Front cover
IBM Lotus Workplace
Team Collaboration
ion 2.0.1
Product overview
Customization using Workplace
Builder
Deployment
considerations
Philip Monson
Michael Alexander
Steve Hartwell
Voi Sosnowski
ibm.com/redbooks
Redpaper
Contents
Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v
Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vi
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
The team that wrote this Redpaper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
Become a published author . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
Comments welcome. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
Chapter 1. Features and functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.1 IBM Lotus Workplace Team Collaboration overview. . . . . . . . . . . . . . . . . . 2
1.1.1 The Team Collaboration components . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Getting started. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.3 Presence and instant messaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.3.1 Presence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1.3.2 The Instant Contacts portlet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
1.3.3 The People Finder portlet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
1.4 Web conferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
1.4.1 Working with Web Conferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
1.4.2 The Web Conferences page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
1.4.3 Creating a new Web Conference . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
1.4.4 Joining a Web Conference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
1.4.5 Participating in a Web Conference . . . . . . . . . . . . . . . . . . . . . . . . . . 41
1.5 Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
1.5.1 Membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
1.5.2 Import File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
1.5.3 New . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
1.5.4 More actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
1.5.5 Folder actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
1.5.6 Search. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
1.6 Team Spaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
1.6.1 The Team Spaces page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
1.6.2 Entering a team space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
1.6.3 Team Project Home - the Task page . . . . . . . . . . . . . . . . . . . . . . . . 75
1.6.4 Team Calendar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
1.6.5 Discussions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
1.6.6 Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
1.6.7 Chat Room . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
1.6.8 Search. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
© Copyright IBM Corp. 2005. All rights reserved.
i
1.7 Search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Chapter 2. Customization using Workplace Builder . . . . . . . . . . . . . . . . 103
2.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
2.2 Applications and templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
2.3 Accessing Workplace Builder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
2.4 Using the Workplace Builder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
2.4.1 The Workplace Builder tabs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
2.4.2 Deploying the template . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
2.5 Editing an existing template . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
2.6 Other customizations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
2.6.1 Login page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
2.6.2 Adding portlets, themes, and skins . . . . . . . . . . . . . . . . . . . . . . . . . 137
2.6.3 Customizing your LDAP Directory for Lotus Workplace . . . . . . . . . 139
Chapter 3. Product architecture. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
3.1 Architectural overview of Lotus Workplace 2.0.1 . . . . . . . . . . . . . . . . . . 142
3.1.1 Infrastructure architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
3.1.2 Lotus Workplace JVMs and containers. . . . . . . . . . . . . . . . . . . . . . 146
3.1.3 The file system artifacts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
3.2 Lotus Workplace Team Collaboration architecture . . . . . . . . . . . . . . . . . 149
3.2.1 SIP and SIMPLE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
3.2.2 Components of the Team Collaboration infrastructure . . . . . . . . . . 150
Chapter 4. Deployment considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . 155
4.1 Deploying stand-alone Team Collaboration . . . . . . . . . . . . . . . . . . . . . . 156
4.1.1 Enabling Workplace Messaging in Team Collaboration . . . . . . . . . 157
4.2 Deploying Team Collaboration with an existing WebSphere Portal
environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
4.2.1 Overview of upgrading an existing WebSphere Portal . . . . . . . . . . 159
4.2.2 Upgrading existing WebSphere Portal with the Workplace GUI . . . 161
4.2.3 Required modifications to an existing WebSphere Portal . . . . . . . . 164
4.3 Deploying Team Collaboration in an extranet scenario. . . . . . . . . . . . . . 169
4.3.1 HTTP Server separation topology. . . . . . . . . . . . . . . . . . . . . . . . . . 169
4.3.2 Installing WebSphere plug-in on a remote IBM HTTP server . . . . . 172
4.4 Post-installation configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
4.4.1 Configuring the Team collaboration service . . . . . . . . . . . . . . . . . . 180
4.5 Security resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
Chapter 5. Team Collaboration administration. . . . . . . . . . . . . . . . . . . . . 187
5.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
5.1.1 WPS Admin Console. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
5.1.2 Server- and service-level operations. . . . . . . . . . . . . . . . . . . . . . . . 189
5.1.3 Workplace cell-wide settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
ii
IBM Lotus Workplace Team Collaboration 2.0.1
5.1.4 Server start, stop, restart scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
5.2 Adding administrators and assigning user roles . . . . . . . . . . . . . . . . . . . 192
5.2.1 Adding new users to the wpsadmins group . . . . . . . . . . . . . . . . . . 192
5.2.2 Granting resource permissions to the virtual resource Portal . . . . . 192
5.2.3 Adding Workplace administrators using WPS Console . . . . . . . . . 195
5.3 Team Collaboration architecture in the WebSphere Portal Admin Console
user interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
5.4 Workplace application policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
5.4.1 Viewing current application policy . . . . . . . . . . . . . . . . . . . . . . . . . . 204
5.4.2 Modifying default policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
5.4.3 Creating custom application policy . . . . . . . . . . . . . . . . . . . . . . . . . 208
5.4.4 Managing workplace application policy. . . . . . . . . . . . . . . . . . . . . . 208
5.5 User policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
5.5.1 User policy options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
5.5.2 Assigning users to user policies . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
5.5.3 Choosing policy assignment method . . . . . . . . . . . . . . . . . . . . . . . 214
5.5.4 Viewing existing user policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
5.5.5 Creating user policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
5.5.6 Assigning policies to users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
5.5.7 User policies and default access. . . . . . . . . . . . . . . . . . . . . . . . . . . 219
5.6 Managing user access to Workplace resources . . . . . . . . . . . . . . . . . . . 222
5.6.1 Defining user access levels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
5.6.2 Editing user access to Lotus Workplace products . . . . . . . . . . . . . 223
5.7 Workplace Scheduler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
5.7.1 Configuring the Task Scheduler Service for a cell . . . . . . . . . . . . . 223
5.7.2 Scheduler tasks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
5.8 LMAdmin Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
5.8.1 Starting the LMAdmin tool. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
5.8.2 UpdateAccount command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Appendix A. Example: Chat logging with the IM SPI . . . . . . . . . . . . . . . . 231
Brief introduction to the IM SPI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Creating a chat logging application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Contents
iii
iv
IBM Lotus Workplace Team Collaboration 2.0.1
Notices
This information was developed for products and services offered in the U.S.A.
IBM may not offer the products, services, or features discussed in this document in other countries. Consult
your local IBM representative for information on the products and services currently available in your area.
Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM
product, program, or service may be used. Any functionally equivalent product, program, or service that
does not infringe any IBM intellectual property right may be used instead. However, it is the user's
responsibility to evaluate and verify the operation of any non-IBM product, program, or service.
IBM may have patents or pending patent applications covering subject matter described in this document.
The furnishing of this document does not give you any license to these patents. You can send license
inquiries, in writing, to:
IBM Director of Licensing, IBM Corporation, North Castle Drive Armonk, NY 10504-1785 U.S.A.
The following paragraph does not apply to the United Kingdom or any other country where such provisions
are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES
THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT,
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer
of express or implied warranties in certain transactions, therefore, this statement may not apply to you.
This information could include technical inaccuracies or typographical errors. Changes are periodically made
to the information herein; these changes will be incorporated in new editions of the publication. IBM may
make improvements and/or changes in the product(s) and/or the program(s) described in this publication at
any time without notice.
Any references in this information to non-IBM Web sites are provided for convenience only and do not in any
manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the
materials for this IBM product and use of those Web sites is at your own risk.
IBM may use or distribute any of the information you supply in any way it believes appropriate without
incurring any obligation to you.
Information concerning non-IBM products was obtained from the suppliers of those products, their published
announcements or other publicly available sources. IBM has not tested those products and cannot confirm
the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on
the capabilities of non-IBM products should be addressed to the suppliers of those products.
This information contains examples of data and reports used in daily business operations. To illustrate them
as completely as possible, the examples include the names of individuals, companies, brands, and products.
All of these names are fictitious and any similarity to the names and addresses used by an actual business
enterprise is entirely coincidental.
COPYRIGHT LICENSE:
This information contains sample application programs in source language, which illustrates programming
techniques on various operating platforms. You may copy, modify, and distribute these sample programs in
any form without payment to IBM, for the purposes of developing, using, marketing or distributing application
programs conforming to the application programming interface for the operating platform for which the
sample programs are written. These examples have not been thoroughly tested under all conditions. IBM,
therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. You may copy,
modify, and distribute these sample programs in any form without payment to IBM for the purposes of
developing, using, marketing, or distributing application programs conforming to IBM's application
programming interfaces.
© Copyright IBM Corp. 2005. All rights reserved.
v
Trademarks
The following terms are trademarks of the International Business Machines Corporation in the United States,
other countries, or both:
Eserver®
Redbooks (logo)
developerWorks®
eServer™
ibm.com®
Cloudscape™
™
Domino®
DB2®
IBM®
Lotus®
Notes®
Redbooks™
Tivoli®
WebSphere®
Workplace™
Workplace Messaging™
1-2-3®
The following terms are trademarks of other companies:
Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun
Microsystems, Inc. in the United States, other countries, or both.
Microsoft, Windows, and the Windows logo are trademarks of Microsoft Corporation in the United States,
other countries, or both.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Linux is a trademark of Linus Torvalds in the United States, other countries, or both.
Other company, product, and service names may be trademarks or service marks of others.
vi
IBM Lotus Workplace Team Collaboration 2.0.1
Preface
IBM® Lotus® software, the leader in collaboration, has created Lotus
Workplace™, an integrated family of collaborative products based on open
standards. Lotus Workplace combines market-leading collaborative products
that can be experienced through a choice of security-rich clients, giving people
simplified access and interaction with other people and a host of collaborative
applications like e-mail, calendaring & scheduling, instant messaging, Web
conferencing, team spaces, document & Web content management, and
e-learning. Lotus Workplace is delivered through a componentized design and
includes tools to easily create a new workplace that can be applied as needed to
fit specific industry or business needs.
IBM Lotus Workplace products include:
򐂰
IBM Lotus Workplace Messaging™
򐂰
IBM Lotus Workplace Team Collaboration
򐂰
IBM Lotus Workplace Collaborative Learning
򐂰
IBM Lotus Workplace Web Content Management
򐂰
IBM Lotus Workplace Documents
This IBM Redpaper introduces you to IBM Lotus Workplace Team Collaboration
2.0.1. It is written for readers of all levels, both technical and non-technical, since
it covers everything from standard features and functions to an in-depth look at
the architecture. Specifically, the topics included are:
򐂰 Team Collaboration features and functions
򐂰 Customization using Workplace Builder
򐂰 Product architecture
򐂰 Deployment considerations
򐂰 Team Collaboration administration
򐂰 Getting started with the IM Service Programming Interface
For more details on all the products comprising Lotus Workplace 2.0.1 consult
Lotus Workplace 2.0.1 Products Deployment Guide, SG24-6378.
© Copyright IBM Corp. 2005. All rights reserved.
vii
The team that wrote this Redpaper
This Redpaper was produced by a team of specialists from around the world
working at the International Technical Support Organization, Lotus Center.
Philip Monson is a Project Leader at the ITSO Lotus Center in Cambridge, MA.
Phil has been with Lotus/IBM for 14 years, joining the company when the early
versions of Notes were rolled out for internal use. He has served in management,
technical, and consulting roles in the IS, Sales, and Development organizations.
Phil was an author for a number of IBM Redbooks about Lotus topics.
Michael Alexander is an Advisory Software Engineer in Austin, TX where he
works on the Lotus Support Engineering Team (SET). In this role he investigates
issues for IBM Business Partners and customers, working with support and
development teams around the world and across Software Group. Since joining
IBM in 1998 to support cc:Mail, he has worked with a wide range of IBM and
Lotus products with a constant focus on collaboration. Areas of specific interest
are role- and context-sensitive collaboration, skills matching, instant messaging,
and conferencing.
Steve Hartwell is a Program Manager for Collaboration and Portals in the Global
e-business Transformation (GeT) organization of IBM Software Group. In most of
his 21 year career at Lotus/IBM, spanning 1-2-3® to Notes/Domino® to Lotus
Workplace, he has worked on the leading edge in both technical and
management capacities to deploy internally what Lotus/IBM sells externally.
Voi Sosnowski is an IT Architect in the e-Workplace practice of IBM Global
Services. He has over eight years of experience in the messaging and
groupware solutions area. Voi specializes in designing, evaluating, and
developing e-business collaboration solutions based on IBM WebSphere® Portal
and Lotus groupware technologies. He has applied his expertise in implementing
systems for financial and government institutions, and in the manufacturing,
banking, and biotechnology industries.
Thanks to the following people for their contributions to this project:
򐂰 Sami M. Shalabi, Lotus Workplace Collaborative Application Infrastructure
Architect, IBM
򐂰 John Bergland, ITSO Project Leader, IBM
򐂰 Dane A. Johnson, Software Engineer, IBM
򐂰 Carl T. Kriger, Senior Product Manager, Lotus Workplace, IBM
򐂰 Uri Segev, Manager, SIP Infrastructure Development team, IBM
򐂰 Thomas S. Doak, Program Director, Development, Lotus Workplace, IBM
򐂰 Gordon E. Hegfield, Lead Architect, Lotus Workplace Administration, IBM
򐂰 Brian L. Pulito, Senior Software Engineer, IBM
򐂰 Ofira Tal, Team Leader SIP Infrastructure development team, IBM
viii
IBM Lotus Workplace Team Collaboration 2.0.1
򐂰 Amy D. Travis, Product Designer, IBM
򐂰 Lea Medhurst, Senior Consultant, EOS Solutions
Become a published author
Join us for a two- to six-week residency program! Help write an IBM Redbook
dealing with specific products or solutions, while getting hands-on experience
with leading-edge technologies. You'll team with IBM technical professionals,
Business Partners and/or customers.
Your efforts will help increase product acceptance and customer satisfaction. As
a bonus, you'll develop a network of contacts in IBM development labs, and
increase your productivity and marketability.
Find out more about the residency program, browse the residency index, and
apply online at:
ibm.com/redbooks/residencies.html
Comments welcome
Your comments are important to us!
We want our papers to be as helpful as possible. Send us your comments about
this Redpaper or other Redbooks™ in one of the following ways:
򐂰 Use the online Contact us review redbook form found at:
ibm.com/redbooks
򐂰 Send your comments in an email to:
redbook@us.ibm.com
򐂰 Mail your comments to:
IBM Corporation, International Technical Support Organization
Dept. JLU Mail Station P099
2455 South Road
Poughkeepsie, New York 12601-5400
Preface
ix
x
IBM Lotus Workplace Team Collaboration 2.0.1
1
Chapter 1.
Features and functions
In this chapter we provide an overview of IBM Lotus Workplace Team
Collaboration 2.0.1. We also describe in detail the features and functions of the
Lotus Team Collaboration product.
The five core components of the product provide the following capabilities:
Instant messaging, Web conferencing, Document management, Team spaces
and Search. These functions are explained in this chapter.
© Copyright IBM Corp. 2005. All rights reserved.
1
1.1 IBM Lotus Workplace Team Collaboration overview
IBM Lotus Workplace Team Collaboration 2.0.1 software is a key part of the
leading-edge Lotus collaboration and human interaction platform from IBM.
Lotus Workplace Team Collaboration offers a single, collaborative foundation
that integrates on demand capabilities, including instant messaging and
presence awareness, Web conferencing and collaborative workspace
capabilities expressly for the dynamically adaptive IBM Lotus Workplace
environment. These capabilities can help you give users immediate access to
the right people and the right information. They can help you foster a sense of
community and minimize geographical and organizational boundaries. You can
extend these capabilities, which are at the heart of Lotus Workplace Team
Collaboration software, to your entire value chain. This helps you more
effectively facilitate collective and efficient decision making, as well as centralize
operations and reduce costs.
Lotus Workplace Team Collaboration blends real-time with asynchronous
collaboration and offers the following capabilities:
򐂰 Instant messaging and presence awareness
򐂰 Web conferencing
򐂰 Document management
򐂰 Team spaces, which contain areas for Task management, Calendar,
Discussion forum, Document management, Chat, and Search
򐂰 Search
򐂰 Workplace Builder, which allows you to create and customize additional
collaborative applications
Lotus Workplace Team Collaboration is easier and more cost-effective to install,
use, maintain, and upgrade than using separate products for each function. You
can leverage this solution to help reduce the complexity of your IT infrastructure
and lower your total cost of ownership.
1.1.1 The Team Collaboration components
IBM Lotus Workplace Team Collaboration 2.0.1 has fully integrated instant
messaging and presence awareness, Web conferencing and customizable Team
space components. These components are briefly described in the following
paragraphs and are illustrated in Figure 1-1 on page 4.
2
IBM Lotus Workplace Team Collaboration 2.0.1
򐂰 Presence awareness and instant messaging are available throughout the
Lotus Workplace and all of its components.
򐂰 Web conferencing provides broadcast-style meeting capabilities including
enabling the moderator to share presentations and participants to optionally
download meeting materials.
򐂰 Web-based, self-service, easily customizable Team Spaces allow document
storage and retrieval, threaded discussions, and team projects that are
secure, available and accessible anytime, anywhere. Highlights include:
– Membership - Allows the moderator of a Team Space or Web Conference
to define and control member access and participation.
– Instant Messaging and Presence Awareness - Know instantly whether a
person is available to collaborate, share information, or take action.
– Project Task Management - Create, edit, and track tasks and assign them
to team members.
– Team Calendar - Create and view group calendar entries (including Web
Conference invitations) for the team.
– Discussion Forums - Create Web-based discussion forums, or a forum
within a forum, and allow members to engage in threaded discussions.
– Document Manager - Create and import documents into folders, and
manage them with built-in methods for tracking changes and comments
made by team members.
– Chat Room - Engage team members in an instant message facility that
can be searched and archived.
– Search - Search for text strings across the entire Team Space.
򐂰 Workplace Builder - Allows authorized business users to easily customize
Lotus Workplace components into reusable templates and deploy these into
business process-specific applications.
Chapter 1. Features and functions
3
Presence and Awareness
Instant Messaging
Presence and Awareness
Figure 1-1 Team Collaboration components
1.2 Getting started
Begin by logging into Lotus Workplace Team Collaboration. Simply visit the Web
address provided by your administrator with your browser, which can be any of
the following:
򐂰 Internet Explorer 5.5 SP2 with Microsoft® JVM 1.1
򐂰 Internet Explorer 6.0 SP1 with Sun JRE 1.4.2 or Microsoft JVM 1.1
򐂰 Mozilla 1.4 on Linux®
The default login screen that is provided with the product is shown in Figure 1-2.
It is possible to customize this by modifying the Login.jsp file; we discuss this
further in 2.6.1, “Login page” on page 136.
4
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-2 Default login screen
If your administrator allows you to self-register, click Sign up. Otherwise, enter
your User ID and Password, as registered to the directory, into the input fields
provided and click Log in. This brings up the main Lotus Workplace Team
Collaboration environment, as shown in Figure 1-3.
Figure 1-3 Lotus Workplace Team Collaboration
Chapter 1. Features and functions
5
The uppermost tabs show My Workplace, a Lotus Workplace application, and
YourCo Financial, which is a WebSphere Portal application. In this chapter we
are referring exclusively to My Workplace. In the gray bar below My Workplace,
we see the pages that comprise the default Team Collaboration application: Web
Conferences, Documents, Team Spaces, Applications, and Search. Before we
discuss each of these components in detail, we first examine two fundamental
features of Lotus Workplace Team Collaboration that are provided throughout
the product: presence awareness and instant messaging.
1.3 Presence and instant messaging
Presence and instant messaging are included and usable throughout Lotus
Workplace Team Collaboration. Presence is a visual indicator of a person’s
online status: available, away, unavailable, or offline. You can use the presence
indicators to decide whether to contact someone via instant messaging, or
perhaps to e-mail them instead. Invoking an instant messaging session, or chat,
is an easy option if a person is available.
1.3.1 Presence
First, let us examine presence in Lotus Workplace. When you log in to Lotus
Workplace, your online status is registered with the server, and a presence
indicator or icon displays next to your name in the Team Space members portlet.
The names of other Workplace users, along with their respective presence
states, are also displayed in this list. In the Team Space shown in Figure 1-4 the
Members portlet is on the right. There we see that Steve is available, Michael is
away, Philip is busy, and Lea and Voi are not online. Also notice that the team
members are organized into groups, Contributors and Moderators; we explain
more about groups later in this chapter.
6
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-4 Presence in a Lotus Workplace Team Space
You can update your status to indicate whether you are available, busy, away or
offline. To do this, click the text to the right of the icon next to your name at the
top of a Workplace page to access the drop-down menu of presence options
shown in Figure 1-5.
Figure 1-5 Presence options
Click any of the first three choices to set your desired status. Lotus Workplace
will automatically change your status from available to away after a short period
of inactivity. Click the last choice to Log out of instant messaging; your presence
indicator will become blank and you will be offline.
When you click Customize status you get the dialog box shown in Figure 1-6.
Here you can customize the text associated with each of the online presence
states: available, away, and do not disturb.
Chapter 1. Features and functions
7
Figure 1-6 Customizing presence status messages
1.3.2 The Instant Contacts portlet
User names display online status information in many different contexts,
including Team Space membership lists, Web Conference participants lists,
People Finder, Discussion postings, and Document authors. In addition, you can
create a personalized Instant Contacts list that contains the names of team
members and colleagues with whom you typically interact. This Instant Contacts
portlet appears by default on each of the main Lotus Workplace Team
Collaboration pages: Web Conferences, Documents, Team Spaces, Applications
and Search.
Instant Contacts - Live Names
One of the powerful collaborative features of Lotus Workplace is Live Names.
Not only can you see a person’s online presence status anywhere you see a
name, but you can also click the name to get options for further collaboration. In
Figure 1-7, moving the mouse over Michael’s name in the Instant Contacts
portlet reveals an indicator to the right of his name, as well as hover text (not
shown) indicating the text of his status message.
8
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-7 Live name options
Clicking his name reveals several options to the left of the name; we now cover
these in more detail.
Start Chat
Instant messaging provides you with the ability to participate in text chats with
other Lotus Workplace users. Clicking the Start Chat option from the People
Links menu brings up a new browser window, where you and your teammate can
exchange text messages in real time, as shown in Figure 1-8.
Chapter 1. Features and functions
9
Figure 1-8 A chat in Lotus Workplace
After a chat begins, any chat participant can invite other online users to join by
clicking Invite Others. To exit the chat, simply close the browser window.
Note: If you are participating in a chat and enough time elapses, the system
could disconnect you from the chat. To resume, you might need to refresh
your browser and log back in to Lotus Workplace.
Send E-mail
If you have Lotus Workplace Messaging installed as well as Team Collaboration,
clicking Send E-mail brings up a new browser window with the same dialog box
as Mail Compose in Messaging. As shown in Figure 1-9, it contains mail address
functions, a rich text editor for the body of the message, and the capability to
attach files from your hard disk or from a Lotus Workplace Document Library. In
this example, we have browsed the Main Document Library in Lotus Workplace
for the Team Collaboration lab file to attach to our e-mail to Michael.
If you do not have Lotus Workplace Messaging installed, clicking Send E-mail
uses the default Mail system designated by your browser to compose a new
message using that system.
10
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-9 Sending e-mail
Show Person Record
Clicking Show Person Record in the menu brings up the People Finder portlet,
which lists directory information about the person. Notice in Figure 1-10 that
each occurrence of Steve’s name has a presence indicator, and his e-mail
address is clickable.
Chapter 1. Features and functions
11
Figure 1-10 Show Person Record
The other tab in this portlet is Organization. This displays any organizational
information than might exist in the directory, as shown in Figure 1-11.
12
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-11 Show Person Record - Organization
Edit Contact Information
This option is only available with Lotus Workplace Messaging installed. It allows
you to add the person to your Address Book, and add or edit information about
them. Clicking Edit Contact Information brings up a new browser window, as
shown in Figure 1-12 with Michael’s contact information. You can enter or edit
these fields yourself, as opposed to the Person Record, which is established for
you in the directory.
Chapter 1. Features and functions
13
Figure 1-12 Editing Contact Information
You simply add or edit the given fields as desired and click OK; the information is
then stored in your Lotus Workplace Messaging Address Book. Figure 1-13
shows one additional screen that appears, reminding you to refresh your browser
if the contact name does not appear immediately in your address book.
14
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-13 Contact is added to your address book
Add to/Remove from Instant Contacts
This option allows you to either add or remove the designated person from the
list in your Instant Contacts portlet.
Instant Contacts - Actions
Now that we have seen what is possible with an individual name, let us look at
how we can customize the contents and appearance of our Instant Contacts
portlet, shown in Figure 1-14.
Figure 1-14 The Instant Contact portlet
The Actions button, as shown in Figure 1-15, shows the customization options
that are available: New contact, New group, Start chat, Organize list, Show online
contacts only/Show all contacts, and Expand/Collapse all groups.
Chapter 1. Features and functions
15
.
Figure 1-15 Instant Contacts Actions
The actions with trailing ellipses bring up additional dialog boxes; these are
described in the following sections.
New Contact
Choosing New contact allows you to add a new name to your Instant Contacts
list. It brings up an Instant Contacts portlet, and then lets you find the name and
add it to an Instant Contacts group. In Figure 1-16, we are about to add Philip
Monson to a new group called Leaders.
Figure 1-16 Adding a new contact
We found Philip by clicking the Find Person button, which brings up a new
browser window, and searching for him in the directory, as shown in Figure 1-17.
16
IBM Lotus Workplace Team Collaboration 2.0.1
The options for the Search in box are My Instant Contacts, My Address Book,
and Organization Directory.
Figure 1-17 Finding a Contact in the Directory
After clicking OK, we see in Figure 1-18 that the Leaders group in the Instant
Contacts portlet has a new contact, Philip Monson.
Figure 1-18 A new contact added to the Instant Contacts list
Chapter 1. Features and functions
17
New Group
Click New group to add a group to your Instant Contacts list, as shown in
Figure 1-19. Clicking the Find Group button brings up a Directory Search, where
we found the A-Team public group.
Figure 1-19 Adding a new Public Group to Instant Contacts
If you want to view the members of the group, click the View Group Members
button to launch a new window that contains a portlet with that information,
including presence information for the members.
Looking at the result in Figure 1-20, notice that the group is now part of the
Instant Contacts list, and that its icon is different than the Personal Group icons
next to Leaders and Team.
18
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-20 A new Public Group added to the Instant Contacts list
Public group members display differently than individuals in the Instant Contacts
portlet. There are actually three members of the A-Team group; only those online
are displayed. For individuals such as Philip and Voi, even though they are
offline, they are still listed under their private groups.
Start Chat
Clicking the Start Chat option brings up a new browser window for instant
messaging, as shown previously in Figure 1-8 on page 10.
Organize List
Selecting the Organize List action brings up the portlet shown in Figure 1-21,
which allows you to perform several organizing functions in one place: add a new
contact, add a new group, edit or remove a contact or group, and examine details
of a public group.
Chapter 1. Features and functions
19
Figure 1-21 Organizing the Instant Contacts list
Show online contacts only/all contacts
This option allows you to toggle between showing all contacts and showing only
online contacts in your Instant Contacts portlet.
Expand/Collapse all groups
This option allows you to toggle between showing your Instant Contacts groups
expanded with all names listed, or collapsed with just group names listed.
1.3.3 The People Finder portlet
The People Finder portlet can also be found on each of the main Team
Collaboration pages: Web Conferences, Documents, Team Spaces, Applications
and Search. It allows you to perform a simple or advanced search for people in
the directory. The simple interface, along with the available choices in the Name
drop-down box, is shown in Figure 1-22.
20
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-22 The People Finder portlet
The Advanced Search interface is shown in Figure 1-23. Filling out multiple fields
lets you focus your search more precisely.
Figure 1-23 People Finder Advanced Search
Chapter 1. Features and functions
21
1.4 Web conferences
Web conferences are an important collaboration component of the Lotus
Workplace Team Collaboration offering. A Web conference is an online meeting
in which one or more users deliver a presentation to a group of conference
participants, or attendees.
1.4.1 Working with Web Conferences
You can access Web conferences from either the Web Conferences page or by
clicking calendar or e-mail links. From the Web Conferences page, as shown in
Figure 1-24, you can view or join the Web conferences that you have permission
to access, create new conferences, and modify conferences to which you have
presenter access.
Figure 1-24 The Web Conferences page
You can also access Web conferences from e-mail messages and from calendar
entries created from invitations to a Web conference. Lotus Workplace
Messaging users can also create Web conferences from their calendars; you can
see several Web conference invitations and the New Web conference button in
Figure 1-25.
22
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-25 Web Conferencing access from the Lotus Workplace Messaging calendar
Finally, you can work with Web conferences in Team Spaces on the Team
Calendar page, as shown in Figure 1-26.
Chapter 1. Features and functions
23
Figure 1-26 Web Conferences in a Team Space
Here we have Web Conferences scheduled on the Team Calendar for Tuesday
and Wednesday, and there is a New Web Conference button at the top of the
Calendar. If you create a new Web Conference in a Team Space, it will appear
not only on the Team Calendar, but also on the Web Conferences page and
potentially on your personal Lotus Workplace Messaging Calendar. We discuss
Team Space Web Conferencing in more detail in 1.6.4, “Team Calendar” on
page 84.
1.4.2 The Web Conferences page
As we saw in Figure 1-24, clicking the Web Conferences page in Lotus
Workplace Team Collaboration gives us the Web Conferences portlet, along with
People Finder and Instant Contacts. In the Web Conferences portlet, the default
In Progress tab is colored blue. This list shows only those Web Conferences
currently underway. By clicking the Join button next to a Web Conference, you
can join a Web Conference in progress.
Clicking the My Conferences tab, we see all Web Conferences that Steve owns
or has been invited too. In Figure 1-27, we clicked next to the week of September
12 in the calendar to produce the blue band that indicates that the conferences
shown are for that week only.
24
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-27 My Web Conferences for a week
Clicking the All Conferences tab lists all Web Conferences that are scheduled for
the indicated time period, and that are either public or in your My Conferences
list. In Figure 1-28, we indicated the current month by clicking next to September.
You cannot see Web conferences that are not public unless you are invited to
attend. In addition, users can choose to hide a Web conference from this list by
marking it as hidden. Thus there may be other Web Conferences that you can
attend which are not listed here; these could be found by using the Search for
capability.
Chapter 1. Features and functions
25
Figure 1-28 All Web Conferences in the month of September
1.4.3 Creating a new Web Conference
Any Lotus Workplace user whose policy allows it can create a Web Conference.
To configure policy and other Web Conference options, refer to 5.4, “Workplace
application policies” on page 202.
To create a new Web Conference in the Web Conferences portlet, click the New
Web Conference button. The resulting dialog, shown in Figure 1-29, lets you
enter the name and duration of the conference. A Web Conference can be no
more than 24 hours in length.
26
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-29 Creating a new Web Conference
By clicking the OK button and waiting a few moments, you get the Web
Conference information page shown in Figure 1-30.
Chapter 1. Features and functions
27
Figure 1-30 The Web Conference Information page
This page has three portlets: Web Conference Information, Agenda Materials,
and Participants, which we will cover in detail in the following sections. Notice
that Steve is listed in the Presenter group in the Participants portlet; since he
created the Web Conference, he is the default presenter. As the Web
Conference owner, Steve is allowed to use the Edit buttons to enter additional
Web Conference information and post the agenda.
28
IBM Lotus Workplace Team Collaboration 2.0.1
Web Conference Information
The Web Conference Information portlet is divided into three collapsible sections
as follows:
򐂰 Summary
This lists the name of the conference, the duration, the status, and the Web
address. We had previously entered all but the Web address on the screen in
Figure 1-29.
򐂰 Additional information
The default is nothing, but clicking the Edit button, shown in Figure 1-31,
allows you to enter phone call-in information, a location, a description, and
whether or not the conference should be hidden from the Web Conference
list; that is, a private conference.
Figure 1-31 Editing Web Conference information
򐂰 Presenter Tools
Presenter Tools are highly recommended if you will be sharing Microsoft
PowerPoint presentations in your Web Conferences. Presenter Tools provide
a client-side conversion process for converting .ppt files to the appropriate
DHTML and JPG images, which are then uploaded to the Web Conferencing
server for use in the meeting. Note that users must have PowerPoint on their
system as well as a browser that allows Active X. For example, when the
presenter adds a new PowerPoint file to the agenda materials the Presenter
Chapter 1. Features and functions
29
Tools will use client-side conversion to create dynamic html versions of the
slides. This dynamic html will contain:
– JPG images of the slides
– Resizable slides
– Dynamic actions that are in the original file (for example, animations and
slide transitions)
– Rendering of all items on the page (including background graphics)
The converted files will act just like files saved as html from within
PowerPoint, with the exception being there will be no navigation features
typically included in the output of the HTML rendering process. The
navigation will be provided in the meeting user interface.
As previously mentioned, the Presenter Tools are optional. Should the
Presenter Tools not be installed, the default conversion will be a server-side
process by which slide conversion is executed after the file is uploaded to the
server.
The PowerPoint rendering is specific to Internet Explorer. However, for
Mozilla browser support, the client-side processing will extract GIF versions of
the screens, plus the associated slide text as ALT text.
Clicking the Presenter Tools link downloads a 4.5MB executable to your hard
disk. Running the executable brings up an installer, shown in Figure 1-32,
which prompts you for an install directory, installs the tools, and creates an
uninstaller. This install only needs to be done once, and preferably before you
actually run a screen-sharing meeting.
30
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-32 The Web Conference Tools installer
Agenda Materials
The Agenda Materials portlet allows you to create an agenda for the Web
Conference. Clicking the Edit button expands the Agenda Materials portlet,
shown in Figure 1-33, to allow for adding files, Web pages, and text slides to the
Web Conference agenda. Note that you cannot edit an agenda here while the
Web Conference is in progress; instead, you can do it with the Edit Agenda
button in the Web Conference screen.
Figure 1-33 The Agenda Materials portlet
Chapter 1. Features and functions
31
We now cover each of the Agenda functions in detail.
Edit/Remove Item
The first possibility is to change the default Welcome page. To do this, click the
Edit button in Item 1 to bring up the dialog box shown in Figure 1-34. Here you
can change the text of the first item.
Figure 1-34 Editing an Agenda Item
Similarly, click the Remove button next to an agenda item to remove an item
from the agenda.
Add File
Clicking the Add File button, as shown in Figure 1-35, attaches a file from a local
file system and lists it as an item on the agenda. This makes the file available
during the meeting. It can also be made available for downloading by listing it in
the Downloads and Links section. Simply check the appropriate boxes as
desired.
32
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-35 Adding a new file to the agenda
Add Web Page
Clicking the Add Web Page button attaches a Web page address as an item on
the agenda, as shown in Figure 1-36.
Figure 1-36 Adding a new Web page to the agenda
Chapter 1. Features and functions
33
Add Text Slide
Clicking Add Text Slide allows you to add a text string along with a display name
to the agenda.
Re-order Agenda
Re-order Agenda provides a simple interface to rearrange the items on the
agenda.
Our completed agenda is shown in Figure 1-37.
Figure 1-37 A Web Conference agenda
Clicking Done returns you to the Web Conference Information page, with the new
agenda appearing as shown in Figure 1-38.
34
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-38 The Agenda Materials portlet with our new agenda
Participants
Now we need to invite some people to our Web Conference. The Participants
portlet allows you to control who attends and presents. Clicking the Actions
button, as shown in Figure 1-39, shows the options available.
Figure 1-39 Actions in the Participants portlet
Manage participants
Clicking Manage participants brings up the dialog shown in Figure 1-40.
Chapter 1. Features and functions
35
Figure 1-40 Managing participants
Steve would like to invite a group to attend this Web Conference. To do this, he
clicks the Group Access tab, clicks Attendees under Roles, and then clicks the
Invite Group button. This brings up a new window with a Directory Search to find
a public group, as shown in Figure 1-41.
Figure 1-41 Inviting a Public Group to a Web Conference
36
IBM Lotus Workplace Team Collaboration 2.0.1
Similarly, Steve clicks the Participants tab, then the Presenters link under Roles,
and then the Invite Participant button. This brings up a Directory Search to find
Phil to add him to the list of Presenters. The result is shown in Figure 1-42.
Figure 1-42 Inviting a new Presenter to a Web Conference
Steve then clicks the Close Manage Participants link, and we now see the
expanded Participants portlet in Figure 1-43.
Figure 1-43 Our Web Conference participants
Change owner
Clicking the Change owner action allows you to change the owner of the Web
Conference to someone else by bringing up a Members portlet that provides a
Directory search.
Chapter 1. Features and functions
37
Give all Lotus Workplace users access as: Attendees
This is used to create a public Web Conference, which anyone who is a Lotus
Workplace user can attend.
Attendee Actions
As a Web Conference attendee, you do not have rights to manage the
participants, change the owner, and so forth. If you are an attendee, you can
choose to cancel your participation, as shown in Figure 1-44, which will remove
your name from the participants list and remove the Web Conference calendar
entry.
Figure 1-44 Cancelling participation in a Web Conference
Web Conference invitations and calendar entries
When a person is added to the Participants list in a Web Conference, an e-mail
invitation is sent out to that person with the conference details. In addition, the
Web Conference is posted as a new personal calendar entry if created from the
Web Conferences portlet, and is posted as a new Team Calendar entry if created
from a Team Space.
1.4.4 Joining a Web Conference
Users on the Participants list of a Web Conference can join the conference up to
15 minutes before it begins, using one of the following methods.
E-mail invitation
You can join a Web Conference by clicking a link in a Web conference e-mail
invitation. Figure 1-45 shows an example of an e-mail invitation that arrived in a
Lotus Workplace Messaging mailbox.
38
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-45 An e-mail invitation to join a Web Conference
Web Conferences list
You can also locate a Web conference on the Web Conferences tab, and join it
by clicking the Join button next to it. Figure 1-46 shows an example. You can also
join a Web Conference by clicking the Join button on the Web Conference
information page itself.
Chapter 1. Features and functions
39
Figure 1-46 Joining a Web Conference from the Web Conferences tab
Calendar entry
You can also join a Web conference by clicking a link in the Web conference
details page of a Web conference entry in either a Team Space calendar or
personal calendar if you have Lotus Workplace Messaging. Figure 1-47 shows
an example where there are Web Conference invitations on a Team Space
calendar for both Tuesday and Wednesday.
Web address
Finally, you can paste the Web address from the Web Conference details page
into a browser and then click Join Web Conference.
40
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-47 Joining a Web Conference in a Team Space Team Calendar
1.4.5 Participating in a Web Conference
After you use one of the methods to join the Web Conference, a new browser
window launches which will bring you into an actual Web Conference, as shown
in Figure 1-48. Notice in this Web Conference, in the Attendees window, that
Philip and Steve are both presenters and that Voi is an attendee.
Chapter 1. Features and functions
41
Figure 1-48 A Web Conference
Web Conference components
There are several components to the Web Conference.
򐂰 Projector - The common area which all participants see. It can be maximized
with the Maximize Projector button at the top of the screen. The presenter can
scroll through the Agenda materials using the Next page and Previous page
buttons.
򐂰 Projector Controls - Allow the presenter to navigate through the Agenda
materials in the Agenda tab. In the Sharing tab, it allows the presenter to do
screen sharing. Clicking the Edit Agenda button gives the presenter a chance
to modify the Agenda. Clicking the Click to Present button allows the
presenter to start displaying the Agenda materials in the Projector.
42
IBM Lotus Workplace Team Collaboration 2.0.1
򐂰 Attending - Shows a list of people attending the meeting, their online status,
and whether or not they are a presenter.
򐂰 Downloads and Links - Allows participants to click to the Web addresses
and download the files that have been attached to the Agenda.
򐂰 Leave Web Conference button - Closes the Web Conference browser
window.
򐂰 Refresh button - Refreshes the Web Conference browser window.
򐂰 End Web Conference button - Located on the top right of the page, this
ends the Web Conference for all participants.
Now let us continue with our Web Conference. Steve clicks the Click to Present
button in Projector Controls to start. He then clicks the second agenda item,
which shows a Microsoft Word document in the Projector, as shown in
Figure 1-49.
Chapter 1. Features and functions
43
Figure 1-49 Presenting in a Web Conference
Note that at any time during the Web Conference, another presenter, in this case
Phil, could take over the presenter role by clicking the Click to Present button and
confirming this choice in the informational box shown in Figure 1-50.
Figure 1-50 Taking over the Presenter role in a Web Conference
44
IBM Lotus Workplace Team Collaboration 2.0.1
Here is how the Web Conference looks to Voi, an attendee. In the example in
Figure 1-51, Steve is showing the third agenda item, which is a link; notice that
Voi does not have navigation controls in the Projector window.
Figure 1-51 Participating in a Web Conference - an Attendee viewpoint
Screen Sharing
Another feature of Web Conferences is screen sharing. This allows a presenter
to show the contents of their screen in the attendees’ Projector windows. To
enable screen sharing for a presenter, the Web Conference Tools should be
installed (see “Presenter Tools” on page 29) first. To begin screen sharing in our
example, Steve first clicks the Sharing tab in the Projector Controls window,
shown in Figure 1-52.
Chapter 1. Features and functions
45
Figure 1-52 The Screen Sharing control
When he clicks the Share my Screen button, he gets the notification box in
Figure 1-53. If Steve is screen sharing for the first time, he will get the security
warning mentioned in the notification box.
Figure 1-53 The Screen Sharing notification box
Once Steve clicks OK, he will be actively sharing his screen. There is a Stop
Sharing button to disable this. Attendee Voi can now see Steve’s screen in the
Projector, as shown in Figure 1-54.
46
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-54 Viewing a screen share in a Web Conference
Voi also has the option of scrolling the Projector window to get a better view of
the screen share, and clicking on the Maximize Projector button to give more
screen area to the Projector.
Leaving/Ending the Web Conference
At any time during the Web Conference, you can click the Leave Web
Conference button near the top of the screen to close the browser window and
exit the conference.
To end the Web Conference for all participants, Steve clicks the End Web
Conference button above the Projector window, as shown in Figure 1-55.
Chapter 1. Features and functions
47
Figure 1-55 Ending a Web Conference
48
IBM Lotus Workplace Team Collaboration 2.0.1
1.5 Documents
The Documents page in Lotus Workplace Team Collaboration provides a
collaborative area for teams to share, track, and comment about documents.
Document libraries are the secure containers used to organize groups of
documents. Document libraries provide a centralized repository for documents,
as well as methods for team members to track changes and comments from their
team.
You access document libraries in My Workplace by clicking the Documents
page. From this location, you can view or enter document libraries that you have
created or have permission to access. Figure 1-56 shows our Documents page,
which currently has one library called Main Document Library.
Figure 1-56 The Documents page
In addition to the Document Libraries portlet, the Documents page also contains
the People Finder and Instant Contacts portlets, which were described in 1.3.2,
“The Instant Contacts portlet” on page 8 and 1.3.3, “The People Finder portlet”
on page 20.
i. When you click on a particular document library in the Document
Libraries portlet, you bring up the Document Manager portlet shown in
Figure 1-57.
Chapter 1. Features and functions
49
Figure 1-57 The Document Manager portlet
Now let’s examine the many features and functions of the Document Manager.
1.5.1 Membership
Clicking the Members tab of the Document Library brings up the screen shown in
Figure 1-58. It allows you to rename the document library, as well as manage the
membership roles for the document library. The Members portlet operates
similarly to the Team Space Members portlet described later in “Members” on
page 80.
50
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-58 Managing document library membership
1.5.2 Import File
In the Document Library tab, there are a number of buttons to create and
manage documents. To get started, we will post some new documents to share
with the team. First, we import an existing file from the local hard disk. Click the
Import File button to access the Add a document screen shown in Figure 1-59.
Figure 1-59 Adding a document with Import File
After filling out the fields, click the Save button to view the imported Microsoft
Word document as shown in Figure 1-60.
Chapter 1. Features and functions
51
Figure 1-60 The imported document
Notice that we now see the name of the document and description, and through
the Lotus Workplace viewer technology, we also see a rendering of the actual
Microsoft Word document.
Click the “Back to folder” link to return to the Main Document Library, where we
now see the document listed along with its author and Last Modified date. Note
that the presence information displays for the author.
1.5.3 New
Now we look at the options for creating a new document. As shown in
Figure 1-61, clicking the New button shows the possible choices, including
Folder, View, and six document types. We now cover these in detail.
52
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-61 Options for creating a new document
New Folder
Clicking the New → Folder menu choice brings up the screen shown in
Figure 1-62.
Figure 1-62 Creating a new Document Folder
In this case, our teammate Wesley needed a folder to store his documents, so
we filled in the information and clicked OK. Note that special characters in the
Folder name are not supported; thus we could not call the folder “Wesley’s
folder.” The resulting screen (Figure 1-63) shows that the Wesley folder is
indicated by a folder icon on the left, hierarchically below the Main Document
Library.
Chapter 1. Features and functions
53
Figure 1-63 A document folder
New View
A View is a special folder that automatically shows you a related set of files. You
create a view by selecting certain parameters. Once created, a view will appear
in Document Manager as a special folder. By creating a view, all the Document
Manager documents that match your query will be displayed when a Lotus
Workplace user opens that view.
A view creation screen is shown in Figure 1-64. In this example all documents
modified during a twelve hour time period on September 28 are selected; the
Setting button is expanded to show the additional criteria fields.
54
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-64 Selecting View criteria
The resulting view is displayed in Figure 1-65. We can see the view icon
displayed in the folder listing on the left, and the one document belonging to the
view is on the right. In addition, buttons at the top of the screen allow us to edit
the view or send a link to the view.
Chapter 1. Features and functions
55
Figure 1-65 A new view called Tuesday files
New Microsoft document
If you have the corresponding Microsoft Windows® application on your
computer, you can create a .doc, .xls or .ppt document and store it in your
Document Library. In the example shown in Figure 1-66, Steve would like to
create a new presentation to share with his team. He clicks the New button and
selects Microsoft PowerPoint to bring up the Edit Document screen.
56
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-66 Creating a new PowerPoint document
He fills in the Title and Description, chooses Send a link, and then clicks the Add
button. This brings up a Directory Search: Find People dialog box, similar to that
in Figure 1-17 on page 17. He finds Michael and Voi and adds them, which
brings him back to the screen in Figure 1-66.
Steve then clicks the Open File button, which brings up the information box in
Figure 1-67. Clicking OK loads a temporary file which establishes the link
between Lotus Workplace and Microsoft PowerPoint. Steve is then placed in the
Chapter 1. Features and functions
57
PowerPoint environment, where he creates his presentation. Upon completion,
he does a File, Save and then exits PowerPoint.
Figure 1-67 Loading the Document Manager plug-in
When Steve exits PowerPoint, the red Local file modified text appears in
Figure 1-66. When he clicks OK, the file is uploaded to Lotus Workplace and he
sees the screen in Figure 1-68, which shows a rendition of the PowerPoint file.
Figure 1-68 The uploaded PowerPoint file
58
IBM Lotus Workplace Team Collaboration 2.0.1
New Document Editors document
You can also create a new document using any of the three document editors.
This is especially useful if you don’t have the Microsoft products installed on your
computer. The document editors for rich text, spreadsheets, and presentations
contain most of the basic functionality of the Microsoft products, but are provided
as part of Lotus Workplace.
In this example, Steve clicks the New button and selects “Spreadsheet Editor
file” to bring up the dialog box in Figure 1-69, where he fills out the Title,
Description, and Link information.
Figure 1-69 A new spreadsheet editor document
Chapter 1. Features and functions
59
He then clicks the Open File button to bring up the spreadsheet editor shown in
Figure 1-70.
Figure 1-70 A document being created in the Spreadsheet Editor
Steve fills out the spreadsheet, clicks the File → Save menu choice, and then
exits the editor. This brings him back to the Document Manager screen shown in
Figure 1-69, where he clicks the Save button to bring up the screen in
Figure 1-71.
60
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-71 The uploaded Spreadsheet Editor file
Document actions
Once a document has been loaded into Lotus Workplace, there are a number of
actions you can take. These are described in the following sections.
Replace
Clicking the Replace button lets you replace the existing document with another
one from your computer. When you replace a document, the existing version of
the document will no longer be available for viewing or editing. Note that the
option to replace a document is available only if the document is not locked and
does not have a pending draft.
Replace brings up the screen shown in Figure 1-72, where you click Browse to
locate a file from your computer to replace the existing one. You then would click
either the Save or Save as Draft button to copy the document from your system
into the Document Manager, replacing the current document, or the Cancel
button to cancel the operation. If you choose to cancel, changes are discarded,
and the current document is not replaced.
Chapter 1. Features and functions
61
Figure 1-72 Replacing an existing document
Edit
Clicking the Edit button brings you to the Edit Document screen in Document
Manager, similar to that in Figure 1-69 on page 59.
Lock/Unlock
Clicking the Lock or Unlock buttons changes the document state between being
reserved for you, or being available for anyone to edit. If a document is locked, a
lock symbol is added to its icon in the folder view. Even though a document is
locked, you can still copy it, download it, or send a link to it, as shown in
Figure 1-73.
62
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-73 A locked document
More Actions
Click the More Actions button to access the additional document activities
described in the following paragraphs.
Send Link
Clicking More Actions → Send Link allows you to send an e-mail message with a
link to the document to one or more people in your directory.
Copy/Move/Delete
The Copy and Move actions let you copy and move your document to another
document folder. Delete lets you delete the document.
Download
Clicking More Actions → Download allows you to copy the document to your
computer.
Convert
Clicking More Actions → Convert lets you convert a document created with one
of the document editors (Rich Text, Spreadsheet, or Presentation) to its
Microsoft equivalent. When you convert a document, the converted document
replaces the original document.
Set Access
Clicking More Actions → Set Access brings up the screen shown in Figure 1-74.
This allows you to set access roles for your document.
Chapter 1. Features and functions
63
Figure 1-74 Set Access - Resource Permissions
Furthermore, you can click the Display/Modify Owner link to bring up the new
screen shown in Figure 1-75, which allows you to change the owner of the
document.
64
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-75 Modifying a document owner
New Comment/Comments
Clicking the New Comment link allows anyone to post a text comment about the
document. After the first comment is entered, the link Comments is shown
instead, allowing anyone to view existing comments and reply to those
comments in a discussion thread; an example is shown in Figure 1-76.
Chapter 1. Features and functions
65
Figure 1-76 Comments to a document
Versions
To work with multiple versions of a document, click the Versions link. This lets
you create a version of the document and add an optional comment about it, as
shown in Figure 1-77.
Figure 1-77 Creating a document version
When you click OK, the document is labeled Version 1. You then could Edit or
Replace the document, click Versions again, and create a new version with a
different comment, which would be called Version 2. A document version listing
is shown in Figure 1-78.
66
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-78 The document version listing
Notice how Version 2 is active and Version 1 is archived. Since only one
document version can be active at one time, you can promote an earlier version
to the active version for maximum flexibility. For example, you can promote
Version 1 by clicking its link to get the screen in Figure 1-79, and then clicking the
Promote to Current Version button. A dialog box will open to ask if you want to
continue, since changes made since the latest version was created will be lost.
Click OK to make the selected document the current version, or Cancel to keep
the current version.
Figure 1-79 Promoting a document version
Chapter 1. Features and functions
67
1.5.4 More actions
You can perform more document actions by selecting one or more documents in
a folder (by clicking the check boxes next to them) and then clicking the More
Actions button. In Figure 1-80, we have checked The Numbers document and
can see our choices. These actions were covered previously in “Document
actions” on page 61 so we will not repeat the details here.
Figure 1-80 More Actions in the Document Manager
1.5.5 Folder actions
You can perform folder actions by selecting a folder on the left and clicking the
Folder Actions button. In Figure 1-81, we have highlighted the Wesley folder on
the left; three possible selections are shown in the drop-down list under the
Folder Actions button.
68
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-81 Folder Actions
Edit Folder Properties
This selection allows you to edit the folder name and description.
Send a Link to this Folder
As shown in Figure 1-82, this choice lets you select names from your directory,
and e-mail them a link to the highlighted folder.
Chapter 1. Features and functions
69
Figure 1-82 Sending a link to a folder
Set Access to this Folder
This option is similar to that described in “Set Access” on page 63, except it sets
access privileges to a folder rather than to a document.
1.5.6 Search
In the main Document Manager portlet, you can search for documents by a
number of criteria.
Clicking on the Advanced Search link brings up the screen shown in Figure 1-83.
Here you have several choices for search criteria; in this case, we are looking for
specific text within the document content and properties.
70
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-83 The Advanced Search interface
Clicking the Search button gives the result shown in Figure 1-84. We see that the
search found two documents that matched the criteria.
Figure 1-84 A Document Search result
Chapter 1. Features and functions
71
1.6 Team Spaces
Team Spaces are a major feature of the Lotus Workplace Team Collaboration
offering. They are really Lotus Workplace Applications in which Team Space
members can participate in projects and discussions, share documents, share a
team calendar, chat with other team members, and search. In this section, we
first cover the main Team Spaces page, then follow with descriptions of each
page of a Team Space. To learn more about Lotus Workplace Applications and
how to customize a Team Space, refer to Chapter 2, “Customization using
Workplace Builder” on page 103.
1.6.1 The Team Spaces page
The Team Spaces page in Lotus Workplace Team Collaboration is shown in
Figure 1-85. We see the Team Spaces portlet, along with the People Finder and
Instant Contacts portlets.
Figure 1-85 The Team Spaces page
We already covered the People Finder and Instant Contacts portlets in “Presence
and instant messaging” on page 6. In the Team Spaces portlet, we see a list of
Team Spaces as well as a number of possible actions.
72
IBM Lotus Workplace Team Collaboration 2.0.1
The team space list
In our example, there are two team spaces listed, the Alpha Atlantic Team
Project owned by Steve and The TC Team owned by Michael. Each team space
line specifies the name of the team space, a favorite designator (in this case, a
check mark next to the favorite Alpha Atlantic), the template it was created with
(we used the default Team Project template), the owner with presence indicated,
a last updated date/time and a Delete option if you have permissions. There is
also a check box to the left, which lets you select particular team spaces for
further actions.
New - Creating a new team space
Clicking the New button will create a new team space, if you have appropriate
permissions, as shown in Figure 1-86. By default, team spaces are built from the
Team Project template (templates are covered in 2.2, “Applications and
templates” on page 104).
Figure 1-86 Creating a new Team Space
Simply fill in the new team space name, select a template, type a description,
and click OK. After a short wait, you will need to fill out the properties for the
Team Task portlet (if your template contains it) shown in Figure 1-87. Following
this, your new team space will be created and you will be returned to the Team
Spaces page with the new team space added to the list.
Chapter 1. Features and functions
73
Figure 1-87 Setting the Task List parameters for a new team space
Add to/Remove from favorites
If you select a team space with the corresponding check box on the left, you can
add or remove it from your favorites. Adding a team space to your favorites will
place a check mark under the Favorites heading in the team space list, and add it
to the list of favorites displayed in the Show Favorites action.
Find Team Spaces
This action can be found on the right and above the team space list. Type a text
search string in the Find Team Spaces box and click the search icon next to it.
The team space list will then show all team spaces which have the search string
contained in the name. A Clear Results button will appear in place of the Search
icon; click it to return to the full list of team spaces.
Show
The Show drop-down box gives you the option to specify which Team Spaces
appear in the list below it: All Team Spaces, My Team Spaces, Public Team
Spaces, or Favorite Team Spaces.
1.6.2 Entering a team space
To work with a team space, simply click its name in the team spaces list on the
main Team Space page. In addition, you can access a team space directly from
a Web address. In Figure 1-88, our teammate Michael received an invitation to
join the new team space in his Lotus Workplace Mail. E-mail invitations are
74
IBM Lotus Workplace Team Collaboration 2.0.1
issued automatically to new team space members; we discuss this more in
“Members” on page 80.
Figure 1-88 An e-mail invitation to join a new Team Space
1.6.3 Team Project Home - the Task page
Our first team space page, shown in Figure 1-89, is called Team Project Home.
Chapter 1. Features and functions
75
Figure 1-89 Team Project Home page
It consists of three portlets:
򐂰 Title - Contains the name of the Team Space and a graphic (which can be
modified by an Administrator)
򐂰 Team Tasks - Allows team members to assign and prioritize tasks to other
members
򐂰 Members - Shows a list of team space members and their online status
In the following paragraphs we cover each of these portlets in more detail.
Title
If you have the Team Space Moderator role, you can click the Rename button to
edit the Name and Description of the Team Space, as shown in Figure 1-90.
76
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-90 Renaming a Team Space
Team Tasks
Team Tasks is the main functionality provided on the Team Project Home page.
It provides basic project management functions, allowing the assignment and
management of project tasks.
We can see in the Team Task portlet in Figure 1-91 that two of our team
members have already been assigned tasks.
Figure 1-91 The Team Tasks portlet
Michael’s task has a red exclamation mark to the left of it, meaning that it has not
yet been completed and the due date has passed.
You can click the New Task button to create a new task, as shown in Figure 1-92.
Chapter 1. Features and functions
77
Figure 1-92 A new Team Task, with Directory Search
In this example, we filled out the New Task dialog, then clicked “Find Person” to
assign it to someone (only Team Space members can be assigned tasks). By
typing the first few letters of Michael’s name and clicking the Search button, we
found a match. After clicking OK in the Directory Search, and then OK on the
Team Task, we have created the task shown in Figure 1-93.
78
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-93 An assigned Team Task
Notice that online presence is shown within this portlet, enabling instant
messaging in context between the assignee and assigner. Also, the following
functions are available by clicking the appropriate button:
򐂰 Complete
Click this button to indicate that you have completed the task.
򐂰 Add Comment
This allows you to add a text comment to the task.
򐂰 Edit
This button allows you to change the task name, due date, priority, assignees,
description, and comments.
򐂰 Delete
This button deletes the task from the task list.
򐂰 Done
Click the Done button to return to the Team Project Home page.
Chapter 1. Features and functions
79
Members
We also see the Members portlet, shown in Figure 1-94, on our Team Project
Home page. This lists all the team members, categorized by their Roles as either
Moderator or Contributor. These Roles have fixed definitions for this Team
Space. We cover the customization of Roles in Chapter 2, “Customization using
Workplace Builder” on page 103.
Figure 1-94 The Members portlet
Clicking the Actions button gives several choices, shown in Figure 1-95.
Figure 1-95 Actions option in the Members portlet
We now go through each of the choices in detail.
Manage members
Clicking Manage members brings up the Members portlet, shown in Figure 1-96.
This lets you invite individuals or groups to join your team space, and assign
them a role of Moderator or Contributor.
80
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-96 Managing team space members
Clicking Moderators bring up a new interface at the bottom of the screen, shown
in Figure 1-97, to manage the team space moderators.
Figure 1-97 Managing moderators
Clicking Contributors lets us manage team space contributors, shown in
Figure 1-98.
Chapter 1. Features and functions
81
Figure 1-98 Managing contributors
Clicking Add Members brings up the new screen, shown in Figure 1-99, used to
find and select people from the Directory. The process is:
1. Type a string in the Search for box and click the Search button.
2. Highlight the correct person in the Search results box, then click the Add
button.
3. Continue the process until you have the desired list of people in the Selected
names box, then click the OK button.
82
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-99 A directory search to find new team members
Clicking the Reassign button brings up the screen shown in Figure 1-100.
Figure 1-100 Reassigning a contributor
Change owner
This action choice allows you, if you have appropriate permissions, to change the
team space owner to someone else.
Cancel my membership
Choose this option if you no longer wish to access this team space.
Chapter 1. Features and functions
83
Give all Lotus Workplace users access as: Contributors
If you are the team space owner, you can easily make your team space public to
all Lotus Workplace users by choosing this option.
1.6.4 Team Calendar
The second Team Space page is the Team Calendar, where members can
create and track team events, such as Appointments and Meetings, and also
create and participate in Web Conferences. We see a typical Team Calendar in
Figure 1-101.
Figure 1-101 The Team Calendar in Team Space
Notice that the page is configurable to show different time spans; this example
shows a two week view. A one week view, with all the entry types represented, is
show in Figure 1-102.
84
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-102 A one week view of the Team Calendar
Here is a note to international users. Since Lotus Workplace is built on
WebSphere Portal, a user’s Regional Settings are respected. In the example in
Figure 1-103, we have invited Lea, a teammate in the United Kingdom, to our
Alpha Atlantic Team Space. When Lea views the Team Calendar, he sees that
his local time and date formats are respected.
Chapter 1. Features and functions
85
Figure 1-103 The calendar of a United Kingdom team member
Clicking a Calendar item leads you to the screen shown in Figure 1-104, where
you can view and edit the entry details if you are the owner, or simply view the
details if you are not.
Figure 1-104 Viewing/Editing a calendar entry
Now let us look at how to create calendar entries. There are two major types,
Entries and Web Conferences.
86
IBM Lotus Workplace Team Collaboration 2.0.1
New Entry
Click the New Entry button to create a new calendar event. The screen shown in
Figure 1-105 appears; here you fill in the details about the event. The Entry types
found in the drop-down box are Appointment, Meeting, Anniversary, Reminder
and All day event.
Figure 1-105 A new meeting for the Team Calendar
The Find Addresses button in the Who section allows you to choose invitees from
the directory. It brings up the Directory Search screen shown in Figure 1-106.
Chapter 1. Features and functions
87
Figure 1-106 Inviting people to a meeting
Notice that there are several types of invitees you can specify: Required,
Optional, and FYI.
New Web conference
Click the New Web Conference button to schedule a new Web conference. We
already covered creating new Web conferences in 1.4, “Web conferences” on
page 22.
Edit
To edit a calendar entry, click the check box to the left of the appropriate entry,
then click the Edit button. To edit a Web conference from within a team space,
you need to first click its link in the Team Calendar, then click the Web address.
This launches the Web conference details in a separate browser window, where
you can then click Edit.
Note: If you are finished and click the Go to Web Conferences List button, you
return to the Web Conferences page outside of your team space in a separate
browser window.
88
IBM Lotus Workplace Team Collaboration 2.0.1
Delete
To delete a calendar entry, click the check box to the left of the appropriate entry,
then click the Delete button.
1.6.5 Discussions
The Discussions page shows the Discussion Forums portlet illustrated in
Figure 1-107. Discussion forums are use to create threaded discussions on one
or more topics. Within each forum, team members create topics, reply to existing
topics, and reply to the replies, resulting in discussion threads.
Figure 1-107 The Discussion page with list of forums
Forums
Now we discuss each of the forum functions, which are activated with buttons
above the list of forums.
New Forum
Click the New Forum button to create a new discussion forum, as shown in
Figure 1-108. Simply fill in a name and optional description and click the OK
button.
Chapter 1. Features and functions
89
Figure 1-108 Creating a new discussion forum
Lock/Unlock Forum
Click the Lock Forum button to disallow further postings and replies. Click Unlock
to allow them again.
Delete Forum
Click the Delete Forum button to remove the forum.
Hide Descriptions
Click the Hide Descriptions button to view only the headings.
A discussion forum
Now let’s examine a particular discussion forum. You can access a discussion
forum by clicking on its active link in the list of forums, which brings up the screen
shown in Figure 1-109.
90
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-109 A discussion forum
In the Proposal forum, we see two discussion topics: Cost and Delivery.
Topics
In this section we cover the Discussion topic functions, which are activated with
buttons above the list of topics.
New Topic
Click the New Topic button to create a new discussion topic, shown in
Figure 1-110.
Figure 1-110 A new discussion topic
Chapter 1. Features and functions
91
Lock/Unlock Thread
Click the Lock Thread button to prevent users from posting additional replies to
the thread.
Delete Thread
Click the Delete Thread button to remove the entire thread (topic and replies).
Lock Forum
Click the Lock Forum button to prevent users from posting additional topics to the
forum.
Edit Forum
Click the Edit Forum button to change the name or description of the forum.
The Discussion Topic/Thread
A discussion thread, created from a discussion topic and replies to that topic, is
shown in Figure 1-111 (after Hide All has been pressed).
Figure 1-111 A discussion thread
Now we cover the discussion thread functions, which are activated with buttons
above the discussion thread.
92
IBM Lotus Workplace Team Collaboration 2.0.1
Show/Hide All
Click Show All to show the text of the entire Discussion Thread. The expanded
thread is shown in Figure 1-112.
Figure 1-112 An expanded discussion thread
Reply
Click the Reply button to reply to a discussion topic or reply.
Edit
Click the Edit button to edit your own topic or reply.
Delete
Click the Delete button to delete your own topic or reply.
Chapter 1. Features and functions
93
1.6.6 Documents
Clicking the Documents page of our Team Space shows the Document Manager
portlet. A Document Library is automatically created as part of a team space;
notice the folder in Figure 1-113 is called Alpha Atlantic Team Project, which
matches the name of our team space.
Figure 1-113 The Alpha Atlantic Team Project Document Library
The Documents functionality in team spaces is the same as on the Documents
page, described in 1.5, “Documents” on page 49, so we will not cover it in detail
here. One key difference is that the document libraries are kept separately. For
instance, from within a team space, you can only see the document library
associated with that team space. Likewise, from the Documents tab in My
Workplace, you can see document libraries created there, but not those from
within a team space, or any other application.
94
IBM Lotus Workplace Team Collaboration 2.0.1
1.6.7 Chat Room
In addition to person-to-person instant messaging, team members can
communicate among themselves in a common area, referred to as a Chat Room,
the fifth page of the default Team Space Project application. Besides engaging in
real-time chat with other users, chat room participants can view a transcript of
previous chat contributions, view archives of past chat room transcripts, and see
lists of current and past chat participants.
Figure 1-114 The Team Space Chat Room
Figure 1-114 shows our Alpha Atlantic Chat Room. An important feature of the
chat room is persistence. If Michael and Steve leave the chat room and then
return, their chat is still available, as shown in Figure 1-115.
Chapter 1. Features and functions
95
Figure 1-115 Persistence in the chat room
Another key feature is Chat Archiving. If Steve wants to archive this chat, he can
click on the Archive now button at the bottom of the screen to bring up the screen
shown in Figure 1-116.
96
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-116 Archiving a chat
Clicking on OK removes the chat from the Chat Room and we see the result in
Figure 1-117.
Chapter 1. Features and functions
97
Figure 1-117 A successful chat archive
If you want to come into the chat room later and search for text in the Chat
Archives, first click the Archives tab. Then you can type text in the Search box
and the results will be displayed as shown in Figure 1-118.
98
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 1-118 Searching for a chat archive
1.6.8 Search
The Search page, shown in Figure 1-119, provides a portlet that allows you to
search for content within the pages and portlets of a team space.
Figure 1-119 Search in team space
By entering a search string into the box and clicking the Search button, we get a
search result as shown in Figure 1-120.
Chapter 1. Features and functions
99
Figure 1-120 A Team Space Search result
100
IBM Lotus Workplace Team Collaboration 2.0.1
1.7 Search
You can search across My Workplace for text strings contained in Applications,
Documents, and Team Spaces. It is similar to the Team Space Search, except
with a broader scope. We can see that this interface, shown in Figure 1-121,
splits the search domain into Applications, Documents, Team Spaces, and
Course Catalog. (Course Catalog is only available if you have Lotus Workplace
Learning installed).
Figure 1-121 Search in Lotus Workplace
In the example in Figure 1-122, we searched all Team Spaces for the text
“proposal” and came up with four matches.
Chapter 1. Features and functions
101
Figure 1-122 A search result
102
IBM Lotus Workplace Team Collaboration 2.0.1
2
Chapter 2.
Customization using
Workplace Builder
This chapter describes the powerful features of the Workplace Builder, the
editing and customization tool that comes with Lotus Workplace Team
Collaboration. We first give an overview, discuss some terminology, then follow
with a detailed example of using the Workplace Builder to customize an
application.
© Copyright IBM Corp. 2005. All rights reserved.
103
2.1 Overview
Workplace Builder is an application assembly tool for business analysts,
application managers, and designers. It is intended for the business unit of the
enterprise that understands the business model and business processes.
Workplace Builder is designed to help the business user rapidly assemble
components into applications that revolve around a business process.
The user who creates an application becomes the default moderator and can
specify additional moderators.
The application moderator performs most of the administration tasks. The
moderator specifies whether an application is open to all authenticated users or
to application members only. In addition to specifying membership in the
application, moderators edit the names and descriptions of applications, and the
layout of pages within applications.
Application moderators can create applications from templates, as well as save
new applications as templates for reuse by other users to add value to the Lotus
Workplace platform.
2.2 Applications and templates
A Lotus Workplace Application is a collection of pages and portlets that address
a business need for a particular group of users, as shown in Figure 2-1.
Examples of workplace applications include:
򐂰 Team Spaces (included with the Lotus Team Collaboration product)
򐂰 Communities of Practice
򐂰 Project Rooms
򐂰 Sales Strategy Planning
򐂰 Customer Rapid Response Team
104
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 2-1 A Workplace application page
Workplace applications are built from templates. These workplace applications
can be distributed and managed by business users and administrators to provide
targeted functionality to specific groups of users.
Templates
A workplace application is made up of business components. A business
component is an encapsulation of a business concept or process. A workplace
includes many business components like Discussion, Team Calendar, Team Task
List, Contact List, Forms, Document Library, Search, and People Finder. We can
also add our own business components to an application, which can even
include a portlet that accesses a Lotus Domino database.
We could just deploy portlets to a page and have a Workplace Application.
However, with Lotus Workplace we now have the ability to make our applications
into templates. A template defines the workplace application, its pages, and the
application components deployed on each page, as shown in Figure 2-2. In this
way we can provide a pre-configured set of portlets and pages targeted to a
specific business task. These applications have the distinct advantage of being
able to be modified by an end user. In addition, administrators are able to control
the deployment utilizing user roles and other administrative features.
Figure 2-2 Workplace template construction
Chapter 2. Customization using Workplace Builder
105
To work with a template, you must have access to Lotus Workplace Builder, the
application for viewing and editing templates. To see the Workplace Builder link,
you must be granted the user policy “Allow users to create Workplace Templates”
in the Administrative console, as discussed in 5.5, “User policies” on page 209.
Applications
All workplace applications are based on a template. When customizing an
application you can choose to either modify the existing application or choose to
modify the template on which that application is based. An example of modifying
an existing application is you may choose to add your own component to an
existing Team Space. However if you wanted to have that modification appear
for all future Team Spaces you would modify the template and add your
component to the template. It is also possible to save an existing application as a
template.
Roles
Each workplace has members, individuals and groups who are assigned roles
that determine their access to the application. The names of workplace members
appear in the Members portlet that is displayed in every application. Generally,
application managers appear as Moderators and application users are
Contributors, or any other defined role.
Application access is determined first by the roles defined in the template, and
then by the level of access that each role permits for Workplace objects. The
Workplace objects include the template or application, its pages, and the
application components deployed on each page.
Permission to work with Workplace templates and applications is determined by
user policies, assigned template roles, and workplace membership roles.
򐂰 User policies - Provide permission at the most fundamental level for users to
work with templates and applications. Workplace Administrators set user
policies.
򐂰 Template roles - Provide permission to edit or use templates. Template roles
are assigned to users by template owners.
򐂰 Membership roles - Provide permission to work with a Workplace application.
Application owners assign member roles in a Workplace application.
Required components for templates and applications
As mentioned previously, Workplace information and membership are essential
components of every Workplace application. These components are displayed in
the information portlet and the Members portlet. Since these portlets must be
available in every template or application, they should not be deleted. The
information portlet is used to describe what the application is, and also acts as a
106
IBM Lotus Workplace Team Collaboration 2.0.1
home portlet for the application. It also contains a Rename button so a user with
the correct privileges can change the name of the application. The Membership
portlet is used to store specific access rights to this application. The size limit of a
Workplace application is set by the workplace application policy in the
administrative console for the Workplace Server. By default the size is set at
60 MB; there is also a setting within the policy to allow a warning message to be
displayed if the size of the application approaches that limit.
2.3 Accessing Workplace Builder
If you have access rights to Workplace Builder, you will be able to see an icon for
it to the left of My Favorites at the top of the screen, as seen in Figure 2-3.
Figure 2-3 Accessing Workplace Builder
When you click the Workplace Builder icon, you enter the Workplace Builder
Template Library. From the library, you can modify and customize an existing
Workplace application template or create a new template, which in turn can be
used to create and deploy customized Workplace applications. After you design
a template, you set template access so that teams within your organization can
create team-specific applications based on your template design. In Figure 2-4
we can see a list of applications and their owners (with live name status), along
with their category and date last saved.
Chapter 2. Customization using Workplace Builder
107
Figure 2-4 Workplace Builder Template Library
2.4 Using the Workplace Builder
We now describe how to use Workplace Builder to create a new Lotus
Workplace application for managers to collaborate online about sales for the
(fictitious) Widget Corp. To do this, we base the application on the Team Space
template, but add our own application components using some Domino data.
From the Workplace Template Library shown in Figure 2-4, we create a new
template by clicking the New button. The screen shown in Figure 2-5 is
displayed. It includes the following fields that must be completed:
򐂰 Template Name - The name that will represent the application; we entered
Widget Sales.
򐂰 Category - The area within Workplace that the application will be available
from, in this case Applications.
򐂰 Description - The optional description of the application.
򐂰 Starting Point - The most powerful parameter on this page. It allows you to
base an application on a previous template. In this example, we used the
Team Project template. This not only saves a lot of work, since we don’t have
to start from scratch, but also allows applications to be built upon each other
to create new applications.
108
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 2-5 A new Workplace Template
The new Widget Sales template is then created and opened, and the screen
shown in Figure 2-6 appears. Down the left side are four Builder tabs, which
allow you to configure the template.
2.4.1 The Workplace Builder tabs
We now cover the four main Workplace Builder tabs in detail.
Properties
The first tab is Properties. This is the information that was entered when the
template was created. In this case there is nothing to change.
Figure 2-6 Template properties
Chapter 2. Customization using Workplace Builder
109
Pages and Layouts
The next tab is Pages and Layouts, which has an interface you may be familiar
with from the Administration area of WebSphere Portal and Lotus Workplace.
Here we can add new pages, change the order of pages, and set the security of
pages as well as other features, as shown in Figure 2-7.
Figure 2-7 Template Pages and Layouts
We can also examine each page and place the portlets or components we want
on those pages. In this case we are going to create a new page with two pre-built
portlets, one to hold some sales information from Domino and the other to
display some contact information about our customers.
To do this, we click the New page button to get the screen shown in Figure 2-8.
110
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 2-8 Adding a new page
We fill in the title as Sales, check the box to include the My favorites designation,
and choose a page layout with two side-by-side portlets. Clicking OK brings up
the Page Content screen shown in Figure 2-9.
Figure 2-9 Page Content screen
Now we need to add the new portlets. Click the Add portlets button on the left to
bring up a list of portlets we have access to. In this case, the list is long, so we do
a search for the Widget portlets. We decide to add the Widget Sales portlet on
the left; these steps are shown in Figure 2-10.
Chapter 2. Customization using Workplace Builder
111
Figure 2-10 Locating the portlets to add to our page
To learn how to add portlets so that they appear in the list, refer to 2.6.2, “Adding
portlets, themes, and skins” on page 137.
After clicking OK, we repeat the process to find and add the Instant Contacts
portlet on the right, and our new portal page is arranged as shown in Figure 2-11.
112
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 2-11 The portlets are added
Clicking Done brings us back to the Pages and Layout screen, where we can do
some final layout work. Notice that all the components we would get as part of
the Team Project template are visible. The Widget Corp business function does
not require the Team Calender or the Chat Room, so we will remove them by
clicking the trash can icon beside those pages. In addition, the business wants
the new Sales page to be the second one in the application, so we click the up
arrow icon next to it three times to move it into the desired position. The end
result is shown in Figure 2-12.
Chapter 2. Customization using Workplace Builder
113
Figure 2-12 The new page layout
There are two additional subtabs in addition to Content for Pages and Layout:
Page Appearance and Page Locks. In the Appearance tab we can change the
page appearance for particular portlets by modifying their skins, as shown in
Figure 2-13.
Figure 2-13 Pages and Layout - Appearance
In the Locks tab, we can lock or unlock content in particular portlets, as shown in
Figure 2-14.
114
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 2-14 Pages and Layout - Locks
Parameters
After setting up the template pages with the required components and layout, we
select the Parameters tab, shown in Figure 2-15.
Chapter 2. Customization using Workplace Builder
115
Figure 2-15 The Parameters tab
Each component of a Lotus Workplace application can expose parameters. This
allows a business user to customize or further refine the application to suit a
particular business need. It is up to component developers to expose which
application components are allowed to be changed.
Notice in Figure 2-15 that the only configurable parameters for our Widget
application happen to be in the Team Task portlet. We would like to allow
modification of the Description field. To do so, we simply click the Description link
and make the appropriate changes. In this case we checked the “Allow property
to be edited” box, as shown in Figure 2-16.
116
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 2-16 Customizing a parameter
After clicking OK, we see that the parameters have been changed, as shown in
Figure 2-17.
Figure 2-17 The new parameter values
This method can give the business user the ability to customize an application to
suit different needs without the need to change any underlying code. When
developing components intended to be used with Workplace Builder this should
always be a consideration.
Chapter 2. Customization using Workplace Builder
117
Roles
Now we click the Roles tab; the opening screen is shown in Figure 2-18.
Figure 2-18 The Roles tab
Roles allow an application designer to add specific access levels to an
application. In our Widget Corp. example, we want to add a role called Task
Manager. Persons assigned to that role will be able to manage all tasks within
this application. We click the New button to create the new Task Manager role, as
shown in Figure 2-19.
118
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 2-19 Creating a new role
We click the drop-down box next to Team Task List and change the access from
Reader to Administrator. Thus we are giving members of this role manager or
Administration access over all team tasks so they can be created, edited, or
deleted as appropriate. Clicking OK will show that our new role has been added
to the list.
Chapter 2. Customization using Workplace Builder
119
Figure 2-20 The new role displayed
2.4.2 Deploying the template
Now that we have finished with the Workplace Builder tabs, we need to deploy
the template.
Preview
At this point, it is advisable to preview the template. At the top of the screen we
can click the Preview button to see what the application will look like when it is
completed. A preview of our new Widget Sales template is shown in Figure 2-21.
Figure 2-21 A preview of Widget Sales
120
IBM Lotus Workplace Team Collaboration 2.0.1
Notice the differences from the original Team Space Project template. Our
customizations for removing Team Calendar and Chat Room pages, and adding
the Sales page, have taken effect. Figure 2-22 shows the new Sales page we
created, complete with Domino application and contacts portlets.
Figure 2-22 Preview of the new Sales page
Pre-populating data
Another subtle but powerful deployment feature is that data can be pre-populated
into the application. Suppose we want to create separate Widget Sales
applications from our template for each one of our sales regions. The sales VP
wants a consistent view of each region’s discussions. When our template is in
preview mode, we can simply enter some default discussion forums, shown in
Figure 2-23, and that data will be saved as part of the template.
Chapter 2. Customization using Workplace Builder
121
Figure 2-23 Default discussion forums for our template
We have now completed previewing the template, so we click the Done
Previewing button in the upper left, followed by the Save and Close button. This
returns us to the list of templates, which now includes our new template.
Figure 2-24 The Template Library with our new template added
122
IBM Lotus Workplace Team Collaboration 2.0.1
Deploying the template as an application
Now that our template has been defined, it can be deployed as a real application.
We click back to My Workplace, and then to the Application page. Remember
that we set the template category to Application; this causes it to be listed as a
new application here. Clicking the New button displays the Application dialog,
where we see that Widget Sales is displayed as one of the templates.
Figure 2-25 Creating an application from our template
In this example, we create an application for the Northeast region, fill in the fields
appropriately, and click OK. This brings up an additional screen to set any
components we would like. These are the parameters that we made editable
previously; they are being displayed at application creation time to give us the
opportunity to further refine the template, as shown in Figure 2-26.
Chapter 2. Customization using Workplace Builder
123
Figure 2-26 Application component properties
After clicking OK here, our application is complete for the Northeast sales region.
We would go through a similar process to create applications for additional
regions, and the resulting Applications page might look similar to that in
Figure 2-27. To use an application, we simply click its name.
124
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 2-27 Our completed Sales Territory applications
Editing the application
When using their new applications, the Widget Corp. users might decide that
they want certain application components changed. For example, in the
Northeast region, the Sales Manager thinks it might be more useful to see a
sales report to the right of the sales information on the Sales page. To achieve
this, we simply click the Edit button at the top of the screen in Figure 2-28, which
launches Workplace Builder into edit mode for the current application.
Chapter 2. Customization using Workplace Builder
125
Figure 2-28 Ready to edit our application
Once the application is in edit mode, the tab layout should be familiar, since it is
very similar to that used for creating a new template, as seen in Figure 2-29.
Figure 2-29 The application editor
126
IBM Lotus Workplace Team Collaboration 2.0.1
There are a couple of modifications that we would like to make. First, notice that
the Properties tab on the left now has two tabs: Applications and Component.
Click the Component tab. On the resulting screen, shown in Figure 2-30, it is
possible to edit the properties of the Team Task portlet.
Figure 2-30 Editing the Team Task component of a team space
We now click the Edit button to bring up the screen in Figure 2-31, where we
have decided to sort the Team Tasks in Task order instead of Status order.
Figure 2-31 Changing the default sort column of the Team Task component
Clicking OK brings us back to the Component tab of Properties, and the change
is made.
Now we would like make another change: remove the Instant Contact portlet and
replace it with a PDF viewer portlet which shows our sales report. To do this, we
Chapter 2. Customization using Workplace Builder
127
click the Pages and Layouts tab and then click the pencil icon to add the new
portlet to the page, as shown in Figure 2-32.
Figure 2-32 Editing the layout of the Sales page
Clicking Done here followed by Done in the Editor brings us back to the Sales
page of the Widget Sales Northeast application, where the change is
immediately available to application users, as shown in Figure 2-33.
128
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 2-33 Our edited application with the new portlet
Re-using an application to create new applications
Suppose the Widget Corp. Northeast application is so popular with users that
management wishes to standardize on it. Similar to using a template, it is
possible to use actual applications to become the basis for creating new
applications.
The procedure for this is simply to edit the existing application and export it as a
new template. For example, in Figure 2-34 we see the result of clicking the Edit
button on the Widget Sales Northeast application, which brings us to the
Properties tab of Workplace Builder.
Chapter 2. Customization using Workplace Builder
129
Figure 2-34 Creating a new Template from an Application
Clicking the Export as a New Template button, we see the Export screen in
Figure 2-35, which prompts for name, category, description, and theme (it is
possible here to assign ownership of the new template to someone else as well).
Once you click OK, the new template is created and will show up in the Template
Library list.
Figure 2-35 Filling out the new template properties
130
IBM Lotus Workplace Team Collaboration 2.0.1
Modifying themes and skins
Themes and skins are IBM WebSphere Portal features that are also available in
Lotus Workplace. A theme defines the style of the pages of a Lotus Workplace
application. Style elements include fonts, color, and images. Themes are Java™
Server Pages (JSPs) which determine the style of portal elements, which can
include the toolbar, banner, place bar, page bar, and screen. You select the
theme, which is specified by the template, from a list of themes provided by Lotus
Workplace Team Collaboration. All pages of the application display with the
chosen theme.
Skins represent the border rendering around components, such as row
containers, column containers, or portlets.
Themes
In our Widget Corp. example, remember that we standardized the regional Sales
applications on the Widget Sales Northeast template. However, the Southwest
Sales manager would like to change just the appearance (not the content) of his
template to differentiate it for his team; in other words, change the application
theme. To do this, we click on this particular application in the list on the
Applications page, which brings up the Widget Sales Southwest application
shown in Figure 2-36.
Figure 2-36 The Widget Sales Southwest application
We click the Edit button under the blue My Workplace button to bring up the
Workplace Builder again. In the Properties tab, we click the Edit button under the
blue Application tab on the right to bring up the Edit Application Properties
screen. Clicking the drop-down arrow under Theme, shown in Figure 2-36, we
Chapter 2. Customization using Workplace Builder
131
find a southwestern theme that our corporate graphics department had already
developed for a portal application.
Figure 2-37 Changing the application theme
After clicking OK, then clicking Done on the main Builder screen, we are returned
to the application, which sports a fresh southwestern look, as shown in
Figure 2-38.
Figure 2-38 Our new southwestern theme
132
IBM Lotus Workplace Team Collaboration 2.0.1
Skins
To modify the appearance of certain components or portlets, we could change
the portlet skin. We do not go through a complete example here, but the process
is straightforward.
First, we click the Pages and Layout tab of the Builder Application Editor, shown
in Figure 2-39.
Figure 2-39 The Pages and Layouts tab
We then click the pencil icon to the right of Team Project Home to edit this page.
Clicking the Appearance tab brings up the screen in Figure 2-40.
Figure 2-40 Changing a portlet skin
Chapter 2. Customization using Workplace Builder
133
We can then change the skin for any of the portlets on this page.
Tip: Visit the IBM Developerworks site for a tutorial based on the Workplace
Builder material you just read about at:
http://www-106.ibm.com/developerworks/edu/i-dw-ls-wrkpblder-i.html?S
_TACT=1234&S_CMP=abcd
2.5 Editing an existing template
From the Workplace Template Library, we can also modify an existing template.
This is accomplished by clicking on one or more of the icons to the right of a
particular template in the list. We now go through each of these in detail.
Viewing and editing a template
To customize a template or view details about it, click the template name. This
launches the Template Editor, which provides tools for you to customize a
template.
Setting template roles
As you customize a template, you need to decide who can create applications
based on this template, and who can modify all or parts of the template.
Template roles refine the access granted through the Workplace user policy.
Click the key icon to set the template roles through the screen shown in
Figure 2-41.
Figure 2-41 Template Roles screen
Change Owner
Click the Change Owner button to bring up a Directory Search box which allows
you to choose a name from the directory to become the new template owner.
134
IBM Lotus Workplace Team Collaboration 2.0.1
Template Roles
Click either the Template Editors link or the Template Users link to bring up a list
of names assigned to each. In Figure 2-42 we have clicked Template Users to
see the list of names authorized to create new applications from this template.
Figure 2-42 Adding a Template User
In addition to Phil, we would like to add Michael, so we click the Add button to
bring up the Directory Search dialog. We then search for Michael in the directory
and add him. Clicking OK in the directory dialog and Done in the Template Users
screen adds him to the list of template users.
Close Template Roles
Click the Close Template Roles button to return to the Template Library.
Chapter 2. Customization using Workplace Builder
135
Exporting a template
After you customize a template, you can export it as an XML file. Click the export
icon to the right of the template listing to bring up a File Download box, which
allows you to pick a filename and path to save the file to a local disk. Once a
template is saved as an XML file, it will be available for use by others.
Deleting a template
Deleting a template permanently removes it from the template list. You must be
the template owner or a Workplace administrator to delete a template. Click the
delete icon to the right of the template listing to delete and confirm this action.
2.6 Other customizations
In this section we briefly mention some other customization steps that are
possible.
2.6.1 Login page
To customize the Login page, you can modify the Login.jsp file on your
Workplace server in Directory\WebSphere\AppServer\installedApps\servername
\wps.ear\wps.war\screens\html. Note that there are several instances of
Login.jsp on the server, but this is the only one you need to change for
modification of the initial Login page for Lotus Workplace.
Once you locate and open the file, you can use basic HTML to modify the
welcome page. In the example in Figure 2-43, we have changed the graphic for
the Login page; compare this to the default login page in Figure 1-2 on page 5.
Figure 2-43 A customized login page
136
IBM Lotus Workplace Team Collaboration 2.0.1
2.6.2 Adding portlets, themes, and skins
We have seen earlier in this chapter that it is possible to customize a team space
by adding portlets and using new themes and skins. Here we show you how to
add these new elements to your Lotus Workplace environment to make them
available to business users for customization using the Workplace Builder.
To add a portlet to Workplace, you first need to enter the Administration area by
clicking the gray Administration tab at the top of the screen in the main Lotus
Workplace environment, as seen in Figure 2-44.
Figure 2-44 Entering the Administration area
You are presented with a tabbed interface similar to that in Workplace Builder.
Simply click Portlets, then Install to get the screen shown in Figure 2-45. Follow
the prompts to install portlets, which will subsequently become available in
Workplace Builder.
Chapter 2. Customization using Workplace Builder
137
Figure 2-45 Installing Portlets
Use a similar process to install Themes and Skins. Click Portal User Interface,
then Themes and Skins to get the screen shown in Figure 2-46.
Figure 2-46 Installing Themes and Skins
Click Add new theme or Add new skin and follow the prompts to install your new
theme or skin.
For complete details on creating and using Domino portlets see the redbook,
Portalizing Domino Applications for WebSphere Portal, SG24-7004.
138
IBM Lotus Workplace Team Collaboration 2.0.1
2.6.3 Customizing your LDAP Directory for Lotus Workplace
Refer to an excellent article about this topic on the developerWorks® Lotus Web
site at http://www.ibm.com/developerworks/lotus/library/lwp-users/. The
article walks you through the tasks of extending your LDAP schema, mapping
new attributes with WebSphere Member Manager, and adding attributes to the
People Finder portlet, which is an important component of Lotus Workplace
Team Collaboration.
Chapter 2. Customization using Workplace Builder
139
140
IBM Lotus Workplace Team Collaboration 2.0.1
3
Chapter 3.
Product architecture
In this chapter we provide a high-level view of the architecture of Lotus
Workplace and discuss specific architectural components of Team Collaboration.
This should give a broad understanding of how the architectural elements are
related and how the different layers work together to form the Lotus Workplace
platform.
We first take a look at the architectural elements that comprise Lotus Workplace
2.0.1. Lotus Workplace is built upon solid foundations—the WebSphere Portal
and the WebSphere Application server—and all are built to open standards that
come together to make a powerful platform.
Then we discuss the pieces of that architecture that are specific to Team
Collaboration. There are some new components and server processes that come
together to allow real time collaboration to take place. These new components,
like the SIP container, are a major focus of this chapter.
© Copyright IBM Corp. 2005. All rights reserved.
141
3.1 Architectural overview of Lotus Workplace 2.0.1
This section describes the overall architecture, upon which all of the Lotus
Workplace products are built. It is not intended to be a comprehensive and
detailed review of the Lotus Workplace architecture, but rather a high-level
summary of the key technologies involved, and their various relationships.
Overall, the Lotus Workplace architecture is built on the concept of Workplace
application components, leveraging Workplace services, that run on top of Portal
services. All of the Workplace components share a common base infrastructure
of IBM WebSphere Application Server, WebSphere Portal, directory services,
and a relational data store.
Figure 3-1 Conceptual Lotus Workplace architecture
3.1.1 Infrastructure architecture
There are three basic architectural elements that make up Lotus Workplace:
WebSphere Application Server, WebSphere Portal, and Lotus Workplace
Server. There are also supporting architectural elements like a Relational
Database, LDAP servers, and HTTP Servers, but the following components
represent the core architecture:
򐂰 WebSphere Application Server
The WebSphere Application Server is the foundation on which all the other
services and components are built.
142
IBM Lotus Workplace Team Collaboration 2.0.1
򐂰 WebSphere Portal
WebSphere Portal provides a foundation for the services and components
used by Workplace. Most importantly, most of the Lotus Workplace
components run within WebSphere Portal.
򐂰 Lotus Workplace Server
Provides components that handle messaging and scheduling requirements of
the Workplace solution. As mentioned previously, the bulk of Workplace
services run within the WebSphere Portal.
Note: This logical infrastructure can be seen when starting a Lotus Workplace
Server. Following are the server names and what they represent:
򐂰 server1 = WebSphere Application Server
򐂰 WebSphere_Portal = WebSphere Portal server
򐂰 LotusWorkplace_Server = Lotus Workplace server
WebSphere Application Server
The WebSphere Application Server is the foundation on which all the J2EE code
which makes up Lotus Workplace runs. Multiple Java “application server”
processes are started using WebSphere Application Server capabilities.
The WebSphere Application Server provides the framework for services and
components that are essential to any J2EE application. These frameworks and
containers include:
򐂰 EJB Container
򐂰 Web Container
򐂰 Java Virtual Machine (JVM)
There are many more; however, the important point is that WebSphere
Application Server provides many components that are the footing for Portal and
Workplace.
“server1” is the default application server installed with WebSphere Application
Server. It is important to note that there is no dependency in Workplace Team
Collaboration or Portal that requires the server1 instance to run after the
installation and configuration steps are done.
Important: If an environment is going to support the Workplace rich client,
then server1 must be run. Keep in mind, however, that you don’t have to run
server1 when all users connect to your Lotus Workplace environment via
browser only.
Chapter 3. Product architecture
143
The default WebSphere Administration Console also runs in server1 on port
9090 and port 9043 (SSL). However, Workplace and Portal leverage an
application-specific admin console that runs under the WebSphere_Portal server
on port 9091 and port 9044 (SSL). More detailed information on Workplace
administration and server admin consoles is in Chapter 5, “Team Collaboration
administration” on page 187.
WebSphere Portal
The WebSphere Portal server actually runs many parts of the Lotus Workplace
product. The list of services that run here includes most of the Workplace
messaging, team collaboration, collaborative learning, and document
management services.
The Lotus Workplace user interface runs within WebSphere Portal and is built of
the various Workplace portlets which make up the Workplace UI. Most users
interact with Workplace via the Portal server, and do not directly interact with the
other “servers.”
The WebSphere Portal server also hosts many of the Workplace components or
enterprise applications. Each of the Lotus Workplace enterprise applications
(designated by the .ear extension) is composed of portlets: a presentation layer
that directs the display to users, as well as Enterprise Java Beans (EJBs) that
are responsible either for containing the business logic or connecting to another
system that does contain the business logic. These EJBs are the services that
Workplace provides.
It is also important for Lotus Workplace Administrators and installers to be aware
of other critical services WebSphere Portal provides for Team Collaboration.
These services are especially important when you need to trace to the root of a
problem. For example, if there is a user registry problem you may need to consult
WebSphere Member Manager (WMM) to find where this service is running.
The key services include;
򐂰 Portlet Container and API
򐂰 WebSphere Member Manager (WMM)
򐂰 Portal Document Manager (PDM)
򐂰 WebSphere Portal Content Publisher (wept)
Lotus Workplace Server
The Lotus Workplace Server contains mostly the Workplace protocol elements
and admin functions of the Lotus Workplace platform. The bulk of the actual
Lotus Workplace “services” run within the WebSphere_Portal server Java
process.
144
IBM Lotus Workplace Team Collaboration 2.0.1
It is important to note that for the most part interaction with the services in Lotus
Workplace Server occurs through requests that come from the portlets running in
the WebSphere Portal. However, users accessing just the Lotus Workplace
Messaging capabilities via a standard POP3/IMAP client interact directly with this
server. Additionally, this server handles incoming and outgoing SMTP traffic
directly, and handles instant messaging traffic directly as well.
The Lotus Workplace Server JVM runs the Task Scheduler service (or actually
the Workplace Scheduler that invokes Portal Scheduler service) and includes
some functions of the Messaging component such as the MTA interfaces, the
PKI Framework, and JAX MBean support. When the LotusWorkplace_Server is
started it makes native calls to start an additional JVM that runs the SIP Proxy
(SLSP). The interface to start the SIP proxy container is to load the Lotus
Workplace Server; once loaded, it is its own process with only a parent process
ID relationship to the Lotus Workplace Server instance.
For Team Collaboration, one of the most important components that runs on the
Lotus Workplace Server is the Stateless SIP Proxy (SLSP). The SLSP is built on
the Workplace channel framework. The reason that the SLSP needs to start its
own JVM in the 2.0.1 version is that it is based on parts of the JAVA SDK that are
not available in the 1.3 JVM provided by the WebSphere Application Server.
More information on SIP proxy can be found in 3.2.2, “Components of the Team
Collaboration infrastructure” on page 150.
Other architectural elements
As mentioned at the beginning of this section, there are other equally important
components that make up the Workplace platform. These are predominately
HTTP services and back-end components.
HTTP
The HTTP server receives the HTTP and HTTPS requests originated by browser
clients from the network dispatcher and routes them to the protocol services on a
Lotus Workplace server, and also routes requests to the Portal server.
The HTTP server can be co-located with other components or installed on a
separate computer. In clustered environments, you might set up multiple HTTP
servers to receive connections from a network dispatcher. Each HTTP server, in
turn, would then distribute new requests across a cluster of Lotus Workplace
servers. You can use an Edge Server to distribute incoming requests to HTTP
servers and SIP Proxies. In a cluster deployment, the administrator specifies the
address and port number of the network dispatcher as the Team Collaboration
cell-wide cluster listening address and port. Rich clients use this address to
connect to the SIP proxy.
Chapter 3. Product architecture
145
RDBMS and LDAP
IBM DB2®, Oracle, and Cloudscape™ provide data services to the Lotus
Workplace infrastructure and host the key Lotus Workplace databases.
Persistent storage of Team Spaces data, the data for the Team Collaboration
applications, and all of the applications in Workplace, is stored in the database
server configured at install time. Generally, this will include several databases.
As described in the Lotus Workplace 2.0.1 Products Deployment Guide,
SG24-6378, Workplace will create databases named WPS50, WPCP50,
NAGANO, LWPCOM and LWPARC. While it is beyond the scope of this
document to go into great detail about the database schemas, it is important to
note that various components of the Workplace and even the Team
Collaboration infrastructure write data to different databases using different
mechanisms. For example, skins and themes storage takes place in the WPS50
database. The main function of the NAGANO tables is to store mail, and in the
case of Team Collaboration only servers, team calendar data. The LWPCOM
database is storage for membership data that is needed to tie users to places
and applications. The LWPARC database does not store significant data in a
Team Collaboration installation because it is used mainly for Messaging to
archive mail.
An LDAP server handles all authentication and user registry capabilities in a
Lotus Workplace infrastructure. WebSphere Member Manager capabilities are
also leveraged behind the scenes by Lotus Workplace, working closely with the
LDAP server to provide a complete view of user data.
3.1.2 Lotus Workplace JVMs and containers
This section provides a bit more detail on the distribution of the Workplace
components across the WebSphere Application Server, WebSphere Portal, and
Lotus Workplace Server.
One of the first questions that comes up when describing the architecture of any
application is, where do the different pieces actually execute? In a J2EE world
these pieces are run in something called a container. Containers are a logical
construction that allows for common management and administration.
Containers viewed as objects, either as data structures or parts of a pattern, also
provide programmers and designers with effective standard interfaces that
provide services at higher level APIs, which provide both consistency in services
and increased code stability and reusability.
There are several containers that are active and managed in a Workplace 2.0.1
environment and there can be multiple instances of the same type of container
running in different spaces.
146
IBM Lotus Workplace Team Collaboration 2.0.1
Important: As a general rule, in a Workplace environment you will have the
bulk of the services executing under the Portal Server instance with the
Workplace Server providing a container for the protocol services.
3.1.3 The file system artifacts
When you install the Lotus Workplace Server there are several paths that have to
be filled out in the configuration as well as several paths that are assumed.
Table 3-1 presents a list of the file system locations of most of the important files
followed by a short description of what they are in a Workplace 2.0.1
environment. We used d: for the drive designation in our table, but of course the
drive letter depends on your own implementation.
Table 3-1 Important paths in Workplace 2.0.1
PATH
Use
d:\WebSphere\AppServer
(WAS_HOME)
Install directory structure for the Application Server product
and additional applications that are installed on it.
d:\WebSphere\PortalServer (WPS_HOME)
Install directory structure for the Portal product, supporting
files and whatever applications are installed into it through
the portal admin user interface.
d:\WebSphere\WorkplaceServer
(LWP_HOME)
Install directory structure for the Workplace product,
supporting files and applications installed on it.
d:\WorkplaceServer
Created at install and not used at run time.
<WAS_HOME>\config\cells\<cell name>
Config directories for all the applications installed under the
appserver (including applications that run under the Portal
server). These are the runtime configuration files that get
updated when using the WAS admin console.
<WPS_HOME>\config
Config scripts for doing the install and configuration steps of
Portal. This also has subdirectories for templates and
helpers, such as files that get used for special operations like
enabling security and db transfers, which can keep the
manual editing of the wpconfig.properties file to a minimum.
<LWP_HOME>\config
Configuration scripts, templates, and helpers for
Workplace-specific tasks such as adding Web conferences
and team spaces.
<WAS_HOME>\installedApps\<nodeName> All the Enterprise Archive (EAR) directories that represent
an enterprise application that is installed on WAS.
Chapter 3. Product architecture
147
PATH
Use
<WPS_HOME>\installedApps
All Portal applications that are installed as portlets through
the Portal admin UI, which will generate ear structure for
them. These tend to be instances of applications that are
mainly presentation in nature and are portlet-based (as
opposed to ejb-based).
<WAS_HOME>\logs
Log directory structure for the App Server. This also has logs
in it for the Lotus Workplace Server and SIP container, but
is not the primary log location for the WebSphere_Portal
server instance.
<WPS_HOME>\log
Log structure for the WebSphere_Portal server instance.
Table 3-1 gives a general idea of where many of the files “live” on the file system,
and Figure 3-2 shows something of how this is organized from a run-time
perspective. Keep in mind, that this is subject to change in future releases;
however, as of 2.0.1 this structure is accurate.
Figure 3-2 Sample of file system locations of runtime parts of Workplace 2.0.1
While Figure 3-2 is only representative of the files included as part of the
Workplace 2.0.1 install, it is intended to illustrate some of the major installation
paths so that it will be easier for administrators to quickly find relevant
configuration files for troubleshooting.
148
IBM Lotus Workplace Team Collaboration 2.0.1
One thing to keep in mind is that the configuration files located with the binaries
are for the most part used during the install or deployment. The runtime
configuration files are located in the <WAS_HOME>\config directory.
3.2 Lotus Workplace Team Collaboration architecture
IBM Lotus Workplace Team Collaboration provides instant messaging, presence
and awareness, and Web conference capabilities that enable users to share
information in real time. To support these activities, Lotus Workplace uses a
team collaboration infrastructure that is built on Internet standard protocols,
including TCP, HTTP, SSL/TLS, SIP, and SIMPLE.
Note: This section refers in several places to the concept of a “cell.” The
precise definition of a cell is provided in the Administration chapter. For now,
let’s define cell as a grouping of Workplace nodes into a single administrative
domain.
Figure 3-3 represents the high-level architecture of Lotus Workplace Team
Collaboration.
Figure 3-3 High-level Team Collaboration architecture
3.2.1 SIP and SIMPLE
Web conferences, presence, and instant messaging involve real-time,
synchronous communication. To provide users with this capability, Lotus
Workplace Team Collaboration uses the Internet standard Session Initiation
Protocol (SIP) and SIP for Instant Messaging and Presence Leveraging
Chapter 3. Product architecture
149
Extensions (SIMPLE). SIP, defined in RFC 3261, is an Internet standard control
protocol that provides application-layer signaling used for creating and
maintaining interactive, multimedia sessions in an IP network. SIP also provides
call routing functions, processing requests for name resolution and user location,
and conveying messages between parties. SIP is fully bi-directional and enables
clients and servers to initiate both requests and responses. SIMPLE extends the
basic session maintenance and call routing features of SIP to provide online
status information and instant messaging.
3.2.2 Components of the Team Collaboration infrastructure
A deployment of Lotus Workplace Team Collaboration includes the components
described in this section.
Clients
Team collaboration activities are available from browser clients and the Lotus
Workplace rich client (officially named IBM Workplace Client Technology - Rich
Edition). Lotus Workplace users can access chat and presence from either a
browser client or a rich client. Only browser clients have access to Web
Conferencing and full Team Collaboration functionality.
Team Collaboration protocol services
The Team Collaboration service provides a set of protocol ports and services
that handle network input and output for chat, presence, and Web conference
connections from browsers and rich clients. Each protocol service receives and
processes incoming messages and then forwards them to next-layer protocol
services. As a client request moves from layer to layer, the service at each layer
creates an instance of a protocol channel that links to the next layer service for
processing the request. For efficiency, each channel instance can multiplex
requests received from adjacent interfaces.
You can enable services to support the following communications channels in
Lotus Workplace:
򐂰 TCP: Required for all Team Collaboration services. Receives and processes
incoming TCP traffic from browsers and rich clients. Browser traffic is then
forwarded to the HTTP service, while rich client traffic is forwarded to the SIP
proxy. Encrypted traffic is first sent to the SSL service. Rich clients send
messages in SIP format, so that no conversion is required. Rich client traffic
is received at a TCP or SSL port and routed directly to the SIP proxy.
򐂰 SSL: Required to support Team Collaboration services over HTTPS for
browser clients and SIPS for rich clients. Receives and processes encrypted
traffic from the TCP service before forwarding it as HTTPS traffic and SIPS
traffic to the HTTP service and SIP proxy, respectively.
150
IBM Lotus Workplace Team Collaboration 2.0.1
򐂰 HTTP: Required to support Team Collaboration services for browser clients.
Receives and processes traffic from the TCP or SSL service and forwards it
to the HTTP tunnel service.
򐂰 HTTP tunnel: Required to support Team Collaboration services for browser
clients. Encapsulates HTTP traffic for Web conferences, presence, or instant
messaging activities, and forwards it to the Meetings service or People Links
service. HTTP tunneling simulates a persistent socket connection to the
channels above it. It is designed to work through HTTP-only firewalls.
򐂰 Meetings: Required to support Web conference services for browser clients.
Receives and processes Web conference traffic from the HTTP tunnel
service, converts client requests into SIP messages, and forwards them to
the SIP stack, which then routes them to the SIP proxy.
4. People Links: Required to support presence and instant messaging services
for browser clients. Receives and processes presence and chat traffic from
the HTTP tunnel service, converts client requests into SIP messages, and
forwards them to the SIP stack, which then routes them to the SIP proxy.
SIP proxy service
The Lotus Workplace SIP container can support high message rates on
incoming connections, but it allows only a limited number of physical
connections. To support a high number of physical connections from clients,
Lotus Workplace Team Collaboration installs a stateless SIP proxy. The SIP
proxy is considered stateless because it performs minimal logical processing of
incoming SIP messages, and multiplexes and forwards inbound connections
from multiple SIP clients into a single physical connection to the SIP container.
The SIP proxy (also referred to as SLSP - Stateless SIP Proxy) listens for
incoming SIP connections on the SIP and SIPS ports. SIP requests can originate
from SIP applications on a rich client, or they might be browser requests that are
forwarded to the proxy after processing by HTTP, People Links, or other protocol
services. When the SIP proxy receives a request, it allocates the physical
resources for the connection, and then forwards the request to one of a small
cluster of SIP containers. Each proxy has thousands of sockets available to
receive connection requests. Using the SIP proxy to manage connection
resources improves performance by enabling the SIP containers to focus on
processing SIP messages. SIP containers do not have to manage the network
resources needed to communicate directly with clients because these
connection resources are managed by the proxies.
The SIP proxy also handles responses from the SIP container. When the proxy
receives an outbound response from a SIP container, it returns the response
directly to the originating client; or, if the client resides outside the current cell,
Chapter 3. Product architecture
151
routes the response to a SIP agent in the remote domain, as specified by the SIP
outbound connections settings.
When the stateless SIP proxy starts, it reads the cell configuration to determine
the location of the SIP containers, and then establishes persistent TCP
connections to them. Each SIP proxy in the cell establishes a connection to
every SIP container in the cluster. You can cluster the SIP proxies in a cell to add
a level of redundancy.
To preserve session status data for chat and Web conferences, the SIP proxy
maintains the affinity between a SIP container and its client endpoints for the
duration of a session. Thus, after a SIP proxy determines the SIP container to
which it must route messages for a given recipient URI, it continues to route all
messages for this URI to the same SIP container until the session ends.
SIP container
The SIP container is a stateful server that runs on WebSphere Portal. The server
is considered stateful because it keeps track of the state of transactions in the
context of a session. The SIP container receives messages from the SIP proxy
server, manages the logical progress of SIP sessions, responds directly to basic
SIP requests, and routes outgoing SIP messages to the SIP proxy.
Processing certain SIP messages requires the SIP container to interact with
other components on the server. When information from another component is
required to respond to a SIP request, the SIP container passes the request to a
servlet API. These SIP servlets, known as siplets, interact with the presence
server and other back-end components to provide many of the functions required
to support team collaboration.
The SIP container interacts with siplets that provide the following services:
1. Instant Messaging: Processes instant messaging requests and routes
messages to recipients.
2. Session management: Manages users and communications in Web
conferences and in chat sessions among multiple users. The session
management component communicates with the presence server to provide
users participating in an online event with the status of other participants. The
session manager updates the event's presence document each time a user
joins or leaves. It also provides the list of conference participants to the
instant messaging service and routes messages from participants to the
instant messaging service.
3. Subscribe and publish: Interacts with the presence server to provide
presence features such as the ability to create and update subscription lists
that make users' online status information available. When a user logs in, the
client sends a publish request that indicates that the user is online and
152
IBM Lotus Workplace Team Collaboration 2.0.1
available to chat. Users who want to be informed when the status of another
user changes submit subscription requests. When the server detects a status
change for a user, it notifies anyone who is subscribed to that user's status
information.
4. Registration: Processes registration requests from SIP clients and updates
information on the presence server. The SIP registry provides information in
response to requests for where to route messages. When a user logs into
instant messaging, the SIP registry creates a record in its database that pairs
the user's SIP addresses, or URI, with information on their location.
Whenever one user initiates a chat with another, the server retrieves the
recipient's contact information from the database, so that even when a cell
contains multiple SIP containers, messages can be directed to the user. The
person initiating a chat session does not have to know the IP address or host
name of the recipient.
Presence service
The Team Collaboration service includes a presence service, which runs on
WebSphere Portal and maintains online status information for each user and
Web conference, and tracks requests to subscribe to information about other
users' online status.
The presence server retrieves public group information and updates from the
WebSphere Member Manager (WMM). Each user and public group is
represented as a SIP URI (e-mail addresses). The presence server periodically
checks for changes to the group content.
Another concept that is important to note about the Workplace browser
experience is that the page will usually have some elements that continue to run
while on the page, versus being a static page that is only evaluated once. For
example, the presence service is provided by an applet that loads when you
enter the page. When you log off of IM the PeopleLinks (PL) applet logs you out
of that service; however, the applet continues to run so that it can log you back in
should you chose to do that. Of course, when you are logged in on IM the PL
applet is what provides awareness to each of the live names that appear on the
screen.
People Links and the Light Chat Client also utilize a technology known as Blocks
Extensible Exchange Protocol or BEEP to pass and receive messages about
status. Diagnostic messages are printed to the Java console when using the
People Links applet; however, as you may notice, the chat window is an html
representation of a portlet instead of a Java applet. This is useful to know in
understanding some of the interactions that happen.
For example, when chatting with somebody, this window is tied to the rest of the
portal through the server alone. So, when a user changes status, the People
Chapter 3. Product architecture
153
Links applet can see it. However, if the user navigates away from the portal
window in the main browser session and still has a chat up then the chat window
will continue to be active and provide presence until it’s closed. It can be closed
and will effectively sign out of the portal without additional notification.
154
IBM Lotus Workplace Team Collaboration 2.0.1
4
Chapter 4.
Deployment considerations
This chapter discusses some typical deployment scenarios based on pilot/small
production environments. For detailed installation instructions for IBM Lotus
Workplace 2.0.1 refer to the Lotus Workplace 2.0.1 Products Deployment Guide,
SG24-6378. http://www.redbooks.ibm.com/abstracts/sg246378.html
This chapter describes the following:
򐂰 Deploying stand-alone Team Collaboration
򐂰 Deploying Team Collaboration within an existing portal environment
򐂰 Deploying in an extranet scenario
򐂰 Team Collaboration post-installation configuration
© Copyright IBM Corp. 2005. All rights reserved.
155
4.1 Deploying stand-alone Team Collaboration
Installation of stand-alone Team Collaboration is very similar to the installation of
the full Lotus Workplace as documented in Lotus Workplace 2.0.1 Products
Deployment Guide, SG24-6378.
http://www.redbooks.ibm.com/abstracts/sg246378.html
Note: Only one instance of Lotus Workplace Team Collaboration can be
installed on the same physical node with Workplace release 2.0.1
The basic difference in the installation process is that only Team Collaboration
needs to be selected during the “Workplace Data Only” part of the installation on
the relational database server. Be aware, however, that this procedure also
installs the Workplace Messaging database (NAGANO) along with other
common workplace databases. The list of these databases is shown in
Figure 4-1.
Figure 4-1 Workplace databases installed with Team Collaboration
When the installation of Team Collaboration is completed, your Workplace
screen should look similar to the one shown in Figure 4-2. There are some
differences between this and the full Workplace deployment, for example, there
are no Messaging or Learning tabs.
156
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 4-2 Team Collaboration Screen
4.1.1 Enabling Workplace Messaging in Team Collaboration
Now that you have performed the Team Collaboration installation, you don’t have
to go through a separate Messaging install. The NAGANO database, along with
full messaging functionality, has been installed (and by default disabled) along
with Team Collaboration. This makes it very easy to enable Workplace
Messaging on your system (once you purchase the license for Messaging, of
course). We are assuming in this chapter that you have completed the necessary
planning and analysis stage for the Workplace Messaging implementation.
To enable Lotus Workplace Messaging:
1. Open WPS WebSphere Admin Console.
2. Click Lotus Workplace → Licences. The Licences screen will be displayed, as
shown in Figure 4-3.
Chapter 4. Deployment considerations
157
Figure 4-3 Workplace license status screen
As you can see, the license for Lotus Workplace Messaging is set to “No.”
3. To enable the licence select Messaging and click the License button. You will
be prompted to save your changes (the message in Figure 4-4 will display on
the top of the screen).
Figure 4-4 WebSphere Application Server configuration change Save prompt
4. Click Save, then, in the Save to Master Configuration window, click Save
again.
5. Restart the server. After the services are up again, you should see that on the
Licences screen, the Workplace Messaging licence is set to “YES.”
6. Log in to Workplace as portal administrator. You should now see the
Messaging tabs added to your workplace screen as shown in Figure 4-5.
158
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 4-5 Workplace welcome screen with Messaging enabled
After you have enabled messaging, you have to make the new functions
available for your users. Refer to Chapter 5, “Team Collaboration administration”
on page 187 for instructions on granting access rights to users.
4.2 Deploying Team Collaboration with an existing
WebSphere Portal environment
This section describes how to install Lotus Workplace over a pre-existing
WebSphere Portal environment.
4.2.1 Overview of upgrading an existing WebSphere Portal
If you already have a WebSphere Portal Release 5.0.x installed and you plan to
install Lotus Workplace 2.0.1 on your environment, the first requirement is to set
the correct versions of WebSphere Application Server and WebSphere Portal as
described in the next section.
Security prerequisites
Keep in mind that Lotus Workplace Team Collaboration requires Portal to be
implemented with an LDAP directory and (if security is enabled) with a
“lookaside” database. You can install Lotus Workplace over a WebSphere Portal
installation that uses an LDAP directory alone if security is not enabled. If you do
Chapter 4. Deployment considerations
159
this, the Team Collaboration environment will store the attributes needed for
Lotus Workplace in a lookaside database. If you have an existing WebSphere
Portal with security enabled, it must have the WebSphere Member Manager user
directory configured with a LookAside database and a correct External ID
mapping. For more information on ID mapping refer to the Lotus Workplace 2.0.1
Products Deployment Guide, SG24-6378.
http://www.redbooks.ibm.com/abstracts/sg246378.html
Important: As of this writing, if your current WebSphere Portal environment
has security enabled and the LookAside property set to “false” there is no way
to change this value. You should consider setting up a new infrastructure for
Lotus Workplace. If your WebSphere Portal has security implemented and the
lookaside database is configured, read carefully 4.2.3, “Required
modifications to an existing WebSphere Portal” on page 164.
Other prerequisites
Before you start working with your actual WebSphere Portal server do a backup
to restore it if necessary. It is important to back up the wpconfig.properties file.
You can copy to a secure path or you can run the backup command:
WPSconfig backup-main-cfg-file
This makes a backup copy of the file and names it
wpconfig_yyyy-mm-dd-hh-mm.properties to indicate when the copy was made.
In addition, you can export the configuration of your Portal, pages, portlets in
pages, and grants using the XML configuration client.
To export the configuration follow these steps:
1. Copy the file Export.xml from <wps_root>\doc\xml-samples to
<wps_root>\bin
2. Run the command:
xmlaccess -in Export.xml -user wpsadmin -pwd wpsadmin -url
http://servername.com/wps/config -out serverConfig.xml
3. Log in with a Portal administrator account other than wpsadmin.
4. Copy all the.war files of your portlets.
5. Copy all your themes and skins.
160
IBM Lotus Workplace Team Collaboration 2.0.1
To restore your configuration run this command:
xmlaccess -in Export.xml -user wpsadmin -pwd wpsadmin -url
http://servername.com/wps/config
Wait until you get the message:
<status element="all" result="ok">
4.2.2 Upgrading existing WebSphere Portal with the Workplace GUI
This section applies only if you have an existing WebSphere Portal installation. If
you do not, the Lotus Workplace Installer will install it for you.
For Lotus Workplace 2.0.1 the required versions of software are:
򐂰 IBM HTTP Server 1.3.26.2
򐂰 IBM WebSphere Application Server 5.0.2.6 with V5.0.2 Cumulative Fix 1 for
SDKs (5022 Cumulative Fixpack)
򐂰 IBM WebSphere Portal 5.0.2.2
Tip: To verify the WebSphere Application version, run VersionInfo.bat
(Windows) located in the <was_root>\bin directory.
Verify your WebSphere Portal version by running wpVersionInfo.bat
(Windows) located in the <wps_root>\bin directory. This command is not
available in version 5.0.1. Alternatively, you can always add the About Portal
portlet to your workspace to check the version.
If your existing WebSphere Application Server and WebSphere Portal exceed
these versions, we strongly suggest that a new environment for Lotus Workplace
be set up since downgrading of the components of your existing portal
implementation is not recommended.
Note: At the time this redpaper was written the PDM (Portal Document
Manager) installer would remove the WebSphere Portal content publishing
portlets from your existing Portal and replace them with the
Workplace-specific ones. The data is preserved but presented in the
Workplace user interface.
If your WebSphere Portal is not already operating at the required target release
you must upgrade it to the required version for Workplace.
Chapter 4. Deployment considerations
161
Important: We recommend using the Lotus Workplace CDs to upgrade your
existing Portal environment since the easiest way of performing the update of
your WebSphere Application Server and WPS installation is to use the Lotus
Workplace Installer to copy the required files and then run the update targets.
If you upgrade your current WebSphere Portal environment we strongly
recommend testing in a separate, pre-production environment first.
Running the Workplace installer
To update an existing WebSphere Portal server perform the following steps:
1. Log in as a user with administration privileges.
Attention: Be sure you apply the necessary changes to the administration
account as described in “Installation procedure” on page 173.
2. Create a local directory (we used D:\LWPUpdate) to copy the required
installation images for WebSphere Portal.
3. Copy the CDs with the appropriate name to your update directory depending
on your version. If you are upgrading from version 5.0 (or 5.0.1) you need all
CD images.
a. Launch a command prompt.
b. Change to the directory with the installation image,
c. Run install.bat from the cdSetup directory to begin the installation.
This could take a few moments, so be patient.
4. At the panel Select a language for this installer, select your language and
click OK.
5. At the introductory panel click Install to begin.
Other options are:
– Readme: Opens a PDF file containing the Lotus Workplace Release
Notes.
– Installation Guide: Opens a PDF file containing the Lotus Workplace
Installation Guide.
– Prerequisites: Opens an HTML document that describes the installation
requirements for Lotus Workplace.
– Exit: Closes the launch pad without installing Lotus Workplace on the
server.
6. At the IBM Lotus Workplace Installation Program panel click Next.
162
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 4-6 Automated system check
7. Depending on your WebSphere Portal environment, the installer displays the
installed components. Click Next to continue.
Figure 4-7 Existing WebSphere Portal installation path
Chapter 4. Deployment considerations
163
8. Click Next to continue. Do not check the box “Install a new instance...”.
9. The required files are now copied to your WebSphere Application Server and
WebSphere Portal server path.
Note: If your current version was 5.0.0, the launch pad will update the
WebSphere Application Server to version 5.0.1.
10.Run the update targets according to your current version. For details refer to
the Lotus Workplace Infocenter at:
http://publib.boulder.ibm.com/infocenter/lwpphelp/index.jsp
11.Follow the instructions described in the next section.
4.2.3 Required modifications to an existing WebSphere Portal
If you have an existing WebSphere Portal environment with security enabled, it
must have the WebSphere Member Manager user directory configured with a
LookAside database and a correct External ID mapping, as described in the
prerequisites at the beginning of this section.
When installing Lotus Workplace over an existing installation of WebSphere
Portal, the existing root URL for WebSphere Portal is preserved, so users will log
in at the /wps/myportal URL. Lotus Workplace requires that the
/lwp/myworkplace URL exist. Without it, Workplace templates will be unavailable.
There are two ways detailed below to set this requirement:
1. Change the Portal context root before installation of Lotus Workplace.
Note: We strongly recommend this method.
2. Redirect lwp/myworkplace to /wps/myportal on the HTTP Server.
Changing the Portal context root
1. Verify that the WebSphere Portal server is stopped. Go to the folder
<was_root>\bin, and execute the command (case sensitive):
serverStatus WebSphere_Portal -username <was_admin> -password
<was_admin_pass>
where <was_admin> is the WebSphere Application Server administrator and
<was_admin_pass> is the password of this user.
164
IBM Lotus Workplace Team Collaboration 2.0.1
If you get the message "The Application Server WebSphere_Portal is
STARTED" you have to run the following command (case sensitive):
stopServer WebSphere_Portal -username <was_admin> -password
<was_admin_pass>
where <was_admin> is the WebSphere Application Server administrator and
<was_admin_pass> is the password of this user.
Wait for the message "Server WebSphere_Portal stop completed."
2. Use a text editor to open the <wps_root>\config\wpconfig.properties file and
enter the values shown in Table 4-1.
Table 4-1 Values for the context root
Property
Value
WpsContextRoot
lwp
WpsDefaultHome
workplace
WpsPersonalizedHome
myworkplace
3. Save the file, move to the directory <wps_root>\config and run the next
command:
WPSconfig modify-servlet-path
Check the output for any error messages before proceeding with the next
task.
4. Start the WebSphere Portal server to verify the changes.
startServer WebSphere_Portal -username <was_admin> -password
<was_admin_pass>
5. Log in to verify the change at:
http://<your_server>/lwp/workplace
Required URL redirection
If you just completed the procedure described in the previous section to change
the Portal context root, you do not need to perform the steps outlined in this
section.
To create a Redirect on the IBM HTPP Server from /lwp/myworkplace to
/wps/myportal, perform the following steps using the IBM HTTP Server’s
administration tool. If you are using a different HTTP Server the procedure will be
different; consult the documentation for your server.
Chapter 4. Deployment considerations
165
1. Log on to the IBM HTTP Server administration console.
(http://your_http_server_host_name:8008/admin)
2. Move to the URL of your IBM HTTP Server and click Configure server.
Figure 4-8 Log in to IBM HTTP server administration
3. If the server is configured to use security insert a valid user and password.
Figure 4-9 User and password
– If your server is configured with Authentication enabled and you have
never created a user and password, move to the IBM HTTP Server root
directory and run the command:
htpasswd -cm conf\admin.passwd <user>
166
IBM Lotus Workplace Team Collaboration 2.0.1
where <user> is the user ID that will be used to log into the Administration
server, for example htpasswd -cm conf\admin.passwd httpadmin.
Note: The username for http server administration does not have to be
present in the local OS user registry, so you can use an arbitrary name
in the htpasswd command.
– You will be prompted for a password two times. Then you can use this
user and password.
4. Click Mappings and then Redirects on the left as shown in Figure 4-10.
Figure 4-10 Select Redirects
5. Click Add on the right as shown in Figure 4-11.
Chapter 4. Deployment considerations
167
Figure 4-11 Add
6. Make sure “Directory or file name specified” is set to URL path.
7. Type the URL /lwp/myworkplace in the field labeled “Redirect directory or file
name”
8. Choose (301) Move permanently for the status.
9. In the field “URL the user is directed to” enter the full URL to the context root
of your server, for example:
http://servername.com/wps/myportal
10.Click Apply.
11.Click Submit.
12.Stop and restart the IBM HTPP Server.
13.Verify you can use a browser to navigate to:
http://servername.com/lwp/myworkplace
14.Stop and restart the WebSphere Portal server.
168
IBM Lotus Workplace Team Collaboration 2.0.1
4.3 Deploying Team Collaboration in an extranet
scenario
At the time of this writing only Lotus Workplace Messaging supports reverse
proxy implementations. Therefore, we cannot provide information on setting up a
Team Collaboration environment with reverse proxy or security proxy such as
WebSEAL with Tivoli® Access Manager. There are, however, several
recommendations that we can make for a successful extranet implementation.
4.3.1 HTTP Server separation topology
Figure 5.12 illustrates a basic extranet solution architecture based on a
WebSphere Portal implementation with the HTTP server separated. HTTP
server separation topologies physically separate the HTTP (Web) server from
the application servers, typically to place the HTTP server in a DMZ. Using a
DMZ provides an additional layer of security for back-end servers and data.
Figure 4-12 Example of extranet implementation architecture: No reverse proxy
The basic difference between such an implementation and a more basic
environment is that the HTTP server is installed on a separate computer and
communicates with WebSphere application server through the WebSphere
plug-in. WebSphere Application Server provides a Web server plug-in for use on
the Web server. The Web server plug-in routes requests to application servers
on remote machines using the HTTP or HTTPS protocol.
Chapter 4. Deployment considerations
169
Advantages
HTTP server separation provides advantages because it:
򐂰 Supports load balancing and failover, eliminating single points of failure.
A point of failure exists when one process or machine depends on another
process or machine. A single point of failure is undesirable because if the
point fails, the whole system will become unavailable. When comparing DMZ
solutions, single point of failure refers one between the Web server and
application server. Various failover configurations can minimize downtime
and possibly even prevent a failure. However, these configurations usually
require additional hardware and administrative resources.
򐂰 Avoids data access from the DMZ.
A DMZ configuration protects application logic and data by creating a
“demilitarized zone” between the public Web site and the servers and
databases where valuable information is stored. Desirable DMZ topologies do
not have servers that directly access databases from the DMZ. This supports
WebSphere security in that the location of the Web server is not relevant to
the security services provided by WebSphere. WebSphere security protects
applications and their components by enforcing authorization and
authentication policies. Configuration options compatible with WebSphere
security are desirable because they do not necessitate alternative security
solutions.
򐂰 Supports Network Address Translation (NAT) firewalls.
A firewall product that runs NAT receives packets for one IP address, and
translates the headers of the packet to send the packet to a second IP
address. In environments with firewalls employing NAT, avoid configurations
involving complex protocols in which IP addresses are embedded in the body
of the IP packet, such as Java Remote Method Invocation (RMI) or Internet
Inter-Orb Protocol (IIOP). These IP addresses are not translated, making the
packet useless.
򐂰 Supports Secure Sockets Layer (SSL) encryption for communications
between the Web server and the application server.
Configurations that support encryption of communication between the Web
server and application server reduce the risk that attackers will be able to
obtain secure information by “sniffing” packets sent between the Web server
and application server. A performance penalty usually accompanies such
encryption.
򐂰 May reduce performance bottlenecks.
򐂰 Simplifies administration.
The Web server plug-in uses a single, easy-to-read XML configuration file.
Some solutions require little or no maintenance after you establish them,
170
IBM Lotus Workplace Team Collaboration 2.0.1
while others require periodic administrative steps, such as stopping a server
and starting it again after modifying resources that affect the configuration.
Disadvantages
HTTP server separation has the following disadvantages:
򐂰 The link between the Web server and WebSphere Application Server is done
using a Web server plug-in. The plug-in must be configured after certain
configuration changes from the WebSphere Application Server and manually
moved to the proper location on the Web server.
򐂰 There is no protocol shift for inbound and outbound traffic across a firewall.
The Web server sends HTTP requests to application servers behind firewalls
and an HTTP port in the firewall must be open to let the requests through.
Configurations that require switching to another protocol (such as IIOP), and
opening firewall ports corresponding to the protocol, are often more complex
to set up, and the protocol switching overhead can impact performance. The
following approaches can be used to address this:
– Configure the Web server plug-in to use HTTPS. This will provide a
high-security connection between the HTTP server and the application
server. This connection can be configured so that the Web server plug-in
and application server must mutually authenticate each other using
public-key infrastructure (PKI).
– Use different inbound (browser to HTTP server) and outbound (Web
server plug-in to application server) port numbers.
Table 4-2 summarizes the HTTP server separation topology characteristics.
Table 4-2 Characteristics of HTTP server separation topology
Characteristic
Comment
SSL support
Yes
Workload management
Yes
Network Address Translation (NAT)
Yes
Performance
High
Administration of configuration
Manual
Avoids data access from DMZ
Yes
Avoids DMZ protocol switch
No
Avoids single point of failure
Yes
Compatible with WebSphere security
Yes
Chapter 4. Deployment considerations
171
4.3.2 Installing WebSphere plug-in on a remote IBM HTTP server
To use a Web server other than IBM HTTP Server, install and configure the Web
server before installing WebSphere Application Server. The correct order of
installation lets you select and install the plug-in for your supported Web server
during the installation of the Application Server.
Supported HTTP servers are:
򐂰 IBM HTTP Server 1.3.26 and 2.0.42.1
򐂰 Apache Web Server 1.3.20 and 1.3.26
򐂰 Microsoft Internet Information Server 5.0
򐂰 Sun One Web Server Enterprise Edition 6.0 SP4
򐂰 iPlanet Web Server Enterprise Edition 4.1 SP7 or above
򐂰 Domino Enterprise Server (as Web Server) R5.0.9a or above
Important: The Web server must be installed in order to install the plug-in.
To install the plug-in on the remote server you can use the product CD for
WebSphere Application Server. Using the WebSphere Application Server
installation procedure to install only the HTTP Server on a remote machine also
installs the binary plug-in for HTTP Server.
One advantage of using the product CD for the IBM WebSphere Application
Server product to install the binary plug-in module is that you can then use the
Update installation wizard (part of the update installer application) to apply fix
packs, cumulative fixes, and interim fixes to the binary plug-in modules.
The WebSphere Application Server installation wizard configures supported Web
servers when you install the binary plug-in. However, installing a plug-in on a
remote machine can require manual configuration. The following sections
describe how to manually configure IBM HTTP Server.
One other topic to be familiar with is the manual propagation of the plugin-cfg.xml
document from the machine with the Application Server to the remote Web
server machine. This is a document that should not be confused with the binary
plug-in module. The editable plugin-cfg.xml document describes the Application
Server environment to the Web server and directs the Web server to applications
and data that the Web server can then retrieve. This document does not enable
the Web server to communicate with the Application Server; the communication
is enabled by the binary plug-in module.
The plugin-cfg.xml document changes whenever you regenerate it from the
administrative console of the Application Server. Regenerating the file is not
172
IBM Lotus Workplace Team Collaboration 2.0.1
necessary unless you change such things as the configuration of deployed
applications, virtual host definitions, or HTTP transport definitions on a
stand-alone Application Server, or on Application Servers managed by a
deployment manager in a network deployment environment. After regenerating
the plugin-cfg.xml file, you must manually copy it to the remote machine hosting
the Web server.
You don’t have to copy the plugin-cfg.xml file when the Web server is locally
installed since a local Web server can simply point to the location of the
plugin-cfg.xml document in the installation root directory structure of the
Application Server.
Manually propagating (copying) the plugin-cfg.xml file is a necessary step when:
򐂰 You install a Web server on a remote machine
򐂰 You regenerate the plugin-cfg.xml document because of changes in the
configuration and you are putting the changes into effect on the Web server
Without the binary plug-in module, a Web server cannot communicate with the
Application Server. Without the plugin-cfg.xml document, a Web server cannot
find deployed applications on the Application Server. Both files are necessary for
a Web server to work with an Application Server. Configuration directives in the
configuration files of any supported Web server exist to point to each file. The
following example shows the configuration directives in the configuration file
(httpd.conf) for the IBM HTTP Server on a Windows machine:
LoadModule ibm_app_server_http_module
drive:\WebSphere\AppServer\bin\mod_ibm_app_server_http.dll
WebSpherePluginConfig
drive:\WebSphere\AppServer\config\cells\plugin-cfg.xml
Note: In this example the directives are displayed in 2 lines each. In a real
httpd.conf file, though, these entries are single lines.
In the example, the binary module is the mod_ibm_app_server_http.dll file. The
binary plug-in module and the plugin-cfg.xml document are in a standard
directory structure created by installing the files on the Web server machine.
Installation procedure
The following procedure lets you install a WebSphere Application Server plug-in
for a supported Web Server on a different machine than the machine where the
WebSphere Application Server is installed.
Chapter 4. Deployment considerations
173
1. Log on as the administrator.
You cannot install the plug-in feature correctly without the proper
authorizations. You are also required to use the update installer program (in a
later step) as the root user on a Linux or UNIX® platform, or as the
administrator on a Windows platform.
2. Insert the CD-ROM labeled “WebSphere Application Server, IBM HTTP
Server” into the machine where your HTTP server is installed, or locate the
directory on your disk where the installation files are stored and run
install.exe.
3. Select Install the product if the launchpad starts. Alternatively, find the
setup.exe in the installation directory.
4. Accept the product license agreement.
5. Select Custom installation.
Figure 4-13 WAS Plug-in installation - Custom option selection
6. Clear the check boxes for all options on the Feature selection panel.
You should clear the check box for the Application Server since it is not
required to install the Application Server code on the Web server machine.
7. Select the check box for the plug-ins and the particular plug-in for your Web
server on the Feature selection panel. Click Next.
174
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 4-14 WAS Plug-in installation - component selection screen
8. Select an installation directory for WebSphere plug-in. Note: Avoid spaces in
the directory names - for example “Program Files” is not a recommended
installation location. Click Next.
9. Select the location of your HTTP server configuration file (httpd.conf for IBM
Directory Server).
Chapter 4. Deployment considerations
175
Figure 4-15 WAS plug-in installation - location of HTTP configuration file
10.Check the options on the confirmation screen and click Next to continue.
11.Complete the installation.
You can clear the check box on the Product registration panel. You are not
required to register the installation of the Web server plug-ins.
The installation of the binary plug-in module creates a directory structure that
includes the following directories:
򐂰 /WebSphere/AppServer/bin contains the binary plug-in module and other
necessary binary files.
򐂰 /WebSphere/AppServer/config contains configuration files including the
plugin_cfg.xml document.
򐂰 /WebSphere/AppServer/etc contains plug-in related files.
򐂰 /WebSphere/AppServer/java contains the WebSphere SDK.
򐂰 /WebSphere/AppServer/logs contains log files.
Update the binary plug-in module to the Workplace build level
1. Download to the /WebSphere/AppServer/update directory the most current fix
pack, the most current cumulative fix, and any recommended interim fixes for
your version of Lotus Workplace, from the WebSphere Application Server
Support site at:
http://www.ibm.com/software/webservers/appserv/was/support
176
IBM Lotus Workplace Team Collaboration 2.0.1
The relationship among interim fixes, cumulative fixes, and fix packs is shown
in the Cumulative Fix Strategy for WebSphere Application Server Web page
at:
http://www.ibm.com/support/docview.wss?uid=swg21145289
Identify recommended interim fixes using the Recommended updates for
WebSphere Application Server Base and Network Deployment Editions page
at:
http://www.ibm.com/support/docview.wss?rs=180&context=SSEQTP&uid=swg
27004980
2. Unzip the fix pack, cumulative fix, and the recommended interim fixes that are
in the update directory. Unpacking the fix pack or the cumulative fix creates
the update/fixpacks directory automatically. Unpack interim fixes into the
update/fixes directory.
3. Download the updateInstaller.zip file from the Support site to the
/WebSphere/AppServer/update directory.
The files that comprise the zip file are also part of each fix pack and
cumulative fix zip file package. Therefore, download the latest update installer
application after unpacking the cumulative fix or the fix pack to avoid
overwriting the file.
There are separate update installer applications for Version 5.0.x and Version
5.1.x:
UpdateInstaller for WebSphere Application Server V5.0 releases:
http://www.ibm.com/support/docview.wss?rs=180&context=SSEQTP&uid=swg
24001908
UpdateInstaller for WebSphere Application Server V5.1 releases:
http://www.ibm.com/support/docview.wss?rs=180&context=SSEQTP&uid=swg
24006036
4. Follow the fixpack instructions to complete the installation.
Generating WAS plug-in configuration
Before you can use the Web server plug-in with a WebSphere Application Server
installation, you will need to generate the plug-in configuration file and move it to
the proper location on the Web server.
To generate the Web server plug-in, do the following:
1. Verify that the plug-in statements have been added to the Web server
configuration file.
2. Generate the configuration file from WebSphere Application Server. Using
the administrative console, expand Environment and select Update Web
Server Plug-in. Click OK to generate the configuration file.
Chapter 4. Deployment considerations
177
This is the file that needs to be copied to the HTTP server machine. To do so,
follow the steps described in the next section.
WebSphere Application Server Plug-in configuration
Perform the following steps to configure the plug-in for IBM HTTP Server:
1. Examine the configuration files for your IBM HTTP server to determine if it is
necessary to manually configure the file. Compare the configuration
directives in the file to those shown in the document for your Web server.
Verify that the necessary configuration directives exist in the file.
You’ll find the directives at the end of the file. For example:
LoadModule ibm_app_server_http_module
"C:\WebSphere\AppServer/bin/mod_ibm_app_server_http.dll"
WebSpherePluginConfig
"C:\WebSphere\AppServer/config/cells/plugin-cfg.xml"
Note the designated location of the plug-in configuration specified in
httpd.conf, in this case, C:\WebSphere\AppServer/config/cells/plugin-cfg.xml.
This is where the plug-in will expect to find its configuration file. When you
generate the Web server plug-in configuration from WebSphere Application
Server, you need to copy the generated file to this location.
2. Open the WebSphere Application Server Console. Log in and go to
Environment → Update Web Server Plugin.
3. Click OK to update the current Web server plug-in (Figure 4-16).
Figure 4-16 Updating the WAS HTTP plug-in
4. Copy a current plugin-cfg.xml file from the Application Server machine to the
location specified in the directive in the Web server configuration file.
178
IBM Lotus Workplace Team Collaboration 2.0.1
Verifying the Web server plug-in installation
To verify that the Web server plug-in was successfully installed, open the
httpd.conf configuration file. At the bottom of the file you should see the directive
entries shown in Figure 4-17.
Figure 4-17 WebSphere Application Server Plug-in directives in the http configuration file
Test the connection to WebSphere through the Web server. To test the remote
Web server connection to WebSphere, access the snoop servlet using the
following URL:
http://<Web server hostname>/servlet/snoop
4.4 Post-installation configuration
Before configuring Lotus Workplace or performing other administrative tasks you
may want to check the status of the Workplace server.
1. Open a command prompt.
2. Navigate to <was_root>\bin, for example D:\WebSphere\AppServer\bin.
3. To check the status, enter:
showserver -all -username <wpsadmin> -password <wps_admin_password>
Chapter 4. Deployment considerations
179
Figure 4-18 Server status command result window
If any of the servers are stopped perform the following steps:
1. If the IBM HTTP server is not running, open Start → Programs →
Administrative Tools → Services and start the IBM HTTP Server.
2. Open a command prompt.
3. Navigate to <was_root>\bin, for example D:\WebSphere\AppServer\bin.
4. Enter startServer server1 to start the WebSphere Application Server (if it is
not running).
5. Enter startServer WebSphere_Portal to start the WebSphere Portal (if it is
not running).
6. Enter startServer LotusWorkplace_Server to start Lotus Workplace.
4.4.1 Configuring the Team collaboration service
The Team collaboration service is available on the Lotus Workplace server if you
have installed Lotus Workplace Team Collaboration. However, you still need to
perform the post-installation configuration steps described in this section.
The Team collaboration service supports instant messaging, presence, and Web
conference activity on a Lotus Workplace server. You must configure the Team
collaboration service to provide any of these activities. Only one instance of the
Team collaboration service can operate on each WebSphere Application Server
node.
This section describes how to configure:
򐂰 The Team collaboration service on the Lotus Workplace server
򐂰 The SIP container service on WebSphere Portal
򐂰 The cell-wide Team collaboration service
180
IBM Lotus Workplace Team Collaboration 2.0.1
Configuring the Team collaboration service
To configure the Team collaboration service, perform the following steps:
1. Open the WPS Administration console.
2. Click Servers → Lotus Workplace Servers.
3. Click the name of the Lotus Workplace server. You will be presented with a list
of services running under Lotus Workplace server as shown in Figure 4-19.
Figure 4-19 Services running under LotusWorkplace_Server
4. Click Team Collaboration Service.
5. Complete the Team Collaboration Service properties and click Apply or OK.
Most of the default settings should match the requirements of your
environment. The Team Collaboration Service configuration properties are
described in Table 4-3.
Chapter 4. Deployment considerations
181
Table 4-3 Team Collaboration configuration properties
Property
Description
Enable
This setting specifies whether this particular workplace server supports team
collaboration activities. Select the check box to enable team collaboration on
this server. The check box is selected by default.
Initial state
This setting determines the state of the Team collaboration service when the
workplace server starts. The value can be either Started or Stopped. The
default value is Started.
You must run the Team collaboration service to run the SIP Proxy, People
Links, and Meetings services. After the Team collaboration service starts, the
server is able to listen for connections on the ports specified on this panel.
Enable SIP proxy
service
This setting specifies whether to run the SIP proxy service when the workplace
server starts. You must run the SIP proxy service to support chat, presence,
and Web conferences. The check box is selected by default.
The SIP proxy service distributes incoming SIP requests among the SIP
servers in a cell and routes outbound SIP messages to external destinations.
When the SIP proxy service starts, it reads the cell configuration to determine
the location of the SIP containers in the cell, and then establishes persistent
TCP connections to each SIP container. The SIP proxy service listens for
incoming SIP connections on the SIP and SIPS ports specified on this panel.
The SIP proxy service manages the resources for each connection with a SIP
client or remote SIP proxy. Using the SIP proxy to manage connections
resources improves performance by enabling the back-end SIP containers to
focus on processing SIP messages.
Enable People Links
service
This setting specifies whether to run the People Links service when the
workplace server starts. You must run the People Links service to support chat
and people awareness for Web clients. The check box is selected by default.
Enable Meetings
service
This setting specifies whether to run the Meetings service when the workplace
server starts. You must run the Meetings service to support Web conferences.
The check box is selected by default.
The Meetings service processes HTTP requests from Web clients (for
example, a request to join a Web conference), converting these requests into
SIP format before forwarding them to the SIP container. Similarly, the Meetings
service converts outbound SIP messages received from the server (for
example, a notification that a user has joined a Web conference) into HTTP
format before forwarding them to clients.
HTTP tunnel port
Type the TCP port number that the HTTP tunnel service uses to listen for
incoming SIP requests from browser-based chat, people awareness, and Web
conference clients. The default value of this setting is 8080.
182
IBM Lotus Workplace Team Collaboration 2.0.1
Property
Description
HTTPS tunnel port
(SSL)
Type the Transport Layer Security (TLS) port number at which the HTTP tunnel
server listens for TLS-encrypted SIP requests originating from browser clients.
The default value of this setting is 8081.
TLS encrypts transactions between clients and the server. Earlier versions of
the protocol were known as the Secure Sockets Layer (SSL) protocol.
SIP port
Type the TCP port number at which the SIP Proxy listens for unencrypted SIP
requests originating from chat, people awareness, and Web conference clients.
The default value of this setting is 5060.
SIPS port (SSL)
Type the Transport Layer Security (TLS) port number at which the SIP proxy
server listens for encrypted incoming SIP requests from chat, people
awareness, and Web conference clients. The default value of this setting is
5061.
The TLS protocol encrypts transactions between clients and the server. Earlier
versions of the protocol were known as the Secure Sockets Layer (SSL)
protocol.
SSL configuration
This setting specifies the name of the SSL repertoire on the WebSphere
Application Server that contains the TLS settings to use for encrypting team
collaboration transactions. The default value of this setting is the name of the
default SSL repertoire.
Configuring the SIP container on WebSphere Portal
From the SIP Container panel you can configure the server's SIP container
properties. The SIP container is an extension of the Web container that runs on
WebSphere Portal and is a stateful server that manages SIP sessions. You must
configure and enable the SIP container on each WebSphere Portal node where
you want to provide team collaboration activities.
The SIP container runs within the WebSphere Portal Web container and
provides SIP message processing services. It receives incoming SIP requests
from a SIP proxy and routes outgoing SIP messages to the same proxy. In
clustered environments, all messages for a given client session route through the
same SIP proxy and SIP container for the duration of the session.
To configure the SIP container on the application server, perform the following
steps:
1. Open the WPS Administration console.
2. Click Servers → WebSphere_Portal.
3. Click the Configuration tab, then click SIP Container in the Additional
Properties table.
Chapter 4. Deployment considerations
183
Figure 4-20 SIP Container configuration panel
4. Complete the SIP Container configuration properties and click OK. The SIP
Container configuration properties are described in Table 4-4.
Table 4-4 SIP Container configuration properties
Property
Description
Initial state
This setting determines the state of the SIP container service when the
WebSphere Portal server starts. The value can be either Started or Stopped. The
default value is Started. Select Stopped to prevent the SIP Container from loading
when the server starts. Choose Started if you want this server to act as a SIP node
in the cell. Keep in mind that if you want to enable collaboration services on a
server you must enable SIP container. The only exception is the servers which
you build as dedicated SIP proxies.
When the SIP container starts, its TCP and TLS host and port information is added
to the cell configuration. The SIP proxies in the cell use this configuration
information to determine which servers are running the SIP container.
Router classname
This is the Java class name of the SIP container process responsible for routing
messages to the outbound proxy. The default value of this setting is
com.ibm.workplace.sip.stack.transaction.transport.routers.SLSPRouter.
SLSP = Stateless SIP Proxy
You will find this abbreviation quite common in Workplace technical articles. It
simply refers to SIP proxy.
Number of dispatch
threads
Type the number of threads that the SIP container can use to process messages.
The default value of this setting is 3. The maximum value for this setting is 10.
184
IBM Lotus Workplace Team Collaboration 2.0.1
Configuring Team Collaboration cell-wide settings
Cell-wide settings are required to enable Lotus Workplace to handle team
collaboration requests that require interaction among different components.
Cell-wide settings enforce a consistent configuration across all nodes in a cell.
Each node in the cell stores its cell-wide settings in a file in the cell directory of its
file system. To ensure that configuration updates are distributed to each node,
WebSphere automatically replicates the information in these files across nodes.
You need to configure the following Team collaboration cell-wide settings from
the WebSphere Administrative Console when multiple Lotus Workplace servers
operate as a cell:
򐂰 General properties
򐂰 SIP Container
򐂰 SIP Proxy Outbound Connections
򐂰 HTTP Tunnel Cluster
For more details on these settings refer to the Lotus Workplace Infocenter at:
http://publib.boulder.ibm.com/infocenter/lwpphelp/index.jsp
4.5 Security resources
Since Lotus Workplace Security is inherently tied to the WebSphere Application
Server security, valuable information can be found in the following Redbooks:
IBM WebSphere V5.0 Security WebSphere Handbook, SG24-6573
http://www.redbooks.ibm.com/abstracts/sg246573.html
IBM WebSphere Application Server V5.1 System Management and
Configuration WebSphere Handbook, SG24-6195
http://www.redbooks.ibm.com/abstracts/sg246195.html
Additional information on securing Lotus Workplace installations can be found in
the Workplace Info Center at:
http://publib.boulder.ibm.com/infocenter/lwpphelp/index.jsp
A series of WebSphere Application Server security articles by Keys Botzum,
Senior Consulting I/T Specialist, IBM Software Services for WebSphere are
available on the IBM Developer Works Web site at:
http://www.ibm.com/developerworks
Chapter 4. Deployment considerations
185
186
IBM Lotus Workplace Team Collaboration 2.0.1
5
Chapter 5.
Team Collaboration
administration
This chapter covers policy management and administration of Lotus Workplace
Team Collaboration. In it, we describe the tasks an administrator performs and
the tools used, including:
򐂰 Management tools: WebSphere Portal Administration Console and the
LMAdmin interface
򐂰 Team Collaboration Application policy management
򐂰 Lotus Workplace user policy management
򐂰 Administrative tasks
© Copyright IBM Corp. 2005. All rights reserved.
187
5.1 Overview
There are two tools that are used to administer and configure Lotus Workplace:
򐂰 WebSphere Portal Admin Console is used to administer Lotus Workplace
cell-wide settings, servers, and services; add or change configuration settings
as necessary; make setting updates persistent; and view the run-time status
and performance of servers. We also refer to this application in some sections
as “WAS Admin Console.”
򐂰 LMAdmin commands are used to administer Lotus Workplace Messaging
and policies. The LMAdmin tool is described in detail in 5.8, “LMAdmin Tool”
on page 227. You can change the run-time settings of Lotus Workplace by
entering LMAdmin commands in a command window. Keep in mind, however,
that the effects of most commands are not persistent across server sessions;
this means, if you change a setting, that change will only apply to the current
Workplace session and will not persist through server restart.
The LMAdmin tool is primarily used to manage Workplace Messaging and
user policies. Since the focus of this redpaper is Team Collaboration, we only
describe using the LMAdmin tool as it relates to user policies.
The LMAdmin command line console is available only to user accounts with
the administrator role assigned to them. The admin role assignment is
described in detail in the 5.2, “Adding administrators and assigning user
roles” on page 192.
Attention: For the tasks requiring WebSphere Administration Console, we
recommend using the WebSphere Portal Admin Console. This is an
application that is virtually identical to WAS Admin Console, but it comes
packaged with WebSphere Portal and you access it on a different port (9044).
The status of the Workplace Servers, Workplace Enterprise Applications and
the Workplace administrative menu is shown only in the WebSphere Portal
Admin Console.
In our Redbook lab environment we access it through the following URL:
https://itso-tclwp1.cam.itso.ibm.com:9044/admin
whereas the regular WAS Admin console would be accessed through:
https://itso-tclwp1.cam.itso.ibm.com:9043/admin
In a nutshell, you should use WebSphere Portal Admin Console based on the
fact that both Workplace applications and WebSphere Portal share the same
JVM, whereas server1 (WAS) runs in a separate virtual machine.
188
IBM Lotus Workplace Team Collaboration 2.0.1
5.1.1 WPS Admin Console
The WPS Admin Console is used to perform the following administrative
activities:
򐂰 Administer servers and services
򐂰 Specify Workplace cell-wide settings
򐂰 Modify configuration settings
򐂰 Make setting updates persistent
򐂰 Monitor performance and view run-time status of Workplace servers
Important: Before going further, you need to understand the concept of a
“cell” since most administrative functions either refer to or affect a cell. A cell is
a grouping of nodes into a single administrative domain. In the Base and
Express configurations, a cell contains one node. That node may have
multiple servers, but the configuration files for each server are stored and
maintained individually. With the Network Deployment and Enterprise
configurations, a cell can consist of multiple nodes, all administered from a
single point. The configuration and application files for all nodes in the cell are
centralized into a cell master configuration repository. This centralized
repository is managed by the Deployment Manager process and synchronized
out to local copies held on each of the nodes. In that sense a Workplace cell
would represent all Lotus Workplace servers deployed within a single WAS
cell.
5.1.2 Server- and service-level operations
The WPS Admin Console provides property screens accessible under
Servers → Lotus Workplace Servers that are used to view and modify settings
pertaining to server setup and services enablement. You can view both
configuration updates and run-time status. The following actions can be
performed:
򐂰 Create and configure a new Lotus Workplace server or update an existing
server's settings.
򐂰 View the run-time status of servers and start, stop, or delete a server as
needed.
򐂰 Enable or configure settings for the Lotus Workplace services available on a
given server.
Chapter 5. Team Collaboration administration
189
5.1.3 Workplace cell-wide settings
The general cell-wide settings in the Lotus Workplace section are located at the
bottom of the WebSphere Portal Administrative Console navigator. These
settings apply across the domain of managed servers/nodes - the Workplace
cell. Figure 6-1 illustrates the cell-wide settings that can be managed from WAS
Admin Console.
Figure 5-1 General cell-wide settings available in WebSphere Portal Admin Console
Table 5-1 provides a brief description of tasks that can be performed from this
panel. Subsequent sections provide more information on the functions relevant to
Team Collaboration.
Table 5-1 Workplace cell-wide settings descriptions
Option
To perform these tasks
Lotus Workplace → Licenses
Review license options for Lotus Workplace products. We
illustrate the process of adding a licence later in this book.
Lotus Workplace → Directories
Set and manage directory settings for messaging, for searchable
directories, and to add a searchable LDAP directory for
messaging.
Lotus Workplace → Archive
Configure archiving for expired and deleted user messages.
Lotus Workplace → Users →
Manage User Policies
Select a user policy assignment method (DN scope matching or
policy attribute method), create new policies, edit existing
policies, show accounts that belong to a user policy, and set the
features and restrictions that regulate which users have access to
mail, calendaring, personal address book, instant messaging,
team spaces, Web conferencing, document libraries, technical
preview features, and more.
190
IBM Lotus Workplace Team Collaboration 2.0.1
Option
To perform these tasks
Lotus Workplace → Users →
Manage User Mail Accounts
View mail accounts, policy used, current storage quota status,
and policy details for each account.
Lotus Workplace → Workplace
Applications → Manage Workplace
Application Policies
Establish or modify the features and restrictions for Workplace
applications and Web conferencing that help to identify obsolete
workplaces and control their size.
Lotus Workplace → Workplace
Applications → Manage Workplace
Applications
View the summary status of Workplace Applications, delete
Workplace Applications, view the policy type, moderator, and
reassign policies to Workplace Applications.
Lotus Workplace → Mail Cell-Wide
Settings
Configure mail services for all servers in the cell. Set the default
domain name for the mail cell and the postmaster e-mail address,
the network path of the queue directory, and specify the DNS
servers that resolve names and addresses. Configure the
cell-wide settings for mail services such as SMTP Outbound,
SMTP Inbound, POP3, IMAP, and set how the mail system
accepts or rejects inbound mail by configuring filters for SMTP
Inbound connections. Click Servers → Lotus Workplace Servers
to configure individual mail services (and other Lotus Workplace
services) at the server level.
Lotus Workplace → Team
Collaboration Cell-Wide Settings
Configure instant messaging, presence, and Web conference
capabilities that enable users to share information in real time.
Lotus Workplace → Workplace
Certificate Store
Manage the default trusted certificates for your organization.
Certificates are distributed to all rich clients on a scheduled basis.
You can update the certificate store with new certificates from the
Rich Client Trusted Certificates file or import a certificate from a
file.
5.1.4 Server start, stop, restart scripts
As an administrator of Lotus Workplace system, you will find that to apply certain
settings you have to restart servers. This is a simple process that can be made
even easier by creating very basic batch files.
To make the process of stopping, starting, and restarting the servers easier we
used the following simple batch files.
To restart all the servers:
cd d:\websphere\appserver\bin
call stopserver.bat LotusWorkplace_Server -username <wps_admin_name>
-password <wps_admin_password>
Chapter 5. Team Collaboration administration
191
call stopserver.bat WebSphere_Portal -username <wps_admin_name>
-password <wps_admin_password>
call stopserver.bat server1 -username <wps_admin_name> -password
<wps_admin_password>
call startserver.bat server1
call startserver.bat WebSphere_Portal
call startserver.bat LotusWorkplace_Server
You can, of course, fine-tune the file to provide error handling, status messages,
and so forth.
5.2 Adding administrators and assigning user roles
There are three ways of adding Workplace administrators:
1. Adding new admins to the wpsadmins group in the LDAP directory.
2. Granting resource permissions to the Portal virtual resource, which allows
you to specify different Portal roles to the new administrators.
3. Granting access rights to WAS Admin Console and Lotus Workplace
Infrastructure using WAS Admin Console, which allows you to assign different
Workplace roles to new administrators.
5.2.1 Adding new users to the wpsadmins group
This option is the easiest, but requires editor access to the LDAP directory used
by your environment. This method also does not allow for fine-tuning the rights:
new users will simply have the same access as the wpsadmins group.
5.2.2 Granting resource permissions to the virtual resource Portal
This is the method that will allow you to assign users to different WPS
administration roles. Here’s how to do that:
1. Click the Administration button located on the top of the screen.
2. Click Access → Resource Permissions and select Virtual Resources. You
are presented with a list of resources. (Virtual resources are a unique
resource type. Virtual resources contain the parent resources for all other
WebSphere Portal resources.)
192
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 5-2 Resource Permissions screen
3. Locate a resource named Portal - usually found at the end of the list.
4. Click on the icon with a key located to the right of the Portal resource as
shown in Figure 6-3:
Figure 5-3 List of portal virtual resources (part)
5. The displayed screen will show Portal resource roles and permissions. On
that screen find Administrator role (or other role that you would like to assign
to users) and click the Edit Role button.
Chapter 5. Team Collaboration administration
193
Figure 5-4 Portal resource roles
6. You should now see a screen with users and groups having the Administrator
role assigned. Click the Add button and select Users or User groups in the
Search for Users or User Groups field.
Figure 5-5 User selection screen for resource assignment
7. In the Search on field select the LDAP attribute you’d like to use to locate the
users (for instance UID), type in the name and click Search.
8. Select one or more users you want to have the current role assigned to and
click OK.
194
IBM Lotus Workplace Team Collaboration 2.0.1
9. New users should now be listed along with wpsadmin and wpsadmins entries.
10.Once you are finished adding users, click Done. On the next screen click OK,
followed by Done.
11.In the WebSphere Administrative Console, click System Administration →
Console Users.
12.Click Add.
13.Type an LDAP user name, select a role, and then click OK.
14.Repeat for additional console users. As a general rule, you should add all of
the users and the same roles that you will specify for the WpsAdminconsole
application in the next section.
15.Click Save, then Save again to commit the changes.
16.Restart the WebSphere Application Server.
You have now granted portal administrator rights to new users. To test, log in
using the new admin username and password.
5.2.3 Adding Workplace administrators using WPS Console
Granting Workplace admin rights involves modifying access to two enterprise
applications:
򐂰 WebSphere Portal Admin Console (WpsAdminconsole)
򐂰 Lotus Workplace Infrastructure (A_LWP_Infrastructure)
In addition, if you want other administrators to use WAS Admin Console (instead
of or along with the WPS Admin Console), you have to grant appropriate access
rights to the adminConsole application as well.
To grant administrative right to other Workplace users follow these steps:
1. In the WPS Administrative Console click Applications → Enterprise
Applications to add users to the WpsAdminconsole application
(WebSphere_Portal).
2. Click WpsAdminconsole (the applications at first glance seem to be listed
alphabetically, but they are not. WpsAdminconsole application is usually to be
found somewhere in the middle of the list (typically on the second screen).
3. Under Additional Properties, click Map security roles to users/groups.
4. Select a role (administrator, for example) and click Lookup users.
Chapter 5. Team Collaboration administration
195
5. Enter a search string to find the LDAP users you want to add, then click
Search. The available roles are:
a. Monitor- Can view the system and configuration state information but
cannot perform any changes.
b. Configurator - Has all the functions of Monitor as well as the ability to
make configuration changes on all Lotus Workplace pages.
a. Operator - Has all the functions of Monitor as well as the ability to make
operational changes, for example start and stop servers and Lotus
Workplace services.
b. Administrator - Has all the functions available.
6. Select the desired users in the Available list and click the right-arrow button to
copy them to the Selected list. Figure 5-6 shows the user selection panel.
Figure 5-6 User roles selection panel
7. Click OK when all users have been added for this role.
8. Click OK on the Mapping users to roles page when you are done adding all
users.
9. Click Save, then Save again to commit the changes.
These actions granted rights to use WPS Admin Console to the selected new
users. Now it’s time to assign Workplace roles. To do that, perform the following
steps:
1. Click Applications → Enterprise Applications.
2. Click A_LWP_Infrastructure.
196
IBM Lotus Workplace Team Collaboration 2.0.1
3. Under Additional Properties, click Map security roles to users/groups. You
will notice that some roles have users or groups already assigned. The
PKIAdmin role already has a mapped group - wpsadmins. This entry allows
members of this group to perform the stated certificate functions. Also, the
lwpUser and lwpAnonUser roles have users assigned: all authenticated users
to lwpUser; Everyone to lwpAnonUser.
Important: By default, every remote Workplace EJB method is protected by
lwpUser. Therefore, you should leave this role with it’s current user
assignment. If you want to limit access to the workplace to a certain group of
users, you should uncheck the “All authenticated users” box from that role and
assign the users you want.
Table 5-2 describes the roles and their default values.
Table 5-2 Workplace roles
J2EE role
Description
Default value
lwpUser
Any authenticated Workplace user.
All authenticated users
wpsAdmin
Any Portal admin.
wpsadmins group
wpsRunAsAdmin
The WPS admin used for delegation (RunAs role).
wpsadmin (member of
wpsadmins group)
wasAdmin
Any WAS admin.
wpsadmins group
wasRunAsAdmin
The WAS admin used for delegation (RunAs role).
wpsadmin (member of
wpsadmins group)
lwpAnonUser
Any Workplace method that should be available to
unauthenticated users has lwpAnonUser role
assigned and associated with any user. Used by
WPCP scheduler for re-indexing.
All users
4. Select the wasAdmin, wpsAdmin, and PKIAdmin roles and click Lookup
users.
5. Enter a Search String to find the LDAP users you want to add, then click
Search.
6. Select the desired users in the Available list, select all of the users that you
added to the WpsAdminconsole application previously, then click the
right-arrow button to copy them to the Selected list.
Chapter 5. Team Collaboration administration
197
Figure 5-7 Lookup users/groups
7. Click OK when all users have been added for this role.
8. Click OK on the Mapping users to roles page when you are done adding all
users.
9. Click Save, then Save again to commit the changes.
10.Restart the WebSphere Portal, Lotus Workplace, and WebSphere Application
Servers.
And finally, to add users to the WAS console admin list follow these steps:
1. In the WebSphere Administrative Console, click System Administration →
Console Users.
2. Click Add.
3. Type an LDAP user name, select a role, and click OK.
4. Repeat for additional console users. As a general rule, you should add all of
the users and the same roles that you will specify for the WpsAdminconsole
application.
5. Click Save, then Save again to commit the changes.
6. Restart the WebSphere Application Server.
198
IBM Lotus Workplace Team Collaboration 2.0.1
5.3 Team Collaboration architecture in the WebSphere
Portal Admin Console user interface
In this section we look at how the WebSphere Portal Admin Console user
interface reflects the architecture of the product. To begin with, we note that
there are three types of configurations that are specific to Team Collaboration:
򐂰 Workplace server-specific settings (Servers → Workplace Servers) that apply
to this particular machine (server) only.
򐂰 Workplace enterprise application-specific settings (Applications → Enterprise
Applications) configuring this particular application (for instance an
application called A_LWP_Team).
򐂰 Cell-wide settings (Lotus Workplace) that apply to all servers providing Team
Collaboration services.
Chapter 5. Team Collaboration administration
199
Figure 5-8 Configuration points for Team Collaboration in the Portal Admin Console
When you make changes to each of these sets of pages, you can check in the
save confirmation box which files are being impacted. For example, if you
change the Team Collaboration configuration on this Application server you will
be presented with the chance to save changes to serverindex.xml and lwpcf.xml
as shown in Figure 5-9.
200
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 5-9 Modifications to the App Server configuration
However, when settings change for the particular instance of the Enterprise
Application, it is reflected in changes to files such as the application’s
deployment.xml file, as shown in Figure 5-10.
Figure 5-10 Modifications to the Enterprise Application
Likewise, when we make adjustments at the level of the entire cell we will be
impacting all instances of the application running on all nodes/app servers. As
such, when changes take place here the configuration is stored at a higher level
that impacts the entire cell. In this case, we changed the cell’s internal domains
Chapter 5. Team Collaboration administration
201
setting to remove a domain and we see that it is stored in the
lwp-sync-collabcell.xml file, as illustrated in Figure 6-11.
Figure 5-11 Configuration changes to the Cell level
5.4 Workplace application policies
Workplace application policies are set up to identify and, to a certain degree,
control workplace applications. For instance, a Web conference policy can
control for how long closed Web conferences can remain on a server.
In release 2.0.1 of Lotus Workplace you can have a single default policy for each
type of application (Web conference, team space, workplace application), and
then the policy gets applied to all applications of a particular type when they are
created. You can then go back and re-assign a different policy to the
applications.
There are two types of application policies forms: for Web conferences; and for
other applications such as team spaces, document libraries and applications
created with Workplace Builder from workplace templates. After Workplace
installation there are three default policies defined:
򐂰 For Web conferences
򐂰 For team spaces
򐂰 For workplace applications (all types other than team spaces and Web
conferences)
202
IBM Lotus Workplace Team Collaboration 2.0.1
Important: A policy can be defined as a set of limits applied to a particular
type of Workplace application, along with actions to take place when these
limits are reached or exceeded. Workplace policies specify conditions and
actions for automatically managing Web conferences and Workplace
Applications, such as team projects, discussion forums, and applications
created using Workplace Builder. A workplace policy is either a Workplace
Application policy or Web Conference policy.
For Web conferences, the policy defines how many days the conference should
remain on the system from the time it ended. For other applications, a policy
specifies a maximum size an application can attain and for how many days it can
remain inactive.
When you create a workplace application, a default policy is created for this
application based on the template on which the workplace application was built.
You can, of course, define your own policies and replace the default policy with
the one you created. However, you can do that only so that the custom policy
type matches the type of the application; that is, you can create and assign a
custom workplace application policy to a team space but not to a Web
conference. To do that, you need to create a custom Web conference policy.
To track the status of workplaces with regard to their assigned policies, a
scheduled task runs on the server daily, checking the size, creation date, and
date of last activity for each workplace. When the task detects that the value of
one of these attributes exceeds the value specified in the assigned policy (or
reaches a defined threshold), it triggers the configured action and sets the
application to Warning or Exceeded (see Figure 5-13 on page 205). The
Scheduling task is described in 5.7, “Workplace Scheduler” on page 223.
Optionally, you can configure warning messages for any policy that has a
configured action, but only if you have Workplace Messaging enabled. Warning
messages are sent when applications approach their policy limits. For example,
if a policy specifies that Web conferences older than 30 days will be deleted, you
might enable a warning message that is sent to moderators after 20 days
(threshold set to 20 days). Providing a warning enables moderators to make
arrangements to archive important materials, or request an extension to the
policy limit.
To illustrate the process of managing application policies, let’s analyze the entire
process of viewing a default policy, defining a custom policy, and replacing the
default policy with your custom one.
Chapter 5. Team Collaboration administration
203
5.4.1 Viewing current application policy
For the purpose of this demonstration we have created a Team Space called
“Alpha Atlantic Team Project.” When it was created, a default team space policy
was applied since the application was built based on the team space template.
To view the current application policy, follow these steps:
1. Click Lotus Workplace → Workplace Applications → Manage Workplace
Applications. You will be presented with a list of current applications.
Attention: (Optional) To view only workplaces that use a specific policy, click
Lotus Workplace → Workplace Applications → Manage Workplace
Application Policies, select the desired policy, and then click Manage
Workplace Applications.
Figure 5-12 Workplace application management - List
On the right side of the screen in Figure 5-12 you can see the current status
of the applications with regard to their assigned policies. Status can be
displayed as:
– OK - None of the policy constraints reached the warning threshold.
204
IBM Lotus Workplace Team Collaboration 2.0.1
– Warning - One or more policy constraint thresholds has been reached
(exceeded) by the application.
– Exceeded - One or more of the policy constraints has been reached or
exceeded. In this case we are talking about the actual value of the
constraint - not the threshold!
Figure 5-13 Three types of application policy status
2. To view policy status details for a workplace application, click its name - in our
example Alpha Atlantic Team Project. Figure 5-14 shows the application
details, including the current policy name and settings.
Figure 5-14 Selected Workplace Application Policy details
In this figure you can see not only the policy details, but you can also assign a
different policy by selecting another policy name. Based on the presented
information we can see that the current policy assigned is based on the Default
Team Space Policy. On this screen, you cannot change any settings other than
assigning another policy.
Chapter 5. Team Collaboration administration
205
5.4.2 Modifying default policy
To modify settings you can do one of the following:
1. Modify a default policy.
2. Create a custom policy and assign it to your application.
To modify a default policy follow these instructions:
1. Click Lotus Workplace → Workplace Applications → Manage Workplace
Application Policies to view a list of existing workplace application policies.
Figure 5-15 Default Application Policies
2. Click the default policy you want to modify. You will see the screen with the
default settings. Since the application we’re discussing in this section is a
team space, we would modify the Team Space default policy. In Figure 6-17
you see that we have reduced the size limit to 15 MB.
Note: If you set workplace policy limits and select the Administrator option for
sending messages when a limit is exceeded, you must enter at least one
address in this field. It can be accessed from the “Manage Workplace
Application Policies” panel depicted in Figure 5-15. If you try to select
administrator in the policy when this field is empty, the changes will not be
carried through. Figure 5-16 shows the form to add this information.
206
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 5-16 Adding administrator e-mail address
In the e-mail address field, specify one or more e-mail addresses, for
example, masteruser@cam.itso.ibm.com®. The addresses you enter should
be those of managers responsible for the server or users with access to
disable or delete workplaces. By default, the value of this field is not defined
and is not associated with any existing administrative role.
Figure 5-17 Modified default Team Space policy
3. Click Apply. Once you have applied the changes, all team spaces that have
default policy assigned are subject to the new size limit. Keep in mind,
however, that going back to the application list page, you will not see status
Chapter 5. Team Collaboration administration
207
changes immediately. Only after the scheduler processes the applications will
the status change be reflected in the Admin console for the applications that
do not meet policy constraints. By default, the scheduler checks the
applications at 2 AM daily.
5.4.3 Creating custom application policy
From the Manage Workplace Application Policies panel of the WebSphere Portal
Administrative Console, you can create new workplace application and Web
conference policies. To create a policy, complete the following steps:
1. Click Lotus Workplace → Workplace Applications → Manage Workplace
Application Policies to view a list of existing workplace application policies.
2. Click New Workplace Application Policy or New Web Conference Policy
to open a panel where you can specify the settings for the new policy. For our
Alpha Atlantic example application we chose the New Workplace
Application Policy.
3. Complete the workplace application policy properties or Web conference
policy properties and then click Apply or OK.
5.4.4 Managing workplace application policy
You may also want to see (or manage) all applications associated with a
particular policy. To do that complete these steps:
1. Click Lotus Workplace → Workplace Applications → Manage Workplace
Application Policies to view a list of existing workplace application policies
(see Figure 5-15 on page 206).
2. Select the checkbox next to the policy in which you are interested to view a
list of the applications associated with it.
Click the Manage Workplace Applications button. You will see the panel with
the list of applications. From that panel, shown in Figure 5-18, you can also
assign a different policy to all displayed applications in one step.
208
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 5-18 List of application associated with a selected policy
5.5 User policies
User policies are defined to manage user accounts and groups of users. These
polices are the primary way to enable or suspend access to Lotus Workplace
products and features. There is a default user policy which is assigned to
everyone by default, unless you specifically assign them to another user policy.
You can create a policy for any number of groups or individuals.
A user policy controls user access to messaging, document libraries, instant
messaging, Workplace applications (including Team spaces), Web conferences,
Learning, and special technical preview features. Lotus Workplace comes with a
default policy to which users are assigned when no other policy is available.
Important: Before you create a user policy, you must specify how Lotus
Workplace will assign users to user policies. You can either choose to use a
policy attribute in directory person records or DN (distinguished name) scope
matching. See 5.5.2, “Assigning users to user policies” on page 212 for more
details.
Chapter 5. Team Collaboration administration
209
Once you specify how users will be assigned, you are ready to create user
policies either by using the WebSphere Administrative Console or the Lmadmin
CreatePolicy command.
You can create one policy for all users, different policies for specific groups of
users, or you can create a policy that applies to only one person.
5.5.1 User policy options
You can specify any of the following general options when creating a user policy
(we provide descriptions of the properties related to Team Collaboration):
򐂰 Allowed clients (browser and rich client)
򐂰 Allow mail
򐂰 Allowed alternate mail clients (POP3 and IMAP)
򐂰 Allow calendar
򐂰 Allow personal address book
򐂰 Maximum entries in personal address book
򐂰 Allow document libraries - Allow users of this policy to use document libraries.
Select Create to allow users to create, manage, and publish document
libraries. The default setting for each option is selected.
򐂰 Allow IBM document editors - Allow users to use the word processor,
spreadsheet, and presentation editors provided with document libraries. The
default setting is selected.
򐂰 External tools - Select one of the following tool options for editing documents
in the document libraries:
– Do not allow external tools. Use this option to prevent users from using
external tools.
– Always use external tools. Use this option to force users to use external
tools.
– Use IBM document editors when available, otherwise use external tools.
The default setting is “Use IBM document editors when available, otherwise
use external tools.”
򐂰 Allow import of files - Allow users to import files into document libraries. The
default setting is selected.
򐂰 Allow export of files - Allow users to export files from document libraries to a
file system. The default setting is selected.
򐂰 Allow Workplace applications - This setting pertains to the Applications tab in
the UI. Users who have “Use” set for this policy can access the tab (users
210
IBM Lotus Workplace Team Collaboration 2.0.1
who do not have “use” set will not see the tab); users who have “Create” set
can create new workplace applications. The default setting is selected.
򐂰 Allow team spaces - Select these settings to allow users to use or create
team spaces. The default setting for each option is selected.
򐂰 Allow users to create and edit Workplace templates - Allow users to create
and edit Workplace templates and categories and have a Workplace Builder
link in their list of global links in the Links section of the rich client. The link
allows them to access templates. Users can also save a Workplace
application as a template. Templates are managed as XML documents in a
catalog and users can import and export template definitions, launch
Workplace Builder, and control versioning, locking, and access. The default
setting is selected.
򐂰 Allow users to set Workplace template usage to All authenticated users Select this setting to allow the editor of a template to specify that any
authenticated user can create a Workplace application from that template.
This setting, in effect, allows the template editor to deploy a template to all
users. This default setting is not selected.
򐂰 Allow instant messaging - Allow users to use instant messaging, see who is
online, and start chats.
򐂰 Allow Web conferencing - Select “Attend” to allow users to attend Web
conferences, or select “Schedule and attend” to allow users to schedule and
attend Web conferences.
򐂰 Allow learning.
򐂰 All technical preview features (demonstration and pre-production features) This is an interesting option that, if selected, enables users to read about and
try features that may be included in a future release. We recommend that this
setting be enabled only for a small, selected audience among the Workplace
users.
– Demonstration feature
Notes Applications. Access Notes databases, documents, and views. To
use this feature, users must have Notes 7.0 installed to a directory on the
system path.
– Pre-production features
Identify a chronological chain of responses that relate to the original mail
message.
Identify messages that are addressed only to the user. The user can
quickly see the messages that are sent only to her or him.
Spam filter. The user can identify and automatically delete spam and work
with the spam filter to delete subsequent junk mail. When the user
Chapter 5. Team Collaboration administration
211
receives similar messages, the messages will be delivered directly to the
Junk Mail folder, not to the user's Inbox. The spam filter examines each
message intended for delivery for characteristics of junk mail and
continually records each user's actions of deleting some messages as
junk mail, then classifies subsequent similar messages as either junk mail
or not junk mail.
There are also mail, archive, and rich client settings that are beyond the scope of
this redpaper. For information, refer to the Lotus Workplace Infocenter at:
http://publib.boulder.ibm.com/infocenter/lwpphelp/index.jsp
5.5.2 Assigning users to user policies
Before you create a new user policy, you must consider how to assign policies to
users. By default Lotus Workplace assigns users to polices by matching the
user's distinguished name (DN) to a DN scope that you specify in the policy. To
put it simply: by default you get the policy assigned based on your DN.
There are two methods for assigning users to user policies: using a policy
attribute in directory person records or distinguished name scope matching. To
provide the most flexibility in managing users and policies, assign users to
policies by specifying a policy attribute in WebSphere Member Manager.
Alternatively, you can specify the policy attribute in the portal LDAP directory.
Attention: If you change the policy assignment method, you must restart the
WebSphere Application Server and the WebSphere Portal server. In addition,
if you change the policy assignment method after users are assigned to
policies, you must reassign users to policies.
Directory policy attribute method
The policy attribute ibm-lwpUserPolicy in the Member Manager lookaside
database stores a policy name in each WMM member profile. When you run the
Lmadmin UpdateAccount command and give it a policy name, Lotus Workplace
updates member profiles with the new policy name.
When it comes to assigning users to policies, a policy attribute gives you greater
flexibility than DN scope matching because members of the same DN scope
share the same policy, while a policy attribute lets you assign different policies to
members of the same DN scope. If you are using the policy attribute method of
assigning users to policies, you populate or change a user's policy by running the
Lmadmin UpdateAccount command.
The directory policy attribute method lets you easily restrict users from accessing
Workplace products, including suspending mail accounts. Suspending a mail
212
IBM Lotus Workplace Team Collaboration 2.0.1
account involves moving the user to a user policy in which mail access is
disabled. For instance, you can create a policy called Suspended Mail Accounts,
then run the UpdateAccount command to assign specified users to the policy
where mail access is disabled. Unless your organization is homogeneous and
you want to roll out one level of Lotus Workplace capabilities for an entire DN in
your organization, select the directory policy attribute method for assigning
policies.
The default Member Manager user policy attribute name is ibm-lwpUserPolicy; it
is found in member profiles in the WebSphere Member Manager lookaside
database. It is used for storing the name of the user policy to which the user is
assigned.
You can use a policy attribute in an LDAP directory rather than in the Member
Manager lookaside database. If you extend the LDAP directory schema to add a
custom policy attribute that is equivalent to the policy attribute in the lookaside
directory, you must map the lookaside attribute to the LDAP attribute so that
Member Manager uses the policy attribute in the LDAP directory instead. The
advantages to this approach are that applications other than Lotus Workplace
products can use the attribute, and you can use LDAP directory administration
tools to populate the attribute values. If you map a lookaside attribute to an LDAP
attribute, no data is transferred from the lookaside database to the LDAP
directory. Rather, the repository for the attribute changes. For details and
examples of attribute mapping refer to the Lotus Workplace Infocenter at:
http://publib.boulder.ibm.com/infocenter/lwpphelp/index.jsp
Distinguished name scope method
The default method of assigning users to user policies is based on the DN scope
that you set in the policy itself. Each policy must have a unique scope that
defines the set of users to which the policy applies. You cannot have two policies
with an identical scope value.
A DN is a series of comma-separated name-value pairs. These pairs are ordered
from most specific to most general. In the example, “uid=Jack Tar, cn=users,
ou=redbooks, o=IBM,” “uid” is the most specific and “o” is the most general. You
assign users to policies using any or all attributes that are present in the user's
distinguished name.
When a user's DN matches more than one policy-defined DN, Lotus Workplace
assigns a user to the user policy that contains the highest number of attributes
that match the user's DN. For example, when seeking to match the user
“uid=Jack Tar, cn=users, ou=redbooks, o=IBM” to a policy, Lotus Workplace will
match the following DNs to the policy, in this order:
1. uid=Jack Tar, cn=users, ou=redbooks, o=IBM
Chapter 5. Team Collaboration administration
213
2. cn=users, ou=redbooks, o=IBM
3. ou=redbooks, o=IBM
4. o=IBM
Using this example, if you wanted to assign all members of the redbooks
organization to the same policy, enter a DN scope of “ou=redbooks,o=ibm.” You
don’t have to modify anything if you want to assign everyone in the WebSphere
Member Manager directory to use the default user policy: a user is assigned to
the default policy if no other policy contains a more specific DN scope setting.
When entering a DN scope in a policy, avoid entering extra spaces around
names and values. The entered value is not case sensitive.
5.5.3 Choosing policy assignment method
In our Redbook environment we used the DN Scope policy attribute stored in the
lookaside database. To change the method of policy assignment, complete the
following steps:
1. Click Lotus Workplace → Users → Manage User Policies and click the
Policy Assignment button to choose the method of assigning users to
policies.
Figure 5-19 User Policies management panel
2. Select the assignment method and click Apply.
214
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 5-20 Selecting user policy assignment method
3. Restart the WebSphere Application Server and the WebSphere Portal server.
In addition, if you change the policy assignment method after users are
assigned to policies, you must reassign users to policies as described later in
this section.
5.5.4 Viewing existing user policies
Select Lotus Workplace → Users → Manage User Policies and click the
name of the policy you would like to view.
Chapter 5. Team Collaboration administration
215
Figure 5-21 Default user policy (top of form)
216
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 5-22 Default user policy (bottom of form)
5.5.5 Creating user policies
The following steps describe how to create a new user policy.
1. Click Lotus Workplace → Users → Manage User Policies.
2. Click New to create a new policy.
3. Enter a unique policy name.
4. If you assign users to user policies based on DN scope matching, enter a
unique scope in distinguished name format. For example, to assign all
members of the Redbooks organization to the same policy, enter a DN scope
such as “ou=Redbooks, o=IBM” in the policy. If you assign policies based on
a policy attribute, leave the Scope of user policy field blank.
5. (Optional) Select any of the general options. Many options are provided by
default. In the Administrative Console, click the [i] to get information about any
policy option.
6. Click OK.
7. (Optional) Scroll down to the bottom under Additional Properties and set Mail,
Web client, and Rich client options.
5.5.6 Assigning policies to users
Once you have created the new policies, you have to assign them to the selected
groups or users.
Note: Users must log out, then log back in to be assigned to a new policy.
However, policy changes take from 15 minutes to an hour to process.
Therefore, it is good practice to make policy changes at the end of the day so
that users can begin using the new policy when they log in the next day
Chapter 5. Team Collaboration administration
217
Assigning users to policies using DN scope matching
The following procedure is used to reassign users to a different user policy only if
you use the DN scope matching method of assigning users to policies.
Edit an existing policy or create a new policy as described in the previous
section. Since you have selected the DN scope matching method no additional
steps are necessary. Users with the matching DN will have the new policy
applied when they log out and then log back in.
Suspending user access using DN scope matching
You can suspend user access to any Lotus Workplace product by making
changes to user policies. Use the steps that follow only if you have configured
Lotus Workplace to assign user policies using the distinguished name
scope-matching method.
1. Create a new policy in the Administrative Console by clicking Lotus
Workplace → Users → Manage User Policies, then clicking New to create
a new policy for the restricted user.
2. In the field Policy name, provide a descriptive name such as “Jack Tar
Suspended.”
3. In the field Scope of user policy, type the scope of the user's full DN, for
example: uid=Jack Tar, cn=users, ou=Redbooks, o=IBM. Why the full scope?
Well, the DN scope matching applies to all users that match the DN scope
provided in this field. So if you, for example, specified only ou=Redbooks,
o=IBM, all the users belonging to this branch of the directory would get their
access suspended!
4. Clear the check box of each product that you want to disable access to.
5. Click OK.
Users must log out, then log back in to be assigned to a new policy.
Note: To reactivate the account, delete the user policy that you created to
suspend the user's access. The user will be assigned automatically to the
policy that most closely matches his or her DN.
Assigning users to policies using the policy attribute method
Perform the following steps to reassign users to a different user policy only if you
use the directory policy attribute method of assigning users to policies.
1. In the WebSphere Administrative Console, click Lotus Workplace →
Users → Manage User Policies.
2. Edit an existing policy or create a new policy.
218
IBM Lotus Workplace Team Collaboration 2.0.1
3. Leave the scope blank.
4. Set user policy properties in the policy.
5. Run the LMAdmin UpdateAccount command to update the user's profile with
the new policy name. Refer to 5.8, “LMAdmin Tool” on page 227 for more
details on LMAdmin and the UpdateAccount command.
Users must log out, then log back in to be assigned to a new policy.
Suspending user access using the policy attribute method
Use the steps that follow only if you have configured Lotus Workplace to assign
user policies by the directory policy attribute method.
1. In the WebSphere Administrative Console, click Lotus Workplace →
Users → Manage User Policies, then click New to create a new policy for
suspended users. You can use a separate policy for each product you want to
deny access to, or one policy for several products.
2. In the field Policy name, provide a descriptive name such as “Suspended
Team Spaces.”
3. Leave the field Scope of user policy blank.
4. Clear the check box of the product that you want to disable access to.
5. Click OK.
6. Run the LMAdmin UpdateAccount command to specify the new policy
associated with the user account. Refer to the 5.8, “LMAdmin Tool” on
page 227 for more details on LMAdmin and the UpdateAccount command.
Users must log out, then log back in to be assigned to a new policy.
5.5.7 User policies and default access
When an administrator defines user policy and sets licensing options in the
WebSphere Administrative Console for a group of users, the access privileges
assigned to a user (or a group) are stored in an attribute in the user's record in
the WebSphere Member Manager (WMM). When the user logs in, the
WebSphere Portal server retrieves this WMM attribute value and based on the its
settings, creates a group membership list for this user (these special access
groups are also referred to as “soft-groups”). Each soft-group matches a
predefined set of access rights to a Lotus Workplace product. As a result, when
you apply a policy to a user or group of users, you are defining which soft-groups
the user becomes a member of, in effect defining which products that user or
group can access. For instance, by setting Allow mail in the policy, all the users
that have this policy assigned become members of the
lwp_policy_access_http_mail_do_not_modify soft-group.
Chapter 5. Team Collaboration administration
219
Table 5-3 shows the user soft-groups that are build based on matching user
policy settings.
Table 5-3 Policy settings vs. soft-groups
User policy setting
Matching Workplace soft-group
Allow mail
lwp_policy_access_http_mail__do_not_modify
Allow calendar
lwp_policy_access_calendar__do_not_modify
Allow personal address book
lwp_policy_access_pab__do_not_modify
Allow instant messaging
lwp_policy_access_im__do_not_modify
Allow team spaces: Use
lwp_policy_access_team_space__do_not_modify,
lwp_policy_teamspace_page__do_not_modify
Allow team spaces: Use and Create
lwp_policy_create_team_space__do_not_modify,
lwp_policy_create_teamspace_application__do_not_modify,
lwp_policy_create_teamspace_application
Allow Web conferencing: Attend
lwp_policy_access_online_meeting__do_not_modify,
lwp_policy_web_conference_page__do_not_modify
Allow Web conferencing: Attend and
Schedule
lwp_policy_create_online_meeting_do_not_modify,
lwp_policy_create_web_conference_application_do_not_modify,
lwp_policy_create_web_conference_application
Allow learning
lwp_policy_access_learning__do_not_modify
Web Client details: Allow users to
create and send attachments
lwp_policy_send_attachments__do_not_modify
Web Client details: Allow users to
save messages to the file system or a
document manager
lwp_policy_receive_attachments__do_not_modify
Allow technical preview features:
Demonstration features
lwp_policy_demo__do_not_modify
Allow technical preview features:
Pre-production features
lwp_policy_preproduction__do_not_modify
Allow document libraries: Use and
Create
lwp_policy_document_management__do_not_modify,
lwp_policy_documents_page__do_not_modify,
lwp_policy_create_document_application__do_not_modify
Allowed clients: Rich client
lwp_policy_rich_client__do_not_modify
Allow personal document library
lwp_policy_personal_document_management__do_not_modify,
lwp_policy_personal_document_library
220
IBM Lotus Workplace Team Collaboration 2.0.1
User policy setting
Matching Workplace soft-group
Allow Workplace applications: Use
lwp_policy_applications_page__do_not_modify
Allow Workplace applications: Use
and Create
lwp_policy_create_applications_application
Allow users to create and edit
Workplace templates
lwp_policy_create_edit_templates_categories__do_not_modify
Allow IBM document editors
lwp_policy_IBM_Productivity_Components__do_not_modify
Attention: As a portal administrator you can view and change the access to
Lotus Workplace portlets assigned to these groups using the WebSphere
Administrative Console. However, the “_do_not_modify” suffix added to each
of these group names indicates that you should not use the WebSphere
Administrative Console to edit access to Lotus Workplace resources. See 5.6,
“Managing user access to Workplace resources” on page 222 for information
on how to change the access levels assigned to a user or group.
In our environment we created a policy called “Redbook Users” that has a scope
of ou=redbooks and that contains the following User Policy settings in the
WebSphere Administrative Console:
򐂰 Allowed clients: Browser client
򐂰 Allow Mail
򐂰 Allow calendar
򐂰 Allow personal address book
򐂰 Allow document libraries: Use and create
򐂰 Allow team spaces: Use and create
򐂰 Allow Web conferencing: Schedule and Attend
򐂰 Allow instant messaging
As a result, WebSphere Portal server adds Jack Tar, who is an ITSO (IBM
redbook organization) resident and therefore has OU=redbooks in his LDAP
person record, into the following user groups, automatically:
򐂰 lwp_policy_browser_client__do_not_modify
򐂰 lwp_policy_access_http_mail__do_not_modify
򐂰 lwp_policy_access_calendar__don_not_modify
򐂰 lwp_policy_access_pab__do_not_modify
򐂰 lwp_policy_access_online_meeting__do_not_modify
Chapter 5. Team Collaboration administration
221
򐂰 lwp_policy_web_conference_page__do_not_modify
򐂰 lwp_policy_create_online_meeting__do_not_modify
򐂰 lwp_policy_create_web_conference_application__do_not_modify
򐂰 lwp_policy_create_web_conference_application
򐂰 lwp_policy_access_im__do_not_modify
򐂰 lwp_policy_documents_page__do_not_modify
򐂰 lwp_policy_create_document_application__do_not_modify
򐂰 lwp_policy_document_management__do_not_modify
Alternatively, Jack Tar would be added to the same predefined groups if his
LDAP person record contained a policy attribute value of “Redbook Users” and
our assignment policy was based on the policy attribute method.
As a result of his membership in these Lotus Workplace specific groups, Jack
can access the Mail, Address Book, and calendar portlets; he can schedule and
attend Web conferences and access the Instant Messaging portlets; he cannot
access rich client products; and he can use and create the document libraries.
5.6 Managing user access to Workplace resources
5.6.1 Defining user access levels
The WebSphere Application Server programmatically assigns permissions to
Lotus Workplace resources for each of your users. It determines how to assign
permissions to resource for your users based on two things: first, the user policy
settings that you specify for each product in the Users → Manage User Policies
page of the WebSphere Administrative Console; and second, the settings that
you specify in the Licenses page of the WebSphere Administrative Console.
Together, these settings determine the levels of access that users have to Lotus
Workplace products. The WebSphere Portal server enforces these access
controls.
User policy and licensing settings made in the WebSphere Administrative
Console apply to browser and rich client users. When users access a rich client
product and go offline, the user policy information for that user is copied to and
stored locally in a server running on the user's machine. The user policy
information on the local server is updated when you apply policy changes to a
user on the WebSphere Application Server.
222
IBM Lotus Workplace Team Collaboration 2.0.1
5.6.2 Editing user access to Lotus Workplace products
To edit a user's access to a Lotus Workplace function, you can change the
policies that govern a user's access rights.
You can grant the user access to a particular Workplace functionality by applying
an existing policy, which grants access to the desired portlet to the user. You can
create a new policy with access rights to the desired portlet and apply it to the
user. To deny a user access to a portlet, you can remove the user from the scope
of the policy that grants access to that portlet, or, depending on the method you
use to assign policies to the users, remove the policy name from the policy
attribute on the user's LDAP person record.
Note: We are using the word “portlet” in here because by selecting which
functions are available through a particular policy assignment, you ultimately
grant/deny access to the portlets through which Workplace functionality is
accessed.
5.7 Workplace Scheduler
The Task Scheduler controls the starting and stopping of many Lotus Workplace
administrative tasks, including the Quota Manager that we mentioned in the
Workplace Application Policies section. Use this service to schedule cell-wide
tasks such as Reconcile, Compact, Quota Manager, Trash Collector, Export,
Archive, Update Overdue Team Task, and others. It is best to configure the Task
Scheduler to run on its own machine, but you can run the service with other
Lotus Workplace services on the same server. The Task Scheduler service must
be enabled for mail and collaboration services to work.
The Task Scheduler Service runs administration tasks that affect the entire cell;
therefore, any setting changes in Scheduler configuration will affect all
Workplace servers in this cell. The settings for the Task Scheduler are not
marked as “cell-wide” because it runs as a service on only one server.
5.7.1 Configuring the Task Scheduler Service for a cell
To access Scheduler configuration perform the following steps:
1. In the WebSphere Administrative Console, click Servers → Lotus
Workplace Servers, and then click the name of the Lotus Workplace server
that has the Task Scheduler Service running on it.
2. Click the Task Scheduler Service to display the configuration panel for Task
Scheduler, as shown in Figure 5-23.
Chapter 5. Team Collaboration administration
223
Figure 5-23 Task Scheduler configuration panel
From this panel you can configure run schedules for individual maintenance
tasks by clicking on a service name for which you want to configure a schedule.
After you click a particular service, the selected service schedule configuration
panel shown in Figure 5-24 is displayed.
224
IBM Lotus Workplace Team Collaboration 2.0.1
Figure 5-24 Task schedule configuration window
Although the window shown in Figure 5-24 represents Update Overdue Team
Tasks, the options shown are the same as for any other task that can be
scheduled through Workplace Scheduler.
The task can be scheduled to run at intervals ranging from a few minutes to a
month. Table 5-4 provides more information on available time intervals.
Table 5-4 Available scheduling intervals
Frequency
Setting
Ranges available
Minutes
1, 2, 3, 4, 5, 10, 15, 20, 30
Hourly
Minutes past the hour
0 - 59
Daily
Hours past midnight
Minutes past the hour
0 - 23
0 - 59
Chapter 5. Team Collaboration administration
225
Frequency
Setting
Ranges available
Weekly
Day of the week
Hours past midnight
Minutes past the hour
Monday - Sunday
0 - 23
0 - 59
Monthly
Day of the month
Hours past midnight
Minutes past the hour
1 - 28
0 - 23
0 - 59
5.7.2 Scheduler tasks
As we mentioned previously, the Workplace tasks run by the Workplace
Scheduler are routine maintenance tasks. Most of them are related to Workplace
Messaging. The following list identifies the tasks that can be scheduled, but
provides descriptions of only those tasks that are Team Collaboration related.
For information on the tasks that do not include details here, refer to the Lotus
Workplace Infocenter at:
http://publib.boulder.ibm.com/infocenter/lwpphelp/index.jsp
򐂰 Administrator
򐂰 Archive
򐂰 Attachment cleanup
򐂰 Compact
򐂰 Export Default
򐂰 PKI Request Processor
򐂰 Quota manager
򐂰 Reconcile
򐂰 Reconcile Archive
򐂰 Trash collector
򐂰 Update Overdue Team Tasks - This task periodically finds all team spaces
tasks that are overdue and sets their state to overdue. When a user is
assigned to a task in team spaces, the task has a date by which it must be
completed. After that date, the task is marked overdue. Once a task is
marked overdue, the task appears with a different icon to the user.
򐂰 Workplace Information Collector - This task gathers information about
workplaces so that users can search for workplaces of interest to them. This
task is enabled by default. It performs actions that in the messaging
environment would be taken care of by Quota Manager, Reconcile, and
226
IBM Lotus Workplace Team Collaboration 2.0.1
Compact. The following tasks are also performed by the Workplace
Information Collector:
– Keeping a data catalog.
– Deleting all applications and objects that were marked for deletion.
(Objects are deleted after 7 days. This setting is not configurable in the
current release.)
– Collecting information about the Workplace applications (the size of the
teamspace, the last modified time, and so forth).
– Checking which policies are in violation.
5.8 LMAdmin Tool
The LMAdmin tool was initially provided with Lotus Workplace Messaging. Since
a significant portion of Messaging administration tasks may require use of the
wsadmin scripting tool, LMAdmin was developed as an easy to use wrapper that
essentially prepares the wsadmin scripting tool to accept Workplace commands.
The LMAdmin tool is primarily used to manage Workplace Messaging and user
policies. Since the focus of this redpaper is Team Collaboration, we only
describe using the LMAdmin tool in regard to user policies.
The LMAdmin command line console is available only to user accounts with the
administrator role assigned to them. The admin role assignment is described in
detail in 5.2, “Adding administrators and assigning user roles” on page 192.
5.8.1 Starting the LMAdmin tool
Perform the following steps to start the tool:
1. Open a command window and go to the WebSphere Application Server bin
directory, in our case, D:\WebSphere\AppServer\Bin.
2. Enter this command:
lmadmin -user <username> -password <password> -port <portnumber>
In our installation, the specific command we used was:
lmadmin -user wpsadmin -password wpsadmin -port 8882
Figure 5-25 Starting LMAdmin tool
Chapter 5. Team Collaboration administration
227
Attention: To find the port number, look in the following file:
<was_root>\config\cells\server_name\nodes\server_name\serverindex.xml
and then look for SOAP_CONNECTOR_ADDRESS to find the port number.
Note: By default, the LMAdmin tool runs on the local host. If the service you
want to administer does not run on the local host, you can switch to the node
or cell level. Keep in mind that using remote LMAdmin commands is possible
only in a WAS Network Deployment environment with multiple
servers/nodes/cells.
The syntax of the switch command is:
Set VariableName value
VariableName
lmLocalHost - Specify whether to run on the local host (true) or not (false). If
true, then it's not necessary to set lmCell, lmNode, or lmServer.
򐂰 lmCell - Specify the cell in which the command service resides.
򐂰 lmNode - Specify the node in which the command service resides.
򐂰 lmServer - Specify the server in which the command service resides.
Value
Specify the value of the variable. The lmCell, lmNode, and lmServer values
are case-sensitive.
Example:
wsadmin>set lmCell cRedBooks
5.8.2 UpdateAccount command
This command is used to modify an account with a new policy, add or remove
mail forwarding addresses, or to add a mail alias. However, in the context of
Team Collaboration, we describe how to use the command for user policy
assignment only.
Note: You can use the UpdateAccount command to assign policies only if you
use the directory policy attribute method of assigning users to policies. Do not
use the UpdateAccount command to assign users to a new policy if you use
DN scope matching.
228
IBM Lotus Workplace Team Collaboration 2.0.1
UpdateAccount syntax
The UpdateAccount command line invocation syntax is the following:
UpdateAccount
-externalid externalid
-user loginname
-policy policyName
-mailalias
-mailforwarding mailforwardingaddress
/removemailalias
/removemailforwarding
UpdateAccount parameters - Policy assignment
򐂰 externalid - Specifies the valid WMM uniqueid attribute value in the person's
LDAP record. The attribute used for the externalid will vary depending on
what type of LDAP Directory server your Workplace server is configured to
use. By default, the attribute value equals the value of ibm-entryUuid for the
IBM Directory Server 5.1 that is included in the Workplace 2.0.1 installation
package.
򐂰 user - Specifies the login name that is defined by the WAS User Registry. By
default, the distinguished name (DN), UID, or e-mail address can be used.
򐂰 policy - Specifies the policy to be associated with the account. Updates the
person's WMM policy attribute ibm-lwpUserPolicy, which is by default
configured for the Lookaside database. If the policy name contains spaces,
enclose it in single quotes.
Both of the following examples would update the policy assignment for the user;
in this case either would assign the policy called Redbooks Policy.
򐂰 wsadmin>UpdateAccount -externalid <value of the externalid attribute
in your LDAP directory> -policy 'Redbook Policy'
򐂰 wsadmin>UpdateAccount -user <username> -policy 'Redbook Policy'
Chapter 5. Team Collaboration administration
229
230
IBM Lotus Workplace Team Collaboration 2.0.1
A
Appendix A.
Example: Chat logging with
the IM SPI
This appendix is derived from the Lotus Workplace Products API Toolkit 1.0.
While this is intended to be a helpful introduction to the Workplace Instant
Messaging Service Provider Interface (IM SPI), this material should be a
gateway to more research. This is not a full reproduction of the information
provided with the toolkit, nor do any notes here supersede the toolkit
documentation. Future Redbooks will discuss these technologies in greater
detail; however, at present, the best documentation for the Workplace API
Toolkit is the Help that is provided with it and the Java documentation that comes
as part of the toolkit download.
We begin with an introduction to the IM SPI and then provide an example of
creating a chat logging application.
The Lotus Workplace API Toolkit 1.0 can be downloaded from
http://www.lotus.com/ldd/lwpapi
© Copyright IBM Corp. 2005. All rights reserved.
231
Important: The presence and instant messaging services will be enhanced in
an upcoming release of Lotus Workplace, which will require changes to the
Instant Messaging SPI. Applications using the Instant Messaging SPI in this
API Toolkit release will need to be modified in order to work with the new
version of the Instant Messaging SPI. The required modifications will be
documented in future API Toolkit releases. The current version of the Instant
Messaging SPI is being made available for customers that require this
capability with Release 2.0.1 of the Lotus Workplace Products, specifically to
allow customers to implement chat logging.
Brief introduction to the IM SPI
The IBM Lotus Workplace Instant Messaging Service Provider Interface (SPI) is
used to build instant message handlers, which intercept instant messages before
they are delivered to recipients. You can use this Java SPI to block or modify
instant messages in Lotus Workplace 2.0.1. The most common use of the SPI is
chat logging, but you can also use the SPI to perform other tasks, such as
message translation. You can deploy applications that use the SPI as servlets on
WebSphere Portal.
The Instant Messaging SPI is part of the presence and instant messaging
services of Lotus Workplace 2.0.1. The SPI is reachable via a servlet installed on
the WebSphere_Portal server instance, one of the three servers that are part of
Lotus Workplace 2.0.1.
The Instant Messaging SPI includes the following classes:
򐂰 MessagingListener
This interface receives events for each message going through the SIP
server.
򐂰 MessagingService
This interface is used to manage all MessagingListener instances.
򐂰 MessagingServiceFactory
This class is used to get an instance of a MessagingService object.
򐂰 Contact
This class represents an SIP contact. It is used to examine the contacts to
whom messages are being sent. For example usage, see
ChatLoggingApp.java, the sample program included in the toolkit (in
imspi\samples\chatlogging).
232
IBM Lotus Workplace Team Collaboration 2.0.1
Note: For complete reference information about these classes, refer to the Lotus
Workplace Instant Messaging SPI Javadoc in the toolkit imspi\javadoc directory.
To use the Instant Messaging SPI in Lotus Workplace 2.0.1, you create a
MessagingListener instance, which receives all the messages that are passing
through the instant messaging service. The messaging listener is added to the
messaging service, which manages all MessagingListener instances.
Creating a chat logging application
Creating a chat logging application using WebSphere Studio Application
Developer 5.x (WSAD) is a relatively straightforward operation. What follows is a
step-by-step guide that walks through the process once you have WSAD,
Workplace, and the toolkit installed and running.
To use WSAD 5.1.1 to create such a project you have to perform several steps.
The steps as presented here are representative of one way to accomplish this
goal, rather than the only way.
1. Create a Web Application using the WSAD Web Application wizard as shown
in Figure A-1.
Appendix A. Example: Chat logging with the IM SPI
233
Figure A-1 Create a new Dynamic Web Project
2. Open the project properties panel by selecting the project and choosing
File → Properties. In the Java Build Path properties section click the Add
External Jars button, and find the lwp20imspi.jar file in the
<toolkit home>\imspi\lib\ directory as illustrated in Figure A-2. This is done so
that your application will have the required classes visible.
234
IBM Lotus Workplace Team Collaboration 2.0.1
Figure A-2 Add the lwp20imspi10.jar as an external jar
3. Add the sample application ChatLoggingApp.java to your project by importing
it from the sample.
4. Modify the ChatLoggingApp code to log the message or queue the message
to a logging subsystem that you are familiar with so that the relevant material
can be logged. Be aware that this is a blocking call that will hold up additional
messages while being processed. As a result of this, if a developer wanted to
write an application to log to an nsf file, for example, it would be important to
not allow time in the onMessage event to do the storage to the nsf file, but
buffer that and log the data on another thread. In the most basic example
provided, the logging is a very quick logging to the SystemOut.log, which is
useful for demonstration, but not in production. For example, an efficient
production application could open a log file in the init of the servlet and
efficiently add the text in reasonable blocks.
Appendix A. Example: Chat logging with the IM SPI
235
Figure A-3 Modifications to log the chat elements in the onMessage() method
5. Create a new servlet using the servlet wizard and choose to create init() and
destroy() methods.
236
IBM Lotus Workplace Team Collaboration 2.0.1
Figure A-4 Create a new servlet and include init() and destroy() methods
6. Modify the servlet to call the ChatLoggingApp with the following code in init():
Example A-1 Sample code to instantiate a ChatLoggingApp instance in our servlet
System.out.println("ChatLogServlet init");
ChatLoggingApp app = new ChatLoggingApp();
app.init();
System.out.println("ChatLoggingApp loaded");
7. Export the application as a war file (File → Export → WAR File).
As shown in Figure A-5, select the project to export and destination. There is
no need to include source other than a convenience for testing.
Appendix A. Example: Chat logging with the IM SPI
237
Figure A-5 Export to a WAR file
8. Import the WAR file to WAS using the admin console application:
a. Open your browser, go to http://host:9090/admin or
http://host:9091/admin, and log in.
b. Click Applications → Install New Application in the left navigator
frame.
c. Browse to or type in the path to the war file that has the application.
d. Provide a context root. This is arbitrary and can be any value. It will not be
called by users through the URI. The servlet does not even need to have a
doGet() or doPost() method that would usually get triggered by a request.
238
IBM Lotus Workplace Team Collaboration 2.0.1
Figure A-6 Locate the application and set the context root to an arbitrary string
e. The default values are good for Steps 1 and 2. In Step 3 change the
application to run on the WebSphere_Portal server instance as shown in
Figure A-7.
Appendix A. Example: Chat logging with the IM SPI
239
Figure A-7 Install to WebSphere_Portal server instance instead of server1
f. In Step 4, click Finish.
g. Click Save to Master Configuration and then Save again in the
confirmation box. At this point you can also review the changes that will be
made to the server.
240
IBM Lotus Workplace Team Collaboration 2.0.1
Figure A-8 Verify which files that are going to be affected
h. Now that the application is installed it can be started by going to the
Applications → Enterprise Applications navigator and selecting the
application in the main frame of the admin console.
Figure A-9 Start the enterprise application
i. The logging results in this example will go to the Portal server
SystemOut.log file in the <WPS_HOME>\log\SystemOut.log. You have
many options here, such as creating your own unique log file.
Appendix A. Example: Chat logging with the IM SPI
241
242
IBM Lotus Workplace Team Collaboration 2.0.1
Back cover
®
IBM Lotus Workplace
Team Collaboration 2.0.1
Redpaper
Product overview
Customization using
Workplace Builder
Deployment
Considerations &
Administration
IBM Lotus software, the leader in collaboration, has
created Lotus Workplace, an integrated family of
collaborative products based on open standards.Lotus
Workplace combines market-leading collaborative
products that can be experienced through a choice of
security-rich clients, giving people simplified access and
interaction with other people and a host of collaborative
applications like e-mail, calendaring & scheduling,
instant messaging, Web conferencing, team spaces,
document & Web content management, and elearning.
Lotus Workplace is delivered through a componentized
design and includes tools to easily create a new
workplace that can be applied as needed to fit specific
industry or business needs.
IBM Lotus Workplace products include:
򐂰
IBM Lotus Workplace Messaging
򐂰
IBM Lotus Workplace Team Collaboration
򐂰
IBM Lotus Workplace Collaborative Learning
򐂰
IBM Lotus Workplace Web Content Management
򐂰
IBM Lotus Workplace Documents
The objective of this IBM Redpaper is to examine the
components of the Team Collaboration 2.0.1 offering in
detail for both the non-technical and technical user.
INTERNATIONAL
TECHNICAL
SUPPORT
ORGANIZATION
BUILDING TECHNICAL
INFORMATION BASED ON
PRACTICAL EXPERIENCE
IBM Redbooks are developed by
the IBM International Technical
Support Organization. Experts
from IBM, Customers and
Partners from around the world
create timely technical
information based on realistic
scenarios. Specific
recommendations are provided
to help you implement IT
solutions more effectively in
your environment.
For more information:
ibm.com/redbooks