IBM Connections 5.5install

advertisement
IBM Connections 5.5install
These were the steps I followed to install IBM Connections 5.0. Everything was installed on a
single server.
IBM Connections 5.5install ............................................................................................................ 1
1. Software .................................................................................................................................. 2
1.1. Post Install Fixes .............................................................................................................. 3
2. Install WebSphere 8.5.5.6 ....................................................................................................... 7
2.1. Install IBM Install Manager ............................................................................................. 7
2.2. Install WAS Cell ............................................................................................................ 10
2.3. Create the WebSphere Application Server cell .............................................................. 17
3. Enable security with LDAP .................................................................................................. 23
3.1. Start the DMGR and nodeagent ..................................................................................... 23
3.2. Enable security with an LDAP Directory ...................................................................... 23
4. Install DB2 10.5 fixpack 6 .................................................................................................... 37
4.1. Install DB2 10.1 Enterprise Server ................................................................................ 37
4.2. Install DB2 10.5 fp6 ....................................................................................................... 45
5. Create the Connections Databases ........................................................................................ 49
5.1. Create a dedicated db2 user for IBM Connections ........................................................ 49
5.2. Create Connections databases with wizard .................................................................... 54
6. Install and configure Tivoli Directory Integrator 7.1.1 fp3 .................................................. 58
6.1. Install Tivoli Directory Integrator 7.1.1 ......................................................................... 58
6.2. Install TDI 10.1.1 fixpack 3 ........................................................................................... 66
6.3. Configure TDI ................................................................................................................ 67
7. Populate the profiles database using wizard ......................................................................... 68
7.1. Copy tdisol directory to keep profiles and LDAP in sync ............................................. 74
7.2. Update profiles_tdi.properties ........................................................................................ 74
8. Install and Configure IBM HTTP Server 8.5.5.7.................................................................. 75
8.1. Install IBM HTTP Server 8.5.5.7 ................................................................................... 76
8.2. Configure Plug-In with WebSphere Customization toolbox ......................................... 82
9. Configure SSL on IBM HTTP Server .................................................................................. 91
9.1. Create the SSL key file for IHS ..................................................................................... 91
9.2. Configure httpd.conf to listen over ssl ........................................................................... 94
9.3. Add the HTTP Server certificate to WebSphere trust store ........................................... 95
10. Install IBM Connections 5.5 .............................................................................................. 99
10.1.
Set the JVM heap size .............................................................................................. 114
10.2.
Configure HTTP Server plugin with Connections ................................................... 116
10.3.
Start IBM Connections ............................................................................................. 118
11. Configure additional IBM HTTP Server settings ............................................................ 118
11.1.
Configure HTTP Server to compress some files ...................................................... 119
11.2.
Configure Connections to use IHS to download files .............................................. 120
11.3.
Conifgure Connections to use IHS to upload files ................................................... 120
12. Configure IBM Connections Content Manager Libraries ............................................... 120
12.1.
Create Filenet Global Configuration Domain (GCD) .............................................. 120
12.2.
Create FileNet ObjectStore ....................................................................................... 122
13. Apply Connections 5.5 Recommended updates .............................................................. 123
13.1.
Install the Day1 ifixes ............................................................................................... 123
1.
Software
I downloaded the following files prior to installing:
The following document has more details: http://www01.ibm.com/support/docview.wss?uid=swg24041291
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly
(CRY8MML)
 IBM Connections V5.5 for Windows Multilingual (CN808ML )
 IBM Connections V5.5 Wizard for Windows Multilingual (CN80DML )
NOTE: DO NOT download the wizard directory from the eAssembly, use the one
from the day 1 fixes instead
http://www933.ibm.com/support/fixcentral/swg/selectFixes?parent=Collaboration%2BSolutions
&product=ibm/Lotus/Lotus+Connections&release=5.5.0.0&platform=All&function=
all

IBM DB2 Server V10.5 for Windows on AMD64 and Intel EM64T systems (x64)
Multilingual (CIW3YML )

IBM Tivoli Directory Integrator Identity Edition V7.1.1 for Windows - x86-64,
Multilingual (CZUF7ML )
NOTE: wrong one showing in eAssembly

IBM WebSphere Application Server Network Deployment V8.5.5 (1 of 3) for
Multiplatform Multilingual (CIK2HML )
IBM WebSphere Application Server Network Deployment V8.5.5 (2 of 3) for
Multiplatform Multilingual (CIK2IML )
IBM WebSphere Application Server Network Deployment V8.5.5 (3 of 3) for
Multiplatform Multilingual (CIK2JML )





IBM WebSphere Application Server V8.5.5 Supplements (1 of 3) for Multiplatform
Multilingual (CIK1VML )
IBM WebSphere Application Server V8.5.5 Supplements (2 of 3) for Multiplatform
Multilingual (CIK1WML )
IBM WebSphere Application Server V8.5.5 Supplements (3 of 3) for Multiplatform
Multilingual (CIK1XML )
IBM Connections Content Manager V5.5 for IBM Connections Suite V5.5 Multiplatform
Multilingual eAssembly (CRY8NML)


IBM FileNet Content Engine V5.2.1 Windows Multilingual (CN216ML )
IBM FileNet Content Engine Client V5.2.1 Windows English (CN225EN )
IBM Content Navigator V2.0.3 for IBM Connections Enterprise Content Edition (CECE) V5.2
Multiplatform Multilingual eAssembly (CRVX7ML)
 IBM Content Navigator V2.0.3 Windows Multilingual (CN0PVML )
Additional optional components that are not used during this install
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly
(CRY8MML)
 IBM Connections V5.5 Cognos Wizard for Windows Multilingual (CN80GML )
 IBM Cognos Business Intelligence Server 64-bit 10.2.2 Microsoft Windows
Multilingual (CN1YPML )
 IBM Cognos Business Intelligence Transformer 10.2.2 Microsoft Windows
Multilingual (CN1Z0ML )


Ephox Editors V3.0.1 for IBM Connections V5.5 Multiplatform Multilingual
(CN80QML )
IBM Connections Community Surveys V5.5 Windows Multilingual (CN80KML )
1.1. Post Install Fixes
NOTE: These are what I downloaded on 23 December 2015. Check the following location for
the latest supported releases:
http://www-01.ibm.com/support/docview.wss?uid=swg27047297
IBM Connections Day 1 fixes:
http://www933.ibm.com/support/fixcentral/swg/selectFixes?parent=Collaboration%2BSolutions&pr
oduct=ibm/Lotus/Lotus+Connections&release=5.5.0.0&platform=All&function=all




interim fix: 5.5.0.0-IC-Multi-IFLO87330
interim fix: 5.5.0.0-IC-Common-IFLO87469
interim fix: 5.5.0.0-IC-D1-DBWizard-LO87408-Windows
refresh pack: 5.5.0.0-IC-Multi-UPDI-20151218
Optional components in Day 1 fixes not used in this part of the install



interim fix: 5.5.0.0-IC-D1-CognosWizard-LO87407-Windows
refresh pack: 5.5.0.0-IC-D1-MigTool
5.5.0.0-TypeAhead-20151218
NOTE: This requires being installed on a Linux machine, so is not done in this
environment.
WebSphere Application Server, IBM HTTP Server and plug-ins 8.5.5 fixpack 7 http://www-01.ibm.com/support/docview.wss?uid=swg24040533
TDI 7.1.1 - fixpack 3: http://www-01.ibm.com/support/docview.wss?uid=swg27010509
NOTE: The fix central link on this page did not work for me, so I used
http://www.ibm.com/support/fixcentral/swg/quickorder?product=ibm/Tivoli/Tivo
li+Directory+Integrator&release=7.1.1&platform=Windows&function=fixId&fixi
ds=7.1.1-TIV-TDIFP0003&includeRequisites=1&includeSupersedes=0&downloadMethod=ddp&so
urce=fc
DB2 10.6 - Fixpack 6: http://www-01.ibm.com/support/docview.wss?uid=swg27007053
DB2 Universal Fix pack and DB2 Data Server Client
FileNet Components
FileNet Content Engine 5.2.1 FP2 and Content Engine Client 5.2.1 FP2 http://www.ibm.com/support/fixcentral/swg/quickorder?parent=FileNet%2BProd
uct%2BFamily&product=ibm/Information+Management/FileNet+Content+Engin
e&release=5.2.1.2&platform=All&function=all&useReleaseAsTarget=true&sour
ce=fc

fix pack: 5.2.1.2-P8CPE-WIN-FP002

fix pack: 5.2.1.2-P8CPE-CLIENT-WIN-FP002
IBM Content Navigator 2.0.3 FP5 http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Enterprise%2BC
ontent%2BManagement&product=ibm/Other+software/Content+Navigator&relea
se=2.0.3&platform=All&function=all&source=fc
Make sure to get the 2.0.3-ICN fixpack for your OS:
 fix pack: 2.0.3-ICN-FP005-WIN
2.
Install WebSphere 8.5.5.6
This step involves setting up a DMGR server, 1 managed node (in this case I installed everything
on 1 system, so I installed a cell).
Software Needed for this step:
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly
(CRY8MML)
 IBM Connections V5.5 for Windows Multilingual (CN808ML )
extracted to C:\Downloads\ic55\IBM_Connections_Install



IBM WebSphere Application Server Network Deployment V8.5.5 (1 of 3) for
Multiplatform Multilingual (CIK2HML )
IBM WebSphere Application Server Network Deployment V8.5.5 (2 of 3) for
Multiplatform Multilingual (CIK2IML )
IBM WebSphere Application Server Network Deployment V8.5.5 (3 of 3) for
Multiplatform Multilingual (CIK2JML )
each extracted into the same directory C:\Downloads\ic55\WAS855
WebSphere Application Server fixpack 7 - http://www01.ibm.com/support/docview.wss?uid=swg24040533
both parts extracted into the same directory C:\Downloads\ic55\WAS855fp7
2.1. Install IBM Install Manager
Extract the IBM Connections V5.5 for Windows Multilingual (CN808ML ) download and run
C:\Downloads\ic55\IBM_Connections_Install\IM\windows\install.exe
1.
2.
3.
4.
5.
2.2. Install WAS Cell
First, make sure you have extracted the following downloads:
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly
(CRY8MML)
 IBM WebSphere Application Server Network Deployment V8.5.5 (1 of 3) for
Multiplatform Multilingual (CIK2HML )
 IBM WebSphere Application Server Network Deployment V8.5.5 (2 of 3) for
Multiplatform Multilingual (CIK2IML )
 IBM WebSphere Application Server Network Deployment V8.5.5 (3 of 3) for
Multiplatform Multilingual (CIK2JML )
each extracted into the same directory C:\Downloads\ic55\WAS855
WebSphere Application Server fixpack 7 - http://www01.ibm.com/support/docview.wss?uid=swg24040533
both parts extracted into the same directory C:\Downloads\ic55\WAS855fp7
To install we will use the Install Manager we just installed. If it's not running, go to Start - Apps
- IBM Installation Manager - IBM Installation Manager
1. Go to File Preferences .... to add the WebSphere repository to IBM Install Manager
2.
3.
4. Now do the same for the 8.5.5 fix pack 7
5. Uncheck Search service repositories during installation and update and click Ok
6. Click Install
7.
8.
9. NOTE: It's best to provide a path without spaces, so I removed Program Files (86)
10. NOTE: Again, make sure to provide a path without spaces, I again removed Program Files
(86)
11.
12.
13.
14.
2.3. Create the WebSphere Application Server cell
Now that the install is complete we will create a cell because all services are installed on a single
machine.
NOTE: If you did not Start the Profile Management Tool in the last step, you can do that now by
going to Start - Apps - IBM WebSphere - Profile Management Tool
15.
16. Again, I chose cell here because everything is installed on a single machine. A more likely
scenario would be the DMGR and Connections Node(s) are on different machines. In which
case you would install the DMGR first (choosing Management here) then install the primary
node second (choosing Application server here) then federated the node with the DMGR
using the addNode.bat command.
17.
18. People typically chose wasadmin here, I like to use localadmin to remind myself that this is a
user created in the local WAS filestore. Either way is fine, just make sure this user does not
exist in LDAP.
19.
20.
21.
WebSphere Application Server is now installed on the machine
3.
Enable security with LDAP
In this process we will start WAS and enable security
3.1. Start the DMGR and nodeagent
1. Start the DMGR by running:
C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>startManager.bat
2. Start the nodeagent by running
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>startNode.bat
3.2. Enable security with an LDAP Directory
1. Open a browser to the DMGR Integrated Solutions Console
(http://cprice55.swg.usma.ibm.com:9060/ibm/console) Because security is enabled, you will
be redirected to the ssl port to login - if necessary accept the certificate
2. Login with the user created during the WebSphere Application Server install
3. Open Security – Global Security
4. Select Federated Repositories from the Available realm definitions field, and then click
Configure.
5. Click Add Repositories
6. and then, on the Repository reference page, click New Repository - LDAP repository
7. On the New page, type a repository identifier, such as myFavoriteRepository (I used icldap
IDSinto the Repository identifier field.
Specify the LDAP directory that you are using in the Directory type field.
Type the host name of the primary LDAP directory server in the Primary host name field.
The host name is either an IP address or a domain name service (DNS) name.
Provide values for the Bind distinguished name and Bind password fields.
Specify the login attribute or attributes that you want to use for authentication in the Login
properties field. Separate multiple attributes with a semicolon. For example: uid;mail. NOTE:
I would recommend having the first attribute uid, if you use something other than uid as the
first attribute, there are a number of post install steps that will need to be completed, it's just
easiest if you keep uid as the first attribute in the login settings.
Click Apply
8. and then Save
9. Set the base entry fields, and click OK
NOTE: If this was Domino LDAP, set the first entry to root, and leave the second blank.
'root' is a special setting for WebSphere that tells it not to use a base. This will allow domino
customer to find the user in the primary directory and all secondary directories, as well as all
flat groups.
All other LDAP directories, set the entry to the base of your directory. My LDAP directory
is IBM Directory Server, so I set the base to dc=ibm,dc=com
10. and then Save
11. In the Repository Identifier column, click the link for the repository or repositories that you
just added.
12. In the Additional Properties area, click the Federated repositories entity types to LDAP
object classes mapping link.
13. Click the Group entity type and modify the object classes mapping.
14. Set the objectClass to the group objectClass for you directory, and add the search base for
groups, Click Apply,
NOTE: For IDS this is typically groupOfUniqueNames,
ActiveDirectory this is typically Group
Domino this is typically dominoGroup
15. and then click Save to save this setting.
16. You can do the same for PersonAccount, in my LDAP, we use inetOrgPerson, so I did not
change anything
IDS it typically inetOrgPerson
Active Directory is typically person
Domino is typically dominoPerson
17. In the navigation links at the top of the page, click the name of the repository that you have
just modified to return to the Repository page.
18. Complete the following steps for group membership
a. Click the Group attribute definition link in the Additional Properties area,
b. and then click the Member attributes link.
c. Click New to create a group attribute definition.
d. Enter group membership values in the Name of member attribute and Object class fields.
Click Ok
IDS typically would be uniquemember : groupOfUniqueNames
Active Directory typically would be member : group
Domino typically would be member : dominoGroup
e. and then click Save to save this setting.
19. Set the memberOf attribute to help with login performance
a. Click on Group attribute definition to go back 1 level
b. set the Name of group membership attribute to the attribute in the person record that
contains the groups a user is a member of.
IDS this is ibm-allgroups with scope of nested
Active Directory this is memberOf with scope of direct
Domino this is dominoAccessGroups with scope of nested
For IDS and Domino set the scope to Nested, for AD use Direct, otherwise nested groups
will not work correctly in AD
Click OK
c. Click Save
20. Enable Application security:
a. Click Global Security in the navigation links at the top of the page.
b. Select the Enable administrative security under Administrative Security and Enable
application security under Application Security check boxes. Make sure the Java 2
security check box is unchecked and click Apply
c. and then click Save to save this configuration.
21. Finally Enable Single Sign On settings.
a. open Web and SIP security and select Single sign-on (SSO)
b. Set the domain name to the hostname you use to access connections (.ibm.com), you can
enable Interoperability mode if you want - if you do set LTPA V1 cookie name to
LtpaToken (case is important) -- I did not enable this for my environment
set LTPA V2 cookie name to LtpaToken2 (case is important)
I recommend you uncheck Web inbound security attribute propagation and Set security
cookies to HTTPOnly (this one must be unchecked if you want to enable Sametime
awareness with an STProxy server)
Click OK
c. Save the configuration
22. Log out of the WebSphere Application Server Integrated Solutions Console and restart
WebSphere Application Server
a. Run C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>stopManager.bat -username
localadmin -password password
b. Then C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>startManager.bat
23. Verify that users in the LDAP directory have been successfully added to the repository:
a. From the WebSphere Application Server Integrated Solutions Console, select Users and
Groups > Manage Users.
b. In the Search by field, enter a user name that you know to be in the LDAP directory and
click Search. If the search succeeds the user exists in your LDAP directory.
c. Click on the user, then click the Groups tab, you should see a list of groups the user
belongs to
24. Once the DMGR is finding users correctly from LDAP, restart the nodeagent to pick up the
changes by running
a. C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>stopNode.bat -username
localadmin -password password
b. C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>startNode.bat
4.
Install DB2 10.5 fixpack 6
In this step we will Install DB2.
Software needed for this step:
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly
(CRY8MML)
 IBM DB2 Server V10.5 for Windows on AMD64 and Intel EM64T systems (x64)
Multilingual (CIW3YML )
I extracted this to C:\Downloads\ic55\DB2105
DB2 10.6 - Fixpack 6: http://www-01.ibm.com/support/docview.wss?uid=swg27007053
DB2 Universal Fix pack 6
I extracted this to C:\Downloads\ic55\DB2105fp6
4.1. Install DB2 10.1 Enterprise Server
1. Run C C:\Downloads\ic55\DB2105\SERVER\image\setup.exe
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
4.2. Install DB2 10.5 fp6
In this step we will apply the DB2 10.5 fixpack 6.
1. Run C:\Downloads\ic55\DB2105fp6\UNIVERSAL\setup.exe
Scroll down and click Work with Existing under DB2 Version 10.5 Fix Pack 6 Workgroup,
Enterprise and Advanced Editions
2.
3.
4.
5.
6.
7.
5.
Create the Connections Databases
5.1. Create a dedicated db2 user for IBM Connections
1. Click Start >Administrative Tools
2. Double click on Computer Management.
3. From the Computer Management console, select System Tools > Local Users and Groups.
4. Right-click Users and select New User.
5. Add a user named lcuser. Enter the required details, including the password. Clear the User
must change password at next logon check box. Click Create.
6. Click Close.
7. Open the Users object, right-click lcuser, and select Properties from the context menu.
8. Click the Member Of tab and then click the Add button.
9. Type DB2USERS in the Enter the object names to select field, and click Check Names.
10. This should resolve to the local DB2USERS group, Click OK.
11. Click OK again to save your changes and Close the Computer Management console
5.2. Create Connections databases with wizard
Software needed for this step:
IBM Connections Day 1 fixes:
http://www933.ibm.com/support/fixcentral/swg/selectFixes?parent=Collaboration%2BSolutions&product=i
bm/Lotus/Lotus+Connections&release=5.5.0.0&platform=All&function=all

interim fix: 5.5.0.0-IC-D1-DBWizard-LO87408-Windows
Make sure to extract interim fix: 5.5.0.0-IC-D1-DBWizard-LO87408-Windows to a location on
the DB2 Server. I extracted to C:\Downloads\ic55\Wizards
NOTE: The download zip will extract an exe file (IBM_Connections_5.5_wizards_win.exe)
then run the exe file which will extract the Wizard directory.
1. Log into the machine as the db2 administrator (db2admin)
2. Run C:\Downloads\ic55\Wizards\dbWizard.bat
3.
4.
5.
6.
7.
8.
9.
6.
Install and configure Tivoli Directory Integrator 7.1.1 fp3
Software needed for this step:
 IBM Tivoli Directory Integrator Identity Edition V7.1.1 for Windows - x86-64,
Multilingual (CZUF7ML )

TDI 7.1.1 - fixpack 3: http://www-01.ibm.com/support/docview.wss?uid=swg27010509
In this step, we will install TDI 7.1.1and apply fix pack 3.
6.1. Install Tivoli Directory Integrator 7.1.1
Extract IBM Tivoli Directory Integrator Identity Edition V7.1.1 for Windows - x86-64,
Multilingual (CZUF7ML ) (I used C:\DownloadDirector\ic5\TDI711\TDI711)
Because I am using Windows 2012, I have to launch the install a bit differently, the following
technote has details on the first steps I going through to run the install of TDI. If this was
Windows 2008, I could simply use launchpad.exe
http://www-01.ibm.com/support/docview.wss?uid=swg21634336
1. Go to C:\Downloads\ic55\TDI711\windows_x86_64, right click on
install_tdiv711_win_x86_64.exe and chose properties
2. Under the Compatibility mode section, set the check box to true for "Run this program in
compatibility mode for"
Under the drop down select Windows 7 .
Click on OK to apply the compatibility mode.
3. Run install_tdiv711_win_x86_64.exe
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16. Uncheck Start Configuration Editor and click Done
6.2. Install TDI 10.1.1 fixpack 3
Download and extract FP3 on the server. (I extracted to C:\Downloads\ic55\TDI711\TDI711pf3)
1. Copy UpdateInstaller.jar from C:\Downloads\ic55\TDI711\TDI711pf3\7.1.1-TIV-TDIFP0003
to C:\IBM\TDI\V7.1.1\maintenance
overwriting the existing file
2. Copy amc.jar from C:\DownloadDirector\ic5\TDI711\TDI711pf3\7.1.1-TIV-TDI-FP0003
to C:\IBM\TDI\V7.1.1\lwi\runtime\isc\eclipse\plugins\AMC_7.1.1.0\WEB-INF\lib
overwriting the existing file
3. RunC:\IBM\TDI\V7.1.1\bin>applyUpdates.bat -update "
C:\Downloads\ic55\TDI711fp3\7.1.1-TIV-TDI-FP0003\TDI-7.1.1-FP0003.zip"
4. After the fix pack is installed, verify the Tivoli Directory Integrator fix pack version installed
on your system by running
C:\IBM\TDI\V7.1.1\bin\applyUpdates.bat -queryreg
Information from .registry file in: C:\IBM\TDI\V7.1.1
Edition: Identity
Level: 7.1.1.3
License: None
Fixes Applied
=-=-=-=-=-=-=
TDI-7.1.1-FP0003(7.1.1.0)
Components Installed
=-=-=-=-=-=-=-=-=-=
BASE
SERVER
-TDI-7.1.1-FP0003
CE
-TDI-7.1.1-FP0003
JAVADOCS
-TDI-7.1.1-FP0003
EXAMPLES
EMBEDDED WEB PLATFORM
AMC
Deferred: false
6.3. Configure TDI
1. Copy the db2jcc.jar and db2jcc_license_cu.jar files from the java subdirectory of the
directory where you installed DB2 (C:\IBM\SQLLIB\java).Paste the files into the
jvm/jre/lib/ext subdirectory of Tivoli Directory Integrator.
(C:\IBM\TDI\V7.1.1\jvm\jre\lib\ext)
2. Increase the runtime memory for TDI and disable the JIT compiler
a. Edit C:\IBM\TDI\V7.1.1\ ibmdisrv.bat
b. At the bottom of the file look for
"%TDI_JAVA_PROGRAM%" -classpath
"%TDI_HOME_DIR%\IDILoader.jar" %ENV_VARIABLES%
com.ibm.di.loader.ServerLauncher %*
change this to
"%TDI_JAVA_PROGRAM%" -Xms256M -Xmx1024M -Xnojit -classpath
"%TDI_HOME_DIR%\IDILoader.jar" %ENV_VARIABLES%
com.ibm.di.loader.ServerLauncher %*
c. Save and Close the file
7.
Populate the profiles database using wizard
Software needed for this step:
IBM Connections Day 1 fixes:
http://www933.ibm.com/support/fixcentral/swg/selectFixes?parent=Collaboration%2BSolutions&product=i
bm/Lotus/Lotus+Connections&release=5.5.0.0&platform=All&function=all
•
interim fix: 5.5.0.0-IC-D1-DBWizard-LO87408-Windows
1. Copy the Wizards directory from the IBM Connections day 1 fixes download (interim fix:
5.5.0.0-IC-D1-DBWizard-LO87408-Windows) to the system where Tivoli Directory
Integrator is installed.
2. Run C:\Downloads\ic55\Wizards\populationWizard.bat
3.
4.
5.
6.
7.
8. Set the base to match the case in the LDAP directory.
9. Update the mapping of any attributes in LDAP you want to sync over to the profiles database.
The most important one is guid. By default this maps to an attribute in LDAP that is
controlled by the LDAP directory and will never change for a user. This attribute is used the
internal ID of the user in Connections and should never change. the default guid is typically
the best attribute to use, however if your organization has a policy where when a user is
modified in LDAP you remove them from the directory and re-add them, then another
attribute may be best for you. Ideally you want to have an attribute that will never change for
a specific user.
NOTE: If you change this from the default mapping additional changes will need to be made
in Connections after the install. I will discuss those changes when appropriate.
10.
11.
12.
7.1. Copy tdisol directory to keep profiles and LDAP in sync
1. Go to C:\IBM\TDI\V7.1.1 and create a tdisol directory
2. Copy the TDI directory from C:\Downloads\ic55\IC_55\Wizards\TDIPopulation\win to
C:\IBM\TDI\V7.1.1\tdisol
3. This directory has the settings from when you populated the profiles database. Periodically
as users are added, removed or updated in LDAP you need to run the sync_all_dns.bat from
this directory to keep the profiles database and LDAP directory in sync
NOTE: You may want to go ahead and create a windows task run the “sync_all_dns.bat”
command nightly to keep the LDAP directory in sync with profiles database.
7.2. Update profiles_tdi.properties
When you run the sync_all_dns.bat TDI will get a list of all the users in LDAP and in the profiles
database, then will compare the users to determine if a user in LDAP and profiles is the same
user. By default we use the uid attribute for that comparison. This should be an attribute that
will never change in LDAP or the profiles database. In many cases the uid attribute works well,
but if in your organization, if a users name changes, their uid changes, this may not be the best
choice for you. If you already updated the guid when populating the profiles database to an
attribute that will never change, or if the default guid will never change I would recommend
updating the hash key to guid for the sync command as well.
1. Open C:\IBM\TDI\V7.1.1\tdisol\TDI\profiles_tdi.properties
2. update sync_updates_hash_field and set it to guid
sync_updates_hash_field=guid
NOTE: You can set this setting to guid, uid or mail
8.
Install and Configure IBM HTTP Server 8.5.5.7
Software needed for this step:
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly
(CRY8MML)
 IBM WebSphere Application Server V8.5.5 Supplements (1 of 3) for Multiplatform
Multilingual (CIK1VML )
 IBM WebSphere Application Server V8.5.5 Supplements (2 of 3) for Multiplatform
Multilingual (CIK1WML )
 IBM WebSphere Application Server V8.5.5 Supplements (3 of 3) for Multiplatform
Multilingual (CIK1XML )
NOTE: Extract all files to the same directory. I used
C:\Downloads\ic55\WASsupp855
WebSphere Application Server Supplements 8.5.5 fixpack 7 - http://www01.ibm.com/support/docview.wss?uid=swg24040533
NOTE: Extract both parts to the same directory. I used
C:\Downloads\ic55\WASsupp855fp7
In this step we will
Install IBM HTTP Server 8.5.5.6
Install the plugin for the HTTP Server
Configure IHS with the DMGR
Configure SSL on IHS
Typically I do this step after the install of Connections, however in the 5.5 installer there is an
option to map the HTTP Server with the Connections web modules, so I went ahead and
installed the IBM HTTP Server here and configured SSL. Now the install of Connections will
complete the integration of Connections and the IBM HTTP Server.
8.1. Install IBM HTTP Server 8.5.5.7
1. Run IBM Installation Manager by going to Start - All Apps - IBM Installation Manager IBM Installation Manager
2. Go to File --> Preferences
3.
4. Browse to the location of the WAS 8.5.5 Supplements files and supplements fp7 files
Uncheck Search service repositories during installation and update and click Ok
5.
6. Select IBM HTTP Server v8.5.5.5, Plug-ins v8.5.5.5 and WebSphere Customization Toolbox
click Next>
7.
8. Make sure to select IBM HTTP Server, Web Server Plug-ins for IBM WebSphere Application
Server and WebSphere Customization Toolbox and change the Install path:
9.
10.
11.
12.
8.2. Configure Plug-In with WebSphere Customization toolbox
1. If the Web Server Plug-in Customization Toolbox is not running start it by going to Start -Apps - IBM WebSphere - Web Server Plug-in Configuration Toolbox
2.
3.
4. Set Name to Plugin Location, and browse to where you installed the plugin in the previous
step
5.
6.
7.
8. Add anIHS administrator name. This user should NOT exist in LDAP
9.
10.
11. I am installing everything on the same machine, so I chose Local:
12. Make sure to select the Application Server profile, NOT the DMGR
13.
14.
15.
16. Copy configurewebserver1.bat from C:\IBM\WebSphere\Plugins\bin to
C:\IBM\WebSphere\AppServer\bin
17. From a command prompt run C:\IBM\WebSphere\AppServer\bin>configurewebserver1.bat user localadmin -password password
18. At this point if you log into the IBM Integrated Solution Console, go to Servers - Server
Types - Web Servers, you should see the webserver1 that was just created
9.
Configure SSL on IBM HTTP Server
When using connections, all communication between components occurs over SSL, also, when
you click login, we send the user to an ssl address, so you must configure SSL on the IBM HTTP
Server that will run in front of Connections.
Setting up SSL on the http server is a 5 step process.
Create the SSL key file for IHS
Configure httpd.conf to listen over ssl
1.
Add the HTTP Server certificate to WebSphere trust store
9.1. Create the SSL key file for IHS
1. Start - Apps - IBM HTTP Server V8.5 - Start Key Management Utility
2. Click Key Database File - New
3. Set Key database type to CMS
select a filename and location
NOTE: make sure all folders in the path are already created. I had to create the ssl folder
under IBM\HTTPServer
4. Set password and Stash the password to a file
5. While in Personal Certificates, click New Self-Signed…
6. Set the Key Label and Common name to the hostname of the IHS Server, and set validity
period to the length of time you want this certificate to be valid, I chose 10 years because it's
just a test environment and I don't want to have to update it:
NOTE: If you want to use a key size larger than 2048, you will need to update to the to the
unrestricted policy files in WebSphere. The following technote has details: http://www01.ibm.com/support/docview.wss?uid=swg21663373
7. Close the Key Management utility
9.2. Configure httpd.conf to listen over ssl
2. Open C:\IBM\HTTPServer\conf\httpd.conf
3. Add the following lines just above the was_ap22_module module
LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
<IfModule mod_ibm_ssl.c>
Listen 0.0.0.0:443
<VirtualHost *:443>
ServerName cprice55.swg.usma.ibm.com
#DocumentRoot C:\IBM\HTTPServer\htdocs
SSLEnable
SSLProtocolDisable SSLv3 SSLv2
</VirtualHost>
</IfModule>
SSLDisable
Keyfile "C:\IBM\HTTPServer\ssl\ihskey.kdb"
SSLStashFile "C:\IBM\HTTPServer\ssl\ihskey.sth"
LoadModule was_ap22_module
"C:\IBM\WebSphere\Plugins\bin\32bits\mod_was_ap22_http.dll"
WebSpherePluginConfig……
4. Save and Close httpd.conf
5. Restart the IBM HTTP Server service
6. At this point you will be able to access https://cprice55.swg.usma.ibm.com
9.3. Add the HTTP Server certificate to WebSphere trust store
1. Open the WAS Admin console (https://cprice55.swg.usma.ibm.com:9043/ibm/console) and
login
2. Open Security – SSL certificate and key management
Under Related Items, select Key stores and certificates
3. Click on CellDefaultTrustStore
4. Click on Signer Certificates
5. Click on Retrieve from port
6. Enter a host, port and alias of the HTTP Server and click Retrieve signer information
7. Click OK
8. Click Save
9. Close the Integrated Solutions Console
10. Install IBM Connections 5.5
Software needed for this step:
Extract the following downloads
IBM Connections V5.5 for IBM Connections Suite V5.5 Multiplatform Multilingual eAssembly
(CRY8MML)
 IBM Connections V5.5 for Windows Multilingual (CN808ML )
I extracted to C:\Downloads\ic55\IBM_Connections_Install\
As well as the FileNet download files:
IBM Connections Content Manager V5.5 for IBM Connections Suite V5.5 Multiplatform
Multilingual eAssembly (CRY8NML)
 IBM FileNet Content Engine V5.2.1 Windows Multilingual (CN216ML )
 IBM FileNet Content Engine Client V5.2.1 Windows English (CN225EN )
IBM Content Navigator V2.0.3 for IBM Connections Enterprise Content Edition (CECE) V5.2
Multiplatform Multilingual eAssembly (CRVX7ML)
 IBM Content Navigator V2.0.3 Windows Multilingual (CN0PVML )
FileNet Components
FileNet Content Engine 5.2.1 FP2 and Content Engine Client 5.2.1 FP2 http://www.ibm.com/support/fixcentral/swg/quickorder?parent=FileNet%2BProduct%2B
Family&product=ibm/Information+Management/FileNet+Content+Engine&release=5.2.
1.2&platform=All&function=all&useReleaseAsTarget=true&source=fc

fix pack: 5.2.1.2-P8CPE-WIN-FP002

fix pack: 5.2.1.2-P8CPE-CLIENT-WIN-FP002
IBM Content Navigator 2.0.3 FP5 http://www.ibm.com/support/fixcentral/swg/quickorder?parent=Enterprise%2BContent%
2BManagement&product=ibm/Other+software/Content+Navigator&release=2.0.3&platf
orm=All&function=all&source=fc
Make sure to get the 2.0.3-ICN fixpack for your OS:
fix pack: 2.0.3-ICN-FP005-WIN
The FileNet files are all extracted into their own directory I used C:\Downloads\ic55\FileNet
I extracted the downloads in the following order, simply overwriting any existing files:





FileNet Content Engine 5.2.1 - FN_CE_5.2.1_WINDOWS_ML.zip
IBM Content Navigator 2.0.3 - IBM_CTNT_NAVI_2.0.3_WIN_ML.zip
FileNet Content Engine 5.2.1 FP2 - 5.2.1.2-P8CPE-WIN-FP002.zip
FileNet Content Engine Client 5.2.1 FP2 - 5.2.1.2-P8CPE-CLIENT-WIN-FP002.zip
IBM Content Navigator 2.0.3 FP5 - 2.0.3-ICN-FP005-WIN.zip
1. Make sure to restart the DMGR and nodeagents just before starting the install.
a. Stop nodeagent:
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>stopNode.bat -username
localadmin -password password
b. Stop DMGR:
C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>stopManager.bat -username
localadmin -password password
c. Start DMGR:
C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>startManager.bat
d. Start nodeagent:
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>startNode.bat
2. Run C:\Downloads\ic55\IBM_Connections_Install\IM\install.bat, Click Install IBM
Connections 5.0.0, and click Launch the IBM Connections 5.0 install wizard
3.
4.
5. Scroll down and selected IBM Connections Content Manager if you want
6.
7.
8.
9. The user fnanon is a system user in my LDAP directory that will only be used for anonymous
access to FileNet
10. Scroll down to enter the location of the FileNet installs you downloaded and extracted before
starting the install, and click Validate
11.
12.
13.
14. Enter the information, then scroll down and click Validate
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
NOTE: My install took about 2 hours to complete.
Once the install finishes, look in the nodeagent systemout.log log located at
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\logs\nodeagent for the following line:
ADMA7021I: Distribution of application <connections_app> completed successfully.
You will see the following applications get synced:
ADMA7021I: Distribution of application commsvc completed successfully.
ADMA7021I: Distribution of application ibmasyncrsp completed successfully.
ADMA7021I: Distribution of application Activities completed successfully.
ADMA7021I: Distribution of application Mobile completed successfully.
ADMA7021I: Distribution of application FileNetEngine completed successfully.
ADMA7021I: Distribution of application navigator completed successfully.
ADMA7021I: Distribution of application Files completed successfully.
ADMA7021I: Distribution of application Forums completed successfully.
ADMA7021I: Distribution of application News completed successfully.
ADMA7021I: Distribution of application PushNotification completed successfully.
ADMA7021I: Distribution of application RichTextEditors completed successfully.
ADMA7021I: Distribution of application Search completed successfully.
ADMA7021I: Distribution of application Profiles completed successfully.
ADMA7021I: Distribution of application WidgetContainer completed successfully.
ADMA7021I: Distribution of application Moderation completed successfully.
ADMA7021I: Distribution of application Dogear completed successfully.
ADMA7021I: Distribution of application Wikis completed successfully.
ADMA7021I: Distribution of application Common completed successfully.
ADMA7021I: Distribution of application WebSphereOauth20SP completed successfully.
ADMA7021I: Distribution of application Blogs completed successfully.
ADMA7021I: Distribution of application Metrics completed successfully.
ADMA7021I: Distribution of application Homepage completed successfully.
ADMA7021I: Distribution of application URLPreview completed successfully.
ADMA7021I: Distribution of application Help completed successfully.
ADMA7021I: Distribution of application ConnectionsProxy completed successfully.
ADMA7021I: Distribution of application Mobile Administration completed successfully.
ADMA7021I: Distribution of application Communities completed successfully.
ADMA7021I: Distribution of application Extensions completed successfully.
10.1. Set the JVM heap size
1. Open the Integrated Solution Console and login
a. Open a browser to http://cprice55.swg.usma.ibm.com:9060/ibm/console and login as
localadmin : password
1. Go to Servers > Server Types > WebSphere application servers and click on the connections
cluster server
2. on the right hand side, scroll down to Server Infrastructure, open Java and Process
Management and click on Process definition
3. Click on Java Virtual Machine
4. Make sure the install set
Initial heap size: 512
Maximum heap size: 2560
5. If you change these, click OK and Save
6. Synchronize the Nodes
a. Go to System administration > Nodes
b. If the nodes are out of sync, Select the Connections node, and click Full Resynchronize
10.2. Configure HTTP Server plugin with Connections
Because I chose to configure the Web Server during the install, the settings and configuration for
Connections will use the IBM HTTP Server url for communication. So before I start the server
for the first time, I need to make sure the HTTP Server plugin is configured to access the
different Connections components.
1. If it's not already open, open a browser to the Integrated Solutions Console and login
(http://cprice55.swg.usma.ibm.com:9060/ibm/console)
2. Click on Servers – Server Types – Web servers
3. Select the webserver and click Generate Plug-in
4. Select the webserver and click Propagate Plug-in
5. Open C:\IBM\HTTPServer\conf\httpd.conf in notepad
6. at the bottom of the file find the following line:
LoadModule was_ap22_module
"C:\IBM\WebSphere\Plugins\bin\32bits\mod_was_ap22_http.dll"
WebSpherePluginConfig "C:\IBM\WebSphere\Plugins\config\webserver1\plugin-cfg.xml"
Make sure the value for WebSpherePluginConfig matches where the plugin-cfg.xml was
propagated to
7. Close the httpd.conf
8. Restart the IBM HTTP Server 8.5 service
10.3. Start IBM Connections
1. Start IBM Connections, wait for the node to completely sync, then run the following
commands to start the environment
a. Stop the nodeagent:
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>stopNode.bat -username
localadmin -password password
b. Stop the DMGR:
C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>stopManager.bat -username
localadmin -password password
c. Start the DMGR
C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>startManager.bat
d. Start the nodeagent:
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>startNode.bat
e. Start the Connections node(s):
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>startServer.bat iccluster_server1
Once you get the successfully started message, you are ready to access Connections over the http
server address
11. Configure additional IBM HTTP Server settings
Here are some post install steps to help with performance
11.1. Configure HTTP Server to compress some files
1. Open httpd.conf (c:\IBM\HTTPServer\conf)
2. Find the following entries in the configuration file:
LoadModule headers_module modules/mod_headers.so
LoadModule deflate_module modules/mod_deflate.so
and uncomment them
3. Add the following after all the LoadModule's
#Only the specified MIME types will be compressed.
AddOutputFilterByType DEFLATE application/atom+xml
AddOutputFilterByType DEFLATE application/atomcat+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/json
AddOutputFilterByType DEFLATE application/octet-stream
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/xsl
4. Add the following statement to specifically indicate that image files and binaries must not be
compressed to prevent web browser hangs:
# Ensures that images and executable binaries are not compressed
SetEnvIfNoCaseRequest_URI \\.(?:gif|jpe?g|png|exe)$ no-gzip dont-vary
5. Add the following statement to ensure that proxy servers do not modify the User Agent
header needed by the previous statements:
# Ensure that proxies do not deliver the wrong content
Header append Vary User-Agent env=!dont-vary
6. Add the following statement to ensure you can access the acce tool (admin client for FileNet)
SetEnvIf Request_URI ^/acce(.*) no-gzip dont-vary
11.2. Configure Connections to use IHS to download files
This is an optional step, but recommended in the infocenter. See the following section for details.
http://www01.ibm.com/support/knowledgecenter/SSYGQH_5.5.0/admin/install/t_install_post_files_downlo
ads.dita
11.3. Conifgure Connections to use IHS to upload files
This is again an option step, but recommended in the infocenter. See the following section for
details.
http://www01.ibm.com/support/knowledgecenter/SSYGQH_5.5.0/admin/install/t_install_post_files_uploads
.dita
12. Configure IBM Connections Content Manager Libraries
During the install of Connections Filenet was deployed on the system. Post install we need to
configure the FileNet global configuration domain and objectstore. There are 2 batch files we
will use to automatically create these.
12.1. Create Filenet Global Configuration Domain (GCD)
1. If not running, start IBM Connections by running:
C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin\startManager.bat
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin\startnode.bat
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin\startserver.bat iccluster_server1
2. Run C:\IBM\Connections\ccmDomainTool\createGCD.bat
3. First it will ask you for the DMGR admin ID (localadmin for my environment), then the
password
4. Enter Y to regenerate the dminfo.properties file
5. Next I added an administrator group from my LDAP directory
6.
12.2. Create FileNet ObjectStore
7. Run C:\IBM\Connections\ccmDomainTool\createObjectStore.bat
8. First enter the WebSphere admin username and password
9. I chose Y to regenerate the dminfo.properties file
10. Same as I did with the GCD, I set the administrator group from my LDAP directory
11. Next enter the url used to access Connections (https://cprice55.swg.usma.ibm.com) NOTE:
It must be the SSL url
12.
13. Restart Connections
13. Apply Connections 5.5 Recommended updates
As of December 29, 2015 the recommended updates were the Day1 ifixes and Type-ahead
search. See the following technote for latest recommended updates:
http://www-01.ibm.com/support/docview.wss?uid=swg21972646
Software used in this step:
IBM Connections Day 1 fixes:
http://www933.ibm.com/support/fixcentral/swg/selectFixes?parent=Collaboration%2BSolutions&pr
oduct=ibm/Lotus/Lotus+Connections&release=5.5.0.0&platform=All&function=all




interim fix: 5.5.0.0-IC-Multi-IFLO87330
interim fix: 5.5.0.0-IC-Common-IFLO87469
refresh pack: 5.5.0.0-IC-Multi-UPDI-20151218
5.5.0.0-TypeAhead-20151218
13.1. Install the Day1 ifixes
1. Extract the refresh pack: 5.5.0.0-IC-Multi-UPDI-20151218, this will create an AIX-Linux
and Windows directory. Under the Windows directory is UpdateInstaller.zip
Extract UpdateInstaller to C:\IBM\Connections
2. Copy the following jar files to C:\IBM\Connections\updateinstaller\fixes
interim fix: 5.5.0.0-IC-Multi-IFLO87330 (5.5.0.0-IC-Multi-IFLO87330.jar)
interim fix: 5.5.0.0-IC-Common-IFLO87469 (5.5.0.0-IC-Common-IFLO87469.jar)
3. Open a command prompt and run
C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>setupCmdLine.bat
4. In the same command prompt, start the update installer by running
C:\IBM\Connections\updateInstaller>updateWizard.bat
5.
6.
7.
8.
9.
10.
11.
12.
13. After the fix has been applied, shut Connectiosn down. Delete the contents of
C:\IBM\WebSphere\AppServer\profiles\AppSrv01\temp -
NOTE: If this step is missed when you access connections again, you will see the theme
from Connectons 5.0
14. Restart Connections and it should be ready to use.
Download