cloned for use with all secondary
nodes across the cluster. There can only be one primary Lotus Sametime Gateway
node installed in any network deployment, because applications can only be added
to the cell from one node. In the Lotus Sametime Gateway network deployment,
the primary node also configures the database server.
The secondary nodes are WebSphere Application Server placeholders that can run
additional cluster members (servers created as clones of the primary server). When
you install a secondary node for Lotus Sametime Gateway, the installation creates a
node and default server instance, as well as some node level WebSphere
Application Server attributes such as data sources, WebSphere variables, and
shared library definitions. A network deployment of Lotus Sametime Gateway can
contain as many secondary nodes as your environment needs.
Create a Sametime Gateway cluster, install proxy servers, and then configure the
proxy servers to use the cluster. Set up node replication only if you need high
availability and failover, and then start the cluster.
Starting a cluster involves starting the Deployment Manager, starting the node
agents on all the nodes, and then starting the servers, including the proxy servers,
on each node.
Create a new cluster of IBM Lotus Lotus Sametime Gateway servers by running
the Cluster Configuration Wizard. If you are upgrading an existing Lotus
Sametime Gateway cluster, you must still complete this task because you removed
the cluster before upgrading the nodes.
Expected state: the Deployment Manager is running and nodes are stopped.
The instructions that follow describe steps for setting up a horizontal cluster, the
most common cluster configuration. The Primary Node already has the primary
server installed, so no additional server is needed on that computer. To add servers
to the horizontal cluster, create one cluster member for each secondary node
(computer).
Note: To run this program in console mode (instead of using the graphical
interface), add the -console argument to the command line; for example:
configwizard.bat -console
2. View the Welcome page and click Next.
3. For a Secondary Node, do the following:
a. Select the Secondary Node from the Node drop down list and type a
unique name in the Server Name field.
b. Click Add Member.
4. When you have finished adding the Secondary Nodes, click Next.
5. Type the Schema user ID and Schema password for the database
Use the Lotus Sametime System Console to connect to the Lotus Sametime Meeting
Server or Lotus Sametime Gateway database before installing the server from the
If you have not already opened the Connect to DB2 Databases activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary or use the setting
specified for the Administrative console secure port in the AboutThisProfile.txt
file. For the Sametime System Console Deployment Manager Profile
(STSCDmgrProfile), the file is located in the following path:
/QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDmgrProfile/logs/AboutThisProfile.txt
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Prerequisites → Connect to DB2 Databases.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This activity takes you through the steps for connecting to the Meeting Server or
Gateway database you created.
AIX, Linux, Solaris, Windows: Ensure that IBM DB2 has been installed and that
you have created the Sametime Meeting Server or Gateway database.
IBM i: Ensure that you have created the required database schemas and tables.
In the Connect to DB2 Databases portlet, verify that the Lotus Sametime System
Console database you created earlier is already displayed in the list of databases.
Follow these steps to connect to the Meeting Server or Gateway database. You
must do this before you can install the Meeting Server using the Sametime System
Console. If you installed the server without using the System Console (as is the
case with the Sametime Meeting Server on IBM i and Sametime Gateway on any
platform), do this step before registering the server with the System Console.
1. DB2 Configuration Guided Activity.
Chapter 3. Installing 169
Click Add to begin the guided activity that will connect your server to the DB2
database. If a connection already exists, you can optionally edit or delete it.
2. Add a new database.
a. In the Connect to DB2 Databases portlet, click Add.
If you want to edit or delete a database instead, then select one, and click
the appropriate button.
b. Enter the fully qualified host name of the DB2 server in the Host name
field.
Do not enter an IP address or a short host name.
c. The Port field shows the default port of 50000. Accept the default unless
you specified a different port during DB2 installation or your server is using
a different port.
Linux: The default is typically 50001, but will vary based on port
availability. Check the /etc/services file on the DB2 server to verify the
port number being used.
d. In the Database name, field, enter the name of the database you want to
connect to.
Meeting Server database
On AIX, Linux, Solaris, and Windows, the database name is STMS unless
you changed it.
On IBM i, the name is always STMS.
Gateway database
For AIX, Linux, Solaris, and Windows, the database name is STGWDB
unless you changed it.
For IBM i, use the name you specified when creating the database schemas.
e. In the Application user ID field, supply the DB2 application’s
administrative user name that you created when you installed DB2, such as
db2admin. This user has database administration authority and you will use
this user ID and password whenever you work with DB2 databases for
Lotus Sametime. On IBM i, this is the user profile you specified as the
owner of the Meeting Server database schemas in your copy of the
stms.default.response.properties file or the user profile you logged in with
when you created the Gateway database schemas.
f. In the Application password field, enter the password for the DB2
administrative user ID.
g. If you are connecting to a database on an IBM i server, click Hosted on
IBM i.
h. Click Finish.
SIP and XMPP proxy servers act as the initial point of entry for messages that flow
into and out of the enterprise. While you can install these proxy servers on an IBM
Lotus Sametime Gateway node, it is recommended that you install them on a
separate machine to isolate the proxy processing from the Lotus Sametime
Gateway cluster.
Expected state: DB2, LDAP, and Sametime Gateway servers are installed.
For network security, IBM recommends that you install the XMPP and SIP proxy
server node and the Sametime Gateway cluster in the network DMZ. Installing the
SIP proxy in the DMZ by itself is not a supported configuration because it places a
firewall device between that server and the Sametime Gateway cluster. All of these
components should be able to communicate freely which each other without
traversing through a firewall device.
Note: If you are upgrading from a previous version of Lotus Sametime Gateway,
you already have a SIP proxy server. If the SIP proxy server is on an existing
primary or secondary node, there is no need to upgrade the SIP proxy server.
However, if your SIP proxy server is installed on its own node, you must upgrade
WebSphere Application Server on that node to version 6.1.0.11. If you want your
cluster to be able to access Google Talk or other XMPP users, you must install an
XMPP proxy server.
The SIP and XMPP proxy servers are the first point of contact, after the firewall,
for messages that flow into and out your enterprise. Install the proxy servers for
both standalone or network deployment installations of Sametime Gateway. IBM
recommends that you install a SIP and XMPP proxy server on its own node.
The XMPP and SIP proxy server node installation creates a WebSphere Application
Server node with two application servers installed. One server is a generic SIP
proxy server provided by WebSphere Application Server, and the other is a
standard application server onto which is installed the XMPP proxy application.
The node does not function until it is federated into a Sametime Gateway cell.
Information on downloading packages for Lotus Sametime Gateway is located in
the Lotus Sametime Download document.
1. Create two temporary file folders: \TMP\WASCD and \TMP\SametimeGateway.
2. From the installation media, copy the WebSphere Application Server
installation image part_number.exe to the folder \TMP\WASCD.
3. Open a command window and navigate to the folder \TMP\WASCD.
4. Extract all files to the temporary directory \TMP\WASCD. When you are done
extracting the files, you should have a \TMP\WASCD\ifpackage folder with WAS
and JDK folders inside the ifpackage folder.
5. From the installation media, copy the Sametime Gateway installation image
part_number.exe to the \TMP folder.
6. Extract the files in part_number.exe to the \TMP\SametimeGateway folder.
7. Navigate to the\TMP\SametimeGateway folder.
8. Type the following command:
v For wizard mode: install.bat
v For console mode: install.bat -console
Because your input will not be verified during installation, you should take
extra care when typing values.
9. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
10. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
appropriate radio button option to accept the terms if you agree with the
statement and click Next to proceed with the installation.
11. If you are installing the proxy server on its own computer instead of on an
existing Sametime Gateway node, complete the following sub steps:
a. Select SIP and XMPP proxy servers, and then click Next.
b. The WebSphere Application Server 6.1 installation directory dialog is
displayed. Type the root to the path where you copied the WebSphere
Application Server installation files from the CD. This directory should
contain the WAS and JDK subdirectories. It is very important that you
select the parent directory and not the subdirectory. For example: use
\TMP\WASCD\ifpackage but do not use \TMP\WASCD\ifpackage\WAS or
\TMP\WASCD\ifpackage\JDK.
c. Click Next to continue with the installation. The WebSphere Application
Server Location dialog is displayed. If you wish to change the location for
the installation of WebSphere Application Server, click Browse and select
the desired location.
12. If you are installing the proxy servers on an existing Sametime Gateway node,
the installation wizard recognizes that an instance of Sametime Gateway is on
the same machine. The new installation for the proxy servers adds a profile to
WebSphere Application Server. Click Next.
13. Check the node name, cell name, and host name that are supplied by the
installer. Make sure that the cell and node names do not match the cell and
node names you used when installing the Deployment Manager. Choose a
unique node name and cell name for this installation. If the supplied
information is okay, click Next.
Option Description
Node Logical name for the node. For example,
acmeNodeProxy.
Cell Name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCellProxy.
14. Type the administrative user ID and password used to log in to the Integrated
Solutions Console, the administrative interface for managing Lotus Sametime
Gateway. Use the same user ID and password that you created when you
installed the Deployment Manager. The user ID must not exist in the LDAP
directory. Click Next.
15. If you are installing the proxy servers on their own machine, you now see the
default directory path where Lotus Sametime Gateway will be installed. To
change the location, click Browse and select a desired location, or type a new
path.
16. Click Next to see the Lotus Sametime Gateway installation summary. You can
review the installation summary settings and, if necessary, click Back to make
changes.
17. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating a successful installation.
18. Read the summary and click Finish. To view the installation log, click View
log file or open the log file at stgw_server_root\logs\installlog.txt
What to do next
Note: If you start the SIPProxyServer instance now and log into the Integrated
Solutions Console, you cannot view the SIPProxyServer instance. After you
federate the node in the next procedure, you will see the SIPProxyServer instance.
The SIP and XMPP proxy servers are the first point of contact, after the firewall,
for messages that flow into and out your enterprise. To set up a Sametime
Gateway deployment, install a SIP and XMPP proxy server on its own node.
When you are done extracting the files, you should have a
/TMP/WASCD/ifpackage folder with WAS and JDK folders inside the ifpackage
folder.
5. From the installation media, copy the Lotus Sametime Gateway installation
image part_number.tar to the temporary directory /TMP.
6. Unzip the following file:
unzip part_number.tar
16. Type the administrative user ID and password used to log in to the Integrated
Solutions Console, the administrative interface for managing Lotus Sametime
Gateway. Use the credentials that you created when you installed the
Deployment Manager. The user ID must not exist in the LDAP directory.
Passwords must not contain accented characters or any of the following
characters:
;*!?"/<>|+&'`[]%^
17. Click Next. If you are installing the proxy servers on their own machine, you
now see the default directory path where Lotus Sametime Gateway will be
installed. To change the location, click Browse and select a desired location, or
type a new path.
18. Click Next to see the Lotus Sametime Gateway installation summary. You can
review the installation summary settings and, if necessary, click Back to make
changes.
19. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating a successful installation.
20. Read the summary and click Finish. To view the installation log, click View
log file or open the log file at stgw_server_root/logs/installlog.txt
What to do next
Note: If you start the SIPProxyServer instance now and log into the Integrated
Solutions Console, you cannot view the SIPProxyServer instance. After you
federate the node in the next procedure, you will see the SIPProxyServer instance.
Proxy servers:
A proxy server acts as a surrogate for the Lotus Sametime Gateway servers within
the enterprise. The node that hosts the XMPP or SIP proxy server hosts the public
XMPP or SIP domain of the enterprise. The SIP proxy is capable of securing the
transport, using secure sockets layer (SSL), and the content, using various
authentication and authorization schemes.
After you set up a Lotus Sametime Gateway cluster and a SIP proxy server, you
can add external communities to Lotus Sametime Gateway. Lotus Sametime
Gateway prompts you for the relevant connection settings (host name, port
number, transport protocol), and then creates the SIP Uniform Resource Indicator
(URI). The SIP URI is sent to the SIP container in WebSphere Application Server
which sends it to the SIP proxy server to route the request to the appropriate
destination. There is no need to set the domain, host, port, or transport protocol in
the SIP proxy server as all this information is set in Lotus Sametime Gateway.
You can set up multiple proxy servers for load balancing, better Web response, and
high availability. WebSphere Application Server does not support the clustering of
SIP or XMPP proxy servers, but you can set up more than one proxy server in
front of an Lotus Sametime Gateway cluster. This configuration provides multiple
entry points into the Lotus Sametime Gateway cluster while providing workload
balancing. Multiple proxy server can be fronted by a simple IP sprayer, such as the
SIP Load Balancer component included in WebSphere Application Server that
handles IP spraying to multiple proxy servers. If a proxy server fails, the affinity is
to the container and not to the proxy itself so there is one less potential failure
along the message flow.
After you install the SIP and XMPP proxy server node, you must federate the node
into the Deployment Manager’s cell so that the proxy server becomes part of the
cluster.
To federate or add the proxy server node into the cell, you run the addnode
command on the proxy server node and specify the hostname of the Deployment
Manager.
1. Log into the proxy server node’s operating system.
2. IBM i only: On the command line, run the STRQSH (Start Qshell) command.
3. Synchronize the system clocks on the Deployment Manager and the proxy node
so that they are within five minutes of one another and are set for the same
time zone.
Federation fails if the clocks are not synchronized within five minutes of each
other.
4. On the proxy server node, open a command window and navigate to the
stgw_profile_root\bin directory.
Configure the Session Initiation Protocol (SIP) proxy server for a cluster of IBM
Lotus Sametime Gateway servers. There is no need to configure external domains
in the SIP proxy server; this is done through the Lotus Sametime Gateway
configuration.
Set up a cluster with at least one secondary node and install the SIP and XMPP
proxy servers on the same physical hardware as a Deployment Manager, primary
node, or secondary node, or install the proxy servers on separate hardware. The
SIP and XMPP installation creates a new profile for the SIP and XMPP proxy
servers.
After you finish setting up a SIP proxy server, you’ll have a port number. You
provide the port number in combination with the domain name of the node on
which the SIP proxy server runs to external servers to connect to your Lotus
Sametime Gateway.
Assigning the SIP proxy to work with the Lotus Sametime Gateway cluster:
Assign the SIP proxy server to function with the IBM Lotus Sametime Gateway
cluster.
1. In the Integrated Solutions Console, click Server Types → WebSphere proxy
servers.
2. In the ″WebSphere proxy servers″ page, click the SIPProxyServer link
corresponding to the proxy server you want to update.
3. Click SIP Proxy server settings → SIP Proxy settings.
4. From the drop down list, select the Lotus Lotus Sametime Gateway cluster.
5. Click OK then click Save, and then click OK again.
Configuring the SIP Proxy server to listen on ports 5060 and 5061:
Configure the IBM Lotus Sametime Gateway cluster’s SIP Proxy server to listen on
ports 5060 and 5061.
Public instant messaging providers require you to accept connections on ports 5060
and 5061, so you will need to confirm that the SIP Proxy server’s host name is
resolvable and is listening on these ports. If the cluster’s SIP Proxy server is
installed on a node that is already hosting Lotus Sametime Gateway, and the SIP
Proxy server is not already listening on ports 5060 and 5061, reconfigure the port
settings as follows:
1. Determine which ports the SIP Proxy server is currently listening on:
a. On the cluster’s Deployment Manager, log in to the Integrated Solutions
Console as the WebSphere administrator.
b. Click WebSphere proxy servers → SIPProxyServer → Ports.
c. Check the listening ports for the following names:
v PROXY_SIP_ADDRESS
v PROXY_SIPS_ADDRESS
If PROXY_SIP_ADDRESS listens on port 5060 and PROXY_SIPS_ADDRESS
listens on port 5061, you can skip the rest of this task. Otherwise, proceed to
the next step to change the port settings.
2. Determine whether any nodes share the IP address and host name with the SIP
Proxy server.
If another node shares the IP address and host name, change the default host
port settings for that node to avoid a conflict with the SIP Proxy server.
a. Still on the Deployment Manager, click System Administration → Nodes.
Create two custom properties for the new SIP Proxy server as follows:
The new properties will instruct the SIP Proxy server to return ″503 Service
Unavailable″ when the server is down, rather than the default error ″404 Page not
found.″
1. In the Integrated Solutions Console, click Servers → Proxy Servers →
your_new_SIP_proxy.
2. Click SIP Proxy server settings → SIP Proxy settings → Custom properties.
3. Click New, enter the following information, and then click OK.
Name lsnLookupFailureReasonPhrase
Value Service Unavailable
4. Click New, enter the following information, and then click OK.
Name lsnLookupFailureResponseCode
Value 503
5. Click Save.
Tune the JVM garbage collection policy for the SIP proxy server as follows:
1. In the Integrated Solutions Console, click Servers → Proxy Servers →
SIPProxyServer.
2. Perform the following instructions for each of the sip proxies in the list:
a. Select a proxy server by clicking it in the list.
b. Under Server Infrastructure, click Java and Process management → Process
Definition.
c. Under Additional Properties, click Java Virtual Machine.
d. In the Initial Heap Size field, enter 600.
e. In the Maximum Heap Size field, enter 600.
f. In the Generic JVM arguments field, enter the following value as one
continuous line :
-Xmo60m -Xgcpolicy:gencon -Xgc:noAdaptiveTenure,tenureAge=8,
stdGlobalCompactToSatisfyAllocate -Xtgc:parallel
g. Click OK, and click Save to save changes to the master configuration.
Configuring the Gateway cluster and SIP proxy for a NAT environment:
Traversing a NAT environment is known issue in the SIP domain. There are several
ways to solve this issue, while some of them have been formed as IETF standard
(RPORT, STUN and ICE), others have been formed as proprietary solutions. So
what is the problem? Some of the SIP communication parameters contain the Fully
Qualified DNS Name (FQDN) or the IP address, and the port, but a SIP device
deployed in a NAT environment does not know how it will be seen from the
internet because the NAT device translates the IP address. The SIP message will
contain IP address and port – which are not accessible from the internet. There are
several paradigms to solve this issue:
v SIP Friendly NAT device – NAT devices that can analyze a SIP message and
then replace the IP address and ports listed inside of it. This solution does not
support encrypted SIP communication such as TLS.
v IETF Standard – a method using a standardized protocol such as RPORT, STUN,
or ICE.
Currently, the IBM WebSphere SIP infrastructure does not provide a solution to
this problem because it does not support any of the IETF standards. Therefore, any
SIP application deployed on WebSphere has to develop its own solution. The
solution provided here assumes that you have the following elements in your
deployment:
v A clustered environment, with one ore more clustered servers.
v A SIP proxy server federated to the cluster.
v All cluster members (including the SIP proxy server) are deployed within the
same subnet.
v A static NAT is defined in the NAT or firewall; the public IP address should be
mapped to the SIP proxy server’s internal IP address.
The following diagram illustrates the NAT environment that this solution was
designed for:
Configure the XMPP proxy server to allow Google Talk, and other XMPP-based
instant messaging systems to flow to and from the Sametime Gateway.
Expected state: the SIP and XMPP proxy server node is installed and federated into
the cell. A Sametime cluster has been installed. The Deployment Manager is
started.
1. On the Deployment Manager node, log into the Integrated Solutions Console.
2. Click Servers → Application Servers and select the XMPPProxyServer from
the list.
3. Click Ports.
4. Click New to add a port.
5. Select User-defined Port .
6. Type XMPP_INTERNAL_PORT in the Specify port name field.
7. In the Host name field, type the IP address of the machine on which
XMPPProxyServer is installed.
8. In the Port field, type 5271.
A note about ports:
v XMPP_INTERNAL_PORT is used for listening to traffic from the proxy
server.
If the XMPPProxy and XMPPServer are running on the same physical
computer, they will attempt to listen to the same default value of
XMPP_INTERNAL_PORT which is 5271. As a result, the proxy will listen to
the incoming connections from the server, and the server will listen to the
proxy. In order to break this endless loop, set XMPP_INTERNAL_PORT to
another value for the proxy (for example, 5272).
v XMPP_SERVER_ADDRESS port is used on the proxy server itself to listen
to traffic from an external community.
The XMPP_SERVER_ADDRESS port (5269) is unrelated to the ″port 5269″
value that appeared on the XMPP community page when you created the
Name Value
STGW_CLUSTER_NAME SametimeGatewayCluster
XMPP_PROXY_NODENAME XMPP proxy node name
XMPP_PROXY_SERVERNAME XMPPProxyServer
13. Click Apply and Save after you type each pair. When you are done, you will
have a table that looks something like this:
This optional procedure sets up node replication to provide high availability and
failover support for the cluster. If one member of the cluster goes down, other
nodes can continue to process the SIP request. Use this procedure only if you
require high availability and failover support.
Before you begin, you must install IBM Lotus Sametime Gateway on each node,
add the nodes to a cluster, and then start the cluster and the SIP proxy server.
Starting a cluster:
When starting a cluster for the first time, you must start the Deployment Manager,
node agents, and then all Lotus Sametime Gateway servers in the cluster.
Before begin these steps, you must install Lotus Sametime Gateway on each node,
federate the nodes into the cell, run the Cluster Configuration Wizard, and then set
up SIP and XMPP proxy servers for your cluster.
In the steps that follow, you start the Deployment Manager in a command window
so that you can log in to the Integrated Solutions Console and complete the
remaining steps. After the Deployment Manager is started, you can view the
Integrated Solutions Console pages. However, you cannot view the Lotus
This topic describes how to stop and start the Deployment Manager.
1. Log in to the Deployment Manager node as a user with administrative
privileges.
2. Open a command window (QShell session on IBM i) and navigate to the
stgw_profile_root\bin directory
3. Stop the Deployment Manager. Use the administrative user ID and password
that you created when you installed the Deployment Manager. Note that you
do not have to provide the username and password qualifiers in the command;
you can wait to be prompted and then enter your credentials. Type the
following commands:
AIX, Linux, and Solaris
./stopManager.sh -username username -password password
./startManager.sh
Windows
stopManager.bat -username username -password password
startManager.bat
IBM i
stopManager -username username -password password
startManager
Complete these steps to stop and start a cluster of Sametime Gateway servers from
the Integrated Solutions Console.
Expected state: the Deployment Manager, node agents, and all servers in the
cluster are started.
You must restart the cluster when you add, delete, or change a community.
1. Log into the Integrated Solutions Console (http://localhost:9060/ibm/console)
on the Deployment Manager server as a user with administrative privileges.
2. Click Servers → Clusters.
3. Select the Lotus Sametime Gateway cluster, and click Stop, and wait for the
cluster to stop.
4. Click Servers → Clusters.
This topic describes how to stop or start individual servers or nodes in a cluster.
1. Log into the Integrated Solutions Console (http://localhost:9060/ibm/console)
on the Deployment Manager server as a user with administrative privileges.
2. Click Servers → Application Servers .
3. If you want to stop a server, select the application server’s check box and click
Stop.
4. If you want to start a server, select the application server’s check box and click
Start.
Complete these steps to stop and start a single Sametime Gateway server in a
single server environment.
1. Log in to the server machine as a user with administrative privileges.
2. Open a command window and navigate to the Lotus Sametime Gateway
profile directory that contains binaries: stgw_profile_root\bin
3. Type the following command to stop the Sametime Gateway server. Note that
RTCGWServer is case-sensitive, and that on all the stopserver commands, you are
prompted to enter your administrative user ID and password that you created.
v Windows:
stopserver.bat RTCGWServer
v Linux, AIX, or Solaris:
./stopserver.sh RTCGWServer
v IBM i:
stopServer RTCGWServer
4. Type the following command to start Lotus Sametime Gateway.
v Windows:
startserver.bat RTCGWServer
v Linux, AIX, or Solaris:
./startserver.sh RTCGWServer
v IBM i:
startServer RTCGWServer
The XMPP and SIP proxy server node is different from other Sametime Gateway
node installation types in that it contains more than one server. Based on the type
of traffic you expect to have in your environment (SIP or XMPP), you can start or
stop the appropriate proxy server instance on the node. This removes the need to
define a proxy server for each type of protocol. If you require the XMPP proxy
functionality only, then start the XMPPProxyServer only. If you need SIP proxy
functionality only, then start the SIPProxyServer only. If you need both, start both.
Before you start the SIP and XMPP proxy servers, you must add nodes to the
cluster, create the cluster, set up a SIP and XMPP proxy server, and then start the
cluster.
1. On the Deployment Manager node, log in to the Integrated Solutions Console.
2. Choose Servers → Clusters.
3. Verify that the cluster status is Started (shown with a green arrow).
4. Click Servers → Proxy servers.
5. Select the SIP proxy server and click Start.
6. Choose Servers → Applications servers.
7. Select the XMPP proxy server and click Start.
After installing the IBM Lotus Sametime Gateway cluster on IBM AIX, Linux, Sun
Solaris, or Microsoft Windows, register it with the Lotus Sametime System Console,
so you can manage all of the Lotus Sametime servers from a central location.
Before you register the cluster, verify that you have completed the following tasks,
which are described in the Installing on AIX, Linux, Solaris, and Windows section
of this information center.
v The Lotus Sametime System Console must be started.
v The LDAP server must be connected to the System Console and must be started.
v The Gateway database must be connected to the System Console and must be
started.
v The Community Server that the Gateway server connects to must already be
registered with the Console and must be started.
Working from the cluster’s Deployment Manager, follow these steps to update
properties files and run the registration utility to register the cluster with the
System Console.
Note: Run this utility only on the Deployment Manager; do not register individual
nodes because they will be registered automatically during the cluster registration.
During this task you will edit the following files; click the topic titles below to see
details on each file. Use Ctrl+Click to open the topic in a new browser tab or
window so you can keep it open for reference:
c. Verify that the remaining settings are appropriate for the Deployment
Manager.
d. Save and close the file.
4. Update the Deployment Manager’s productConfig.properties file:
a. Open the file for editing.
b. Update the file with the following values:
Only the required values in this file are listed here:
Table 14. configProduct.properties settings for the Deployment Manager
DepName Provide a descriptive name for your deployment. It must
be a unique deployment name on the Lotus Sametime
System Console.
c. Verify that the remaining settings are appropriate for the Deployment
Manager.
d. Save and close the file.
5. Update the Primary Node’s productConfig.properties file on the Deployment
Manager server:
a. Navigate to the stgw_server_root/IBM/WebSphere/AppServer7/profiles/
DMProfile/config/cells/DMCell/nodes/PNnode directory.
b. Open the file for editing.
c. In the DepName setting, provide a descriptive name for the Primary Node
deployment; it must be a unique deployment name on the Lotus Sametime
System Console.
d. Verify that the remaining settings are appropriate for the Primary Node.
e. Save and close the file.
6. Update the Secondary Node’s productConfig.properties file on the
Deployment Manager server:
a. Navigate to the stgw_server_root/IBM/WebSphere/AppServer/profiles7/
DMProfile/config/cells/DMCell/nodes/SNnode directory.
b. Open the file for editing.
c. In the DepName setting, provide a descriptive name for the Secondary Node
deployment; it must be a unique deployment name on the Lotus Sametime
System Console.
d. Verify that the remaining settings are appropriate for the Secondary Node.
e. Save and close the file.
7. Run the registration utility:
a. Navigate back to the Deployment Manager’s profile: stgw_server_root/IBM/
WebSphere/STgateway/console.
b. Run the utility:
v AIX, Linux, Solaris: registerProduct.sh
v Windows: registerProduct.bat
c. When the utility prompts for the cluster’s name, type the name and press
Enter.
The utility registers the cluster, as well as each node, generating a log file called
ConsoleUtility.log and storing it in the console/logs directory. If the
registration is successful, a console.pid will also be generated.
8. Start the Lotus Sametime Gateway cluster, if it is not already running.
IBM Lotus Sametime Gateway can be installed silently using a response file. You
can either generate your own response file by installing using the install wizard, or
by editing the default response file that is provided.
A response file is a text file that contains all the options that would normally be
specified in the installation dialogs. Silent installation is useful in situations where
automation is desired.
To perform a silent installation, you have to create a new response file or edit the
existing response file that is included with the product. On the root of the Lotus
Sametime Gateway installation CD is a fully-documented response
file: installresponse.txt. Copy this file to the machine and edit it with values
appropriate for your environment, or complete the following steps to create a
response file based on a real installation.
1. From the installation media, copy and extract the files from the following Lotus
Sametime Gateway installation image to a temporary directory \TMP on the
machine where you will be installing Lotus Sametime Gateway:
C17KCML.exe
2. Open a command window.
3. Navigate to the directory where you copied and extracted the installation files:
\TMP\SametimeGateway
4. Record a response file by typing the following command. This will perform an
installation and generate a response file:
install.bat -options-record response_file
What to do next
Upon completion of the installation, control will return to the command window.
Validation or installation errors are logged to the installation log file.
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
IBM Lotus Sametime Gateway can be installed silently using a response file. You
can either generate your own response file by installing using the install wizard, or
by editing the default response file that is provided.
A response file is a text file that contains all the options that would normally be
specified in the installation dialogs. Silent installation is useful in situations where
automation is desired.
To perform a silent installation, you have to create a new response file or edit the
existing response file that is included with the product. On the root of the Lotus
Sametime Gateway installation CD is a fully-documented response file:
installresponse.txt. Copy this file to the machine and edit it with values
appropriate for your environment, or complete the following steps to create a
response file based on a real installation.
Note: The installation program installs both WebSphere Application Server and
Sametime Gateway.
1. From the installation media, copy and uncompress the following Lotus
Sametime Gateway installation image to a temporary directory /TMP on the
machine where you will be installing Lotus Sametime Gateway:
C17KBML.tar
2. Open a command window and type the following command to source the DB2
profile:
. /db2adminHomeDir/sqllib/db2profile
Note the period (.) and space before /db2adminHomeDir/sqllib/db2profile.
3. Navigate to the directory where you copied and extracted the installation files:
/TMP/SametimeGateway
4. Record a response file by typing the following command. This will perform an
installation and generate a response file:
./ install.sh -options-record response_file
What to do next
Upon completion of the installation, control will return to the command window.
Validation or installation errors are logged to the installation log file.
Note: Generating response files using the -options-record option puts clear text
passwords in the response file.
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
Troubleshooting installation:
These steps help you troubleshoot installation problems by describing how you can
use a different tables pace name for the database and how you can clean your
system of previous installations.
Many installation problems are caused when the installer cannot locate the
database or when installing a new instance of Sametime Gateway and a previous
installation has not been completely removed from the system. The following steps
describe how to use a different table space in the database or clean your system of
previous installations.
1. Open the installation log file at stgw_server_root\logs\installlog.txt
2. If log reports an error in finding the DB2 database, check to make sure you are
using the table space name USERSPACE1. Sametime Gateway expects USERSPACE1
by default. To install using a different table space name, use the following
command when you run the installer:
Where tableSpaceName is the name of the table space that you want the installer
to use.
3. To clean your system of previous installations, use the log to find the location
of the Install Shield Multiplatform (ISMP) database called the Vital Product
Database (VPD). For example, examine this log entry from Windows (formatted
to fit on the page):
(Nov 24, 2007 2:22:22 PM), stGwInstall,
com.ibm.rtc.gateway.install.CheckVPDRegistry, msg1,
using VPD registry at C:\Program Files\Common
Files\InstallShield\Universal\common\Gen2\_vpddb\vpd
The location of this registry varies from system to system. On windows, VPD is
usually found in the \Program Files\Common Files\InstallShield\Universal\
common\Gen2 folder. If a Sametime Gateway server is uninstalled, but an error
occurs and the product is not unregistered, the VPD shows that Sametime
Gateway is installed on the system. When a new installation is initiated, and a
previously installed Sametime Gateway server is detected, the installer prompts
you to upgrade or install a new version, or the installer forces you to install a
Deployment Manager server or a Primary Server on the same system. None of
these scenarios are desired because there are no Sametime Gateway servers
installed on the system.
4. Back up the Gen2 folder. Note that the VPD registry may be used by other
programs that are installed with InstallShield, so removing this registry may
interfere with other programs. It’s recommended that you do not remove the
Gen2 folder unless absolutely necessary.
5. Remove the original Gen2 folder.
6. If installing on Windows, delete the following left over files:
C:\Windows\.nifregistry
C:\Windows\vpd.properties
7. Start the installation again.
Follow these steps to download the update package and install the IBM Update
Installer, which is needed for installed software updates for WebSphere Application
Server.
1. Log in with the same user account used to install the Sametime software.
2. On the local system, create a directory to store the update files, such as
stwas_fixes.
3. Download the IBM Update Installer package if you have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
To perform these steps, you must have already installed the WebSphere
Application Server Update Installer.
Follow these steps to install the WebSphere Application Server software updates
required for Sametime 8.5 servers as outlined in the Technote on the IBM Support
Site.
http://www.ibm.com/support/docview.wss?rs=477&uid=swg21415822
System requirements for this release of the Lotus Sametime family of products is
maintained as an IBM Technote at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=swg27016451
1. Download the WebSphere Application Server updates package if you have not
already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers to the system
on which you are installing.
c. Extract the files to a local directory.
d. Verify that you have at least 1 GB of temporary space to run the
installation in your %TEMP% or /tmp directory.
2. Extract the updates to a local directory such as stwas_fixes.
3. Ensure that you stop all running processes as described in “Command
reference for starting and stopping servers” on page 232.
4. If you have not already launched the WebSphere Application Server Update
Installer, log in with the same user account used to install the Sametime
software, then navigate to the directory where you installed the Update
Installer and run the update program.
AIX, Linux, and Solaris
./update.sh
Windows
update.bat
5. The Welcome screen is displayed. Click Next.
6. Specify the location of the product that you want updated.
7. Accept the default to Install maintenance. Click Next.
8. At the prompt, enter the directory name containing the Sametime update
packages (for example, stwas_fixes). Click Next.
9. The system will automatically determine the appropriate maintenance
packages based on the version of the product that is installed. Click Next.
10. Before the installation, the Confirmation panel confirms which packages will
be installed. Click Next.
Results
To verify which updates have been installed, run the versionInfo command from
the app_server_root/bin directory.
Linux
Windows
The command creates a text file that lists all the WebSphere Application Server
updates that have been installed on the system.
Related tasks
“Installing the WebSphere Application Server Update Installer” on page 196
Use the WebSphere Application Server Update Installer to add required software
updates.
For example, these optional features are not installed by default; to make them
available to your users, you must either update existing clients or customize the
installation package for new clients.
v Microsoft Office Integration features
v E-mail Integration features
v Spell checker dictionaries
Note: Microsoft Office Integration features are available only for clients running on
Windows.
The administrator decides which features to make available to clients, and which
method to use for installing the client. The following sections explain the available
options in more detail.
IBM Lotus Sametime ships with optional client features that you can add to the
default client installations, including Microsoft Office Integration features on
Microsoft Windows clients, E-mail Integration Features, and Spell Checker
Dictionaries.
The install.xml is the installation manifest, which lists all features shipped with
IBM Lotus Sametime Connect. When you uncomment the optional features in the
list, they become part of the base client install package. You can edit the
install.xml file for installations from a CD, a downloadable image, or from a link
on the Sametime Welcome page.
Original
This example shows the default settings, in which six Microsoft Office Integration
features and two other optional features are commented out. The commented
section begins with <!-- and ends with -->
Note: The lines below have been formatted for readability because it is important
to move entire feature statements.
<!--
The following Sametime features are optional, and may be uncommented in order to be deployed.
<feature id="com.ibm.collaboration.realtime.exchange.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="315"
size="315" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.notes.connector.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="123"
size="123" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.notes.connector.standalone.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7" size="7"
action="install" shared="true" mergeaction="add" url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.sharepoint.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3833"
size="3833" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.smarttags.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="5685"
size="5685" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
Now the Microsoft Office Integration features have been moved outside of the
comment, so they will install automatically. The remaining optional features are
still commented out and will not be installed.
<feature id="com.ibm.collaboration.realtime.exchange.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="315"
size="315" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.sharepoint.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3833"
size="3833" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.smarttags.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="5685"
size="5685" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.standalone.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7"
size="7" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.toolbar.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="4302"
size="4302" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.webConfTab.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3048"
size="3048" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<!--
The following Sametime features are optional, and may be uncommented in order to be deployed.
<feature id="com.ibm.collaboration.realtime.notes.connector.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="123"
size="123" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.notes.connector.standalone.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7" size="7"
action="install" shared="true" mergeaction="add" url="${installer.root}"/>
-->
Editing the client installation package for use on the Sametime Welcome page:
IBM Lotus Sametime ships with optional client features that you can add to the
default client installations, including Microsoft Office Integration features on
Microsoft Windows clients, E-mail Integration Features, and Spell Checker
Dictionaries. You can customize the installation package and then create an archive
zip file that you post on your Sametime Welcome page for users to download.
Complete these tasks to create a customized install.xml file and post it for users
to download using a link on the Sametime Welcome page:
IBM Lotus Sametime ships with optional client features that you can add to the
default client installations, including Microsoft Office Integration features on
Microsoft Windows clients, E-mail Integration Features, and Spell Checker
Dictionaries. You can customize the installation package and then create an archive
zip file that you post on your Sametime Welcome page for users to download.
The install.xml is the installation manifest, which lists all features shipped with
IBM Lotus Sametime Connect. When you uncomment the optional features in the
list, they become part of the base client install package. You can edit the
install.xml file for installations from a CD, a downloadable image, or from a link
on the Sametime Welcome page.
This example shows the default settings, in which six Microsoft Office Integration
features and two other optional features are commented out. The commented
section begins with <!-- and ends with -->
Note: The lines below have been formatted for readability because it is important
to move entire feature statements.
<!--
The following Sametime features are optional, and may be uncommented in order to be deployed.
<feature id="com.ibm.collaboration.realtime.exchange.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="315"
size="315" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.notes.connector.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="123"
size="123" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.notes.connector.standalone.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7" size="7"
action="install" shared="true" mergeaction="add" url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.sharepoint.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3833"
size="3833" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.smarttags.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="5685"
size="5685" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.standalone.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7"
size="7" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.toolbar.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="4302"
size="4302" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.webConfTab.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3048"
size="3048" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
-->
Now the Microsoft Office Integration features have been moved outside of the
comment, so they will install automatically. The remaining optional features are
still commented out and will not be installed.
<feature id="com.ibm.collaboration.realtime.exchange.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="315"
size="315" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.sharepoint.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3833"
size="3833" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.smarttags.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="5685"
size="5685" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.standalone.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7"
size="7" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
Making the client installation package available from the Sametime Welcome page:
Perform the following steps to make the network client installer available for
installation from the Sametime Welcome page.
If you want to add any optional client features to the base install for all of your
users, see Enabling installation of optional client features such as Microsoft Office
Integration.
Note: If the Domino HTTP server has been configured to use SSL with a
self-signed test certificate, users will not be able to download the zip from the
Lotus Sametime Welcome page.
1. Copy the entire contents of the network-install directory from the Lotus
Sametime Connect Network Install Client CD or downloaded image to the
following location on the Sametime Community Server.
server_data_directory\domino\html\sametime\network-install
Note: There are placeholder files in the directory; you must replace them with
the real ones.
These are the default locations for the network-install directory:
Windows
c:\program files\lotus\domino\data\domino\html\sametime\network-install
AIX, Linux, and Solaris
/local/notesdata/domino/html/sametime/network-install
IBM i
There is no default data directory but the name may be similar to this:
/STserver/domino/html/sametime/network-install
2. (Optional) Set default preferences in the plugin_customization.ini file located
in the deploy directory:
v \network-install\install\deploy
3. Update the installer URL information.
a. Open the \domino\html\sametime\network-install\applet\
download.properties file in a text editor.
Editing the installation package for the Lotus Notes embedded client:
IBM Lotus Sametime ships with optional client features that you can add to the
default client installations, including Microsoft Office Integration features on
Microsoft Windows clients, E-mail Integration Features, and Spell Checker
Dictionaries. You can customize the installation package for the Lotus Sametime
client that is embedded in Lotus Notes on Microsoft Windows.
The install.addon.xml file is the installation manifest, which lists all features
shipped with the IBM Lotus Sametime embedded client for Lotus Notes. When
you uncomment the optional features in the list, they become part of the base
client install package.
Original
The set of optional features is enclosed in comment markers (all of the features are
within a single comment):
The first three optional features have been moved outside of the comment markers
and are now enabled for installation:
<feature id="com.ibm.rtc.meetings.embedded.feature"
version="8.5.0.20091027-1957" match="compatible" download-size="5"
size="5" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.rtc.meetings.feature"
version="8.5.0.20091027-1957" match="compatible" download-size="23446"
size="23446" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.rtc.web.utils.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="139"
size="139" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.collaboration.realtime.sslite.feature"
version="1.0.0" match="greaterOrEqual" download-size="0"
size="0" action="uninstall" shared="true"
The IBM Lotus Sametime client can be easily updated at any time after the initial
installation.
Three options are available for delivering updates to Sametime Connect client
users:
v Automatic Updates: Administrators can provision new or updated Sametime
features to their clients in a ″push″ mode so that all clients use the same set of
features. The push method enables the client to receive updates automatically
whenever he or she logs in to Sametime.
Note: The optional update feature is the recommended approach for any
updates that are not required. If the optional site is configured before the initial
client install, it provides a seamless initial install experience. A user installs the
client, and is presented with a prompt to select optional features at first log in. It
requires less communication and manual interaction than the manual update
method.
v Manual Updates: Administrators either distribute update sites (zip or jar files)
or post them to a Web server, and provide the users with instructions for
manually installing the updates using the tools in the connect client.
To set up your server so that client updates are installed automatically, specify the
″Sametime update site URL″ on each of your Sametime servers.
From the Lotus Sametime System Console, open the policies page and update each
of the appropriate policies:
1. Log in to the Sametime System Console, open that server’s Integrated Solutions
Console, select Sametime System Console, and then click Manage Policies →
Instant Messaging.
2. Locate the ″Sametime update site URL″ setting in the Instant Messaging section
of the policy.
3. Specify the URL for the update site where you will post required updates.
Updates of features from this site are required and will be installed
automatically; the client is not provided a choice. For Lotus Sametime 8.0
connect clients, you can specify more than one URL by separating them with
semi-colons or commas.
When the user logs in from the client, the client checks the Sametime update
site URL setting for the appropriate policy on the default Sametime server.
Note: If the URL has not been specified or the setting is not found, the client
will search the preferences.ini file located in the update plugin
(com.ibm.collaboration.realtime.update\preferences.ini) root directory for the
adminUpdatePolicyURL value. (The policy setting was not available prior to
Sametime 7.5.1.)
When the client logs in and connects to the specified update site, it silently
downloads all updated features it finds and installs them. Once installation is
complete, the user receives a textbox announcing that new updates have been
installed and that the user should restart the Sametime client. The user can
click the restart button or press a five-minute delay button. If the user is
involved in chats with other users, he or she can continue to delay restart for as
long as he wishes by continuing to press the restart button at five-minute
intervals. After the restart, the client checks again to see if there are more
updates, and if it finds none, the user is not interrupted again. This update
process takes place each time the user restarts his client and logs in.
From the Lotus Sametime System Console, open the policies page and update each
of the appropriate policies:
1. Log in to the Sametime System Console, open that server’s Integrated Solutions
Console, select Sametime System Console, and then click Manage Policies →
Instant Messaging.
2. Locate the ″Sametime optional add-on site URLs″ setting in the Instant
Messaging section of the policy.
3. Specify one or more URLs for update sites where you will post optional
updates.
When the user logs in from the client, the client checks the ″Sametime optional
add-on site URLs″ policy on the default Sametime server.
When the user logs in from the client, the client checks the ″Sametime optional
add-on site URLs″ policy on the default Sametime server.
Note: If the URL has not been specified or the setting is not found, the client
will search the preferences.ini file located in the update plugin
(com.ibm.collaboration.realtime.update\preferences.ini) root directory for the
optionalUpdatePolicyURL value. (The policy setting was not available prior to
Sametime 8.0.)
When the client logs in, it scans all of the optional update sites listed to find
any available updates that match the client configuration. If any updates are
found, the client displays a message alerting the user that updates are available
with an option to open the Update Manager (which is pre-populated with the
list of sites defined in the policy). The alert also allows the user to disable
further checking on startup. (This preference can also be set in the Contact List
preferences). From the Update Manager, the user can select which updates (if
any) they would like to install, then follow the instructions in the update
panels to accept the license(s) and complete the install. If any updates are
installed, the client will prompt the user to restart.
In Sametime Connect, the user can manually install updates by choosing Tools >
Plug-ins > Install plug-ins. The user can then:
1. Select Search for new features to install, and then click Next.
2. Add an update site:
v If remote, select Add Remote Location..., specify a name for the update site
and provide the URL for the site.
v If a local directory, select Add Folder Location..., and select the directory
where the update site exists.
v If a local archive, select Add Zip / Jar Location... and select the update site
archive.
For example, if you have access to the Standalone client install CD or
downloaded image, you can click New Archive Site.... Then navigate to the
optional-components directory and select optional-components-update-
site.zip.
3. Click OK to add the new update site, and then click Finish. After a short time,
the Update window appears
Users can install the IBM Lotus Sametime Connect client from the standalone client
installer CD or corresponding downloaded image on a Microsoft Windows client.
Follow these steps to install the Sametime Connect client on a Windows client.
1. If the Sametime Connect client is running, shut it down before attempting to
install the newer version.
2. Important: Make a back-up copy of the directory where the earlier version of
the client is installed, in case you need to revert to it.
3. Navigate to the root of the CD or downloaded image.
4. Double-click setup.exe to begin the installation.
If you have previous releases of the Connect client installed:
v Sametime Connect 7.5.x:
The default operation is to uninstall an existing client, but because the 8.5
client installs to a different directory, you can choose to retain the 7.5.x client
by running the new installation with a special flag, as follows:
setup.exe /v"STUNINSTALL75=0"
v Sametime Connect 8.0.x:
The 8.5 client installs to the same path as the 8.0.x client, you cannot retain
the older client when you install the 8.5 client; the new client will replace the
old client.
5. Enter the required information when prompted.
6. When the installation completes, launch the Sametime Connect client; by
default Sametime Connect is installed to C:\Program Files\IBM\Lotus\Sametime
Connect.
You can enable the silent installation of the IBM Lotus Sametime Connect Client on
Windows using two files that are provided on the client standalone installer CD
and the associated downloaded image.
Copy the setup.bat and the silentinstall.ini files from the root of the CD or
download, and then update them to tailor the installer to your requirements.
The batch file (setup.bat) contains several different commands that can be used to
perform different installation functions. Some of the commands are commented out
by default but can be uncommented and updated if the function is needed.
Detailed explanations are included in the setup.bat file.
v Uninstalling older, pre-7.5.x Sametime Connect clients
Three commands are provided to shutdown, uninstall, and cleanup an older,
pre-7.5.x installation of the connect client. These commands are commented-out
by default. If this functionality is needed, uncomment these lines and configure
the paths to the old Sametime install directory as needed for your environment.
v Several sample commands are provided for different methods of executing the
silent install.
– The first option executes the installer silently and uses a silentinstall.ini file to
preconfigure connection settings.
This is the default. If you choose to use one of the other methods, comment
out this command.
– The second option executes the installer silently and migrates the connection
settings from an existing, earlier (pre-7.5) version of Sametime.
This option does not use the silentinstall.ini file. If you choose to use this
method, uncomment this command.
– The third option executes the MSI version of the installer silently, using a
silentinstall.ini to preconfigure the connection settings. If you choose to use
this method, uncomment this command.
When network installation files are available, users can install Lotus Sametime
Connect from a Web browser on Windows.
1. (Optional) Set default preferences in the plugin_customization.ini file located
in the \network-install\install\deploy directory:
2. Using a Web browser, open the Sametime Welcome page on your Sametime
server.
For example, if the fully qualified host name of your Sametime server is
stserver.com, you open http://stserver.com/stcenter.nsf.
3. Click Download Lotus Sametime Connect 8.5 Client to display the ″Welcome
to the IBM Lotus Sametime Connect 8.5 Client Download Site″ page.
4. Click Install Now to begin the download and installation process.
Once all files have been downloaded, the actual client installer will start.
Follow the instructions in the installer and enter the required information to
complete the installation.
Tip: If there are problems running the network client installer applet, or if you
want to install at a later time, you can select Save from the Welcome page
instead. This shows you a downloads page where you can select the operating
system of the installer you wish to save and follow the instructions for
downloading the installer for later use.
Install the IBM Lotus Sametime embedded clients on a Lotus Notes client running
on Microsoft Windows.
The Lotus Sametime embedded client installs directly into the Lotus Notes
directory. If you have already installed a previous version of the embedded client,
it is upgraded to this new version.
1. Download the installation package for the Lotus Sametime embedded client if
you have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers to the system
on which you are installing.
c. Extract the files to a local directory.
d. Verify that you have at least 1 GB of temporary space to run the installation
in your %TEMP% or /tmp directory.
You can integrate Lotus Sametime with Microsoft Office to enable users to
collaborate directly within Office applications. You can additionally integrate Lotus
Sametime with the Office SharePoint Server to enable Lotus Sametime users to
communicate with Office SharePoint Server users from a SharePoint site.
Office integration
Integrating Lotus Sametime with Microsoft Office allows Lotus Sametime users to
collaborate directly within Office products by providing awareness and messaging
capabilities within each application. All users must be hosted on Lotus Sametime
servers.
The Office SharePoint feature requires only a Lotus Sametime client; other Office
Integration features need not be installed at all, or may be present in any
combination. Complete the tasks below according to the features you wish to
install. The client installation files or update site also need to be enabled to include
the Office Integration features.
Related tasks
“Enabling installation of optional client features such as Microsoft Office
Integration” on page 200
IBM Lotus Sametime ships with a number of optional client features that are not
included in the default installation package. You can add features to the
installation package for new client installs, as well as update already-installed
clients.
IBM Lotus Sametime with Microsoft Office allows you to collaborate, create
meetings, and chat with co-workers from Microsoft Office.
Complete the installation of Lotus Sametime servers and clients and install
Microsoft Office before beginning the Microsoft Office integration.
Lotus Sametime Integration with Microsoft Office offers the following features:
v Sametime Connect integrator for Microsoft Office
v Microsoft Outlook calendar availability
v Sametime Connect integrator for Microsoft Outlook
v Sametime meeting integrator for Microsoft Outlook
v Sametime Connect integrator for SharePoint
Note: When you install Office Integration, you do not have to close any Office,
Outlook, or Internet Explorer process, but Office Integration become available only
after you restart those programs.
The following should be performed after the installation of (or upgrade to) Lotus
Sametime Connect client on each machine.
Enabling SmartTags
Note: These are in addition to the Lotus Sametime menu items contributed to
Person Name (English) from Lotus Sametime 7.5.1.
v To enable SmartTags, select the Person (Lotus Sametime Recognizer) entry from
the AutoCorrect SmartTag dialog.
v The use of automatic hyperlinks in Office documents will interfere with the new
SmartTag’s ability to recognize e-mail addresses -- you can regain the SmartTag
function by disabling hyperlinks: Clear the ″Internet and network paths with
hyperlinks″ option in ″AutoFormat As You Type″ tab from the
Tools->Auto-Correct Options menu.
Known issues
v The Meeting Integrator feature can support Sametime meeting servers that
require SSL by modifying the syntax of the server name specified in the
Sametime Meeting properties: if SSL is required, include the protocol portion of
the server URL, for example ″https://sametime.mycompany.com″. The syntax
shown in the dialog example, ″sametime.mycompany.com″, is correct for servers
that are accessible by ordinary, non-SSL http.
v If the default e-mail fields read by the Outlook Toolbar are not the appropriate
fields for a customer’s enterprise, the Toolbar can be redirected to use other
fields instead by modifying the file CustomProperties.ini in the Sametime install
folder. The intent is that such modifications would be made by IT experts and
the ini file (text) be distributed to users. If this optional file is not present,
Toolbar uses its default field settings.
Limitations
v The local Outlook user e-mail address must be resolvable in Sametime for the
MyStatus button to properly display status.
v The Meeting Integrator feature is not included in a meeting request that begins
from Outlook’s ″Plan A Meeting″ dialog.
v In a meeting which includes a Sametime meeting, if the Sametime meeting
password is changed after the initial invitation is sent, then the message body
will show more than one password -- the most recent password assignment is
displayed last.
IBM Lotus Sametime Meeting Integrator allows you to use the Calendar feature
within Microsoft Office even though you do not have the Sametime Client
installed.
Note: When you install Office Integration, you do not need to close Microsoft
Outlook, but the Meeting Integrator becomes available only after you restart
Outlook.
Known issues
The Meeting Integrator feature can support Sametime meeting servers that require
SSL by modifying the syntax of the server name specified in the Sametime Meeting
properties: if SSL is required, include the protocol portion of the server URL, for
example ″https://sametime.mycompany.com″. The syntax shown in the dialog
example, ″sametime.mycompany.com″, is correct for servers that are accessible by
ordinary, non-SSL http.
Limitations
The Meeting Integrator feature is not included in a meeting request that begins
from Outlook’s ″Plan A Meeting″ dialog. In a meeting which includes a Sametime
meeting, if the Sametime meeting password is changed after the initial invitation is
sent, then the message body will show more than one password -- the most recent
password assignment is displayed last.
Install the SSL certificate on the client to use the Meeting Integrator successfully on
Sametime servers running on a secure connection. The Sametime Meeting Server
runs on a secure HTTPS connection by default.
If the Microsoft Office integration does not work properly in your IBM Lotus
Sametime deployment, you may need to adjust the Lotus Sametime server
configuration.
The Lotus Sametime Integrator for Microsoft Outlook (or “Outlook toolbar”) works
by asking Lotus Sametime to process an identifier phrase – in the Outlook case, the
phrase is an e-mail address. The key to getting full functionality from the Outlook
toolbar is to configure the Lotus Sametime server to resolve the e-mail ″phrases″
found by the toolbar.
The most common symptom of resolution problems is that the Target Contact
button is not updated to show the Lotus Sametime display name and status, but
instead continues to show an e-mail address, such as “jsmith@acme.com” or
“JSMITH” (a CN portion of an X.400 address). There will always be e-mails from
external parties that will remain unresolved, but addresses for Lotus Sametime
user should resolve.
Troubleshooting has four steps, described in more detail below: enable logging,
find the resolution request, check the phrase, and, if necessary, adjust the Lotus
Sametime server configuration.
Enabling Logging
Begin troubleshooting this problem by enabling the log files in the Lotus Sametime
client. As any new e-mail address is encountered, an XML message is sent from the
Outlook toolbar to the Lotus Sametime client for lookup processing. These
messages can be echoed into the client logs. The configuration information for a
Chapter 3. Installing 221
user is stored in a workspace under the user’s Documents and Settings folder,
under the path Documents and Settings\User\Application Data\Lotus\Sametime\
.config. The rcpinstall.properties file located here is processed on each launch
of the client.
Open this and add the following line to the end of the file:
com.ibm.collaboration.realtime.brokerbridge.level=FINE
On all subsequent launches, the XML traffic between the Lotus Sametime client
and the Office Integration features will be logged to the trace-log-N.xml files in
the Application Data\Lotus\Sametime\logs folder.
Once the trace log is opened, use the browser’s function to search for text in the
page and search for the phrase “liveNameResolve”. This XML message is the type
used by Outlook toolbar to request resolutions – because e-mail addresses map
uniquely to one person, the toolbar is using the lookup service which returns only
unique matches. Once the table row containing a liveNameResolve is found, the
target phrase is located in the lookupName section – this in turn is an array of one
or more phrases, in stringArray\data nodes. As a concrete example, an e-mail
within the STOIDEV enterprise from user John Doe might cause a
liveNameResolve like this one:
<?xml version="1.0" encoding="utf-8" ?>
<messageSet version="1.0" signed="false">
<liveNameResolve typeVersion="1.0">
<lookupNames valueType="stringArray"><stringArray length="1">
<data><!<CDATA<CN=John Doe,CN=Users,DC=stoidev,DC=com>>></data>
</stringArray> </lookupNames></liveNameResolve><signature /> </messageSet>
This example has been formatted for this page – it may appear as a single line in
the logs. So the e-mail address phrase here is CN=John
Doe,CN=Users,DC=stoidev,DC=com.
Note that in this example (from a real Exchange test set-up) this particular format
of the e-mail address is NOT ordinarily displayed to the Outlook user – instead,
the user sees “John Doe” or “jdoe@stoidev.com” displayed in Outlook documents
and dialogs.
A quick check for resolution results can be accomplished by starting the Lotus
Sametime client and clicking Add Contact. Then, paste the phrase from the
liveNameRequest (CN=John Doe,CN=Users,DC=stoidev,DC=com in this example) into
the User name field of the ″New Contact″ dialog box, and click Lookup. If the
Both the Lotus Sametime client and the Outlook toolbar (working within the Lotus
Sametime client), rely on the Lotus Sametime server to associate a particular
phrase with a user. No other communications to directories are in use – if the
Lotus Sametime server cannot establish the association, the Outlook toolbar can
only assume that none exists. However, the Lotus Sametime server has great
flexibility and can be directed to use any of the directory fields at its disposal
when doing this processing.
Authentication settings in the LDAP directory ensure that Sametime users can be
authenticated against entries. The first table entry, called ″Search filter to use when
resolving a user name to a distinguished name″, dictates the query that is used.
Notice that ″mail=%s″ is a recommended setting, and will be successful when the
ID phrase is the SMTP e-mail address ″ajones@acme.com″. For cases like the
example above, the default settings for many Exchange deployments will have this
address phrase, in its entirety, within an attribute called “legacyExchangeDN” – so
a query term “(legacyExchangeDN=%s)” would typically be added as an addition
to the “(mail=%s)” and others present in the filter string. Other cases could require
inspecting available directory attributes to find a suitable match.
One final detail is that the Lotus Sametime server, by default, will skip over
attribute values that are in LDAP canonical format as a single field, but it offers an
override – this override would be required in the legacyExchangeDN case, for
example. To establish the override behavior, edit the Lotus Sametime server’s
sametime.ini configuration file and add this line:
ST_DB_LDAP_ALLOW_SEARCH_ON_DN=1
to the section labeled [Directory]. If there is no such section already, create one by
appending the two lines at the end of the sametime.ini file:
[Directory]
ST_DB_LDAP_ALLOW_SEARCH_ON_DN=1
Integrating IBM Lotus Sametime with Microsoft Office SharePoint Server extends
collaboration capabilities by providing awareness and instant messaging between
Lotus Sametime users who are using an Office SharePoint site. System
administrators set up this feature by modifying template files on the Microsoft
Office SharePoint Server as described below. Users add these new capabilities by
using a customized install file to install the optional client feature called ″Sametime
Connect integrator for SharePoint.″
The user plugin called ″Sametime Connect integrator for SharePoint″ is the client
feature that responds to the server modifications described here. That feature can
be installed on the client at any time, but it will remain dormant until Internet
Explorer views a SharePoint Web page from a server that has been modified as
described in this topic. Likewise, the web pages from a modified server can be
viewed from any client, but the extended functions will only be available on a
client that is running Lotus Sametime Connect and the integrator for SharePoint
plugin.
The Office SharePoint Server integration feature is an optional feature and is not
necessary for enabling integration with Office applications. On the client, the Lotus
Sametime Connect integrator for SharePoint plugin can be installed independently
of other Office Integration features.
Note: Microsoft Communicator must not be configured to run against the Office
SharePoint Server.
Setting up the SharePoint integration feature requires copying files to the Office
SharePoint Server, using them to modify template files, and then restarting the
server, as described below.
The files that you copy to the Office SharePoint Server in this procedure are
available with the Lotus Sametime package. For details on downloading parts from
the kits, see the Sametime Download document at:
www.ibm.com/support/docview.wss?rs=477&uid=swg24017299
1. Copy the following files from the Lotus Sametime client packages to a
temporary location on the Office SharePoint Server:
These files are stored in the folder called sametimesharepoint:
v SharePointImages.zip
v EnsureIMNControl.js
v Copy the appropriate version of this file for your version of SharePoint:
– IMNGetStatusImage_SharePoint2003.js
– IMNGetStatusImage_SharePoint2007.js
2. Open the folder called Common Files\Microsoft Shared\web server
extensions\12\TEMPLATE.
When a Web page like the My Site page is loaded, the Lotus Sametime SharePoint
control will display a presence icon for names on the page that represent online
Lotus Sametime users (for example, a green square indicates a online user whose
status is Available). No icon appears when a name is unresolved or a user is
offline. Log in to the Sametime Connect client and navigate to a SharePoint site to
ensure that the presence icons are displaying correctly.
1. If online users are displaying appropriate Lotus Sametime presence icons,
integration is correctly configured and you have finished. Skip the remainder of
this topic.
2. If icons are missing, check for the following situations:
v Names on this page are missing icons entirely.You know that a particular
name should have a presence icon but only displays it when you mouse-over
the name.
In this case, the client control is loading and resolving the name, but the icon
update within the page is not complete. The most likely cause is incorrect
editing of the template files on the server; return to the previous topic and
verify that you made the changes properly.
v Names are missing icons and a mouse-over shows the control as a gray
″X″.
In this case, the client control is loading but is not receiving positive
resolutions for the person data being set by the page. Verify that the Lotus
Sametime Connect client is running and logged into the Lotus Sametime
server. If the problem persists, check the following topic, ″Troubleshooting
Office SharePoint integration″.
v A mouse-over does not show any change in the presence icon and does not
have a gray ″X″.
In this case, either:
– The optional Lotus Sametime Connect integrator for SharePoint feature
was not installed on the client. Install it now and repeat this procedure to
verify that integration is working correctly.
– the JavaScript™ library edits have not been applied on the server hosting
this Web page. Return to the previous topic and apply the template
changes directly on the Office SharePoint Server where the page being
tested is hosted.
If the Microsoft Office SharePoint integration does not work properly in your IBM
Lotus Sametime deployment, you may need to modify how Lotus Sametime
processes the identifier phrase being used by the Office SharePoint Server.
Enterprises where the Lotus Sametime server uses a different directory server are
workable, even in cases where Lotus Sametime is configured to use IBM Lotus
Domino and Office SharePoint is configured to use Active Directory. The key to the
functionality is the concept of Lotus Sametime ″resolving″ a phrase to match a
Lotus Sametime user. The Office SharePoint Server creates and delivers Web pages
to the local browser, and the live names on the page include JavaScript code that
initializes names with presence controls.
Ensuring that Lotus Sametime can resolve an Office SharePoint server phrase
In Office SharePoint 2007, the function that provides a Lotus Sametime user name
with a presence icon is called IMNRC. This function will appear in the page source
wherever Office SharePoint intends to place a presence icon. The IMNRC function
is passed an identifier phrase, typically an SMTP-format e-mail address for the
user; so alongside the name ″Alice Jones″ will be a presence initializer like
IMNRC( ″ajones@acme.com″). The Lotus Sametime control that is loaded into the
browser will be passed this ID (the ″ajones@acme.com″ string).
The primary requirement for successful use of the Lotus Sametime SharePoint
integration is that the ID phrase be uniquely resolvable by the Lotus Sametime
server. Lotus Sametime does not require the Office SharePoint Server to use a
The first table entry, called ″Search filter to use when resolving a user name to a
distinguished name″, dictates the query that is used. Notice that ″mail=%s″ is a
recommended setting, and will be successful when the ID phrase is the SMTP
e-mail address ″ajones@acme.com″.
The Deployment Manager manages the Lotus Sametime System Console and all
Lotus Sametime Server cells.
Before starting Lotus Sametime Servers, the Deployment Manager must be running
for each cell.
Windows only: You can also use the Start - Programs menu to use the Start and
Stop menu commands.
1. In a command window, navigate to the app_server_root/profiles/
DeploymentManagerName/bin directory for the Deployment Manager you want
to start:
2. Run the following command to start and stop the Deployment Manager:
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
What to do next
Use the Start Programs menu in Microsoft Windows to start or stop any Sametime
servers running on WebSphere Application Server.
From the IBM WebSphere menu off the Start Programs menu, you can navigate to
the Start and Stop menu choices for a server.
1. Working on the server you want to start or stop, click Start → All Programs.
2. Click IBM WebSphere Application Server → Network Deployment V7.0 →
Profiles.
3. Select the profile for the server and click the appropriate Start or Stop menu
command.
Related tasks
“Automating Sametime Community Server shutdown on Windows” on page 240
Follow these instructions for the proper sequence of events for an automated
shutdown of a IBM Lotus Sametime Community Server on Windows.
Related reference
“Command reference for starting and stopping servers”
You may use a command window to start and stop Sametime components running
on WebSphere Application Server. To stop servers, you will supply the WebSphere
Application Server administrator password that was established when you
installed the server. Important: Verify that the Deployment Manager for the cell is
running before starting any server.
You may use a command window to start and stop Sametime components running
on WebSphere Application Server. To stop servers, you will supply the WebSphere
Application Server administrator password that was established when you
installed the server. Important: Verify that the Deployment Manager for the cell is
running before starting any server.
Table 18. Server command directories
Type Primary node Secondary node
Sametime System Console STSCAppProfile/bin STSCSNAppProfile/bin
Meeting Server STMAppProfile/bin STMSNAppProfile/bin
Proxy Server STPAppProfile/bin STPSNAppProfile/bin
Media Manager STMSAppProfile/bin STMSSNAppProfile/bin
Note: The Deployment Manager must be running for the cell before starting a
server. Also note that the server name is case sensitive.
Table 19. Start server commands for AIX, Linux, or Solaris
Type Commands
Sametime System Console ./startNode.sh
./startServer.sh STConsoleServer
Meeting Server ./startNode.sh
./startServer.sh STMeetingHttpProxy
./startServer.sh STMeetingServer
Proxy Server ./startNode.sh
./startServer.sh STProxyServer
Media Manager ./startNode.sh
./startServer.sh STMediaServer
./stopServer.sh STMeetingHttpProxy
Windows
The Start Programs menu is also a convenient way to start and stop Sametime
servers running on WebSphere Application Server.
Note: The Deployment Manager must be running for the cell before starting a
server. Also note that the server name is case sensitive.
startServer.bat STConsoleServer
Meeting Server startNode.bat
startServer.bat STMeetingHttpProxy
startServer.bat STMeetingServer
Proxy Server startNode.bat
startServer.bat STProxyServer
Media Manager startNode.bat
startServer.bat STMediaServer
stopServer.bat STMeetingHttpProxy
IBM i
Note: The Deployment Manager must be running for the cell before starting a
server. Also note that the server name is case sensitive.
Table 23. Start server commands for IBM i
Server Commands
Sametime System Console startNode
startServer STConsoleServer
startServer STMeetingHttpProxy
startServer STMeetingServer
Proxy Server startNode
startServer STProxyServer
Media Manager Not supported on IBM i
Related tasks
“Starting and stopping the Deployment Manager” on page 230
The Deployment Manager manages the Lotus Sametime System Console and all
Lotus Sametime Server cells.
“Starting and stopping WebSphere Application Servers on Windows” on page 232
Use the Start Programs menu in Microsoft Windows to start or stop any Sametime
servers running on WebSphere Application Server.
There are times when you will need to keep the Domino server running while
doing Sametime maintenance tasks. For example, you might need to shut down
Sametime services while you make configuration changes on the Sametime server,
but you need to leave the Domino server running so you can access Domino
databases on the server.
1. Open the Domino server console on the Sametime/Domino server.
2. In the Domino server console, choose one of the following actions:
To start the Sametime server from a Domino server that is already running,
type this command:
Load STADDIN
To stop the Sametime server without stopping the Domino server, type this
command:
Tell STADDIN Quit
Related concepts
“Considerations for AIX, Linux, and Solaris” on page 239
If you install IBM Lotus Sametime on an IBM AIX, Linux, or Sun Solaris server,
you should be aware of some special behaviors.
There are times when you will need to keep the Domino server running while
doing Sametime maintenance tasks. For example, you might need to shut down
Sametime services while you make configuration changes on the Sametime server,
but you need to leave the Domino server running so you can access Domino
databases on the server.
1. Open the Domino server console on the Sametime/Domino server.
2. In the Domino server console, choose one of the following actions:
To start the Sametime server from a Domino server that is already running,
type this command:
Load STADDIN
To stop the Sametime server without stopping the Domino server, type this
command:
Tell STADDIN Quit
Learn how to start and stop a Sametime Community Server running on AIX,
Linux, or Solaris.
IBM Lotus Sametime is installed on an IBM Lotus Domino server. Once you set up
the Lotus Domino server to launch Lotus Sametime automatically, then whenever
you start or stop the Domino server, you are starting and stopping the Lotus
Sametime server as well.
1. Log in to the system as the default Domino user. Make sure the default path
and environment are set correctly.
2. Start the Sametime server by issuing the following server command. Note that
starting the Sametime server might take a few minutes.
./ststart
3. The ″ststart″ script file sets some important environment variables before
launching the server executable (/opt/ibm/lotus/bin/server).
What to do next
Starting and stopping the Sametime server without starting and stopping
Domino
You can start and stop the Sametime server and keep the Domino server running.
For example, you might need to shut down Sametime services while you make
configuration changes on the Sametime server, but you need to leave the Domino
server running so you can access Domino databases on the server.
1. Open the Domino server console on the Sametime/Domino server.
2. In the Domino server console, choose one of the following actions:
a. To start the Sametime server from a Domino server that is already running
type this command:
Load STADDIN
b. To stop the Sametime server without stopping the Domino server type this
command:
Tell STADDIN Quit
Related concepts
“Considerations for AIX, Linux, and Solaris” on page 239
If you install IBM Lotus Sametime on an IBM AIX, Linux, or Sun Solaris server,
you should be aware of some special behaviors.
You can run Lotus Sametime as a background process on an IBM AIX server.
The operating system’s IBM Lotus Domino user actually runs the background
process, and must have permission to run the script and write files to the Domino
Data Directory.
To run the Sametime server as a background process, complete the following steps:
1. Open the ststart script located in the data directory, and copy the two sections
below into the .profile of the Domino user that will run Sametime as a
background process:
Note: The PATH environment variable cannot contain the /lotus/bin directory,
which defaults to /opt/lotus/bin.
2. Set up the Virtual Frame Buffer, and verify that it is running.
3. Set the DISPLAY environment variable to the host name:
DISPLAY=machine:1
export DISPLAY
4. From the command prompt, run the following command, which enables you to
manage the server only through the IBM Lotus Notes Administration Client:
nohup /opt/lotus/bin/server < /dev/null > /dev/null 2>&1 &
5. If you want to use text files for stin and stout, use the following:
a. Create the following script on the server:
#!/usr/bin/sh
DOMINO_PROGRAM_DIR=/opt/lotus
DOMINO_DATA_DIR=/local/notesdata
export DOMINO_PROGRAM_DIR
export DOMINO_DATA_DIR
cd $DOMINO_DATA_DIR
if [ -f st.in ] ; then
rm st.in
fi
if [ -f st.out ] ; then
mv st.out st.out.bak
fi
touch st.in
$DOMINO_PROGRAM_DIR/bin/server <st.in >st.out 2>&1 &
cd -
Note:
If /usr/bin/sh does not exist, change the path for sh at the top of the script.
If the default installation settings are not used, modify the
DOMINO_DATA_DIR and DOMINO_PROGRAM_DIR environment
variables at the top of the script.
b. Save the script on the AIX server.
c. Use the cd command to navigate to the folder where the script was saved.
d. Launch the script by typing:
./script_name
where script_name is the file name of the script.
Results
Once the server is running, you can interact with the server console by using the
Administrator Client Server console. Alternatively, you can view the console in a
telnet session by issuing the following commands:
> cd DOMINO_DATA_DIR
> tail -f st.out
where
DOMINO_DATA_DIR is be the value for the Domino Data directory; for example,
/local/notesdata,
and
If you install IBM Lotus Sametime on an IBM AIX, Linux, or Sun Solaris server,
you should be aware of some special behaviors.
v You must not have /opt/ibm/lotus/bin in your PATH, otherwise Sametime will
not function correctly.
v If you do not start Sametime from an XWindows environment, Save Annotations
will not function unless you set up a Virtual frame buffer.
v If you start Sametime from a telnet session, exiting the telnet session also
terminates the Domino Console and Sametime.
Follow these instructions for the proper sequence of events for an automated
shutdown of a IBM Lotus Sametime Community Server on Windows.
You can prevent these problems by creating your batch file with the proper
sequence of events for an automated shutdown of the Lotus Community Sametime
Server.
Note: If your site has changed the service names then adjust the commands
accordingly. These individual services might require several minutes to shut down
properly; this time is longer for high-volume servers. IBM recommends performing
these steps manually first to observe the time required for each shutdown. Insert
the appropriate wait sleep commands between the net stop commands when you
create your batch files.
Uninstalling
Before you can install a newer version of IBM Lotus Sametime, you must uninstall
the currently deployed version.
Follow these steps to remove the Sametime Community Server from the cluster
administered with the Sametime System Console.
1. Working on the server you want to remove from the cluster, navigate to the
InstallLocation/console directory for the Deployment Manager profile.
2. If this is the first time you have run a utility on this server, open
console.properties file and provide the System Console Host name, port, User
Name and Password. Also, you can specify the log level, which is not
mandatory.
3. Verify that the values in the productConfig.properties file are correct.
4. Run the utility from the console directory you used in Step 1.
AIX, Linux, Solaris
updateSTCluster.sh -remove
Windows
updateSTCluster.bat -remove
5. When you are prompted, enter the name of the cluster you are updating.
The utility removes the Sametime Community Server from the cluster and
generates the ConsoleUtility.log file. It also deletes the console.pid file from the
console directory.
Before uninstalling an IBM Lotus Sametime server that was clustered with an IBM
WebSphere Application Server network deployment, use the updateWASCluster
utility to remove the node from the cluster.
Removing a node from a cluster involves manually removing the nodes in the
Deployment Manager’s Integrated Solutions Console settings, verifying
configuration settings for the cluster, and then running a utility that updates
additional cluster settings to reflect the removal of the node.
1. Remove the node from the Deployment Manager:
SSCHostName Type the fully qualified host name of the Lotus Sametime
System Console server.
SSCHTTPPort Type the HTTP port used for the Lotus Sametime System
Console server if SSL is not enabled and the value for
SSCSSLEnabled is ″false.″
Results
This utility removes all nodes from the specified cluster’s settings and generates a
log file called ConsoleUtility.log, which it stores in the console/log directory.
This procedure works for the following Lotus Sametime servers: Community
Server, Proxy Server, and Meeting Server. A Sametime Community Server reverts
back to using legacy policies if you remove it from the console.
Leave the DB2 server running, but stop any Sametime servers that you plan to
uninstall. For instructions, see “Command reference for starting and stopping
servers” on page 232.
Run the installer on the Sametime server to see the Uninstall option.
1. Run the Installation Manager.
AIX, Linux, and Solaris
/opt/IBM/InstallationManager/eclipse/IBMIM
Results
When the uninstallation process is complete, the users and groups created during
install will be removed from the machine, but the home directories of the users
will remain. For more information about uninstalling DB2, see these topics in the
DB2 9.5 Information Center:
Manually removing DB2 and Sametime on AIX, Linux, Solaris, and Windows:
You can manually remove DB2 and Sametime components if either installation or
uninstallation processes do not complete successfully.
Stop the servers that you plan to uninstall. For instructions, see “Command
reference for starting and stopping servers” on page 232.
Follow these steps to remove DB2, Sametime, DB2 users, and data directories.
Follow all steps that apply to the software you installed on the machine.
1. Remove WebSphere Application Server services you created using the
wasservice command with the -remove switch.
2. Manually remove DB2 and the Install Manager from the operating system.
For example, on Windows, use the Control Panel, Add/Remove Programs
panel.
3. DB2 only: Manually remove db2users and groups created on the local server.
4. Remove these directories for DB2 and Installation Manager.
The directories below show the Windows path. They will differ on AIX, Linux,
and Solaris.
v c:\documents and settings\all users\application data\ibm\installation
manager
v c:\documents and settings\all users\application data\ibm\db2
v c:\documents and settings\all users\application data\ibm\db2history
v c:\documents and settings\db2admin
v c:\documents and settings\install user\application data\ibm\vshet
What to do next
For more information about uninstalling DB2, see these topics in the DB2 9.5
Information Center:
To uninstall IBM Lotus Sametime Community Server from an IBM Lotus Domino
server using the Sametime Community Server uninstall program, all Lotus
Sametime Community Server files that were added to the Lotus Domino
installation are removed with the exception of files that were created while running
Lotus Sametime Community Server. Updates that were made to the address books
(including person documents, server documents, and changes to the Access
Control List) are not removed.
Before you uninstall the Lotus Sametime Community Server, it is always good
practice to back up any important files.
To uninstall IBM Lotus Sametime Community Server from an IBM Lotus Domino
server using the Sametime Community Server uninstall program, all Lotus
Sametime Community Server files that were added to the Lotus Domino
installation are removed with the exception of files that were created while running
Lotus Sametime Community Server. Updates that were made to the address books
(including person documents, server documents, and changes to the Access
Control List) are not removed.
1. Stop the Domino (Sametime) server.
To remove an IBM Lotus Sametime Gateway server from the list of the Lotus
Sametime System Console’s managed servers, run the unregister utility on the
server. When you remove a server from the console, it can no longer be
administered from the console, but it does not have its own administration
interface. The only way to administer the server is by modifying configuration files
and the database directly. Because of these limitations, you should only unregister
the server if you are uninstalling, or performing some other activity that requires
removal of the product from the console.
1. Working on the server you want to remove, navigate to the
InstallLocation/console directory.
2. If this is the first time you have run a utility on this server, open
theconsole.properties file and provide the System Console Host name, port,
User Name and Password. Also you can specify the log level, which is not
mandatory.
3. Verify that the values in the productConfig.properties file are correct.
4. Unregister the server by running the following command:
v AIX, Linux, Solaris: unregisterWASProduct.sh
v Windows: unregisterWASProduct.bat
5. If you want to uninstall Lotus Sametime Gateway from the server, run the
following command:
v AIX, Linux, Solaris: unregisterWASProduct.sh -uninstall
v Windows: unregisterWASProduct.bat -uninstall
Results
The utility unregisters the server and generates the ConsoleUtility.log file,
storing it in the console/logs. If the unregistration is successful, the utility deletes
the console.pid file from the console directory.
This topic explains how to uninstall Lotus Sametime Gateway on Windows for a
single server or cluster.
Note: WebSphere Application Server, the Sametime Gateway Profile, and Sametime
Gateway must be uninstalled before installing anew. If all components are not
removed, the VPD registry may determine that Sametime Gateway is still installed
and believe that you are trying to install a second instance of Sametime Gateway.
1. Shut down any servers that are running, including the Deployment Manager
and node agents if you have a cluster.
2. Open a command window and navigate to the following directory:
stgw_server_root/_uninst
3. Type the appropriate command to start the uninstall program:
v For GUI mode, type uninstaller.exe
v For console mode, type uninstaller.exe -console
4. Select the language you wish to use for the uninstall procedure and click OK.
The Welcome screen is displayed.
5. Click Next to proceed. The Lotus Sametime Gateway features screen is
displayed.
6. Select the check box for all available components/features and click Next. The
Uninstall summary screen is displayed.
7. Click Uninstall to begin the procedure. The progress is displayed on the
screen.
8. When the uninstall is complete, read the summary information and click
Finish to exit the wizard.
9. Remove all Lotus Sametime Gateway install folders from your computer.
10. If you are uninstalling a cluster of servers, repeat the preceding steps on each
node, running the uninstall utility as you would on a single server
deployment.
This topic explains how to uninstall a single server or cluster of IBM Lotus
Sametime Gateway servers on AIX, Linux, and Solaris operating systems.
Note: WebSphere Application Server, the Sametime Gateway Profile, and Sametime
Gateway must be uninstalled before installing anew. If all components are not
removed, the VPD registry may determine that Sametime Gateway is still installed
and believe that you are trying to install a second instance of Sametime Gateway.
1. Shut down any servers that are running, including the Deployment Manager
and node agents on each node.
If after an attempted Sametime install or uninstall, you have many files and folders
left in app_server_root/profiles/profile_name or app_server_root/bin, run the
WebSphere Application Server uninstall program to remove the rest of the files.
Remove WebSphere Application Server only if it is not in use by any other server
on the system.
Stop all java processes. Then follow the steps in the WebSphere Application Server
7 Information Center for your platform to remove unneeded WebSphere
Application Server software from the system.
Installing on IBM i
Install and configure prerequisites, then install IBM Lotus Sametime servers and
complete basic server configuration.
Decide on which system you will install the Sametime System Console, the
Sametime Meeting Server, the Sametime Gateway Server, and their databases. On
IBM i, they can all be on the same system or different systems. However, if you
plan to install either the Sametime System Console or the Meeting Server on IBM i,
both servers and the databases must be on IBM i.
The Sametime System Console requires two database schemas with these specific
names: SSC and POLICY. The Meeting server requires these two database schemas:
MTG and POLICY. The servers share the POLICY schema. Typically, you will
create all of the schemas on the same system.
WRKLIB SSC
WRKLIB POLICY
WRKLIB MTG
If there is such a library and it was not created by Sametime, you must resolve the
conflict by removing or renaming the libraries. Alternatively, the schemas can be
created on a different IBM i system LPAR.
On the system where you plan to create the database schemas, create a user profile
to be the database owner. The profile that you create can have a user class of
*USER and does not require any special authorities
If you plan to create the schemas for the System Console and the Meeting Server
on the same system, use the same user profile for all of the schemas.
The IBM i security officer has the required authorities to install and set up Lotus
Sametime. If you are not the security officer, use the Display User Profile
(DSPUSRPRF) command to determine if your user profile has the required
authorities by following these steps.
1. Type the following IBM i command:
DSPUSRPRF user_id
2. Press the PAGE DOWN key and look for the special authority field to display
the special authorities for the user profile. Verify that you have the necessary
authorities for installing the Sametime software.
v All object access (*ALLOBJ)
v Security administration (*SECADM)
3. Verify that you have the necessary authorities to add the Sametime Community
Server to an IBM i Domino Server.
v All object access (*ALLOBJ)
v System configuration (*IOSYSCFG)
v Job control (*JOBCTL)
Results
If your user profile does not have the required authorities, either ask the security
officer to install and set up the Lotus Sametime server or add the required
authorities to your user profile.
Install and configure prerequisite applications, then install the IBM Lotus Sametime
System Console, which you will use for preparing for server installations and for
managing your Lotus Sametime deployment.
You should have completed the preparation steps in ″Preparing to install Lotus
Sametime on IBM i.″
Skip the first two steps if you are installing from physical media.
1. Download the installation package if you have not already done so.
You should have prepared the console installation file as described in ″Preparing
the console installation file on IBM i.″
On the IBM i system where you will install the Sametime System Console, follow
these steps to create the database schema and tables:
1. Log in with a user profile that has *ALLOBJ and *SECADM special authorities.
These authorities are required to create the database schemas. The database
schemas will be created on the system specified in your copy of the
ssc.default.response.properties file and owned by the user profile specified in
the file.
2. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
3. Run the cd shell command, specifying the fully qualified path to the installation
kit directory; for example:
cd /MySametimePackages/SametimeSystemConsole/IBMi/stii_ssc
For DVD:
cd /qopt/STCONSOLE/IBMi/stii_ssc/licenses
4. If the SSC schema does not already exist on the system, run the following shell
command to create the required database schemas and tables. The command
also creates the POLICY schema if it does not exist.
setupDB_ssc.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
5. When the script completes, press F3 to exit QSH.
Results
If the database schema creation was not successful, look at the script log for more
information about what occurred during the attempt. Fix the problem, then try
running the script again. The script log is stored in the following location.
/QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
ssc_dbsetupyyyymmdd_hhmm.log
For example, this log was created at 3:07 A.M. on December 15, 2009:
ssc_dbsetup_20091215_0307.log
Related tasks
“Preparing to install Lotus Sametime on IBM i” on page 249
Follow these steps to prepare IBM i for Lotus Sametime server installations.
If you intend to install from a downloaded image, you should have downloaded
the console server installation package. For all installations, you should have
completed the preparation steps. The database schemas required for the System
Console (SSC and POLICY) should already exist.
Follow these steps to install the Sametime System Console and WebSphere
Application Server.
1. Log in using a profile with *ALLOBJ and *SECADM special authorities.
2. Use the WRKSYSVAL command to check the setting for the QVFYOBJRST system
value and change it if necessary. The setting must be 3 or lower to install the
Sametime software.
3. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
4. Run the cd shell command, specifying the fully qualified path to the installation
kit directory; for example:
/MySametimePackages/SametimeSystemConsole/IBMi/stii_ssc
For installing from DVD:
cd /qopt/volume_ID/IBMi/stii_ssc
5. Start the Sametime System Console installation with the following shell
command:
install_ssc.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
When the script completes, a summary of the results is displayed. Make a note
of the URL for connecting to the Integrated Solutions Console. The ″Admin
port″ displayed is the port you must use when logging in to the system
console.
6. Press F3 to exit QSH.
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix the problem,
then try installing again. The installation logs are stored in the following location.
/QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
install_STCONSOLE_yyyymmdd_hhmm.log
For example, this log was created at 3:07 A.M. on December 15, 2009:
install_STCONSOLE_20091215_0307.log
If you install more than one Sametime server that uses WebSphere Application
Server on the same system, this task only needs to be done once. Following the
recommended installation sequence, the first server that uses WebSphere
Application Server is the Sametime System Console. Other servers that use
WebSphere Application Server are the Sametime Meeting Server, Sametime Proxy
Server, and Sametime Gateway.
1. Sign on to the system with a user profile that has *ALLOBJ special authority.
2. From any IBM i command line, run the following command (on one line):
CHGLICINF PRDID(5733W70) LICTRM(V7) FEATURE(5102) USGLMT(*NOMAX) THRESHOLD(*USGLMT)
Results
After you respond to the CPA9E1B message, you must respond to the same
message on the QSYSOPR message queue:
1. Run the DSPMSG QSYSOPR command to see the message in the QSYSOPR
message queue.
2. When the message is displayed, type G.
With the Lotus Sametime System Console started, follow these steps to log in.
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
Specify port 8700 for all platforms except IBM i.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary. To check the port, open
the AboutThisProfile.txt file for the Sametime System Console Deployment
Note: During the install process, WebSphere security is enabled. SSL is enabled
as part of the WebSphere security process and you will be directed to another
port which listens for https connections.
The WebSphere Application Server Integrated Solutions Console opens.
2. Enter the WebSphere Application Server User ID and password that you
created when you installed Lotus Sametime System Console.
The default name is wasadmin.
3. Click the Sametime System Console task to open it in the navigation tree.
What to do next
Start the LDAP server and the Lotus Sametime System Console if they are not
already running.
If you have not already opened the Connect to LDAP Servers activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified host name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
If you are prompted with a security exception, accept the certificate, and
continue.
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary. To check the port, open
the AboutThisProfile.txt file for the Sametime System Console Deployment
Manager Profile and use the setting specified for the ″Administrative console
secure port.″ For the default profile name (STSCDMgrProfile), the file is located
here: /QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDMgrProfile/logs/AboutThisProfile.txt
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
Connect IBM Lotus Sametime servers to the LDAP server. Once your Lotus
Sametime server connects to the LDAP server, it can search the LDAP directory
and authenticate Sametime users. If you have already connected Sametime to an
LDAP server, but now you want to edit or delete a connection, use this activity.
Note: If you are using Active Directory as the LDAP, a common attribute to use
for authentication is the saMAccountName attribute. When an Active Directory
LDAP is being used, WebSphere automatically maps uid to saMAccountName, so
saMACccountName should not be explicitly stated as an attribute. If you want to
use saMAccountName for any LDAP attribute field, you must specify uid. Specifying
saMACccountName as a login or search property causes installation to fail. You can
find more information in this TechNote: http://www-01.ibm.com/support/
docview.wss?uid=swg21253331.
1. Connect to LDAP server.
In Connect to LDAP servers, click Add.
If you want to edit or delete an LDAP connection instead, then click the
appropriate button. You can only edit or delete an LDAP connection if it has
not been used to install a product.
2. Bind to LDAP.
a. Click either Anonymous access or Authenticated access.
When a Lotus Sametime server connects to the LDAP server, this can be
done either anonymously or using credentials to authenticate with the
LDAP server. If you select Authenticated access, you will be prompted with
the Bind distinguished name (DN) and Password fields to enter this
information. If you select Anonymous access, these fields will be hidden as
they are not required.
b. Enter a Deployment Name for this LDAP connection. This is name you
provide to this LDAP connection for easy reference. It does not need to map
to any existing server name or value and is intended as an easy way to
identify this object when you reference it in the future.
Note: A dropdown list typically displays from which you select a base DN
that is detected by the guided activity; however, the list does not display
when Domino LDAP is being used. Additionally, Domino LDAP is the only
LDAP that uses a blank base DN, while WebSphere requires a base DN for
federating repositories. Since WebSphere does not let you federate an LDAP
directory with an empty base DN, it sets the base DN to C=US. The LDAP
repositories are listed by base DN after they are federated.
If your site uses single sign-on (SSO) for awareness, you must manually
modify the base DN in both the Lotus Sametime Community Server and
Lotus Sametime Meeting Server so they match. Update the Sametime
Community Server’s LDAP connections in the stconfig.nsf and da.nsf to
use the same base DN that the Sametime Meeting Server will be using:
C=US. The Sametime System Console does not overwrite any manual
changes that you make.
b. Optional: To specify the search filter and basic LDAP settings for person
and group entries, click Configure advanced LDAP settings.
c. Click Next.
4. Collect Person Settings. To search for a user name, a Sametime end user enters
a text string in the user interface of a Sametime client. This setting defines the
LDAP search filter responsible for selecting a user name from the LDAP
directory. The search filter matches the text string provided by the user to
information contained within the attributes of LDAP directory person entries.
c. Click Next.
c. Click Next.
6. Task Completion Summary.
Review the configuration details in the Task Completion Summary table, and
click Finish to connect to the LDAP server with this configuration, or click
Cancel to abandon this configuration and start over.
7. Restart the System Console Deployment Manager if you selected the Is used by
Sametime System Console?. This is necessary to complete the LDAP federation
process.
What to do next
Go to System Administration → Nodes. Select all the available nodes, and click
Synchronize. This ensures the LDAP changes are pushed to the nodes.
If you have never installed and set up a Lotus Domino server, it is strongly
recommended that you refer to the Lotus Domino documentation to get a full
understanding of how to install and set up a Domino server.
Your Lotus Sametime Community Server must be configured to use one or more
specific TCP/IP addresses so that it will not attempt to share TCP/IP ports with
any other HTTP servers on your system.
This section guides you through the process of verifying your TCP/IP
configuration, making changes if necessary to resolve conflicts between servers,
IBM Lotus Sametime provides a list of host table entries that are already defined
on your server.
IBM Lotus Sametime provides which TCP/IP addresses are currently being used
by your Domino servers.
Note: If you do not have any Domino servers configured on your system, you can
skip this section.
To determine which TCP/IP addresses are currently being used by your Domino
servers, follow these steps after verifying that you have started your Domino
servers.
1. From an IBM i command interface, sign on to your server.
2. Verify the current TCP/IP addresses for each Domino server by entering the
following command:
WRKDOMCSL servername
3. From the Domino Console display, type the following command and press
Enter:
sh port tcpip
4. Press F5 to refresh the screen.
v If the server is using only one TCP/IP address, you will see a specific
TCP/IP Local Address listed using port 1352. For example, 10.1.2.3:1352.
v If the server is using all active TCP/IP addresses, you will see *:1352
displayed as the Local Address rather than a particular TCP/IP address.
5. Record the results for each Domino server, as you will use this information
later.
If you did not need to assign additional TCP/IP addresses, you can skip this topic.
1. From any IBM i command line, type the following command and press Enter:
CFGTCP
2. Select option 1 to work with TCP/IP interfaces.
3. On the Work with TCP/IP Interfaces display, type a 1 in the Opt column and
press Enter to add a TCP/IP interface.
4. On the Add TCP/IP Interface display, enter the following information:
Field Description
5. Press Enter to add the new interface and return to the Work with TCP/IP
Interfaces display.
6. To start an interface, type a 9 beside it and press Enter.
Add an entry in the IBM i host table for your IBM Lotus Sametime server.
To add a host table entry for your Sametime server, follow these steps:
1. From any IBM i command line, type the following command and press Enter:
CFGTCP
2. Type 10 and press Enter to work with TCP/IP host table entries.
3. If one of the TCP/IP addresses that you selected is not listed in the Host Table,
follow these steps to add a new entry:
v Type a 1 in the Opt column next to the blank Internet Address and press
Enter to add a Host Table Entry.
v When the Add TCP/IP Host Table Entry display appears, enter the following
information:
Field Description
Internet Address Enter the TCP/IP address that you assigned
to the Domino server. For example, enter
10.1.2.4.
Host name Enter the fully qualified name of the
Domino server as the host name. For
example, enter stdom1.acme.com.
Note: Although you can add multiple host names for the same IP address,
make sure you list the fully qualified name for your Domino server first,
before any alternative short names.
v Press Enter to create the Host Table Entry.
4. Follow these steps to update an existing Host Table Entry:
Note: If the TCP/IP address you want to use is listed in the table, but the
corresponding Domino server is not listed as one of the possible host names for
that address, you must update the existing host table entry to include the
additional host name.
v Type a 2 in the Opt column next to the Internet Address and press Enter to
change the Host Table Entry.
Note: The fully qualified name of your Domino server must be listed first in
this table.
v Press Enter to update the host name. Press Enter again to change the Host
Table Entry.
Note: You can remove a host name for an Internet Address by following the
above steps to update the Host Table Entry and replacing the host name with
*BLANK.
If you defined any additional host names, work with your TCP/IP administrator to
ensure that the new host names are added to your Lotus Domain Name Server
(DNS).
If you have configured TCP/IP to search the DNS before searching the host table,
you may need to make additional changes in your configuration. Follow these
steps to check your TCP/IP Configuration Properties:
1. From any IBM i command line, type the following command and press Enter:
CFGTCP
2. On the Configure TCP/IP display, type 12 and press Enter to change the
TCP/IP domain information.
3. On the Change TCP/IP Domain (CHGTCPDMN) display, look for the ″Host
name search priority″ setting.
If the value is *REMOTE, either change this value to *LOCAL or verify with
your network administrator that the fully qualified host name is the first value
listed in the DNS for the IP address associated with your Sametime server. The
fully qualified host name must be listed before any short names in order for
your Sametime server to function correctly.
If the value of this field is *LOCAL, you do not need to take any further action.
You already ensured that the fully qualified host name was listed first in your
local host table in an earlier step.
CAUTION:
If you change the ″Search order″ you must stop and restart TCP/IP for the
change to take effect.
4. If your Lotus Sametime deployment will support IPv6 addressing, make sure
that the IPv6 address is mapped to the server’s host name. If you will support
both IPv4 and IPv6 addressing, then each format should be mapped to the host
name to ensure that connections of both types are enabled.
5. Press F3 to exit.
Even if you changed your server’s fully qualified host name by modifying the
server’s notes.ini file, the change may not have occurred in the server document.
This procedure updates both the server document and the notes.ini file.
1. Using a profile with the authorities listed in Chapter 1, end the Domino server,
if it is active, by typing the following command and pressing Enter:
ENDDOMSVR DOM1
where DOM1 is the name of the Domino server.
Your Lotus Sametime Community Server will use the Lotus Domino HTTP server.
It is possible that you may have already configured IBM HTTP Server for IBM i on
your system for other applications. If so, then you must verify that each instance of
the HTTP server is bound to a specific TCP/IP address. This will prevent it from
conflicting with your Lotus Sametime server.
To change the HTTP server settings using commands, follow these steps:
1. If the HTTP server is currently running, type the following command on any
IBM i command line and press Enter to end it:
ENDTCPSVR SERVER(*HTTP)
2. Start the HTTP Administration server by typing the following command and
pressing Enter:
STRTCPSVR SERVER(*HTTP) HTTPSVR(*ADMIN)
3. Open the IBM HTTP server configurations page.
v Start your Web browser.
v Enter the following URL:
http://mysystem:2001
where mysystem is the name of your system.
v Click IBM Web Administration for IBM i.
v Select the Manage tab.
v Select the HTTP Servers tab.
4. Select a configuration from the menu at the top of the screen, and complete the
following items for each configured instance of the HTTP server:
v From the list on the left pane, select General Server Configuration.
v In the right pane, find the IP address and port table in the section called
Server IP address and ports to listen on.
v If one of the rows in the table has an asterisk (*) in the IP Address column,
then the server is listening on all IP addresses. Select that row. Replace the
asterisk (*) with the IP address for this server and click Continue.
v When finished updating the server IP address table, click Apply to save your
changes.
5. When each instance of the HTTP server is configured to use a specific IP
address, restart the HTTP servers by typing the following command and
pressing Enter:
STRTCPSVR SERVER(*HTTP)
Before you can install the Lotus Sametime Community Server, you must have
already installed an IBM Lotus Domino server.
Display Description
Advanced Network Settings Click the check box associated with the IP
address for this server. Ensure that only one
check box is selected.
Related tasks
“Adding a Domino server to an existing Domino domain on IBM i”
You can install or add a Lotus Domino server into an existing Lotus Domino
domain.
You can install or add a Lotus Domino server into an existing Lotus Domino
domain.
1. Register the additional server for your normal operating environment. You
must specify the following settings during registration:
v Store the server ID file that is created during registration somewhere on the
system where you will configure the Sametime server. Record the path name;
you will need to specify it when you configure the Sametime server.
v Change the owner of the ID file to Qnotes by right-clicking the file in
iSeries® Navigator and selecting Permissions.
v Use the same network name as the first Lotus Domino server in the Lotus
Domino domain.
2. Launch the appropriate Domino wizard, depending on whether or not you
have already installed Domino:
v If you have not already installed Domino, launch the Domino InstallShield
Wizard from a Windows workstation by running the setup.exe file located
on the Domino product CD-ROM. Once you complete the installation, you
are given the option to launch the Domino Server Setup Wizard to configure
a Domino server.
v If you have already installed Domino, launch the Domino Server Setup
Wizard from a Windows workstation by running the domwzd.exe file located
on the Domino product CD-ROM.
3. Follow the instructions on each wizard display to complete the addition of the
new Domino server. Be sure to specify that you are configuring an additional
Domino server in an existing domain. If you need help with a particular
setting, click Help.
4. Configure the Domino server with the following settings:
Display Description
Advanced Network Settings Click the check box associated with the IP
address for this server. Ensure that only one
check box is selected.
Related tasks
“Installing a Domino server in a new domain on IBM i” on page 266
Follow these steps to set up a Lotus Domino server in a new Lotus Domino
domain.
To administer the Lotus Domino server, you must install and configure at least one
Microsoft Windows PC as the administration workstation.
Before you can install the Lotus Domino and Lotus Notes clients, you must have
installed and set up the Lotus Domino server.
Use the IBM Lotus Domino software that shipped with IBM Lotus Sametime to
install and configure the Lotus Domino Administrator and IBM Lotus Notes clients
on the administration workstation.
1. If you are installing from physical media, insert the Lotus Notes Client CD into
the PC you plan to use as the administrator’s workstation.
2. Start the installation wizard.
3. Follow the instructions on each panel of the Lotus Notes installation wizard,
selecting to install both the Lotus Domino Administrator and Lotus Notes
clients.
4. Copy the certifier ID and administrator ID files from the Domino data directory
of your Lotus Domino server to the Lotus Notes data directory of the
Administrator workstation. You can use File Transfer Protocol (FTP) or another
method, or you can let the initial communications between the server and
administration workstation copy the files for you automatically.
5. If necessary, start the Lotus Domino Server.
6. Open Lotus Notes.
7. Follow the instructions in the setup wizard to configure the Lotus Notes client.
If you have moved the certifier and administrator ID files to the PC you have
designated as your administration workstation, indicate the correct location
when asked. If you have not copied the ID files, simply provide the user
administrator name you specified during HTTP setup. You will be prompted
for the password for this ID. The ID files will be copied and stored on your
administration workstation for you automatically.
What to do next
When you have set up the Lotus Domino Administrator and Lotus Notes clients,
you are ready to begin preparing the Domino server for Lotus Sametime
installation
After installing the Lotus Domino server and before installing Lotus Sametime
Community Server, you should edit the Lotus Domino server document to make
sure the fields are completed as described below.
Fully qualified Internet host name This field is completed during the Domino
server install, and should contain the fully
qualified host name as known by the DNS
server.
Security tab
Run unrestricted methods and operations After you install the Sametime server, this
field should include these entries:
v The name of the server
v The name of the administrator
v Sametime Development/Lotus Notes
Companion Products
Note: If you have signed agents with an
additional signature, include that name here
as well.
Port TCPIP
Note: This must be typed exactly as shown
in all uppercase letters or you will not be
able to add Lotus Sametime to this server.
Protocol TCP
Anonymous Yes
Allow HTTP clients to browse databases Yes (enable) for portals, otherwise, not
necessary
Before installing IBM Lotus Sametime, verify that the IBM Lotus Domino server is
accessible from client workstations.
Test client access (using HTTP) to a Lotus Notes database hosted on your Lotus
Domino server.
Start a Web browser on the workstation and attempt to access names.nsf (or some
other convenient database) by entering the following address into the location bar:
If you have set names.nsf to be inaccessible from clients, test with a database that
clients can access.
http://hostname.yourco.com/names.nsf
If you can sign on using the server administrator ID and internet password to
view the contents of names.nsf, the Domino server is accessible and ready for
installation of Sametime.
Follow these steps to download the installation package for the Lotus Sametime
Community Server for IBM i. If you are installing from physical media, skip this
step.
Follow these steps to download the installation package and create save files.
1. Download the installation package for the Sametime Community Server if you
have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers.
c. On your workstation, run the downloaded .exe file to extract the following
files:
v A short Readme document
If you are installing IBM Lotus Sametime from physical media, it is highly
recommended that you display and accept the Lotus Sametime software
agreements before starting the installation.
If you do not pre-accept the software agreements, the installation process will
restore the product to the system, but then stop and wait for you to accept the
agreements before completing the installation. Skip this step if installing from a
downloaded image.
1. Insert the Lotus Sametime DVD into the optical drive of your system.
2. Enter the following command on an IBM i command line:
GO LICPGM
The Work with Licensed Programs display appears.
Note: In some unusual situations, the following message may be issued when
you attempt to display the Software Agreement:
Run the installation program on the machine where you plan to install a Lotus
Sametime Community Server.
You should have already installed Domino. If you intend to install from a
downloaded image, you should have downloaded the community server
installation package and created save files.
Use the IBM i command line to install the community server programs.
1. Log in using a profile with *ALLOBJ and *SECADM special authorities.
2. From the IBM i command line, run the appropriate command for installing
from a downloaded image or physical media.
Installing from a downloaded image
a. Use the RSTLICPGM command to install from the save files you created when
you downloaded the installation package.
This example uses the save files MYLIB/Q5724J23IM and MYLIB/Q5724J23WC.
(For Sametime Entry, the second RSTLICPGM command is not needed.)
RSTLICPGM LICPGM(5724J23) DEV(*SAVF) OPTION(*BASE) LNG(2924) SAVF(MYLIB/Q5724J23IM)
RSTLICPGM LICPGM(5724J23) DEV(*SAVF) OPTION(1) SAVF(MYLIB/Q5724J23WC)
b. When you are prompted to accept the Sametime software agreement, you
must accept it in order to continue.
Installing from physical media
Insert the Lotus Sametime disk in your system optical drive and use the LODRUN
command:LODRUN DEV(*OPT) DIR('/os400')
The system loads the Lotus Sametime programs to the appropriate libraries and
/QIBM directories. You will see status messages as the system installs the
software.
Related tasks
“Installing a Domino server in a new domain on IBM i” on page 266
Follow these steps to set up a Lotus Domino server in a new Lotus Domino
domain.
“Pre-accepting the Lotus Sametime software agreements on IBM i” on page 275
If you are installing IBM Lotus Sametime from physical media, it is highly
recommended that you display and accept the Lotus Sametime software
agreements before starting the installation.
“Verifying authority to install and set up Sametime on IBM i” on page 250
The administrator who installs and sets up IBM Lotus Sametime must sign on to
the system with a user profile that has the required authorities. Before installing,
verify that the user profile you plan to use has the required special authorities.
“Downloading Lotus Sametime files for installation” on page 24
IBM enables users to download IBM Lotus Sametime installation kits from the
Passport Advantage Web site.
While a single version of IBM Lotus Sametime supports multiple languages, the
Lotus Sametime language feature for the Sametime licensed program is packaged
using the English language feature code.
If the primary language of your system is not English, follow these steps to verify
that QSYS2924 is in your library list:
Chapter 3. Installing 277
Note: If the primary language of your system is English, you do not need to
modify your library list.
1. From an IBM i command line, type the following command and press Enter:
WRKSYSVAL QSYSLIBL
2. On the Work with System Values display, type a 2 next to QSYSLIBL and press
Enter.
3. On the Change System Value display, check whether QSYS2924 is included in
the list. If it is listed, press F3 to exit. If it is not listed, proceed to step 4.
4. Type QSYS2924 next to Sequence Number 0 and press Enter.
5. Press F3 to exit.
6. If you changed the library list, sign off the system and sign back on to activate
the new library list.
Field Description
Field Description
Bind distinguished name (DN) Enter the distinguished name of the LDAP
directory entry that the Sametime server will
use when binding to the LDAP directory.
This is an optional parameter. If not
specified, ensure the LDAP server is
configured appropriately for anonymous
access from a Sametime server.
6. In the HTTP Tunneling field, type either *YES or *NO and press Enter to
display additional parameters.
Note: This option enables Sametime clients that operate behind restrictive
firewalls to connect to the Sametime server and use the presence, chat,
screen-sharing, whiteboard, and broadcast features of Sametime.
7. Complete the following fields (you may need to press the Page Down key to
view these fields):
Field Description
Event server port Enter the port on which the Event Server
service for this Sametime server should
listen.
Note: If you have more than one Sametime
server installed on the same logical partition
(LPAR) of your server, make sure the Event
Server port is unique for each Sametime
server.
8. Press F10 for additional parameters, then complete the following fields.
Field Description
Results
The LDAP information you provided in this task only allows Sametime to connect
to the LDAP server. When you complete the LDAP configuration after installing
the Lotus Sametime Community Server, you will enable Sametime to search the
directory and authenticate Web browser users.
What to do next
If you did not provide the correct LDAP information in this task, your Sametime
server will be unable to connect to the LDAP server and Sametime will not start.
Usually, the underlying Domino server will start with errors but you can still
access the directory assistance database to make the necessary changes. Once you
have corrected the LDAP connection information, restart the server.
If the Sametime startup failures cause a more serious problem and you are not able
to access the Directory Assistance database, remove ″staddin2″ from the ″Tasks″ list
in the Sametime server’s notes.ini file, and restart the server. After making the
necessary configuration changes, put ″staddin2″ back in the ″Tasks″ list and restart
the Sametime server.
When you start the Sametime Community server it will automatically start an
XVFB server (X Virtual Frame Buffer) that is used when converting files for display
in meetings. If a Sametime Meeting Server is deployed on the same system as the
Community Server, the Meeting and Community servers will share the XVFB
server. If no meetings will be hosted on the system, you can prevent the
Community Server from starting the XVFB server by editing the meetingserver.ini
file in the server’s data directory and changing the ″DISPLAY=″ value to *NONE.
After saving the file, restart the Community Server.
Note: If you did not specify the correct LDAP connection information when you
configured the Sametime server, the server will not start. See “Adding the
Sametime Community Server to an IBM i Domino Server” on page 278 to correct
this before proceeding.
Follow these steps to complete the LDAP directory configuration for Domino.
1. Access the Sametime server by starting your Web browser and entering the
following URL:
http://serverhostname.domain:port/stcenter.nsf
Replace serverhostname.domain with your fully qualified server name and add
the port number if you determined it is not the default port number 80. You
must specify the server’s fully qualified host name; if you do not, you will be
able to access the Sametime Welcome Page, but you will not be able to log in.
For example: http://st85comm1.acme.com/stcenter.nsf
2. From the Sametime Welcome page, click Administer the Server.
3. At the login prompt, and specify the Domino server administrator ID and
password and click Enter.
4. In the Sametime Administration Tool, click LDAP Directory.
5. Enter the settings to enable your Sametime server to access the LDAP directory.
The settings should match the information you provided when you connected
the Sametime System Console to the LDAP server.
6. Click Save & Close.
7. Restart the Sametime server to enable your settings.
What to do next
From a Web browser, access the Sametime Welcome Page using the fully qualified
host name of the Sametime server. Verify that you can log in with a User ID and
password from the LDAP directory.
Specify settings that determine how IBM Lotus Sametime interoperates with your
LDAP directory.
The Sametime Administration Tool includes the LDAP Directory settings that
enable the Sametime server to operate as a client to an LDAP server. These settings
enable the Sametime server to search the LDAP directory on the LDAP server and
authenticate Sametime users against entries in the LDAP directory.
Note: After changing any LDAP settings, restart the Sametime server.
Connectivity settings
The Connectivity settings enable the administrator to provide the IP address and
ports the Sametime server uses when connecting to the LDAP server, and to
specify whether the Sametime server binds to the LDAP server as an anonymous
or authenticated user. These settings also enable the Sametime server to connect to
multiple LDAP servers, and to use SSL when connecting to the LDAP server.
Table 30. Connectivity settings for the LDAP directory
Field Description Comments
Host name or IP Select the IP address (or fully
address of the qualified DNS name) of the LDAP
LDAP server server for which you want to change
settings.
Position of this If you have configured the Sametime
server in the server to connect to multiple LDAP
search order servers, use this setting to specify
the order in which Sametime will
connect to the LDAP servers by
clicking a number to indicate the
priority of the currently selected
LDAP server.
Port Specify the port over which the The default port for LDAP
Sametime server connects to the access and recommended setting
specified LDAP server; use the port is TCP/IP port 389.
number on which the LDAP server
listens for TCP/IP connections.
Basics settings
The Basics settings enable the administrator to specify the basic LDAP parameters
required to conduct searches for people, and for groups, in an LDAP directory.
Some of these parameters are also necessary for displaying the names of users in
Sametime user interfaces. The Basics settings include parameters that specify the
level of a directory from which a search begins, the scope of a search, and the
attributes of LDAP directory entries that define person and group names.
The group object Specify the attribute of a In some situations, Sametime must
class used to directory entry that identifies determine whether a directory entry
determine if an the entry as a group. returned by a search is a person or
entry is a group group entry. Sametime assumes that
Enter the objectclass attribute groups are represented by entries
used for groups in the LDAP with a unique object class. Sametime
schema of the LDAP directory compares the name of the object class
in your environment. specified in this setting to the object
class values of each entry to decide
Suggested values for the setting whether the entry is a group or a
are: person.
v Microsoft Active Directory:
group
v Netscape Directory:
groupOfUniqueNames
v Microsoft Exchange 5.5 and
Domino Directories:
groupOfNames
v SecureWay Directory:
groupOfUniqueNames
Authentication settings
Note: The administrator must add a field to the person entries in the LDAP
directory to hold the name of each user’s home Sametime server, or use an existing
field in the person entries for this purpose.
Search settings
The Searching setting enables the administrator to specify the search filters
required to resolve the names of people and groups to specific entries in an LDAP
directory.
The Group Contents setting enable the administrator to specify the attribute of a
group entry that contains the names of group members.
Table 34. Group Contents settings for the LDAP directory
Field Description
Attribute in the Specify the name of the attribute in If an end user adds a group to a
group object the group entry that contains that presence list, privacy list, or a list
class that has the names of invidual people or that restricts meeting attendance,
names of the subgroups. Sametime must obtain the list of
group members members within the group so
Suggested values for this setting are: that individual members of the
v Microsoft Active Directory, group can be displayed. The
Microsoft Exchange 5.5 Directory, ″Attribute in the group object
and Domino Directory: member class that has the names of the
v Netscape Directory and IBM group members″ setting defines
Secureway Directory: the attribute within an LDAP
UniqueMember directory group entry that holds
the names of all members of the
group.
The Access Control settings enable the administrator to work with Access Control
Lists.
Table 36. Access Control settings for the LDAP directory
Field Description Comments
User or Group Specify the name of a person or Registering groups in the Access
Name group entry in the LDAP directory Control List is more efficient
that should have access to Sametime than listing individual users
servers. because you can include more
users in less time, and can easily
When entering names in this field: update the individual group
v Use the fully qualified listings later.
distinguished name of the user or
group, but use forward slashes (/)
as delimiters instead of commas (,).
For example, use:
cn=John Smith/ou=managers/
ou=marketing/ou=west/o=acme
instead of:
cn=John Smith, ou=managers,
ou=marketing, ou=west, o=acme
v You can use an asterisk (*) as a
wildcard character when entering
names. For example, entering
*/ou=West/o=Acme is equivalent
to entering all users in the
ou=West, o=Acme branch of the
directory to the ACL.
Make sure the following servers are ready for the registration task:
v The Lotus Sametime Community Server must be configured to use an LDAP
directory, and must be started.
v The Lotus Sametime System Console must be started.
v The LDAP server must be started, and must be connected to the Lotus Sametime
System Console.
During this task you will edit the following files; click the topic titles below to see
details on each file. You may want to open each topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. Back up the console.properties and productConfig.properties files:
a. Navigate to the Community Server’s sametime_server_data_directory/
console directory.
b. Make back-up copies (using different names) of the console.properties and
productConfig.properties files.
2. Update the following values in the console.properties file and save the file.
Table 37. console.properties settings
SSCHostName Provide the fully qualified host name of the Lotus
Sametime System Console server.
SSCHTTPPort Specify the HTTP port used for the Lotus Sametime
System Console server if SSL is not enabled and the
value for SSCSSLEnabled is ″false.″
Location of notes.ini file Type the full path to the directory containing
the notes.ini file (for example,
/stserver/data), and press Enter.
Lotus Domino administrator user name This is the account that you created for
managing the Lotus Sametime Community
Server from the Community Server
Administration Tool. Type the Lotus Domino
administrator’s user name, and press Enter.
Lotus Domino administrator password Type the password associated with the Lotus
Domino administrator user account, and
press Enter.
Important: Due to the way the Lotus Sametime Community Server functions, you
must not disable IPv4 addressing in the server’s operating system. Even if you will
use IPv6-only addressing with the Lotus Sametime Community Server and with
your network, internal server components use IPv4 addresses (for example, in
loopback addresses) and will fail if the operating system does not support IPv4
addressing.
To enable support for IPv6 addressing on the Lotus Sametime Community Server,
modify the configuration settings for Lotus Domino and for Lotus Sametime as
explained in the following topics:
The IBM Lotus Sametime Community Server is hosted on Lotus Domino. When
you enable support for IPv6 addressing on the Community Server, you must
additionally ensure that the underlying Lotus Domino server also supports IPv6.
Lotus Sametime supports IPv6 addressing only with Lotus Domino 8.0 or later. If
you use an earlier release of Lotus Domino, you must upgrade it to release 8.x
before you can configure it for IPv6 addressing.
The steps to enabling IPv6 support in Lotus Domino vary with the operating
system:
Before an IBM Lotus Sametime server can support IPv6 addressing on IBM i, you
must configure IPv6 support for the Lotus Domino server on which it is hosted.
Configuring Lotus Domino to support both IPv4 and IPv6 addressing on IBM i:
Lotus Domino and the Lotus Sametime Community server must be installed; the
Lotus Domino server must be running (it does not matter whether the Community
Server is also running at this point).
For information on supporting IPv6 with Lotus Domino, see ″IPv6 and Lotus
Domino″ in the Lotus Domino Administration information center.
1. Enable support for both IPv4 and IPv6 addresses in Lotus Domino by adding
the following settings to the notes.ini file:
tcp_enableipv6=1
DONT_USE_REMEMBERED_ADDRESSES=1
2. If you want to be able to use a Lotus Notes client to access the server with an
IPv6 address, add the IPv6 information to the Domino server configuration by
running the CHGDOMSVR command as follows:
a. On any IBM i command line, type CHGDOMSVR and press F4 to display the
command prompt.
b. Specify the Lotus Domino server name and press Enter to display
additional parameters. Then page down to display the TCP/IP port options
prompt.
c. Type a plus sign (+) in the entry field that follows the prompt (as shown
below) and press Enter.
Log client session events . . . *SAME
TCP/IP port options: +
Communications port . . . . . *SAME
This displays the current TCP/IP port options.
d. Page down to display a second section, where you can enter information for
the additional TCP/IP port. Specify the following settings:
For the remaining parameters, specify the options of your choice, and then
press Enter.
e. Now press Enter to run the command.
f. Verify that the port options were updated in the notes.ini file to look like
this:
Ports=TCPIP,TCPIPV6
TCPIP=TCP,0,15,0,,12288
TCPIPV6=TCP,0,15,0,,12288
TCPIP_TcpIPaddress=0,Domino_server's_explicit_IPv4_address
TCPIPV6_TcpIPaddress=0,Domino_server's_explicit_IPv6_address
Attention: Do not add both the IPv6 and the IPv4 addresses.
e. Save and close the ″Server″ document.
7. Restart the HTTP service on the Lotus Domino server by running the following
command in the console:
tell http restart
8. Verify that you can access the Community Server using either an IPv4 or an
IPv6 client with the following URL:
http://Community_Server_host_name
Lotus Domino and the Lotus Sametime Community server must be installed; the
Lotus Domino server must be running (it does not matter whether the Community
Server is also running at this point).
For information on supporting IPv6 with Lotus Domino, see ″IPv6 and Lotus
Domino″ in the Lotus Domino Administration information center.
1. Enable support for IPv6 addresses in Lotus Domino by adding the following
settings to the notes.ini file:
tcp_enableipv6=1
DONT_USE_REMEMBERED_ADDRESSES=1
2. Update the Domino TCP/IP port settings in the notes.ini file so they only
specify the IPv6 address, like this:
Ports=TCPIPV6
TCPIPV6=TCP,0,15,0,,12288
TCPIPV6_TcpIPaddress=0,Domino_server's_explicit_IPv6_address
3. Update the stcommsrvrtk.jar file in the Lotus Domino installation directory:
To support IPv6–only addressing for a Lotus Sametime Community Server
running on IBM i, you must replace the stcommsrvrtk.jar file with a newer
version. Run the following command, where ″8xx″ is the version of Lotus
Domino that you are using for your Community Server:
CPY OBJ('/QIBM/ProdData/LOTUS/sametime/stcommsrvrtk.jar')
TODIR('/QIBM/ProdData/LOTUS/domino8xx') REPLACE(*YES) OWNER(*KEEP)
For example, if your Community Server is running on a Domino 8.0.2 server,
run this command:
CPY OBJ('/QIBM/ProdData/LOTUS/sametime/stcommsrvrtk.jar')
TODIR('/QIBM/ProdData/LOTUS/domino802') REPLACE(*YES) OWNER(*KEEP)
4. Verify that the server host table and the Domain Name Server use the server’s
IPv6 address, which is mapped to the host name.
You should have set these values when setting up your IBM i server before
installing Lotus Domino; for information, see the section Preparing the TCP/IP
environment on IBM i.
5. Restart the Lotus Domino server so your changes can take effect.
6. Determine whether you need to add the IPv6 address to the HTTP hostname
field in the Community Server’s ″Server″ document in Lotus Domino:
This depends on how the Domain Name Server resolves the host name. To
determine whether you need to add the IPv6 address to the ″Server″ document,
attempt to access the Community Server from a Web browser using an IPv6
client:
http://Community_Server's_host_name
v If you do need to add the IPv6 address, continue with step 7; otherwise, skip
to step 8.
Configure settings to establish connectivity and resolve addresses when using IPv6
addressing on the IBM Lotus Sametime Community Server.
Enable support for IPv6 addresses on the Lotus Domino server hosting this Lotus
Sametime Community Server.
Important: Due to the way the Lotus Sametime Community Server functions, you
must not disable IPv4 addressing in the server’s operating system. Even if you will
use IPv6-only addressing with the Lotus Sametime Community Server and with
your network, internal server components use IPv4 addresses (for example, in
loopback addresses) and will fail if the operating system does not support IPv4
addressing.
Follow the steps below to configure IPv6 support on the Lotus Sametime
Community Server:
1. Stop the Community Server.
2. Locate the sametime.ini file in the Lotus Sametime Community Server’s data
directory, and open the file so you can edit it.
3. In the [Connectivity] section, add (or modify) the following statements:
UCM_RESOLVE_PREFERRED_IP_VER=IPv4_or_IPv6_selection
VPS_HOST=Explicit_IP_address_of_this_server
UCM_LOCAL_IP=Explicit_IP_address_of_this_server
VPHMX_HTTP_SERVER_IP=IP_address_of_Domino_HTTP_server
VPHMX_HTTP_SERVER_PORT=Domino_HTTP_port
where:
5. Add (or modify) the following statements in the [Debug] section within the
sametime.ini file:
v If this Lotus Sametime Community Server will support both IPv4 and IPv6
addressing:
VPMX_DISABLE_CONFIGURATION_UPDATE=1
VPMX_HOSTNAME=::,0.0.0.0
VPMX_PORT=1533
VPHMX_HOSTNAME=::,0.0.0.0
VPHMX_PORT=8082
Where:
– VPMX_DISABLE_CONFIGURATION_UPDATE=1 requires all four of the statements
that follow it.
For example, set this to ::,0.0.0.0 to accept ″any″ address using either IP
protocol.
– VPMX_PORT specifies the port on which the multiplexer residing on this
server listens for client connections, normally port 1533.
– VPHMX_HOSTNAME specifies the addresses where the multiplexer residing on
this server handles HTTP client communications.
Table 40. Accepted values for VPHMX_HOSTNAME
Type of address Example
IPv4 explicit address (dot notation) 9.42.127.134
IPv6 explicit address using colon notation 2002:92a:8f7a:200:9:42:127:134
IPv6 explicit address using double-colon 3ef0::bee7:994:2e66
notation
IPv6 explicit address using IPv4–suffix 3ef0::bee7:9.148.46.102
notation
IPv4 ″any″ (four zeroes) 0.0.0.0
IPv6 ″any″ (a double colon) ::
For example, set this to ::,0.0.0.0 to accept ″any″ address using either IP
protocol.
– VPHMX_PORT specifies the port on which the multiplexer residing on this
server listens for HTTP client connections, normally port 8082.
v If this Lotus Sametime Community Server will support only IPv6 addressing:
[Debug]
VPMX_DISABLE_CONFIGURATION_UPDATE=1
VPMX_HOSTNAME=::
VPMX_PORT=1533
VPHMX_HOSTNAME=::
VPHMX_PORT=8082
6. IBM i only: If you will support both IPv4 and IPv6 addressing, replace all of
the remaining Lotus Sametime Community Server host names in the
sametime.ini file with the correct IPv4 or IPv6 address, based on your address
preference as specified with the UCM_RESOLVE_PREFERRED_IP_VER setting.
For example:
What to do next
If your Lotus Sametime Community Server is hosted on a Linux SuSE server, you
will additionally need to edit the ststart script to enable support for IPv6
addressing in SuSE as described in the next topic.
Use the IBM Lotus Sametime System Console to connect to a Lotus Sametime
Community Mux and validate its settings.
If you have not already opened the Connect to Sametime Community Mux Servers
activity, follow these steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified host name of the Lotus Sametime System Console server (for
example stconsole.acme.com).
http://serverhostname.domain:8700/ibm/console
If you are prompted with a security exception, accept the certificate, and
continue.
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Expand Sametime Prerequisites, and click Connect to Sametime Community
Mux Servers.
Related concepts
“Planning for an LDAP directory” on page 40
The IBM Lotus Sametime 8.5 multiple-server environment requires an LDAP
directory for user authentication. The LDAP server should be set up and running
before deploying Sametime.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
Validate the host name and ports specified for a new IBM Lotus Sametime
Community Mux server.
Use this page to validate the host name of a new Community Mux, along with the
ports on which it will listen for client connections. This ensures you have a
working multiplexer before you attempt to connect it to a Lotus Sametime
Community Server or cluster.
1. Connect to Sametime Community Mux Servers.
Click Add to begin the guided activity, which lets you validate your installed
Lotus Sametime Community Mux servers before connecting them to
Community Servers.
You can optionally edit or delete connections to Community Mux servers. Click
Refresh to view your most recent changes.
2. Add Sametime Community Mux Servers.
a. In ″Connect to Sametime Community Mux Servers″, click Add.
b. In the Host Name field, type the fully qualified host name of the new
Sametime Community Mux (for example: mux1.acme.com).
c. Accept the default settings for the Client Port and Client HTTP Port fields.
These settings indicate the ports that the multiplexer will listen on for
connections from Lotus Sametime Connect clients and from Web clients,
respectively.
d. Click Save.
The connection to the Lotus Sametime Community Mux is validated when
you save the settings.
Follow these steps to confirm or change the settings for VPS_HOST, VPS_PORT,
and VPMX_CAPACITY, open the sametime.ini file on the Community Server
multiplexer machine.
1. Open a text editor on the Community Server multiplexer machine.
2. Open the Sametime.ini file located in the Sametime server installation directory
(the default directory in Windows is C:\program files\lotus\domino).
3. Confirm the host name (VPS_HOST) of the Sametime server to which the
Community Services multiplexer connects (specified during the Community
Services multiplexer installation and in the stconfig.nsf database.
4. Confirm the port (VPS_PORT) the Community Services multiplexer uses to
establish the connection with the Sametime server (default port 1516).
5. Confirm or change the maximum number of simultaneous connections allowed
to the multiplexer (VPMX_CAPACITY).
The default value is 20,000 connections:
VPMX_CAPACITY=20000
6. Save the sametime.ini file.
Note: The first three settings must match the values used for the Lotus
Sametime server where Community Services are hosted; these values must use
the same IP protocol as well.
UCM_RESOLVE_PREFERRED_IP_VER=IPv4_or_IPv6_selection
VPS_HOST=Explicit_IP_address_of_Sametime_server
UCM_LOCAL_IP=Explicit_IP_address_of_Community_Mux
VPHMX_HTTP_SERVER_IP=IP_address_of_Domino_HTTP_server
VPHMX_HTTP_SERVER_PORT=Domino_HTTP_port
where:
v UCM_RESOLVE_PREFERRED_IP_VER specifies which type of addresses should be
preferred when a domain name resolves to multiple addresses of both
protocols:
– If you support both IPv4 and IPv6 addressing, set this to ″4″ to allow both
protocols but attempt to resolve addresses using IPv4 protocol first.
– If you support only IPv6 addressing, set this to ″6″ -- this will still allow
both protocols, but will attempt to resolve addresses using IPv6 protocol
first in case your operating system is enabled for both IP protocols.
v VPS_HOST specifies the explicit IP address of the Lotus Sametime server to
which this Community Services multiplexer connects. This value must use
the format specified in UCM_RESOLVE_PREFERRED_IP_VER; for example if you
entered a ″4″ for that setting, then you must provide an IPv4–format IP
address here.
v UCM_LOCAL_IP specifies the explicit IP address of the Community Mux
machine (using dot notation for IPv4 protocol or colon notation for IPv6
protocol). This value must use the format specified in
UCM_RESOLVE_PREFERRED_IP_VER; for example if you entered a ″4″ for that
setting, then you must provide an IPv4–format IP address here.
v VPHMX_HTTP_SERVER_IP specifies the IP address of the Lotus Domino HTTP
server where Lotus Sametime is running.
v VPHMX_HTTP_SERVER_PORT specifies the port used by the Lotus Domino HTTP
server where Lotus Sametime is running; normally port 80.
4. Add (or modify) the following statements in the [Debug] section within the
sametime.ini file:
v If this Lotus Sametime server will support both IPv4 and IPv6 addressing:
VPMX_DISABLE_CONFIGURATION_UPDATE=1
VPMX_HOSTNAME=::,0.0.0.0
VPMX_PORT=1533
VPHMX_HOSTNAME=::,0.0.0.0
VPHMX_PORT=8082
Where:
– VPMX_DISABLE_CONFIGURATION_UPDATE=1 requires all four of the statements
that follow it.
– VPMX_HOSTNAME specifies the addresses where this multiplexer serves Lotus
Sametime client communications.
Table 41. Accepted values for VPMX_HOSTNAME
Type of address Example
IPv4 explicit address (dot notation) 9.42.127.134
For example, set this to ::,0.0.0.0 to accept ″any″ address using either IP
protocol.
– VPMX_PORT specifies the port on which this multiplexer listens for client
connections, normally port 1533.
– VPHMX_HOSTNAME specifies the addresses where this multiplexer serves
HTTP client communications.
Table 42. Accepted values for VPHMX_HOSTNAME
Type of address Example
IPv4 explicit address (dot notation) 9.42.127.134
IPv6 explicit address using colon notation 2002:92a:8f7a:200:9:42:127:134
IPv6 explicit address using double-colon 3ef0::bee7:994:2e66
notation
IPv6 explicit address using IPv4–suffix 3ef0::bee7:9.148.46.102
notation
IPv4 ″any″ (four zeroes) 0.0.0.0
IPv6 ″any″ (a double colon) ::
For example, set this to ::,0.0.0.0 to accept ″any″ address using either IP
protocol.
– VPHMX_PORT specifies the port on which the stand-alone Community Mux
listens for HTTP client connections, normally port 8082.
v If this Lotus Sametime server will support only IPv6 addressing:
[Debug]
VPMX_DISABLE_CONFIGURATION_UPDATE=1
VPMX_HOSTNAME=::
VPMX_PORT=1533
VPHMX_HOSTNAME=::
VPHMX_PORT=8082
5. Save and close the file.
6. Restart the Community Mux so your changes can take effect.
After you have configured the Community Server multiplexer, give users the DNS
name of the multiplexer and instruct them to set up their Sametime Connect
preferences to connect to the multiplexer instead of the Sametime Community
Server.
Each user must update the Sametime Connect client with the DNS name of the
multiplexer. If you have deployed multiple Community Server multiplexers,
distribute users evenly among the machines. For example, with two multiplexers,
direct half of your users to use multiplexer 1 and the other half to use multiplexer
2.
1. Open Sametime Connect.
2. Choose File → Preferences → Server Communities.
3. In the Server Community field, type the DNS name of the Community Server
multiplexer machine, such as messaging.acme.com, as instructed by the
administrator.
Skip the first two steps if you are installing from physical media.
1. Download the installation package if you have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
If you intend to install from a downloaded image, you should have downloaded
the proxy server installation package. For all installations, you should have
completed the preparation steps.
Follow these steps to install the Lotus Sametime Proxy Server and WebSphere
Application Server.
1. Log in using a profile with *ALLOBJ and *SECADM special authorities.
2. Use the WRKSYSVAL command to check the setting for the QVFYOBJRST system
value and change it if necessary. The setting must be 3 or lower to install the
Sametime software.
3. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
4. Run the cd shell command, specifying the fully qualified path to the
installation kit directory; for example:
/MySametimePackages/SametimeProxyServer/IBMi/stii_stp
For DVD:
cd /qopt/volume_ID/IBMi/stii_stp
5. Start the installation with the following shell command:
install_stp.sh
-Dinstall.response.file=path_and_name_of_customized_response.properties_file
6. When the installation completes, press F3 to exit QSH.
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix the problem,
then try installing again. The installation logs are stored in the following location.
/QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
install_STPROXY_yyyymmdd_hhmm.log
For example, this log was created at 3:07 A.M. on December 15, 2009:
install_STPROXY_20091215_0307.log
What to do next
If you have installed both the Sametime Meeting Server and the Sametime Proxy
Server on the same system, you must update the table of Host Aliases associated
with the Sametime Proxy Server’s default_host virtual host so that it does not use
the same host name and IP address as the Sametime Meeting Server. Follow the
steps in Deploying Sametime Proxy Server and Sametime Meeting Server on the
same machine.
Before you register the server, verify that you have completed the following tasks.
Working from the Sametime server that you want to connect with the console,
follow these steps to update properties files and run the registration utility to
register the server with the console.
During this task you will edit the following files; click the topic titles below to see
details on each file. Use Ctrl+Click to open the topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. On the Sametime server you plan to register, navigate to the console directory.
v Community Server
The console directory is a subdirectory of the Sametime Community server
data directory.
v Proxy Server
/QIBM/UserData/Lotus/stii/STPROXY/STPROXY_date_time/console
4. Now update the productConfig.properties file with the values needed for the
server you are registering. Then save the file.
Required values not listed below are filled in automatically.
v Sametime Community Server
– DepName: Provide a descriptive name for your deployment. It must be a
unique deployment name on the Sametime System Console.
v Sametime Proxy Server
– WASPassword: Specify the password associated with the WASUserID.
v Sametime Meeting Server
– DBAppPassword: Specify the password associated with the database ID.
– WASPassword: Specify the password associated with the WASUserID.
– LDAPBindPwd: Specify the password associated with the LDAPBindDN.
5. If you are registering a Sametime Community Server or Meeting Server, start
the server. Otherwise, proceed to the next step.
6. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
Tip: To verify the HTTP port number being used by the Lotus Sametime Proxy
Server, open the AboutThisProfile.txt file for the Sametime Proxy Application
Server Profile and use the setting specified for the HTTP transport port. The
default profile name is STPAppProfile. On IBM i, look for the
AboutThisProfile.txt file in the following location /QIBM/UserData/Websphere/
AppServer/V7/SametimeWAS/profiles/STPAppProfile/logs/
AboutThisProfile.txt:
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
You should have completed the preparation steps in ″Preparing to install Lotus
Sametime on IBM i.″
Skip the first two steps if you are installing from physical media.
1. Download the installation package if you have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers.
c. Use ftp or another convenient method to transfer the installation package to
the system where you plan to install the product. Store the file in an IFS
directory of your choosing; for example:
/MySametimePackages
2. Extract the installation files to the directory where you stored the installation
package.
a. From an IBM i command line, run the following command to start the
QShell Interpreter:
QSH
b. Run the cd shell command, specifying the fully qualified path to the
installation package directory; for example:
cd /MySametimePackages
c. Run the following cd shell command, specifying the name of the .tar file:
pax -r -C 819 -f name_of_installation_package
d. Press F3 to exit QSH.
3. Review the IBM International Program License Agreement and ensure that you
agree to its terms before proceeding. The agreement is stored in the licenses
subdirectory of the program image:
/MySametimePackages/SametimeMeetingServer/IBMi/stii_stms/licenses
For DVD:
/qopt/volume_ID/IBMi/stii_stms/licenses
4. Navigate to the program image directory, for example:
/MySametimePackages/SametimeMeetingServer/IBMi/stii_stms
For DVD:
/qopt/volume_ID/IBMi/stii_stms
5. Make a copy of the stms.default.response.properties file, using a name of your
choosing. Store the copy in a location on the system that the installation
program can access.
6. Customize your copy of the response.properties file with the settings
appropriate for your specific installation.
For the database.db.user.id and database.db.user.password settings in the properties
file, specify the user profile and password you created to be the owner of the
Meeting Server database schemas.
You should have prepared the Meeting Server installation file as described in
″Preparing the Meeting Server installation file on IBM i.″
On the IBM i system that will install the Sametime Meeting Server, follow these
steps to create the database schema and tables:
1. Log in with a user profile that has *ALLOBJ and *SECADM special authorities.
These authorities are required to create the database schemas. The database
schemas will be created on the system specified in your copy of the
stms.default.response.properties file and owned by the user profile specified in
the file.
2. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
3. Run the cd shell command, specifying the fully qualified path to the
installation kit directory; for example
/MySametimePackages/SametimeMeetingServer/IBMi/stii_stms
For DVD:
/qopt/volume_ID/IBMi/stii_stms
4. The POLICY schema is shared by the Meeting Server and the System Console.
If the POLICY schema already exists, the Meeting Server database setup script
will only create the MTG schema.
setupDB_stms.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
5. When the script completes, press F3 to exit QSH.
Results
If the database schema creation was not successful, look at the script log for more
information about what occurred during the attempt. Fix the problem, then try
running the script again. The script log is stored in the following location.
/QIBM/UserData/Lotus/stii/logs
stms_dbsetup_yyyymmdd_hhmm.log
For example, this log was created at 3:07 A.M. on December 15, 2009:
stms_dbsetup_20091215_0307.log
Related tasks
“Preparing to install Lotus Sametime on IBM i” on page 249
Follow these steps to prepare IBM i for Lotus Sametime server installations.
If you intend to install from a downloaded image, you should have downloaded
the meeting server installation package. For all installations, you should have
completed the preparation steps. The database schemas required for the Meeting
Server (MTG and POLICY) should already exist.
Follow these steps to install the Lotus Sametime Meeting Server and WebSphere
Application Server.
1. Log in using a profile with *ALLOBJ and *SECADM special authorities.
2. Use the WRKSYSVAL command to check the setting for the QVFYOBJRST system
value and change it if necessary. The setting must be 3 or lower to install the
Sametime software.
3. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
4. Run the cd shell command, specifying the fully qualified path to the
installation kit directory; for example:
/MySametimePackages/SametimeMeetingServer/IBMi/stii_stms
For DVD:
cd /qopt/volume_ID/IBMi/stii_stms
5. Start the Meeting Server installation with the following shell command:
install_stms.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
6. When the script completes, press F3 to exit QSH.
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix the problem,
then try installing again. The installation logs are stored in the following location.
/QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
install_STMEETINGS_yyyymmdd_hhmm.log
install_STMEETINGS_20091215_0307.log
What to do next
If you have installed both the Sametime Meeting Server and the Sametime Proxy
Server on the same system, you must update the table of Host Aliases associated
with the Sametime Proxy Server’s default_host virtual host so that it does not use
the same host name and IP address as the Sametime Meeting Server. Follow the
steps in Deploying Sametime Proxy Server and Sametime Meeting Server on the
same machine.
Related tasks
“Preparing to install Lotus Sametime on IBM i” on page 249
Follow these steps to prepare IBM i for Lotus Sametime server installations.
If you have not already opened the Connect to DB2 Databases activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary or use the setting
specified for the Administrative console secure port in the AboutThisProfile.txt
file. For the Sametime System Console Deployment Manager Profile
(STSCDmgrProfile), the file is located in the following path:
/QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDmgrProfile/logs/AboutThisProfile.txt
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Prerequisites → Connect to DB2 Databases.
This activity takes you through the steps for connecting to the Meeting Server or
Gateway database you created.
AIX, Linux, Solaris, Windows: Ensure that IBM DB2 has been installed and that
you have created the Sametime Meeting Server or Gateway database.
IBM i: Ensure that you have created the required database schemas and tables.
In the Connect to DB2 Databases portlet, verify that the Lotus Sametime System
Console database you created earlier is already displayed in the list of databases.
Follow these steps to connect to the Meeting Server or Gateway database. You
must do this before you can install the Meeting Server using the Sametime System
Console. If you installed the server without using the System Console (as is the
case with the Sametime Meeting Server on IBM i and Sametime Gateway on any
platform), do this step before registering the server with the System Console.
1. DB2 Configuration Guided Activity.
Click Add to begin the guided activity that will connect your server to the DB2
database. If a connection already exists, you can optionally edit or delete it.
2. Add a new database.
a. In the Connect to DB2 Databases portlet, click Add.
If you want to edit or delete a database instead, then select one, and click
the appropriate button.
b. Enter the fully qualified host name of the DB2 server in the Host name
field.
Do not enter an IP address or a short host name.
c. The Port field shows the default port of 50000. Accept the default unless
you specified a different port during DB2 installation or your server is using
a different port.
Linux: The default is typically 50001, but will vary based on port
availability. Check the /etc/services file on the DB2 server to verify the
port number being used.
d. In the Database name, field, enter the name of the database you want to
connect to.
Meeting Server database
On AIX, Linux, Solaris, and Windows, the database name is STMS unless
you changed it.
On IBM i, the name is always STMS.
Gateway database
For AIX, Linux, Solaris, and Windows, the database name is STGWDB
unless you changed it.
Before you register the server, verify that you have completed the following tasks.
Working from the Sametime server that you want to connect with the console,
follow these steps to update properties files and run the registration utility to
register the server with the console.
4. Now update the productConfig.properties file with the values needed for the
server you are registering. Then save the file.
Required values not listed below are filled in automatically.
v Sametime Community Server
– DepName: Provide a descriptive name for your deployment. It must be a
unique deployment name on the Sametime System Console.
Verify the installation by logging in to the server and creating a new meeting
room.
1. From a Web browser, navigate to the Meeting Room Center by entering the
following URL:
http://serverhostname.domain:port/stmeetings
Replace serverhostname.domain with the fully qualified domain name of the
Meeting server; for example:
Tip: To verify the HTTP port number being used by the Lotus Sametime
Meeting Server, open the AboutThisProfile.txt file for the Sametime Meeting
Application Server Profile and use the setting specified for the HTTP transport
Note: By default, the WebSphere proxy listens on port 80, and forwards to the
Lotus Sametime Meeting Server on port 9080.
2. Click Log In and then enter your User name and Password to log in to the
Meeting Center.
3. Click New Meeting Room, then fill in the fields and click Save.
4. The new meeting appears in the list of meetings that you own. Click Enter
Meeting Room below the name of the new meeting to join the meeting.
For a multi-server installation, you should perform the steps once on the IBM i
server where you want to host the data for Lotus Sametime Gateway. Afterwards,
when you install Lotus Sametime Gateway, you use the host name of that IBM i
server when specifying the server name on the database information panel of the
wizard.
On the IBM i system that will host your database, proceed as follows:
1. Create a user profile on the system that will be the owner of the schema
created for the Lotus Sametime Gateway data. The profile that you create can
have a user class of *USER, and will not require special authorities.
2. Log in as the profile that will be the owner of the schema.
3. From the installation media, copy the Lotus Sametime Gateway installation
image to a temporary directory \TMP\SametimeGateway and unzip the contents.
4. Locate a copy of \TMP\SametimeGateway\database\db2_iseries\createDbi5OS
and copy it to a temp directory in the IFS of the database server.
5. On the IBM i system, start a QSHELL session. From an IBM i command line,
type the command:
QSH
6. Change to the temp directory where you copied the file createDbi5OS and type
the following command:
createDbi5OS <schema name>
Where <schema name> is the name of the schema you would like Lotus
Sametime Gateway to use. The name must meet the requirements for a library
name in IBM i, and must not already be used. For example, STGW.
You can now proceed with the Lotus Sametime Gateway installation.
The fully qualified domain name of the Lotus Sametime Gateway server must be
externally resolvable by the domain name server, and must not be set in the
″hosts″ file. Verify that this is true before installing the Lotus Sametime Gateway.
Unlike other Lotus Sametime components, the Lotus Sametime Gateway does not
install with a deployment plan created on the Lotus Sametime System Console.
Instead, you enter required information as you proceed through the installation
program. Once the installation is complete, you will register the Gateway with the
Lotus Sametime System Console; from then on, you will administer the Gateway
server from the System Console, just like all the other Lotus Sametime
components.
To install Lotus Sametime Gateway on IBM i, you must first install WebSphere
Application Server. You can install more than one instance of Lotus Sametime
Gateway on a single IBM i system.
Install WebSphere Application Server before you install Lotus Sametime Gateway.
After you install WebSphere Application Server, you can install more than one
instance of Lotus Sametime Gateway on a single IBM i system.
What to do next
Complete these steps to install a single Lotus Sametime Gateway server on IBM i.
If you need to create a cluster of Lotus Sametime Gateway servers later, follow the
procedure for installing a cluster of servers.
Before you begin, WebSphere Application Server must be installed. You need
*ALLOBJ and *SECADM authorities to successfully complete the Lotus Sametime
Gateway installation.
Important: If you are installing on an IPv6–enabled server, you must use the
second option below to install using the console.
v To run the installer in wizard mode, type the following command:
installi5OS.bat
v To run the installer in console mode, perform these steps:
a. Copy the directory /TMP/SametimeGateway to the IFS of the IBM i system.
b. Start a QSHELL session.
c. Navigate to the /TMP/SametimeGateway directory and type the following
command:
install.sh -console
Because your input will not be verified during installation, you should
take extra care when typing values.
5. Select the language to be used for the installation and click OK. The Lotus
Sametime Gateway Welcome screen is displayed.
6. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Please make sure to read the license agreement carefully.
7. Select the appropriate radio button option to accept the license agreement if
you agree with the statement and click Next to proceed with the installation.
If you accepted the terms, the Installation Type dialog is displayed.
8. Select Standalone server, and then click Next.
9. See node, cell, and host name profile information provided by the installer. If
the supplied information is okay, click Next.
Option Description
Node Logical name for the node. For example,
acmeNode.
10. Create a user ID and password to log in to the Integrated Solutions Console,
the administrative interface for managing Lotus Sametime Gateway. The user
ID must not exist in the LDAP directory. Passwords must not contain accented
characters or any of the following characters:
;*!?"/<>|+&'`[]%^
11. Click Next to see the default directory path where Lotus Sametime Gateway
will be installed. To change the location, click Browse and select a desired
location, or type a new path.
12. Click Next to continue with the installation. The DB2 Database Properties
dialog is displayed.
13. Click Next to enter properties required by DB2:
Option Description
Host name The Fully qualified host name or TCP/IP
address of the database server.
Schema name The name of the schema you created when
preparing the Lotus Sametime Gateway
environment. For example, STGW.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
Schema user ID The ID for the user that has appropriate
permissions to create tables in the database.
You may need to get this information from
the database administrator. The schema user
ID is often the same as the application user
ID.
14. Click Next to connect to an LDAP server at this time. The LDAP server must
be the same LDAP used by Lotus Sametime.
Option Description
Configure LDAP now Select if you want to set up a connection
between Sametime Gateway and LDAP that
does not need an SSL connection. You will
need to know the host name and port of the
LDAP server.
Configure LDAP after the installation Select this option if you need to set up an
SSL connection with LDAP, or if you do not
know the host name and port number used
by LDAP. If you are installing Lotus
Sametime Gateway outside the firewall and
the LDAP directory is located inside the
firewall, choose this option.
15. Select an LDAP host name from list of Registered host names and ports in
your domain, or select Other and enter a host name or IP address in the Host
name field. The default port number is 389. Click Next.
16. If anonymous access is successful to the LDAP host name, you may have the
option of continuing with anonymous access or changing the access to
authenticated access. If anonymous access is not permitted, you will not have
this option because you must supply a bind distinguished name and
password.
Option Description
Anonymous access Select this option if you don’t need
authenticated access to the LDAP server.
Lotus Sametime Gateway only requires
anonymous access to an LDAP server.
Authenticated access Select this option if your LDAP server
requires authenticated access. You must
provide an authentication identity, including
a bind distinguished name and password
from the LDAP administrator.
17. Enter the Bind distinguished name (DN) and Bind password. The bind
distinguished name can be any user with read permission for the directory
server. The bind DN need not be the LDAP administrator. For example:
v Bind distinguished name:
uid=ldapadmin,cn=users,l=shipley,st=kansas,c=us,ou=acme,o=medical,DC=ACME,DC=COM
v Bind password:
C@pital1
18. Click Next. Choose a base distinguished name from the list of Suggested base
distinguished names in your LDAP or enter a base DN in the Base
distinguished name field. The base distinguished name indicates the starting
What to do next
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
This section explains how to start a standalone Lotus Sametime Gateway server.
Skip these steps if you are setting up a cluster.
Single server configurations must have the Lotus Sametime Gateway server
running to access the Integrated Solutions Console, while a Lotus Sametime
Gateway cluster must have the Deployment Manager running to access the
Integrated Solutions Console. Do not start Lotus Sametime Gateway at this time if
you are creating a cluster of Lotus Sametime Gateway servers.
1. Log in to the server machine as a user with administrative privileges.
2. Navigate to the Lotus Sametime Gateway profile directory that contains
binaries: stgw_profile_root\bin
3. Type the following command to start Lotus Sametime Gateway. Note that
RTCGWServer is case-sensitive.
AIX, Linux, and Solaris
./startServer.sh RTCGWServer
Windows
startServer.bat RTCGWServer
IBM i
startServer RTCGWServer
Use the Lotus Sametime System Console to connect to the Lotus Sametime Meeting
Server or Lotus Sametime Gateway database before installing the server from the
System Console. If you installed the server without using the System Console (as is
the case with the Sametime Meeting Server on IBM i and Sametime Gateway on
any platform), do this step before registering the server with the System Console.
If you have not already opened the Connect to DB2 Databases activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary or use the setting
specified for the Administrative console secure port in the AboutThisProfile.txt
This activity takes you through the steps for connecting to the Meeting Server or
Gateway database you created.
AIX, Linux, Solaris, Windows: Ensure that IBM DB2 has been installed and that
you have created the Sametime Meeting Server or Gateway database.
IBM i: Ensure that you have created the required database schemas and tables.
In the Connect to DB2 Databases portlet, verify that the Lotus Sametime System
Console database you created earlier is already displayed in the list of databases.
Follow these steps to connect to the Meeting Server or Gateway database. You
must do this before you can install the Meeting Server using the Sametime System
Console. If you installed the server without using the System Console (as is the
case with the Sametime Meeting Server on IBM i and Sametime Gateway on any
platform), do this step before registering the server with the System Console.
1. DB2 Configuration Guided Activity.
Click Add to begin the guided activity that will connect your server to the DB2
database. If a connection already exists, you can optionally edit or delete it.
2. Add a new database.
a. In the Connect to DB2 Databases portlet, click Add.
If you want to edit or delete a database instead, then select one, and click
the appropriate button.
b. Enter the fully qualified host name of the DB2 server in the Host name
field.
Do not enter an IP address or a short host name.
c. The Port field shows the default port of 50000. Accept the default unless
you specified a different port during DB2 installation or your server is using
a different port.
Linux: The default is typically 50001, but will vary based on port
availability. Check the /etc/services file on the DB2 server to verify the
port number being used.
After installing an IBM Lotus Sametime Gateway server on IBM i, register it with
the Lotus Sametime System Console, which allows you to manage all Lotus
Sametime servers from a central location.
Before you register the server, verify that you have completed the following tasks,
which are described in the Installing on IBM i section of this information center.
v The Lotus Sametime System Console must be started.
v The LDAP server must be connected to the System Console and must be started.
v The Gateway database must be connected to the System Console and must be
started.
v The Community Server that the Gateway server connects to must already be
registered with the Console and must be started.
Working from the server that you want to connect with the console, follow these
steps to update properties files and run the registration utility.
During this task you will edit the following files; click the topic titles below to see
details on each file. Use Ctrl+Click to open the topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
4. Update the productConfig.properties file with the following values, and then
save and close the file.
Only the required values in this file are listed here:
Table 46. productConfig.properties settings
InstallType Specify ″Cell″ as the installation type since this is a
non-clustered server.
DepName Provide a descriptive name for your deployment. It must
be a unique deployment name on the Lotus Sametime
System Console.
NodeIP Specify the IP address of the server being registered.
WASAdminPassword Specify the password associated with the WASUserID
LDAPBindPassword Specify the password associated with the LDAPBindDN.
DB2AdminPassword Specify the password associated with the database ID.
CommunityServerHost Specify the fully qualified host name (not the IP address)
of the Community Server registered with the Lotus
Sametime System Console.
CommunityServerPort Specify the port for the Community Server.
After you complete your IBM Lotus Sametime Gateway installation, you can
optionally modify some network configuration settings.
Outgoing SIP messages include a ″Contact″ field, which is used as the return
address for opening a new connection back to the sender. By default, the ″Contact″
value uses the operating system’s own host name address. If you wish, you can
assign the WebSphere Application Server’s host name address to this value instead.
If you do this, WebSphere Application Server stops listening for SIP messages on
all of the available operating system interfaces, and instead listens only on the
interface described by the new return address (its own host name address).
Use the name you specified as the host name when you installed this Lotus
Sametime Gateway server.
7. Click SIP_DEFAULTHOST_SECURE.
8. In the Host field, type the WebSphere Application Server installation’s host
name address, and then click OK.
Specify a fully qualified domain name in this field; for example:
server1.acme.com
Use the name you specified as the host name when you installed this Lotus
Sametime Gateway server.
9. Restart the Lotus Sametime Gateway server.
This optional procedure describes how to you can simulate a Network Address
Translator (NAT) to provide additional security by using two Network Interface
Cards (NICs), one for an internal IP address facing the Sametime community
server, and the other for an external IP address facing the Internet. This procedure
applies to standalone Sametime Gateway deployments only. If you use this
configuration, you must update the default host using the Integrated Solutions
Console.
The procedure applies to single server installations only. If you have a cluster of
Sametime Gateway servers, and you want to set up two Network Interface Cards,
install the NICs on the proxy server node in the cluster. The proxy server node is
smart enough to handle incoming and outgoing addresses on two different IP
addresses without additional configuration.
Before you begin, upgrade existing Lotus Sametime Gateway servers to the current
release before you install new servers.
Except in the case of IBM i, the Lotus Sametime Gateway install wizard deploys
both WebSphere Application Server and the Lotus Sametime Gateway server
application in one installation.
Install the Deployment Manager on its own machine, or on the same machine as
the primary node. Installing the Deployment Manager on the same machine as the
primary node provides the efficiency of multiple Java Virtual Machines and takes
advantage of a fast CPU. If you are installing the Deployment Manager on the
same machine with an existing primary node from a previous release, upgrade the
primary node to the present release before installing the Deployment Manager.
Install WebSphere Application Server before you install Lotus Sametime Gateway.
After you install WebSphere Application Server, you can install more than one
instance of Lotus Sametime Gateway on a single IBM i system.
If WebSphere Application Server V6.1 Network Deployment has been installed for
use by a previous version of Lotus Sametime Gateway, use the procedure for
updating your installation of WebSphere Application Server V6.1 rather than the
steps for a new installation. You need *ALLOBJ and *SECADM authorities to
successfully complete the WebSphere Application Server Network Deployment
installation.
What to do next
Complete these steps to install the Deployment Manager server on IBM i. Install
the Deployment Manager on the same machine as the primary server, or on its
own machine.
Before you begin, create the database schema for Sametime Gateway and then
install the primary node.
Note that there are special naming rules for each node and cell that are part of a
cluster. When installing each node, the node name and the cell name must be
unique across all machines. No two nodes can have the same cell name. Later, when
you federate each node into the cluster, the cell name is automatically changed to
the Deployment Manager’s cell name.
1. From the installation media, copy the Lotus Sametime Gateway installation
image (part_number.exe) to a temporary directory such as /TMP.
2. Extract the contents of part_number.exe to the temporary directory /TMP.
3. Navigate to the folder: /TMP/SametimeGateway.
4. You can run the installer in wizard mode or in console mode. Use the wizard
mode if you are installing from a PC to the IBM i system.
Important: If you are installing on an IPv6–enabled server, you must use the
second option below to install using the console.
v To run the installer in wizard mode, type the following command:
installi5OS.bat
v To run the installer in console mode, perform these steps:
a. Copy the directory /TMP/SametimeGateway to the IFS of the IBM i system.
b. Start a QSHELL session.
c. Navigate to the /TMP/SametimeGateway directory and type the following
command:
install.sh -console
Because your input will not be verified during installation, you should
take extra care when typing values.
5. Select the language to be used for the installation and click OK. The Lotus
Sametime Gateway Welcome screen is displayed.
6. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Please make sure to read the license agreement carefully.
7. Select the appropriate radio button option to accept the license agreement if
you agree with the statement and click Next to proceed with the installation.
If you accepted the terms, the Installation Type dialog is displayed.
8. Select Deployment Manager as the type of installation.
9. Click Next to continue with the installation. The WebSphere Application
Server Configuration dialog is displayed.
10. Type the node name, cell name, host name, profile name, and starting port
value for the WebSphere Application Server as follows:
Option Description
Node Logical name for the node. For example,
acmeNode.
Cell Name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCell.
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Profile name Name of the WebSphere Application Server
profile that will be created and be installed
with the Lotus Sametime Gateway. For
example: STGW_Profile
Starting port IBM i supports running multiple profiles
and instances of WebSphere Application
Server at the same time; to avoid port
conflicts the profile created will not use the
default ports. Select a port range of 50
consecutive unused ports on your system,
and enter the first port number as your
starting port. For example: 10000.
11. Click Next and create a user ID and password for logging into the Integrated
Solutions Console, the administrative interface for managing Lotus Sametime
Gateway. The user ID must not exist in the LDAP directory. Passwords must
not contain accented characters or any of the following characters:
;*!?"/<>|+&'`[]%^
12. Click Next to continue with the installation. The DB2 Database Properties
dialog is displayed.
Option Description
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Schema name The name of the schema you created when
preparing the Lotus Sametime Gateway
environment. For example, STGW.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
14. Click Next to connect to an LDAP server at this time. The LDAP server must
be the same LDAP used by Lotus Sametime.
Option Description
Configure LDAP now Select if you want to set up a connection
between Sametime Gateway and LDAP that
does not need an SSL connection. You will
need to know the host name and port of the
LDAP server.
Configure LDAP after the installation Select this option if you need to set up an
SSL connection with LDAP, or if you do not
know the host name and port number used
by LDAP. If you are installing Lotus
Sametime Gateway outside the firewall and
the LDAP directory is located inside the
firewall, choose this option.
15. Select an LDAP host name from list of Registered host names and ports in
your domain, or select Other and enter a host name or IP address in the Host
name field. The default port number is 389. Click Next.
16. If anonymous access is successful to the LDAP host name, you may have the
option of continuing with anonymous access or changing the access to
authenticated access. If anonymous access is not permitted, you will not have
this option because you must supply a bind distinguished name and
password.
Option Description
Anonymous access Select this option if you don’t need
authenticated access to the LDAP server.
Lotus Sametime Gateway only requires
anonymous access to an LDAP server.
Authenticated access Select this option if your LDAP server
requires authenticated access. You must
provide an authentication identity, including
a bind distinguished name and password
from the LDAP administrator.
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
Install a primary node for a cluster. You can install the primary node and the
Deployment Manager on the same machine. Installing the primary node on the
same machine as the Deployment Manager provides the efficiency of multiple Java
Virtual Machines and takes advantage of a fast CPU. If you are installing the
primary node on the same machine with an existing Deployment Manager from a
previous release, upgrade the Deployment Manager to the present release before
installing the primary node.
To install the primary server on IBM i, you must install WebSphere Application
Server first. After WebSphere Application Server is installed, you can install
multiple instances of Sametime Gateway on the same machine.
Install WebSphere Application Server before you install Lotus Sametime Gateway.
After you install WebSphere Application Server, you can install more than one
instance of Lotus Sametime Gateway on a single IBM i system.
If WebSphere Application Server V6.1 Network Deployment has been installed for
use by a previous version of Lotus Sametime Gateway, use the procedure for
updating your installation of WebSphere Application Server V6.1 rather than the
steps for a new installation. You need *ALLOBJ and *SECADM authorities to
What to do next
Complete these steps to install the primary Sametime Gateway node in a cluster on
IBM i.
Before you begin, install WebSphere Application Server. You need *ALLOBJ and
*SECADM authorities to successfully complete the Lotus Sametime Gateway
installation.
Note that there are special naming rules for each node and cell that are part of a
cluster. When installing each node, the node name and the cell name must be
unique across all machines. No two nodes can have the same cell name. Later, when
you federate each node into the cluster, the cell name is automatically changed to
the Deployment Manager’s cell name.
1. From the installation media, copy the Lotus Sametime Gateway installation
image (part_number.exe) to a temporary directory such as
c:\TMP\SametimeGateway.
2. Extract the contents of part_number.exe to the temporary directory
c:\TMP\SametimeGateway.
3. Navigate to the folder: c:\TMP\SametimeGateway.
4. You can run the installer in wizard mode or in console mode. Use the wizard
mode if you are installing from a PC to the IBM i system.
Important: If you are installing on an IPv6–enabled server, you must use the
second option below to install using the console.
v To run the installer in wizard mode, type the following command:
installi5OS.bat
v To run the installer in console mode, perform these steps:
a. Copy the directory /TMP/SametimeGateway to the IFS of the IBM i system.
b. Start a QSHELL session.
c. Navigate to the /TMP/SametimeGateway directory and type the following
command:
install.sh -console
Because your input will not be verified during installation, you should
take extra care when typing values.
5. Select the language to be used for the installation and click OK. The Lotus
Sametime Gateway Welcome screen is displayed.
Option Description
Node Logical name for the node. For example,
acmeNode.
Cell Name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCell.
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Profile name Name of the WebSphere Application Server
profile that will be created and be installed
with the Lotus Sametime Gateway. For
example: STGW_Profile
Starting port IBM i supports running multiple profiles
and instances of WebSphere Application
Server at the same time; to avoid port
conflicts the profile created will not use the
default ports. Select a port range of 50
consecutive unused ports on your system,
and enter the first port number as your
starting port. For example: 10000.
11. Create a user ID and password to log in to the Integrated Solutions Console,
the administrative interface for managing Lotus Sametime Gateway. Use the
same administrative user ID and password that you created when installing
the Deployment Manager. The user ID must not exist in the LDAP directory.
Passwords must not contain accented characters or any of the following
characters:
;*!?"/<>|+&'`[]%^
12. Click Next to continue with the installation. The DB2 Database Properties
dialog is displayed.
13. Type the required information for DB2 for IBM i as follows:
Option Description
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
14. Click Next to continue with the installation. The Lotus Sametime Gateway
summary dialog is displayed.
15. You can review the installation summary settings and if necessary click Back
to make changes.
16. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating the successful installation of Lotus
Sametime Gateway and WebSphere Application Server.
17. Read the summary and click Finish to complete the installation. To view the
installation log, click View log file or open the log file at
stgw_server_root\logs\installlog.txt
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
After you create the primary node you must add the primary node to the
Deployment Manager’s cell.
Add the primary node to the Deployment Manager’s cell on IBM i. Adding the
primary node to the cell allows a central point of administration for the network
deployment by using the Deployment Manager’s Integrated Solutions Console. You
will not be able log into the primary node’s Integrated Solutions Console after this
step.
What happens when you federate the primary node into the cell?:
When you federate the primary node into the Deployment Manager’s cell, the
primary node’s original configuration is backed up. This means that you can
remove the primary node from the Deployment Manager at a later time, and you
can restore the profile configuration to the state it was in before federation.
The primary node’s scope changes to include the Deployment Manager’s cell.
Before federation, the scope of the RTCGWServer was:
cell:<PrimaryCell>/node:<PrimaryNode>/server:RTCGWServer
When you federate, the Integrated Solutions Console of the primary node is
disabled because you will be using the Integrated Solutions Console from the
Deployment Manager. The primary node inherits all the cell level configuration
data from the Deployment Manager. Any information you can see through the
Deployment Manager’s Integrated Solutions Console is now stored in XML on the
primary node, so it is accessible from any application. The applications that were
installed to RTCGWServer are now included on the RTCGWServer in the
Deployment Manager’s cell. If you attempt to federate another node that contains
these same applications, they are excluded.
Install a secondary node for the cluster. A cluster at a minimum contains a primary
server, a Deployment Manager, and at least one secondary node. Depending upon
your capacity requirements, install secondary nodes as needed.
Note: In this release, a Lotus Sametime Gateway cluster can support only two
nodes.
Install WebSphere Application Server before you install Lotus Sametime Gateway.
After you install WebSphere Application Server, you can install more than one
instance of Lotus Sametime Gateway on a single IBM i system.
If WebSphere Application Server V6.1 Network Deployment has been installed for
use by a previous version of Lotus Sametime Gateway, use the procedure for
updating your installation of WebSphere Application Server V6.1 rather than the
steps for a new installation. You need *ALLOBJ and *SECADM authorities to
successfully complete the WebSphere Application Server Network Deployment
installation.
What to do next
Before you begin, install WebSphere Application Server on the machine. You need
*ALLOBJ and *SECADM authorities to successfully complete the Lotus Sametime
Gateway installation.
Note that there are special naming rules for each node and cell that are part of a
cluster. When installing each node, the node name and the cell name must be
unique across all machines. No two nodes can have the same cell name. Later, when
you federate each node into the cluster, the cell name is automatically changed to
the Deployment Manager’s cell name.
Important: If you are installing on an IPv6–enabled server, you must use the
second option below to install using the console.
v To run the installer in wizard mode, type the following command:
installi5OS.bat
v To run the installer in console mode, perform these steps:
a. Copy the directory /TMP/SametimeGateway to the IFS of the IBM i system.
b. Start a QSHELL session.
c. Navigate to the /TMP/SametimeGateway directory and type the following
command:
install.sh -console
Because your input will not be verified during installation, you should
take extra care when typing values.
5. Select the language to be used for the installation and click OK. The Lotus
Sametime Gateway Welcome screen is displayed.
6. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Please make sure to read the license agreement carefully.
7. Select the appropriate radio button option to accept the license agreement if
you agree with the statement and click Next to proceed with the installation.
If you accepted the terms, the Installation Type dialog is displayed.
8. Select Secondary node as the type of installation.
9. Click Next to continue with the installation. The WebSphere Application
Server Configuration dialog is displayed.
10. Type the node name, cell name, host name, profile name, and starting port
value for the WebSphere Application Server as follows:
Option Description
Node Logical name for the node. For example,
acmeNode.
Cell Name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCell.
11. Create a user ID and password to log in to the Integrated Solutions Console,
the administrative interface for managing Lotus Sametime Gateway. Use the
same administrative user ID and password that you created when installing
the Deployment Manager and primary node. The user ID must not exist in the
LDAP directory. Passwords must not contain accented characters or any of the
following characters:
;*!?"/<>|+&'`[]%^
12. Click Next to continue with the installation. The DB2 Database Properties
dialog is displayed.
13. Type the required information for DB2 for IBM i as follows:
Option Description
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Schema name The name of the schema you created when
preparing the Lotus Sametime Gateway
environment. For example, STGW.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
14. Click Next to continue with the installation. The Lotus Sametime Gateway
summary dialog is displayed.
15. You can review the installation summary settings and if necessary click Back
to make changes.
16. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating the successful installation of Lotus
Sametime Gateway and WebSphere Application Server.
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
In this release, a Lotus Sametime Gateway cluster can support only two nodes: one
Primary Node and one Secondary Node.
Add the secondary node to the Deployment Manager’s cell on IBM i. Adding the
secondary node to the cell allows a central point of administration for the network
deployment by using the Deployment Manager’s Integrated Solutions Console.
What to do next
When you have finished installing and federating secondary nodes into the
Deployment manager, continue with the cluster configuration as instructed in the
topic, “Creating a cluster and proxy servers” on page 167.
Typically, a network deployment contains one node per physical computer. This is
not a requirement. Nodes are logical groupings of application servers, so you can
have more than one node installed on a physical system. For performance reasons,
most installations have only one cluster member per node, since each cluster
member creates its own JVM footprint.
In a network deployment, all nodes are federated into the deployment manager’s
cell. This allows the deployment manager to do its purpose in life- Manage the
Deployment. A Deployment Manager is nothing more than a node that is
responsible for administering a cell. In Lotus Sametime Gateway, the only things
configured on the Deployment Manager node are a few minor cell level attributes,
and the Lotus Sametime Gateway administrative portlet plugin extensions. Lotus
Sametime Gateway application files all run on the cluster member application
servers.
The primary node is basically the same thing as a standalone node installation,
minus a few cell level configurations that will be trumped by the Deployment
Manager’s configuration. The primary node contains all the applications and
WebSphere Application Server components that are required to run Lotus
Sametime Gateway. When you install a primary node, you create a server instance
called RTCGWServer. This server instance is cloned for use with all secondary
nodes across the cluster. There can only be one primary Lotus Sametime Gateway
node installed in any network deployment, because applications can only be added
to the cell from one node. In the Lotus Sametime Gateway network deployment,
the primary node also configures the database server.
The secondary nodes are WebSphere Application Server placeholders that can run
additional cluster members (servers created as clones of the primary server). When
you install a secondary node for Lotus Sametime Gateway, the installation creates a
node and default server instance, as well as some node level WebSphere
Chapter 3. Installing 359
Application Server attributes such as data sources, WebSphere variables, and
shared library definitions. A network deployment of Lotus Sametime Gateway can
contain as many secondary nodes as your environment needs.
Create a Sametime Gateway cluster, install proxy servers, and then configure the
proxy servers to use the cluster. Set up node replication only if you need high
availability and failover, and then start the cluster.
Starting a cluster involves starting the Deployment Manager, starting the node
agents on all the nodes, and then starting the servers, including the proxy servers,
on each node.
Create a new cluster of IBM Lotus Lotus Sametime Gateway servers by running
the Cluster Configuration Wizard. If you are upgrading an existing Lotus
Sametime Gateway cluster, you must still complete this task because you removed
the cluster before upgrading the nodes.
Expected state: the Deployment Manager is running and nodes are stopped.
The instructions that follow describe steps for setting up a horizontal cluster, the
most common cluster configuration. The Primary Node already has the primary
server installed, so no additional server is needed on that computer. To add servers
to the horizontal cluster, create one cluster member for each secondary node
(computer).
Note: To run this program in console mode (instead of using the graphical
interface), add the -console argument to the command line; for example:
configwizard.bat -console
2. View the Welcome page and click Next.
3. For a Secondary Node, do the following:
a. Select the Secondary Node from the Node drop down list and type a
unique name in the Server Name field.
b. Click Add Member.
If you have not already opened the Connect to DB2 Databases activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary or use the setting
specified for the Administrative console secure port in the AboutThisProfile.txt
file. For the Sametime System Console Deployment Manager Profile
(STSCDmgrProfile), the file is located in the following path:
/QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDmgrProfile/logs/AboutThisProfile.txt
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Prerequisites → Connect to DB2 Databases.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This activity takes you through the steps for connecting to the Meeting Server or
Gateway database you created.
AIX, Linux, Solaris, Windows: Ensure that IBM DB2 has been installed and that
you have created the Sametime Meeting Server or Gateway database.
IBM i: Ensure that you have created the required database schemas and tables.
In the Connect to DB2 Databases portlet, verify that the Lotus Sametime System
Console database you created earlier is already displayed in the list of databases.
Follow these steps to connect to the Meeting Server or Gateway database. You
must do this before you can install the Meeting Server using the Sametime System
Console. If you installed the server without using the System Console (as is the
case with the Sametime Meeting Server on IBM i and Sametime Gateway on any
The Common Event Infrastructure data source must be manually created on IBM i
after running the configuration wizard to create a Sametime Gateway cluster. These
steps apply to clustered deployments only.
Expected state: the Deployment Manager is running and nodes are stopped.
SIP and XMPP proxy servers act as the initial point of entry for messages that flow
into and out of the enterprise. While you can install these proxy servers on an IBM
Lotus Sametime Gateway node, it is recommended that you install them on a
separate machine to isolate the proxy processing from the Lotus Sametime
Gateway cluster.
Expected state: DB2, LDAP, and Sametime Gateway servers are installed.
For network security, IBM recommends that you install the XMPP and SIP proxy
server node and the Sametime Gateway cluster in the network DMZ. Installing the
SIP proxy in the DMZ by itself is not a supported configuration because it places a
firewall device between that server and the Sametime Gateway cluster. All of these
components should be able to communicate freely which each other without
traversing through a firewall device.
Note: If you are upgrading from a previous version of Lotus Sametime Gateway,
you already have a SIP proxy server. If the SIP proxy server is on an existing
primary or secondary node, there is no need to upgrade the SIP proxy server.
However, if your SIP proxy server is installed on its own node, you must upgrade
WebSphere Application Server on that node to version 6.1.0.11. If you want your
cluster to be able to access Google Talk or other XMPP users, you must install an
XMPP proxy server.
The SIP and XMPP proxy servers are the first point of contact, after the firewall,
for messages that flow into and out your enterprise. To set up a Sametime
Gateway deployment, install a SIP and XMPP proxy server on its own node.
Before you begin, WebSphere Application Server must be installed. You need
*ALLOBJ and *SECADM authorities to successfully complete the WebSphere
Application Server Network Deployment installation.
11. Type the administrative user ID and password used to log in to the Integrated
Solutions Console, the administrative interface for managing Lotus Sametime
Gateway. Use the same user ID and password that you created when you
installed the Deployment Manager. The user ID must not exist in the LDAP
directory. Click Next.
12. Click Next to see the installation summary. You can review the installation
summary settings and, if necessary, click Back to make changes.
13. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating a successful installation.
14. Read the summary and click Finish to complete the installation. To view the
installation log, click View log file or open the log file at
stgw_server_root/logs/installlog.txt
Note: If you start the SIPProxyServer instance now and log into the Integrated
Solutions Console, you cannot view the SIPProxyServer instance. After you
federate the node in the next procedure, you then see the SIPProxyServer instance.
Proxy servers:
A proxy server acts as a surrogate for the Lotus Sametime Gateway servers within
the enterprise. The node that hosts the XMPP or SIP proxy server hosts the public
XMPP or SIP domain of the enterprise. The SIP proxy is capable of securing the
transport, using secure sockets layer (SSL), and the content, using various
authentication and authorization schemes.
A SIP proxy server facilitates automatic load balancing, affinity matching, and
failover for a cluster of Lotus Sametime Gateway servers. It’s also the preferred
place to configure the connection settings for external domains, since it directly
manages all such connections when in use. You must set up a cluster with at least
one node before creating a SIP proxy server. You can run a SIP proxy server on an
Lotus Sametime Gateway server node, or create a separate node, on which Lotus
Sametime Gateway is not installed, to be the SIP proxy server node.
After you set up a Lotus Sametime Gateway cluster and a SIP proxy server, you
can add external communities to Lotus Sametime Gateway. Lotus Sametime
Gateway prompts you for the relevant connection settings (host name, port
number, transport protocol), and then creates the SIP Uniform Resource Indicator
(URI). The SIP URI is sent to the SIP container in WebSphere Application Server
which sends it to the SIP proxy server to route the request to the appropriate
destination. There is no need to set the domain, host, port, or transport protocol in
the SIP proxy server as all this information is set in Lotus Sametime Gateway.
You can set up multiple proxy servers for load balancing, better Web response, and
high availability. WebSphere Application Server does not support the clustering of
SIP or XMPP proxy servers, but you can set up more than one proxy server in
front of an Lotus Sametime Gateway cluster. This configuration provides multiple
entry points into the Lotus Sametime Gateway cluster while providing workload
balancing. Multiple proxy server can be fronted by a simple IP sprayer, such as the
SIP Load Balancer component included in WebSphere Application Server that
handles IP spraying to multiple proxy servers. If a proxy server fails, the affinity is
to the container and not to the proxy itself so there is one less potential failure
along the message flow.
After you install the SIP and XMPP proxy server node, you must federate the node
into the Deployment Manager’s cell so that the proxy server becomes part of the
cluster.
To federate or add the proxy server node into the cell, you run the addnode
command on the proxy server node and specify the hostname of the Deployment
Manager.
1. Log into the proxy server node’s operating system.
2. IBM i only: On the command line, run the STRQSH (Start Qshell) command.
3. Synchronize the system clocks on the Deployment Manager and the proxy node
so that they are within five minutes of one another and are set for the same
time zone.
Federation fails if the clocks are not synchronized within five minutes of each
other.
4. On the proxy server node, open a command window and navigate to the
stgw_profile_root\bin directory.
5. IBM i only: Run the following command to obtain the
SOAP_CONNECTOR_ADDRESS port number. Make a note of the port number
as you will need it to add nodes to the cluster:
dspwasinst
6. Run the following command to add the proxy server node to the Deployment
Manager’s cell:
AIX, Linux, and Solaris:
./addNode.sh DM_server_host_name DM_port_number -includeapps
Windows
addNode.bat DM_hostname DM_port_number -includeapps
IBM i:
addNode DM_server_host_name DM_SOAP_port -username WAS_Admin_user_name_on_DM
-password WAS_Admin_password_on_DM
where:
v DM_server_host_name is the resolvable host name of the Deployment
Manager.
v DM_SOAP_portis the port that the Deployment Manager’s SOAP port is
listening on.
v WAS_Admin_user_name_on_DM is the user ID of the WebSphere Application
Server administrator account on the Deployment Manager.
v WAS_Admin_password_on_DM is the password associated with the
WebSphere Application Server administrator account.
For example:
addNode gateway_dm.acme.com 8879 -includeapps -username wasadmin -password waspassword
7. When prompted, provide the Deployment Manager’s administrative user ID
and password. Wait for the operation to complete before proceeding. Look for a
success message similar to the following when complete:
Node MyProxyNode has been successfully federated.
8. Verify that the proxy servers are installed correctly:
a. Log into the Integrated Solutions Console (http://localhost:9060/ibm/
console).
If you already logged in, you must log out and then log in again before you
can see changes.
b. Click Servers → Proxy servers. You should see the SIP proxy server.
Configure the Session Initiation Protocol (SIP) proxy server for a cluster of IBM
Lotus Sametime Gateway servers. There is no need to configure external domains
in the SIP proxy server; this is done through the Lotus Sametime Gateway
configuration.
Set up a cluster with at least one secondary node and install the SIP and XMPP
proxy servers on the same physical hardware as a Deployment Manager, primary
node, or secondary node, or install the proxy servers on separate hardware. The
SIP and XMPP installation creates a new profile for the SIP and XMPP proxy
servers.
After you finish setting up a SIP proxy server, you’ll have a port number. You
provide the port number in combination with the domain name of the node on
which the SIP proxy server runs to external servers to connect to your Lotus
Sametime Gateway.
Assigning the SIP proxy to work with the Lotus Sametime Gateway cluster:
Assign the SIP proxy server to function with the IBM Lotus Sametime Gateway
cluster.
1. In the Integrated Solutions Console, click Server Types → WebSphere proxy
servers.
2. In the ″WebSphere proxy servers″ page, click the SIPProxyServer link
corresponding to the proxy server you want to update.
3. Click SIP Proxy server settings → SIP Proxy settings.
4. From the drop down list, select the Lotus Lotus Sametime Gateway cluster.
5. Click OK then click Save, and then click OK again.
Configuring the SIP Proxy server to listen on ports 5060 and 5061:
Configure the IBM Lotus Sametime Gateway cluster’s SIP Proxy server to listen on
ports 5060 and 5061.
Public instant messaging providers require you to accept connections on ports 5060
and 5061, so you will need to confirm that the SIP Proxy server’s host name is
resolvable and is listening on these ports. If the cluster’s SIP Proxy server is
installed on a node that is already hosting Lotus Sametime Gateway, and the SIP
Proxy server is not already listening on ports 5060 and 5061, reconfigure the port
settings as follows:
1. Determine which ports the SIP Proxy server is currently listening on:
Define custom properties that will instruct the SIP proxy server to return ″503
Service Unavailable″ when the server is down, rather than the default error ″404
Page not found.″
Create two custom properties for the new SIP Proxy server as follows:
The new properties will instruct the SIP Proxy server to return ″503 Service
Unavailable″ when the server is down, rather than the default error ″404 Page not
found.″
1. In the Integrated Solutions Console, click Servers → Proxy Servers →
your_new_SIP_proxy.
2. Click SIP Proxy server settings → SIP Proxy settings → Custom properties.
3. Click New, enter the following information, and then click OK.
Name lsnLookupFailureReasonPhrase
Value Service Unavailable
4. Click New, enter the following information, and then click OK.
Name lsnLookupFailureResponseCode
Value 503
5. Click Save.
Tune the JVM garbage collection policy for the SIP proxy server as follows:
1. In the Integrated Solutions Console, click Servers → Proxy Servers →
SIPProxyServer.
2. Perform the following instructions for each of the sip proxies in the list:
a. Select a proxy server by clicking it in the list.
Configuring the Gateway cluster and SIP proxy for a NAT environment:
Traversing a NAT environment is known issue in the SIP domain. There are several
ways to solve this issue, while some of them have been formed as IETF standard
(RPORT, STUN and ICE), others have been formed as proprietary solutions. So
what is the problem? Some of the SIP communication parameters contain the Fully
Qualified DNS Name (FQDN) or the IP address, and the port, but a SIP device
deployed in a NAT environment does not know how it will be seen from the
internet because the NAT device translates the IP address. The SIP message will
contain IP address and port – which are not accessible from the internet. There are
several paradigms to solve this issue:
v SIP Friendly NAT device – NAT devices that can analyze a SIP message and
then replace the IP address and ports listed inside of it. This solution does not
support encrypted SIP communication such as TLS.
v IETF Standard – a method using a standardized protocol such as RPORT, STUN,
or ICE.
Currently, the IBM WebSphere SIP infrastructure does not provide a solution to
this problem because it does not support any of the IETF standards. Therefore, any
SIP application deployed on WebSphere has to develop its own solution. The
solution provided here assumes that you have the following elements in your
deployment:
v A clustered environment, with one ore more clustered servers.
v A SIP proxy server federated to the cluster.
v All cluster members (including the SIP proxy server) are deployed within the
same subnet.
v A static NAT is defined in the NAT or firewall; the public IP address should be
mapped to the SIP proxy server’s internal IP address.
The following diagram illustrates the NAT environment that this solution was
designed for:
Configure the XMPP proxy server to allow Google Talk, and other XMPP-based
instant messaging systems to flow to and from the Sametime Gateway.
Expected state: the SIP and XMPP proxy server node is installed and federated into
the cell. A Sametime cluster has been installed. The Deployment Manager is
started.
1. On the Deployment Manager node, log into the Integrated Solutions Console.
2. Click Servers → Application Servers and select the XMPPProxyServer from
the list.
3. Click Ports.
4. Click New to add a port.
5. Select User-defined Port .
6. Type XMPP_INTERNAL_PORT in the Specify port name field.
Name Value
STGW_CLUSTER_NAME SametimeGatewayCluster
XMPP_PROXY_NODENAME XMPP proxy node name
XMPP_PROXY_SERVERNAME XMPPProxyServer
13. Click Apply and Save after you type each pair. When you are done, you will
have a table that looks something like this:
This optional procedure sets up node replication to provide high availability and
failover support for the cluster. If one member of the cluster goes down, other
nodes can continue to process the SIP request. Use this procedure only if you
require high availability and failover support.
Before you begin, you must install IBM Lotus Sametime Gateway on each node,
add the nodes to a cluster, and then start the cluster and the SIP proxy server.
Starting a cluster:
When starting a cluster for the first time, you must start the Deployment Manager,
node agents, and then all Lotus Sametime Gateway servers in the cluster.
Before begin these steps, you must install Lotus Sametime Gateway on each node,
federate the nodes into the cell, run the Cluster Configuration Wizard, and then set
up SIP and XMPP proxy servers for your cluster.
In the steps that follow, you start the Deployment Manager in a command window
so that you can log in to the Integrated Solutions Console and complete the
remaining steps. After the Deployment Manager is started, you can view the
Integrated Solutions Console pages. However, you cannot view the Lotus
Sametime Gateway administration pages until you start at least one node agent
and the Lotus Sametime Gateway server on that node.
1. Log in to the Deployment Manager node as a user with administrative
privileges.
2. Open a command window (QShell session on IBM i) and navigate to the
stgw_profile_root\bin directory
3. If not already started, start the Deployment Manager with the following
command:
AIX, Linux, and Solaris
./startManager.sh
Windows
startManager.bat
IBM i
startManager
4. Log in to one of the Lotus Sametime Gateway nodes.
5. Open a command window (QShell session on IBM i) and navigate to the
stgw_profile_root\bin directory.
6. Start the node agent with the following command.
AIX, Linux, and Solaris
./startNode.sh
This topic describes how to stop and start the Deployment Manager.
1. Log in to the Deployment Manager node as a user with administrative
privileges.
2. Open a command window (QShell session on IBM i) and navigate to the
stgw_profile_root\bin directory
3. Stop the Deployment Manager. Use the administrative user ID and password
that you created when you installed the Deployment Manager. Note that you
do not have to provide the username and password qualifiers in the command;
you can wait to be prompted and then enter your credentials. Type the
following commands:
AIX, Linux, and Solaris
./stopManager.sh -username username -password password
./startManager.sh
Windows
stopManager.bat -username username -password password
startManager.bat
IBM i
stopManager -username username -password password
startManager
This topic describes how to stop and start the node agents. Typically, you stop and
start node a node agent by logging onto a node and running the stop node or start
node command. However, for convenience, you can restart all node agents from
the Deployment Manager node by using the Integrated Solutions Console only if
the node agents are running. If they are stopped, you must start the node agents
from nodes themselves.
1. Log in to one of the Lotus Sametime Gateway nodes.
2. Open a command window (QShell session on IBM i) and navigate to the
stgw_profile_root\bin directory.
3. Stop the node agent with the following command:
AIX, Linux, and Solaris
./stopNode.sh
Windows
stopNode.bat
IBM i
stopNode
4. Start the node agent with the following command.
AIX, Linux, and Solaris
./startNode.sh
Windows
Complete these steps to stop and start a cluster of Sametime Gateway servers from
the Integrated Solutions Console.
Expected state: the Deployment Manager, node agents, and all servers in the
cluster are started.
You must restart the cluster when you add, delete, or change a community.
1. Log into the Integrated Solutions Console (http://localhost:9060/ibm/console)
on the Deployment Manager server as a user with administrative privileges.
2. Click Servers → Clusters.
3. Select the Lotus Sametime Gateway cluster, and click Stop, and wait for the
cluster to stop.
4. Click Servers → Clusters.
5. Select the Lotus Sametime Gateway cluster, and click Start.
6. Click Servers → Proxy servers.
7. Select the SIP proxy server and click Start if it is not already started.
8. Click Servers → Application servers.
9. Select the XMPP proxy server and click Start if it is not already started.
This topic describes how to stop or start individual servers or nodes in a cluster.
1. Log into the Integrated Solutions Console (http://localhost:9060/ibm/console)
on the Deployment Manager server as a user with administrative privileges.
2. Click Servers → Application Servers .
3. If you want to stop a server, select the application server’s check box and click
Stop.
4. If you want to start a server, select the application server’s check box and click
Start.
Complete these steps to stop and start a single Sametime Gateway server in a
single server environment.
The XMPP and SIP proxy server node is different from other Sametime Gateway
node installation types in that it contains more than one server. Based on the type
of traffic you expect to have in your environment (SIP or XMPP), you can start or
stop the appropriate proxy server instance on the node. This removes the need to
define a proxy server for each type of protocol. If you require the XMPP proxy
functionality only, then start the XMPPProxyServer only. If you need SIP proxy
functionality only, then start the SIPProxyServer only. If you need both, start both.
Before you start the SIP and XMPP proxy servers, you must add nodes to the
cluster, create the cluster, set up a SIP and XMPP proxy server, and then start the
cluster.
1. On the Deployment Manager node, log in to the Integrated Solutions Console.
2. Choose Servers → Clusters.
3. Verify that the cluster status is Started (shown with a green arrow).
4. Click Servers → Proxy servers.
5. Select the SIP proxy server and click Start.
6. Choose Servers → Applications servers.
After installing the IBM Lotus Sametime Gateway cluster on IBM i, register it with
the Lotus Sametime System Console, which allows you to manage all Lotus
Sametime servers from a central location.
Before you register the cluster, verify that you have completed the following tasks,
which are described in the Installing on IBM i section of this information center.
v The Lotus Sametime System Console must be started.
v The LDAP server must be connected to the System Console and must be started.
v The Gateway database must be connected to the System Console and must be
started.
v The Community Server that the Gateway server connects to must already be
registered with the Console and must be started.
Working from the Deployment Manager, follow these steps to update properties
files and run the registration utility to register the cluster with the console.
Note: Run this utility only on the Deployment Manager; do not register individual
nodes because they will be registered automatically during the cluster registration.
During this task you will edit the following files; click the file names below to see
details. You may want to open the topic in a new browser tab or window so you
can keep it open for reference:
v console.properties
v productConfig.properties
1. Working on the Deployment Manager, navigate to the console directory:
/qibm/userdata/STGateway/ProfileName/console
Where the ProfileName is the one you specified when you installed the Gateway.
Note: If the Primary Node is installed on the same server as the Deployment
Manager, make sure you are working in the Deployment Manager’s profile.
2. Make backup copies (using different names) of the console.properties and
productConfig.properties files.
3. Update the Deployment Manager’s console.properties file:
a. Open the file for editing.
b. Update the file with the following values:
Table 48. console.properties settings for the Deployment Manager
SSCHostName Provide the fully qualified host name of the Lotus
Sametime System Console server.
c. Verify that the remaining settings are appropriate for the Deployment
Manager.
d. Save and close the file.
4. Update the Deployment Manager’s productConfig.properties file:
a. Open the file for editing.
b. Update the file with the following values:
Only the required values in this file are listed here:
Table 49. configProduct.properties settings for the Deployment Manager
DepName Provide a descriptive name for your deployment. It must
be a unique deployment name on the Lotus Sametime
System Console.
WASAdminPassword Specify the password associated with the WASUserID
LDAPBindPassword Specify the password associated with the LDAPBindDN.
DB2AdminPassword Specify the password associated with the database ID.
CommunityServerHost Specify the fully qualified host name (not the IP address)
of the Community Server registered with the Lotus
Sametime System Console.
CommunityServerPort Specify the port for the Community Server.
c. Verify that the remaining settings are appropriate for the Deployment
Manager.
d. Save and close the file.
5. Update the Primary Node’s productConfig.properties file on the Deployment
Manager server:
a. Navigate to the /qibm/userdata/STGateway/IBM/WebSphere/AppServer/V7/
profiles/DMProfile/config/cells/DMCell/nodes/PNnode directory.
IBM Lotus Sametime Gateway can be installed silently using a response file. You
can either generate your own response file by installing using the install wizard, or
by editing the default response file that is provided.
IBM Lotus Sametime Gateway can be installed silently using a response file. You
can either generate your own response file by installing using the install wizard, or
by editing the default response file that is provided.
A response file is a text file that contains all the options that would normally be
specified in the installation dialogs. Silent installation is useful in situations where
automation is desired.
To perform a silent installation, you have to create a new response file or edit the
existing response file that is included with the product. On the root of the Lotus
Sametime Gateway installation CD is a fully-documented response
file: installresponse.txt. Copy this file to the machine and edit it with values
appropriate for your environment, or complete the following steps to create a
response file based on a real installation.
1. From the installation media, copy and unzip the following Lotus Sametime
Gateway installation image to a temporary directory /TMP on the machine
where you will be installing Lotus Sametime Gateway:
C17KCML.exe
Results
Upon completion of the installation, control will return to the command window.
Validation or installation errors are logged to the installation log file.
Note: Generating response files using the -options-record option puts clear text
passwords in the response file.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
Community Server trusts these components when they establish a connection, you
must add the trusted server’s IP address to the Lotus Sametime Community
Server.
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
Troubleshooting installation:
These steps help you troubleshoot installation problems by describing how you can
use a different tables pace name for the database and how you can clean your
system of previous installations.
Many installation problems are caused when the installer cannot locate the
database or when installing a new instance of Sametime Gateway and a previous
installation has not been completely removed from the system. The following steps
describe how to use a different table space in the database or clean your system of
previous installations.
1. Open the installation log file at stgw_server_root\logs\installlog.txt
Where tableSpaceName is the name of the table space that you want the installer
to use.
3. To clean your system of previous installations, use the log to find the location
of the Install Shield Multiplatform (ISMP) database called the Vital Product
Database (VPD). For example, examine this log entry from Windows (formatted
to fit on the page):
(Nov 24, 2007 2:22:22 PM), stGwInstall,
com.ibm.rtc.gateway.install.CheckVPDRegistry, msg1,
using VPD registry at C:\Program Files\Common
Files\InstallShield\Universal\common\Gen2\_vpddb\vpd
The location of this registry varies from system to system. On windows, VPD is
usually found in the \Program Files\Common Files\InstallShield\Universal\
common\Gen2 folder. If a Sametime Gateway server is uninstalled, but an error
occurs and the product is not unregistered, the VPD shows that Sametime
Gateway is installed on the system. When a new installation is initiated, and a
previously installed Sametime Gateway server is detected, the installer prompts
you to upgrade or install a new version, or the installer forces you to install a
Deployment Manager server or a Primary Server on the same system. None of
these scenarios are desired because there are no Sametime Gateway servers
installed on the system.
4. Back up the Gen2 folder. Note that the VPD registry may be used by other
programs that are installed with InstallShield, so removing this registry may
interfere with other programs. It’s recommended that you do not remove the
Gen2 folder unless absolutely necessary.
5. Remove the original Gen2 folder.
6. If installing on Windows, delete the following left over files:
C:\Windows\.nifregistry
C:\Windows\vpd.properties
7. Start the installation again.
Configuring LDAP
Configure Sametime Gateway to use the LDAP directory used by the local
Sametime environment. If you did not connect to LDAP when you installed
Sametime Gateway, or you did connect to LDAP but now want to create a secure
connection, use these procedures. Sametime Gateway must look up names and
groups in the LDAP directory to grant users and groups access to external
communities.
Use Lotus Sametime Gateway with virtually any LDAP directory that is supported
by Lotus Sametime and the WebSphere Application Server environment. Lotus
Sametime Gateway deployment does not require changes to existing directory
structures. It’s recommended that you configure the same LDAP directory that is
used by the Sametime community server. You can use a separate LDAP directory,
but information between the two LDAP directories must be replicated and
identical.
Be sure to read the first topic below before setting up your LDAP directory:
Lotus Sametime Gateway works with the LDAP user registry used by your local
Sametime community so that you can assign local users permission to access
members in external and clearinghouse communities. For local users to chat with
and share presence with a member of an external community, two events must
happen: you must assign the local user to the external community and the external
community administrator must assign the external community member access to
your Sametime community.
You can use Lotus Sametime Gateway with virtually any LDAP directory that is
supported by Lotus Sametime or the WebSphere Application Server environment.
Lotus Sametime Gateway deployment does not require changes to existing
directory structures. When you configure WebSphere Application Server to use an
LDAP user registry, you are identifying to Lotus Sametime Gateway the LDAP
directory that houses members of the local Sametime community. As an
administrator, you look up names and groups in the LDAP directory and assign
them capabilities when accessing an external community.
Using LDAP, you can assign users and group to capabilities such as instant
messaging or presence or both when assigning users and groups access to an
external community. Lotus Sametime Gateway displays group names, user names
(short names), and user e-mail addresses. Groups do not have e-mail addresses.
When you assign a local user from your LDAP directory access to an external
community, you provide, at the local level, permission for that local user to
exchange instant messages with potentially all members of an external community.
You cannot give the user permission to subscribe to some members of the external
community because you cannot control who in the external community has access
to the local user. If the administrator in an external community assigns all
members in the external directory access to your local community, your local
Sametime user can subscribe to all members of the external community and all
external community members can subscribe to your user.
As an administrator, you cannot set access for external users because there is no
way for you to configure access in external directories. External users can only
have instant messaging and presence with the members of your local community
for whom you have assigned access. The only people who can be subscribed to by
external users are the users and groups who have been granted access by you.
For example, if local user John has not been granted access to external community,
and external user Mary subscribes to John’s presence, Mary will never receive a
response because local user John does not have the rights to send a response. Any
subscription requests from an external user is blocked by the Lotus Sametime
IBM Lotus Sametime Gateway requires that IBM WebSphere Application Server be
configured to use a Lightweight Directory Access Protocol (LDAP) user registry
that contains members of the local Sametime community. Complete the following
steps if you did not create a connection to LDAP at installation, or you completed
a connection to LDAP but want to secure that connection over SSL.
Where username is the administrative user ID that you use to log into the
Integrated Solutions Console. You created this user ID when you installed
Lotus Sametime Gateway. For example:
wsadmin -username wasadmin -password gateway4u -f rtcgw_vmm.jacl
35. Stop and then restart the Lotus Sametime Gateway server:
a. Navigate to the directory that contains binaries: rtcgw_profile_root\bin
b. Type the following commands, depending on your operating system, to
stop and then start Lotus Sametime Gateway. You must use the user name
and password that you provided when you enabled administrative
security to stop the server. Wait for the stopserver command to finish
before executing the startserver command. Note that RTCGWServer is
case-sensitive.
AIX, Linux, and Solaris
./stopServer.sh RTCGWServer -username username -password password
./startServer.sh RTCGWServer
Windows
stopServer.bat RTCGWServer -username username -password password
startServer.bat RTCGWServer
IBM i
stopServer RTCGWServer -username username -password password
startServer RTCGWServer
36. The remaining optional steps apply to an LDAP server that is not a Domino
LDAP directory. By default, Sametime uses mail as the attribute in an LDAP
record to search for users. If your LDAP directory uses a different attribute,
you can change Sametime to use that attribute instead. For example, if you
want to change Sametime to instead use the attribute displayName, complete
the following steps:
a. Use a Lotus Notes client on the Sametime server to open the Sametime
Configuration database (stconfig.nsf).
b. Click File → Database → Open and select the Local server.
c. Select the Sametime Configuration database (stconfig.nsf).
d. Click Open.
e. In the right pane of the Configuration database, locate the LDAP server
entry in the Form Name column of the Configuration.
"Attribute of the person entry that defines the person's e-mail address" mail
rtcgw_profile_root\config\cells\<cell_name>\wim\config\wimconfig.xml
The IBM Lotus Sametime Gateway requires that IBM WebSphere Application
Server be configured to use the Lightweight Director Access Protocol (LDAP) user
registry that contains members of the local Sametime community. These steps
include information for setting up a connection to LDAP using a self-signed
certificate. Complete the following steps if you did not create a connection to
LDAP at installation, or you completed a connection to LDAP but want to secure
that connection over SSL.
Expected state: the Deployment Manager and node agents are started. The servers
are stopped. Administrative security is enabled.
1. Log in to the Deployment Manager node as a user with administrative
privileges. Make sure you have an enterprise LDAP server that contains
members of the local Sametime community and the LDAP server is running.
Where username is the administrative user ID that you use to log into the
Integrated Solutions Console. You created this user ID when you installed
Lotus Sametime Gateway. For example:
wsadmin -username wasadmin -password gateway4u -f rtcgw_vmm.jacl
40. In the DB2 window on the Deployment Manager node, stop the Deployment
Manager and wait for the command to finish, and then restart the
"Attribute of the person entry that defines the person's e-mail address" mail
j. Save your changes and then restart the Domino server.
k. On the Lotus Sametime Gateway server that is connected to LDAP, use a
text editor and open the following file:
app_server_root\profiles\RTCGW_Profile
\config\cells\<cell_name>\wim\config\wimconfig.xml
Results
Follow these steps to download the update package and install the IBM Update
Installer, which is needed for installed software updates for WebSphere Application
Server. Extract the packages and run the Update Installer install program from the
workstation that you download the update package to. The Update Installer will
be remotely installed to your IBM i system.
1. Log in with the same user account used to install the Sametime software.
2. On the local system, create a directory to store the update files, such as
stwas_fixes.
3. Download the IBM Update Installer package if you have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
To perform these steps, you must have already installed the WebSphere
Application Server Update Installer.
Follow these steps to install the WebSphere Application Server software updates
required for Sametime 8.5 servers as outlined in the Technote on the IBM Support
Site.
http://www.ibm.com/support/docview.wss?rs=477&uid=swg21415822
System requirements for this release of the Lotus Sametime family of products is
maintained as an IBM Technote at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=swg27016451
1. Download the WebSphere Application Server updates package if you have not
already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Results
To verify which updates have been installed, run the versionInfo command from
the app_server_root/bin directory.
The command creates a text file that lists all the WebSphere Application Server
updates that have been installed on the system.
Related tasks
“Installing the WebSphere Application Server Update Installer on IBM i” on page
397
Use the WebSphere Application Server Update Installer to add required software
updates.
For example, these optional features are not installed by default; to make them
available to your users, you must either update existing clients or customize the
installation package for new clients.
v Microsoft Office Integration features
v E-mail Integration features
v Spell checker dictionaries
Note: Microsoft Office Integration features are available only for clients running on
Windows.
The administrator decides which features to make available to clients, and which
method to use for installing the client. The following sections explain the available
options in more detail.
IBM Lotus Sametime ships with optional client features that you can add to the
default client installations, including Microsoft Office Integration features on
Microsoft Windows clients, E-mail Integration Features, and Spell Checker
Dictionaries.
The install.xml is the installation manifest, which lists all features shipped with
IBM Lotus Sametime Connect. When you uncomment the optional features in the
list, they become part of the base client install package. You can edit the
install.xml file for installations from a CD, a downloadable image, or from a link
on the Sametime Welcome page.
Original
This example shows the default settings, in which six Microsoft Office Integration
features and two other optional features are commented out. The commented
section begins with <!-- and ends with -->
Note: The lines below have been formatted for readability because it is important
to move entire feature statements.
<!--
The following Sametime features are optional, and may be uncommented in order to be deployed.
<feature id="com.ibm.collaboration.realtime.exchange.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="315"
size="315" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.notes.connector.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="123"
Now the Microsoft Office Integration features have been moved outside of the
comment, so they will install automatically. The remaining optional features are
still commented out and will not be installed.
<feature id="com.ibm.collaboration.realtime.exchange.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="315"
size="315" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.sharepoint.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3833"
size="3833" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.smarttags.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="5685"
size="5685" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.standalone.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7"
size="7" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.toolbar.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="4302"
size="4302" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.webConfTab.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3048"
size="3048" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<!--
The following Sametime features are optional, and may be uncommented in order to be deployed.
<feature id="com.ibm.collaboration.realtime.notes.connector.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="123"
size="123" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.notes.connector.standalone.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7" size="7"
action="install" shared="true" mergeaction="add" url="${installer.root}"/>
-->
IBM Lotus Sametime ships with optional client features that you can add to the
default client installations, including Microsoft Office Integration features on
Microsoft Windows clients, E-mail Integration Features, and Spell Checker
Dictionaries. You can customize the installation package and then create an archive
zip file that you post on your Sametime Welcome page for users to download.
Complete these tasks to create a customized install.xml file and post it for users
to download using a link on the Sametime Welcome page:
IBM Lotus Sametime ships with optional client features that you can add to the
default client installations, including Microsoft Office Integration features on
Microsoft Windows clients, E-mail Integration Features, and Spell Checker
Dictionaries. You can customize the installation package and then create an archive
zip file that you post on your Sametime Welcome page for users to download.
The install.xml is the installation manifest, which lists all features shipped with
IBM Lotus Sametime Connect. When you uncomment the optional features in the
Original
This example shows the default settings, in which six Microsoft Office Integration
features and two other optional features are commented out. The commented
section begins with <!-- and ends with -->
Note: The lines below have been formatted for readability because it is important
to move entire feature statements.
<!--
The following Sametime features are optional, and may be uncommented in order to be deployed.
<feature id="com.ibm.collaboration.realtime.exchange.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="315"
size="315" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.notes.connector.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="123"
size="123" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.notes.connector.standalone.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7" size="7"
action="install" shared="true" mergeaction="add" url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.sharepoint.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3833"
size="3833" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.smarttags.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="5685"
size="5685" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.standalone.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7"
size="7" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.toolbar.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="4302"
size="4302" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.webConfTab.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3048"
size="3048" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
-->
Now the Microsoft Office Integration features have been moved outside of the
comment, so they will install automatically. The remaining optional features are
still commented out and will not be installed.
<feature id="com.ibm.collaboration.realtime.exchange.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="315"
size="315" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.sharepoint.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3833"
size="3833" action="install" shared="true" mergeaction="add"
url="${installer.root}"/>
<feature id="com.ibm.collaboration.realtime.oi.smarttags.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="5685"
size="5685" action="install" shared="true" mergeaction="add"
Making the client installation package available from the Sametime Welcome page:
Perform the following steps to make the network client installer available for
installation from the Sametime Welcome page.
If you want to add any optional client features to the base install for all of your
users, see Enabling installation of optional client features such as Microsoft Office
Integration.
Note: If the Domino HTTP server has been configured to use SSL with a
self-signed test certificate, users will not be able to download the zip from the
Lotus Sametime Welcome page.
1. Copy the entire contents of the network-install directory from the Lotus
Sametime Connect Network Install Client CD or downloaded image to the
following location on the Sametime Community Server.
server_data_directory\domino\html\sametime\network-install
Note: There are placeholder files in the directory; you must replace them with
the real ones.
These are the default locations for the network-install directory:
Windows
c:\program files\lotus\domino\data\domino\html\sametime\network-install
AIX, Linux, and Solaris
/local/notesdata/domino/html/sametime/network-install
IBM i
There is no default data directory but the name may be similar to this:
/STserver/domino/html/sametime/network-install
2. (Optional) Set default preferences in the plugin_customization.ini file located
in the deploy directory:
Editing the installation package for the Lotus Notes embedded client:
IBM Lotus Sametime ships with optional client features that you can add to the
default client installations, including Microsoft Office Integration features on
Microsoft Windows clients, E-mail Integration Features, and Spell Checker
Dictionaries. You can customize the installation package for the Lotus Sametime
client that is embedded in Lotus Notes on Microsoft Windows.
The install.addon.xml file is the installation manifest, which lists all features
shipped with the IBM Lotus Sametime embedded client for Lotus Notes. When
you uncomment the optional features in the list, they become part of the base
client install package.
The set of optional features is enclosed in comment markers (all of the features are
within a single comment):
Note: Lines have been formatted here for readability because it is important to
make sure you move entire feature statements.
<feature id="com.ibm.rtc.meetings.embedded.feature"
version="8.5.0.20091027-1957" match="compatible" download-size="5"
size="5" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.rtc.meetings.feature" version="8.5.0.20091027-1957"
match="compatible" download-size="23446" size="23446" action="install"
shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.rtc.web.utils.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="139"
size="139" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.collaboration.realtime.sslite.feature"
version="1.0.0" match="greaterOrEqual" download-size="0" size="0"
action="uninstall" shared="true"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<!--
The following Sametime features are optional, and may be uncommented in order to be deployed.
<feature id="com.ibm.collaboration.realtime.exchange.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="315"
size="315" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.collaboration.realtime.oi.embedded.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="7"
size="7" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.collaboration.realtime.oi.sharepoint.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3833"
size="3833" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.collaboration.realtime.oi.smarttags.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="5685"
size="5685" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.collaboration.realtime.oi.toolbar.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="4302"
size="4302" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.collaboration.realtime.oi.webConfTab.feature"
version="8.5.0.20091027-2140" match="compatible" download-size="3048"
size="3048" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
-->
The first three optional features have been moved outside of the comment markers
and are now enabled for installation:
<feature id="com.ibm.rtc.meetings.embedded.feature"
version="8.5.0.20091027-1957" match="compatible" download-size="5"
size="5" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.rtc.meetings.feature"
version="8.5.0.20091027-1957" match="compatible" download-size="23446"
size="23446" action="install" shared="true" mergeaction="add"
url="jar:${installer.root}/sametime.embedded.update.site.20091027-2140.zip!/"/>
<feature id="com.ibm.rtc.web.utils.feature"
The IBM Lotus Sametime client can be easily updated at any time after the initial
installation.
Three options are available for delivering updates to Sametime Connect client
users:
v Automatic Updates: Administrators can provision new or updated Sametime
features to their clients in a ″push″ mode so that all clients use the same set of
Note: The optional update feature is the recommended approach for any
updates that are not required. If the optional site is configured before the initial
client install, it provides a seamless initial install experience. A user installs the
client, and is presented with a prompt to select optional features at first log in. It
requires less communication and manual interaction than the manual update
method.
v Manual Updates: Administrators either distribute update sites (zip or jar files)
or post them to a Web server, and provide the users with instructions for
manually installing the updates using the tools in the connect client.
To set up your server so that client updates are installed automatically, specify the
″Sametime update site URL″ on each of your Sametime servers.
From the Lotus Sametime System Console, open the policies page and update each
of the appropriate policies:
1. Log in to the Sametime System Console, open that server’s Integrated Solutions
Console, select Sametime System Console, and then click Manage Policies →
Instant Messaging.
2. Locate the ″Sametime update site URL″ setting in the Instant Messaging section
of the policy.
3. Specify the URL for the update site where you will post required updates.
Updates of features from this site are required and will be installed
automatically; the client is not provided a choice. For Lotus Sametime 8.0
connect clients, you can specify more than one URL by separating them with
semi-colons or commas.
When the user logs in from the client, the client checks the Sametime update
site URL setting for the appropriate policy on the default Sametime server.
Note: If the URL has not been specified or the setting is not found, the client
will search the preferences.ini file located in the update plugin
(com.ibm.collaboration.realtime.update\preferences.ini) root directory for the
adminUpdatePolicyURL value. (The policy setting was not available prior to
Sametime 7.5.1.)
When the client logs in and connects to the specified update site, it silently
downloads all updated features it finds and installs them. Once installation is
complete, the user receives a textbox announcing that new updates have been
installed and that the user should restart the Sametime client. The user can
click the restart button or press a five-minute delay button. If the user is
involved in chats with other users, he or she can continue to delay restart for as
long as he wishes by continuing to press the restart button at five-minute
intervals. After the restart, the client checks again to see if there are more
updates, and if it finds none, the user is not interrupted again. This update
process takes place each time the user restarts his client and logs in.
To set up your server so that your users are presented with a selection of optional
updates, specify the ″Sametime optional add-on site URLs″ on each of your
Sametime servers.
From the Lotus Sametime System Console, open the policies page and update each
of the appropriate policies:
1. Log in to the Sametime System Console, open that server’s Integrated Solutions
Console, select Sametime System Console, and then click Manage Policies →
Instant Messaging.
2. Locate the ″Sametime optional add-on site URLs″ setting in the Instant
Messaging section of the policy.
3. Specify one or more URLs for update sites where you will post optional
updates.
When the user logs in from the client, the client checks the ″Sametime optional
add-on site URLs″ policy on the default Sametime server.
When the user logs in from the client, the client checks the ″Sametime optional
add-on site URLs″ policy on the default Sametime server.
Note: If the URL has not been specified or the setting is not found, the client
will search the preferences.ini file located in the update plugin
(com.ibm.collaboration.realtime.update\preferences.ini) root directory for the
optionalUpdatePolicyURL value. (The policy setting was not available prior to
Sametime 8.0.)
When the client logs in, it scans all of the optional update sites listed to find
any available updates that match the client configuration. If any updates are
found, the client displays a message alerting the user that updates are available
with an option to open the Update Manager (which is pre-populated with the
list of sites defined in the policy). The alert also allows the user to disable
further checking on startup. (This preference can also be set in the Contact List
preferences). From the Update Manager, the user can select which updates (if
any) they would like to install, then follow the instructions in the update
panels to accept the license(s) and complete the install. If any updates are
installed, the client will prompt the user to restart.
In Sametime Connect, the user can manually install updates by choosing Tools >
Plug-ins > Install plug-ins. The user can then:
1. Select Search for new features to install, and then click Next.
2. Add an update site:
v If remote, select Add Remote Location..., specify a name for the update site
and provide the URL for the site.
v If a local directory, select Add Folder Location..., and select the directory
where the update site exists.
v If a local archive, select Add Zip / Jar Location... and select the update site
archive.
For example, if you have access to the Standalone client install CD or
downloaded image, you can click New Archive Site.... Then navigate to the
optional-components directory and select optional-components-update-
site.zip.
Users can install the IBM Lotus Sametime Connect client from the standalone client
installer CD or corresponding downloaded image on a Microsoft Windows client.
Follow these steps to install the Sametime Connect client on a Windows client.
1. If the Sametime Connect client is running, shut it down before attempting to
install the newer version.
2. Important: Make a back-up copy of the directory where the earlier version of
the client is installed, in case you need to revert to it.
3. Navigate to the root of the CD or downloaded image.
4. Double-click setup.exe to begin the installation.
If you have previous releases of the Connect client installed:
v Sametime Connect 7.5.x:
The default operation is to uninstall an existing client, but because the 8.5
client installs to a different directory, you can choose to retain the 7.5.x client
by running the new installation with a special flag, as follows:
setup.exe /v"STUNINSTALL75=0"
v Sametime Connect 8.0.x:
The 8.5 client installs to the same path as the 8.0.x client, you cannot retain
the older client when you install the 8.5 client; the new client will replace the
old client.
5. Enter the required information when prompted.
6. When the installation completes, launch the Sametime Connect client; by
default Sametime Connect is installed to C:\Program Files\IBM\Lotus\Sametime
Connect.
Copy the setup.bat and the silentinstall.ini files from the root of the CD or
download, and then update them to tailor the installer to your requirements.
The batch file (setup.bat) contains several different commands that can be used to
perform different installation functions. Some of the commands are commented out
by default but can be uncommented and updated if the function is needed.
Detailed explanations are included in the setup.bat file.
v Uninstalling older, pre-7.5.x Sametime Connect clients
Three commands are provided to shutdown, uninstall, and cleanup an older,
pre-7.5.x installation of the connect client. These commands are commented-out
by default. If this functionality is needed, uncomment these lines and configure
the paths to the old Sametime install directory as needed for your environment.
v Several sample commands are provided for different methods of executing the
silent install.
– The first option executes the installer silently and uses a silentinstall.ini file to
preconfigure connection settings.
This is the default. If you choose to use one of the other methods, comment
out this command.
– The second option executes the installer silently and migrates the connection
settings from an existing, earlier (pre-7.5) version of Sametime.
This option does not use the silentinstall.ini file. If you choose to use this
method, uncomment this command.
– The third option executes the MSI version of the installer silently, using a
silentinstall.ini to preconfigure the connection settings. If you choose to use
this method, uncomment this command.
The silentinstall.ini file contains configuration parameters for the Lotus Sametime
Connect client. The settings are used to pre-populate the community-config.xml file
with server connection information and other parameters required by the installer
for silent execution.
Table 52. silentinstall.ini file
parameter description/value
LAPAGREE=NO You must change this parameter to YES to
indicate acceptance of the license agreement.
STSERVERNAME=stservername.domain.com Fully qualified host name of the Sametime
server. Normally this should be the same as
the home Sametime server specified in the
person document.
STCOMMUNITYNAME= Community name
YourCommunityName
STSERVERPORT=1533 Sametime Server IP Port number
STSENDKEEPALIVE=true Flag for sending keep alive signal.
STKEEPALIVETIME=60 Default is 60 seconds. Indicates how often to
check the connectivity between the client
and server, allowing timely notification if
disconnected.
STCONNECTIONTYPE75=direct Connection type
STPROXYHOST=Proxy port number (leave Proxy host name (leave blank if not used)
blank if not used)
STPROXYPORT= Proxy port number (leave blank if not used)
STRESOLVELOCALY75= Proxy resolves local flag (TRUE/FALSE)
STPROXYUSERNAME= Proxy user name (leave blank if not used)
STPROXYPASSWORD= Proxy password (leave blank if not used)
When network installation files are available, users can install Lotus Sametime
Connect from a Web browser on Windows.
1. (Optional) Set default preferences in the plugin_customization.ini file located
in the \network-install\install\deploy directory:
2. Using a Web browser, open the Sametime Welcome page on your Sametime
server.
For example, if the fully qualified host name of your Sametime server is
stserver.com, you open http://stserver.com/stcenter.nsf.
3. Click Download Lotus Sametime Connect 8.5 Client to display the ″Welcome
to the IBM Lotus Sametime Connect 8.5 Client Download Site″ page.
4. Click Install Now to begin the download and installation process.
Once all files have been downloaded, the actual client installer will start.
Follow the instructions in the installer and enter the required information to
complete the installation.
Tip: If there are problems running the network client installer applet, or if you
want to install at a later time, you can select Save from the Welcome page
instead. This shows you a downloads page where you can select the operating
system of the installer you wish to save and follow the instructions for
downloading the installer for later use.
Install the IBM Lotus Sametime embedded clients on a Lotus Notes client running
on Microsoft Windows.
The Lotus Sametime embedded client installs directly into the Lotus Notes
directory. If you have already installed a previous version of the embedded client,
it is upgraded to this new version.
1. Download the installation package for the Lotus Sametime embedded client if
you have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers to the system
on which you are installing.
c. Extract the files to a local directory.
d. Verify that you have at least 1 GB of temporary space to run the installation
in your %TEMP% or /tmp directory.
The Deployment Manager manages the Lotus Sametime System Console and all
Lotus Sametime Server cells.
Before starting Lotus Sametime Servers, the Deployment Manager must be running
for each cell.
Windows only: You can also use the Start - Programs menu to use the Start and
Stop menu commands.
1. In a command window, navigate to the app_server_root/profiles/
DeploymentManagerName/bin directory for the Deployment Manager you want
to start:
2. Run the following command to start and stop the Deployment Manager:
AIX, Linux, or Solaris
./startManager.sh
./stopManager.sh dmgr -username admin_user -password admin_password
Windows
startManager.batstopManager.bat dmgr -username admin_user -password
admin_password
IBM i
startManager dmgr
stopManager dmgr -username admin_user -password admin_password.
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
What to do next
You may use a command window to start and stop Sametime components running
on WebSphere Application Server. To stop servers, you will supply the WebSphere
Note: The Deployment Manager must be running for the cell before starting a
server. Also note that the server name is case sensitive.
Table 54. Start server commands for AIX, Linux, or Solaris
Type Commands
Sametime System Console ./startNode.sh
./startServer.sh STConsoleServer
Meeting Server ./startNode.sh
./startServer.sh STMeetingHttpProxy
./startServer.sh STMeetingServer
Proxy Server ./startNode.sh
./startServer.sh STProxyServer
Media Manager ./startNode.sh
./startServer.sh STMediaServer
./stopServer.sh STMeetingHttpProxy
Windows
The Start Programs menu is also a convenient way to start and stop Sametime
servers running on WebSphere Application Server.
Note: The Deployment Manager must be running for the cell before starting a
server. Also note that the server name is case sensitive.
Table 56. Start server commands for Windows
Server Commands
Sametime System Console startNode.bat
startServer.bat STConsoleServer
Meeting Server startNode.bat
startServer.bat STMeetingHttpProxy
startServer.bat STMeetingServer
Proxy Server startNode.bat
startServer.bat STProxyServer
Media Manager startNode.bat
startServer.bat STMediaServer
stopServer.bat STMeetingHttpProxy
IBM i
Note: The Deployment Manager must be running for the cell before starting a
server. Also note that the server name is case sensitive.
Table 58. Start server commands for IBM i
Server Commands
Sametime System Console startNode
startServer STConsoleServer
Meeting Server startNode
startServer STMeetingHttpProxy
startServer STMeetingServer
Proxy Server startNode
startServer STProxyServer
Media Manager Not supported on IBM i
IBM Lotus Sametime on IBM i is installed on an IBM Lotus Domino server. You
can start and stop a Sametime server without starting and stopping the Domino
server from running.
There are times when you will need to keep the Domino server running while
doing Sametime maintenance tasks. For example, you might need to shut down
Sametime services while you make configuration changes on the Sametime server,
but you need to leave the Domino server running so you can access Domino
databases on the server.
1. On any IBM i, command line, enter the Work with Domino Console command
and press F4:
WRKDOMCSL
2. Enter the server name and press Enter.
3. In the Domino server console, choose one of the following actions:
v To start the Sametime service on a Domino server that is already running,
type this command:
load STADDIN2
v To stop the Sametime services without stopping the Domino server, type this
command:
tell STADDIN2 Quit
4. Periodically press F5 to refresh your screen and look for a message to confirm
that Sametime has started or stopped.
Learn how to start and stop a Sametime Community Server running on IBM i.
Follow these steps to start both Domino and a Sametime Community Server.
1. From any IBM i command line, run the following command:
WRKDOMSVR
Tip: You can also use IBM i Navigator to start the Sametime server by selecting
Network → Servers → Domino. Right-click on the Domino server where you
added Sametime and select Start.
Follow these instructions to stop a Lotus Sametime server on IBM i from an IBM i
command line.
Follow these steps to stop both Domino and a Sametime Community Server from
an IBM i command line.
1. From any IBM i command line, run the following command:
WRKDOMSVR
2. On the Work with Domino Servers display, stop the server by typing 6 in the
Opt column next to the Domino server where you added Sametime and press
Enter.
3. Press Enter to confirm your server selection.
4. Periodically press F5 to refresh your screen and wait for the Domino server
status to be *ENDED.
Tip: You can also use IBM i Navigator to stop the Sametime server by selecting
Network → Servers → Domino. Right-click on the Domino server where you
added Sametime and select Stop.
Uninstalling
Before you can install a newer version of IBM Lotus Sametime, you must uninstall
the currently deployed version.
This procedure works for the following Lotus Sametime servers: Community
Server, Proxy Server, and Meeting Server. A Sametime Community Server reverts
back to using legacy policies if you remove it from the console.
When you remove Sametime Community Server from a Domino server, all files
related to Sametime that were added to the Domino server data directory or were
Results
If you want to delete the Sametime Community Server software from the system,
remove Sametime from your servers and then run the DLTLICPGM (Delete
Licensed Program) command.
v For Sametime Standard, delete 5724J23 option 1 and then delete 5724J23 *BASE.
v For Sametime Entry, delete 5724J23 *BASE.
Use the unregister utility to remove servers from the Sametime System Console
before uninstalling the Sametime software.
v Before uninstalling the Sametime System Console, unregister all servers
registered with the console, including the Community Server, Proxy Server,
Meeting Server, and Gateway.
v Before uninstalling a Meeting Server or Proxy Server, unregister the server from
the Sametime System Console.
Follow these steps to shut down the servers and run the uninstall scripts.
1. For the type of server you plan to uninstall, shut down the servers listed
below:
where date and time indicate when the proxy server was installed.
v Meeting Server
cd /QIBM/UserData/Lotus/stii/STMeetings/STMEETINGS_date_time/uninstall
where date and time indicate when the meeting server was installed.
4. Run the following shell command:
uninstall.sh
When the script completes, a summary of the results is displayed.
5. Press F3 to exit QSH.
Results
If the uninstall was not successful, look at the log for more information. Fix the
problem, then try uninstalling again. The uninstall logs are stored in the following
location.
QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
uninstall_ServerType_yyyymmdd_hhmm.log
For example, this log for uninstalling a meeting server was created at 3:07 A.M. on
December 15, 2009:
uninstall_STMEETINGS_20091215_0307.log
What to do next
When you have successfully uninstalled a server, there are other items associated
with Sametime that you may want to remove from the system.
On IBM i, the install and uninstall of WebSphere Application Server are separate
from Lotus Sametime Gateway. Uninstalling Lotus Sametime Gateway does not
affect the WebSphere Application Server installation. Complete details on
uninstalling WebSphere Application Server are available from the WebSphere
Application Server information center.
1. Shut down any servers that are running, including the Deployment Manager
and node agents if you are uninstalling a cluster.
2. Start a QShell session.
3. Navigate to the following folder: stgw_server_root/_uninst
4. Type uninstalli5OS.sh
5. Select the language you wish to use for the uninstall procedure and click OK.
The Welcome screen is displayed.
6. Click Next to proceed. The Lotus Sametime Gateway features screen is
displayed.
7. Click Uninstall to begin the procedure. The progress is displayed on the screen.
8. When the uninstall is complete, read the summary information and click Finish
to exit the wizard.
9. If you are uninstalling a cluster of servers, repeat the preceding steps on each
node, running the uninstall utility as you would on a single server deployment.
To remove an IBM Lotus Sametime Gateway server from the list of the Lotus
Sametime System Console’s managed servers, run the unregister utility on the
server. When you remove a server from the console, it can no longer be
administered from the console, but it does not have its own administration
interface. The only way to administer the server is by modifying configuration files
and the database directly. Because of these limitations, you should only unregister
the server if you are uninstalling, or performing some other activity that requires
removal of the product from the console.
1. Working on the server you want to remove, navigate to the
/qibm/userdata/STGateway/ProfileName directory where ProfileName is the one
you specified when you installed the Gateway.
2. If this is the first time you have run a utility on this server, open the
console.properties file and provide the System Console Host name, port, User
Name and Password. Also you can specify the log level, which is not
mandatory.
3. Verify that the values in the productConfig.properties file are correct.
4. Unregister the server by running the following command:
unregisterWASProduct.sh
5. If you want to uninstall Lotus Sametime Gateway from the server, run the
following command: unregisterWASProduct.sh -uninstall
Results
The utility unregisters the server and generates the ConsoleUtility.log file,
storing it in the console/logs. If the unregistration is successful, the utility deletes
the console.pid file from the console directory.
If after an attempted Sametime install or uninstall, you have many files and folders
left in app_server_root/profiles/profile_name or app_server_root/bin, run the
WebSphere Application Server uninstall program to remove the rest of the files.
Remove WebSphere Application Server only if it is not in use by any other server
on the system.
Stop all java processes. Then follow the steps in the WebSphere Application Server
7 Information Center to remove unneeded WebSphere Application Server software
from the system.
This section contains information about installing and configuring IBM Lotus
Sametime, while maintaining as much legacy data as possible, if you have used
previous versions of the product.
You can upgrade from the following types of Lotus Sametime deployments:
v Lotus Sametime (release 7.5.1)
v Lotus Sametime Instant Messaging Limited Use (release 8.0, 8.0.1, and 8.0.2)
v Lotus Sametime Entry (release 8.0, 8.0.1, and 8.0.2)
v Lotus Sametime Standard (release 8.0, 8.0.1, and 8.0.2)
The upgrade process is the same for all servers up to a point; if you have meetings
enabled on your server there will be additional tasks to complete if you want to
migrate existing meetings to a new Lotus Sametime 8.5 Meeting Server.
Note: If you have a cluster of Lotus Sametime servers, you must upgrade all
servers in the cluster. A cluster cannot support servers running different releases of
Lotus Sametime.
Before you begin to an IBM Lotus Sametime server, you must disable cluster
replication to avoid sending or receiving configuration changes while preparing for
the upgrade.
If you have a cluster of servers, you must upgrade every server in the cluster. To
avoid sending or receiving configuration changes while you are preparing to
upgrade, disable cluster replication for all servers in the cluster. For more
If you have meeting services enabled on your IBM Lotus Sametime server and you
clustered the meeting rooms with Lotus Sametime Enterprise Meeting Server, you
must remove those servers from Enterprise Meeting Server before upgrading them.
Lotus Sametime 8.5 does not support the use of Lotus Sametime Enterprise
Meeting Server. Instead, you deploy one or more Lotus Sametime 8.5 Meeting
Servers and optionally cluster them using an IBM WebSphere network deployment.
Then you can set up URL redirects from your upgraded Lotus Sametime servers to
the new Meeting Servers so that when a user clicks a link to create or attend a
meeting on an upgraded server, the link is automatically redirected to the new
Meeting Server.
If you do not wish to install the Lotus Sametime 8.5 Meeting Server yet, you can
still create and host meetings on the upgraded server, but you cannot cluster the
meeting rooms.
After you have completed the preliminary steps to prepare the environment,
upgrade each of your IBM Lotus Sametime servers.
If you are upgrading a cluster, be sure to upgrade each of the servers in the cluster
(and register each server with the Lotus Sametime System Console) before you
configure the cluster and register the cluster itself.
Checking for supported releases for Lotus Domino and Lotus Sametime:
Before upgrading to IBM Lotus Sametime 8.5, determine whether you first need to
upgrade your Lotus Domino and your operating system releases. You also need to
determine whether your current level of Lotus Sametime is supported by the Lotus
Sametime 8.5 upgrade process.
Follow these steps to ensure that the server you intend to upgrade is running on a
supported level of the operating system and that the current releases of Lotus
Domino and Lotus Sametime are supported by the upgrade process. If the server
includes an unsupported release of any product, you must complete an interim
upgrade to a supported product.
1. Check the operating system level on the computer where Lotus Sametime is
installed.
Make sure that your currently installed server releases, and product releases,
are all supported on the new operating system level. For information on system
requirements, see the Detailed System Requirements.
2. Check the Lotus Domino release on the server to be upgraded.
Before installing a new release of IBM Lotus Sametime you should back up all
important server data.
The IBM i installation program always preserves the Lotus Sametime data on
existing servers. If you do not want to preserve the Lotus Sametime data, remove
Lotus Sametime from the server with the RMVLSTDOM command before
installing the new release. After the installation completes, run the ADDLSTDOM
command to add Lotus ametime to the server again.
When backing up your Lotus Sametime data, include the following information:
Table 60. Lotus Sametime server data to back up
Data to back up Comments
names.nsf This is optional if you can replicate from
another Domino server. After upgrading to
Lotus Sametime 8.5, you will need to convert
the native Domino Directory to use LDAP
format in order to register the server with the
Lotus Sametime System Console.
notes.ini Back up this file for possible reference after
upgrade.
da.nsf Back up this file if you are using directory
assistance.
After you have verified that your server is running a supported version of IBM
Lotus Domino as well as a version of Lotus Sametime that can be upgraded
directly, upgrade the Lotus Sametime server application by installing the newer
release on top of it.
Complete any pending reboot actions you may have from installing other
applications. Make sure that all applications on the server computer (including the
Domino Server Administrator and the Web browser) are closed. All Domino
services must be stopped. Otherwise, you might corrupt any shared files and the
installation program might not run properly.
The Lotus Sametime 8.5 Community Server installs directly over the existing Lotus
Sametime server and uses the existing version of Lotus Domino.
1. (Linux RHEL only) Disable SELinux on any RedHat operating system:
a. Log in as root on the Linux RedHat server where you will install the Lotus
Sametime server.
b. Open the /etc/selinux/config file for editing.
c. Locate the SELINUX setting. Change its value to either disable or
permissive.
The format for storing IBM Lotus Sametime user privacy information changed in
release 7.5. If you are upgrading from a release prior to 7.5, complete these tasks to
migrate user privacy information to the new format.
As part of upgrading IBM Lotus Sametime, you will need to replace the design of
the vpuserinfo.nsf database.
As part of a product upgrade, you will need to replace the design of the
vpuserinfo.nsf database with the stuserin.ntf template:
1. Start the Lotus Notes client.
2. Click File → Application → Open.
3. Select the Community Server you upgraded (select ″Local″ for the current
server).
4. Select the Configuration folder.
5. In the file name field, type vpuserinfo.nsf and then click Open.
6. Once the database is open, click File → Application → Replace Design.
7. Select the newly installed Lotus Sametime Community Server as the template
server, and then click the Show advanced templates option to locate the
″Sametime User Information″ (stuserin.ntf) template.
8. Click the stuserin.ntf template to select it, and then click Replace to update
the database’s design to match the template.
9. When you have finished, you can exit the Lotus Notes client.
The format for storing privacy information changed in Lotus Sametime 7.5. If you
are upgrading from a release prior to 7.5, and your users have stored privacy
information (″Who can see me″) from the earlier release, then you need to migrate
this information by running a utility after upgrading. If the information is not
migrated, privacy information from the earlier release appears to be lost after
upgrading.
Note: There is no need to run this utility unless you have upgraded from a release
prior to 7.5 and your users have stored privacy data from the earlier release.
Considerations:
v If you delay running the utility, users may create additional privacy data on the
upgraded server. In this situation, the new data is stored in addition to the
existing data and it is not predictable which privacy record will be used.
Running the upgrade utility will not solve the problem. If necessary, the
administrator can manually delete one of the privacy records from
vpuserinfo.nsf.
v If you have multiple Lotus Sametime servers within a single community (but
have not configured them as a Community Services cluster), each of the servers
maintains a separate version of vpuserinfo.nsf. It is highly recommended that
you run the upgrade utility on each of the servers in the community
immediately after upgrading it to the new Lotus Sametime Community Server.
v If you have clustered the Lotus Sametime servers to support server failover and
load balancing, it is best to upgrade all of the servers at the same time, if
possible. Immediately run the upgrade utility on just one of the Lotus Sametime
servers in the cluster and allow the vpuserinfo.nsf updates to replicate to the
other servers.
v If it is not possible to upgrade all of the servers in the cluster at the same time,
consider advising your users to avoid creating additional privacy data until all
of the servers have been upgraded. If users who are connected to a server
running a release prior to 7.5 create new privacy data, it will be stored in the
older format. This may conflict with privacy data that has already been migrated
to the newer format. More than one privacy record for a user and conflicts
between the records can cause unexpected results. Running the upgrade utility
again will not solve the problem. If necessary, the administrator can manually
delete one of the privacy records from vpuserinfo.nsf.
v The time required to run the utility depends on the size of vpuserinfo.nsf . For
example, running the utility for a 2 GB vpuserinfo.nsf file may take 30 minutes.
v When the utility runs, two files are created in the Sametime server data
directory:
– vpuserinfo.nsf (time stamp): backup copy of vpuserinfo.nsf before it was
modified by the utility
– vpuserinfo.nsf.log (time stamp): log of activity which occurred when the
utility ran
Example
1. If you intend to migrate privacy information for only a specified subset of your
Sametime users, create a text file containing the names of the users. For
example, create a text file called upgrade_util_filter.txt and save it in the
Domino installation directory or another accessible location. The file should
have each user specified on a separate line in the following format:
CN=John Smith/O=Acme
CN=Jane Doe/O=Acme
CN=Sally Brown/O=Acme
2. Stop the Sametime server
3. Open a Windows command prompt
4. Run the following commands:
c:\program files\lotus\Domino> upgrade_util.cmd
<sametime_server_data_directory> [<upgrade_util_filter_file>] (where
″c:\program files\lotus\Domino″ is the directory where the Domino server is
installed).
v If you do not specify the server data directory (the first parameter shown
above), the SametimeDirectory entry in the sametime.ini file is used.
v If you do not specify the upgrade util filter file (the second parameter shown
above), the UpgradeUtilFilter entry in the sametime.ini file is used.
v If there is no such entry in the sametime.ini, no filter will be used, meaning
migrating privacy information of all Sametime users.
Run the privacy migration utility to migrate user privacy information that was
stored prior to IBM Lotus Sametime 7.5 to the new format. to migrate privacy
information from AIX, Solaris, or Linux to the new format. An optional parameter
allows you to migrate privacy data for only a specified subset of your Lotus
Sametime users.
Example
After all of the servers in the IBM Lotus Sametime cluster have been upgraded,
you can enable cluster replication once again to ensure that the servers are sharing
configuration information.
If you saved each server’s data during the upgrade, your previous cluster settings
still exist and you just need to enable replication among the servers. For more
information, see Replicating with all servers in a cluster in the Lotus Domino and
Notes information center.
If you did not save server data during the upgrade, you may need to recreate the
cluster as described in Clustering Lotus Sametime Community Servers in this
information center. You will need to return to this upgrade section after completing
the cluster configuration, so you may want to open the link in a separate browser
tab or window so you do not lose your place.
This task only applies to a stand-alone Community Mux; the multiplexer that
installs directly on the Lotus Sametime server was upgraded automatically when
you upgraded that server.
If you have more than one stand-alone Community Mux, upgrade all of them:
1. Insert the Lotus Sametime CD into the Community Services multiplexer
machine, start the installation program, and choose the option to install the
Community Services Mux.
2. At the ″Select a language″ screen, select a language for the installer, and then
click OK.
3. At the ″Welcome″ screen, click Next.
4. At the license agreement screen, click I accept both the IBM and the non-IBM
terms, and then click Next.
5. At the ″Directory name″ screen, browse to a the directory where you want to
install the Community Mux (or accept the default), and then click .Next
6. At the ″Host name or IP address″ screen, enter the fully qualified host name of
the Lotus Sametime Community Server that this Community Mux will serve.
For best results, do not use an IP address.
7. At the summary screen, click Install.
8. At the ″successfully installed″ screen, click Finish.
If your IBM Lotus Sametime deployment includes a remote conversion server and
you will continue to host meetings on one or more upgraded Lotus Sametime
servers, you should upgrade the conversion server as well.
Results
The conversion services component starts automatically when you restart the
server. To start the conversion services manually, click Start > Administrative tools
> Services.
Audio and video services provided by the IBM Lotus Sametime Reflector will not
be available in this release to assist client-to-Sametime client audio/video
communication.
Release 8.5 audio/video services can co-exist with release 7.5.x and 8.0.x
audio/video services, with the following restrictions:
v The 8.5 client cannot establish an audio or video call with 7.5.x or 8.0.x clients
Next steps:
After you have completed an upgrade of one or more IBM Lotus Sametime
servers, the instant messaging, awareness, and presence features are ready to use.
If your previous deployment included the online meetings feature, you can either
use them on the upgraded server (as in previous releases) or migrate meetings to
the Lotus Sametime 8.5 Meeting Server.
If your Lotus Sametime server does not have the online meetings feature enabled,
or meetings are enabled but you intend to continue creating and hosting them on
the upgraded servers, then your upgrade is complete and you are ready to begin
using Lotus Sametime 8.5.
You only need to continue to next upgrade section if your Lotus Sametime server
has the online meetings feature enabled and you want to migrate them to the new
Lotus Sametime 8.5 Meeting Server. To migrate meetings, you will need to set up
an LDAP directory (if you are currently using native Domino authentication),
install new Lotus Sametime 8.5 components, and then set up URL redirects from
the upgraded servers to one or more newly installed Meeting Servers. All of these
tasks are discussed in detail in the next section.
This section applies only to deployments where the upgraded servers have online
meetings enabled and you want to migrate them to the new Lotus Sametime 8.5
Meeting Server. To migrate meetings, you will need to set up an LDAP directory,
install new Lotus Sametime 8.5 components, and then set up URL redirects from
the upgraded servers to one or more newly installed Meeting Servers. All of these
tasks are discussed in detail in this section.
Note: This section discusses installing new Lotus Sametime 8.5 components.
Information on topics such as configuration, administration, tuning, and
troubleshooting appears elsewhere in this information center.
If you configured IBM Lotus Sametime to use a native IBM Lotus Domino
ddirectory for user authentication in a previous release, you must convert the
directory to LDAP format for use with Lotus Sametime 8.5.
Lotus Sametime 8.5 requires the use of an LDAP directory for user authentication.
Rather than installing a new LDAP directory, you can convert your existing Lotus
Domino Directory to LDAP format. Complete this task before installing the Lotus
Sametime System Console for the new deployment.
Shutting down the Sametime services while keeping the Domino services active:
To replace the Domino directory with an LDAP directory, shut down the Sametime
services while you make configuration changes on the Sametime server.
You must leave the Domino server running so you can access Domino databases
on the server.
1. Open the Domino server console on the Sametime/Domino server.
2. In the Domino server console, type the following command:
For Windows, AIX, Linus, and Solaris servers:
Tell STADDIN Quit
For IBM i servers:
Tell STADDIN2 Quit
Because Lotus Sametime uses Directory Assistance to access an LDAP server, you
must ensure that a Directory Assistance database exists on the Sametime server
either by creating a new database or replicating an existing one. Use the same
process to set up Directory Assistance for a Sametime server as you would for a
Domino server without Sametime.
What to do next
To replicate a database instead of creating a new one, create a new replica of the
Directory Assistance database on the Sametime server. Then create a Connection
document to schedule replication of the database. See your Domino server
administration documentation for information on replication.
After you have ensured that a Directory Assistance database exists on the
Sametime server, you must identify the Directory Assistance database on the
Sametime server.
Enter the database filename in the ″Directory Assistance database name″ field in
the Basics section of the Sametime server’s Server document.
1. From a Notes client, choose File → Database → Open.
2. Select the Sametime server (or select the Local server if you are running
Sametime on a Windows server and you opened the Notes client on the
server).
3. Select the Domino directory (names.nsf) and click Open.
4. Select Server → Servers to open the Servers view.
5. Double-click the name of the Sametime server to open the Server document.
6. If necessary, select the Basics tab of the Server document.
7. Click Edit Server.
8. In the ″Directory Assistance database name″ field, enter the filename (for
example, da.nsf) of the Directory Assistance database.
9. Click Save & Close.
Follow these steps to create the Directory Assistance document for the LDAP
server. You can change the suggested values shown below as required by your
environment.
1. From the Notes client, open the Directory Assistance database (usually named
da.nsf) on the Sametime server.
2. Click Add Directory Assistance.
3. In the Basics tab, make these settings:
Setting Value
Nested group expansion The suggested setting is Yes. This setting enables
Directory Assistance to examine the content of an
LDAP directory group that is a member of another
LDAP directory group. This capability is also used
when an LDAP directory group name is entered in
the ACL of a database on the Sametime server.
4. Select the Naming contexts (Rules) tab. Configure Rule 1 as needed for your
Domino environment. The suggested values for Rule 1 are as follows:
v The OrgUnit1, OrgUnit2, OrgUnit3, OrgUnit4, Organization, and Country
fields should all contain an asterisk. Using all asterisks in this setting ensures
that all entries in the LDAP directory can be searched and authenticated.
v The ″Enabled″ and ″Trusted for Credentials″ fields should both be set to
″Yes.″
5. Select the LDAP tab. The LDAP tab contains the following settings:
Setting Value
Hostname The host name for the LDAP server (for example,
ldap.acme.com).
Base DN for search Specify a search base. A search base defines where
in the directory tree a search should start.
Suggestions for this setting are:
O=NTAcmedomain).
Maximum number of entries returned The suggested setting is 100. This setting specifies
the maximum number of names the LDAP server
will return for the name searched. If the LDAP
server also has a maximum setting, the lower
setting takes precedence.
De-reference alias on search Choose the option that suits your environment,
usually set to ’Never.″
Preferred mail format Depends upon the directory; the options are
Internet mail address and Notes mail address
Attribute to be used as Notes Should always be blank
Distinguished Name
Type of search filter to use Options are standard, Active Directory or custom;
depends upon your directory. Most often ’standard’
is used. If you use Active Directory, choose AD,
and if you want complete control over how
directory assistance searches the directory, choose
’custom.’ There is additional ’hover-over’ help with
each option: custom, AD, and standard.
6. Click Save & Close. The warning message notifies you that your connection
does not include SSL settings; you can ignore the warning and continue with
the procedure.
The LDAP document in the Configuration database holds the LDAP Directory
settings that enable Lotus Sametime to search and authenticate against entries in
the LDAP directory.
When you convert an IBM Lotus Domino Directory with an LDAP directory, you
must also change configuration files to reference the directory using LDAP format.
Perform the procedure that corresponds to the operating system on which the
Lotus Sametime server is running.
When you convert the IBM Lotu sDomino Directory to LDAP format, you must
also copy and rename .DLL files for use with the LDAP directory.
If your Lotus Sametime server runs on the Microsoft Windows operating system,
perform this procedure:
1. On the Lotus Sametime server, create a working directory to copy files to so
that you can rename them.
2. Copy the ″STAuthenticationLdap.dll″ from the directory C:\Program
Files\Lotus\Domino\Directory BB\Ldap to the working directory.
3. In the working directory, rename the ″STAuthenticationLdap.dll″ file to
″STAuthentication.dll.″
4. Copy the renamed ″STAuthentication.dll″ file to the C:\Program
Files\Lotus\Domino or $installeddir\Lotus\Domino.
Note Copying the ″STAuthentication.dll″ file to the C:\Program
Files\Lotus\Domino or $installeddir\Lotus\Domino will overwrite an
existing file of the same name.
5. Copy the file ″STGroupsLdap.dll″ from the directory C:\Program
Files\Lotus\Domino\Directory BB\Ldap to the working directory.
6. Rename the ″STGroupsLdap.dll″ file to ″STGroups.dll.″
7. Copy the renamed STGroups.dll file to the C:\Sametime directory.
Note Copying the ″STGroups.dll″ file to the C:\Sametime directory will
overwrite an existing file of the same name.
8. Copy the file ″STResolveLdap.dll″ from the directory C:\Program
Files\Lotus\Domino\Directory BB\Ldap to the working directory.
9. Rename the ″STResolveLdap.dll″ file to ″STResolve.dll.″
10. Copy the renamed ″STResolve.dll″ file to the C:\Program
Files\Lotus\Domino or $installeddir\Lotus\Domino.
Note Copying the ″STResolve.dll″ file to the C:\Sametime directory will
overwrite an existing file of the same name.
11. Copy the ″StBrowseLdap.dll″ file from the directory C:\Program
Files\Lotus\Domino\Directory BB\Ldap to the working directory.
12. Rename the ″StBrowseLdap.dll″ file to ″StBrowse.dll.″
13. Copy the renamed STBrowse.dll file to the C:\Program Files\Lotus\Domino
or $installeddir\Lotus\Domino.
14. Copy the ″StDirectoryListLDAP.sym″ file from the directory C:\Program
Files\Lotus\Domino\Directory BB\Ldap to the working directory.
15. Rename the ″StDirectoryListLDAP.sym″ file to ″StDirectoryList.sym.″
16. Copy the renamed StDirectoryList.sym file to the C:\Program
Files\Lotus\Domino or $installeddir\Lotus\Domino.
17. Copy the ″StLdap.dll″ file from the directory C:\Program
Files\Lotus\Domino\Directory BB\Ldap to C:\Program Files\Lotus\Domino
or $installeddir\Lotus\Domino.
When you convert the IBM Lotus Domino Directory to LDAP format, you must
edit the sametime.ini file to indicate that an LDAP directory will now be used.
If your Lotus Sametime server runs on IBM AIX, Linux, or Solaris, perform this
procedure to edit the sametime.ini file in the Sametime server installation
directory. You must change the DirectoryType parameter from ″Domino″ to
″LDAP″ in the sametime.ini file.
1. Use a text editor to open the sametime.ini file located in the Sametime server
installation directory (for example, root/lotus/domino).
2. In the [CONFIG] section of the sametime.ini file edit the DirectoryType=
parameter so that it specifies LDAP as shown below:
DirectoryType=LDAP
3. Save and close the sametime.ini file.
Edit the sametime.ini file to replace the Domino Directory with an LDAP directory.
1. Use a text editor to open the sametime.ini file located in the Sametime server
data directory.
2. In the [Directory] section of the sametime.ini file, edit the DirectoryType=
parameter so that it specifies LDAP as shown below:
DirectoryType=LDAP
3. Save and close the file.
Run the Name Change task to ensure that the user and group names that are
stored in the vpuserinfo.nsf database on the Sametime server are converted from
the native Domino directory name format to an LDAP directory format.
Running the name conversion utility updates Lotus Sametime Community Server
user or group names with the latest directory changes. The name conversion utility
uses a comma-separated value list that you compile to change names, delete
names, or convert all names from Domino to Domino LDAP formatted names.
Users create a contact list, a privacy list, and an alert-me-when list in the IBM
Lotus Sametime Connect client by selecting user names or group names from the
Domino or Domino LDAP directory that is used with the IBM Lotus Sametime
Community server. These contact, privacy, alert-me-when lists are stored in the
user information database (vpuserinfo.nsf) on Lotus Sametime Community servers.
When a user starts the Lotus Sametime Connect client, the lists are downloaded
from the database to update the lists stored on the client’s local computer
Note: Be sure to stop the Domino server before you run the name conversion
utility.
Configuring LDAP:
Specify the LDAP Directory settings that enable the Sametime server to search the
LDAP directory on the LDAP server and authenticate Sametime users against
entries in the LDAP directory.
Configuring the LDAP Directory settings requires previous experience with LDAP;
in particular you will need to know the following information:
v The structure (directory tree) of the LDAP directory the Sametime server will
access
v The schema of Person and Group entries in the LDAP directory
v How to construct LDAP search filters to access the attributes of Person and
Group entries in the LDAP directory
1. In the Sametime server home page, click Administer the Server.
2. Click LDAP Directory.
3. Enter the settings to enable your LDAP directory to access Sametime servers.
4. Click Save.
5. Restart the Sametime server to enable your settings.
Replace the Notes policy key in sametime.ini with a key for the LDAP directory
and verify that the search filter settings are correct for the LDAP server.
The UserInfo servlet must be reconfigured after switching from Domino to LDAP
to enable the Business Card to work.
IBM DB2 is a prerequisite for IBM Lotus Sametime and is included with the
Sametime installation package for Linux and Windows. The package does not
include DB2 for AIX or Solaris.
The DB2 installation provided with Lotus Sametime supports Linux 32-bit systems
and Windows 32-bit or 64-bit systems. If you have a 64-bit Linux system, either
install DB2 for Windows or install DB2 on a 32-bit Linux system instead. IBM i
includes DB2.
Important: This user cannot previously exist on the system. This user will be
created as a local operating system user during the DB2 installation process; if
your organization does not allow creation of local operating system users for
security reasons, exit this installer and install DB2 v9.5 using a different
package. This installer will not check to see if the user already exists.
Make a note of the DB2 Application User name and password. This user has
database administration authority and you will supply the name and
password when you install the Lotus Sametime System Console and when
you connect to DB2 databases later.
Then click Next.
14. At the summary panel, review the settings, then click Install to start the
installation.
The installation may take up to 20 minutes to install. You will receive
confirmation when it is complete.
15. Click Finish to close the installation screen.
16. Click Exit to close the Installation Manager.
Results
If the installation fails, click View Log File for more information. Logs are stored
in the following locations.
Linux
/var/ibm/InstallationManager/logs
Windows 2008
%ALLUSERSPROFILE%\IBM\Installation Manager\logs
Windows 2003
%ALLUSERSPROFILE%\Application Data\IBM\Installation Manager\logs
“Creating a database for the Lotus Sametime System Console on AIX, Linux,
Solaris, and Windows” on page 59
A new IBM Lotus Sametime 8.5 deployment uses a system console as the central
point for administering servers; all new Lotus Sametime 8.5 components must
connect to the console. Set up the Lotus Sametime System Console and its
prerequisite components before you install a Lotus Sametime 8.5 Meeting Server.
The Lotus Sametime System Console is your focal point for administering and
configuring all Sametime servers.
Install and configure prerequisite applications, then install the IBM Lotus Sametime
System Console, which you will use for preparing for server installations and for
managing your Lotus Sametime deployment.
Creating a database for the Lotus Sametime System Console on AIX, Linux, Solaris, and
Windows:
Before installing the Lotus Sametime System Console, create a database to store its
data.
Make sure you have installed DB2. If you previously created a System Console
database and want to run the script again to create a database of the same name,
use the DB2 DROP DATABASE command first to delete all user data and log files,
as well as any back/restore history for the original database. Also note that
uninstalling DB2 does not remove the data and log files.
Run the scripts that come with Lotus Sametime in the DB2 installation package to
create the database for the Lotus Sametime System Console.
1. On the DB2 server, log in to the system as the DB2 administrator created
during DB2 installation if you are not already logged in.
Linux and Windows: Now proceed to Step 3.
AIX and Solaris: Now proceed to Step 2.
2. Download the DB2 installation package if you have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
Run the install program to set up the Lotus Sametime System Console on AIX,
Linux, Solaris, or Windows.
Ensure that your DB2 server is installed and running with the db2start command,
and that the Lotus Sametime System Console database has been created.
AIX, Linux, and Solaris: The launchpad install program needs to be able to launch
a Web browser to start. You will need to be on the console or have an X server and
a Web browser installed and configured. (VNC or a remote X term session will
work as well.)
Results
After a successful installation, the three components that are needed to run the
console start automatically: the Deployment Manager, the node agent, and the
Sametime System Console server. These must always be started before you can use
the system console.
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix any problems,
then uninstall all components and reinstall. Find information in the logs directory
and the ant and native subdirectories.
/var/ibm/InstallationManager/logs
Windows 2008
%ALLUSERSPROFILE%\IBM\Installation Manager\logs
Windows 2003
%ALLUSERSPROFILE%\Application Data\IBM\Installation Manager\logs
What to do next
Use the IBM Lotus Sametime System Console to prepare to install new servers,
start Sametime servers that have been installed, use guided activities to perform
configuration tasks, and administer any Sametime servers managed by the console.
With the Lotus Sametime System Console started, follow these steps to log in.
Note: During the install process, WebSphere security is enabled. SSL is enabled
as part of the WebSphere security process and you will be directed to another
port which listens for https connections.
The WebSphere Application Server Integrated Solutions Console opens.
2. Enter the WebSphere Application Server User ID and password that you
created when you installed Lotus Sametime System Console.
The default name is wasadmin.
3. Click the Sametime System Console task to open it in the navigation tree.
What to do next
Use the Lotus Sametime System Console to connect IBM Lotus Sametime servers to
an LDAP server that has already been installed and configured. An LDAP server is
required for the Lotus Sametime System Console, Lotus Sametime Community
Server, Lotus Sametime Meeting Server, Lotus Sametime Media Manager, and
Lotus Sametime Gateway Server .
Start the LDAP server and the Lotus Sametime System Console if they are not
already running.
If you have not already opened the Connect to LDAP Servers activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified host name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
If you are prompted with a security exception, accept the certificate, and
continue.
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary. To check the port, open
This activity takes you through the steps for identifying users and groups in an
LDAP directory that need access to IBM Lotus Sametime.
Connect IBM Lotus Sametime servers to the LDAP server. Once your Lotus
Sametime server connects to the LDAP server, it can search the LDAP directory
and authenticate Sametime users. If you have already connected Sametime to an
LDAP server, but now you want to edit or delete a connection, use this activity.
Note: If you are using Active Directory as the LDAP, a common attribute to use
for authentication is the saMAccountName attribute. When an Active Directory
LDAP is being used, WebSphere automatically maps uid to saMAccountName, so
saMACccountName should not be explicitly stated as an attribute. If you want to
use saMAccountName for any LDAP attribute field, you must specify uid. Specifying
saMACccountName as a login or search property causes installation to fail. You can
find more information in this TechNote: http://www-01.ibm.com/support/
docview.wss?uid=swg21253331.
1. Connect to LDAP server.
In Connect to LDAP servers, click Add.
If you want to edit or delete an LDAP connection instead, then click the
appropriate button. You can only edit or delete an LDAP connection if it has
not been used to install a product.
2. Bind to LDAP.
a. Click either Anonymous access or Authenticated access.
When a Lotus Sametime server connects to the LDAP server, this can be
done either anonymously or using credentials to authenticate with the
LDAP server. If you select Authenticated access, you will be prompted with
Note: A dropdown list typically displays from which you select a base DN
that is detected by the guided activity; however, the list does not display
when Domino LDAP is being used. Additionally, Domino LDAP is the only
LDAP that uses a blank base DN, while WebSphere requires a base DN for
federating repositories. Since WebSphere does not let you federate an LDAP
directory with an empty base DN, it sets the base DN to C=US. The LDAP
repositories are listed by base DN after they are federated.
If your site uses single sign-on (SSO) for awareness, you must manually
modify the base DN in both the Lotus Sametime Community Server and
Lotus Sametime Meeting Server so they match. Update the Sametime
Community Server’s LDAP connections in the stconfig.nsf and da.nsf to
use the same base DN that the Sametime Meeting Server will be using:
C=US. The Sametime System Console does not overwrite any manual
changes that you make.
c. Click Next.
5. Collect Group Settings. To search for a group name, a Sametime user enters a
text string in the user interface of a Sametime client. This setting defines the
LDAP search filter responsible for selecting a group name from the LDAP
directory. The search filter matches the text string provided by the user to
information contained within the attributes of LDAP directory group entries.
a. Enter the search filter attributes of an LDAP person entry.
Table 63. Search Filter
Attribute Description
Search Attributes Use for searching the directory for groups.
Object Class Specifies the attribute of a directory entry
that identifies the entry as a group. Lotus
Sametime determines whether a directory
entry returned by a search is a person or
group entry. Lotus Sametime assumes that
groups are represented by entries with a
unique object class. Lotus Sametime
compares the name of the object class
specified in this setting to the object class
values of each entry to decide whether the
entry is a group or a person.
c. Click Next.
6. Task Completion Summary.
What to do next
Go to System Administration → Nodes. Select all the available nodes, and click
Synchronize. This ensures the LDAP changes are pushed to the nodes.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
“Starting and stopping the Deployment Manager” on page 417
The Deployment Manager manages the Lotus Sametime System Console and all
Lotus Sametime Server cells.
Related reference
“Command reference for starting and stopping servers” on page 232
You may use a command window to start and stop Sametime components running
on WebSphere Application Server. To stop servers, you will supply the WebSphere
Application Server administrator password that was established when you
installed the server. Important: Verify that the Deployment Manager for the cell is
running before starting any server.
Use the IBM Lotus Sametime System Console to connect to a Lotus Sametime
Community Mux and validate its settings.
If you have not already opened the Connect to Sametime Community Mux Servers
activity, follow these steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified host name of the Lotus Sametime System Console server (for
example stconsole.acme.com).
http://serverhostname.domain:8700/ibm/console
If you are prompted with a security exception, accept the certificate, and
continue.
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Expand Sametime Prerequisites, and click Connect to Sametime Community
Mux Servers.
Validate the host name and ports specified for a new IBM Lotus Sametime
Community Mux server.
Use this page to validate the host name of a new Community Mux, along with the
ports on which it will listen for client connections. This ensures you have a
working multiplexer before you attempt to connect it to a Lotus Sametime
Community Server or cluster.
1. Connect to Sametime Community Mux Servers.
Click Add to begin the guided activity, which lets you validate your installed
Lotus Sametime Community Mux servers before connecting them to
Community Servers.
You can optionally edit or delete connections to Community Mux servers. Click
Refresh to view your most recent changes.
2. Add Sametime Community Mux Servers.
a. In ″Connect to Sametime Community Mux Servers″, click Add.
b. In the Host Name field, type the fully qualified host name of the new
Sametime Community Mux (for example: mux1.acme.com).
c. Accept the default settings for the Client Port and Client HTTP Port fields.
These settings indicate the ports that the multiplexer will listen on for
connections from Lotus Sametime Connect clients and from Web clients,
respectively.
d. Click Save.
The connection to the Lotus Sametime Community Mux is validated when
you save the settings.
Make sure the following servers are ready for the registration task:
v The upgraded Lotus Sametime Community Server must be configured to use an
LDAP directory, and must be started.
During this task you will edit the following files; click the topic titles below to see
details on each file. You may want to pen each topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. If you enabled SSL encryption on the previous version of the Lotus Sametime
server, complete these substeps on the upgraded server:
If SSL is not enabled, skip this step.
a. Locate the directory where the SSL certificate is stored and note the path
(for example, C:\server.cer).
b. Navigate to the directory where Java is installed.
For example, on Microsoft Windows: C:\Lotus\Domino\JVM\bin.
c. Open a command window and run the following command:
keytool -import -alias serverSSL -file "C:\server.cer" -keystore ../lib/security/cacerts
-storepass changeit -noprompt
where C:\server.cer represents the path where the SSL certificate is stored.
2. Back up the console.properties and productConfig.properties files:
a. Navigate to the Community Server’s Sametime console directory:
v AIX, Linux, Solaris: The console directory is under the Community
Server data directory; for example: /opt/IBM/domino85/notesdata/console
v Windows: The console directory is under the Domino directory; for
example: C:\Lotus\Domino\console
b. Make back-up copies (using different names) of the console.properties and
productConfig.properties files.
3. Update the following values in the console.properties file and save the file.
Table 65. console.properties settings
SSCHostName Provide the fully qualified host name of the Lotus
Sametime System Console server.
SSCHTTPPort Specify the HTTP port used for the Lotus Sametime
System Console server if SSL is not enabled and the
value for SSCSSLEnabled is ″false.″
The utility registers the server, generating a log file called ConsoleUtility.log
and storing it in the console/logs directory. If the registration is successful, a
console.pid will also be generated.
6. Restart the Lotus Sametime Community Server.
After you restart the server, the SSCUserName and SSCPassword settings will be
removed from the console.properties file and replaced with a new
SSCEncodedAuthorization setting; for example:
SSCEncodedAuthorization=d2FzYWRtaW46MTIz
Make sure of each these servers is ready for the cluster registration task:
v Each of the upgraded Lotus Sametime Community Servers in the cluster must
be registered with the Lotus Sametime System Console, and must be started.
v The Lotus Sametime System Console must be started.
v The LDAP server must be started, and must be connected to the Lotus Sametime
System Console.
1. Verify that each of the servers in the cluster has been registered with the Lotus
Sametime System Console.
2. Run the registration utility using the command in the scenario below that best
applies to your deployment:
v The deployment includes a stand-alone Community Mux that was not added
to the cluster as a member, but works with the cluster (so the cluster
members refer to this server’s host name):
– AIX, Linux, Solaris: registerSTCluster.sh -external
– Windows: registerSTCluster.bat -external
v The deployment includes a stand-alone rotating DNS server that was not
added to the cluster as a member, but works with the cluster (so the cluster
members refer to this server’s host name):
– AIX, Linux, Solaris: registerSTCluster.sh -external
– Windows: registerSTCluster.bat -external
v The deployment includes a stand-alone load balancer that was not added to
the cluster as a member, but works with the cluster (so the cluster members
refer to this server’s host name):
– AIX, Linux, Solaris: registerSTCluster.sh -external
– Windows: registerSTCluster.bat -external
v None of the above:
– AIX, Linux, Solaris: registerSTCluster.sh
– Windows: registerSTCluster.bat
3. As the registration utility runs, you will be prompted to enter the following
information:
The utility registers the server, generating a log file called ConsoleUtility.log
and storing it in the console/logs directory.
4. Restart the Lotus Sametime Community Server.
In IBM Lotus Sametime 8.5, user policies are administrated through the Lotus
Sametime System Console. After you have upgraded Lotus Sametime servers from
a previous release and set up a new Lotus Sametime 8.5 System Console, migrate
user policies from the Community Server to the System Console.
The methods for creating and storing policies in previous releases of Lotus
Sametime are very different from the methods used in release 8.5, and there are no
utilities available to migrate the data automatically. If you want to transfer existing
user policies to the new releases, you need to review them on the Lotus Sametime
Community Server, note them down, and then recreate them on the Lotus
Sametime System Console as described in the following topics:
On the upgraded IBM Lotus Sametime Community Server, review existing policy
settings and copy them down so you can recreate them in the Lotus Sametime
System Console. If you upgraded multiple non-clustered servers, copy the settings
from each if they are different. If you upgraded a cluster, you only need the
settings from one of the cluster members.
If you want to recreate your current set of policies on the system console in the
Lotus Sametime 8.5 deployment, copy the settings from the upgraded server:
1. Open a browser and navigate to the Lotus Sametime Community Server
containing the policies you need to record:
Type the following address:
http://host_name/servlet/auth/admin
where host_name is the fully qualified host name of the server; for example:
http://commsvr1.acme.com/servlet/auth/admin
2. From the Lotus Sametime home page, click Administer the Server.
3. Log in as the Lotus Sametime administrator.
4. In the navigation pane, click Policies.
5. Copy all your existing policy settings.
All IBM Lotus Sametime users are automatically assigned to default policies.
Sametime Instant Messaging, Meetings, and Media Services each has a default
policy to be applied to users. You can create additional user policies, and assign
users and groups to these policies.
There is also an anonymous policy that is assigned by default to users who have
not authenticated, and unauthenticated users always receive this policy.
Note: If your deployment includes the Lotus Sametime System Console, you must
manage policies there because all settings made in the legacy Sametime
Administration Tool (STCenter.nsf) are ignored. This includes the override all
feature, as well. Moreover, there is no automatic migration of policies from the
Sametime Administration Tool to the Lotus Sametime System Console. You must
do this manually because Sametime Administration Tool policies do not map
one-to-one to policies in the Lotus Sametime System Console.
You can find all the policies associated with a user for all the IBM Lotus Sametime
products to which the user has access.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console.
3. Click Manage Policies.
4. Click any user Lotus Sametime component. It does not matter which
component that you select, because your search results display all the policies
for all the Sametime components to which the user has access.
v Instant Messaging
v Meetings
v Media Manager
5. Click Find Active Policies.
You can create user policies, and assign users and groups to these policies.
You can set policy for users to have access to specific IBM Lotus Sametime
features, depending upon their level of need. For example, the maximum size for a
file being transferred is set by default at 1 megabyte to help manage traffic over
the server(s); however, if you have a group that routinely transfers large files for
business reasons, you can create a new policy specifically for those users and set
the maximum size of files that they can send to a much higher number.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console.
3. Click Manage Policies.
4. Click the Lotus Sametime product for which you want to create a policy.
v Instant Messaging
v Meetings
v Media Manager
5. Click New.
6. Enter a name to use to identify the policy in the Policy Name field.
7. Specify the features that you want to enable or disable for the users or groups
that you will assign to this policy. Some instant messaging features are flagged
with IC characters after the field label. This flag indicates that a feature is only
available for installed clients. The feature is not available to browser clients.
8. Click OK.
Results
Tip: You can follow these same basic steps to delete or edit a policy. Delete a
policy by selecting the policy and then click the Delete button. Edit a policy by
clicking the policy name. You cannot delete the anonymous or default policies, but
you can edit them. If you edit a policy, you cannot change the policy ID. To do
this, you must make a copy of the policy by selecting it and clicking Duplicate,
What to do next
You can assign users and groups to specific user polices to grant or limit access to
features in IBM Lotus Sametime.
You cannot assign users to the default or anonymous policies. Authenticated users
are automatically assigned to the default policies. Unauthenticated users are
assigned to anonymous policies.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console.
3. Click Manage Policies.
4. Click the Lotus Sametime component with the policy to which you want to
assign a user or a group.
v Instant Messaging
v Meetings
v Media Manager
5. Select a policy name from the list, and click Assign.
6. Click Add Users or Add Groups.
At this point you could remove a user from a policy, by selecting the user in
the list and then clicking Remove.
7. Select the criterion for searching for the user or group that you want to add to
the policy in the Search by field.
v User ID
v Name
v E-mail address
8. Enter user ID, e-mail address, or name or partial name with wildcard
characters (asterisks) of the user or group in the Search for field
9. Select the number of listings on each search results page in the Maximum
results field.
10. Click Search. The results display the DN, display name, and e-mail address of
the users that matched your search.
11. Select a user and click Assign.
12. Click Done.
You can grant or limit access to features in IBM Lotus Sametime Instant Messaging
by enabling or disabling various policies for users. Policy changes take effect
immediately.
All unauthenticated users have the anonymous policy, Sametime Instant Messaging
Anonymous Policy, applied to them. For authenticated users, the Lotus Sametime
All unauthenticated IBM Lotus Sametime users have the anonymous policy,
Sametime Meetings Anonymous Policy, applied to them. For authenticated users,
Lotus Sametime searches for a user ID or group match, and then applies the
highest weighted policy. If there is no match the default policy, Sametime Meetings
Default Policy is applied.
Note: Although Lotus Sametime Classic meetings are still managed on the server
itself, you can set user policy for Sametime Classic meetings on the Meetings
policy tab in the Sametime Classic Meetings section.
Table 71. General Meeting Settings
Sametime Meetings Sametime Meetings
Setting Purpose Default Policy Anonymous Policy
Maximum persistent Users are limited to 100 0
meeting rooms this creating this number
user can own of meeting rooms per
user. When this limit
is reached or set to
zero, users cannot
create more meeting
rooms.
Allow user to create If not selected, user Selected Not selected
instant does not see the
(nonpersistent) capabilities for
meeting rooms creating instant
meetings. User can,
still see the
capabilities for using
an existing room.
Automatically If not selected the Selected Not selected
connect to meeting user must manually
server when logging connect to each
into Sametime meeting room server
Connect to view the meetings
there. This setting is
stored with the client,
so that changes in the
policy do not take
effect until after the
next time the user
logs in to the server.
This setting does not
apply to browser
users.
Allow searching of If not selected, users Selected Not selected
meeting rooms can attend meeting
rooms only with a
direct URL. The
meeting room
manager interface
never shows. Only
affects browser users.
Read-only - Users
can only read what
others have typed
into the group chat.
Interactive - Users
can type and read
group chats.
Share an application
- Users can share a
specific application.
No other applications
or their desktops are
shared.
Application only -
Users can share a
specific application.
No other applications
or their desktops are
shared.
You can grant or limit access to media features in by enabling or disabling various
policies for users. Policy changes take effect immediately.
All unauthenticated users will have the anonymous policy Media Manager
Anonymous Policy, applied to them. For authenticated users, the Lotus Sametime
searches for a user ID or group match, and then applies the highest weighted
policy. If there is no match the default policy, Media Manager Default Policy is
applied.
Table 75. Telephony, Audio, and Video
Media Manager Media Manager
Setting Purpose Default Policy Anonymous Policy
Allow access to Allows outside Not selected Not selected
third-party service vendors to provide
provider capabilities audio and video for
from contact lists, instant messages and
instant messages, and instant meetings.
meetings This setting does not
apply to browser
meetings.
IBM Lotus Sametime products implement user policies that have higher weights
over policies with lower weights. You can change the weight of policies.
The IBM Lotus Sametime Proxy Server enables browser-based clients to participate
in Lotus Sametime instant messaging and online meetings. In addition, the Lotus
Sametime Proxy Server works with Lotus Sametime Community Server or Lotus
Connections to enable the business card feature in Lotus Sametime, and with Lotus
Use the Lotus Sametime System Console to prepare to install a Lotus Sametime
Proxy Server by pre-populating values required for installation.
If you have not already opened the Install Lotus Sametime Proxy Server guided
activity, follow these steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Guided Activities → Install Sametime Proxy Server.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This guided activity takes you through the steps of creating a deployment plan,
which collects information that pre-populates installation screens.
Follow these steps to store a deployment plan on the Sametime System Console to
be used when you run the installation program for Lotus Sametime Proxy Server.
1. Plan a product installation.
In the Install Sametime Proxy Server portlet, click Create a New Deployment
Plan, and then click Next.
2. Deployment Name.
a. Give the deployment plan a unique, recognizable name, which will be
shown only in the Sametime System Console, and then click Next.
Important: This must be a unique user ID that does not exist in the LDAP
directory.
5. Deployment Summary.
Review the summary screen, and then click Finish.
The deployment plan is ready to be used for the server installation. If you need
to make any changes, click Modify an Existing Deployment Plan and update
the plan. All changes must be made prior to running installation.
What to do next
Run the installation program on the machine where you plan to install a Lotus
Sametime Proxy Server.
You should have already created a deployment plan for the Lotus Sametime Proxy
Server and started the Lotus Sametime System Console server. If you are logged
into the Sametime System Console, log out and close the browser before
continuing.
AIX, Linux, and Solaris: The launchpad install program needs to be able to launch
a Web browser to start. You will need to be on the console or have an X server and
a Web browser installed and configured. (VNC or a remote X term session will
work as well).
By using the deployment plan you created earlier, you have fewer selections to
make when you run the installation program.
1. (Linux RHEL only) Disable SELinux on any RedHat operating system:
a. Log in as root on the Linux RedHat server where you will install the Lotus
Sametime server.
b. Open the /etc/selinux/config file for editing.
c. Locate the SELINUX setting. Change its value to either disable or
permissive.
d. Save and close the file.
e. Restart the Linux server.
2. Log in to your computer as the system administrator (Microsoft Windows) or
as root (IBM AIX, Linux, Solaris).
Solaris only: Solaris installs must be performed by the root user using su or a
normal login session. Third-party sudo packages are not supported on Solaris.
3. Download the installation package if you have not already done so. This
installation uses SametimeProxyServer.zip.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers to the system
on which you are installing.
c. Extract the files to a local directory.
d. Verify that you have at least 1 GB of temporary space to run the
installation in your %TEMP% or /tmp directory.
4. Navigate to the folder where you stored the downloaded files for Lotus
Sametime and start the installation program by running one of the following
commands from the disk 1 folder:
AIX, Linux, Solaris
./launchpad.sh
Windows
launchpad.exe
5. If necessary, select a language other than English from the ″Select a language″
dropdown list.
6. Click Install IBM Lotus Sametime Proxy Server and click Launch IBM Lotus
Sametime Proxy Server 8.5 installation.
7. Select the packages you want to install and click Next.
8. At the Licenses screen, click the I accept the terms in the license agreements
option and click Next.
9. Select a package group option and accept the installation directory. Then click
Next.
Select Create a new package group if you have not installed any other
Sametime software on this machine.
Leave Use the existing package group selected if you are installing several
Sametime servers on the same machine.
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix any problems,
then uninstall all components and reinstall. Find information in the logs directory
and the ant and native subdirectories.
/var/ibm/InstallationManager/logs
Windows 2008
%ALLUSERSPROFILE%\IBM\Installation Manager\logs
Windows 2003
%ALLUSERSPROFILE%\Application Data\IBM\Installation Manager\logs
Open the Sametime Web client to verify that the installation was successful.
Tip: To verify the port number being used by the Lotus Sametime Proxy
Server, log in the Lotus Sametime System Console. In the WebSphere
Application Server administrative console, click Servers → WebSphere
application servers → STProxyServer → ports → WC_defaulthost to find the port
number.
For example: http://st85proxy1.acme.com:9081/stwebclient/index.jsp
2. Verify that you can create or view contacts.
Related tasks
“Logging in to the Lotus Sametime System Console” on page 63
Use the IBM Lotus Sametime System Console to prepare to install new servers,
start Sametime servers that have been installed, use guided activities to perform
configuration tasks, and administer any Sametime servers managed by the console.
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
You should have already installed the IBM Lotus Sametime Server Console and the
Lotus Sametime Proxy Server.
To maintain FIPS 140-compliance for all data exchanged between clients and Lotus
Sametime Community Servers, you must install the FIPS Server on the Lotus
Sametime Proxy Server to accept data on behalf of Lotus Sametime Community
Servers.
If you want to administer the FIPS Server from the Sametime Systems Console,
you must install the FIPS administration portlet before you install the FIPS Server.
The FIPS administration portlet can connect to the FIPS Server only if the it has
been installed on the Lotus Sametime Proxy Server, and you must always restart
If you do not install the FIPS administration portlet, you can manage the FIPS
Server using information in FIPS Support for IBM Lotus Sametime 8.
1. Install the FIPS administration portlet into the Sametime System Console of
the Integrated Solutions Console. Go to WebSphere\STSCServerCell\
optionalConsoleApps\fips.proxyadmin and install the portlet using the
instructions in the readme.txt.
2. Copy sametimefipsproxy.war from setup\STIPLaunchpad\disk1\FIPSProxy on
the image disk to your local drive.
3. Log in to the Integrated Solutions Console on the machine where you are
installing the FIPS Server.
4. Click Applications → Application Types → Websphere Enterprise
Applications.
5. On the Enterprise Applications page, click Install. .
6. Under Path to the new application, browse to the sametimefipsproxy.war file.
Keep the default settings to install the server, and then click Next
7. Enter the context root that you want for the FIPS Server.
8. Click Finish and save the configuration.
9. Restart the Lotus Sametime Proxy Server to automatically start the FIPS
Server.
10. Log in to the Integrated Solutions Console.
11. Click Sametime System Console → Sametime Servers → FIPS Proxy Servers.
You can only edit data for FIPS if the FIPS war is running on the installed
server. Make sure that your FIPS Server is running in order to administer it.
Before you can migrate meetings from an upgraded IBM Lotus Sametime server,
you must install a Lotus Sametime Meeting Server and then set up URL redirects
from the upgraded server to the Lotus Sametime Meeting Server.
Follow the instructions for your operating system to install a Lotus Sametime
Meeting Server.
Creating a database for the Lotus Sametime Meeting Server on AIX, Linux, Solaris, and
Windows:
Before installing the Lotus Sametime Meeting Server on AIX, Linux, Solaris, and
Windows, create a database to store its data.
If you previously created a Meeting Server database and want to run the script
again to create a database of the same name, use the DB2 DROP DATABASE
command to delete all user data and log files, as well as any back/restore history
for the original database. Also note that uninstalling DB2 does not remove the data
and log files.
Run the scripts that come with Lotus Sametime in the DB2 installation package to
create the database for the Lotus Sametime Meeting Server.
1. On the DB2 server, log in to the system as the DB2 administrator created
during DB2 installation.
2. Open a command prompt and navigate to the folder where you extracted the
DB2 installation package.
3. Create the database by running one of the following commands from the disk 1
folder:
AIX, Linux, and Solaris
./createMeetingDb.sh STMS
Windows
createMeetingDb.bat STMS
Replace ″STMS″ in the command if you want to choose a different database
name. Names can be from 1 - 8 characters, but cannot contain special or
multibyte characters.
Follow the rules for your operating system when naming DB2 objects.
4. Close the DB2 command window.
5. Open the DB2 Control Center.
AIX, Linux, and Solaris:
Open the IBM DB2 folder on the desktop and click Control Center.
Windows:
Click Start → Programs → IBM DB2 → General Administration Tools → Control
Center.
6. Verify that the new database was created.
Related tasks
“Installing DB2 on Linux and Windows” on page 57
IBM DB2 is a prerequisite for IBM Lotus Sametime and is included with the
Sametime installation package for Linux and Windows. The package does not
include DB2 for AIX or Solaris.
Use the Lotus Sametime System Console to connect to the Lotus Sametime Meeting
Server or Lotus Sametime Gateway database before installing the server from the
System Console. If you installed the server without using the System Console (as is
the case with the Sametime Meeting Server on IBM i and Sametime Gateway on
any platform), do this step before registering the server with the System Console.
If you have not already opened the Connect to DB2 Databases activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary or use the setting
specified for the Administrative console secure port in the AboutThisProfile.txt
file. For the Sametime System Console Deployment Manager Profile
(STSCDmgrProfile), the file is located in the following path:
/QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDmgrProfile/logs/AboutThisProfile.txt
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Prerequisites → Connect to DB2 Databases.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This activity takes you through the steps for connecting to the Meeting Server or
Gateway database you created.
AIX, Linux, Solaris, Windows: Ensure that IBM DB2 has been installed and that
you have created the Sametime Meeting Server or Gateway database.
IBM i: Ensure that you have created the required database schemas and tables.
In the Connect to DB2 Databases portlet, verify that the Lotus Sametime System
Console database you created earlier is already displayed in the list of databases.
Follow these steps to connect to the Meeting Server or Gateway database. You
must do this before you can install the Meeting Server using the Sametime System
Console. If you installed the server without using the System Console (as is the
case with the Sametime Meeting Server on IBM i and Sametime Gateway on any
platform), do this step before registering the server with the System Console.
1. DB2 Configuration Guided Activity.
Click Add to begin the guided activity that will connect your server to the DB2
database. If a connection already exists, you can optionally edit or delete it.
2. Add a new database.
a. In the Connect to DB2 Databases portlet, click Add.
If you want to edit or delete a database instead, then select one, and click
the appropriate button.
Use the Lotus Sametime System Console to prepare to install a Lotus Sametime
Meeting Server by pre-populating values required for installation.
If you have not already opened the Install Lotus Sametime Meeting Server guided
activity, follow these steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
494 Lotus Sametime: Installation and Administration Guide Part 1
4. Click Sametime Guided Activities → Install Sametime Meeting Server.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This guided activity takes you through the steps of creating a deployment plan,
which collects information that pre-populates installation screens.
You have set up an IBM DB2 database and an LDAP server, and have run the
guided activities for connecting to the DB2 database and to the LDAP server.
Follow these steps to store a deployment plan on the Lotus Sametime System
Console to be used when you run the installation program for Lotus Sametime
Meeting Server.
1. Plan a product installation.
In the Install Sametime Meeting Server portlet, click Create a New
Deployment Plan, and then click Next.
2. Deployment Name.
Give the deployment plan a unique, recognizable name, which will be shown
only in the Sametime System Console, and then click Next.
The name should include the installation and node type, such as
stMeeting_primary. You can include multibyte characters, symbols, and spaces
in the name. The name can be up to 256 characters and is not case sensitive.
3. Choose the configuration type.
Select the profile type for this installation, and then click Next:
Pilot use: Select Cell Profile.
Production use:
Add this server to the Sametime System Console cell by selecting the
appropriate Network Deployment option.
v First server of this type: Select Network Deployment - Primary Node.
v Additional server of this type: Select Network Deployment - Secondary Node.
If you will use the Lotus Sametime System Console as the Deployment
Manager for a Lotus Sametime Meeting Server cluster, there is no need to
install a Lotus Sametime Meeting Server with the Deployment Manager option.
4. WebSphere Profile Settings.
a. Type the fully qualified host name of the server where you will be installing
the Lotus Sametime Meeting Server.
b. Enter the user name and password to be used as the WebSphere
Application Server administrator on the Sametime Meeting Server, and then
click Next.
Important: This must be a unique user ID that does not exist in the LDAP
directory.
5. Choose a database for this deployment.
What to do next
Run the installation program on the machine where you plan to install a Lotus
Sametime Meeting Server.
You should have already created a deployment plan for the Lotus Sametime
Meeting Server and started the Lotus Sametime System Console server. If you are
logged into the Sametime System Console, log out and close the browser before
continuing.
AIX, Linux, and Solaris: The launchpad install program needs to be able to launch
a Web browser to start. You will need to be on the console or have an X server and
a Web browser installed and configured. (VNC or a remote X term session will
work as well).
By using the deployment plan you created earlier, you have fewer selections to
make when you run the installation program.
1. (Linux RHEL only) Disable SELinux on any RedHat operating system:
a. Log in as root on the Linux RedHat server where you will install the Lotus
Sametime server.
b. Open the /etc/selinux/config file for editing.
c. Locate the SELINUX setting. Change its value to either disable or
permissive.
d. Save and close the file.
e. Restart the Linux server.
2. Log in to your computer as the system administrator (Microsoft Windows) or
as root (IBM AIX, Linux, Solaris).
Solaris only: Solaris installs must be performed by the root user using su or a
normal login session. Third-party sudo packages are not supported on Solaris.
3. Download the Meeting Server installation package if you have not already
done so.
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix any problems,
then uninstall all components and reinstall. Find information in the logs directory
and the ant and native subdirectories.
/var/ibm/InstallationManager/logs
Windows 2008
%ALLUSERSPROFILE%\IBM\Installation Manager\logs
Windows 2003
%ALLUSERSPROFILE%\Application Data\IBM\Installation Manager\logs
What to do next
Related tasks
“Starting and stopping servers running on WebSphere Application Server” on page
230
Starting and stopping IBM Lotus Sametime servers that run on WebSphere
Application Server involves other server components such as the Deployment
Manager and the node agent.
“Uninstalling DB2 and Sametime software with the Installation Manager” on page
243
Use the Installation Manager to uninstall the following components that are
packaged with Lotus Sametime: IBM DB2 for Linux and Windows, Lotus Sametime
System Console, Lotus Sametime Proxy Server, Lotus Sametime Meeting Server,
and Lotus Sametime Media Manager.
Log in to the Lotus Sametime Meeting Server to verify that the installation was
successful.
Verify the installation by logging in to the server and creating a new meeting
room.
1. From a Web browser, navigate to the Meeting Room Center by entering the
following URL:
http://serverhostname.domain:port/stmeetings
Replace serverhostname.domain with the fully qualified domain name of the
Meeting server; for example:
Tip: To verify the HTTP port number being used by the Lotus Sametime
Meeting Server, open the AboutThisProfile.txt file for the Sametime Meeting
Application Server Profile and use the setting specified for the HTTP transport
port. The default profile name is STMAppProfile. On IBM i, look for the
AboutThisProfile.txt file in the following location: /QIBM/UserData/Websphere/
AppServer/V7/SametimeWAS/profiles/STMAppProfile/logs/
AboutThisProfile.txt
http://st85ms1.acme.com:9080/stmeetings
Note: By default, the WebSphere proxy listens on port 80, and forwards to the
Lotus Sametime Meeting Server on port 9080.
2. Click Log In and then enter your User name and Password to log in to the
Meeting Center.
3. Click New Meeting Room, then fill in the fields and click Save.
4. The new meeting appears in the list of meetings that you own. Click Enter
Meeting Room below the name of the new meeting to join the meeting.
After you install the new IBM Lotus Sametime 8.5 Meeting Server, you are ready
to migrate meetings. Rather than transfer meeting schedules and associated data
from the legacy server to the new server, you will set up URL redirects that
automatically link users to the appropriate meeting room on the new server.
Configuring the Meeting Server to accept redirects from the upgraded Lotus Sametime
server:
Configure an IBM Lotus Sametime Meeting Server to accept URL redirects from an
upgraded Lotus Sametime server or from a Lotus Sametime Enterprise Meeting
Server cluster.
Establishing URL redirect to a Lotus Sametime Meeting Server uses the REST API
provided by the Lotus Sametime Online Meeting Toolkit (included in the Lotus
Sametime Software Development Kit). The Meeting Server uses the Online Meeting
Toolkit to transfer meeting data from the upgraded Lotus Sametime server to the
new Meeting Server.
The enable the redirect, the new Meeting Server must be configured to be
associated the with URL of a particular Lotus Sametime server.
After you have upgraded your IBM Lotus Sametime deployment and migrated
meetings to the new Lotus Sametime Meeting Server, you may want to integrate
additional components into your deployment.
The following components are not required for upgrading a Lotus Sametime server
and migrating meetings, but provide additional capabilities to a Lotus Sametime
deployment:
v Lotus Sametime Media Manager: Provides audio and video features for instant
messaging and online meetings.
For more information, see Planning a Lotus Sametime Media Manager
installation.
v Lotus Sametime Gateway: Provides instant messaging with external
communities, including:
– Lotus Sametime communities deployed outside of your firewall
– AOL Instant Messenger
– Google Talk
– Yahoo Messenger
For more information, see Planning a Lotus Sametime Gateway installation.
You can upgrade from the following types of Lotus Sametime deployments:
v Lotus Sametime (release 7.5.1)
The upgrade process is the same for all servers up to a point; if you have meetings
enabled on your server there will be additional tasks to complete if you want to
migrate existing meetings to a new Lotus Sametime 8.5 Meeting Server.
Note: If you have a cluster of Lotus Sametime servers, you must upgrade all
servers in the cluster. A cluster cannot support servers running different releases of
Lotus Sametime.
Upgrade from previous releases of IBM Lotus Sametime on the IBM i operating
system.
You can upgrade from the following types of Lotus Sametime deployments:
v Lotus Sametime (release 7.5.1)
v Lotus Sametime Instant Messaging Limited Use (release 8.0, 8.0.1, and 8.0.2)
v Lotus Sametime Entry (release 8.0, 8.0.1, and 8.0.2)
v Lotus Sametime Standard (release 8.0, 8.0.1, and 8.0.2)
The upgrade process is the same for all servers up to a point; if you have meetings
enabled on your server there will be additional tasks to complete if you want to
migrate existing meetings to a new Lotus Sametime 8.5 Meeting Server.
Note: If you have a cluster of Lotus Sametime servers, you must upgrade all
servers in the cluster. A cluster cannot support servers running different releases of
Lotus Sametime.
Before you begin to an IBM Lotus Sametime server, you must disable cluster
replication to avoid sending or receiving configuration changes while preparing for
the upgrade.
If you have a cluster of servers, you must upgrade every server in the cluster. To
avoid sending or receiving configuration changes while you are preparing to
upgrade, disable cluster replication for all servers in the cluster. For more
information, see Disabling cluster replication for an entire server in the Lotus
Domino and Notes information center.
If you have meeting services enabled on your IBM Lotus Sametime server and you
clustered the meeting rooms with Lotus Sametime Enterprise Meeting Server, you
must remove those servers from Enterprise Meeting Server before upgrading them.
Lotus Sametime 8.5 does not support the use of Lotus Sametime Enterprise
Meeting Server. Instead, you deploy one or more Lotus Sametime 8.5 Meeting
Servers and optionally cluster them using an IBM WebSphere network deployment.
Then you can set up URL redirects from your upgraded Lotus Sametime servers to
the new Meeting Servers so that when a user clicks a link to create or attend a
meeting on an upgraded server, the link is automatically redirected to the new
Meeting Server.
If you do not wish to install the Lotus Sametime 8.5 Meeting Server yet, you can
still create and host meetings on the upgraded server, but you cannot cluster the
meeting rooms.
After you have completed the preliminary steps to prepare the environment,
upgrade each of your IBM Lotus Sametime servers.
If you are upgrading a cluster, be sure to upgrade each of the servers in the cluster
(and register each server with the Lotus Sametime System Console) before you
configure the cluster and register the cluster itself.
Checking for supported releases for Lotus Domino and Lotus Sametime on IBM i:
Before upgrading to IBM Lotus Sametime 8.5, determine whether you first need to
upgrade your Lotus Domino and your operating system releases. You also need to
determine whether your current level of Lotus Sametime is supported by the Lotus
Sametime 8.5 upgrade process.
Follow these steps to ensure that the server you intend to upgrade is running on a
supported level of the operating system and that the current releases of Lotus
Domino and Lotus Sametime are supported by the upgrade process. If the server
includes an unsupported release of any product, you must complete an interim
upgrade to a supported product.
1. Check the operating system level on the computer where Lotus Sametime is
installed.
You must upgrade to at least IBM i 5.4 before installing Lotus Sametime 8.5.
IBM i 5.4 or later is required for Lotus Sametime 8.5 and IBM i 6.1 is required
for supporting IPv6 addressing.
Consider other Lotus Domino servers and related Lotus products that may be
running on the same system in your upgrade plans. Make sure that your
currently installed server releases, and product releases, are all supported on
the new operating system level. For up-to-date details about which
combinations of Domino, Sametime, and other Lotus Domino related product
releases are supported on current IBM i releases, see the Lotus Software for
IBM i Compatibility Guide.
For information on Lotus Sametime 8.5 system requirements, see the Detailed
System Requirements.
2. Check the Lotus Domino release on the server to be upgraded.
Before installing a new release of IBM Lotus Sametime you should back up all
important server data.
The IBM i installation program always preserves the Lotus Sametime data on
existing servers. If you do not want to preserve the Lotus Sametime data, remove
Lotus Sametime from the server with the RMVLSTDOM command before
installing the new release. After the installation completes, run the ADDLSTDOM
command to add Lotus ametime to the server again.
When backing up your Lotus Sametime data, include the following information:
Table 78. Lotus Sametime server data to back up
Data to back up Comments
names.nsf This is optional if you can replicate from
another Domino server. After upgrading to
Lotus Sametime 8.5, you will need to convert
the native Domino Directory to use LDAP
format in order to register the server with the
Lotus Sametime System Console.
notes.ini Back up this file for possible reference after
upgrade.
da.nsf Back up this file if you are using directory
assistance.
If you are installing IBM Lotus Sametime from physical media, it is highly
recommended that you display and accept the Lotus Sametime software
agreements before starting the installation.
If you do not pre-accept the software agreements, the installation process will
restore the product to the system, but then stop and wait for you to accept the
agreements before completing the installation. Skip this step if installing from a
downloaded image.
1. Insert the Lotus Sametime DVD into the optical drive of your system.
2. Enter the following command on an IBM i command line:
GO LICPGM
The Work with Licensed Programs display appears.
3. From the Work with Licensed Programs (LICPGM) menu, select option 5
(Prepare for install) and press Enter. The Prepare for Install display appears.
4. Type 1 in the option field next to Work with software agreements. Press Enter.
When the Work with Software Agreements display appears, you see all IBM
licensed programs that require software agreement acceptance and whether the
agreement has been accepted. Only licensed programs that are not yet installed
appear on this display. The software agreements for Lotus Sametime will not
appear in the list until you restore them from the DVD in a later step.
Note: In some unusual situations, the following message may be issued when
you attempt to display the Software Agreement:
Run the installation program on the computer where you plan to upgrade an IBM
Lotus Sametime server.
Use the IBM i command line to install the Lotus Sametime Community Server.
1. Make sure you have backed up the recommended files to a directory outside of
your Sametime directory structure or to physical media before proceeding.
2. Sign on to your server with a user profile that has the *ALLOBJ and *SECADM
special authorities
3. Stop the IBM Lotus Domino server that will run Sametime. Stop all existing
Lotus Sametime servers.
Results
All of your existing Lotus Sametime servers are upgraded during the install
process. Check the job log to verify that all of your Lotus Sametime servers were
upgraded successfully. You should see the following message for each Lotus
Sametime server that was successfully upgraded on your system:
Upgrade successful for Lotus Sametime server server_name
What to do next
Refresh the design of your Lotus Sametime databases by either waiting for the
nightly Design server task to run or by forcing an immediate refresh with the LOAD
DESIGN command, as described in the following steps.
1. On any IBM i command line, type the following command and press Enter:
WRKDOMCSL
2. On the ″Work with Domino Console″ display, type the name of your Lotus
Sametime server and press Enter.
3. At the command prompt, type the following Lotus Domino subcommand and
press Enter:
LOAD DESIGN
Related tasks
“Starting and stopping Domino and a Sametime Community Server on IBM i” on
page 422
Learn how to start and stop a Sametime Community Server running on IBM i.
“Installing a Domino server in a new domain on IBM i” on page 266
Follow these steps to set up a Lotus Domino server in a new Lotus Domino
domain.
As part of upgrading IBM Lotus Sametime, you will need to replace the design of
the vpuserinfo.nsf database.
As part of a product upgrade, you will need to replace the design of the
vpuserinfo.nsf database with the stuserin.ntf template:
1. Start the Lotus Notes client.
2. Click File → Application → Open.
3. Select the Community Server you upgraded (select ″Local″ for the current
server).
4. Select the Configuration folder.
5. In the file name field, type vpuserinfo.nsf and then click Open.
6. Once the database is open, click File → Application → Replace Design.
7. Select the newly installed Lotus Sametime Community Server as the template
server, and then click the Show advanced templates option to locate the
″Sametime User Information″ (stuserin.ntf) template.
8. Click the stuserin.ntf template to select it, and then click Replace to update
the database’s design to match the template.
9. When you have finished, you can exit the Lotus Notes client.
Run the privacy migration utility to migrate user privacy information that was
stored prior to IBM Lotus Sametime 7.5 to the new format. An optional parameter
allows you to migrate privacy data for only a specified subset of your Lotus
Sametime users.
To run the privacy information migration utility after upgrading Lotus Sametime,
follow these steps:
1. If you intend to migrate privacy information for only a specified subset of your
Sametime users, create a text file containing the names of the users. For
example, create a text file called upgrade_util_filter.txt and save it in your
Sametime server data directory or another accessible location. The file should
have each user specified on a separate line in the following format:
CN=John Smith/O=Acme
CN=Jane Doe/O=Acme
CN=Sally Brown/O=Acme
2. Stop the Sametime server.
3. From any IBM i command line, start the QShell Interpreter:
QSH
4. Run the following shell command:
cd <sametime_server_data_directory>
After all of the servers in the IBM Lotus Sametime cluster have been upgraded,
you can enable cluster replication once again to ensure that the servers are sharing
configuration information.
If you saved each server’s data during the upgrade, your previous cluster settings
still exist and you just need to enable replication among the servers. For more
information, see Replicating with all servers in a cluster in the Lotus Domino and
Notes information center.
If you did not save server data during the upgrade, you may need to recreate the
cluster as described in Clustering Lotus Sametime Community Servers in this
information center. You will need to return to this upgrade section after completing
the cluster configuration, so you may want to open the link in a separate browser
tab or window so you do not lose your place.
This task only applies to a stand-alone Community Mux; the multiplexer that
installs directly on the Lotus Sametime server was upgraded automatically when
you upgraded that server.
If you have more than one stand-alone Community Mux, upgrade all of them:
1. Insert the Lotus Sametime CD into the Community Services multiplexer
machine, start the installation program, and choose the option to install the
Community Services Mux.
2. At the ″Select a language″ screen, select a language for the installer, and then
click OK.
If your IBM Lotus Sametime deployment includes a remote conversion server and
you will continue to host meetings on one or more upgraded Lotus Sametime
servers, you should upgrade the conversion server as well.
Results
The conversion services component starts automatically when you restart the
server. To start the conversion services manually, click Start > Administrative tools
> Services.
Audio and video services provided by the IBM Lotus Sametime Reflector will not
be available in this release to assist client-to-Sametime client audio/video
communication.
Release 8.5 audio/video services can co-exist with release 7.5.x and 8.0.x
audio/video services, with the following restrictions:
v The 8.5 client cannot establish an audio or video call with 7.5.x or 8.0.x clients
v The 7.5.x and 8.0.x clients cannot establish an audio or video call with the 8.5
client
v The 8.5 client cannot use the Lotus Sametime Reflector
Next steps:
After you have completed an upgrade of one or more IBM Lotus Sametime
servers, the instant messaging, awareness, and presence features are ready to use.
If your previous deployment included the online meetings feature, you can either
use them on the upgraded server (as in previous releases) or migrate meetings to
the Lotus Sametime 8.5 Meeting Server.
If your Lotus Sametime server does not have the online meetings feature enabled,
or meetings are enabled but you intend to continue creating and hosting them on
the upgraded servers, then your upgrade is complete and you are ready to begin
using Lotus Sametime 8.5.
You only need to continue to next upgrade section if your Lotus Sametime server
has the online meetings feature enabled and you want to migrate them to the new
Lotus Sametime 8.5 Meeting Server. To migrate meetings, you will need to set up
an LDAP directory (if you are currently using native Domino authentication),
install new Lotus Sametime 8.5 components, and then set up URL redirects from
the upgraded servers to one or more newly installed Meeting Servers. All of these
tasks are discussed in detail in the next section.
This section applies only to deployments where the upgraded servers have online
meetings enabled and you want to migrate them to the new Lotus Sametime 8.5
Meeting Server. To migrate meetings, you will need to set up an LDAP directory,
install new Lotus Sametime 8.5 components, and then set up URL redirects from
the upgraded servers to one or more newly installed Meeting Servers. All of these
tasks are discussed in detail in this section.
Note: This section discusses installing new Lotus Sametime 8.5 components.
Information on topics such as configuration, administration, tuning, and
troubleshooting appears elsewhere in this information center.
If your existing Sametime server is using a native IBM Lotus Domino Directory for
user authentication, you will need to convert it to use LDAP protocol so that it can
be registered with the Lotus Sametime System Console.
Previous releases of Lotus Sametime allowed the use of the native Lotus Domino
Directory for user authentication. In release 8.5, the Lotus Sametime System
Console requires access to an LDAP directory, so if you want to register your
Community Server with the System Console, you must migrate the Lotus Domino
Directory to LDAP format. For more information, see Planning for an LDAP
directory and the ″Directory considerations″ section of Planning a Community
Server installation for more information.
Note: If you migrate convert the existing Lotus Domino Directory to LDAP format,
the directory can no longer be hosted on the same Lotus Domino server as the
Community Server.
Follow these steps to migrate the Lotus Domino directory to LDAP format.
1. Shut down the Lotus Sametime services but keep the Lotus Domino services
active as described in Starting and stopping a Sametime server on IBM i while
Domino is running.
2. Specify LDAP connection information on IBM i.
3. Start the Lotus Sametime server.
4. Run the name change task.
5. Configure the LDAP Directory settings in the LDAP document using a Lotus
Notes client or the Sametime Administration Tool.
Note: The Connectivity section should already be completed. Verify that the
information in the other sections is correct: Basics, Authentication, Searching,
and Group Contents. If necessary, update them for your LDAP directory.
6. Restart the Lotus Sametime server.
What to do next
Next, you may need to complete these additional tasks to complete the
configuration of your converted LDAP directory:
Option Description
Name Enter the name or TCP/IP address of the
LDAP server that Sametime will use. It is
also possible to specify the TCP/IP address,
but this is not recommended.
Port Enter the IP port that Sametime will use.
The default IP port for LDAP connections is
389.
Bind distinguished name (DN) Enter the distinguished name of the LDAP
directory entry that the Sametime server will
use when binding to the LDAP directory.
This is an optional parameter. If not
specified, you must ensure the LDAP server
is configured appropriately for anonymous
access from a Sametime server.
Bind password If you specified a Bind distinguished name
(DN), enter the password associated with it.
Note: If your server is enabled for both IPv4 and IPv6 addressing, you must
manually update the sametime.ini file so that ″VPS HOST=″ is set to an
explicit IP address, rather than the host name, after running the CHGLSTDOM
command.
Related tasks
“Configuring the Lotus Sametime Community Server to support IPv6 addressing”
on page 303
Configure settings to establish connectivity and resolve addresses when using IPv6
addressing on the IBM Lotus Sametime Community Server.
Specify the LDAP Directory settings that enable the Sametime server to search the
LDAP directory on the LDAP server and authenticate Sametime users against
entries in the LDAP directory.
Configuring the LDAP Directory settings requires previous experience with LDAP;
in particular you will need to know the following information:
v The structure (directory tree) of the LDAP directory the Sametime server will
access
v The schema of Person and Group entries in the LDAP directory
v How to construct LDAP search filters to access the attributes of Person and
Group entries in the LDAP directory
You must configure the LDAP Directory settings on the LDAP document in the
Configuration database to ensure that the Sametime server can search and
authenticate against entries in the LDAP directory. Use the Sametime
Administration Tool to enter LDAP Directory settings; the tool then writes the
values to the LDAP document in the Sametime Configuration database
(stconfig.nsf) and updates the Directory Assistance database.
Specify settings that determine how IBM Lotus Sametime interoperates with your
LDAP directory.
The Sametime Administration Tool includes the LDAP Directory settings that
enable the Sametime server to operate as a client to an LDAP server. These settings
enable the Sametime server to search the LDAP directory on the LDAP server and
authenticate Sametime users against entries in the LDAP directory.
Note: After changing any LDAP settings, restart the Sametime server.
Connectivity settings
The Connectivity settings enable the administrator to provide the IP address and
ports the Sametime server uses when connecting to the LDAP server, and to
specify whether the Sametime server binds to the LDAP server as an anonymous
or authenticated user. These settings also enable the Sametime server to connect to
multiple LDAP servers, and to use SSL when connecting to the LDAP server.
Table 79. Connectivity settings for the LDAP directory
Field Description Comments
Host name or IP Select the IP address (or fully
address of the qualified DNS name) of the LDAP
LDAP server server for which you want to change
settings.
Position of this If you have configured the Sametime
server in the server to connect to multiple LDAP
search order servers, use this setting to specify
the order in which Sametime will
connect to the LDAP servers by
clicking a number to indicate the
priority of the currently selected
LDAP server.
Port Specify the port over which the The default port for LDAP
Sametime server connects to the access and recommended setting
specified LDAP server; use the port is TCP/IP port 389.
number on which the LDAP server
listens for TCP/IP connections.
Administrator If you want the Sametime server to When designating an
distinguished bind to the LDAP server as an authenticated user, IBM Lotus
name, anonymous user, leave these fields software recommends that you
Administrator empty. create a unique directory entry
password that is used only for the purpose
If you want the Sametime server to of authenticating connections
bind to the LDAP server as an from the Sametime server to the
authenticated user, specify the LDAP server. After creating the
Distinguished name of an LDAP directory entry, you must ensure
directory entry that the Sametime this directory entry has at least
server uses when binding to the read access to the attributes of
LDAP directory, and then enter the the LDAP directory entries.
password associated with that user.
Basics settings
The Basics settings enable the administrator to specify the basic LDAP parameters
required to conduct searches for people, and for groups, in an LDAP directory.
Some of these parameters are also necessary for displaying the names of users in
Sametime user interfaces. The Basics settings include parameters that specify the
level of a directory from which a search begins, the scope of a search, and the
attributes of LDAP directory entries that define person and group names.
Table 80. Basics settings for the LDAP directory
Field Description Comments
Person settings:
The group object Specify the attribute of a In some situations, Sametime must
class used to directory entry that identifies determine whether a directory entry
determine if an the entry as a group. returned by a search is a person or
entry is a group group entry. Sametime assumes that
Enter the objectclass attribute groups are represented by entries
used for groups in the LDAP with a unique object class. Sametime
schema of the LDAP directory compares the name of the object class
in your environment. specified in this setting to the object
class values of each entry to decide
Suggested values for the setting whether the entry is a group or a
are: person.
v Microsoft Active Directory:
group
v Netscape Directory:
groupOfUniqueNames
v Microsoft Exchange 5.5 and
Domino Directories:
groupOfNames
v SecureWay Directory:
groupOfUniqueNames
Authentication settings
Note: The administrator must add a field to the person entries in the LDAP
directory to hold the name of each user’s home Sametime server, or use an existing
field in the person entries for this purpose.
Search settings
The Searching setting enables the administrator to specify the search filters
required to resolve the names of people and groups to specific entries in an LDAP
directory.
The Group Contents setting enable the administrator to specify the attribute of a
group entry that contains the names of group members.
Table 83. Group Contents settings for the LDAP directory
Field Description
Attribute in the Specify the name of the attribute in If an end user adds a group to a
group object the group entry that contains that presence list, privacy list, or a list
class that has the names of invidual people or that restricts meeting attendance,
names of the subgroups. Sametime must obtain the list of
group members members within the group so
Suggested values for this setting are: that individual members of the
v Microsoft Active Directory, group can be displayed. The
Microsoft Exchange 5.5 Directory, ″Attribute in the group object
and Domino Directory: member class that has the names of the
v Netscape Directory and IBM group members″ setting defines
Secureway Directory: the attribute within an LDAP
UniqueMember directory group entry that holds
the names of all members of the
group.
The Access Control settings enable the administrator to work with Access Control
Lists.
Table 85. Access Control settings for the LDAP directory
Field Description Comments
User or Group Specify the name of a person or Registering groups in the Access
Name group entry in the LDAP directory Control List is more efficient
that should have access to Sametime than listing individual users
servers. because you can include more
users in less time, and can easily
When entering names in this field: update the individual group
v Use the fully qualified listings later.
distinguished name of the user or
group, but use forward slashes (/)
as delimiters instead of commas (,).
For example, use:
cn=John Smith/ou=managers/
ou=marketing/ou=west/o=acme
instead of:
cn=John Smith, ou=managers,
ou=marketing, ou=west, o=acme
v You can use an asterisk (*) as a
wildcard character when entering
names. For example, entering
*/ou=West/o=Acme is equivalent
to entering all users in the
ou=West, o=Acme branch of the
directory to the ACL.
A new IBM Lotus Sametime 8.5 deployment uses a system console as the central
point for administering servers; all new Lotus Sametime 8.5 components must
connect to the console. Set up the Lotus Sametime System Console and its
prerequisite components before you install a Lotus Sametime 8.5 Meeting Server.
The Lotus Sametime System Console is your focal point for administering and
configuring all Sametime servers.
Install and configure prerequisite applications, then install the IBM Lotus Sametime
System Console, which you will use for preparing for server installations and for
managing your Lotus Sametime deployment.
Follow these steps to customize the response.properties file to prepare for installing
the Lotus Sametime System Console on IBM i.
You should have completed the preparation steps in ″Preparing to install Lotus
Sametime on IBM i.″
Skip the first two steps if you are installing from physical media.
1. Download the installation package if you have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers.
c. Use ftp or another convenient method to transfer the installation package to
the system where you plan to install the product. Store the file in an IFS
directory of your choosing; for example:
/MySametimePackages
2. Extract the installation files to the directory where you stored the installation
package.
Run the script to create the database schema for the IBM Lotus Sametime System
Console on IBM i.
You should have prepared the console installation file as described in ″Preparing
the console installation file on IBM i.″
On the IBM i system where you will install the Sametime System Console, follow
these steps to create the database schema and tables:
1. Log in with a user profile that has *ALLOBJ and *SECADM special authorities.
These authorities are required to create the database schemas. The database
schemas will be created on the system specified in your copy of the
ssc.default.response.properties file and owned by the user profile specified in
the file.
Results
If the database schema creation was not successful, look at the script log for more
information about what occurred during the attempt. Fix the problem, then try
running the script again. The script log is stored in the following location.
/QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
ssc_dbsetupyyyymmdd_hhmm.log
For example, this log was created at 3:07 A.M. on December 15, 2009:
ssc_dbsetup_20091215_0307.log
Related tasks
“Preparing to install Lotus Sametime on IBM i” on page 249
Follow these steps to prepare IBM i for Lotus Sametime server installations.
Run the install script to set up the IBM Lotus Sametime System Console on IBM i.
If you intend to install from a downloaded image, you should have downloaded
the console server installation package. For all installations, you should have
completed the preparation steps. The database schemas required for the System
Console (SSC and POLICY) should already exist.
Follow these steps to install the Sametime System Console and WebSphere
Application Server.
1. Log in using a profile with *ALLOBJ and *SECADM special authorities.
2. Use the WRKSYSVAL command to check the setting for the QVFYOBJRST system
value and change it if necessary. The setting must be 3 or lower to install the
Sametime software.
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix the problem,
then try installing again. The installation logs are stored in the following location.
/QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
install_STCONSOLE_yyyymmdd_hhmm.log
For example, this log was created at 3:07 A.M. on December 15, 2009:
install_STCONSOLE_20091215_0307.log
Related tasks
“Preparing to install Lotus Sametime on IBM i” on page 249
Follow these steps to prepare IBM i for Lotus Sametime server installations.
Increasing the WebSphere Application Server usage limit for running Sametime on IBM
i:
If you install more than one Sametime server that uses WebSphere Application
Server on the same system, this task only needs to be done once. Following the
recommended installation sequence, the first server that uses WebSphere
Application Server is the Sametime System Console. Other servers that use
WebSphere Application Server are the Sametime Meeting Server, Sametime Proxy
Server, and Sametime Gateway.
Results
After you respond to the CPA9E1B message, you must respond to the same
message on the QSYSOPR message queue:
1. Run the DSPMSG QSYSOPR command to see the message in the QSYSOPR
message queue.
2. When the message is displayed, type G.
Use the IBM Lotus Sametime System Console to prepare to install new servers,
start Sametime servers that have been installed, use guided activities to perform
configuration tasks, and administer any Sametime servers managed by the console.
With the Lotus Sametime System Console started, follow these steps to log in.
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
Specify port 8700 for all platforms except IBM i.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary. To check the port, open
the AboutThisProfile.txt file for the Sametime System Console Deployment
Manager Profile and use the setting specified for the ″Administrative console
port.″ For the default profile name (STSCDmgrProfile), the file is located here:
/QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDmgrProfile/logs/AboutThisProfile.txt
Note: During the install process, WebSphere security is enabled. SSL is enabled
as part of the WebSphere security process and you will be directed to another
port which listens for https connections.
The WebSphere Application Server Integrated Solutions Console opens.
2. Enter the WebSphere Application Server User ID and password that you
created when you installed Lotus Sametime System Console.
The default name is wasadmin.
3. Click the Sametime System Console task to open it in the navigation tree.
What to do next
Use the Lotus Sametime System Console to connect IBM Lotus Sametime servers to
an LDAP server that has already been installed and configured. An LDAP server is
required for the Lotus Sametime System Console, Lotus Sametime Community
Server, Lotus Sametime Meeting Server, Lotus Sametime Media Manager, and
Lotus Sametime Gateway Server .
Start the LDAP server and the Lotus Sametime System Console if they are not
already running.
If you have not already opened the Connect to LDAP Servers activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified host name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
If you are prompted with a security exception, accept the certificate, and
continue.
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary. To check the port, open
the AboutThisProfile.txt file for the Sametime System Console Deployment
Manager Profile and use the setting specified for the ″Administrative console
secure port.″ For the default profile name (STSCDMgrProfile), the file is located
here: /QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDMgrProfile/logs/AboutThisProfile.txt
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Expand Sametime Prerequisites, and click Connect to LDAP Servers.
Related concepts
“Planning for an LDAP directory” on page 40
The IBM Lotus Sametime 8.5 multiple-server environment requires an LDAP
directory for user authentication. The LDAP server should be set up and running
before deploying Sametime.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
This activity takes you through the steps for identifying users and groups in an
LDAP directory that need access to IBM Lotus Sametime.
Connect IBM Lotus Sametime servers to the LDAP server. Once your Lotus
Sametime server connects to the LDAP server, it can search the LDAP directory
and authenticate Sametime users. If you have already connected Sametime to an
LDAP server, but now you want to edit or delete a connection, use this activity.
Note: If you are using Active Directory as the LDAP, a common attribute to use
for authentication is the saMAccountName attribute. When an Active Directory
LDAP is being used, WebSphere automatically maps uid to saMAccountName, so
saMACccountName should not be explicitly stated as an attribute. If you want to
use saMAccountName for any LDAP attribute field, you must specify uid. Specifying
saMACccountName as a login or search property causes installation to fail. You can
find more information in this TechNote: http://www-01.ibm.com/support/
docview.wss?uid=swg21253331.
1. Connect to LDAP server.
In Connect to LDAP servers, click Add.
If you want to edit or delete an LDAP connection instead, then click the
appropriate button. You can only edit or delete an LDAP connection if it has
not been used to install a product.
2. Bind to LDAP.
a. Click either Anonymous access or Authenticated access.
When a Lotus Sametime server connects to the LDAP server, this can be
done either anonymously or using credentials to authenticate with the
LDAP server. If you select Authenticated access, you will be prompted with
the Bind distinguished name (DN) and Password fields to enter this
information. If you select Anonymous access, these fields will be hidden as
they are not required.
b. Enter a Deployment Name for this LDAP connection. This is name you
provide to this LDAP connection for easy reference. It does not need to map
to any existing server name or value and is intended as an easy way to
identify this object when you reference it in the future.
c. Enter the fully qualified domain name of the LDAP server you wish to
connect to in the Host name field. Do not use an IP address or a short host
name.
d. Enter the Port of the LDAP server. The default value is 389. If your LDAP
server is running on a different port, enter the correct port value here. If
this is an SSL connection, click Is secure LDAP connection?.
e. If you have selected Authenticated Access, enter the Bind distinguished
name (DN) and Password fields. These are the user credentials you will use
to authenticate with your LDAP server. If you have selected Anonymous
Access, these fields will not be shown. For example:
cn=John Smith,ou=managers,o=acme,st=Massachusetts,c=US
f. Verify that the check box for Is used by Sametime System Console? is
selected. It is selected by default so that the LDAP server is used by the
Sametime System Console for authentication and policy management.
g. Click Next.
When designating an authenticated user, IBM recommends that you create a
unique directory entry that is used only for the purpose of authenticating
536 Lotus Sametime: Installation and Administration Guide Part 1
connections from the Lotus Sametime server to the LDAP server. After creating
the directory entry, you must ensure this directory entry has at least read access
to the attributes of the LDAP directory entries.
3. Base Distinguished Name and Filter for Searches.
Enter the base distinguished name and filter for searches information.
a. Select your base distinguished name and filter for searches from the
dropdown list, or if it was not found, enter it into the field. Selecting one
that was found from the dropdown list will populate the field for you. You
specify the basic LDAP parameters required to conduct searches for people,
and for groups, in an LDAP directory. Some of these parameters are also
necessary for displaying the names of users in the IBM Lotus Sametime
user interface.
Note: A dropdown list typically displays from which you select a base DN
that is detected by the guided activity; however, the list does not display
when Domino LDAP is being used. Additionally, Domino LDAP is the only
LDAP that uses a blank base DN, while WebSphere requires a base DN for
federating repositories. Since WebSphere does not let you federate an LDAP
directory with an empty base DN, it sets the base DN to C=US. The LDAP
repositories are listed by base DN after they are federated.
If your site uses single sign-on (SSO) for awareness, you must manually
modify the base DN in both the Lotus Sametime Community Server and
Lotus Sametime Meeting Server so they match. Update the Sametime
Community Server’s LDAP connections in the stconfig.nsf and da.nsf to
use the same base DN that the Sametime Meeting Server will be using:
C=US. The Sametime System Console does not overwrite any manual
changes that you make.
b. Optional: To specify the search filter and basic LDAP settings for person
and group entries, click Configure advanced LDAP settings.
c. Click Next.
4. Collect Person Settings. To search for a user name, a Sametime end user enters
a text string in the user interface of a Sametime client. This setting defines the
LDAP search filter responsible for selecting a user name from the LDAP
directory. The search filter matches the text string provided by the user to
information contained within the attributes of LDAP directory person entries.
a. Enter the search filter attributes of an LDAP person entry.
Table 86. Search Filter
Attribute Description
Authentication Attributes Allows the user to authenticate with more
than one attribute of the user’s entry. For
example, if this field is set to cn, uid the user
could authenticate with either of these
names.
Important: In order for the Meeting Server
to work, the first field of the Authentication
attribute must be set to ″mail″ and it must
be listed first. The other fields can be
anything the administrator wants for the
server separated by a semicolon ″ ;″. For
example, the Authentication attribute can be
set to ″mail;cn;uid″.
c. Click Next.
5. Collect Group Settings. To search for a group name, a Sametime user enters a
text string in the user interface of a Sametime client. This setting defines the
LDAP search filter responsible for selecting a group name from the LDAP
directory. The search filter matches the text string provided by the user to
information contained within the attributes of LDAP directory group entries.
a. Enter the search filter attributes of an LDAP person entry.
Table 88. Search Filter
Attribute Description
Search Attributes Use for searching the directory for groups.
c. Click Next.
6. Task Completion Summary.
Review the configuration details in the Task Completion Summary table, and
click Finish to connect to the LDAP server with this configuration, or click
Cancel to abandon this configuration and start over.
7. Restart the System Console Deployment Manager if you selected the Is used by
Sametime System Console?. This is necessary to complete the LDAP federation
process.
What to do next
Go to System Administration → Nodes. Select all the available nodes, and click
Synchronize. This ensures the LDAP changes are pushed to the nodes.
Use the IBM Lotus Sametime System Console to connect to a Lotus Sametime
Community Mux and validate its settings.
If you have not already opened the Connect to Sametime Community Mux Servers
activity, follow these steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified host name of the Lotus Sametime System Console server (for
example stconsole.acme.com).
http://serverhostname.domain:8700/ibm/console
If you are prompted with a security exception, accept the certificate, and
continue.
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Expand Sametime Prerequisites, and click Connect to Sametime Community
Mux Servers.
Related concepts
“Planning for an LDAP directory” on page 40
The IBM Lotus Sametime 8.5 multiple-server environment requires an LDAP
directory for user authentication. The LDAP server should be set up and running
before deploying Sametime.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
Validate the host name and ports specified for a new IBM Lotus Sametime
Community Mux server.
Use this page to validate the host name of a new Community Mux, along with the
ports on which it will listen for client connections. This ensures you have a
working multiplexer before you attempt to connect it to a Lotus Sametime
Community Server or cluster.
1. Connect to Sametime Community Mux Servers.
Click Add to begin the guided activity, which lets you validate your installed
Lotus Sametime Community Mux servers before connecting them to
Community Servers.
You can optionally edit or delete connections to Community Mux servers. Click
Refresh to view your most recent changes.
2. Add Sametime Community Mux Servers.
a. In ″Connect to Sametime Community Mux Servers″, click Add.
b. In the Host Name field, type the fully qualified host name of the new
Sametime Community Mux (for example: mux1.acme.com).
c. Accept the default settings for the Client Port and Client HTTP Port fields.
These settings indicate the ports that the multiplexer will listen on for
connections from Lotus Sametime Connect clients and from Web clients,
respectively.
d. Click Save.
The connection to the Lotus Sametime Community Mux is validated when
you save the settings.
Make sure the following servers are ready for the registration task:
v The upgraded Lotus Sametime Community Server must be configured to use an
LDAP directory, and must be started.
v The Lotus Sametime System Console must be started.
v The LDAP server must be started, and must be connected to the Lotus Sametime
System Console.
During this task you will edit the following files; click the topic titles below to see
details on each file. You may want to open each topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. If you enabled SSL encryption on the previous version of the Lotus Sametime
server, complete these substeps on the upgraded server:
If SSL is not enabled, skip this step.
a. Locate the directory where the SSL certificate is stored and note the path
(for example, /stserver/server.cer).
Chapter 4. Migrating and upgrading 541
b. From an IBM i command line, run the following command to start the
QShell Interpreter: QSH.
c. Run the following shell command to navigate to the directory where Java is
installed:
cd /QOpenSys/QIBM/ProdData/JavaVM/jdk50/32bit/jre/bin
d. Now run the following command (on a single line) to import the SSL
certificate:
keytool -import -alias certificate_name -file file_containing_certificate
-storepass changeit -keystore ../lib/security/cacerts
e. Press F3 to exit QShell.
2. Back up the console.properties and productConfig.properties files:
a. Navigate to the Community Server’s sametime_server_data_directory/
console directory.
b. Make back-up copies (using different names) of the console.properties and
productConfig.properties files.
3. Update the following values in the console.properties file and save the file.
Table 90. console.properties settings
SSCHostName Provide the fully qualified host name of the Lotus
Sametime System Console server.
SSCHTTPPort Specify the HTTP port used for the Lotus Sametime
System Console server if SSL is not enabled and the
value for SSCSSLEnabled is ″false.″
Location of notes.ini file Type the full path to the directory containing
the notes.ini file (for example,
/stserver/data), and press Enter.
Lotus Domino administrator user name This is the account that you use to manage
the upgraded Lotus Sametime Community
Server from the Community Server
Administration Tool. Type the Lotus Domino
administrator’s user name, and press Enter.
Lotus Domino administrator password Type the password associated with the Lotus
Domino administrator user account, and
press Enter.
After upgrading a cluster of IBM Lotus Sametime servers on IBM i, register the
cluster with the Lotus Sametime System Console so you can manage all of the
Lotus Sametime servers from a central location.
Make sure of each these servers is ready for the cluster registration task:
v Each of the upgraded Lotus Sametime Community Servers in the cluster must
be registered with the Lotus Sametime System Console, and must be started.
v The Lotus Sametime System Console must be started.
v The LDAP server must be started, and must be connected to the Lotus Sametime
System Console.
1. Verify that each of the servers in the cluster has been registered with the Lotus
Sametime System Console.
In IBM Lotus Sametime 8.5, user policies are administrated through the Lotus
Sametime System Console. After you have upgraded Lotus Sametime servers from
a previous release and set up a new Lotus Sametime 8.5 System Console, migrate
user policies from the Community Server to the System Console.
The methods for creating and storing policies in previous releases of Lotus
Sametime are very different from the methods used in release 8.5, and there are no
utilities available to migrate the data automatically. If you want to transfer existing
user policies to the new releases, you need to review them on the Lotus Sametime
Community Server, note them down, and then recreate them on the Lotus
Sametime System Console as described in the following topics:
On the upgraded IBM Lotus Sametime Community Server, review existing policy
settings and copy them down so you can recreate them in the Lotus Sametime
System Console. If you upgraded multiple non-clustered servers, copy the settings
from each if they are different. If you upgraded a cluster, you only need the
settings from one of the cluster members.
If you want to recreate your current set of policies on the system console in the
Lotus Sametime 8.5 deployment, copy the settings from the upgraded server:
1. Open a browser and navigate to the Lotus Sametime Community Server
containing the policies you need to record:
Type the following address:
http://host_name/servlet/auth/admin
where host_name is the fully qualified host name of the server; for example:
http://commsvr1.acme.com/servlet/auth/admin
2. From the Lotus Sametime home page, click Administer the Server.
3. Log in as the Lotus Sametime administrator.
4. In the navigation pane, click Policies.
5. Copy all your existing policy settings.
Create new policy settings on the IBM Lotus Sametime System Console to reflect
the settings in your previous deployment.
All IBM Lotus Sametime users are automatically assigned to default policies.
Sametime Instant Messaging, Meetings, and Media Services each has a default
policy to be applied to users. You can create additional user policies, and assign
users and groups to these policies.
There is also an anonymous policy that is assigned by default to users who have
not authenticated, and unauthenticated users always receive this policy.
Note: If your deployment includes the Lotus Sametime System Console, you must
manage policies there because all settings made in the legacy Sametime
Administration Tool (STCenter.nsf) are ignored. This includes the override all
feature, as well. Moreover, there is no automatic migration of policies from the
Sametime Administration Tool to the Lotus Sametime System Console. You must
do this manually because Sametime Administration Tool policies do not map
one-to-one to policies in the Lotus Sametime System Console.
You can find all the policies associated with a user for all the IBM Lotus Sametime
products to which the user has access.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console.
3. Click Manage Policies.
4. Click any user Lotus Sametime component. It does not matter which
component that you select, because your search results display all the policies
for all the Sametime components to which the user has access.
v Instant Messaging
v Meetings
v Media Manager
5. Click Find Active Policies.
6. Select the criterion for the user for which you want to find the associated
policies in the Search by field.
v User ID
You can create user policies, and assign users and groups to these policies.
You can set policy for users to have access to specific IBM Lotus Sametime
features, depending upon their level of need. For example, the maximum size for a
file being transferred is set by default at 1 megabyte to help manage traffic over
the server(s); however, if you have a group that routinely transfers large files for
business reasons, you can create a new policy specifically for those users and set
the maximum size of files that they can send to a much higher number.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console.
3. Click Manage Policies.
4. Click the Lotus Sametime product for which you want to create a policy.
v Instant Messaging
v Meetings
v Media Manager
5. Click New.
6. Enter a name to use to identify the policy in the Policy Name field.
7. Specify the features that you want to enable or disable for the users or groups
that you will assign to this policy. Some instant messaging features are flagged
with IC characters after the field label. This flag indicates that a feature is only
available for installed clients. The feature is not available to browser clients.
8. Click OK.
Results
Tip: You can follow these same basic steps to delete or edit a policy. Delete a
policy by selecting the policy and then click the Delete button. Edit a policy by
clicking the policy name. You cannot delete the anonymous or default policies, but
you can edit them. If you edit a policy, you cannot change the policy ID. To do
this, you must make a copy of the policy by selecting it and clicking Duplicate,
then you can enter a new ID in the copy. Before you delete the original, be sure to
reassign the users and groups to the copy and give it the proper policy weight.
You can assign users and groups to specific user polices to grant or limit access to
features in IBM Lotus Sametime.
You cannot assign users to the default or anonymous policies. Authenticated users
are automatically assigned to the default policies. Unauthenticated users are
assigned to anonymous policies.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console.
3. Click Manage Policies.
4. Click the Lotus Sametime component with the policy to which you want to
assign a user or a group.
v Instant Messaging
v Meetings
v Media Manager
5. Select a policy name from the list, and click Assign.
6. Click Add Users or Add Groups.
At this point you could remove a user from a policy, by selecting the user in
the list and then clicking Remove.
7. Select the criterion for searching for the user or group that you want to add to
the policy in the Search by field.
v User ID
v Name
v E-mail address
8. Enter user ID, e-mail address, or name or partial name with wildcard
characters (asterisks) of the user or group in the Search for field
9. Select the number of listings on each search results page in the Maximum
results field.
10. Click Search. The results display the DN, display name, and e-mail address of
the users that matched your search.
11. Select a user and click Assign.
12. Click Done.
You can grant or limit access to features in IBM Lotus Sametime Instant Messaging
by enabling or disabling various policies for users. Policy changes take effect
immediately.
All unauthenticated users have the anonymous policy, Sametime Instant Messaging
Anonymous Policy, applied to them. For authenticated users, the Lotus Sametime
searches for a user ID or group match, and then applies the highest weighted
policy. If there is no match, then the default policy, Sametime Instant Messaging
Default Policy, is applied.
All unauthenticated IBM Lotus Sametime users have the anonymous policy,
Sametime Meetings Anonymous Policy, applied to them. For authenticated users,
Lotus Sametime searches for a user ID or group match, and then applies the
highest weighted policy. If there is no match the default policy, Sametime Meetings
Default Policy is applied.
Lotus Sametime does not allow anonymous users to create meeting rooms.
Therefore, any policy that is related to authenticated users or the ability to create
meeting rooms, does not apply to anonymous users.
Note: Although Lotus Sametime Classic meetings are still managed on the server
itself, you can set user policy for Sametime Classic meetings on the Meetings
policy tab in the Sametime Classic Meetings section.
Table 95. General Meeting Settings
Sametime Meetings Sametime Meetings
Setting Purpose Default Policy Anonymous Policy
Maximum persistent Users are limited to 100 0
meeting rooms this creating this number
user can own of meeting rooms per
user. When this limit
is reached or set to
zero, users cannot
create more meeting
rooms.
Allow user to create If not selected, user Selected Not selected
instant does not see the
(nonpersistent) capabilities for
meeting rooms creating instant
meetings. User can,
still see the
capabilities for using
an existing room.
Read-only - Users
can only read what
others have typed
into the group chat.
Interactive - Users
can type and read
group chats.
Share an application
- Users can share a
specific application.
No other applications
or their desktops are
shared.
Application only -
Users can share a
specific application.
No other applications
or their desktops are
shared.
You can grant or limit access to media features in by enabling or disabling various
policies for users. Policy changes take effect immediately.
All unauthenticated users will have the anonymous policy Media Manager
Anonymous Policy, applied to them. For authenticated users, the Lotus Sametime
searches for a user ID or group match, and then applies the highest weighted
policy. If there is no match the default policy, Media Manager Default Policy is
applied.
Table 99. Telephony, Audio, and Video
Media Manager Media Manager
Setting Purpose Default Policy Anonymous Policy
Allow access to Allows outside Not selected Not selected
third-party service vendors to provide
provider capabilities audio and video for
from contact lists, instant messages and
instant messages, and instant meetings.
meetings This setting does not
apply to browser
meetings.
Allow changes to If not selected, user Selected Selected
preferred numbers cannot add telephony
devices. This gives
the administrator
control over the
devices that can
make or receive calls
in the system. ″Allow
access to third-party
service provider
capabilities from
contact lists, instant
messages, and
meetings″ must be
selected to specify
this setting.
Voice and video Allows users to use Audio and video Audio and video
capabilities available computer audio and
through the video in instant
Sametime Media messages and instant
Server: meetings. Choices
are:
v None
v Audio only
v Audio and video
IBM Lotus Sametime products implement user policies that have higher weights
over policies with lower weights. You can change the weight of policies.
The IBM Lotus Sametime Proxy Server enables browser-based clients to participate
in Lotus Sametime instant messaging and online meetings. In addition, the Lotus
Sametime Proxy Server works with Lotus Sametime Community Server or Lotus
Connections to enable the business card feature in Lotus Sametime, and with Lotus
Sametime Unified Telephony or other TCSPI-enabled products to enable the Lotus
Sametime click-to-call feature. The Lotus Sametime Proxy Server also provides live
names awareness, and can replace the Links Toolkit used in earlier releases of Lotus
Sametime.
Follow these steps to customize the response.properties file to prepare for installing
the Lotus Sametime Proxy Server on IBM i.
Skip the first two steps if you are installing from physical media.
1. Download the installation package if you have not already done so.
a. To download installation packages, you must have an IBM Passport
Advantage account, which is described at the following Web address:
www.ibm.com/software/howtobuy/passportadvantage/paocustomer/docs/en_US/ecare.html
b. Open this release’s Download document at the following Web address:
http://www.ibm.com/support/docview.wss?rs=477&uid=24024322
Locate the components you need in the document’s listing, then download
the packages labelled with the corresponding part numbers.
c. Use ftp or another convenient method to transfer the installation package to
the system where you plan to install the product. Store the file in an IFS
directory of your choosing; for example:
/MySametimePackages
2. Extract the installation files to the directory where you stored the installation
package.
a. From an IBM i command line, run the following command to start the
QShell Interpreter:
QSH
b. Run the cd shell command, specifying the fully qualified path to the
installation package directory; for example:
cd /MySametimePackages
c. Run the following cd shell command, specifying the name of the .tar file:
pax -r -C 819 -f name_of_installation_package
d. Press F3 to exit QSH.
Run the install script to set up the Lotus Sametime Proxy Server on IBM i.
If you intend to install from a downloaded image, you should have downloaded
the proxy server installation package. For all installations, you should have
completed the preparation steps.
Follow these steps to install the Lotus Sametime Proxy Server and WebSphere
Application Server.
1. Log in using a profile with *ALLOBJ and *SECADM special authorities.
2. Use the WRKSYSVAL command to check the setting for the QVFYOBJRST system
value and change it if necessary. The setting must be 3 or lower to install the
Sametime software.
3. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
4. Run the cd shell command, specifying the fully qualified path to the
installation kit directory; for example:
/MySametimePackages/SametimeProxyServer/IBMi/stii_stp
For DVD:
cd /qopt/volume_ID/IBMi/stii_stp
5. Start the installation with the following shell command:
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix the problem,
then try installing again. The installation logs are stored in the following location.
/QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
install_STPROXY_yyyymmdd_hhmm.log
For example, this log was created at 3:07 A.M. on December 15, 2009:
install_STPROXY_20091215_0307.log
What to do next
If you have installed both the Sametime Meeting Server and the Sametime Proxy
Server on the same system, you must update the table of Host Aliases associated
with the Sametime Proxy Server’s default_host virtual host so that it does not use
the same host name and IP address as the Sametime Meeting Server. Follow the
steps in Deploying Sametime Proxy Server and Sametime Meeting Server on the
same machine.
Related tasks
“Preparing to install Lotus Sametime on IBM i” on page 249
Follow these steps to prepare IBM i for Lotus Sametime server installations.
Registering a non-clustered IBM i Sametime server with the Lotus Sametime System
Console:
Before you register the server, verify that you have completed the following tasks.
Working from the Sametime server that you want to connect with the console,
follow these steps to update properties files and run the registration utility to
register the server with the console.
During this task you will edit the following files; click the topic titles below to see
details on each file. Use Ctrl+Click to open the topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. On the Sametime server you plan to register, navigate to the console directory.
v Community Server
The console directory is a subdirectory of the Sametime Community server
data directory.
v Proxy Server
/QIBM/UserData/Lotus/stii/STPROXY/STPROXY_date_time/console
The date and time indicate when the Proxy Server was installed.
v Meeting Server
/QIBM/UserData/Lotus/stii/STMeetings/STMEETINGS_date_time/console
The date and time indicate when the Meeting Server was installed.
2. In the console directory, make backup copies with different names of the
console.properties and productConfig.properties files.
3. Update the following values in the console.properties file and save the file.
Table 101. console.properties settings
SSCHostName Provide the fully qualified host name of the Lotus
Sametime System Console server.
4. Now update the productConfig.properties file with the values needed for the
server you are registering. Then save the file.
Required values not listed below are filled in automatically.
v Sametime Community Server
– DepName: Provide a descriptive name for your deployment. It must be a
unique deployment name on the Sametime System Console.
v Sametime Proxy Server
– WASPassword: Specify the password associated with the WASUserID.
v Sametime Meeting Server
– DBAppPassword: Specify the password associated with the database ID.
– WASPassword: Specify the password associated with the WASUserID.
– LDAPBindPwd: Specify the password associated with the LDAPBindDN.
5. If you are registering a Sametime Community Server or Meeting Server, start
the server. Otherwise, proceed to the next step.
6. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
7. Run the cd shell command, specifying the fully qualified path to the console
directory you used in Step 1.
8. Run the appropriate shell script to register the server:
v Sametime Community Server
registerSTServerNode.sh
When prompted, specify the following information:
– Full path to the Sametime Community server data directory where the
notes.ini file is located.
– The Community Server Administrator ID and password.
Open the Sametime Web client to verify that the installation was successful.
Tip: To verify the HTTP port number being used by the Lotus Sametime Proxy
Server, open the AboutThisProfile.txt file for the Sametime Proxy Application
Server Profile and use the setting specified for the HTTP transport port. The
default profile name is STPAppProfile. On IBM i, look for the
AboutThisProfile.txt file in the following location /QIBM/UserData/Websphere/
AppServer/V7/SametimeWAS/profiles/STPAppProfile/logs/
AboutThisProfile.txt:
Whenever you install a server that communicates with an IBM Lotus Sametime
Community Server, you must add the new server’s IP address to the Community
Server’s settings.
The Lotus Sametime Community Server accepts connections from the Lotus
Sametime Media Manager, the Lotus Sametime Gateway, the Lotus Sametime
Community Mux, and the Lotus Sametime Proxy Server, as well as other servers
that are listed in the Community Services page. To ensure that the Lotus Sametime
You do not need to add the Lotus Sametime System Console’s IP address because
it is added automatically when you install the Lotus Sametime Community Server
using a deployment plan or register the Lotus Sametime Community Server with
the console after installation.
This task must be completed separately for each server within a Lotus Sametime
Community Server cluster, as well as for multiple non-clustered Community
Servers.
1. Log in to the Integrated Solutions Console.
2. Click Sametime System Console → Sametime Servers → Sametime Community
Servers.
3. In the Sametime Community Servers list, click the deployment name of the
server with the list of trusted IP addresses that you want to change.
4. Click the Connectivity tab.
5. Under Trusted Servers, enter the IP address of the server that must connect to
the Lotus Sametime Community Server in the New IP Address field, and click
Add.
Note: For the Lotus Sametime Media Manager, enter the Conference Manager
server IP address. Each instance of a Conference Manager cluster must be
entered.
To delete an IP address from the list, select it and click Delete Selected.
6. Click OK.
7. Restart the Lotus Sametime Community Server for the change to take effect.
Before you can migrate meetings from an upgraded IBM Lotus Sametime server,
you must install a Lotus Sametime Meeting Server and then set up URL redirects
from the upgraded server to the Lotus Sametime Meeting Server.
Follow the instructions for your operating system to install a Lotus Sametime
Meeting Server.
Follow these steps to customize the response.properties file to prepare for installing
the Lotus Sametime Meeting Server on IBM i.
You should have completed the preparation steps in ″Preparing to install Lotus
Sametime on IBM i.″
Skip the first two steps if you are installing from physical media.
1. Download the installation package if you have not already done so.
Run the script to create the database schemas for the IBM Lotus Sametime Meeting
Server on IBM i.
You should have prepared the Meeting Server installation file as described in
″Preparing the Meeting Server installation file on IBM i.″
On the IBM i system that will install the Sametime Meeting Server, follow these
steps to create the database schema and tables:
1. Log in with a user profile that has *ALLOBJ and *SECADM special authorities.
These authorities are required to create the database schemas. The database
schemas will be created on the system specified in your copy of the
stms.default.response.properties file and owned by the user profile specified in
the file.
2. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
3. Run the cd shell command, specifying the fully qualified path to the
installation kit directory; for example
/MySametimePackages/SametimeMeetingServer/IBMi/stii_stms
For DVD:
/qopt/volume_ID/IBMi/stii_stms
4. The POLICY schema is shared by the Meeting Server and the System Console.
If the POLICY schema already exists, the Meeting Server database setup script
will only create the MTG schema.
setupDB_stms.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
5. When the script completes, press F3 to exit QSH.
Results
If the database schema creation was not successful, look at the script log for more
information about what occurred during the attempt. Fix the problem, then try
running the script again. The script log is stored in the following location.
/QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
stms_dbsetup_yyyymmdd_hhmm.log
For example, this log was created at 3:07 A.M. on December 15, 2009:
stms_dbsetup_20091215_0307.log
Run the database schema and install scripts to set up the Lotus Sametime Meeting
Server on IBM i.
If you intend to install from a downloaded image, you should have downloaded
the meeting server installation package. For all installations, you should have
completed the preparation steps. The database schemas required for the Meeting
Server (MTG and POLICY) should already exist.
Follow these steps to install the Lotus Sametime Meeting Server and WebSphere
Application Server.
1. Log in using a profile with *ALLOBJ and *SECADM special authorities.
2. Use the WRKSYSVAL command to check the setting for the QVFYOBJRST system
value and change it if necessary. The setting must be 3 or lower to install the
Sametime software.
3. From an IBM i command line, run the following command to start the QShell
Interpreter:
QSH
4. Run the cd shell command, specifying the fully qualified path to the
installation kit directory; for example:
/MySametimePackages/SametimeMeetingServer/IBMi/stii_stms
For DVD:
cd /qopt/volume_ID/IBMi/stii_stms
5. Start the Meeting Server installation with the following shell command:
install_stms.sh -Dinstall.response.file=path_and_name_of_customized_response.properties_file
6. When the script completes, press F3 to exit QSH.
Results
If the installation was not successful, look at the installation logs for more
information about what occurred during the installation attempt. Fix the problem,
then try installing again. The installation logs are stored in the following location.
/QIBM/UserData/Lotus/stii/logs
The log name contains the date and time in this form:
install_STMEETINGS_yyyymmdd_hhmm.log
For example, this log was created at 3:07 A.M. on December 15, 2009:
install_STMEETINGS_20091215_0307.log
If you have installed both the Sametime Meeting Server and the Sametime Proxy
Server on the same system, you must update the table of Host Aliases associated
with the Sametime Proxy Server’s default_host virtual host so that it does not use
the same host name and IP address as the Sametime Meeting Server. Follow the
steps in Deploying Sametime Proxy Server and Sametime Meeting Server on the
same machine.
Related tasks
“Preparing to install Lotus Sametime on IBM i” on page 249
Follow these steps to prepare IBM i for Lotus Sametime server installations.
Use the Lotus Sametime System Console to connect to the Lotus Sametime Meeting
Server or Lotus Sametime Gateway database before installing the server from the
System Console. If you installed the server without using the System Console (as is
the case with the Sametime Meeting Server on IBM i and Sametime Gateway on
any platform), do this step before registering the server with the System Console.
If you have not already opened the Connect to DB2 Databases activity, follow these
steps:
1. From a browser, enter the following URL, replacing serverhostname.domain with
the fully qualified domain name of the Lotus Sametime System Console server.
http://serverhostname.domain:8700/ibm/console
IBM i: The port number may not be 8700. Use the port that was listed in the
Sametime System Console installation results summary or use the setting
specified for the Administrative console secure port in the AboutThisProfile.txt
file. For the Sametime System Console Deployment Manager Profile
(STSCDmgrProfile), the file is located in the following path:
/QIBM/UserData/Websphere/AppServer/V7/SametimeWAS/profiles/
STSCDmgrProfile/logs/AboutThisProfile.txt
2. Enter the WebSphere Application Server User ID and password that you
created when you installed the Lotus Sametime System Console.
3. Click the Sametime System Console task to open it in the navigation tree.
4. Click Sametime Prerequisites → Connect to DB2 Databases.
Related tasks
“Starting the Lotus Sametime System Console” on page 231
When started, the Lotus Sametime System Console runs as a task in the WebSphere
Application Server administrative console.
AIX, Linux, Solaris, Windows: Ensure that IBM DB2 has been installed and that
you have created the Sametime Meeting Server or Gateway database.
IBM i: Ensure that you have created the required database schemas and tables.
In the Connect to DB2 Databases portlet, verify that the Lotus Sametime System
Console database you created earlier is already displayed in the list of databases.
Follow these steps to connect to the Meeting Server or Gateway database. You
must do this before you can install the Meeting Server using the Sametime System
Console. If you installed the server without using the System Console (as is the
case with the Sametime Meeting Server on IBM i and Sametime Gateway on any
platform), do this step before registering the server with the System Console.
1. DB2 Configuration Guided Activity.
Click Add to begin the guided activity that will connect your server to the DB2
database. If a connection already exists, you can optionally edit or delete it.
2. Add a new database.
a. In the Connect to DB2 Databases portlet, click Add.
If you want to edit or delete a database instead, then select one, and click
the appropriate button.
b. Enter the fully qualified host name of the DB2 server in the Host name
field.
Do not enter an IP address or a short host name.
c. The Port field shows the default port of 50000. Accept the default unless
you specified a different port during DB2 installation or your server is using
a different port.
Linux: The default is typically 50001, but will vary based on port
availability. Check the /etc/services file on the DB2 server to verify the
port number being used.
d. In the Database name, field, enter the name of the database you want to
connect to.
Meeting Server database
On AIX, Linux, Solaris, and Windows, the database name is STMS unless
you changed it.
On IBM i, the name is always STMS.
Gateway database
For AIX, Linux, Solaris, and Windows, the database name is STGWDB
unless you changed it.
For IBM i, use the name you specified when creating the database schemas.
e. In the Application user ID field, supply the DB2 application’s
administrative user name that you created when you installed DB2, such as
db2admin. This user has database administration authority and you will use
this user ID and password whenever you work with DB2 databases for
Lotus Sametime. On IBM i, this is the user profile you specified as the
owner of the Meeting Server database schemas in your copy of the
Registering a non-clustered IBM i Sametime server with the Lotus Sametime System
Console:
Before you register the server, verify that you have completed the following tasks.
Working from the Sametime server that you want to connect with the console,
follow these steps to update properties files and run the registration utility to
register the server with the console.
During this task you will edit the following files; click the topic titles below to see
details on each file. Use Ctrl+Click to open the topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. On the Sametime server you plan to register, navigate to the console directory.
4. Now update the productConfig.properties file with the values needed for the
server you are registering. Then save the file.
Required values not listed below are filled in automatically.
v Sametime Community Server
– DepName: Provide a descriptive name for your deployment. It must be a
unique deployment name on the Sametime System Console.
v Sametime Proxy Server
– WASPassword: Specify the password associated with the WASUserID.
v Sametime Meeting Server
– DBAppPassword: Specify the password associated with the database ID.
– WASPassword: Specify the password associated with the WASUserID.
– LDAPBindPwd: Specify the password associated with the LDAPBindDN.
Log in to the Lotus Sametime Meeting Server to verify that the installation was
successful.
Verify the installation by logging in to the server and creating a new meeting
room.
1. From a Web browser, navigate to the Meeting Room Center by entering the
following URL:
http://serverhostname.domain:port/stmeetings
Replace serverhostname.domain with the fully qualified domain name of the
Meeting server; for example:
Tip: To verify the HTTP port number being used by the Lotus Sametime
Meeting Server, open the AboutThisProfile.txt file for the Sametime Meeting
Application Server Profile and use the setting specified for the HTTP transport
port. The default profile name is STMAppProfile. On IBM i, look for the
AboutThisProfile.txt file in the following location: /QIBM/UserData/Websphere/
AppServer/V7/SametimeWAS/profiles/STMAppProfile/logs/
AboutThisProfile.txt
http://st85ms1.acme.com:9080/stmeetings
After you install the new IBM Lotus Sametime 8.5 Meeting Server, you are ready
to migrate meetings. Rather than transfer meeting schedules and associated data
from the legacy server to the new server, you will set up URL redirects that
automatically link users to the appropriate meeting room on the new server.
Configuring the Meeting Server to accept redirects from the upgraded Lotus Sametime
server:
Configure an IBM Lotus Sametime Meeting Server to accept URL redirects from an
upgraded Lotus Sametime server or from a Lotus Sametime Enterprise Meeting
Server cluster.
Establishing URL redirect to a Lotus Sametime Meeting Server uses the REST API
provided by the Lotus Sametime Online Meeting Toolkit (included in the Lotus
Sametime Software Development Kit). The Meeting Server uses the Online Meeting
Toolkit to transfer meeting data from the upgraded Lotus Sametime server to the
new Meeting Server.
The enable the redirect, the new Meeting Server must be configured to be
associated the with URL of a particular Lotus Sametime server.
After you have upgraded your IBM Lotus Sametime deployment and migrated
meetings to the new Lotus Sametime Meeting Server, you may want to integrate
additional components into your deployment.
The following components are not required for upgrading a Lotus Sametime server
and migrating meetings, but provide additional capabilities to a Lotus Sametime
deployment:
v Lotus Sametime Media Manager: Provides audio and video features for instant
messaging and online meetings.
For more information, see Planning a Lotus Sametime Media Manager
installation.
v Lotus Sametime Gateway: Provides instant messaging with external
communities, including:
– Lotus Sametime communities deployed outside of your firewall
– AOL Instant Messenger
– Google Talk
– Yahoo Messenger
For more information, see Planning a Lotus Sametime Gateway installation.
When upgrading to release 8.5, you must upgrade the WebSphere Application
Server as well as the Lotus Sametime Gateway software. IBM DB2 does not require
upgrading, but you will need to run scripts that update the database schema.
Lotus Sametime 8.5 Gateway can upgrade directly only from release 8.0.2; if you
are using an earlier release of the Gateway, you must either upgrade to release
8.0.2 or install release 8.5 as a new deployment.
Upgrading clusters: When upgrading a cluster, you must know the cluster name
when you upgrade the Deployment Manager server. To view the cluster name in
the Integrated Solutions Console, click Servers → Clusters . The default cluster
name in Sametime Gateway is RTCGW_Cluster.
Before you upgrade the product software, you will need to remove the cluster and
then remove all nodes from the Deployment Manager. After you have upgraded all
instances of the product, you will recreate the cluster.
Previous releases of Lotus Sametime Gateway used the Enterprise edition of the
DB2 database server. This release of Lotus Sametime uses the Limited Use edition;
you cannot migrate from the Enterprise edition to the Limited Use edition.
If you are upgrading your Lotus Sametime Gateway deployment, you should
retain your existing DB2 installation for it. The new installation program will
upgrade the database schema automatically; when the upgrade is complete, the
database will be ready for use.
Note: You will still need to install DB2 9.5 Limited Use edition for the Lotus
Sametime System Console and the Lotus Sametime Meeting Server, but an
upgraded Lotus Sametime Gateway server cannot use it.
For each Lotus Sametime Gateway server, run a server file system cold backup, so
that the whole file system can be rolled back in case the upgrade fails. There is no
option to backup and rollback specific directories; the whole file system should be
backed up. If Lotus Sametime Gateway is installed on a Virtual Machine, you can
take a snapshot before continuing any farther.
Stop all instances of Lotus Sametime Gateway and WebSphere Application Server
on the current computer.
When you are finished upgrading, your server will contain WebSphere Application
Server Network Deployment 7 and Lotus Sametime Gateway 8.5.
1. Create the temporary file folder \TMP\WASCD.
2. From the installation media, copy the WebSphere Application Server
installation image part_number.exe to the folder \TMP\WASCD.
The Lotus Sametime Download document lists the part numbers for each
software component and explains how to download them.
3. Open a command window and navigate to the folder \TMP\WASCD.
4. Extract all files to the temporary directory \TMP\WASCD. When you are done
extracting the files, you should have a \TMP\WASCD\ifpackage folder with WAS
and JDK folders inside the ifpackage folder.
Because your input will not be verified during installation, you should take
extra care when typing values.
9. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
10. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
appropriate radio button option to accept the terms if you agree with the
statement and click Next to proceed with the installation.
11. Select Upgrade an existing instance of Sametime Gateway.
12. On the same panel, review the location of the Sametime Gateway instance to
upgrade. If the location is okay, click Next.
13. Type or click Browse to select the path to where you extracted the WebSphere
Application Server installation files from the CD, and click Next.
Do not use quotation marks. This directory should contain the WAS and JDK
subdirectories. It is very important that you select the parent directory and not
the subdirectory. For example: use C:\TMP\WASCD\ifpackage but do not use
C:\TMP\WASCD\ifpackage\WAS or C:\TMP\WASCD\ifpackage\JDK.
Important: If you are upgrading the server that contains the Deployment
Manager and the Primary Node for a cluster, you must upgrade the
Deployment Manager first to ensure proper functionality.
14. If you are upgrading the Deployment Manager server, type the name of the
existing cluster. Tip: To obtain the cluster name from the Integrated Solutions
Console, click Servers → Clusters. The default cluster name is RTCGW_Cluster.
15. Click Next to enter database properties.
Option Description
Host name The fully qualified host name or TCP/IP
address of the database server.
Port Port number on the database server
(typically 50000).
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
16. Review the installation summary settings and, if necessary, click Back to make
changes.
17. Click Install to begin copying files.
A progress screen is displayed and the activity is logged to the Lotus
Sametime Gateway log file. The upgrade process is in two stages. The first
stage upgrades Sametime Gateway and takes 5 to 20 minutes. The second
stage upgrades WebSphere Application Server and takes another 15 to 20
minutes to complete.
When the upgrades are complete, the wizard displays a message indicating a
successful installation.
18. Read the summary and click Finish.
To view the installation log, click View log file or open the log file at
stgw_server_root\logs\installlog.txt.
Upgrade IBM Lotus Sametime Gateway on IBM AIX, Linux, or Sun Solaris
Windows server. The installation wizard upgrades both Lotus Sametime Gateway
and IBM WebSphere Application Server to the latest versions.
Stop all instances of Lotus Sametime Gateway and WebSphere Application Server
on the current computer.
When you are finished upgrading, your server will contain WebSphere Application
Server Network Deployment 7 and Lotus Sametime Gateway 8.5.
1. Create the temporary file folder /TMP/WASCD.
2. From the installation media, copy the WebSphere Application Server
installation image for your operating system to /TMP/WASCD.
The Lotus Sametime Download document lists the part numbers for each
software component and explains how to download them.
3. Open a command window and navigate to the directory /TMP/WASCD.
4. Run the following command to uncompress the files:
gunzip -c part_number.tar.gz | tar -xvf -
When you are done extracting the files, you should have the following folder:
/TMP/WASCD/ifpackage
Verify that you have WAS and JDK folders inside the ifpackage folder.
5. From the installation media, copy the Lotus Sametime Gateway installation
image part_number.tar to the temporary directory /TMP.
6. In the /TMP directory, create a subdirectory called SametimeGateway.
7. Uncompress the following file into the /TMP/SametimeGateway directory:
unzip part_number.tar
8. Navigate to the folder /TMP/SametimeGateway and type one of the following
commands:
v For wizard mode: ./install.sh
v For console mode: ./install.sh -console
Because your input will not be verified during installation, you should take
extra care when typing values.
9. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
10. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
appropriate radio button option to accept the terms if you agree with the
statement and click Next to proceed with the installation.
11. Select Upgrade an existing instance of Sametime Gateway.
12. On the same panel, review the location of the Sametime Gateway instance to
upgrade. If the location is okay, click Next.
13. Type or click Browse to select the path to where you extracted the WebSphere
Application Server installation files from the CD.
Important: If you are upgrading the server that contains the Deployment
Manager and the Primary Node for a cluster, you must upgrade the
Deployment Manager first to ensure proper functionality.
14. If you are upgrading the Deployment Manager server, type the name of the
existing cluster. Tip: To obtain the cluster name from the Integrated Solutions
Console, click Servers → Clusters. The default cluster name is RTCGW_Cluster.
15. Click Next to enter database properties.
Option Description
Host name The Fully qualified host name or TCP/IP
address of the database server.
Port Port number on the database server
(typically 50001).
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
Schema user ID The ID for the user that has appropriate
permissions to create tables in the database.
You may need to get this information from
the database administrator. The schema user
ID is often the same as the application user
ID.
Schema password The password for the schema owner. You
may need to get this information from the
database administrator. The schema
password is often the same as the
application password.
16. Review the installation summary settings and, if necessary, click Back to make
changes.
17. Click Install to begin copying files.
A progress screen is displayed and the activity is logged to the Lotus
Sametime Gateway log file. The upgrade process is in two stages. The first
stage upgrades Sametime Gateway and takes 5 to 20 minutes. The second
stage upgrades WebSphere Application Server and takes another 15 to 20
minutes to complete.
When the upgrades are complete, the wizard displays a message indicating a
successful installation.
18. Read the summary and click Finish.
To view the installation log, click View log file or open the log file at
stgw_server_root/logs/installlog.txt.
Upgrade IBM WebSphere Application Server on IBM i before you upgrade IBM
Lotus Sametime Gateway. The installation wizard upgrades WebSphere Application
Server to the latest version.
Stop all instances of Lotus Sametime Gateway and WebSphere Application Server
on the current computer.
You must have *ALLOBJ and *SECADM authorities to successfully complete the
upgrade.
When you are finished upgrading, your server will contain WebSphere Application
Server Network Deployment 7 and Lotus Sametime Gateway 8.5.
1. Create the temporary file folder /TMP/WASCD on a computer that can connect to
the IBM i system.
2. Copy the file part_number.zip to the temporary folder /TMP/WASCD.
The Lotus Sametime Download document lists the part numbers for each
software component and explains how to download them.
3. Open a command window and navigate to the folder /TMP/WASCD.
4. Extract all files to the temporary directory /TMP/WASCD. When you are done
extracting the files, you should have a /TMP/WASCD/ifpackage folder with WAS
and JDK folders inside the ifpackage folder.
5. Copy the ifpackage folder to the IFS of the IBM i system.
6. In the folder you copied to the IFS of the IBM i system, edit the file
ifpackage/WAS/responsefile.nd.txt
7. Accept the license to install. Read the comments in the file regarding License
Acceptance and then set the value of silentInstallLicenseAcceptance to true.
For example:
-OPT silentInstallLicenseAcceptance="true"
8. Set the option installType to installAndPatch. For example:
-OPT installType="installAndPatch"
9. Set the option installLocation to the location of the WebSphere Application
Server to be updated. For example:
Upgrade IBM Lotus Sametime Gateway on an IBM i server. The installation wizard
upgrades Lotus Sametime Gateway to the latest version.
You must have *ALLOBJ and *SECADM authorities to successfully complete the
upgrade.
When you are finished upgrading, your server will contain WebSphere Application
Server Network Deployment 7 and Lotus Sametime Gateway 8.5.
1. From the installation media, copy the Lotus Sametime Gateway installation
image (part_number.exe) to a temporary directory such as /TMP.
The Lotus Sametime Download document lists the part numbers for each
software component and explains how to download them.
Important: If you are installing on an IPv6–enabled server, you must use the
second option below to install using the console.
v To run the installer in wizard mode, type the following command:
installi5OS.bat
v To run the installer in console mode, perform these steps:
a. Copy the directory /TMP/SametimeGateway to the IFS of the IBM i system.
b. Start a QSHELL session.
c. Navigate to the /TMP/SametimeGateway directory and type the following
command:
install.sh -console
Because your input will not be verified during installation, you should take
extra care when typing values.
6. Select the language for the installation and click OK. The Lotus Sametime
Gateway Welcome screen is displayed. If you are installing in wizard mode,
you can launch the Lotus Sametime Information Center from this panel. Click
Next to continue with the installation.
7. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Please make sure to read the license agreement carefully.
Select the appropriate radio button option to accept the license agreement if
you agree with the statement and click Next to proceed with the installation.
8. Select Upgrade an existing instance of Sametime Gateway. The installation
wizard displays the location of the installed Sametime Gateway server on this
machine. Change the location of the existing Sametime Gateway server to the
stgw_server_root of the server you’d like to upgrade, if necessary, then click
Next.
Important: If you are upgrading the server that contains the Deployment
Manager and the Primary Node for a cluster, you must upgrade the
Deployment Manager first to ensure proper functionality.
9. If you are upgrading the Deployment Manager server, type the name of the
cluster to which Lotus Sametime Gateway belongs.
Tip: To obtain the cluster name from the Integrated Solutions Console, click
Servers → Clusters . The default cluster name is RTCGW_Cluster.
Option Description
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Schema name The name of the schema you created when
preparing the Lotus Sametime Gateway
environment. For example, STGW.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
Schema user ID The ID for the user that has appropriate
permissions to create tables in the database.
You may need to get this information from
the database administrator. The schema user
ID is often the same as the application user
ID.
Schema password The password for the schema owner. You
may need to get this information from the
database administrator. The schema
password is often the same as the
application password.
11. Review the installation summary settings and, if necessary, click Back to make
changes.
12. Click Install to begin copying files.
A progress screen is displayed and the activity is logged to the Lotus
Sametime Gateway log file. This upgrade takes about 10 to 20 minutes to
complete.
When the upgrade is complete, the wizard displays a message indicating a
successful installation.
13. Read the summary and click Finish.
To view the installation log, open the log file at stgw_server_root\logs\
installlog.txt .
Registering the upgraded server with the Lotus Sametime System Console:
After you have upgraded an IBM Lotus Sametime Gateway server, you must
register it with the Lotus Sametime System Console so you can administer the
Gateway from the console.
After upgrading an IBM Lotus Sametime Gateway server on IBM AIX, Linux, Sun
Solaris, or Microsoft Windows, register it with the Lotus Sametime System Console,
so you can manage all of the Lotus Sametime servers from a central location.
Before you register the server, verify that you have completed the following tasks,
which are described in the Installing on AIX, Linux, Solaris, and Windows section
of this information center.
v The Lotus Sametime System Console must be started.
v The LDAP server must be connected to the System Console and must be started.
v The Gateway database must be connected to the System Console and must be
started.
v The Community Server that the Gateway server connects to must already be
registered with the Console and must be started.
Working from the server that you want to connect to the console, follow these
steps to update properties files and run the registration utility.
During this task you will edit the following files; click the topic titles below to see
details on each file. You may want to open the topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. On the Lotus Sametime Gateway server, navigate to the stgw_server_root/IBM/
WebSphere/STgateway/console directory.
2. In the console directory, make backup copies (using different names) of the
console.properties and productConfig.properties files.
3. Update the console.properties file with the following values, and then save
and close the file.
Table 104. console.properties settings
SSCHostName Provide the fully qualified host name of the Lotus
Sametime System Console server.
SSCHTTPPort Specify the HTTP port used for the Lotus Sametime
System Console server if SSL is not enabled and the
value for SSCSSLEnabled is ″false.″
Before you register the server, verify that you have completed the following tasks,
which are described in the Installing on IBM i section of this information center.
v The Lotus Sametime System Console must be started.
v The LDAP server must be connected to the System Console and must be started.
v The Gateway database must be connected to the System Console and must be
started.
v The Community Server that the Gateway server connects to must already be
registered with the Console and must be started.
Working from the server that you want to connect with the console, follow these
steps to update properties files and run the registration utility.
During this task you will edit the following files; click the topic titles below to see
details on each file. You may want to open the topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. Working on the Lotus Sametime Gateway server, navigate to the
/qibm/userdata/STGateway/ProfileName/console directory.
The ProfileName is the one you specified when you installed the Gateway.
2. In the console directory, make backup copies (using different names) of the
console.properties and productConfig.properties files.
3. Update the console.properties file with the following values, and then save
and close the file.
Table 106. console.properties settings
SSCHostName Provide the fully qualified host name of the Lotus
Sametime System Console server.
SSCHTTPPort Specify the HTTP port used for the Lotus Sametime
System Console server if SSL is not enabled and the
value for SSCSSLEnabled is ″false.″
4. Update the productConfig.properties file with the following values, and then
save and close the file.
Only the required values in this file are listed here:
Table 107. configProduct.properties settings
InstallType Specify ″Cell″ as the installation type since this is a
non-clustered server.
DepName Provide a descriptive name for your deployment. It must
be a unique deployment name on the Lotus Sametime
System Console.
NodeIP Specify the IP address of the server being registered.
WASAdminPassword Specify the password associated with the WASUserID
LDAPBindPassword Specify the password associated with the LDAPBindDN.
DB2AdminPassword Specify the password associated with the database ID.
CommunityServerHost Specify the fully qualified host name (not the IP address)
of the Community Server registered with the Lotus
Sametime System Console.
CommunityServerPort Specify the port for the Community Server.
LDAPHost Specify the fully qualified host name (not the IP address)
of the LDAP server that was registered with the Lotus
Sametime System Console.
LDAPPort Specify the port of the LDAP server that was registered
with the Lotus Sametime System Console.
LDAPBindDN Specify the Bind Distinguished Name of the LDAP
server that was registered with the Lotus Sametime
System Console.
LDAPBindPwd Specify the password associated with the LDAPBindDN
value.
LDAPBaseDN Specify the search base of the LDAP server that was
registered with the Lotus Sametime System Console.
Before you can upgrade the instances of IBM Lotus Sametime Gateway in a
clustered deployment, you must remove the nodes from the cluster. IBM
WebSphere is installed during the product upgrade, but it cannot be upgraded on
a node that is federated to the cluster’s Deployment Manager. After you complete
the upgrade for every node in the cluster, you will by federate the nodes to the
Deployment Manager.
Removing nodes from the Lotus Sametime Gateway cluster involves manually
removing the nodes in the Deployment Manager’s Integrated Solutions Console
settings, and then running a utility that updates additional settings for you.
1. Log in to the Deployment Manager’s Integrated Solutions Console as the IBM
WebSphere administrator.
2. Stop the cluster that you want to upgrade:
Stop all instances of Lotus Sametime Gateway and WebSphere Application Server
on the current computer.
When you are finished upgrading, your server will contain WebSphere Application
Server Network Deployment 7 and Lotus Sametime Gateway 8.5.
1. Create the temporary file folder \TMP\WASCD.
2. From the installation media, copy the WebSphere Application Server
installation image part_number.exe to the folder \TMP\WASCD.
The Lotus Sametime Download document lists the part numbers for each
software component and explains how to download them.
3. Open a command window and navigate to the folder \TMP\WASCD.
4. Extract all files to the temporary directory \TMP\WASCD. When you are done
extracting the files, you should have a \TMP\WASCD\ifpackage folder with WAS
and JDK folders inside the ifpackage folder.
5. From the installation media, copy the Sametime Gateway installation image
part_number.exe to the \TMP folder.
6. In the \TMP folder, create a subfolder called SametimeGateway.
7. Extract the files in part_number.exe into the \TMP\SametimeGateway folder.
8. Open a command window and type the following command:
v For wizard mode: install.bat
v For console mode: install.bat -console
Because your input will not be verified during installation, you should take
extra care when typing values.
9. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
Important: If you are upgrading the server that contains the Deployment
Manager and the Primary Node for a cluster, you must upgrade the
Deployment Manager first to ensure proper functionality.
14. If you are upgrading the Deployment Manager server, type the name of the
existing cluster. Tip: To obtain the cluster name from the Integrated Solutions
Console, click Servers → Clusters. The default cluster name is RTCGW_Cluster.
15. Click Next to enter database properties.
Option Description
Host name The fully qualified host name or TCP/IP
address of the database server.
Port Port number on the database server
(typically 50000).
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
Schema user ID The ID for the user that has appropriate
permissions to create tables in the database.
You may need to get this information from
the database administrator. The schema user
ID is often the same as the application user
ID.
Schema password The password for the schema owner. You
may need to get this information from the
database administrator. The schema
password is often the same as the
application password.
16. Review the installation summary settings and, if necessary, click Back to make
changes.
17. Click Install to begin copying files.
Upgrade IBM Lotus Sametime Gateway on IBM AIX, Linux, or Sun Solaris
Windows server. The installation wizard upgrades both Lotus Sametime Gateway
and IBM WebSphere Application Server to the latest versions.
Stop all instances of Lotus Sametime Gateway and WebSphere Application Server
on the current computer.
When you are finished upgrading, your server will contain WebSphere Application
Server Network Deployment 7 and Lotus Sametime Gateway 8.5.
1. Create the temporary file folder /TMP/WASCD.
2. From the installation media, copy the WebSphere Application Server
installation image for your operating system to /TMP/WASCD.
The Lotus Sametime Download document lists the part numbers for each
software component and explains how to download them.
3. Open a command window and navigate to the directory /TMP/WASCD.
4. Run the following command to uncompress the files:
gunzip -c part_number.tar.gz | tar -xvf -
When you are done extracting the files, you should have the following folder:
/TMP/WASCD/ifpackage
Verify that you have WAS and JDK folders inside the ifpackage folder.
5. From the installation media, copy the Lotus Sametime Gateway installation
image part_number.tar to the temporary directory /TMP.
6. In the /TMP directory, create a subdirectory called SametimeGateway.
7. Uncompress the following file into the /TMP/SametimeGateway directory:
unzip part_number.tar
Because your input will not be verified during installation, you should take
extra care when typing values.
9. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
10. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
appropriate radio button option to accept the terms if you agree with the
statement and click Next to proceed with the installation.
11. Select Upgrade an existing instance of Sametime Gateway.
12. On the same panel, review the location of the Sametime Gateway instance to
upgrade. If the location is okay, click Next.
13. Type or click Browse to select the path to where you extracted the WebSphere
Application Server installation files from the CD.
This directory should contain the WAS and JDK subdirectories. It is very
important that you select the parent directory and not the subdirectory. For
example: use /TMP/WASCD/ifpackage but do not use /TMP/WASCD/ifpackage/WAS
or /TMP/WASCD/ifpackage/JDK.
Important: If you are upgrading the server that contains the Deployment
Manager and the Primary Node for a cluster, you must upgrade the
Deployment Manager first to ensure proper functionality.
14. If you are upgrading the Deployment Manager server, type the name of the
existing cluster. Tip: To obtain the cluster name from the Integrated Solutions
Console, click Servers → Clusters. The default cluster name is RTCGW_Cluster.
15. Click Next to enter database properties.
Option Description
Host name The Fully qualified host name or TCP/IP
address of the database server.
Port Port number on the database server
(typically 50001).
Database name The name of the database that you created.
If you used the default database name, type
STGW. Case does not matter.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
16. Review the installation summary settings and, if necessary, click Back to make
changes.
17. Click Install to begin copying files.
A progress screen is displayed and the activity is logged to the Lotus
Sametime Gateway log file. The upgrade process is in two stages. The first
stage upgrades Sametime Gateway and takes 5 to 20 minutes. The second
stage upgrades WebSphere Application Server and takes another 15 to 20
minutes to complete.
When the upgrades are complete, the wizard displays a message indicating a
successful installation.
18. Read the summary and click Finish.
To view the installation log, click View log file or open the log file at
stgw_server_root/logs/installlog.txt.
Upgrade IBM WebSphere Application Server on IBM i before you upgrade IBM
Lotus Sametime Gateway. The installation wizard upgrades WebSphere Application
Server to the latest version.
Stop all instances of Lotus Sametime Gateway and WebSphere Application Server
on the current computer.
You must have *ALLOBJ and *SECADM authorities to successfully complete the
upgrade.
When you are finished upgrading, your server will contain WebSphere Application
Server Network Deployment 7 and Lotus Sametime Gateway 8.5.
1. Create the temporary file folder /TMP/WASCD on a computer that can connect to
the IBM i system.
2. Copy the file part_number.zip to the temporary folder /TMP/WASCD.
The Lotus Sametime Download document lists the part numbers for each
software component and explains how to download them.
3. Open a command window and navigate to the folder /TMP/WASCD.
4. Extract all files to the temporary directory /TMP/WASCD. When you are done
extracting the files, you should have a /TMP/WASCD/ifpackage folder with WAS
and JDK folders inside the ifpackage folder.
5. Copy the ifpackage folder to the IFS of the IBM i system.
6. In the folder you copied to the IFS of the IBM i system, edit the file
ifpackage/WAS/responsefile.nd.txt
7. Accept the license to install. Read the comments in the file regarding License
Acceptance and then set the value of silentInstallLicenseAcceptance to true.
For example:
-OPT silentInstallLicenseAcceptance="true"
8. Set the option installType to installAndPatch. For example:
-OPT installType="installAndPatch"
9. Set the option installLocation to the location of the WebSphere Application
Server to be updated. For example:
-OPT installLocation="/QIBM/ProdData/WebSphere/AppServer/V61/ND"
10. Save the file.
11. Start a QSHELL session.
12. Before running the install to update the product, the classes directory from the
installation location must be removed. You can do this by issuing a move (mv)
command.
/QIBM/ProdData/WebSphere/AppServer/V61/ND/classes /tmp/was_classes
13. Navigate to the ifpackage/WAS directory.
14. Run the following command:
install -options responsefile.nd.txt
15. When the installation is successful, you will see a message such as this:
(Nov 29, 2009 5:19:59 AM), Process, com.ibm.ws.install.ni.ismp.actions.
ISMPLogSuccessMessageAction, msg1, INSTCONFSUCCESS.
install.ni.ismp.actions.ISMPLogSuccessMessageAction,
msg1, INSTCONFSUCCESS
Upgrade IBM Lotus Sametime Gateway on an IBM i server. The installation wizard
upgrades Lotus Sametime Gateway to the latest version.
You must have *ALLOBJ and *SECADM authorities to successfully complete the
upgrade.
When you are finished upgrading, your server will contain WebSphere Application
Server Network Deployment 7 and Lotus Sametime Gateway 8.5.
1. From the installation media, copy the Lotus Sametime Gateway installation
image (part_number.exe) to a temporary directory such as /TMP.
The Lotus Sametime Download document lists the part numbers for each
software component and explains how to download them.
2. In the /TMP directory, create a subdirectory called SametimeGateway.
3. Extract the contents of part_number.exe to the /TMP/SametimeGateway
directory.
4. Navigate to the folder: /TMP/SametimeGateway.
5. You can run the installer in wizard mode or in console mode. Use the wizard
mode if you are installing from a PC to the IBM i system.
Important: If you are installing on an IPv6–enabled server, you must use the
second option below to install using the console.
v To run the installer in wizard mode, type the following command:
installi5OS.bat
v To run the installer in console mode, perform these steps:
a. Copy the directory /TMP/SametimeGateway to the IFS of the IBM i system.
b. Start a QSHELL session.
c. Navigate to the /TMP/SametimeGateway directory and type the following
command:
install.sh -console
Because your input will not be verified during installation, you should take
extra care when typing values.
6. Select the language for the installation and click OK. The Lotus Sametime
Gateway Welcome screen is displayed. If you are installing in wizard mode,
you can launch the Lotus Sametime Information Center from this panel. Click
Next to continue with the installation.
7. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Please make sure to read the license agreement carefully.
Select the appropriate radio button option to accept the license agreement if
you agree with the statement and click Next to proceed with the installation.
8. Select Upgrade an existing instance of Sametime Gateway. The installation
wizard displays the location of the installed Sametime Gateway server on this
machine. Change the location of the existing Sametime Gateway server to the
stgw_server_root of the server you’d like to upgrade, if necessary, then click
Next.
Important: If you are upgrading the server that contains the Deployment
Manager and the Primary Node for a cluster, you must upgrade the
Deployment Manager first to ensure proper functionality.
9. If you are upgrading the Deployment Manager server, type the name of the
cluster to which Lotus Sametime Gateway belongs.
Tip: To obtain the cluster name from the Integrated Solutions Console, click
Servers → Clusters . The default cluster name is RTCGW_Cluster.
10. Click Next to enter database properties:
Option Description
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Schema name The name of the schema you created when
preparing the Lotus Sametime Gateway
environment. For example, STGW.
Application user ID A database user ID that has permission to
connect to the database and read or write
records. The application user ID is often the
same as the schema owner user ID.
Application password The password for the application user. The
application password is often the same as
the schema owner password.
Schema user ID The ID for the user that has appropriate
permissions to create tables in the database.
You may need to get this information from
the database administrator. The schema user
ID is often the same as the application user
ID.
11. Review the installation summary settings and, if necessary, click Back to make
changes.
12. Click Install to begin copying files.
A progress screen is displayed and the activity is logged to the Lotus
Sametime Gateway log file. This upgrade takes about 10 to 20 minutes to
complete.
When the upgrade is complete, the wizard displays a message indicating a
successful installation.
13. Read the summary and click Finish.
To view the installation log, open the log file at stgw_server_root\logs\
installlog.txt .
During the Deployment Manager upgrade process, the IBM Lotus Sametime
Gateway administration portlet is removed and must be manually re-installed. This
task is needed only if your configuration includes a Deployment Manager, SIP, and
XMPP proxy servers on the same operating system; otherwise, skip this task.
During the Deployment Manager upgrade process, the IBM Lotus Sametime
Gateway administration portlet is removed and must be manually re-installed. This
task is needed only if your configuration includes a Deployment Manager, a SIP
proxy server, and an XMPP proxy server installed on the same computer;
otherwise, skip this task.
Upgrade the Deployment Manager, the Primary Node, the Secondary node, the SIP
proxy server, and the XMPP server.
During the Deployment Manager upgrade process, the Lotus Sametime Gateway
administration portlet is removed. Complete these steps on the Deployment
Manager to re-install the portlet:
1. Log in to the Deployment Manager’s Integrated Solutions Console as the IBM
WebSphere administrator.
2. Open the wasadmin console:
a. Navigate to the following directory: stgw_server_root/IBM/WebSphere/
AppServer7/profiles/DMProfile/bin.
b. Run the wasadmin file to open the console:
v Windows: wsadmin.bat -conntype NONE
v AIX, Linux, Solaris: ./wsadmin.sh -conntype NONE
3. In the wasadmin console, execute the following commands:
$AdminConfig save
quit
4. Now delete the following file: AppServer7/systemApps/isclite.ear/
RTCAdminPortlet.war
5. Now copy a file to replace the one you just deleted:
Copy this file:
AppServer7/profiles/RTCGW_Profile/installableApps/RTCAdminPortlet.war
$AdminConfig save
quit
where WAS_home is the absolute path to the WebSphere Application Server
install directory.
8. Restart the Deployment Manager.
During the Deployment Manager upgrade process, the IBM Lotus Sametime
Gateway administration portlet is removed and must be manually re-installed. This
task is needed only if your configuration includes a Deployment Manager, a SIP
proxy server, and an XMPP proxy server installed on the same computer;
otherwise, skip this task.
Upgrade the Deployment Manager, the Primary Node, the Secondary node, the SIP
proxy server, and the XMPP server.
During the Deployment Manager upgrade process, the Lotus Sametime Gateway
administration portlet is removed. Complete these steps on the Deployment
Manager to re-install the portlet:
1. Log in to the Deployment Manager’s Integrated Solutions Console as the IBM
WebSphere administrator.
2. Open the wasadmin console:
a. Navigate to the following directory: /qibm/userdata/STGateway/IBM/
WebSphere/AppServer/V7/profiles/DMProfile.
$AdminConfig save
quit
4. Now delete the following file: AppServer/V7/systemApps/isclite.ear/
RTCAdminPortlet.war
5. Now copy a file to replace the one you just deleted:
Copy this file:
AppServer/V7/profiles/RTCGW_Profile/installableApps/RTCAdminPortlet.war
$AdminConfig save
quit
where WAS_home is the absolute path to the WebSphere Application Server
install directory.
8. Restart the Deployment Manager.
After you create the primary node you must add the primary node to the
Deployment Manager’s cell.
Add the primary node to the Deployment Manager’s cell. Adding the primary
node to the cell allows a central point of administration for the network
deployment by using the Deployment Manager’s Integrated Solutions Console. You
will not be able log into the primary node’s Integrated Solutions Console after this
step.
Federating the primary node into the cell on AIX, Linux, and Solaris:
Add the primary node to the Deployment Manager’s cell on AIX, Linux, or Solaris
platforms. Adding the primary node to the cell allows a central point of
administration for the network deployment by using the Deployment Manager’s
Integrated Solutions Console. You will not be able log into the primary node’s
Integrated Solutions Console after this step.
Where DM_hostname is the host name of the Deployment Manager server. For
example:
./addNode.sh gateway_dm.acme.com 8879 -includeapps
Port 8879 is the default port on which the Deployment Manager listens.
6. To verify that the primary node has joined the Deployment Manager’s cell, log
into the Integrated Solutions Console (http://localhost:9060/ibm/console)
using your administrative user ID and password and click Servers →
Application servers. Make sure you can see the primary node’s information.
If you already logged in, you must log out and then log in again before you
can see changes.
Add the primary node to the Deployment Manager’s cell on IBM i. Adding the
primary node to the cell allows a central point of administration for the network
deployment by using the Deployment Manager’s Integrated Solutions Console. You
will not be able log into the primary node’s Integrated Solutions Console after this
step.
In this release, a Lotus Sametime Gateway cluster can support only two nodes: one
Primary Node and one Secondary Node.
Add a secondary node to the Deployment Manager’s cell. Adding secondary nodes
to the cell allows a central point of administration for the network deployment by
using the Deployment Manager’s Integrated Solutions Console.
Where DM_hostname is the host name of the Deployment Manager server. For
example:
addNode.bat gateway_dm.acme.com 8879
Port 8879 is the default port on which the Deployment Manager listens.
6. For each additional secondary node, repeat the preceding steps.
7. Restart the Deployment Manager by typing the following commands. Wait for
the first command to finish before starting the Deployment Manager:
stopManager
startManager
What to do next
When you have finished installing and federating secondary nodes into the
Deployment manager, continue with the cluster configuration as instructed in the
topic, “Creating a cluster and proxy servers” on page 167.
Federating a secondary node on AIX, Linux, and Solaris into the cell:
Where DM_hostname is the host name of the Deployment Manager server. For
example:
./addNode.sh gateway_dm.acme.com 8879
5. When prompted, provide the Deployment Manager’s administrative user ID
and password. Wait for the operation to complete before proceeding. Look for a
success message similar to the following when complete:
Node Machine22NodeSecondary has been successfully federated.
6. For each additional AIX, Linux, or Solaris secondary node, repeat the preceding
steps.
7. Restart the Deployment Manager by typing the following commands on the
Deployment Manager machine. Wait for the first command to finish before
starting the Deployment Manager:
./stopManager.sh
./startManager.sh
When you have finished installing and federating secondary nodes into the
Deployment manager, continue with the cluster configuration as instructed in the
topic, “Creating a cluster and proxy servers” on page 167.
Add the secondary node to the Deployment Manager’s cell on IBM i. Adding the
secondary node to the cell allows a central point of administration for the network
deployment by using the Deployment Manager’s Integrated Solutions Console.
What to do next
When you have finished installing and federating secondary nodes into the
Deployment manager, continue with the cluster configuration as instructed in the
topic, “Creating a cluster and proxy servers” on page 167.
Create a new cluster of IBM Lotus Lotus Sametime Gateway servers by running
the Cluster Configuration Wizard. If you are upgrading an existing Lotus
Sametime Gateway cluster, you must still complete this task because you removed
the cluster before upgrading the nodes.
Expected state: the Deployment Manager is running and nodes are stopped.
The instructions that follow describe steps for setting up a horizontal cluster, the
most common cluster configuration. The Primary Node already has the primary
server installed, so no additional server is needed on that computer. To add servers
to the horizontal cluster, create one cluster member for each secondary node
(computer).
After you run the upgrade wizard on members of a Lotus Sametime Gateway
cluster, you must create an environment variable on each node that references the
Lotus Sametime Gateway installation path on that node.
Expected state: The Deployment Manager and nodes are upgraded. All Lotus
Lotus Sametime Gateway servers are stopped, all node agents are stopped, and the
Deployment Manager is stopped.
Results
Registering the upgraded cluster with the Lotus Sametime System Console:
After you finish creating the cluster of IBM Lotus Sametime Gateway servers,
register the cluster with the Lotus Sametime System Console so you administer it
from there. Register the cluster as a whole; during the process, individual nodes
are registered automatically.
After upgrading an IBM Lotus Sametime Gateway cluster on IBM AIX, Linux, Sun
Solaris, or Microsoft Windows, register it with the Lotus Sametime System Console,
so you can manage all of the Lotus Sametime servers from a central location.
Before you register the cluster, verify that you have completed the following tasks,
which are described in the Installing on AIX, Linux, Solaris, and Windows section
of this information center.
v The Lotus Sametime System Console must be started.
v The LDAP server must be connected to the System Console and must be started.
Working from the cluster’s Deployment Manager, follow these steps to update
properties files and run the registration utility to register the cluster with the
System Console.
Note: Run this utility only on the Deployment Manager; do not register individual
nodes because they will be registered automatically during the cluster registration.
During this task you will edit the following files; click the topic titles below to see
details on each file. You may want to open the topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. On the Deployment Manager, navigate to the stgw_server_root/IBM/
WebSphere/STgateway/console directory.
c. Verify that the remaining settings are appropriate for the Deployment
Manager.
d. Save and close the file.
4. Update the Deployment Manager’s productConfig.properties file:
a. Open the file for editing.
b. Update the file with the following values:
Only the required values in this file are listed here:
Table 109. productConfig.properties settings for the Deployment Manager
InstallType Specify ″DM″ because you are working in the
Deployment Manager’s profile right now.
DepName Provide a descriptive name for your deployment. It must
be a unique deployment name on the Lotus Sametime
System Console.
NodeIP Specify the IP address of the server being registered.
WASAdminPassword Specify the password associated with the WASUserID
LDAPBindPassword Specify the password associated with the LDAPBindDN.
DB2AdminPassword Specify the password associated with the database ID.
CommunityServerHost Specify the fully qualified host name (not the IP address)
of the Community Server registered with the Lotus
Sametime System Console.
CommunityServerPort Specify the port for the Community Server.
LDAPHost Specify the fully qualified host name (not the IP address)
of the LDAP server that was registered with the Lotus
Sametime System Console.
LDAPPort Specify the port of the LDAP server that was registered
with the Lotus Sametime System Console.
LDAPBindDN Specify the Bind Distinguished Name of the LDAP
server that was registered with the Lotus Sametime
System Console.
LDAPBindPwd Specify the password associated with the LDAPBindDN
value.
LDAPBaseDN Specify the search base of the LDAP server that was
registered with the Lotus Sametime System Console.
c. Verify that the remaining settings are appropriate for the Deployment
Manager.
d. Save and close the file.
5. Update the Primary Node’s productConfig.properties file on the Deployment
Manager server:
a. Navigate to the stgw_server_root/IBM/WebSphere/AppServer7/profiles/
DMProfile/config/cells/DMCell/nodes/PNnode directory.
b. Open the file for editing.
Note: If the Primary Node is hosted on another server and a copy of this
file is not available under the Primary Node’s profile on the Deployment
d. Verify that the remaining settings are appropriate for the Primary Node.
e. Save and close the file.
6. Update the Secondary Node’s productConfig.properties file on the
Deployment Manager server:
a. Navigate to the stgw_server_root/IBM/WebSphere/AppServer7/profiles/
DMProfile/config/cells/DMCell/nodes/SNnode directory.
b. Open the file for editing.
Note: If the Secondary Node is hosted on another server and a copy of this
file is not available under the Secondary Node’s profile on the Deployment
Manager, you will need to copy it from the other server and place it into
the Secondary Node’s profile. On the separate Secondary Node server, this
file is stored in: stgw_server_root/IBM/WebSphere/STGWServerCell/console/
productConfig.properties
c. Update the file with the following values:
d. Verify that the remaining settings are appropriate for the Secondary Node.
e. Save and close the file.
7. Set the application server path in the registration utility:
a. Navigate back to the Deployment Manager’s /qibm/userdata/STGateway/
ProfileName/console directory used in Step 1.
b. Open a command window.
c. Locate the registerProduct.sh file and open it for editing.
d. Locate the following statement:
SET PATH=../../WebSphere/AppServer/java/bin
e. Change it to reflect IBM WebSphere Application Server version 7:
SET PATH=../../WebSphere/AppServer7/java/bin
f. Save and close the file.
8. Now run the registration utility:
a. Navigate to the Deployment Manager’s profile (the directory you used in
Step 1).
b. Run the registration utility for your operating system:
v AIX, Linux, Solaris: registerProduct.sh
v Windows: registerProduct.bat
c. When prompted for the cluster’s name, type the name you assigned the
cluster when you created it, and press Enter.
After upgrading an IBM Lotus Sametime Gateway cluster on IBM i, register it with
the Lotus Sametime System Console, which allows you to manage all Lotus
Sametime servers from a central location.
Before you register the cluster, verify that you have completed the following tasks,
which are described in the Installing on IBM i section of this information center.
v The Lotus Sametime System Console must be started.
v The LDAP server must be connected to the System Console and must be started.
v The Gateway database must be connected to the System Console and must be
started.
v The Community Server that the Gateway server connects to must already be
registered with the Console and must be started.
Working from the Deployment Manager, follow these steps to update properties
files and run the registration utility to register the cluster with the console.
Note: Run this utility only on the Deployment Manager; do not register individual
nodes because they will be registered automatically during the cluster registration.
During this task you will edit the following files; click the topic titles below to see
details on each file. You may want to open the topic in a new browser tab or
window so you can keep it open for reference:
v console.properties
v productConfig.properties
1. Working on the Deployment Manager, navigate to the console directory:
/qibm/userdata/STGateway/ProfileName/console
Where the ProfileName is the one you specified when you installed the
Gateway.
Note: If the Primary Node is installed on the same server as the Deployment
Manager, make sure you are working in the Deployment Manager’s profile.
2. Make backup copies (using different names) of the console.properties and
productConfig.properties files.
3. Update the Deployment Manager’s console.properties file:
a. Open the file for editing.
b. Update the file with the following values:
Table 112. console.properties settings for the Deployment Manager
SSCHostName Provide the fully qualified host name of the Lotus
Sametime System Console server.
c. Verify that the remaining settings are appropriate for the Deployment
Manager.
d. Save and close the file.
4. Update the Deployment Manager’s productConfig.properties file:
a. Open the file for editing.
b. Update the file with the following values:
Only the required values in this file are listed here:
Table 113. configProduct.properties settings for the Deployment Manager
InstallType Specify ″DM″ because you are working in the
Deployment Manager’s profile right now.
DepName Provide a descriptive name for your deployment. It must
be a unique deployment name on the Lotus Sametime
System Console.
NodeIP Specify the IP address of the server being registered.
WASAdminPassword Specify the password associated with the WASUserID
LDAPBindPassword Specify the password associated with the LDAPBindDN.
DB2AdminPassword Specify the password associated with the database ID.
CommunityServerHost Specify the fully qualified host name (not the IP address)
of the Community Server registered with the Lotus
Sametime System Console.
CommunityServerPort Specify the port for the Community Server.
LDAPHost Specify the fully qualified host name (not the IP address)
of the LDAP server that was registered with the Lotus
Sametime System Console.
LDAPPort Specify the port of the LDAP server that was registered
with the Lotus Sametime System Console.
c. Verify that the remaining settings are appropriate for the Deployment
Manager.
d. Save and close the file.
5. Update the Primary Node’s productConfig.properties file on the Deployment
Manager server:
a. Navigate to the /qibm/userdata/STGateway/IBM/WebSphere/AppServer/V7/
profiles/DMProfile/config/cells/DMCell/nodes/PNnode directory.
b. Open the file for editing.
Note: If the Primary Node is hosted on another server and a copy of this
file is not available under the Primary Node’s profile on the Deployment
Manager, you will need to copy it from the other server and place it into
the Primary Node’s profile. On the separate Primary Node server, this file is
stored in: /qibm/userdata/STGateway/IBM/WebSphere/STGWServerCell/
console/productConfig.properties
c. Update the file with the following values:
Only the required values in this file are listed here:
Table 114. configProduct.properties settings for the Primary Node
InstallType Specify ″PN″ because you are now working in the
Primary Node’s profile.
DepName Provide a descriptive name for your deployment. It must
be a unique deployment name on the Lotus Sametime
System Console.
NodeIP Specify the IP address of the server being registered.
WASAdminPassword Specify the password associated with the WASUserID
LDAPBindPassword Specify the password associated with the LDAPBindDN.
DB2AdminPassword Specify the password associated with the database ID.
CommunityServerHost Specify the fully qualified host name (not the IP address)
of the Community Server registered with the Lotus
Sametime System Console.
CommunityServerPort Specify the port for the Community Server.
LDAPHost Specify the fully qualified host name (not the IP address)
of the LDAP server that was registered with the Lotus
Sametime System Console.
LDAPPort Specify the port of the LDAP server that was registered
with the Lotus Sametime System Console.
LDAPBindDN Specify the Bind Distinguished Name of the LDAP
server that was registered with the Lotus Sametime
System Console.
LDAPBindPwd Specify the password associated with the LDAPBindDN
value.
d. Verify that the remaining settings are appropriate for the Primary Node.
e. Save and close the file.
6. Update the Secondary Node’s productConfig.properties file on the
Deployment Manager server:
a. Navigate to the /qibm/userdata/STGateway/IBM/WebSphere/AppServer/V7/
profiles/DMProfile/config/cells/DMCell/nodes/SNnode directory.
b. Open the file for editing.
Note: If the Secondary Node is hosted on another server and a copy of this
file is not available under the Secondary Node’s profile on the Deployment
Manager, you will need to copy it from the other server and place it into
the Secondary Node’s profile. On the separate Secondary Node server, this
file is stored in: /qibm/userdata/STGateway/IBM/WebSphere/STGWServerCell/
console/productConfig.properties
c. Update the file with the following values:
Only the required values in this file are listed here:
Table 115. configProduct.properties settings for the Secondary Node
InstallType Specify ″SN″ because you are now working in the
Secondary Node’s profile.
DepName Provide a descriptive name for your deployment. It must
be a unique deployment name on the Lotus Sametime
System Console.
NodeIP Specify the IP address of the server being registered.
WASAdminPassword Specify the password associated with the WASUserID
LDAPBindPassword Specify the password associated with the LDAPBindDN.
DB2AdminPassword Specify the password associated with the database ID.
CommunityServerHost Specify the fully qualified host name (not the IP address)
of the Community Server registered with the Lotus
Sametime System Console.
CommunityServerPort Specify the port for the Community Server.
LDAPHost Specify the fully qualified host name (not the IP address)
of the LDAP server that was registered with the Lotus
Sametime System Console.
LDAPPort Specify the port of the LDAP server that was registered
with the Lotus Sametime System Console.
LDAPBindDN Specify the Bind Distinguished Name of the LDAP
server that was registered with the Lotus Sametime
System Console.
LDAPBindPwd Specify the password associated with the LDAPBindDN
value.
LDAPBaseDN Specify the search base of the LDAP server that was
registered with the Lotus Sametime System Console.
d. Verify that the remaining settings are appropriate for the Secondary Node.
e. Save and close the file.
If the SIP and XMPP proxy server is on an existing Primary Node or Secondary
Node in the IBM Lotus Sametime Gateway cluster, it will be upgraded
automatically when you upgrade the IBM WebSphere Application Server running
on that node. If your SIP and XMPP proxy server is installed on its own node, you
must upgrade WebSphere Application Server on that node.
The instructions for upgrading a SIP and XMPP proxy server are the same as for
installing it. If you have a SIP proxy server but not an XMPP proxy server, you still
use the same instructions for installation and upgrade.
The SIP and XMPP proxy servers are the first point of contact, after the firewall,
for messages that flow into and out your enterprise. Install the proxy servers for
both standalone or network deployment installations of Sametime Gateway. IBM
recommends that you install a SIP and XMPP proxy server on its own node.
The XMPP and SIP proxy server node installation creates a WebSphere Application
Server node with two application servers installed. One server is a generic SIP
proxy server provided by WebSphere Application Server, and the other is a
standard application server onto which is installed the XMPP proxy application.
The node does not function until it is federated into a Sametime Gateway cell.
Information on downloading packages for Lotus Sametime Gateway is located in
the Lotus Sametime Download document.
1. Create two temporary file folders: \TMP\WASCD and \TMP\SametimeGateway.
2. From the installation media, copy the WebSphere Application Server
installation image part_number.exe to the folder \TMP\WASCD.
3. Open a command window and navigate to the folder \TMP\WASCD.
4. Extract all files to the temporary directory \TMP\WASCD. When you are done
extracting the files, you should have a \TMP\WASCD\ifpackage folder with WAS
and JDK folders inside the ifpackage folder.
5. From the installation media, copy the Sametime Gateway installation image
part_number.exe to the \TMP folder.
Because your input will not be verified during installation, you should take
extra care when typing values.
9. Select the language for the installation wizard and click OK. The Lotus
Sametime Gateway Welcome screen is displayed. You can launch the
Sametime information center from this panel.
10. Click Next to continue with the installation. The Software License Agreement
dialog is displayed. Read the license agreement carefully. Select the
appropriate radio button option to accept the terms if you agree with the
statement and click Next to proceed with the installation.
11. If you are installing the proxy server on its own computer instead of on an
existing Sametime Gateway node, complete the following sub steps:
a. Select SIP and XMPP proxy servers, and then click Next.
b. The WebSphere Application Server 6.1 installation directory dialog is
displayed. Type the root to the path where you copied the WebSphere
Application Server installation files from the CD. This directory should
contain the WAS and JDK subdirectories. It is very important that you
select the parent directory and not the subdirectory. For example: use
\TMP\WASCD\ifpackage but do not use \TMP\WASCD\ifpackage\WAS or
\TMP\WASCD\ifpackage\JDK.
c. Click Next to continue with the installation. The WebSphere Application
Server Location dialog is displayed. If you wish to change the location for
the installation of WebSphere Application Server, click Browse and select
the desired location.
12. If you are installing the proxy servers on an existing Sametime Gateway node,
the installation wizard recognizes that an instance of Sametime Gateway is on
the same machine. The new installation for the proxy servers adds a profile to
WebSphere Application Server. Click Next.
13. Check the node name, cell name, and host name that are supplied by the
installer. Make sure that the cell and node names do not match the cell and
node names you used when installing the Deployment Manager. Choose a
unique node name and cell name for this installation. If the supplied
information is okay, click Next.
Option Description
Node Logical name for the node. For example,
acmeNodeProxy.
14. Type the administrative user ID and password used to log in to the Integrated
Solutions Console, the administrative interface for managing Lotus Sametime
Gateway. Use the same user ID and password that you created when you
installed the Deployment Manager. The user ID must not exist in the LDAP
directory. Click Next.
15. If you are installing the proxy servers on their own machine, you now see the
default directory path where Lotus Sametime Gateway will be installed. To
change the location, click Browse and select a desired location, or type a new
path.
16. Click Next to see the Lotus Sametime Gateway installation summary. You can
review the installation summary settings and, if necessary, click Back to make
changes.
17. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating a successful installation.
18. Read the summary and click Finish. To view the installation log, click View
log file or open the log file at stgw_server_root\logs\installlog.txt
What to do next
Note: If you start the SIPProxyServer instance now and log into the Integrated
Solutions Console, you cannot view the SIPProxyServer instance. After you
federate the node in the next procedure, you will see the SIPProxyServer instance.
The SIP and XMPP proxy servers are the first point of contact, after the firewall,
for messages that flow into and out your enterprise. To set up a Sametime
Gateway deployment, install a SIP and XMPP proxy server on its own node.
When you are done extracting the files, you should have a
/TMP/WASCD/ifpackage folder with WAS and JDK folders inside the ifpackage
folder.
5. From the installation media, copy the Lotus Sametime Gateway installation
image part_number.tar to the temporary directory /TMP.
6. Unzip the following file:
unzip part_number.tar
Option Description
Node Logical name for the node. For example,
acmeNodeProxy.
Cell Name for the cell. Every WebSphere
Application Server is created on a node
inside a cell. A cell is a collection of nodes
for administration and workload
management. For example, acmeCellProxy.
Host name Fully qualified domain name of the machine
on which you are installing WebSphere
Application Server. For example:
server1.acme.com
Note: If the server where you are installing
has multiple NICs/IPs/DNS names, or for
more information about considerations in
choosing a host name, read the section ″Host
name considerations″ in the WebSphere
Application Server information center topic,
Creating an application server profile.
16. Type the administrative user ID and password used to log in to the Integrated
Solutions Console, the administrative interface for managing Lotus Sametime
Gateway. Use the credentials that you created when you installed the
Deployment Manager. The user ID must not exist in the LDAP directory.
Passwords must not contain accented characters or any of the following
characters:
;*!?"/<>|+&'`[]%^
17. Click Next. If you are installing the proxy servers on their own machine, you
now see the default directory path where Lotus Sametime Gateway will be
installed. To change the location, click Browse and select a desired location, or
type a new path.
18. Click Next to see the Lotus Sametime Gateway installation summary. You can
review the installation summary settings and, if necessary, click Back to make
changes.
19. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating a successful installation.
20. Read the summary and click Finish. To view the installation log, click View
log file or open the log file at stgw_server_root/logs/installlog.txt
What to do next
Note: If you start the SIPProxyServer instance now and log into the Integrated
Solutions Console, you cannot view the SIPProxyServer instance. After you
federate the node in the next procedure, you will see the SIPProxyServer instance.
The SIP and XMPP proxy servers are the first point of contact, after the firewall,
for messages that flow into and out your enterprise. To set up a Sametime
Gateway deployment, install a SIP and XMPP proxy server on its own node.
Before you begin, WebSphere Application Server must be installed. You need
*ALLOBJ and *SECADM authorities to successfully complete the WebSphere
Application Server Network Deployment installation.
11. Type the administrative user ID and password used to log in to the Integrated
Solutions Console, the administrative interface for managing Lotus Sametime
Gateway. Use the same user ID and password that you created when you
installed the Deployment Manager. The user ID must not exist in the LDAP
directory. Click Next.
12. Click Next to see the installation summary. You can review the installation
summary settings and, if necessary, click Back to make changes.
13. Click Install to begin copying files. A progress screen is displayed and the
activity is logged to the Lotus Sametime Gateway log file. This installation
takes about 10 to 20 minutes to complete. When the installation is complete,
the wizard displays a message indicating a successful installation.
14. Read the summary and click Finish to complete the installation. To view the
installation log, click View log file or open the log file at
stgw_server_root/logs/installlog.txt
What to do next
Note: If you start the SIPProxyServer instance now and log into the Integrated
Solutions Console, you cannot view the SIPProxyServer instance. After you
federate the node in the next procedure, you then see the SIPProxyServer instance.
After you install the SIP and XMPP proxy server node, you must federate the node
into the Deployment Manager’s cell so that the proxy server becomes part of the
cluster.
To federate or add the proxy server node into the cell, you run the addnode
command on the proxy server node and specify the hostname of the Deployment
Manager.
1. Log into the proxy server node’s operating system.
2. IBM i only: On the command line, run the STRQSH (Start Qshell) command.
3. Synchronize the system clocks on the Deployment Manager and the proxy node
so that they are within five minutes of one another and are set for the same
time zone.
Federation fails if the clocks are not synchronized within five minutes of each
other.
4. On the proxy server node, open a command window and navigate to the
stgw_profile_root\bin directory.
5. IBM i only: Run the following command to obtain the
SOAP_CONNECTOR_ADDRESS port number. Make a note of the port number
as you will need it to add nodes to the cluster:
dspwasinst
6. Run the following command to add the proxy server node to the Deployment
Manager’s cell:
AIX, Linux, and Solaris:
./addNode.sh DM_server_host_name DM_port_number -includeapps
Windows
addNode.bat DM_hostname DM_port_number -includeapps
IBM i:
addNode DM_server_host_name DM_SOAP_port -username WAS_Admin_user_name_on_DM
-password WAS_Admin_password_on_DM
where:
v DM_server_host_name is the resolvable host name of the Deployment
Manager.
v DM_SOAP_portis the port that the Deployment Manager’s SOAP port is
listening on.
v WAS_Admin_user_name_on_DM is the user ID of the WebSphere Application
Server administrator account on the Deployment Manager.
v WAS_Admin_password_on_DM is the password associated with the
WebSphere Application Server administrator account.
For example:
addNode gateway_dm.acme.com 8879 -includeapps -username wasadmin -password waspassword
7. When prompted, provide the Deployment Manager’s administrative user ID
and password. Wait for the operation to complete before proceeding. Look for a
success message similar to the following when complete:
Node MyProxyNode has been successfully federated.
8. Verify that the proxy servers are installed correctly:
a. Log into the Integrated Solutions Console (http://localhost:9060/ibm/
console).
If you already logged in, you must log out and then log in again before you
can see changes.
b. Click Servers → Proxy servers. You should see the SIP proxy server.
After you upgrade and federate the SIP proxy server, it will fail to start. Correct
this problem by deleting the SIP proxy server and recreating it manually.
Upgrade the SIP proxy server by installing the new version of IBM WebSphere
Application Server, and then federate the SIP proxy server to the cell.
Before upgrading the Sametime Connect client, note the following changes for this
release:
v Client packaging for Sametime 8.5
Prior to release 8, the client installer consisted of a fully self-contained
executable for each supported platform; the installer packaging changed in Lotus
Sametime 8. Now, Lotus Sametime 8.5 uses the same client packaging
methodology as previous Sametime 8.0.x releases.
v Preferences
The location of the workspace does not change for this release. There is no
special preference migration required when upgrading from previous Sametime
8.0.x releases.
You can configure how servers respond to login requests from older client
versions.T he sametime.ini and STsecurity.ini files provides settings that enable you
to perform the following tasks:
By default, the Lotus Sametime Community Server allows all logins. To specify a
different minimum level, you must change the value of the
ST_MINIMAL_CLIENT_VERSION setting in the sametime.ini file. After you
specify a minimum version, you can then specify other settings to control how the
server responds to login requests from client versions earlier than the specified
For a list of client types, see Technote 1114318 on the IBM Lotus Support Web site
at http://www.ibm.com/support/docview.wss?uid=swg21114318.
1. Open the sametime.ini file in a text editor. By default the file is located in the
Lotus Sametime Community Server installation folder, for example,
C:\Lotus\Domino\Sametime.ini.
2. In the [Config] section of the sametime.ini file, specify the minimum Lotus
Sametime client version that can log in to the server by providing one of the
following values for the ST_MINIMAL_CLIENT_VERSION setting:
Table 116. Client versions
Value Lotus Sametime client version
0 Allows logins for all clients regardless of
version (Default)
7000 Lotus Sametime 7.0
7500 Lotus Sametime 7.5
7501 Lotus Sametime 7.5.01
7510 Lotus Sametime 7.5.1
8000 Lotus Sametime 8
8010 Lotus Sametime 8.0.1
8020 Lotus Sametime 8.0.2
8500 Lotus Sametime 8.5
The client version correlates to the version of the product, and the value is
logged in stlog.nsf.
3. Save and close the file.
Note the following before you configure the settings in the STSecurity.ini file:
v All platforms - Double-byte characters are not allowed in the message text or
sender name.
v All platforms - If you want to use accented characters (for example, Æ,é,ä,ñ) in
the message text or sender name, you should use Notepad on a Windows client
or server to edit the file. When you finish making your changes with Notepad,
save the STSecurity.ini file as a UTF-8 file (select File-Save As And specify UTF-8
as the Encoding option, then save the file).
v IBM i platform only - It is recommended that you map a network drive to make
the STSecurity.ini file on the server accessible from your workstation. Then you
can run Notepad from your workstation and update the file directly on your
Value Description
The ST_FORCE_LOGOUT_OLD_CLIENT_VERSION
setting determines whether or not users of old clients are
allowed to stay logged in to the community. By default,
when this setting is true (a value of 1), old client versions
are disconnected. When the setting is false (a value of 0),
the users of old clients remain online an usually a
message is sent to them.
If the ST_FORCE_LOGOUT_OLD_CLIENT_VERSION
setting is set to 0 (allow logins from client versions earlier
than the specified minimum), and you provide a value for
ST_OLD_CLIENT_VERSION_WARNING_MESSAGE, the
text you provide serves as a warning message. The server
allows the login and then sends the specified text. You can
use the message to provide users with information on
upgrading. For example, you can include an address that
specifies the location of a download site. After receiving
the announcement with the address link, users can click
the address link to open the link location.
Note: The VP_SECURITY_ALLOW_USER setting was
renamed ST_FORCE_LOGOUT_OLD_CLIENT_VERSION
in Lotus Sametime 8.5. In order to smooth migration,
ST_FORCE_LOGOUT_OLD_CLIENT_VERSION overrides
VP_SECURITY_ALLOW_USER from prior versions. If it is
not present, then its default value will be 1 and
VP_SECURITY_ALLOW_USER or its own default value
takes affect.
Follow these steps to configure the pause in the IBM Sametime Community Server
before sending announcement to clients that do not conform to the minimum client
version level.
By default, the server waits one second before sending the announcement to users
who attempt to log in to the server from IBM Lotus Sametime clients running
versions earlier than what is allowed by the specified minimum version level. This
pause is needed since the full initialization time for some client versions is longer
than the others, and without the pause the announcement would reach the client
before it could handle it.
In case some users that should get the announcement do not receive it, the pause
can be extended to more than one second.
1. Use a text editor to open the sametime.ini file. By default the file is located in
the Lotus Sametime installation folder, for example, C:\Lotus\Domino\
sametime.ini.
2. In the [Config] section in sametime.ini specify the number of milliseconds that
the sever waits before sending the announcement in the
VP_SECURITY_PAUSE_INTERVAL setting.
3. Save and close the file.
IBM may not offer the products, services, or features discussed in this document in
other countries. Consult your local IBM representative for information on the
products and services currently available in your area. Any reference to an IBM
product, program, or service is not intended to state or imply that only that IBM
product, program, or service may be used. Any functionally equivalent product,
program, or service that does not infringe any IBM intellectual property right may
be used instead. However, it is the user’s responsibility to evaluate and verify the
operation of any non-IBM product, program, or service.
IBM may have patents or pending patent applications covering subject matter
described in this document. The furnishing of this document does not grant you
any license to these patents. You can send license inquiries, in writing, to:
For license inquiries regarding double-byte (DBCS) information, contact the IBM
Intellectual Property Department in your country or send inquiries, in writing, to:
The following paragraph does not apply to the United Kingdom or any other
country where such provisions are inconsistent with local law:
INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS
PUBLICATION “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER
EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or
implied warranties in certain transactions, therefore, this statement may not apply
to you.
Any references in this information to non-IBM Web sites are provided for
convenience only and do not in any manner serve as an endorsement of those Web
sites. The materials at those Web sites are not part of the materials for this IBM
product and use of those Web sites is at your own risk.
Licensees of this program who wish to have information about it for the purpose
of enabling: (i) the exchange of information between independently created
programs and other programs (including this one) and (ii) the mutual use of the
information which has been exchanged, should contact:
IBM Corporation
Software Interoperability Coordinator, Department 49XA
3605 Highway 52 N
Rochester, MN 55901
U.S.A.
The licensed program described in this information and all licensed material
available for it are provided by IBM under terms of the IBM Customer Agreement,
IBM International Program License Agreement, or any equivalent agreement
between us.
All statements regarding IBM’s future direction or intent are subject to change or
withdrawal without notice, and represent goals and objectives only.
All IBM prices shown are IBM’s suggested retail prices, are current and are subject
to change without notice. Dealer prices may vary.
This information is for planning purposes only. The information herein is subject to
change before the products described become available.
This information contains examples of data and reports used in daily business
operations. To illustrate them as completely as possible, the examples include the
names of individuals, companies, brands, and products. All of these names are
fictitious and any similarity to the names and addresses used by an actual business
enterprise is entirely coincidental.
COPYRIGHT LICENSE:
Each copy or any portion of these sample programs or any derivative work, must
include a copyright notice as follows:
© (your company name) (year). Portions of this code are derived from IBM Corp.
Sample Programs. © Copyright IBM Corp. _enter the year or years_. All rights
reserved.
If you are viewing this information softcopy, the photographs and color
illustrations may not appear.
Trademarks
These terms are trademarks of International Business Machines Corporation in the
United States, other countries, or both:
IBM
AIX
DB2
DB2 Universal Database Domino
Domino
Domino Designer
Domino Directory
i5/OS
Lotus
Lotus Notes
Notes
OS/400
Sametime
WebSphere
AOL is a registered trademark of AOL LLC in the United States, other countries, or
both.
AOL Instant Messenger is a trademark of AOL LLC in the United States, other
countries, or both.
Google Talk is a trademark of Google, Inc, in the United States, other countries, or
both.
Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the
United States, other countries, or both.
Notices 639
Microsoft, and Windows are registered trademarks of Microsoft Corporation in the
United States, other countries, or both.
Printed in USA
SC23-5987-04