QP 7 Ug

Lotus QuickPlace
Version 7.0
for Windows, AIX, Solaris, and i5/OS
Installation and Upgrade Guide
G210-1998-00
Lotus QuickPlace
Version 7.0
for Windows, AIX, Solaris, and i5/OS
Installation and Upgrade Guide
G210-1998-00
Note Before using this information and the product it supports, read the information in Notices on page 65.
First Edition (August 2005) This edition applies to version 7.0 of IBM Lotus QuickPlace (product number L-GHUS-5Z7NQE) and to all subsequent releases and modifications until otherwise indicated in new editions. Copyright International Business Machines Corporation 2005. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
Contents
Chapter 1 Getting Started . . . . . . . 1
Whats new in Lotus QuickPlace 7.0 New features for administrators . New features for users . . . . New features for developers . . Additional documentation . . . . Additional resources for i5/OS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1 3 4 4 5 Creating a /QP organizational unit certifier for local users . . . . . . . . . . . . . . Creating an Offline Security Policy document . . . LDAP distinguished name translation for offline use How to configure translation . . . . . . . Table of expressions . . . . . . . . . . Translating LDAP distinguished names for offline use . . . . . . . . . . . . . . . . Example of translating names that contain the dc attribute . . . . . . . . . . . . . . Encypting offline places . . . . . . . . . . Using Lotus QuickPlace sign in passwords for offline use . . . . . . . . . . . . . . . Configuring Lotus QuickPlace for offline in different environments . . . . . . . . . . . . . . To configure an IBM Network Dispatcher cluster environment . . . . . . . . . . . . . To configure a Sun Java System Portal Server environment . . . . . . . . . . . . . To configure a Netegrity SiteMinder environment To configure a passthru server environment . . To use an alternate Web server for Domino Off-Line Services downloads . . . . . . . Hiding the Work Offline link from users . . . . . Offline setup FAQs . . . . . . . . . . . . 26 27 28 28 29 30 30 31 31 32 32 32 33 33 33 34 34
Chapter 2 Installing Lotus QuickPlace . . 7

Lotus QuickPlace Installation . . . . . . . . . 7 Installing Lotus QuickPlace on Windows . . . . . 7 Starting Lotus QuickPlace on Windows . . . . 8 Installing Lotus QuickPlace on AIX or Solaris . . . 8 Starting Lotus QuickPlace on AIX or Solaris . . 10 Installing on IBM i5/OS . . . . . . . . . . 10 Lotus QuickPlace and Domino compatibility on i5/OS . . . . . . . . . . . . . . . 11 Preparing your TCP/IP configuration . . . . . 11 Installing and configuring a Domino server for Lotus QuickPlace . . . . . . . . . . . 14 Pre-accepting the Lotus QuickPlace software agreements . . . . . . . . . . . . . 15 Installing Lotus QuickPlace on i5/OS . . . . . 16 Starting Lotus QuickPlace on i5/OS . . . . . 16 Troubleshooting Lotus QuickPlace installation on i5/OS . . . . . . . . . . . . . . . 17 Adding Lotus QuickPlace to the Domino server 18 Running multiple QuickPlace servers on i5/OS 18 Removing QuickPlace from a Domino server on i5/OS . . . . . . . . . . . . . . . 19
Chapter 4 Setting Up Lotus QuickPlace to Work with Lotus Sametime . . . . . 37

Lotus Sametime integration planning . . . . . Configuring the servers for Lotus Sametime integration . . . . . . . . . . . . . . Setting up Lotus Sametime awareness and instant messaging . . . . . . . . . . . . . . Step 1: Copy the required Java files from the Lotus Sametime Java Toolkit: . . . . . . Step 2: Specify the Lotus Sametime server for Lotus QuickPlace to use . . . . . . . . Step 3: Verify that places are enabled for awareness and instant messaging . . . . . Setting up Lotus Sametime Web conferencing . . Step 1: Configure a user for Lotus Sametime integration . . . . . . . . . . . . . Step 2: Copy required files . . . . . . . Step 3: Configure the qpconfig.xml file . . . Step 4: Specify the Lotus Sametime server for Lotus QuickPlace to use . . . . . . . . Step 5: Verify that place members can schedule Web conferences . . . . . . . . . . . . 37 . 37 . 39 . 40 . 41 . 41 . 41 . 42 . 42 . 44 . 45 . 45
Chapter 3 Setting Up Lotus QuickPlace for Offline Use . . . . . . . . . . . 21

Setting up Lotus QuickPlace for offline use . . . . Connecting Lotus QuickPlace to a user directory . . Enabling Domino Off-Line Services on AIX, Solaris, and Windows . . . . . . . . . . . . . Enabling Domino Off-Line Services on i5/OS . . . Certifier IDs for authenticating offline users . . . New organization certifier required for external users in a different organization from the server. Certifiers authenticate one level down . . . . Separate organizational unit certifier recommended for external users within the same organization as the server . . . . . . . . Distinguished names that dont follow the Domino naming convention require translation . /QP organizational unit certifier required for local users . . . . . . . . . . . . . . Separate Security Policy documents required for local and external users . . . . . . . . . Creating an organization certifier for external users in a different organization . . . . . . Creating an organizational unit certifier for external users. . . . . . . . . . . . .
Copyright IBM Corp. 2005
21 21 21 22 23 23 23
23 23 24 24 24 25
Chapter 5 Upgrading to Lotus QuickPlace 7.0 . . . . . . . . . . . 47

Upgrading and new features in Lotus QuickPlace 7.0 . . . . . . . . . . . . . . . . . 47 Features introduced in Lotus QuickPlace 6.5.1 . . . 47 New features for administrators in release 6.5.1 47
iii
Expanded membership feature . . . . . . . Performance enhancements . . . . . . . . New security features . . . . . . . . . . New My Places settings . . . . . . . . . New setting for disabling browser page caching New features for users in release 6.5.1 . . . . Support for importing and publishing Office 2003 documents. . . . . . . . . . . . . . Updated pages show last editor . . . . . . Lotus QuickPlace 7.0 upgrade process . . . . . Upgrading Lotus QuickPlace in a non-clustered environment . . . . . . . . . . . . . Upgrading Lotus QuickPlace servers in a cluster Backing up places and PlaceTypes . . . . . . Upgrading the server to Lotus QuickPlace 7.0 . . Upgrading the design of databases on the server Upgrading places and PlaceTypes . . . . . .
47 47 48 48 48 48 48 48 48 49 49 50 50 54 54
Unregistering and re-registering places with the PlaceCatalog . . . . . . . . . . . . Clearing the browser cache on offline clients . Upgrading the on-disk structure of places . . Updating Lotus Sametime integration features .
. . . .
56 57 57 57
Appendix A Configuring the Domino Server for Local Users . . . . . . . . 63

Domino certifier requirements for local users . . If your server uses more than two OU levels . . 63 . 63
Notices . . . . . . . . . . . . . . 65
Trademarks . . . . . . . . . . . . . . 66
Index . . . . . . . . . . . . . . . 67
iv
QuickPlace Installation and Upgrade Guide
Chapter 1 Getting Started

IBM Lotus QuickPlace is a self-service Web tool for team collaboration. Teams can use Lotus QuickPlace to store project-related resources (such as files, discussions, and schedules) in a common place that every team member can access for the latest project information. This guide describes how to install IBM Lotus QuickPlace 7.0 on the Microsoft Windows, IBM AIX, Sun Solaris, and IBM i5/OS operating systems. You install Lotus QuickPlace on an IBM Lotus Domino server. This guide also describes how to set up Lotus QuickPlace for offline use using Domino Off-Line Services, how to set up Lotus QuickPlace to work with IBM Lotus Sametime, and how to upgrade from a previous version to Lotus QuickPlace 7.0.
Whats new in Lotus QuickPlace 7.0

In Lotus QuickPlace 7.0 the product name reverts to Lotus QuickPlace from Lotus Team Workplace, the name used in version 6.5.1. This guide uses the name Lotus QuickPlace when referring to all versions, including version 6.5.1. See the following topics for descriptions of new features for administrators, users, and developers in Lotus QuickPlace 7.0.
New features for administrators

The following features are new for administrators.
Domino management of user directory lookups

You can optionally set up the Domino server on which Lotus QuickPlace runs to manage the lookups to a user directory. Using this optional user directory configuration, you can take advantage of Domino user authentication and directory features within Lotus QuickPlace, for example, X.509 certificate authentication, multiple directories accessed through Domino directory assistance, and Internet Site documents. If you upgrade from an earlier version of Lotus QuickPlace, the upgrade process preserves the existing external LDAP directory connection managed by Lotus QuickPlace. If you want to switch Domino management of user directory lookups, you can make this change at any time. CAUTION: Once you have switched to Domino management of user directory lookups, reverting back to the Lotus QuickPlace management of LDAP directory lookups is not supported. For more information on this new supported configuration, see the IBM Lotus QuickPlace Administrators Guide.
Improved error logging and debugging

Lotus QuickPlace 7.0 provides the following error logging and debugging enhancements.
v The new server notes.ini file setting $h_Debug=1 enables the browser to display detailed messages about JavaScript errors that occur on the client, rather than the general Lotus QuickPlace message, Unable to process your request at this time. v The new server notes.ini file setting $h_ClientDebugConsole=<level> displays a console log on all clients that access the server. Use this setting on a temporary basis to help IBM Support troubleshoot a client-side problem. v The new server notes.ini file setting QuickPlaceHTTPInterfaceLogging=<level> logs the interaction between Lotus QuickPlace and the Domino HTTP server during the processing of a URL. This setting is useful primarily as a first step toward isolating user authentication problems or problems related to the interaction between Lotus QuickPlace and Domino. v The new server notes.ini file setting h_ExceptionDetail=1 adds the source code name and line number from which errors and warnings are generated to the error and warning messages that the server sends to the browser. Use this setting on a temporary basis to help IBM Support troubleshoot a problem. v Additional messages have been added for a number of existing logging settings. v Additional logging settings have been documented. For more information, see the IBM Lotus QuickPlace Administrators Guide.
Encryption of offline databases

You can use the new encryption setting in the offline section of the qpconfig.xml file to encrypt all places that are taken offline. Offline place encryption is similar to IBM Lotus Notes database encryption. If you do not use this setting to enable encryption of all offline places, managers of places can enable encryption for specific places. For more information, see the chapter Setting Up Lotus QuickPlace for Offline Use in this guide.
Use of sign in passwords for offline databases

You can use the new use_login_passwords setting in the offline section of the qpconfig.xml file to enable offline users to sign into offline places using the same password they use to sign in to Lotus QuickPlace. If administrators do not enable this setting, managers of places can enable the feature for specific places. For more information, see the the chapter Setting Up Lotus QuickPlace for Offline Use in this guide.
Improved My Places performance

The performance of the My Places feature has significantly improved. The My Places filtering settings in the qpconfig.xml file introduced in version 3.0.1 to improve performance are no longer needed and used in Lotus QuickPlace 7.0. There is new column sorting capability in the My Places user interface that can serve as a substitute for some of the filtering settings previously configured through the qpconfig.xml file. The only My Places settings in the qpconfig.xml file that remain are place_links, used to open places in a new browser window, and place_ui, used to use a custom portal application for My Places. Some of the My Places URL parameters continue to be supported.
Ability to define additional fonts for graphic text

You can use the new QPTool command addgraphicfont to make additional fonts available for use in graphic text in pages, logos, and sidebar items. The command
can make any font that is already installed in the servers operating system fonts directory available for use in graphic text. You can make a font unavailable by using the removegraphicfont command. For more information, see the Lotus QuickPlace Administrators Guide.
Domino time zone support

Lotus QuickPlace 7.0 uses the underlying time zone configuration of the Domino server on which it runs.
i5/OS documentation
The Lotus QuickPlace Administrators Guide, the Lotus QuickPlace Installation and Upgrade Guide, the Lotus QuickPlace Developers Guide, and the Lotus QuickPlace Release Notes now incorporate information for iSeries (i5/OS) administrators. The installing and managing guide and the Readme files specifically for iSeries no longer exist for Lotus QuickPlace 7.0
New product ID for i5/OS

The product ID on i5/OS for Lotus QuickPlace 7.0 is 5724J24. For version 6.5.1 it was 5733LQP.
New features for users

The following features are new for users. For more information on these features, see the Help.
Domino time zone support

Users can set time zone preferences for places on a server using the same cookie that Domino uses. Earlier versions of Lotus QuickPlace used a different cookie for storing time zone information.
Access control changes

Earlier versions of Lotus QuickPlace supported manager, author, and reader access. Lotus QuickPlace 7.0 supports, in addition, editor access. Like an author, an editor can create, edit, and delete documents. Unlike an author, an editor can also edit and delete documents created by others, unless the document author has restricted access. Task pages are an exception; an editor may not edit a Task page unless the editor is specifically granted access by the creator of the page when the page is published. Access control in Lotus QuickPlace has been changed in the following ways to be more like Domino access control: v Managers can edit and delete all documents in a place, even if access has been restricted by the document author. v Default and Anonymous users are now assigned distinct levels of access to a place. Anonymous users -- users who are not members of a place through individual or group membership and who access places without authenticating -- are assigned the Anonymous level of access, instead of the Default level. Authenticated non-members are assigned the Default access level. You specify these two access levels by adding Anonymous and Default as place members. Anonymous can have only reader access, whereas Default can have reader, author or editor access.
Nested folders
In previous versions of Lotus QuickPlace, folders could contain only documents. Now folders can contain other folders (subfolders). If you use any of the new
themes, you can access these subfolders through the table of contents. If you use any of the themes previously available in Lotus QuickPlace, you can access these subfolders through the folder list.
New themes with expandable table of contents

Lotus QuickPlace includes new themes named Organized and Modern Plus that enable users to expand and collapse folders and subfolders in the Lotus QuickPlace table of contents. These features help you to navigate the hierarchical structure of folders and documents, as well as view a rooms organization.
Document types in folders

Each document listed in a folder displays an icon in the type column that represents the document type.
Offline passwords
Users can now use their Lotus QuickPlace sign in passwords for offline places. Users are no longer required to set or remember a password for each offline place to which they belong.
Offline encryption
Offline Lotus QuickPlaces can be encrypted whenever an offline place is created or synchronized. An administrator can set the encryption server-wide, while a place manager can set the encryption for a specific place.
Improved My Places
In earlier versions of Lotus QuickPlace, when a user displayed the places of which he or she was a member, the performance was poor if a user belonged to a large number of places. In Lotus QuickPlace 7.0, the performance has improved. In addition, a Last Update column has been added, and the places may be sorted by any of the columns (size, title, last updated date, last modified date, name, or title).
Support for Safari on Mac OS-X

Lotus QuickPlace 7.0 now supports the Safari browser on Mac OS-X.
Support for Mozilla Firefox

Lotus QuickPlace now supports the Mozilla Firefox browser.
New features for developers

The following features are new for developers: v Additional customizable components are available for use in theme layouts. v The HTML and JavaScript that the server provides to the browser is no longer encoded, so it is more readable by Lotus QuickPlace developers.
Additional documentation
Refer to the following documentation in addition to this guide. This documentation is available on the Web at http://www.lotus.com/ldd/doc. Under Documentation Links, click by product, and then click the appropriate product. IBM Lotus QuickPlace Administrators Guide -- Describes how to administer Lotus QuickPlace, including how to configure a user directory, the Place Catalog, PlaceTypes, clustering, security, and other features, and how to use QPTool commands for administration.
IBM Lotus QuickPlace Developers Guide -- Describes the Lotus QuickPlace design architecture, and describes how to create and customize place objects, how to access the Java API using XML, how to automate tasks with PlaceBots, and how to customize the look and layout of a place. IBM Lotus QuickPlace Release Notes -- Describes system requirements, support for backward compatibility with earlier versions, new features, workarounds for known problems, and documentation updates for Lotus QuickPlace. IBM Lotus Domino Administrator Help -- Describes how to install, configure, and administer Lotus Domino. IBM Lotus Notes, Domino, and Domino Designer Release Notes -- Describes software requirements, new features and enhancements, troubleshooting tips, and documentation updates for Lotus Notes, Domino Designer, and Lotus Domino. IBM Lotus Sametime Installation Guide -- Describes how to install Lotus Sametime on each supported platform. You must install Lotus Sametime if you want to integrate Lotus Sametime features with Lotus QuickPlace.
Additional resources for i5/OS

In addition to the resources listed in the topic Additional documentation, i5/OS users may find the following helpful: v The Lotus QuickPlace for i5/OS Web site at http://www.ibm.com/eserver/iseries/quickplace v The Lotus QuickPlace Web site at http://www.lotus.com/products/qplace.nsf v The IBM eServer iSeries Information Center has details about installing, setting up, and using TCP/IP. It also includes an overview of Client Access Express and iSeries Navigator. The IBM eServer iSeries Information Center is available on the Web at http://publib.boulder.ibm.com/pubs/html/as400/infocenter.html v The Lotus book Installing and Managing Domino for i5/OS has details on setting up and managing Domino servers. It includes instructions on how to verify that TCP/IP is set up and running on your server. It also has a basic introduction to i5/OS for new users. You can view or download this book and the latest release notes from the Lotus developerWorks Documentation Library at http://www.ibm.com/lotus/ldd/doc You can find other Domino for i5/OS information on the IBM Domino for i5/OS Web site at http://www.ibm.com/eserver/iseries/domino v If you plan to also use Lotus Sametime, review the Lotus Sametime for i5/OS Web site at http://www.ibm.com/eserver/iseries/sametime
Chapter 2 Installing Lotus QuickPlace

This chapter describes how to install IBM Lotus QuickPlace 7.0.
Lotus QuickPlace Installation

Lotus QuickPlace is a self-service Web tool for team collaboration. Teams can use Lotus QuickPlace to store project-related resources (such as files, discussions, and schedules) in a common place where everyone can access the latest information. You install Lotus QuickPlace on a Domino server. This chapter describes how to install Lotus QuickPlace 7.0 for the first time on the Windows, AIX, Sun Solaris, and i5/OS operating systems. If you are upgrading an existing Lotus QuickPlace installation, see the chapter Upgrading to Lotus QuickPlace 7.0.
Installing Lotus QuickPlace on Windows

Follow these steps to install Lotus QuickPlace 7.0 on a Windows system for the first time. If you are upgrading an existing Lotus QuickPlace installation, see the chapter Upgrading to Lotus QuickPlace 7.0. 1. Read the Lotus QuickPlace Release Notes for Lotus QuickPlace version 7.0 at www.lotus.com/ldd/doc for system requirements and other important Lotus QuickPlace installation information. 2. Install Domino 7.0 on the Windows system and run the Domino Server Setup program. For instructions, see Domino Administrator Help, and for system requirements and additional installation information, see the Lotus Notes, Domino, and Domino Designer Release Notes. Both pieces of documentation are available on the Web at http://www.lotus.com/ldd/doc. v During Domino installation choose to install the Enterprise server. v You can choose to install partitioned Domino servers, and then install Lotus QuickPlace on the partitioned servers. If you do, you must configure the server for TCP/IP using IP aliasing, and not port mapping. For more information on configuring the server for TCP/IP, see Domino Administrator Help. v During Domino Server Setup, choose to install HTTP services, which Lotus QuickPlace requires. Stop the Domino server if it is running. Stop any other Windows programs that are running. Insert and start the Lotus QuickPlace installation CD. If you are installing Lotus QuickPlace from a network drive, navigate to the directory that contains the Lotus QuickPlace installation kit. Double-click the Setup.exe file. In the Software License Agreement window, click Accept. In the Welcome window, click Next. In the Choose Destination Location window, select the directory that holds the Domino program files, and then click Next. In the Start Copying Files window, review the directory path names that are displayed, and if they are correct, click Next to begin the installation.
3. 4. 5.
6. 7. 8. 9. 10.
11. After installation is complete, click Next in the QuickPlace Server Configuration window that opens automatically. 12. In the Specify name and password window, type the user name and password for the first Lotus QuickPlace server administrator, and then click Next. This administrator is a local user who signs in to Lotus QuickPlace to configure Lotus QuickPlace server settings, and gives other users access to create places or administer the server. Type a name that is not used in a user directory that you will use with Lotus QuickPlace. For more information on connecting to a user directory, see the Lotus QuickPlace Administrators Guide. 13. In the Congratulations dialog box, click Finish. 14. If multi-server session-based authentication (single sign-on) is enabled on the Domino server, peform the following steps to confirm that it is set up correctly to work with Lotus QuickPlace. If single sign-on is not enabled, ignore this step. a. Start the Domino server. b. Follow the steps for setting up single sign-on authentication described in the chapter Setting Up Security in the Lotus QuickPlace Administrators Guide. Note that after you enable Session authentication in the Server document in the Domino Directory, you must also create a mapping form in the domcfg.nsf database as described in the guide. If the mapping form does not exist when you start Lotus QuickPlace, you will not be able to sign in as the Lotus QuickPlace server administrator specified during installation. c. Stop the Domino server. Do not skip this step. 15. Continue to the topic Starting Lotus QuickPlace on Windows.
Starting Lotus QuickPlace on Windows

Start Lotus QuickPlace by starting the Domino server on which it is installed. To start the Domino server on Windows: v Click Start - Programs - Lotus Applications - Lotus Domino Server. v Click the Lotus Domino Server icon on the Windows desktop.
To sign in to Lotus QuickPlace

To sign in to Lotus QuickPlace as the administrator specified during installation: 1. Open a browser and enter the servers host name appended by /QuickPlace. For example, enter: http://serverone.acme.com/QuickPlace 2. Click Sign In. 3. Type the Lotus QuickPlace administrator user name and password specified during installation, and then click OK. 4. Click Server Settings in the table of contents to specify security settings, to connect to a user directory, and to specify other settings. For more information on specifying server settings, see the Lotus QuickPlace Administrators Guide.
Installing Lotus QuickPlace on AIX or Solaris

Follow these steps to install Lotus QuickPlace 7.0 on an AIX or Solaris system for the first time. If you are upgrading an existing Lotus QuickPlace installation, see the chapter Upgrading to Lotus QuickPlace 7.0. 1. Read the Lotus QuickPlace Release Notes for Lotus QuickPlace 7.0 at www.lotus.com/ldd/doc for system requirements and other important installation information.
2. Install Domino 7.0 on the AIX or Solaris system and then run the Domino Server Setup program. For instructions, see Domino Administrator Help available on the Web at http://www.lotus.com/ldd/doc. v During Domino installation choose to install the Enterprise server. v You can choose to install partitioned Domino servers, and then install Lotus QuickPlace on the partitioned servers. If you do, you must configure the server for TCP/IP using IP Aliasing, not Port Mapping. For more information on configuring the server for TCP/IP, see Domino Administrator Help. v During Domino Server Setup, choose to install HTTP services, which Lotus QuickPlace requires. 3. Stop the Domino server. 4. Open a terminal window and log in to the server as a root user. 5. Navigate to the directory that contains the Lotus QuickPlace installation kit. 6. Enter this command to start the Lotus QuickPlace installation:
./install
7. When prompted, type the number that corresponds to the language in which you prefer to read the Lotus Software Agreement. Press Enter to continue, and then press Enter again to display the license agreement. 8. When you have read the agreement, press 1 to accept the agreement and continue with the installation. Note: Many of the following steps require that you accept a default or type a new value. To change a default, press Enter and type a new value. After you enter a new setting, press Enter to accept the change and continue with the installation. Specify the Domino program directory as the directory where the Lotus QuickPlace program files will be installed. The default Domino program directory is opt/ibm/lotus. You must install the Lotus QuickPlace program files to the directory that holds the Domino program files. Press TAB to continue. Specify the Domino data directory as the directory where the Lotus QuickPlace data files will be installed. The default Domino data directory is /local/notesdata. You must install the Lotus QuickPlace data files into the directory that holds the Domino data files. Press TAB to continue. Specify the UNIX user who will own the Lotus QuickPlace server files. This must be the same user who owns the Domino server files. Specify the UNIX group that will own the Lotus QuickPlace server files. This must be the same group that owns the Domino server files. The UNIX user specified in the previous step must be a member of this group. Type the name and password of the first Lotus QuickPlace administrator. This administrator is a local user that signs in to Lotus QuickPlace to configure Lotus QuickPlace server settings, and to give other users the access to create places or administer the server. Type a name that is not used in a user directory that you will use with Lotus QuickPlace. When the installation program displays Configuration of the Install program is complete, press TAB to review your installation settings. For example: Installation type: New Install Program directory: /opt/ibm/lotus Data directory: /local/notesdata UNIX user: UNIX user
9.
10.
11. 12.
13.
14.
UNIX group: UNIX group 15. Press TAB to install Lotus QuickPlace. 16. If multi-server session-based authentication (single sign-on) is enabled on the Domino server, peform the following steps to confirm that it is set up correctly to work with Lotus QuickPlace. a. Start the Domino server. b. Follow the steps for setting up single sign-on authentication described in the chapter Setting Up Security in the Lotus QuickPlace Administrators Guide. Note that after you enable Session authentication in the Server document in the Domino Directory, you must also create a mapping form in the domcfg.nsf database as described in the guide. If the mapping form does not exist when you start Lotus QuickPlace, you will not be able to sign in as the Lotus QuickPlace server administrator specified during installation. c. Stop the Domino server. Do not skip this step. 17. Continue to the topic Starting Lotus QuickPlace on AIX or Solaris.
Starting Lotus QuickPlace on AIX or Solaris

Start Lotus QuickPlace by starting the Domino server on which it is installed. To start the Domino server on AIX or Solaris, perform the following steps: 1. Log in as the UNIX user specified during the Lotus QuickPlace installation. 2. Navigate to the Domino data directory. 3. Enter the following command to start the Domino and Lotus QuickPlace servers:
<Domino program directory>/bin/server
For example, if you used the default Domino program directory, enter:
/opt/ibm/lotus/bin/server
To sign in to Lotus QuickPlace

To sign in to Lotus QuickPlace as the administrator specified during installation, perform the following steps: 1. Open a browser and enter the servers host name appended by /QuickPlace. For example, enter: http://serverone.acme.com/QuickPlace 2. Click Sign In. 3. Type the Lotus QuickPlace administrator user name and password specified during installation, and then click OK. 4. Click Server Settings in the table of contents to configure security settings, to connect to a user directory, and to configure other settings. For more information on configuring Server Settings, see the Lotus QuickPlace Administrators Guide.
Installing on IBM i5/OS

Follow the instructions in this section if you are performing a new installation of Lotus QuickPlace on IBM i5/OS. If you are upgrading an existing Lotus QuickPlace server, see Upgrading to Lotus QuickPlace 7.0. To install Lotus QuickPlace on i5/OS, complete the following tasks: v Prepare your TCPIP connection v Install and configure a Domino server for Lotus QuickPlace v Pre-accept the Lotus QuickPlace software agreements
10
v Install Lotus QuickPlace v Add Lotus QuickPlace to a Domino server v Start the Domino server and access Lotus QuickPlace
Lotus QuickPlace and Domino compatibility on i5/OS

Lotus Domino must be installed on the same system as Lotus QuickPlace, and the software versions of the two products must be compatible. This includes the following considerations: v Lotus QuickPlace 7 requires Domino 7. For the latest information about compatibility between Team Workplace and Domino releases on i5/OS, go to http://www.ibm.com/eserver/iseries/quickplace v You must install Domino and Lotus QuickPlace on the same system. Install Domino first and then install Lotus QuickPlace. v If you have an earlier version of Lotus QuickPlace installed on the i5/OS platform, you must remove the Lotus QuickPlace product, upgrade to Domino 7, and then install Lotus QuickPlace 7. Removing an existing Lotus QuickPlace installation is not required for Windows, AIX, and Solaris. For more information on upgrading, see the chapter Upgrading to Lotus QuickPlace 7. v Lotus QuickPlace must use the Domino HTTP server (the Domino HTTP server task). Lotus QuickPlace will not work with the IBM HTTP server. On the i5/OS platform, the IBM HTTP server can be running on your system for other applications. Follow the instructions in the topic Verifying the configuration of IBM HTTP Server to ensure you do not encounter TCP/IP port conflicts between the Lotus QuickPlace server and the IBM HTTP server. v On the i5/OS platform, there are language considerations for Lotus QuickPlace. The QNOTES user profile has a locale object associated with it that identifies some of the language dependent settings, such as date and time separators, that will be used by the server. Lotus QuickPlace and Domino share the QNOTES user profile and locale objects. As a result, when you add Lotus QuickPlace to a Domino server, Lotus QuickPlace uses the QNOTES user profile and the locale settings that are associated with the Domino server. After the Domino server is set up, you can install Lotus QuickPlace and then install the files for your preferred language from the Lotus QuickPlace Language Pack. For more information, see the Readme.txt file included on the Lotus QuickPlace Language Pack CD.
Preparing your TCP/IP configuration

Your system must have enough TCP/IP addresses defined so that you can that you can assign at least one for the exclusive use of each of the following servers: v Your Lotus QuickPlace server v Each Domino server v Each Sametime server v Each instance of IBM HTTP Server running on your system Each of these servers must use a unique host name or TCP/IP address to avoid port conflicts between the servers. Do not attempt to use Domino port mapping. Contact your network administrator to assign additional TCP/IP addresses and host names, if needed. Ensure that the new host names are also added to your Domain Name Server (DNS). Complete the following steps, as appropriate for your system:
11
v v v v v
Add TCP/IP interface and host name Verify TCP/IP configuration of other Domino servers Verify TCP/IP configuration of Sametime servers Verify TCP/IP configuration of IBM Directory Server (LDAP) Verify TCP/IP configuration of IBM HTTP Server (powered by Apache)
Adding a TCP/IP interface and host name

If your network administrator has assigned an additional TCP/IP interface for your use, follow these steps to add the interface to your system: 1. Open iSeries Navigator. 2. Open the system where you will add Lotus QuickPlace. 3. Click Network. 4. Click TCP/IP Configuration. 5. Right-click Interfaces and select New Interface. 6. Select Local Area Network. 7. Follow the wizards instructions to configure the TCP/IP interface. If you need assistance in any window of the wizard, click Help. To add a host table entry for the TCP/IP interface: To add a host table entry for the TCP/IP interface you plan to use for your Lotus QuickPlace server, follow these steps: 1. Open the Host Table. v Open iSeries Navigator. v Open the system where you plan to install Lotus QuickPlace. v Click Network. v Right-click TCP/IP Configuration and select Properties. v On the TCP/IP Configuration properties display, click the Host Table tab. Click Add. In the IP Address field enter the TCP/IP address you have chosen to use for your Lotus QuickPlace server. For example, enter 10.1.2.4. In the Host name field, enter the fully qualified name for the Domino server where you will add Lotus QuickPlace. For example, enter twpserver.acme.com. Optional: enter a description in the Description field. Click OK to add the entry to your servers host table.
2. 3. 4. 5. 6.
7. Click OK to exit the TCP/IP Configuration Properties window.
Verifying the configuration of other Domino servers

Complete the following steps for each Domino server on your system: 1. Open the Server document of the Domino server. 2. Select Internet Protocols. 3. Select the HTTP tab. 4. In the Host name(s) field, enter a unique TCP/IP address or TCP/IP host name of your Domino server. 5. In the Bind to host name field, select Enabled. 6. Restart the Domino server to make any changes take effect. For more information on unique Domino host names and the Bind to host name option, see the Lotus book, Installing and Managing Domino 7 for i5/OS (i400help.pdf). This book is available on the Web at
12
http://www-10.lotus.com/ldd/doc
Verifying the configuration of Sametime servers

See the document Installing and Managing IBM Lotus Sametime 7 for i5/OS for information about properly configuring your Sametime server to use a unique host name and TCP/IP address. This book is available on the Web at http://www-10.lotus.com/ldd/doc
Verifying the configuration of IBM Directory Server (LDAP)

To verify the configuration of IBM Directory Server (LDAP), follow the procedure appropriate for your environment. If you do not plan to use IBM Directory Server (LDAP) on the same system: If you are not planning to use IBM Directory Server (LDAP) on the same system as your Lotus QuickPlace server, you should disable it by completing these steps: 1. Open iSeries Navigator and open your system. 2. Click Network. 3. Click Servers. 4. Click TCP/IP. 5. From the list on the right, right-click Directory and select Stop. If you plan to use IBM Directory Server (LDAP) on the same system: If you are planning to use it, complete these steps to force the IBM Directory Server to use a specific IP address: 1. Open iSeries Navigator and open your system. Click Network. Click Servers. Click TCP/IP. From the list on the right, right-click Directory and select Properties. Click the Network tab. Click IP Addresses... Select Use selected IP addresses and specify from the list which interfaces you want to bind. 9. Click OK to close the Directory - IP Addresses page. 10. Click OK to close the Directory Properties page. 2. 3. 4. 5. 6. 7. 8.
Verifying the configuration of IBM HTTP Server (powered by Apache)

Your Lotus QuickPlace server will use the Domino HTTP server. It is possible that you may have already configured IBM HTTP Server (powered by Apache) on your system for other applications. If so, then you must verify that each instance of the IBM HTTP Server (powered by Apache) is bound to a specific TCP/IP address. To change the IBM HTTP Server (powered by Apache) settings, follow these steps: 1. If the IBM HTTP server is currently running, stop it. v Open iSeries Navigator. v Open the system where you plan to install Lotus QuickPlace. v Click Network. v Click Servers. v Click TCP/IP.
13
v In the right pane, right-click HTTP Administration and select Stop Instance-->All. 2. Start the HTTP Administration server. v Click Network. v Click Servers. v Click TCP/IP. v In the right pane, right-click HTTP Administration and select Start. 3. Open the IBM HTTP server configurations page. v Start your Web browser. v Enter the following URL: http://mysystem:2001 where mysystem is the name of your system. v Click IBM Web Administration for iSeries. v Select the Manage tab. v Select the HTTP Servers tab. 4. Select a configuration from the menu at the top of the screen, and complete the following items for each configured instance of the IBM HTTP server. v From the list on the left pane, select General Server Configuration. v In the right pane, find the IP address and port table in the section called Server IP address and ports to listen on. v If one of the rows in the table has an asterisk (*) in the IP Address column, then the server is listening on all IP addresses. Select that row. Replace the asterisk (*) with the IP address for this server and click Continue. v When finished updating the server IP address table, click Apply to save your changes. 5. When each instance of the IBM HTTP server is configured to use a specific IP address, restart the HTTP servers. v Open iSeries Navigator. v Open the system where you plan to install Lotus QuickPlace. v Click Network. v Click Servers. v Click TCP/IP. v In the right pane, right-click HTTP Administration and select either Start Instance-->All, or select the particular server instances you would like to start. For more information on managing IBM HTTP server, see the IBM eServer iSeries Information Center at http://www.ibm.com/eserver/iseries/infocenter
Installing and configuring a Domino server for Lotus QuickPlace

Before installing Lotus QuickPlace, you must install Domino 7 and configure it for Lotus QuickPlace. For complete instructions on configuring a Domino server, see Installing and Managing Domino for i5/OS.
14
Your Domino server must be bound to the IP address prepared for use with Lotus QuickPlace. For more information, see Preparing your TCP/IP connection. To bind the Domino server to the IP address set aside for Lotus QuickPlace, follow these steps: v Open the Server document of the Domino server. v Select Internet Protocols. v Select the HTTP tab. v In the Host name(s) field, enter the TCP/IP address set aside for Lotus QuickPlace. v In the Bind to host name field, select Enabled. v Restart the Domino server to make any changes take effect.
Pre-accepting the Lotus QuickPlace software agreements

It is highly recommended that you display and accept the Lotus QuickPlace software agreements before installing Lotus QuickPlace. If you do not pre-accept the software agreements, the installation process will restore the product to the system, but then stop and wait for you to accept the agreements before completing the installation. 1. Insert the Lotus QuickPlace CD into the optical drive of your system. 2. Enter the following command on an i5/OS command line:
GO LICPGM
The Work with Licensed Programs display appears. 3. From the Work with Licensed Programs (LICPGM) menu, select option 5 (Prepare for install) and press Enter. The Prepare for Install display appears. 4. Type 1 in the option field next to Work with software agreements. Press Enter. When the Work with Software Agreements display appears, you see all IBM licensed programs that require software agreement acceptance and whether the agreement has been accepted. Only licensed programs that are not yet installed appear on this display. The software agreements for Lotus QuickPlace will not appear in the list until you restore them from the CD in a later step. 5. Press F22 (shift-F10) to restore the Software Agreements from the Lotus QuickPlace CD. For the Device parameter, specify the name of your optical drive. For example, OPT01. Press Enter to restore the QuickPlace software agreements to the system. 6. Once the Software agreements are restored from the QuickPlace CD, the following message is displayed:
Waiting for reply to message on message queue QSYSOPR.
You can sign on to another session to respond to the message or ask the system operator to respond. To view and respond to the message from another session: a. Enter the following command on an i5/OS command line:
wrkmsgq qsysopr
b. Select option 5 to display the messages in the QSYSOPR message queue. c. Locate the following message in the queue: Load the next volume in optical device OPT01. (X G) The Lotus QuickPlace software agreements have already been restored. If you want to restore more software agreements from another CD, insert the
15
next CD and respond with G. When the sofware agreements have been restored from the next CD, the message is issued again. When you are done, respond to the message with X. 7. The Work with software agreements display should now include an entry for Lotus QuickPlace: Licensed Program 5724J24. 8. For each entry for Licensed Program 5724J24, type 5 in the option field and press Enter to display the Software Agreement. Then press F14 (Accept) to accept the terms of the software agreement.
Installing Lotus QuickPlace on i5/OS

Follow these steps if you are installing Lotus QuickPlace on your system for the first time. If you are upgrading an existing Lotus QuickPlace server, see Chapter 5 Upgrading from a previous version of Lotus QuickPlace. To install Lotus QuickPlace, follow these steps: 1. Review the Readme.html file that is included with Lotus QuickPlace. For additional updates, go to http://www.ibm.com/eserver/iseries/QuickPlace 2. Sign on to your system with a user profile that has the required authority. For more information, see the IBM Lotus QuickPlace 7 Release Notes. 3. Verify that your system meets all of the Lotus QuickPlace server requirements documented in the IBM Lotus QuickPlace 7 Release Notes. 4. Insert the Lotus QuickPlace for i5/OS CD-ROM in your optical drive. 5. On any i5/OS command line, type the following command and press F4:
LODRUN
6. On the LODRUN display, type the following value in the Device field and press Enter:
*opt
7. In the Directory field, type the following value and press Enter:
/os400
8. When the Lotus QuickPlace option screen is displayed, type a 1 beside the Lotus QuickPlace product option and press Enter to begin the installation. The system loads the Lotus QuickPlace programs to the appropriate system libraries and /QIBM directories. Note: If the Domino server ID files are password protected, you will be prompted to enter the password. After the password has been entered, press Enter to continue with the installation of Lotus QuickPlace. If your server ID file has multiple passwords, the passwords must be entered one at a time. 9. If you prefer to use a non-English version of Lotus QuickPlace, you should install the Lotus QuickPlace Language Pack at this time. The Language Pack can either be installed from CD-ROM or downloaded from the Web. Language Pack installation instructions are included with the Language Pack.
Starting Lotus QuickPlace on i5/OS

After you add Lotus QuickPlace to the Domino server, you need to start the server in order to access Lotus QuickPlace. Note: If you chose to start the Domino server when you used ADDLQPDOM command, skip to step 4.
16
1. From any i5/OS command line, type the following command and press Enter:
WRKDOMSVR
2. On the Work with Domino Servers display, type a 1 next to the Lotus QuickPlace server and press Enter. Tip: You can also start a Lotus QuickPlace server by entering the following command: STRDOMSVR SERVER(servername) where servername is the name of the Lotus QuickPlace server. 3. Periodically press F5 to refresh the screen and wait for the server status to be *STARTED. 4. To verify Lotus QuickPlace and HTTP are working properly, use option 8 to display the console for the Lotus QuickPlace server. You should see messages that indicate Lotus QuickPlace has started and HTTP has started. Press F5 periodically to refresh the console screen. Note: If the server status does not change from Starting to Started and your Domino server ID file is password protected, you may need to enter the server ID password from the Domino console. For more information on accessing the Domino console, see the Lotus book Installing and Managing Domino for i5/OS. 5. Once the Lotus QuickPlace server is started, open a Web browser and type the servers host name appended by /QuickPlace. For example:
http://twpserver.acme.com/QuickPlace
6. To sign in as the administrator: v Click Sign In. v Type the Lotus QuickPlace Administrator name and password that you specified when you ran the ADDLQPDOM command. v Click Server Settings in the table of contents. For information on the administration place and assigning administrators to a Lotus QuickPlace server, see the Lotus QuickPlace Administrators Guide.
Troubleshooting Lotus QuickPlace installation on i5/OS

When you add Lotus QuickPlace to a Domino server, a file called QuickPlaceInstall.log in your server data directory is created or updated to indicate whether the configuration process was successful. You can determine the configuration or upgrade status of Lotus QuickPlace by viewing this log file. To view the file, follow these steps: 1. Open iSeries Navigator. 2. Open the system where you added Lotus QuickPlace. 3. Click File Systems. 4. Click Integrated File System. 5. Click Root. 6. Click servername. where servername is the name of your Lotus QuickPlace server. 7. Click data.
17
Note: The actual path of your servers data directory may be different. Substitute values appropriate for your environment to find your servers data directory. 8. Right-click quickplaceinstall.log and select Edit. The text file will launch in a new window, and provide information on configuration and upgrade status.
Adding Lotus QuickPlace to the Domino server

To add Lotus QuickPlace to a Domino server, follow these steps: 1. Stop the Domino server on which you plan to add Lotus QuickPlace. 2. On any i5/OS command line, type the following command and press F4:
ADDLQPDOM
3. Fill in the following fields and press Enter to add Lotus QuickPlace to the Domino server.
Field Domino server name Lotus QuickPlace Administrator Explanation The name of the Domino server where you will add Lotus QuickPlace. Specifies the name of the person who is the administrator for this Lotus QuickPlace server. The administrators name should be a local user and should not be present in the external directory. The password you want to use for the Lotus QuickPlace administrators ID. Keep a record of this password as you will need it to sign on to the Lotus QuickPlace home page as the administrator. The Server ID password is only required if the Domino server is password-protected. You would have specified this password when the Domino server was created. If the ID file requires multiple passwords, then the passwords must be enclosed inside single quotation marks and separated by commas. For example: Password.......password1,password2 Start Domino Server If you press F10, an additional parameter is displayed. This parameter gives you the option of starting the Lotus QuickPlace server immediately after adding Lotus QuickPlace to the Domino server. To start the Domino server after adding Lotus QuickPlace, specify *YES.
Administrator password
Server ID Password
Running multiple QuickPlace servers on i5/OS

The i5/OS platform allows you to run multiple servers and applications within the same logical partition (LPAR). In addition to your Lotus QuickPlace server, you may decide to run multiple Domino servers, Sametime servers, HTTP servers, and LDAP servers, all in the same LPAR. However, you must carefully configure your TCP/IP environment so that the various servers do not encounter port conflicts. It is recommended that you assign a separate TCP/IP address to each server and that
18
you bind each server to its assigned IP address. In addition, be sure that your server is properly sized to handle the workload. For more information, see the following: v The topic Preparing your TCP/IP connection v The document Installing and Managing Sametime 7 for i5/OS v Technote #1091353, Sametime for iSeries: Can Sametime and QuickPlace Be Installed on the Same System? You can find this technote by searching for 1091353 at the following Web site http://www.ibm.com/software/support
Removing QuickPlace from a Domino server on i5/OS

The Remove Lotus QuickPlace from a Domino Server command makes the following changes to a Domino server: v Removes Lotus QuickPlace data from the Domino server. v Removes the Lotus QuickPlace directory from the Domino server data directory. v Changes the NOTES.INI file for the Domino server to disable Lotus QuickPlace. To remove Lotus QuickPlace from a Domino server, follow these steps. To perform this task, you must have *ALLOBJ, *IOSYSCFG, *JOBCTL, and *SECADM special authorities. 1. End the Domino server and subsytem using the steps in the previous section Ending a Lotus QuickPlace server using commands. 2. Type the following i5/OS command:
RMVLQPDOM dominoservername
where dominoservername is the actual name of the Domino server. 3. Verify that you want to remove Lotus QuickPlace from the Domino server by typing a G and pressing Enter. Note: If you do not wish to remove Lotus QuickPlace from the Domino server, press any other key. 4. Restart the Domino server. 5. To verify that Lotus QuickPlace was removed from the Domino server, use a Web browser to try to access the Lotus QuickPlace home page for the Domino server at the following URL: http://dominoservername:port/QuickPlace where dominoservername is the name of your Lotus QuickPlace server and port is the associated port number. For example:
http://twpserver1:81/QuickPlace
You should get an error indicating that the file was not found.
19
20
Chapter 3 Setting Up Lotus QuickPlace for Offline Use

This chapter explains how to set up Lotus QuickPlace so that users can take places offline with Domino Off-Line Services.
Setting up Lotus QuickPlace for offline use

Domino Off-Line Services provides a way for users to take places offline, make changes to them, and then synchronize the changes with the online version on the Domino server. To take a place offline, a user must be an individual member (external or local) of the place and any rooms. A user who has access to a place or rooms through a group membership (external or local), cannot take a place or rooms offline. To set up the Lotus QuickPlace server so that Lotus QuickPlace users can take places offline with Domino Off-Line Services, perform the following tasks after you install the Lotus QuickPlace server: 1. (Recommended) Connect Lotus QuickPlace to use a user directory. 2. 3. 4. 5. 6. 7. Enable Domino Off-Line Services. Create a certifier ID or IDs for user authentication. Create an Offline Security Policy document for each new certifier ID. Translate external user names to the Domino format, if necessary. (Optional) Encrypt offline places. (Optional) Use Lotus QuickPlace sign on passwords for offline use.
For answers to frequently asked questions about offline setup, see the topic Offline setup FAQs later in this chapter. For information on troubleshooting offline problems, see the Lotus QuickPlace Administrators Guide.
Connecting Lotus QuickPlace to a user directory

If your offline users are registered in a directory, you must configure Lotus QuickPlace to use that directory. You can set up Lotus QuickPlace to manage the directory lookups or you can set up Domino to manage the directory lookups. For information on connecting to a user directory, see the Lotus QuickPlace Administrators Guide.
Enabling Domino Off-Line Services on AIX, Solaris, and Windows

On the AIX, Solaris, and Windows operating systems, perform the following steps to enable Domino Off-Line Services on the Lotus QuickPlace server. 1. Start the Domino server. 2. Open the servers Server document in the Domino Directory. 3. Click the Internet Protocols - HTTP tab. 4. Add the following value to the DSAPI filter file names field, if it is not already there: v On Windows: ndolextn v On AIX or Solaris: libdolextn 5. Stop the Domino server.
21
6. Navigate to the Domino program directory, and open the Domino servers notes.ini file. 7. Add the two lines indicated in the following table to the notes.ini file.
Platform Windows Notes.ini settings EXTMGR_ADDINS=nqpextmgr.dll CheckCacheBeforeDSAPI=1 AIX EXTMGR_ADDINS=libqpextmgr_r.a CheckCacheBeforeDSAPI=1 Solaris EXTMGR_ADDINS=libqpextmgr.so CheckCacheBeforeDSAPI=1
8. Make sure there is a blank line at the end of the notes.ini file. Press Enter to create a blank line, if necessary. 9. Save the file. 10. Start the Domino server.
Enabling Domino Off-Line Services on i5/OS

Use iSeries Navigator to ensure that Domino Off-Line Services is properly enabled on your Domino server: 1. Stop the Domino server. 2. Using iSeries Navigator, open the system where your Domino server is located and display the list of Domino servers. v Click Network. v v 3. If v v Click Servers. Click Domino to display the list of Domino servers. necessary, change the server setting to enable Domino Off-Line Services. Right-click your Domino server and select Properties. On the Services tab, select Domino Off-Line Services from the Enable services list.
v Click Enable. v Click OK. Tip: You can also use an i5/OS command interface and enter the following command: CHGDOMSVR SERVER(servername) DOLS(*YES) where servername is the name of your Domino server. 4. Edit the notes.ini file for your Domino server: v Right-click your Domino server and select Properties. v On the Initialization File tab, click Edit and add the following settings: EXTMGR_ADDINS= qpexmgr CheckCacheBeforeDSAPI=1 Note: If these lines begin with a semicolon (;), then these lines are designated as comments, and the semicolon should be removed. v Save and close the notes.ini file.
22
v Click OK on the Properties dialog box. 5. Start the server.
Certifier IDs for authenticating offline users

To set up authentication for offline users, you create one or more certifier IDs that can authenticate the users, and then attach each certifier ID to an Offline Security Policy document in the Offline Services database (doladmin.nsf). When users install places offline, the Domino server uses the certifier ID to generate new user IDs, and downloads the IDs to the users computers. These IDs are used to authenticate users when they synchronize the offline and online versions of places. The following points about certifiers are important to keep in mind to ensure offline user authentication works properly. For more information on certifier IDs, see Domino Administrator Help.
New organization certifier required for external users in a different organization from the server
If external offline users are in a different organization hierarchy from the Domino server on which Lotus QuickPlace runs, you must create an organization certifier ID for their organization, cross-certify that certifier ID with the Domino servers organization certifier ID, and then attach the cross-certified ID to an Offline Security Policy document. For example, if the Domino server is within the /Org organization, but there are external users within the /Acme organization, create an /Acme organization certifier ID, cross-certify it with the /Org certifier ID, and then create an Offline Security Policy document and attach the cross-certified /Acme certifier ID to it.
Certifiers authenticate one level down

A certifier ID authenticates only users with names at its level and one organizational unit level down in the name hierarchy. For example, the /Acme organization certifier authenticates Alice Brown/Acme, Lee Moutal/Marketing/Acme, and Maryane Burns/Sales/Acme, but not Claudia Basso/East/Sales/Acme. To authenticate Claudia Basso/East/Sales/Acme, you must create an organizational unit certifier ID for /Sales/Acme, and then create an Offline Security Policy document and attach the ID to it.
Separate organizational unit certifier recommended for external users within the same organization as the server
If offline users are within the organization hierarchy of the Domino server on which Lotus QuickPlace runs, put them under their own organizational unit certifier as a security measure to limit their access to the Domino server.
Distinguished names that dont follow the Domino naming convention require translation
Domino recognizes only the following attributes in a distinguished name: CN,OU, O, and (optionally) C. If external user names use attributes that are different from these attributes, you must use the name_translation setting in the offline section of the qpconfig.xml file on the server to translate them to the Domino format. For more information, see the topic LDAP distinguished name translation for offline use. When you create an Offline Security Policy document, you specify the certifier name in Domino format.
23
/QP organizational unit certifier required for local users

For local offline users, create the organizational unit certifier /QP from the Domino servers certifier. For example if the Domino servers certifier is the organization certifier /Org, use the /Org certifier ID to create the organizational unit certifier /QP/Org, and then attach the /QP/Org certifier ID to an Offline Security Policy document. Or if the Domino servers certifier is the organizational unit certifier /Sales/Org, use the /Sales/Org certifier ID to create the organizational unit certifier /QP/Sales/Org, and then attachthe/QP/Sales/Org certifier to an Offline Security Policy document.
Separate Security Policy documents required for local and external users
You must create separate Security Policy documents and IDs for local users (users registered in places) and external users (users registered in a directory). You can attach only one certifier ID to each Security Policy document.
Creating an organization certifier for external users in a different organization

If external offline users are in a different organization hierarchy than the Domino server on which Lotus QuickPlace runs, create an organization certifier ID for that organization and then cross-certify that certifier ID with the Domino servers certifier ID. For example, if the Domino server certifier is the /Org certifier, but external users are within the /Acme organization, create an /Acme organization certifier ID and then cross-certify /Acme with /Org. To create the organization certifier: 1. From the Domino Administrator, select your server, for example, ServerA/Org. 2. Click the Configuration tab. 3. On the right pane of the Domino Administrator, click Registration, and then click Organization to open the Register Organization Certifier dialog box. 4. Click Registration Server and choose the Domino servers name, for example, ServerA/Org, and then click OK. 5. In the Organization name field, type the organization name of the external users, for example, Acme. 6. (Optional) Type a country code. 7. In the Certifier password field, type a password for the new organization certifier ID. 8. Click Set ID File and specify a file name, for example acme.id, and local path name in which to save the new certifier ID file. Note: For security reasons, back up doladmin.nsf and delete the ID file from your system directory after this ID is attached to an Offline Security Policy document. 9. (Optional) Complete additional fields in the Register Organization Certifier dialog box. Click ? for information on these fields. 10. Click Register to create the organization certifier ID locally and to register the certifier in the Domino Directory of the Domino server. 11. Perform the following steps to cross-certify the certifier ID you crated with the Domino server certifier:
24
a. If you are using a remote Domino Administrator client, copy the Domino servers certifier ID to the local machine. By default, the servers certifier ID file is called cert.id and is located in the Domino data directory on the server. b. Verify that the Domino server is selected in the Domino Administrator. c. From the Domino Administrator, click the Configuration tab. d. Click Certification, and then click Cross Certify. e. Click Certifier ID and select the Domino server certifier ID, for example, cert.id, and then click OK. f. Type the password for the Domino servers certifier ID. The administrator who set up the Domino server created this password. g. In the Choose ID to be Cross-Certified dialog box, select the organizational certifier ID you created, for example, acme.id, h. In the Issue Cross Certificate dialog box, click Cross Certify to create a cross-certificate in the Domino Directory of the Domino server.
Creating an organizational unit certifier for external users

If external users are in a different organization from the Domino server, create an organizational unit certifier ID for these users if their names are more than one organizational unit level down in the name hierarchy from the organization certifier you created in the previous step. For example, to authenticate Claudia Basso/East/Sales/Acme, you must create an organizational unit certifier for /Sales/Acme from the /Acme certifier. However, for the users Alice Brown/Acme, Lee Moutal/Marketing/Acme, and Maryane Burns/Sales/Acme, there is no need to create an organizational unit certifier because the /Acme certifier will authenticate them. If users are in the same organization as the Domino server, creating an organizational unit certifier ID from the Domino server certifier specifically for them is recommended as a way to restrict their access to the Domino server. To create the organizational unit certifier: 1. Make sure the certifier ID from which you will create the organizational unit certifier is stored locally on the machine on which you run the Domino Administrator. 2. From the Domino Administrator, select the Domino server, for example, ServerA/Org. 3. Click the Configuration tab. 4. Click Registration - Organizational Unit. 5. Click Server and select the Domino server. 6. Click Certifier ID and choose the certifier ID to use to create the organizational unit certifier, for example, acme.id or cert.id, and then click OK. 7. Type the password for the selected certifier ID and click OK. 8. If the message The certifier ID you have chosen does not contain recovery information is displayed, read the message, and click OK. 9. In the Register Organizational Unit Certifier dialog box, click Registration Server and choose the Domino server, for example, ServerA/Org. 10. (Optional) Click Certifier ID to change which certifier ID to use to register the new certifier ID. 11. In the Organizational Unit field, type the name for the organizational unit. For example, if the users are under Sales/Acme, type Sales.
25
12. In the certifier password field, type a password for the new certifier. 13. Click Set ID File and specify the file name and local path name for the new organizational unit certifier ID file. Note: For security reasons, back up doladmin.nsf and delete the ID file from your system directory after this ID is attached to an Offline Security Policy document. 14. (Optional) Complete the additional fields in the Register Organizational Unit Certifier dialog box. Click ? for information on these fields. 15. Click Register to create the organizational unit certifier ID file locally and to register the new certifier in the Domino Directory of the Domino server.
Creating a /QP organizational unit certifier for local users

For local offline users, use the Domino servers certifier to create the organizational unit certifier /QP. For example, if the Domino servers certifier is the organization certifier /Org, use the /Org certifier to create the organizational unit certifier /QP/Org. Or if the Domino servers certifier is /West/Org, use the /West/Org certifier to create the organizational unit certifier /QP/West/Org. To create the /QP organizational unit certifier: 1. Make sure the Domino certifier ID is stored locally on the machine on which you run the Domino Administrator. By default, the Domino server ID is cert.id. 2. From the Domino Administrator, select the Domino server, for example, ServerA/Org. 3. Click the Configuration tab. 4. Click Registration - Organizational Unit. 5. Click Server and select the Domino server. 6. Click Certifier ID, select the Domino server certifier ID, then click OK. 7. Type the password for the certifier ID and click OK. The adminstrator who set up the Domino server created this password. 8. If you see the message The certifier ID you have chosen does not contain recovery information, read the message and click OK. 9. In the Register Organizational Unit Certifier dialog box, click Registration Server and choose the Domino server, for example, ServerA/Org. 10. In the Organizational Unit field, type QP. 11. In the certifier password field, type a password for the new certifier. 12. (Optional) Click Set ID File to specify the file name and local path name in which to store the /QP organizational unit certifier ID file. Note: For security reasons, back up doladmin.nsf and delete the ID file from your system directory after this ID is attached to an Offline Security Policy document. 13. (Optional) Complete the additional fields in the Register Organizational Unit Certifier dialog box. Click ? for information on these fields. 14. Click Register at the bottom of the dialog box to create the /QP oganizational unit certifier ID file locally and to register the organizational unit in the Domino Directory on the Domino server.
26
Creating an Offline Security Policy document

Create an Offline Security Policy document for each certifier you created for offline users. Offline Security Policy documents are stored in the doladmin.nsf database on the Domino server. Note: For security reasons, after you have created all the Offline Security Policy documents that you require, back up the doladmin.nsf database and then delete any of the new certifier ID files from your system directory. 1. 2. 3. 4. 5. From the Domino Administrator, select your server, for example, ServerA/Org. Click the Configuration tab. In the left pane, click Offline Services, and then click Security. Click New Security Policy. In the Security domain field, type the hierarchical name of an organization or organizational unit certifier you created for offline users. The following names are examples of certifier names: /Acme /Sales/Acme /QP/Org Remember to type the leading backward slash (/). Note: Specify a country code if the certifier uses one, for example, /Sales/Acme/US. 6. In the ID deployment policy field, click one of the following options:
Option Prompt for ID during download Description Before offline installation, users are asked to specify where on their computers their user IDs are stored. The administrator must provide the IDs to the users. This is the default ID deployment policy. This option is recommended for and applies only to offline users who are Notes users registered with Notes IDs in the primary Domino Directory of the Domino server (names.nsf). Automatically generate user IDs Before offline installation, a certifier ID is generated for users automatically. If you select this option, the Automatic tab is displayed. Click this tab and attach the certifier ID to be generated, set the password, and set the ID expiration date. You must select this option if offline users are not registered in the primary Domino Directory of the Domino server. For example, you must select this option if offline users are registered in a remote LDAP directory.
7. (Optional) Select Overwrite existing user IDs to cause users offline IDs to be overwritten with a new ID each time they install a place offline. Note: Do not select this option if offline encryption is used. Users whose IDs are overwritten will not be able to open an offline place encrypted with a key from the previous ID. 8. Save the document.
27
LDAP distinguished name translation for offline use

Domino recognizes only the following attributes in a distinguished name: CN,OU, O, and (optionally) C. The name can be expressed in hierarchical form as follows: common_name/org_unit/org/country_code For example, the name CN=James Moore, OU=East, O=Acme, C=US can be expressed as James Moore/East/ACME or James Moore/East/ACME/US. If the disinguished names of users in an LDAP directory do not follow this model and you use Domino Off-Line Services with Lotus QuickPlace, you must create and configure a qpconfig.xml file to translate users names into a format that Domino recognizes, then translate those names back into their original LDAP format. This step is required regardless of whether Lotus QuickPlace or Domino manages the directory lookups. For example, a distinguished name such as UID=James Moore/C=US/OU=East/O=acme.com needs to be translated.
How to configure translation

To translate distinguished names, you use the name_translation element in the offline element of the qpconfig.xml file to create name translation rules. Translation rules typically contain text strings with symbols that are used to match text patterns. Translation rules are specified in the <translate> element. The following example of translation rules in the qpconfig.xml file translate distinguished names that follow this pattern uid=value/c=value/ou=bluepages/o=ibm.com into the Domino-style name CN=value/OU=bluepages_value/O=ibm_com. The two <translate> elements contain the rules. The from and to attributes within the <translate> elements contain regular expressions, for example, uid=(.+)/c=(.+)/ou=bluepages/o=ibm\.com. The regular expressions contain symbols, for example, (.+) and \:
<server_settings> <offline enabled="true"> <name_translation enabled="true"> <from_directory_name> <translate from="uid=(.+)/c=(.+)/ou=bluepages/o=ibm\.com" to="CN=\1/OU=bluepages_\2/O=ibm_com" /> </from_directory_name> <to_directory_name> <translate from="CN=(.+)/OU=bluepages_(.+)/O=ibm_com" to="uid=\1/c=\2/ou=bluepages/o=ibm.com" /> </to_directory_name> </name_translation> </offline> </server_settings>
You create rules for translating LDAP names to Domino names within the <from_directory_name> elment. You specify each LDAP name attribute in the from attribute, using symbols to account for any possible value the attribute might have. For example, the (.+) symbol means one or more occurrences of any character. In the preceding sample, this accounts for any value the uid and c attributes might have. You also use symbols to translate syntax that otherwise might be interpreted as a special character. For example, the \ symbol turns off the
28
special meaning of the character which follows. Without this symbol in o=ibm\.com, the dot (.) would be interpreted by its special character meaning, which is match any single character. The to attribute specifies Domino attributes using symbols to match values from the LDAP attributes and to arrange them in a way Domino recognizes. For example, the symbol \1 means whatever matched the first regular expression. So, the CN attributes value will match the first regular expression (.+) found in the from attribute. In the same way, the symbol \2 means whatever matched the second regular expression. So, the OU value will be the explicitly stated bluepages_ plus the second regular expression (.+), which in this case is the value of the country, or c, attribute. The O attribute is explicitly stated. You can have up to nine regular expressions in one rule. You create rules for translating Domino names back to LDAP names within the <to_directory_name> element using the same method. The preceding translation rules result in the following example translations:
LDAP directory name uid=Joe User/c=us/ou=bluepages/o=ibm.com uid=Nils Nilsen/c=dk/ou=bluepages/o=ibm.com Domino name CN=Joe User/OU=bluepages_us/O=ibm_com CN= Nils Nilsen/OU=bluepages_dk/O=ibm_com
Notice that the regular expressions accommodate the country, or c, code. There is no need to have a separate translation rule for each country code because they can be captured by a (.+) expression, and then inserted anywhere in the translated name with a \[number] expression. Note: The LDAP names specified in from_directory_name and to_directory_name must exactly match the case that is used for the names in the LDAP directory. The attributes of the Domino-style names specified in from_directory_name and to_directory_name (CN, OU, O, or O) must be uppercase.
Table of expressions
There are many symbols that can be used in regular expressions, but only a few are useful for the purpose of translating a non-conforming LDAP name to a Domino name. The following table lists of these symbols, with examples that show how they match a particular LDAP name. All of the examples shown here will match the LDAP distinguished name uid=Joe User/c=us/ou=People1/o=org.com. The symbols described are in bold text in the examples:
Symbol (.+) Description Represents one or more occurrences of any character. Example uid=(.+)/c=(.+)/ou=bluepages/o=ibm\.com
29
Symbol \1, \2, \3, etc.
Description
Example
\1 represents a match with the CN=\1/OU=bluepages_\2/O=ibm_com first regular expression; \2 represents a match with the second regular expression, and so on. Up to 9 regular expressions may be used in one rule. Turns off the meaning of any special character c. Matches any single character. Matches any of the enclosed characters. Matches any character that is not enclosed. Matches any character in this range. Matches any number (zero or more) of the preceding character or bracketed expression. Matches one or more of the preceding character or bracketed expression. uid=Joe User/c=us/ou=People1/o=org\.com uid=Joe User/c=us/ou=People./o=org uid=Joe User/c=us/ou=People[123456789]/o=org uid=Joe User/c=us/ou=People[^2-9]/o=org uid=Joe User/c=us/ou=People[09]/o=org[._]com uid=Joe U.*/c=us/ou=People1/o=org\.com
\c . [...] [^...] n-n *
uid=Joe [A-Zaz]+/c=us/ou=People1/o=org\.com
(regexp)
Delineates a regular expression uid=Joe User/c=(.+)/ou=People1/o=org\.com so that it can be used in the replacement string (the to string in <translate>).
Translating LDAP distinguished names for offline use

If you use Domino Off-Line Services with Lotus QuickPlace, perform the following steps to translate distinguished names in the LDAP directory if the names do not conform with the Domino naming model: 1. Open the qpconfig.xml file in the Domino data directory. If the file does not exist, create one as described in the Lotus QuickPlace Administrators Guide. 2. Copy the <offline> sample section from the sample_qpconfig.xml file in the Domino data directory and paste it between the two <server_settings> statements in the qpconfig.xml file. 3. Edit the offline translation settings in the qpconfig.xml file to accommodate your needs, as described in the topic LDAP distinguished name translation for offline use. 4. Save the qpconfig.xml file. 5. Enter the following server console command:
restart task http
Example of translating names that contain the dc attribute

The following settings provide an example of translating names that appear in the LDAP user directory as cn=name,ou=People1,dc=acme,dc=com.
<server_settings> <offline enabled="true"> <name_translation enabled="true">
30
<from_directory_name> <translate from="cn=(.+)/ou=People1/dc=acme/dc=com" to="CN=\1/OU=People1/O=acme_com" /> </from_directory_name> <to_directory_name> <translate from="CN=(.+)/OU=People1/O=acme_com" to="cn=\1/ou=People1/dc=acme/dc=com" /> </to_directory_name> </name_translation> </offline> </server_settings>
Encypting offline places

By default, offline places are not encrypted. Enable the encryption setting in the offline section of the qpconfig.xml file to specify that all places taken offline from the server are encrypted. Offline place encryption is similar to Notes database encryption. If you do not enable encryption for all offline places through the qpconfig.xml file, a place manager can enable offline encryption for a specific place through the places Customize - Basics page. Note: If a user uses at least one offline database that is encrypted, then the user must use the same password for all offline databases. To encrypt all offline places on the server: 1. Open the qpconfig.xml file in the Domino data directory. See the Lotus QuickPlace Administrators Guide for instructions on creating this file if it does not already exist. 2. For the encryption element within the offline section, type enabled=true 3. For the encryption level element, type one of the following values:
Value 1 2 3 Description Simple encryption Medium encryption (recommended) Strong encryption
4. Verify that the offline section of the qpconfig.xml file looks similar to the following example:
<offline enabled="true"> <encryption enabled="true"> <level>2</level> </encryption> </offline>
5. Save the qpconfig.xml file. 6. Enter the following server console command:
restart task http
Using Lotus QuickPlace sign in passwords for offline use

By default, offline users must specify an offline password in the Member Profile for each offline place of which they are a member. Use the use_login_passwords setting in the offline section of the qpconfig.xml file to enable offline users to use their Lotus QuickPlace sign in passwords when they sign into any offline place. When you enable this feature, offline users do not have to remember a separate password for each offline place. This feature is supported for both external and local users. This setting applies to all places on the server, although users still have
31
the option to specify place-specific offline passwords through their Member Profiles. If you do not enable this setting server-wide through the qpconfig.xml file, managers of places can enable the feature for places they manage through the Customize - Basics page. Note: If any of a users places is encrypted offline, the users password for all offline places must be the same. This applies to external as well as local users. To enable Lotus QuickPlace sign in passwords for offline use for all places on the server: 1. Open the qpconfig.xml file in the Domino data directory. See the Lotus QuickPlace Administrators Guide for instructions on creating this file if it does not already exist. 2. In the offline section, type true for the use_login_passwords attribute, for example:
<offline enabled="true" use_login_passwords="true"></offline>
restart task http
Configuring Lotus QuickPlace for offline in different environments

This section describes offline configuration steps for various supported environments.
To configure an IBM Network Dispatcher cluster environment

To configure a Lotus QuickPlace server cluster that uses the IBM Network Dispatcher to work with Domino Off-Line Services, you must add the following line to the notes.ini file of all servers in the cluster: $DOLS_TCPIPAddress=FullHostNameOfOneServerInTheCluster or the IP Address of that server For example, in a cluster with servers named blue.enterprise.com, green.enterprise.com, and red.enterprise.com, with a network dispatcher called colors.enterprise.com, add $DOLS_TCPIPAddress=blue.enterprise.com to the notes.ini file on blue.enterprise.com, green.enterprise.com, and red.enterprise.com. Then users can take places offline from any server in the cluster.
To configure a Sun Java System Portal Server environment

The Sun Java System Portal Server serves as a reverse proxy server to handle inbound requests. To configure a Lotus QuickPlace server and Sun Java System Portal Server to work with Domino Off-Line Services, add the following setting to the servers notes.ini file: NoWebFileSystemACLS=1 Without this setting, users must reauthenticate when the place is downloaded to their machine.
32
To configure a Netegrity SiteMinder environment

To set up a server for offline use in a Netegrity SiteMinder environment, you must list the Domino Off-Line Services DSAPI filter first in the list of DSAPI filters in the Server document. 1. Open the Server document in the Domino Directory. 2. Click the Internet Protocols - HTTP tab. 3. Make sure one of the following values is the first listed in the DSAPI filter file names field. v On Windows: ndolextn v On AIX or Solaris: libdolextn 4. If you make a change to the field, restart the server by entering the following command:
restart server
The required order of the three DSAPI filters (Domino Off-Line Services, Netegrity SiteMinder, and QuickPlace) in the DSAPI filter file names field is: 1. Domino Off-Line Services DSAPI filter 2. Netegrity Siteminder DSAPI filter 3. QuickPlace DSAPI filter Note: Lotus QuickPlace on i5/OS does not support Netegrity SiteMinder.
To configure a passthru server environment

To configure a Lotus QuickPlace server in a passthru server environment to work with Domino Off-Line Services, you must do the following: 1. Sign in to the Lotus QuickPlace server as an administrator. 2. Click Server Settings in the table of contents. 3. Click Other Options in the table of contents. 4. Click Edit Options. 5. In the Domino Offline Passthru Server section, type the canonical name and host name of the passthru server. 6. Save the page.
To use an alternate Web server for Domino Off-Line Services downloads

When users take their first place offline, the Domino Off-Line Services client software is installed on their machines so that they can manage their offline places. Because the Domino Off-Line Services client software files are relatively large, the places performance can be affected while a user is installing offline. To help avoid this, you can copy the Domino Off-Line Services files to a directory on an alternate Web server, and then specify a URL that points to that directory. When users install their first place, the Domino Off-Line Services software files are installed from the alternate server. Note: If you use Policy Director, using an alternate Web server for downloads is recommended.
33
To create an alternate Domino Off-Line Services download Web site, do the following: 1. Copy the contents of the <server_data_directory>\domino\html\download\filesets directory, located in the Domino data directory, from the Lotus QuickPlace server to any directory the Web server used for downloads. 2. Sign in to the Lotus QuickPlace server as an administrator. 3. Click Server Settings in the table of contents. 4. Click Other Options in the table of contents. 5. Click Edit Options. 6. In the Alternate Offline download URL section, type an alternate URL that points to the directory with the copied offline files. 7. Click Next.
Hiding the Work Offline link from users

At times you might want to hide the Work Offline link from users, for example, during server maintenance. To hide the Work Offline link: 1. Open the qpconfig.xml file in the Domino data directory. See the Lotus QuickPlace Administrators Guide for instructions on creating this file if it does not already exist. 2. In the offline section, type false for the offline enabled attribute, for example:
<offline enabled="false"> <encryption enabled="true"> <level>2</level> </encryption> </offline>
restart task http
Offline setup FAQs

This section answers questions frequently asked about offline setup. Question: We do not allow local users in our organization. All of our users are in an LDAP directory or a Domino Directory. Do we still need to create an Offline Security Policy document? Answer: Yes, you must create one or more Offline Security Policy documents for users who are registered in a user directory. Question: Our users already have Notes ID files. Do we have to configure the Offline Security Policy document to Automatically generate user IDs? Answer: No. If your users have Notes IDs, you can configure the Offline Security Policy document ID deployment policy to Prompt for ID during download. Users are then prompted to supply their Notes ID files during the installation of the offline place.
34
Question: In our organizational hierarchy, our organization (O) is ACME, our organizational unit (OU) is ACMEWEB, and our domain is ACMEWEB. Our Lotus QuickPlace server is W1SERVER/ACMEWEB/ACME. Should the certifier for our local users be QP/ACMEWEB/ACME? Answer: Yes, this would be the correct hierarchical name for the certifier ID, which would allow your local users to take places offline. However, for easier management, we recommend that all of your Lotus QuickPlace users be made external users (meaning their information is stored in a user directory). Question: We have a large organization. To set up our external users to take places offline, is it necessary to create a different Offline Security Policy document and certifier ID for each of our organizational units? Answer: The number of different Offline Security Policy documents and certifier IDs you must create depends on your organizations hierarchy. When a user takes a place offline, an ID is automatically generated by the Notes registration API. This ID is based on the certifier ID attached to the Offline Security Policy document. The Notes registration API can only create ID files for users as far as one organizational unit down from the root organizational unit for the certifier ID. For example, the following local users can take places offline with the certifier ID QP/<Organization>: Fred/QP/<Organization> John/MyWorld/QP/<Organization> However, the user Mike/Westford/MyWorld/QP/<Organization> cannot take places offline with this certifier ID. For Mike to take places offline, you must create a new Offline Security Policy document, then create and attach one of the following certifier IDs: Westford/MyWorld/QP/<Organization> or MyWorld/QP/<Organization> If all your external users are in the same hierarchy except for the last organizational unit before their user name, you only need one certifier ID for all of those users. Otherwise, you must create multiple certifier IDs. For example, both the following external users can take places offline with the certifier ID /ACME: Joe/PHIL/ACME Will/BOS/ACME However, the following users require two separate certifier IDs: Mary/PHIL/PA/ACME Caroline/BOS/MA/ACME Mary can use either PA/ACME or PHIL/PA/ACME. Caroline can use either MA/ACME or BOS/MA/ACME.
35
Question: The documentation says to create an organizational unit (OU)/Organization certifier. Do we need to create duplicate certifier IDs, or can we make copies of the certifier ID files that were used to create the users? Answer: For security reasons, we do not recommend using existing Domino certifiers. We recommend that you create new certifiers, even if they are based on existing certifiers, because new certifiers based on existing certifiers are duplicates in name only. If you create new certifiers, you do not have to worry about the original certifiers falling into the wrong hands. You must create ID files for users as far as one organizational unit down from the root organizational unit for the certifier ID. See the previous question for more information. Question: Do the offline certifier ID files need to be stored on the Lotus QuickPlace server permanently? Answer: Yes, but only in the doladmin.nsf database. You do not need to store these ID files on the servers file system, only in the doladmin.nsf. Please note that you should always back up this database. Question: How exactly are these certifier ID files used by Lotus QuickPlace? Answer: They are used to generate an offline ID file that maintains secure access between the online and offline versions of a place. When users install a place offline, an ID based on the certifier ID is generated for them and installed on their computer. This offline ID authenticates users when they synchronize the place. The offline ID file password is set by users in the offline password field in their Member page in the online version of the place. Question: Does Domino Off-Line Services support Windows XP? Answer: Yes, a user with administrator access on a Windows XP Professional client workstation can install a place offline to that computer. After the installation is complete, any user can then work with the place normally. This functionality is the same as Lotus QuickPlace offline with Windows 2000 workstations. Please note that Microsoft Windows XP Home Edition is not supported.
36
Chapter 4 Setting Up Lotus QuickPlace to Work with Lotus Sametime

This chapter describes how to integrate the awareness, instant messaging, and Web conferencing (Sametime meeting) features of IBM Lotus Sametime with Lotus QuickPlace.
Lotus Sametime integration planning

You can integrate the awareness, instant messaging, and Web conferencing (Sametime meeting) features of Lotus Sametime with Lotus QuickPlace. Before you set up Lotus QuickPlace to work with Lotus Sametime, note the following points: v On the AIX operating system, you can install Lotus QuickPlace and Lotus Sametime on one partitioned Domino server or on separate Domino servers. On Windows, Solaris, and i5/OS, you must install Lotus QuickPlace and Lotus Sametime on separate Domino servers. v The Lotus QuickPlace and Lotus Sametime servers must reside in the same Domino domain and the same DNS domain. v You must enable single sign-on authentication for Lotus QuickPlace and for Lotus Sametime. v Sametime integration features are available only to external users registered in an LDAP directory, and not to local users. v You must configure Lotus QuickPlace and Lotus Sametime to use the same LDAP directory. In addition, you must configure Lotus QuickPlace to manage the lookups to the LDAP directory rather than configure Domino to manage the lookups. v If you use a Domino Directory as your LDAP Directory, use the Domino Directory on a different Domino server than either the Lotus QuickPlace or Lotus Sametime server. Then if you shut down one of the application servers (QuickPlace or Sametime), other servers continue to have access to the LDAP directory. The Lotus Sametime server requires access to the directory to run. v You can use Lotus QuickPlace 7.0 with Lotus Sametime versions 7.0 or 6.5.1. Using Lotus QuickPlace 6.5.1 with Lotus Sametime 7.0 is not supported. For information on updating Lotus Sametime integration features after you upgrade to Lotus QuickPlace 7.0, see the chapter Upgrading to Lotus QuickPlace 7.0. Note: The IBM Lotus Instant Messaging Limited Use version of Sametime is not supported for integration with Lotus QuickPlace.
Configuring the servers for Lotus Sametime integration

Perform the following steps to prepare Lotus QuickPlace 7.0 to work with Lotus Sametime 7.0. These steps assume you are integrating Lotus Sametime with a Lotus QuickPlace server for the first time. For information on upgrading Lotus Sametime integration features, see the chapter Upgrading to Lotus QuickPlace 7.0. For information on troubleshooting problems with Lotus Sametime integration with Lotus QuickPlace, see the Lotus QuickPlace Administrators Guide.
37
Note: These steps assume that you first installed Lotus Sametime or Lotus QuickPlace and are now integrating with the other product. If instead you are installing both of the products at the same time, you should set up multi-server session-based authentication (single sign-on) between the Domino servers before installing Lotus Sametime and Lotus QuickPlace on them. Using this approach, you can first isolate and solve any authentication problems that might arise between the Domino servers. 1. Make sure that you have installed or upgraded to Lotus QuickPlace 7.0. When prompted for the Lotus QuickPlace administrator name and password during a new installation, type a name that is not in the user directory. For information on installing or upgrading, see the chapters Installing Lotus QuickPlace or Upgrading to Lotus QuickPlace 7.0. 2. Connect Lotus QuickPlace to the same LDAP user directory that you will also use for Lotus Sametime. Both servers must use the same user directory. For more information on configuring a user directory, see the Lotus QuickPlace Administrators Guide. 3. Make sure that you have installed Lotus Sametime 7. For more information, see the Lotus Sametime installation guide that is appropriate for your platform, available on the Web at http://www.lotus.com/ldd/doc. The installation guides are also provided with the Lotus Sametime product. v On the Windows, Solaris, or i5/OS platforms, install Lotus Sametime 7.0 on a different Domino server than the server used for Lotus QuickPlace. v On AIX install on the same partitioned server used for Lotus QuickPlace or on a different server. v If you install Lotus Sametime on a different server, the server must be in the same Domino and DNS domain as the Lotus QuickPlace server. v When you are prompted for a user directory during Lotus Sametime installation, type the fully qualified host name of the directory server that you also use for Lotus QuickPlace. v Configure the Lotus Sametime server to use HTTP port 80 or to tunnel over port 80; this step is required for the awareness feature. 4. Verify that awareness and instant messaging are working for Lotus Sametime. If you plan to integrate Web conferencing (Sametime meetings) with Lotus QuickPlace, also verify that Web conferencing is working. 5. Update the Web SSO Configuration for Ltpa token document that was created when you installed Lotus Sametime: a. Ensure that the Domino Directory on the server has replicated throughout the Domino domain since you installed Lotus Sametime. b. Using Lotus Notes, open the Domino Directory on the Lotus Sametime server. c. Click the Configuration - Web - Web Configurations view. d. From within this view, expand the list of Web SSO Configurations. e. Open the Web SSO Configuration for Ltpa Token document in edit mode. If you cannot edit the document, record the settings in the document, delete the document, and then create a new one with the same settings. f. Make sure that the Domino Server Names field contains the name of each of the Lotus QuickPlace and Lotus Sametime servers that should participate in single sign-on. g. Make sure that the DNS Domain field contains the fully-qualified domain name of the Lotus QuickPlace and Lotus Sametime servers.
38
h. Click Keys - Create Domino SSO Keys if you want to create a new key for SSO. i. Click Save & Close. j. Replicate the edits to the Lotus QuickPlace server. 6. Enable single sign-on authentication on the Lotus QuickPlace server: a. From Lotus Notes, open the Domino Directory for the domain. b. Open the Server document for the Lotus QuickPlace server in edit mode. c. Click Ports - Internet Ports - Web and then in the Name & password field for the Web port select Yes. d. Click Internet Protocols - Domino Web Engine, in the Session authentication field select Multiple Servers (SSO), and then click OK. e. In the Web SSO Configuration field, select LtpaToken. f. Click Save & Close. g. Add the following setting to the notes.ini file on the Lotus QuickPlace server: NoWebFileSystemACLs=1 h. Create a database from the Domino Web Server Configuration template (domcfg5.ntf), giving the database the file name domcfg.nsf. i. Open the database you created and click Add Mapping to open a mapping document. j. In the Target Database field of the mapping document, type quickplace/resources.nsf. k. In the Target Form field, type QuickPlaceLoginForm, and then click Save & Close to save the document. 7. Restart the Domino servers. 8. Verify that single sign-on is working between Lotus QuickPlace and Lotus Sametime: a. From a browser, connect to the Lotus QuickPlace server. Because multi-server sign-on is enabled, you must enter the fully qualified host name to connect, for example, http://qpserver.acme.com/quickplace b. Sign on to Lotus QuickPlace using the name of an external user registered in the user directory. c. Create a test place and verify that you can add several members from the user directory. d. Using the same browser session, connect to the Lotus Sametime server. For example, enter http://stserver.acme.com/stcenter.nsf. e. Go to the Attend Meeting page and verify that you are still logged on to the server. If you can authenticate once and remain logged on to both Lotus QuickPlace and Lotus Sametime, multi-server sign-on is working. If you must authenticate more than once, multi-server sign-on is not working and you must resolve the problem before continuing. 9. Follow the instructions in the remainder of this chapter to enable Sametime awareness and instant messaging and Web conferencing (Sametime meetings) for Lotus QuickPlace.
Setting up Lotus Sametime awareness and instant messaging

After you have performed the steps in the topic Configuring the servers for Lotus Sametime integration, perform the following steps to enable online awareness and instant messaging for Lotus QuickPlace users:
39
Step 1: Copy the required Java files from the Lotus Sametime Java Toolkit:
1. Download the IBM Lotus Sametime 7.0 Java Toolkit to a convenient directory. This directory does not have to be on the Lotus Sametime server. Find the tookit on the Downloads section of the Lotus Sametime Developers Web site at http://www.ibm.com/developerworks/lotus/products/instantmessaging. 2. Unzip the download file to a convenient directory to access the contents of the bin subdirectory. 3. In the Lotus Sametime server data directory, create the subdirectory path Domino\html\QuickPlace\peopleonline. For example, on Windows, if the path to the data directory is C:\Lotus\Domino\Data, the path to the peopleonline subdirectory should be C:\Lotus\Domino\Data\Domino\html\QuickPlace\peopleonline. 4. (i5/OS only) Change the owner of the new subdirectories to QNOTES. For example, enter the following commands:
CHGOWN OBJ(<ST_server_data_dir>/Domino/html/QuickPlace) NEWOWN(QNOTES) CHGOWN OBJ(<ST_server_data_dir>/Domino/html/QuickPlace/peopleonline) NEWOWN(QNOTES)
5. Copy the files listed below to the QuickPlace\peopleonline subdirectory you just created on the Lotus Sametime server:
File name STComm.jar Copy from bin subdirectory of the Sametime Java Toolkit Copy to \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory
CommRes.jar
bin subdirectory of the Sametime Java Toolkit
PeopleOnline31.jar
On Windows, AIX, and Solaris, the QuickPlace subdirectory of the Lotus QuickPlace server data directory. For example: On Windows: C:\Lotus\Domino\Data\ QuickPlace\PeopleOnline31.jar On AIX and Solaris: /opt/notesdata/QuickPlace /PeopleOnline31.jar On i5/OS the following directory: /qibm/proddata/lotus/ quickplace/DATA/ QUICKPLACE/ PeopleOnline31.jar
6. Verify that the QuickPlace\peopleonline subdirectory contains the three files. 7. (i5/OS only) Enter the following command to ensure that QNOTES is the owner of each of the files:
40
CHGOWN OBJ(<ST_server_data_dir>/Domino/html/QuickPlace/peopleonline/*) NEWOWN(QNOTES)
Step 2: Specify the Lotus Sametime server for Lotus QuickPlace to use
1. In a browser, enter the URL of the Lotus QuickPlace server, using the fully distinguished host name. For example, enter http://qpserver.acme.com/QuickPlace 2. Click Sign In and type the user name and password of a Lotus QuickPlace administrator. 3. Click Server Settings in the table of contents. 4. Click Other Options in the table of contents. 5. Click Edit Options. 6. Under the Sametime Servers heading, type the URL for the Lotus Sametime server in the Sametime Community Server field, specifying the fully qualified host name of the Lotus Sametime server, for example http://stserver.acme.com. Note: If your Lotus Sametime server is configured to use Secure Sockets Layer (SSL), type https:// in the URL rather than http://, otherwise users see a warning each time they open a page in a place. 7. Click Next. 8. Wait a few minutes for the setting to take effect, or restart the Lotus QuickPlace server to enable awareness and instant messaging immediately .
Step 3: Verify that places are enabled for awareness and instant messaging
1. Verify the Lotus QuickPlace settings: a. Sign in to a place as a Manager. b. Click Customize. c. Click Basics. d. Click Change Basics. e. On the Change Basics page, scroll down to the bottom. Under the Real-time collaboration heading, make sure the box next to Members can see who is online and send instant messages is checked. f. Click Done. 2. To verify that awareness is working, sign in to a place as an external user and check for the awareness icon next to your sign in name. Note: You must sign in as an external user. Sametime features are not available to local users. 3. To verify that instant messaging is working, find a document that was created by a user listed as online and click the users name. Then select Chat, or click the Chat link beside your name in the top left corner of the screen.
Setting up Lotus Sametime Web conferencing

After you have performed the steps in the topic Configuring the servers for Lotus Sametime integration, perform the following steps if you want to enable Web conferencing (Sametime meetings) for Lotus QuickPlace users.
41
Step 1: Configure a user for Lotus Sametime integration

1. Register a user with an Internet password in the Domino Directory on the Lotus Sametime server. Use this name only for integration of Lotus Sametime with Lotus QuickPlace. 2. Add the name of that user to the access control list (ACL) of the STConfig.nsf database on the Lotus Sametime server. Assign the user name Manager access, the Person user type, and the [SametimeAdmin] role. For more information on database ACLs, see Domino Administrator Help. 3. Shut down and restart the Lotus Sametime server.
Step 2: Copy required files

1. Copy the files from the Lotus Sametime server to the Lotus QuickPlace server, as described in the following tables: On Windows:
File STMtgManagement.jar Copy from Copy to
Domino program directory of Domino program directory of the the Lotus Sametime server, for Lotus QuickPlace server, for example: example: C:\Program Files\Lotus\Domino C:\Program Files\Lotus\Domino Domino program directory of the Lotus QuickPlace server. Domino program directory of the Lotus QuickPlace server. Domino program directory of the Lotus QuickPlace server
STCore.jar
Domino program directory of the Lotus Sametime server.
ServiceLocator.properties Domino program directory of the Lotus Sametime server. sametime.ini Domino program directory of the Lotus Sametime server.
On AIX:
Domino program directory of Domino program directory of the the Lotus Sametime server, for Lotus QuickPlace server, for example: example: /opt/lotus/notes/<latest>/ ibmpow/ /opt/lotus/notes/<latest>/ ibmpow/ Domino program directory of the Lotus QuickPlace server. Lotus QuickPlace server data directory, for example: /opt/notesdata Lotus QuickPlace server data directory.
STCore.jar
ServiceLocator.properties Lotus Sametime server data directory, for example: /opt/notesdata sametime.ini Lotus Sametime server data directory.
42
On Solaris:
Domino program directory of Domino program directory of the the Lotus Sametime server, for Lotus QuickPlace server, for example: example: /opt/lotus/notes/<latest>/ sunspa/ /opt/lotus/notes/<latest>/ sunspa/ Domino program directory of the Lotus QuickPlace server. Lotus QuickPlace server data directory, for example: /opt/notesdata Lotus QuickPlace server data directory.
STCore.jar
On i5/OS:
File Copy from Copy to The following recommended directory on the i5/OS server on which you installed Lotus QuickPlace: /QIBM/UserData/Lotus/ QuickPlace/
STMtgManagement.jar The following directory on i5/OS server where you installed Lotus Sametime: /qibm/proddata/lotus/ sametime STCore.jar
The following directory on the The following recommended i5/OS server where you directory on the i5/OS server on installed Lotus Sametime: which you installed Lotus QuickPlace: /qibm/proddata/lotus/ sametime /QIBM/UserData/Lotus/ QuickPlace/ Lotus QuickPlace server data directory. Lotus QuickPlace server data directory.
ServiceLocator.propertiesLotus Sametime server data directory. sametime.ini Lotus Sametime server data directory.
2. (i5/OS only) Use the CHGOWN command to change the owner of the files copied in the previous step to QNOTES. For example, enter the following commands:
CHGOWN OBJ(/qibm/userdata/lotus/quickplace/ST*) NEWOWN(QNOTES) CHGOWN OBJ(<QP_server_data_directory>/sametime.ini) NEWOWN(QNOTES) CHGOWN OBJ(<QP_server_data_directory>/ServiceLocator.properties) NEWOWN(QNOTES)
3. On the Lotus QuickPlace server, edit the JavaUserClassesExt setting in the notes.ini file. v On Windows, add the text indicated in bold below to the setting. Where a path is indicated, substitute your own Domino program directory path. JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=C:\PROGRAM FILES\LOTUS\DOMINO\quickplace.jar
43
QPJC2=C:\PROGRAM FILES\LOTUS\DOMINO\log4j-118compat.jar QPJC3=C:\PROGRAM FILES\LOTUS\DOMINO\STCore.jar QPJC4=C:\PROGRAM FILES\LOTUS\DOMINO\STMtgManagement.jar v On AIX, add the text indicated in bold below to the setting. Where a path is indicated, substitute your own Domino program directory path. JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=/opt/lotus/notes/<latest>/ibmpow/quickplace.jar QPJC2=/opt/lotus/notes/<latest>/ibmpow/log4j-118compat.jar QPJC3=/opt/lotus/notes/< latest >/ibmpow/STCore.jar QPJC4=/opt/lotus/notes/< latest >/ibmpow/STMtgManagement.jar v On Solaris, add the text indicated in bold below to the setting. Where a path is indicated, substitute your own Domino program directory path. JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=/opt/lotus/notes/<latest>/sunspa/quickplace.jar QPJC2=/opt/lotus/notes/<latest>/sunspa/log4j-118compat.jar QPJC3=/opt/lotus/notes/ <latest >/sunspa/STCore.jar QPJC4=/opt/lotus/notes/ <latest >/sunspa/STMtgManagement.jar v On i5/OS, add the text indicated in bold below, assuming you added the STMtgManagement.jar and STCore.jar files to the recommended directory: JavaUserClassesExt=LQPJava1,LQPJava2,LQPJava3,LQPJava4 LQPJava1=/QIBM/ProdData/Lotus/QuickPlace/quickplace.jar LQPJava2=/QIBM/ProdData/Lotus/QuickPlace/log4j-118compat.jar LQPJava3=/QIBM/UserData/Lotus/QuickPlace/STCore.jar LQPJava4=/QIBM/UserData/Lotus/QuickPlace/STMtgManagement.jar
Step 3: Configure the qpconfig.xml file

1. Look for the qpconfig.xml file in the Lotus QuickPlace server data directory. If there is no qpconfig.xml file, make a copy of the qpconfig_sample.xml file and name the copy qpconfig.xml. 2. Open the qpconfig.xml file with a text editor. 3. Make sure there is a <sametime> section in the file. If there is no <sametime> section, copy that section from the qpconfig_sample.xml file. 4. If the following lines exist in the<sametime> section of the file, remove them to enable the settings in the <sametime> section:

44
5. Within the <credentials> element, type the distinguished name and Internet password of the user you created in the Domino Directory in step 1, for example:
<sametime ldap="true"> <meetings invite_servers="false"> <tools> <audio enabled="true"/> <video enabled="true"/> </tools> <credentials> <dn>cn=John Doe/o=acme</dn> <password>xw356l78</password> </credentials> </meetings> </sametime>
6. Specify other <sametime> settings as needed: v If the Lotus Sametime server is configured to invite other Lotus Sametime servers to meetings, set invite_servers=true in the <meetings> element to support that feature in Lotus QuickPlace. v If you do not want to use audio Web conferencing features, set the audio enabled attribute to false in the <tools> element. v If you do not want to use Web conferencing video features, set the video enabled attribute to false in the <tools> element. 7. Save the qpconfig.xml file and restart the server for the settings to take effect.
Step 4: Specify the Lotus Sametime server for Lotus QuickPlace to use
1. In a browser, enter the URL of the Lotus QuickPlace server, using the fully distinguished host name. For example, enter http://qpserver.acme.com/QuickPlace 2. Click Sign In and type the user name and password of a Lotus QuickPlace administrator. 3. Click Server Settings in the table of contents. 4. Click Other Options in the table of contents. 5. Click Edit Options. 6. Under the Sametime Servers heading, type the URL for the Lotus Sametime server in the Sametime Meeting Server field, specifying the fully qualified host name of the Lotus Sametime server, for example, http://stserver.acme.com. Note: If your Lotus Sametime server is configured to use Secure Sockets Layer (SSL), type https:// in the URL rather than http://, otherwise users see a warning each time they open a page in a place. 7. Click Next.
Step 5: Verify that place members can schedule Web conferences

1. 2. 3. 4. Sign on to a place as a Manager. Click Customize. Click Basics. Click Change Basics.
45
5. Scroll down to the bottom of the Change Basics page. Under the Real-time collaboration heading, make sure Members can schedule online meetings is checked. 6. Click Done. 7. To test that members can schedule online meetings , create a calendar entry in a Place. 8. From the place, choose Calendar - New - Online Meeting. 9. Fill in the relevant fields, and then click Publish. Users who subscribe to calendar events should receive an invitation in their mail, with a link to the meeting. For more information on subscribing to calendar events, click Help in a place.
46
Chapter 5 Upgrading to Lotus QuickPlace 7.0

This chapter provides instructions for upgrading Lotus QuickPlace 3.0, 3.0a, 3.0.1, or 6.5.1 to Lotus QuickPlace 7.0. Upgrading from Lotus QuickPlace version 2 is not supported.
Upgrading and new features in Lotus QuickPlace 7.0

Note the following points about new features when upgrading to Lotus QuickPlace 7.0. v If you use the qpconfig.xml file use_login_passwords=true setting, users of offline places that were created prior to version 7.0 must select the option Do not use a separate offline password in their Member Profiles of their offline places to enable the feature. v If you upgrade from a previous version of Lotus QuickPlace, the upgrade process preserves the existing user directory configuration in which Lotus QuickPlace manages the directory lookups. If you want to switch to Domino management of directory lookups, you can do so at any time. For more information, see the Lotus QuickPlace Administrators Guide.
Features introduced in Lotus QuickPlace 6.5.1

If you are upgrading Lotus QuickPlace 3.0. 3.0a, or 3.0.1 to Lotus QuickPlace 7.0, you might be interested in the following features that were introduced in Lotus QuickPlace 6.5.1 and that are included with Lotus QuickPlace 7.0. For a description of new features introduced in Lotus QuickPlace 7.0, see the chapter Getting Started.
New features for administrators in release 6.5.1

The following features for administrators were introduced in release 6.5.1. For more information on these features, see the Lotus QuickPlace Administrators Guide.
Expanded membership feature

The expanded membership feature supports up to 4000 individual members of a place. In previous releases, places were limited to approximately 300 to 900 individual members.
Performance enhancements
The following performance enhancements result in quicker page loading. New method for retrieving system images Lotus QuickPlace takes advantage of Dominos HTTP-accessible data directories by accessing system images from the file system. In previous releases system images were accessed from the resources.nsf database. As a result of this change, pages that use system images heavily, for example the Edit Page, load much more quickly than in previous releases. For backward compatibility, system images are stored in resources.nsf as well as in the file system. Page compression Lotus QuickPlace compresses the HTML and text content in pages it transmits to clients if the browser supports compression. The compression reduces the size of HTML transmissions to 30% or less of the uncompressed size,
47
with the result that users can open large pages more quickly than in previous releases. Only HTML and text content is compressed, not images or attachments. Page compression is enabled by default, but you can disable it using the new qpconfig.xml setting page_compression.
New security features

Lotus QuickPlace provides new security features that allow you to block specific protocols referenced in link URLs, and to block imports of files that contain cross-site scripts.
New My Places settings

Use the new place_links setting to control whether Lotus QuickPlace opens a place accessed through My Places in the current browser window or in a new browser window.
New setting for disabling browser page caching

As a security measure, you can use the new qpconfig.xml setting browser_caches_place_content to prevent Lotus QuickPlace from caching pages on the browser that contain user data. Pages that do not contain user data are still cached by the browser. This setting is effective on all supported browsers.
New features for users in release 6.5.1

The following features for users were introduced in release 6.5.1. For more information on these features, see the Help.
Support for importing and publishing Office 2003 documents

Office integration features are upgraded to include the same level of support for Office 2003 documents. This includes the ability to: v v v v Import Office 2003 documents into Lotus QuickPlace Create and view Office 2003 documents within Lotus QuickPlace Perform editing round trips on Office 2003 pages Create and use Office forms based on imported Office 2003 documents
The specific Office 2003 applications supported are Microsoft Word, Microsoft PowerPoint, and Microsoft Excel. If you have multiple versions of Office, or mixed versions of Office applications, Lotus QuickPlace seeks to use them in the following order: 2003, XP, and 2000.
Updated pages show last editor

In previous, a page creators name and the date that the page was last modified displayed at the top of the page. Even if another editor updated the page, the page creators name still displayed. In this release a Created By field shows the name of the page creator and the date it was published. An Updated By field displays below the Created By field. The Updated By field shows the name of the most recent editor and the date of most recent update.
Lotus QuickPlace 7.0 upgrade process

You can upgrade Lotus QuickPlace 3.0, 3.0a, 3.0.1, or 6.5.1 to Lotus QuickPlace 7.0. The process of upgrading a server and places is separated into independent stages. This separation minimizes the downtime required to upgrade. After you upgrade a server to Lotus QuickPlace 7.0, you can choose to upgrade places and PlaceTypes
48
to enable new features in them when it is convenient. Users can continue to work in their existing places before you upgrade places and PlaceTypes, and can continue to create new places and PlaceTypes, as long as they do not use existing places or PlaceTypes to create them. The existing places remain available except when they are locked for the relatively short time when they are being upgraded. In a non-cluster environment, Lotus QuickPlace 7.0 servers can coexist in the same Domino domain as Lotus QuickPlace 3.0, 3.0a, 3.0.1, or Lotus QuickPlace 6.5.1 servers. Coexistence between version 3 servers and version 7.0 servers is supported only during the limited process of upgrading. Servers in a cluster should all run version 7.0. If you are upgrading in a cluster environment, see the topic Upgrading Lotus QuickPlace in a cluster. If you are upgrading in a non-cluster environment, see the topic Upgrading Lotus QuickPlace in a non-clustered environment.
Upgrading Lotus QuickPlace in a non-clustered environment

To upgrade to Lotus QuickPlace 7.0 in a non-clustered environment, perform the following steps: 1. Back up places and PlaceTypes. 2. Upgrade the server to Lotus QuickPlace 7.0. 3. Upgrade the design of databases on the server. 4. Upgrade the places and PlaceTypes. 5. Unregister and then re-register places with the Place Catalog. 6. If there are offline users, clear the browser cache on offline clients before installing places offline in Lotus QuickPlace 7.0 7. Upgrade the on-disk structure of places. 8. Update Lotus Sametime integration features, if used.
Upgrading Lotus QuickPlace servers in a cluster

You should upgrade all servers in a cluster to Lotus QuickPlace 7.0. Lotus QuickPlace 7.0 interoperation with earlier versions of Lotus QuickPlace is supported only in non-cluster environments. To upgrade Lotus QuickPlace servers in a cluster, perform the following steps: 1. Back up places and PlaceTypes. 2. Stop one Lotus QuickPlace server in the cluster. If you are using Network Dispatcher, redirect HTTP traffic to the other cluster members. 3. Upgrade the server that you stopped to Lotus QuickPlace 7.0. 4. Restart the server, and disable replication between it and other cluster members. 5. Follow steps 1 through 4 with each server in the cluster. Do not allow Lotus QuickPlace 3.0 or higher servers or Lotus QuickPlace 6.5.1 servers to replicate with Lotus QuickPlace 7.0 servers. 6. When all servers in the cluster are running Lotus QuickPlace 7.0, reenable cluster replication and enable qptool replicamaker between the servers. For more information on qptool replicamaker, see theLotus QuickPlace Administrators Guide. 7. Use the QPTool upgrade -server command on only one server in the cluster to upgrade the design of databases. Let replication pass the design upgrades to all servers. At this point you can make the cluster accessible to users again.
49
8. Use the QPTool upgrade -a command on only one server in the cluster to upgrade places and PlaceTypes. Then delete the PlaceTypes on all the other servers and let the upgraded PlaceTypes replicate throughout the cluster. After replication, sign in to each server as an administrator and refresh the list of PlaceTypes. 9. Use the QPTool unregister and register commands on all servers in the cluster to unregister and then re-register all places. 10. If there are offline users, clear the browser cache on offline clients before installing places offline in Lotus QuickPlace 7.0 11. Upgrade the on-disk structure of places. 12. Update Lotus Sametime integration features, if used.
Backing up places and PlaceTypes

Places and PlaceTypes are assets that are critical to your organization. Before you upgrade to Lotus QuickPlace 7.0, perform the following steps to back up places and PlaceTypes: 1. Make backup copies of all the places and PlaceTypes on the server. Save the backup copies to different media from the media your organization uses for its standard backup process. Do not rely solely on your organizations standard backup process, because it might delete backup copies too quickly. 2. Verify the backup media by restoring it. If this step is not possible, make duplicate backup copies. 3. Save the backup copies in a secure location for at least several months.
Upgrading the server to Lotus QuickPlace 7.0

To upgrade a server to Lotus QuickPlace 7.0, perform the appropriate procedure for your operating system.
Upgrading the Lotus QuickPlace server (Windows)

Perform the following steps to upgrade a server to Lotus QuickPlace 7.0 on the Windows operating system: 1. Read the Lotus QuickPlace Release Notes for Lotus QuickPlace 7.0 at www.lotus.com/ldd/doc for system requirements and other important Lotus QuickPlace installation information. 2. If you are upgrading a Lotus QuickPlace server that is set up for offline use, offline users should perform the following steps on their clients before you upgrade the server: a. Synchronize the offline places with the server. b. Uninstall Sync Manager. Click Start - Programs - Lotus Domino Sync Manager - Uninstall Lotus Domino Sync Manager. Note: Users will need to re-install places offline after the upgrade is complete. 3. Stop the Domino server if it is running. 4. Stop any other Windows programs that are running. 5. Upgrade the Domino server to Domino 7.0. For instructions, see Domino Administrator Help available on the Web at www.lotus.com/ldd/doc. Note: If you start the Domino server before upgrading the Lotus QuickPlace server, ignore the java.dll could not be found error message if it is displayed. After you upgrade to Lotus QuickPlace 7.0 the error will not be displayed.
50
6. Perform the following steps to upgrade Lotus QuickPlace: a. Insert and start the Lotus QuickPlace installation CD. If you are installing Lotus QuickPlace from a network drive, navigate to the directory with the Lotus QuickPlace installation kit. b. Double-click Setup.exe. c. In the Software License Agreement window, click Accept. d. In the Welcome window, click Next. e. In the Choose Destination Location window, select the directory that holds the Domino program files, and then click Next. f. In the Start Copying Files window, review the directory path names that are displayed, and if they are correct, click Next to begin the installation. g. After installation is complete, in the QuickPlace Server Configuration window, click Next. 7. In the Congratulations dialog box, click Finish.
Upgrading the Lotus QuickPlace server (AIX and Solaris)

Perform the following steps to upgrade a server to Lotus QuickPlace 7.0 on the AIX or Solaris operating systems: 1. Read the Lotus QuickPlace Release Notes for Lotus QuickPlace 7.0 at www.lotus.com/ldd/doc for system requirements and other important installation information. 2. If you are upgrading a Lotus QuickPlace server that is set up for offline use, offline users should perform the following steps on their clients before you upgrade the server: a. Synchronize the offline places with the server. b. Uninstall Lotus Domino Sync Manager. Note: Users will need to re-install places offline after the upgrade is complete. 3. Upgrade the Domino server to Domino 7.0. For instructions, see Domino Administrator Help available on the Web at www.lotus.com/ldd/doc. Note: If you start the Domino server before upgrading the Lotus QuickPlace server, ignore the java.dll could not be found error message if it is displayed. After you upgrade to Lotus QuickPlace 7.0 the error will not be displayed. 4. Perform the following steps to upgrade Lotus QuickPlace: a. Stop the Domino server. b. Open a terminal window and log in to the server as a root user. c. Navigate to the directory that contains the Lotus QuickPlace installation kit. d. Enter this command to start the Lotus QuickPlace installation:
./install
e. When prompted, type the number that corresponds to the language in which you prefer to read the Lotus Software Agreement. Press Enter to continue, then press Enter again to display the license agreement. f. When you have read the agreement, press 1 to accept the agreement and continue with the installation.
51
Note: Many of the following steps require that you accept a default or type a new value. To change a default, press Enter and type a new value. After you enter a new setting, press Enter to accept the change and continue with the installation. g. Specify the Domino program directory as the directory where the Lotus QuickPlace program files will be installed. The default Domino program directory is opt/ibm/lotus. You must install the Lotus QuickPlace program files to the directory that holds the Domino program files. Press TAB to continue. h. Specify the Domino data directory as the directory where the Lotus QuickPlace data files will be installed. The default Domino data directory is /local/notesdata. You must install the Lotus QuickPlace data files into the directory that holds the Domino data files. Press TAB to continue. i. Specify the UNIX user who will own the Lotus QuickPlace server files. This must be the same user who owns the Domino server files. j. Specify the UNIX group that will own the Lotus QuickPlace server files. This must be the same group that owns the Domino server files. The UNIX user specified in the previous step must be a member of this group. k. When the installation program displays Configuration of the Install program is complete, press TAB to review your installation settings. For example: v Installation type: New Upgrade. v Program directory: /opt/ibm/lotus v Data directory: /local/notesdata v UNIX user: UNIX user v UNIX group: UNIX group l. Press TAB to install Lotus QuickPlace.
Upgrading the Lotus QuickPlace server (i5/OS)

This procedure describes how to upgrade your Lotus QuickPlace server to Release 7.0 if you are already running a Domino server, and QuickPlace 3.0, 3.0a (English only), 3.0.1, or 6.5.1 is installed on top of your Domino server. To upgrade from QuickPlace 3.0, 3.0a (English only), 3.0.1, or 6.5.1 to Lotus QuickPlace 7.0 on i5/OS, follow these steps: 1. End any existing Domino servers on your system. After ending the servers, be sure that any active Domino subsystems are also ended. 2. Delete any QuickPlace hotfixes if they are installed. To see a list of QuickPlace hotfixes, type the following i5/OS command and press Enter:
DSPPTF LICPGM(5733LQP)
To delete the hotfixes, type the following command and press Enter:
RMVPTF LICPGM(5733LQP) SELECT(PTF#)
3. Delete the QuickPlace licensed program by typing the following command and pressing Enter:
DLTLICPGM LICPGM(5733LQP)
4. Upgrade your Lotus QuickPlace server to Domino 7. For more information on installing Domino 7 and upgrading your server, see the book Installing and Managing Domino 7 for i5/OS. 5. Prepare the Domino 7 server for the addition of Lotus QuickPlace.
52
v Install the Domino 7 update that is included on your Lotus QuickPlace 7.0 media. See the Readme.html file for detailed instructions. v If you plan to install Lotus QuickPlace in a language other than English, visit the Lotus QuickPlace for i5/OS Web site at the following address for a link to the latest information regarding Domino 7 language versions and the additional steps that may be necessary to prepare the Domino server for your preferred language: http://www.ibm.com/eserver/iseries/QuickPlace v Start the Domino server and use Domino Administrator to edit the Server document. Verify that the Fully qualified internet host name field on the Basics tab contains the fully qualified name of the Domino server and not the name of the system. If necessary, edit the field and save the Server document. Before proceeding to the next step, end the Domino server. 6. Insert the Lotus QuickPlace for i5/OS CD in your systems optical drive. 7. On any i5/OS command line, type the following command and press F4:
LODRUN
8. On the LODRUN display, type the following value in the Device field and press Enter:
*opt
9. In the Directory field, type the following value and press Enter:
/os400
10. When the Lotus QuickPlace option screen appears, type a 1 beside the Lotus QuickPlace product option and press Enter to begin the installation. The system loads the Lotus QuickPlace programs to the appropriate system libraries and /QIBM directories. You will see status messages as the system installs the software. Note: If you already have Domino installed on your system and the server ID files are password protected, you will be prompted to enter the password. After the password has been entered, press Enter to continue with the installation of Lotus QuickPlace. If your server ID file has multiple passwords, the passwords must be entered one at a time. 11. If you prefer to use a non-English version of Lotus QuickPlace, you should install the Lotus QuickPlace Language Pack at this time. The Language Pack can either be installed from CD-ROM or downloaded from the Web. Language Pack installation instructions are included with the Language Pack as file Read1st.txt. 12. Start the Lotus QuickPlace server. Note: When you start the Domino server you also start the Lotus QuickPlace server. 13. Upgrade the design of all databases on the server. See the topic Upgrading the design of databases on the server later in this chapter. 14. Upgrade places and PlaceTypes. See the topic Upgrading places and PlaceTypes later in this chapter. 15. Register the server and all places with the Place Catalog. See the topic Registering places with the Place Catalog later in this chapter. Note: Old PlaceTypes cannot be used to create new places, and old places cannot be used to create new PlaceTypes. Old places cannot be refreshed from their PlaceTypes, and old PlaceTypes cannot be refreshed from their places, until both are upgraded.
53
Upgrading the design of databases on the server

Before you upgrade places and PlaceTypes, use the QPTool upgrade command to upgrade the design of all databases on the Lotus QuickPlace server. To upgrade the design of databases: 1. From the Domino server console, enter the following command:
load qptool upgrade -server
2. When the upgrade is finished, the qptool.upgrade.xml file is created in the Domino program directory by default. This file indicates if the upgrade was successful. It contains the following xml:
<?xml version="1.0"?> <service> <servers> <server> <hostname>servername</hostname> <placetypes /> <places /> <action_status action="upgrade"> <code>code number(0 if successful)</code> <message>error message(if theres an error)</message> </action_status> </server> </servers> </service>
Upgrading places and PlaceTypes

After you have upgraded the design of databases on the server, use the QPTool upgrade command to upgrade places and PlaceTypes created prior to Lotus QuickPlace 7.0 installation. After you upgrade places and PlaceTypes, all Lotus QuickPlace 7.0 features work in them. Keep the following points in mind when upgrading places and PlaceTypes: v You can upgrade only places and PlaceTypes that are Lotus QuickPlace version 3.0 or later. v Prior to upgrading places and PlaceTypes, you cannot use existing places or PlaceTypes to create new places or PlaceTypes. v If you upgrade places and PlaceTypes incrementally (using -p or -pt), upgrade places first, then PlaceTypes. You cannot change or refresh PlaceTypes until they are upgraded. Instruct users not to change or refresh PlaceTypes until all PlaceTypes are upgraded. v When a place is upgraded, the user interface components SiteMapLauncher and MyPlaces are not added to custom themes. Place managers must add these components themselves. For information on user interface components, see the Lotus QuickPlace Developers Guide. v A place is locked while it is being upgraded. If you upgrade multiple places at the same time, only one place is locked at a time. v To log server activities related to upgrading places and PlaceTypes, use the notes.ini setting QuickPlaceUpgradeLogging=value, where value is a number from 1 to 4. Enable upgrade logging only temporarily to aid in troubleshooting. To upgrade places and PlaceTypes, enter the following command from the Domino server console:
load qptool upgrade arguments
The following table describes the arguments you can use with the command.
54
For more information on QPTool commands see the Lotus QuickPlace Administrators Guide.
Argument -? -server Description Prints help on the command. Runs the design task for all data on the server. Use this command right before you upgrade all places and PlaceTypes with qptool upgrade -a command or multiple specified places and PlaceTypes with -p or -pt arguments. This command provides optimal performance when you upgrade a large number of places and PlaceTypes. Upgrades all places and PlaceTypes on the server. Runs upgrade even if system has not detected it needs to be run or even if it has detected the database version does not support upgrade. Upgrades a specified place or a list of places that are separated by spaces. Upgrades a specified PlaceType or a list of PlaceTypes that are separated by spaces. If the place from which the PlaceType was created still exists, upgrade the place before upgrading the PlaceType. XML input file that specifies the places and PlaceTypes to upgrade. XML output file that logs the results of the command. By default the command logs results to qptool.upgrade.xml in the server program directory. Check the output file for any upgrade errors.
-a -f
-p place(s) -pt PlaceType(s)
-i -o
Examples of the upgrade command

The following table provides examples of using the upgrade command.
Task Command
Run the design task on the server to >load qptool upgrade -server upgrade the design of databases before upgrading multiple places and PlaceTypes. Upgrade all places and PlaceTypes on >load qptool upgrade -a the server. Upgrade all places and PlaceTypes on >load qptool upgrade -a -f the server to the current release. Upgrade place P1. Upgrade place P1 to the current release. Upgrade PlaceTypes PT1, PT2, and PT3 and log results to the XML output file qptool.myupgrade.xml. >load qptool upgrade -p P1 >load qptool upgrade -p P1 -f >load qptool upgrade -pt PT1 PT2 PT3 -o qptool.myupgrade.xml
When the upgrade is finished, the file qptool.upgrade.xml is created by default in the Domino program folder. This file indicates whether the upgrade was successful. It contains the following xml:
55
<?xml version="1.0"?> <service> <servers> <server> <hostname>servername</hostname> <placetypes /> <places> <place> <name>placename</name> <action_status action="upgrade"> <code>code number(0 if successful)</code> <message>error message(if theres an error)</message> </action_status> </place> </places> </server> </servers> </service>
Unregistering and re-registering places with the PlaceCatalog

After you have upgraded places and PlaceTypes, use the QPTool unregister command to unregister upgraded places with the Place Catalog. Then use the QPTool register command to re-register the places. The unregister step, which is a new step for upgrades in version 7.0, is required to update My Places information in the Place Catalog as well as to add new fields to the Place Catalog. For more information on the QPTool register command, see the Lotus QuickPlace Administrators Guide. Note: Place names in the Place Catalog must be unique. If your configuration allows for a single Place Catalog across multiple servers, you might receive an error if a name already exists when you attempt to register a place. Change the unregistered place name to a unique name by copying the place directory to a uniquely named directory. For more information, see the chapter Setting up the Place Catalog in the Lotus QuickPlace Administrators Guide. Perform the following steps to unregister and then re-register places: 1. From the Domino server console, enter any the following commands to unregister a place or places: To unregister a specific place with the Place Catalog:
load qptool unregister -p placename -placecatalog
To register all places on the server with the Place Catalog:

load qptool unregister -a -placecatalog
2. From the Domino server console, enter any the following commands to re-register a place or places: To re-register a specific place with the Place Catalog:
load qptool register -p placename -placecatalog
To register all places on the server with the Place Catalog:

load qptool register -a -placecatalog
3. When unregistration or registration is finished, the file qptool.register.xml is created by default in the Domino program directory. This file indicates whether the command was successful, for example:
<?xml version="1.0"?> <service> <servers> <server>
56
<hostname>servername</hostname> <places> <place> <name>placename</name> <action_status action="RegisterInPlaceCatalog"> <code>code number(0 if successful)</code> <message>error message(if theres an error)</message> </action_status> </place> </places> </server> </servers> </service>
Clearing the browser cache on offline clients

Offline users should perform the following steps to clear the browser cache on their clients, before installing places offline with Lotus QuickPlace 7.0 To 1. 2. 3. 4. 5. clear the browser cache: From Internet Explorer, choose Tools - Internet Options - Delete Files. Click Delete all offline content and click OK. Click Tools - Internet Options - Settings - View Objects. Delete LotusDRSControlClass. Re-open the browser.
Upgrading the on-disk structure of places

Perform the following steps to use the Files tab of the Domino Administrator to run the Compact task on the databases of existing places. Compacting the databases upgrades their on-disk structure (ODS) to the Domino 7.0 format to take advantage of database performance improvements. For more information on the Compact task and how to run it, see Domino Administrator Help. 1. From the Domino Administrator, in the Server pane select the Domino server that runs Lotus QuickPlace. 2. Click the Files tab. 3. Select the databases associated with places in the previous Lotus QuickPlace release. 4. In the Tools pane at the right, select Database - Compact. Or drag the selected database(s) to the Compact tool. 5. (Optional) Select options to control how the Compact task runs. 6. Click OK.
Updating Lotus Sametime integration features

After you upgrade a Lotus QuickPlace server to version 7.0, you can upgrade Lotus Sametime integration features on the Lotus QuickPlace server. A Lotus QuickPlace 7.0 server can work with a Lotus Sametime 6.5.1 server or a Lotus Sametime 7.0 server. If you plan to upgrade to Lotus Sametime 7.0, upgrade to Lotus QuickPlace 7.0 first. After you upgrade to Lotus QuickPlace 7.0, perform the steps in the topics Updating integration features after upgrading to Lotus QuickPlace 7.0 and Verifying Lotus Sametime integration is working. If you upgrade to Lotus Sametime 7.0, perform the steps in the topics Updating integration features after upgrading to Lotus Sametime 7.0 and Verifying that Lotus Sametime integration
57
is working. These steps assume that Lotus QuickPlace server was operating successfully with the Lotus Sametime server prior to the upgrade. Note: Using a Lotus QuickPlace 6.5.1 server with a Lotus Sametime 7.0 server is not supported.
Updating integration features after upgrading to Lotus QuickPlace 7.0

Perform the following steps after you upgrade to Lotus QuickPlace 7.0 1. To update awareness and instant messaging integration, copy the PeopleOnline31.jar file from the Lotus QuickPlace server to the Lotus Sametime server as described in the following table. Replace the existing file.
File name PeopleOnline31.jar Copy from On Windows, AIX, and Solaris, the QuickPlace subdirectory of the Lotus QuickPlace server data directory. For example: On Windows: C:\Lotus\Domino\Data\ QuickPlace\PeopleOnline31.jar On AIX and Solaris: /opt/notesdata/QuickPlace/ PeopleOnline31.jar On i5/OS the following directory: /qibm/proddata/lotus/ quickplace/DATA/ QUICKPLACE/ PeopleOnline31.jar Copy to \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory.
2. (i5/OS only) Enter the following command to ensure that QNOTES is still the owner of the file:
Note: No steps are required to update Web conferencing integration after you upgrade the Lotus QuickPlace server. 3. Perform the steps described in the topic Verifying that Lotus Sametime integration is working.
Updating integration features after upgrading to Lotus Sametime 7.0

If you upgrade to Lotus Sametime 7.0, update the awareness and instant messaging integration and then the Web conferencing (Sametime meeting) integration. For information on upgrading to Lotus Sametime 7.0, see the Lotus Sametime Installation Guide for your server platform, which is available at http://www.lotus.com/ldd/doc. To update the awareness and instant messaging integration: To update the awareness and instant messaging configuration after the upgrade to Lotus Sametime 7.0:
58
1. Download the IBM Lotus Sametime 7.0 Java Toolkit to a convenient directory. This directory does not have to be on the Lotus Sametime server. Click the Toolkits link on the Downloads section of the Lotus Sametime Developers Web site at http://www.ibm.com/developerworks/lotus/products/instantmessaging. 2. Unzip the download file to a convenient directory to access the contents of the bin subdirectory. 3. Copy the files listed below to the QuickPlace\peopleonline subdirectory on the Lotus Sametime server:
File name STComm.jar Copy from bin subdirectory of the Sametime Java Toolkit Copy to \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory \Domino\html\QuickPlace\ peopleonline subdirectory of the Lotus Sametime server data directory
CommRes.jar
bin subdirectory of the Sametime Java Toolkit
4. (i5/OS only) Enter the following command to ensure that QNOTES is the owner of each of the files:
To upgrade the Web conferencing integration: To upgrade the Web conferencing integration after the upgrade to Lotus Sametime 7.0: 1. Open the notes.ini file on the Lotus QuickPlace server. 2. Edit the JavaUserClassesExt setting in the notes.ini file; note that the entries for the xercesImpl.jar, xalan.jar, xml-apis.jar, and ibmjsee.jar files are no longer needed for Lotus Sametime 7.0 and should be removed: v (Windows) Edit the JavaUserClassesExt setting so it appears as follows; where a path is indicated, substitute your own Domino program directory path. JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=C:\PROGRAM FILES\LOTUS\DOMINO\quickplace.jar QPJC2=C:\PROGRAM FILES\LOTUS\DOMINO\log4j-118compat.jar QPJC3=C:\PROGRAM FILES\LOTUS\DOMINO\STCore.jar QPJC4=C:\PROGRAM FILES\LOTUS\DOMINO\STMtgManagement.jar v (AIX) Edit the JavaUserClassesExt setting so it appears as follows; where a path is indicated, substitute your own Domino program directory path. JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=/opt/lotus/notes/<latest>/ibmpow/quickplace.jar QPJC2=/opt/lotus/notes/<latest>/ibmpow/log4j-118compat.jar QPJC3=/opt/lotus/notes/<latest>/ibmpow/STCore.jar QPJC4=/opt/lotus/notes/<latest>/ibmpow/STMtgManagement.jar v (Solaris) Edit the JavaUserClassesExt setting so it appears as follows; where a path is indicated, substitute your own Domino program directory path. JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4 QPJC1=/opt/lotus/notes/<latest>/sunspa/quickplace.jar QPJC2=/opt/lotus/notes/<latest>/sunspa/log4j-118compat.jar QPJC3=/opt/lotus/notes/<latest>/sunspa/STCore.jar
59
QPJC4=/opt/lotus/notes/<latest>/sunspa/STMtgManagement.jar v (i5/OS) Edit the JavaUserClassesExt setting so it appears as follows. The path name shown is the recommended one for storing the STCore.jar and STManagement.jar files. If currently you use a different directory, you can continue to use it or you can copy the files to the recommended directory. JavaUserClassesExt=LQPJava1,LQPJava2,LQPJava3,LQPJava4 LQPJava1=/QIBM/ProdData/Lotus/QuickPlace/quickplace.jar LQPJava2=/QIBM/ProdData/Lotus/QuickPlace/log4j-118compat.jar LQPJava3=/QIBM/UserData/Lotus/QuickPlace/STCore.jar LQPJava4=/QIBM/UserData/Lotus/QuickPlace/STMtgManagement.jar 3. Save and close the notes.ini file. 4. Copy files from the Lotus Sametime server to the Lotus QuickPlace server, as indicated in the following tables: On Windows:
Domino program directory of Domino program directory of the the Lotus Sametime server, Lotus QuickPlace server, for for example: example: C:\Program Files\Lotus\Domino C:\Program Files\Lotus\Domino
STCore.jar
Domino program directory of Domino program directory of the the Lotus Sametime server. Lotus QuickPlace server.
ServiceLocator.properties Domino program directory of Domino program directory of the the Lotus Sametime server. Lotus QuickPlace server. sametime.ini Domino program directory of Domino program directory of the the Lotus Sametime server. Lotus QuickPlace server.
On AIX:
Domino program directory of Domino program directory of the the Lotus Sametime server, Lotus QuickPlace server, for for example: example: /opt/lotus/notes/<latest>/ ibmpow/ /opt/lotus/notes/<latest>/ ibmpow/
STCore.jar
Domino program directory of Domino program directory of the the Lotus Sametime server. Lotus QuickPlace server. Lotus QuickPlace server data directory, for example: /opt/notesdata Lotus QuickPlace server data directory.
60
On Solaris:
Domino program directory of Domino program directory of the the Lotus Sametime server, Lotus QuickPlace server, for for example: example: /opt/lotus/notes/<latest>/ sunspa/ /opt/lotus/notes/<latest>/ sunspa/
STCore.jar
Domino program directory of Domino program directory of the the Lotus Sametime server. Lotus QuickPlace server. Lotus QuickPlace server data directory, for example: /opt/notesdata Lotus QuickPlace server data directory.
On i5/OS:
File STMtgManagement.jar Copy from The following directory on the i5/OS server where you installed Lotus Sametime: /qibm/proddata/lotus/ sametime Copy to The directory specified in the JavaUserClassesExt setting in Step 2 on the i5/OS server where you installed Lotus QuickPlace, for example: /QIBM/UserData/Lotus/ QuickPlace/ STCore.jar The following directory on the i5/OS server where you installed Lotus Sametime: /qibm/proddata/lotus/ sametime ServiceLocator.properties Lotus Sametime server data directory. sametime.ini Lotus Sametime server data directory. Lotus QuickPlace server data directory. Lotus QuickPlace server data directory. The directory specified in the JavaUserClassesExt setting in Step 2.
5. (i5/OS only) Use the CHGOWN command to change the owner of the files copied in the previous step to QNOTES. For example, enter the following commands:
CHGOWN OBJ(/qibm/userdata/lotus/quickplace/ST*) NEWOWN(QNOTES) CHGOWN OBJ(<QP_server_data_directory>/sametime.ini) NEWOWN(QNOTES) CHGOWN OBJ(<QP_server_data_directory>/ServiceLocator.properties) NEWOWN(QNOTES)
6. Perform the steps described in the topic Verifying that Lotus Sametime integration is working.
Verifying that Lotus Sametime integration is working

After completing the steps in the topic Updating integration features after upgrading to Lotus Sametime 7.0 or the topic Updating integration features after upgrading to Lotus Sametime 7.0, perform the following steps to verify that the integration is still working:
61
1. Start the Lotus QuickPlace server, the Lotus Sametime server, and the LDAP directory server. 2. To verify that awareness is working, sign on to a place as an external user and check for the awareness icon next to your sign on name. 3. To verify that instant messaging is working, find a document that was created by a user listed as online, click the users name, and then click Chat. Or click the Chat link beside your name in the top left corner of the screen. 4. If Web conferencing is configured, test that members can schedule online meetings. Create a calendar entry in a Place, click Calendar - New - Online Meeting, fill in the relevant fields, and then click Publish. Users who subscribe to calendar events should receive an invitation in their mail, with a link to the meeting.
62
Appendix A Configuring the Domino Server for Local Users

This appendix describes the certifier configuration required on the Lotus Domino server to support local Lotus QuickPlace users.
Domino certifier requirements for local users

A local user is a member of a place who is registered directly in the place. An external user is a user that is registered in a user directory. For a variety of of reasons, using external users with Lotus QuickPlace, rather than local users, is recommended. For example, if an external users name changes, you change the name once in the user directory, rather than change the name in each place to which the user belongs. For more information on the advantages of user directories, see the Lotus QuickPlace Administrators Guide. If you want to use local Lotus QuickPlace users despite the disadvantages, the Domino server certifier must use no more than two levels of organizational units (OUs). There is no such limitation for external users. To generate the name of a local member or group for a place, Lotus QuickPlace adds the OUs ou=placename, ou=QP to the users or groups common name. Then Lotus QuickPlace adds to the name the OU and O components generated by the certifier of the server on which Lotus QuickPlace runs. For example, if the Domino server certifier ends in /ou=Dallas/ou=Div1/o=Acme, the local user John Doe becomes cn=John Doe/ou=Place1/ou=QP/ou=Dallas/ou=Div1/o=Acme when added as a member of the place, Place1. If the Domino server certifier has more than two OU levels, the OUs specific to Lotus QuickPlace are removed and the user cannot access places. You can use a Lotus QuickPlace server with more than two OU levels in the certifier only if you use external users and groups as members. You can convert local users to external users with the QPTool changemember command if the local users are valid. If you already have local users that were created on a server with more than two OUs, follow these steps to change the format before you use the QPTool changemember command. For more information on using the QPTool changemember command, see the Lotus QuickPlace Administrators Guide.
If your server uses more than two OU levels

If you have already used more than two OU levels on a Domino server and the Lotus QuickPlace OUs are being removed from the names of local users and groups, you can correct the problem by moving the places to a server with two or fewer OU levels as follows: 1. Install a new Lotus QuickPlace server that has no more than two OU levels. 2. Copy the places with the truncated local user names to the new Lotus QuickPlace server. 3. If you are copying places from a Lotus QuickPlace 3.0x or 6.5.1 server, run qptool upgrade -p placename(s) on the place. Otherwise, skip this step. For more information on qptool upgrade, see the chapter Upgrading to Lotus QuickPlace 7.
63
4. Run qptool register -install -p placename(s) on the new server. Verify that the local names in the places are in the correct format, for example, that they contain the /ou=placename/ou=QP components followed by the OU components (maximum of 2) from the server certifier.
64
Notices
This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the users responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not grant you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing IBM Corporation North Castle Drive Armonk, NY 10504-1785 U.S.A. The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact: IBM Corporation Office 4360
65
One Rogers Street Cambridge, MA 02142 U.S.A. Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee. The licensed program described in this information and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement, or any equivalent agreement between us. Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental.
Trademarks
The following terms are trademarks of International Business Machines Corporation in the United States, other countries, or both: AIX Domino Domino Designer IBM iSeries i5/OS Lotus Lotus Notes Notes QuickPlace Sametime Microsoft, Windows, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. UNIX is a registered trademark of The Open Group in the United States and other countries. Other company, product, or service names may be trademarks or service marks of others.
66
Index A
Administrators signing in as 8, 10 Alternate download site offline 32 Authentication offline users 23 Installation (continued) Solaris 7, 8 troubleshooting on i5/OS Policy Director offline configuration 17 32
L
LDAP directories connecting to 21 Local users certifiers required for 63
Q
QPTool register using 56 QPTool upgrade using 54
C
Certifier IDs offline 23, 24, 25, 26 Certifiers for local users 63 Clusters upgrading 49
N
name_translation setting described 28 examples 28, 30 Names translating for offline 28, 30 Netegrity SiteMinder offline configuration 32 New features described 1, 3, 4 version 6.5.1 47
S
Sametime integration setup 37 planning 37 setting up Awareness and Chat 41 setting up awareness and instant messaging 39 setting up Web conferencing 41 upgrade 57, 58 Sametime meetings setting up 41 Servers upgrading 49 Signing in as administrator 8, 10 Software agreement i5/OS 15 Solaris installation on 8 Starting QuickPlace 8, 10, 16 Sun Java System Portal Server offline configuration 32
D
Database design upgrading 54 Documentation additional 4 for i5/OS 5 Domino compatibility i5/OS 11 on i5/OS 14 Domino Off-Line Services see 21
O
Offline alternate download site 32 and user directory 21 certifiers for 23, 24, 25, 26 clearing browser cache 57 described 21 enabling 21 enabling for i5/OS 22 FAQs 34 hiding Work Offline link 34 passwords 31 place encryption 31 Security Policy document 27 specific environment configurations 32 translating LDAP names for 28, 30 troubleshooting 21
E
Encrypting offline places 31
F
FAQs offline 34
T
TCP/IP preparing on i5/OS 11, 12, 13 Troubleshooting i5/OS installation 17
I
i5/OS additional resources 5 configuring Domino 14 enabling offline use 22 installation on 10, 16 installation troubleshooting 17 multiple servers 18 removing QuickPlace 19 software agreement 15 TCP/IP preparation 11, 12, 13 upgrading server 52 IBM Network Dispatcher offline configuration 32 Installation i5/OS 10, 16 overview 1, 7 Copyright IBM Corp. 2005
U
Upgrade clearing offline cache 57 database design 54 in cluster environment 49 installing release 7 50, 51, 52 new features and 47 non-cluster environment 49 on-disk structure 57 overview 48 place and PlaceType backups 50 Place Catalog 56 places and PlaceTypes 54 Sametime 57, 58
P
Passthru server offline configuration 32 Passwords offline 31 upgrading offline 47 Place Catalog registering places 56 Places registering 56 upgrading 54 PlaceTypes upgrading 54
67
W
Windows installation on 7
68
Part Number: AD0EQNA Program Number: 5724-J24
Printed in USA
G210-1998-00
(1P) P/N: AD0EQNA

QP 7 Ug

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

QP 7 Ug

Uploaded by

Copyright:

Available Formats

Lotus QuickPlace

Installation and Upgrade Guide

Installation and Upgrade Guide

Chapter 2 Installing Lotus QuickPlace . . 7

Chapter 4 Setting Up Lotus QuickPlace to Work with Lotus Sametime . . . . . 37

Chapter 3 Setting Up Lotus QuickPlace for Offline Use . . . . . . . . . . . 21

Chapter 5 Upgrading to Lotus QuickPlace 7.0 . . . . . . . . . . . 47

Appendix A Configuring the Domino Server for Local Users . . . . . . . . 63

QuickPlace Installation and Upgrade Guide

Chapter 1 Getting Started

Whats new in Lotus QuickPlace 7.0

New features for administrators

Domino management of user directory lookups

Improved error logging and debugging

Copyright IBM Corp. 2005

Encryption of offline databases

Use of sign in passwords for offline databases

Improved My Places performance

Ability to define additional fonts for graphic text

QuickPlace Installation and Upgrade Guide

Domino time zone support

New product ID for i5/OS

New features for users

Domino time zone support

Access control changes

New themes with expandable table of contents

Document types in folders

Support for Safari on Mac OS-X

Support for Mozilla Firefox

New features for developers

QuickPlace Installation and Upgrade Guide

Additional resources for i5/OS

Chapter 1 Getting Started

QuickPlace Installation and Upgrade Guide

Chapter 2 Installing Lotus QuickPlace

Lotus QuickPlace Installation

Installing Lotus QuickPlace on Windows

Copyright IBM Corp. 2005

Starting Lotus QuickPlace on Windows

To sign in to Lotus QuickPlace

Installing Lotus QuickPlace on AIX or Solaris

QuickPlace Installation and Upgrade Guide

Starting Lotus QuickPlace on AIX or Solaris

To sign in to Lotus QuickPlace

Installing on IBM i5/OS

QuickPlace Installation and Upgrade Guide

Lotus QuickPlace and Domino compatibility on i5/OS

Preparing your TCP/IP configuration

Adding a TCP/IP interface and host name

7. Click OK to exit the TCP/IP Configuration Properties window.

Verifying the configuration of other Domino servers

QuickPlace Installation and Upgrade Guide

Verifying the configuration of Sametime servers

Verifying the configuration of IBM Directory Server (LDAP)

Verifying the configuration of IBM HTTP Server (powered by Apache)

Installing and configuring a Domino server for Lotus QuickPlace

QuickPlace Installation and Upgrade Guide

Pre-accepting the Lotus QuickPlace software agreements

Chapter 2 Installing Lotus QuickPlace

Installing Lotus QuickPlace on i5/OS

Starting Lotus QuickPlace on i5/OS

QuickPlace Installation and Upgrade Guide

Troubleshooting Lotus QuickPlace installation on i5/OS