Weitere ähnliche Inhalte Ähnlich wie JMP205 From Zero To Mobile Hero - IBM Sametime 8.5.2 Mobile Access Server Installation (20) Kürzlich hochgeladen (20) JMP205 From Zero To Mobile Hero - IBM Sametime 8.5.2 Mobile Access Server Installation1. © 2013 IBM Corporation
JMP205
From Zero to Mobile Hero:
IBM Sametime 8.5.2 Mobile Access
Server install
Frank Altenburg, SME for IBM Sametime, IBM Germany
Volker Juergensen, Senior IT Specialist, IBM Germany
2. 2 © 2013 IBM Corporation
Agenda
Introduction
Requirements for a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server
Architecture of a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server deployment
The 17 steps to a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server deployment
3. 3 © 2013 IBM Corporation
Introduction
This document describes how to implement, in a very fast way, the infrastructure to access
your IBM Sametime Community environment from mobile iOS and Android devices.
It is designed for a Proof of Concept, Proof of Technology or a small test deployment only.
It does not contain information how to implement a high available infrastructure.
You can start with this document just to "make your bosses happy". But to make the
system available for a larger number of users, it is recommended to invite IBM Services for
planing and implementing a clustered Sametime Proxy infrastructure in your organization.
If you already have a Sametime 8.5.x environment with the Sametime System Console in
place, then it is recommended to use this existing SSC to implement your Sametime Proxy
Server environment in your DMZ.
The Author has tested this scenario with all Sametime releases down to version 7.5.1. But
officially supported is IBM Sametime version 8.0.2 and newer only.
You need Sametime Standard licenses for all mobile clients who want to access the
system.
We do not recommend using this document to install your production environment.
4. 4 © 2013 IBM Corporation
New Sametime Mobile Instant Messaging
Instant Messaging Client for Android
─ Released with Sametime 8.5.2
─ Runs on Android®
2.0 and greater
─ Available on the Google®
Play Store®
and downloadable from
Sametime Community server
Instant Messaging client for iOS
─ Released with 8.5.2 IFR
─ Runs on iOS 4.3 and greater on iPhone®
and iPad®
─ Available on the Apple App Storesm
5. 5 © 2013 IBM Corporation
Sametime Mobile Features
Contact List
QuickFind
Search corporate directory
Favorites
Presence
Chat history
1 to 1 and group chat
Announcements
Emoticons
Business card
Sametime Unified Telephony
*currently Android only
Send photos
Text to speech notification and
chats*
GPS-based location*
Click to call using carrier number
or SUT
Background message notification
6. 6 © 2013 IBM Corporation
Native presence and IM on Android phones
7. 7 © 2013 IBM Corporation
Native presence and IM on the iPhone
8. 8 © 2013 IBM Corporation
Native presence and IM on the iPad
9. 9 © 2013 IBM Corporation
Support for Apple®
Push Notification
10. 10 © 2013 IBM Corporation
Getting Sametime Mobile iOS clients
● iOS client is distributed through the
Apple App Store and uses the
standard iOS update mechanisms to
maintain currency
● Client must be configured to point to
the Sametime Proxy server
─ You can play with it on Greenhouse
– Server:
st85meetingsp.lotus.com
– Port: 9444
– Secure Connection: On
– Connection Type: Direct
Connection
11. 11 © 2013 IBM Corporation
Getting Sametime Mobile Android Client
● The Android client can be loaded from the Android Market, or from the Sametime proxy
server
● If loaded from Market, the standard Market update mechanism is used
● To get from the Sametime proxy server, the loads it from the following web address from their
device: <proxy server addr>:<proxy port>/stmobile/Sametime.html
The automatic update feature from the proxy server (Lotus Mobile Installer, LMI)
- Enter the ST proxy server address:port
- Enter credentials
- Select Next and it logs you into Sametime
- As new Sametime client become available, you are
notified via an Android notification. You can select it to
install
12. 12 © 2013 IBM Corporation
Agenda
Introduction
Requirements for a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server
Architecture of a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server deployment
The 17 steps to a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server deployment
13. © 2013 IBM Corporation
IBM Sametime 8.5.2 IFR1 Proxy (Mobile Access) Server
Prerequisites
● IBM Sametime Community Server lowest release that is
supported is only 8.0.2 and newer releases.
● You need Hardware or a VM in the DMZ for the server
● You need Network and DNS configuration
● NAT between your DMZ and the internet works fine
● You need Port openings to/from Internet
● You need Port openings to/from Intranet
● You need to download the required installation files from
Passport Advantage and Fix Central
● You need 3 special administrative user accounts
● You need a trusted certificate (optional)
● Native client on iOS or Android devices
14. © 2013 IBM Corporation
IBM Sametime Community Server
This deployment is tested by the author of this document with all IBM Sametime
Community Servers releases starting Version 7.5.1.
A Sametime Community Server 7.0 or below does not work and can not be used for
this IBM Sametime Mobile Access Server deployment.
Officially supported is only IBM Sametime release 8.0.2 or newer. All older Sametime
releases are already out of support.
It works if the IBM Sametime Community Server uses Domino Directory authentication
or LDAP authentication connected to one of the supported LDAP Servers. No other
requirements to the LDAP server is required.
If you have several IBM Sametime Community Servers or IBM Sametime Community
Clusters running in a Sametime community configuration, then this IBM Sametime
Mobile Access Server is connecting automatically to all servers in your community.
If your Sametime Community servers use Domino Directory authentication we
recommend you to invite IBM Services and migrate your servers to LDAP, install a
Sametime System Console and assign the Servers to this System Console.
See this link for more information about the Domino Directory to LDAP migration.
15. © 2013 IBM Corporation
● 1 Server for
● IBM DB2 Server
● IBM Sametime 8.5.2 IFR1 System Console
● IBM Sametime 8.5.2 IFR1 Proxy Server
● Supported OS are:
- Windows Server 2003 or 2008 (32 and 64 Bit)
- Linux Enterprise Server RHEL or SLES
- AIX
- Solaris
- iSeries
This document describes how to install the components on a Windows 2008
platform.
This deployment can host only a small number of Browser and mobile Apps
clients.
Ask you IBM representative for more detailed sizing information in a defined
environment.
Hardware required for this Pilot Example Deployment
16. © 2013 IBM Corporation
OS and Network requirements
● Make sure that all servers you want to use can be resolved in DNS.
● If DNS is not available then list all full qualified server names and IP addresses
from all servers in the hosts file and publish this file to all servers.
● If you use Windows 2008 as Operating System, then you need to start all
installations and configurations in „Administrative mode“.
● You need an alias entry in your Intranet DNS server pointing to the IP address of
your Sametime Proxy (Mobile Access) Server. This should be the same host
name as in the internet.
● You need an alias entry in the public Internet DNS pointing to the external IP
address of your Sametime Proxy (Mobile Access) Server. This should be the
same host name if possible as in the intranet.
● If on your external firewall NAT is in place (IP address translation) this works fine.
But your firewall team needs to forward incoming traffic on ports 80 and 443 to
your DMZ Sametime Proxy (Mobile Access) Server address.
17. © 2013 IBM Corporation
Ports to be opened in the firewalls
● From your IBM Sametime Proxy (Mobile Access) Server in the DMZ
to all your IBM Sametime Community Servers in the intranet
you need to open the IBM Sametime Community Server VP port 1516 TCP.
● From all clients in the intranet
to the IBM Sametime Proxy (Mobile Access) Server
you need to open the HTTP and HTTPS ports 80 and 443 TCP.
● From all clients in the internet
to the public IP address of your IBM Sametime Proxy (Mobile Access) Server
you need to open the HTTP and HTTPS ports 80 and 443 TCP.
● From your IBM Sametime Proxy (Mobile Access) Server
to the Apple Push Notification Services in the internet
you need to open the ports 2195 and 2196 TCP.
This service is available on the DNS addresses “gateway.push.apple.com” and
“feedback.push.apple.com”. Both addresses have an IP address pool. If you
can not open to the DNS alias name then you need to find out what IP
addresses are behind this load balanced pool.
● From your administrative clients to the Sametime System Console Server the
Ports 8700 and 8701 for administration.
18. © 2013 IBM Corporation
For a Windows installation you need to download these files from Passport Advantage:
CZYG1ML.zip IBM DB2 9.7 32Bit Limited Use for Sametime
CZYF2ML.zip IBM Sametime 8.5.2 System Console for Windows
CI3Y8ML.zip IBM Sametime System Console V8.5.2 IFR 1
CZYE6ML.zip IBM Sametime 8.5.2 Proxy Server for Windows
From Fix Central download the file:
8521-ST-Proxy-IF-OOSN-8WGM37
Filename: STProxyHotfix.zip
This Hotfix file contains the full IBM Sametime Proxy Server 8.5.2 IFR1update and the
latest cumulative hotfix. It is not required to download and install the Sametime Proxy
8.5.2 IFR1 package first.
Create a directory, for example “C:Install”, on the servers where you want to install.
Then unpack the downloaded files into this directory. Just unpack the files required for
your deployment architecture on the particular server.
Required files for a deployment on Windows
19. © 2013 IBM Corporation
The directory “C:Install” for this example installation contains all installation files in
unpacked format:
20. © 2013 IBM Corporation
Required technical users for IBM Sametime 8.5.2
IBM Sametime requires some technical users for components to communicate in an
authenticated mode. All of this users should be configured so that the password never
expires and never needs to be changed.
db2admin
This user is created during installation of the DB2 server in the Operating System. Do
not create this user in advance.
It is the user for all IBM Sametime related components using DB2 to access their
databases. Be sure to match the password policy requirements of the OS.
wasadmin
This is the user to access the IBM WebSphere components and to administer the
system. This user must not exist in your LDAP directory. It is created during
WebSphere installation in a local file repository. Do not assign special characters for
the wasadmin password. Specially do not use the “$” character. The installer does not
warn, but the installation will fail.
21. © 2013 IBM Corporation
Required technical users for IBM Sametime 8.5.2 (cont)
Domino Administrator
This user is created during installation of the Domino server hosting the IBM Sametime
Community Server. It is a best practice to not use a existing administrative account
because it is the account with that the IBM Sametime System Console communicates
with the Community Server.
LDAP Bind User
This is a user account in your LDAP directory. This account is used to connect in
authenticated mode to the LDAP server to get all required attributes. It is possible to
connect anonymously to the LDAP but then it does not work with some LDAP systems
or the LDAP server requires special configuration to allow anonymous bind.
22. 22 © 2013 IBM Corporation
Native client on iOS or Android device
Getting the mobile Clients
─ iOS on App Store
─ Android now in Android Play Store, also as part of server installation for download
23. 23 © 2013 IBM Corporation
Agenda
Introduction
Requirements for a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server
Architecture of a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server deployment
The 17 steps to a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server deployment
24. © 2013 IBM Corporation
Different ways to a IBM Sametime 8.5.2 IFR1 Proxy (Mobile
Access) Server deployment
It is possible to place all the new components into the Intranet and use a Reverse
Proxy in the DMZ to access the system from the mobile devices through the Internet.
This requires less ports to be opened in the firewalls. But 2 connections from the
server in the Intranet through your DMZ to the APNS system in the Internet. This is
mostly a security issue and not allowed.
The Database to cache the chat messages sent to iOS devices can be implemented in
the Intranet. But then a box (Hardware or virtual machine) is required for this server
and the small database who only caches text messages. And the DB2 port needs to be
opened from the IBM Sametime Proxy server in the DMZ to this DB2 Server in the
Intranet.
Because the use of the DB2 database might be small, DB2 is (or can be) resource
intensive - if you're going to put it on the same machine - make sure the machine has
enough RAM and CPU to handle it.
A Backup of the system is required only once when the server is installed and all
features are working fine. There is no changing data that needs to be backed up
regularly. Only if you do any modification in the configuration a new full backup is
recommended.
25. © 2013 IBM Corporation
Use case for this implementation
● You have installed and in production Lotus Domino based Sametime Community
Server(s) running Sametime Standard or Sametime Entry
● Your Sametime Community Server is authenticating against a Domino Directory
or a LDAP server
● You want to test the mobile Apps
● You don't want to touch your existing production Sametime Community Servers
● If you have Standard licenses - they can be used
● If you only have Sametime Entry licenses - you can request Sametime Standard
licenses for a 60 days test period for free. Contact your IBM Sales contact
person
26. © 2013 IBM Corporation
IBM Sametime 8.5.2 IFR1 Proxy (Mobile Access) Server
our pilot deployment architecture recommendation
DB2 9.5
Server
Sametime
Proxy Server
Sametime
Community
Server
Inbound
Ports
1516
389
Outbound
Ports
8700
8701
Inbound
Ports
80 443
Outbound
Ports
2195 2196
Apple Notification Server
(APNS)
gateway.push.apple.com
feedback.push.apple.com
Intranet DMZ Internet
Sametime
System
Console
Admin Client
LDAP
Server
27. © 2013 IBM Corporation
For the APNS to work there are some requirements:
● The IBM Sametime Proxy Server must be able to connect to the APNS Servers
“gateway.push.apple.com” on port 2195, and “feedback.push.apple.com” on Port
2196.
● These connections to APNS Servers are SSL connections. To get the latest certs see
the article http://www-01.ibm.com/support/docview.wss?uid=swg21605219. The Hotfix
OOSN-8WGM37 already contains the latest certs.
● You should open this ports in your firewalls and test with telnet that you can reach the
servers.
● The device must be able to reach the IBM Sametime Proxy Server with http or https
protocol. You can use a reverse proxy in your DMZ. NAT is no problem.
● The APNS service must be able to send a notification to your device.
● If your device is connected to your intranet using Wireless LAN, it mostly can not be
notified from the apple systems. Talk to your firewall Admins to open the notification
service for your Wifi LAN.
28. 28 © 2013 IBM Corporation
Agenda
Introduction
Requirements for a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server
Architecture of a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server deployment
The 17 steps to a IBM Sametime 8.5.2 IFR1 Proxy
(Mobile Access) Server deployment
29. © 2013 IBM Corporation
The 17 steps to a Sametime 8.5.2 IFR1 Proxy environment
1.Prepare your machine and the network
2.Configure the community server(s) to trust the Mobile Access Server
3.Install the DB2 database server
4.Create the DB2 database for the Sametime System Console
5.Install the Sametime System Console
6.Upgrade the Sametime System Console to IFR1
7.Log in to the Sametime System Console
8.Create a LDAP Prerequisite configuration
9.Create a Deployment Plan for a Community Server
10.Create a Deployment Plan for the Sametime Proxy Server
11.Install the Sametime Proxy Server 8.5.2 as a Primary Node profile
12.Update the Sametime Proxy Server to IFR1 using the latest hotfix
13.Post Install Tasks
14.Create the Proxy Server DB2 Database
15.Configure the Proxy Server to use the DB2 Database
16.Configure the Apple Push Notification System
17.Configure SSL in the Proxy Server and deploy the certificate
30. © 2013 IBM Corporation
STEP ONE: Prepare your machine and the network
Summary
Before you can install your IBM Sametime Proxy (Mobile Access) Server environment,
some things needs to be checked and prepared.
31. © 2013 IBM Corporation
The machine on that you run the IBM Sametime 8.5.2 IFR1 Proxy (Mobile Access) Server
and the DB2 Database Server can be a virtual machine or a hardware box. Both works.
It is possible to use Linux as OS, but this document describes how to install on Windows.
If you use Linux you can use most parts of this document and the most installation
instructions and screen shots are identically. Mostly the paths are different.
In Linux it is recommended to have the graphical system installed for this installation and
then use a x-server on our client.
This instruction works with Windows Server 2008, and Windows Server 2003. You can use
the 32Bit or 64Bit version. And you can use the R2 Version of any of the supported OS.
Be sure that your Firewall Admin has opened all ports in the firewalls. Test all connections
using the telnet command in a CMD line window.
Be sure your used host names or DNS alias is listed in the DNS and can be used and
resolved in the internet and in your intranet.
32. © 2013 IBM Corporation
More information can be found in the official IBM Sametime
Documentation at this URL:
http://www-10.lotus.com/ldd/stwiki.nsf/xpViewCategories.xsp?
lookupName=Product Documentation
The IBM Sametime 8.5.2 Installation – From Zero To Hero
documentations can be found here:
https://www-304.ibm.com/connections/blogs/sametimeguru/?
lang=en_us
33. © 2013 IBM Corporation
STEP TWO: Configure the IBM Sametime
Community server(s) to trust the IBM Sametime
Proxy (Mobile Access) Server
Summary
This step adds the IP address of your IBM Sametime Mobile Access Server to
the “Trusted IPS” list in your Sametime Community Server.
34. © 2013 IBM Corporation
There are several ways to configure your Sametime Community Servers to trust other
servers.
The most used way in a Sametime 8.5 environment is to use the Sametime System
Console – Sametime Servers – Sametime Community Servers. There, in the configuration
page of your Sametime Community Servers on the bottom, you can add the trusted IP
addresses. Then save the changes.
This is the recommended way and works if the Sametime Community Server was installed
with the Sametime System console or registered with the Sametime System Console after
installation.
The other way is to use the Lotus Notes client and access the Community Connectivity
document in your Sametime Configuration database. There add the IP address of the
server to trust.
This method is explained in the next slides.
35. © 2013 IBM Corporation
Start your Lotus Notes client with that you can access and administer your
Sametime Community servers. Then open the “Sametime Configuration”
database “STConfig.nsf” on the Sametime Community Server.
36. © 2013 IBM Corporation
Open the “CommunityConnectivity” document.
37. © 2013 IBM Corporation
Add the IP address of your new IBM Sametime Proxy (Mobile Access) Server in
the “Community Trusted IPS” field. Then save and close the document and the
database.
38. © 2013 IBM Corporation
Now restart the Sametime Community Server by entering the command „restart server“
in the Domino Console window. Never use this command in a production Sametime
server because it can happen that not all Sametime tasks are stopped before the
domino server restarts. This can cause massive problems for starting the Sametime
Services. Stop your Domino Server using the “Quit” command or by stopping the
“Lotus Domino Service”. Wait until all ST... Tasks disappeared in your TaskManager.
Then restart the Domino Server again.
It takes up to 5 Minutes until the Sametime Community Server is completely
restarted and all 41 Sametime tasks are again active.
39. © 2013 IBM Corporation
Summary
This step installs the IBM DB2 9.7 Server.
We like to use a CMD command line window to enter some of the commands
and start the installers. For that we have created a short cut in our fast start
section. Right click the icon and select “Run as Administrator” in the menu.
You can use the Windows Explorer as well to navigate to the destination
directory and double click the installation file (launchpad.exe)
STEP THREE: Install the DB2 database server
40. © 2013 IBM Corporation
Enter the command “cd InstallSametimeDB2” and press the “Enter” key.
Enter the command “Launchpad” and press the “Enter” key.
Do not copy and paste any commands from this document into your CMD line. This does not
work because this would copy some special characters.
41. © 2013 IBM Corporation
Just click the “Install IBM DB2” link.
42. © 2013 IBM Corporation
And again click the “Install IBM DB2” link.
43. © 2013 IBM Corporation
The Installation Manager is starting up
44. © 2013 IBM Corporation
Click the “Next” button to continue.
45. © 2013 IBM Corporation
Accept the terms in the license agreement and click the “Next” button to continue
46. © 2013 IBM Corporation
Remove “Program Files” and click the “Next” button to continue
We recommend to use path names without spaces (as some scripts may require this) and also
shorten the path name so that the typical limits of some operating systems and applications
for path + file name length are avoided.
47. © 2013 IBM Corporation
Click the “Install” button to install the Installation Manager.
48. © 2013 IBM Corporation
The Installation Manager is now installing
49. © 2013 IBM Corporation
If you are using Windows 2003 R2 or Windows 2008 R2, it can be possible that
you run into a JAVA heap memory overflow during the next installation step. To prevent
this issue change a parameter in The “IBMIM.INI” configuration file of the Sametime
Install Manager. See the next 2 slides how to do this.
50. © 2013 IBM Corporation
Open your File Explorer and navigate to your Install Manager's eclipse directory
“C:IBMInstall Managereclipse”. Then open the configuration file “IBMIM.ini” in
notepad.
51. © 2013 IBM Corporation
Add he parameter “-Xmx1024m” at the end. Then save and close the file.
This parameter is case sensitive.
Click “File” and “Save” to save the changes. Then click “File” and “Exit” to close the
editor.
52. © 2013 IBM Corporation
Now you can click the „Restart Installation Manager“ button to continue.
53. © 2013 IBM Corporation
The Installation Manager is starting up
54. © 2013 IBM Corporation
Now click the „Install“ icon to continue.
55. © 2013 IBM Corporation
Select „DB2 – Version 9.7.0.0“ and click the „Next“ button to continue.
56. © 2013 IBM Corporation
Accept the terms in the license agreement and click the “Next” button to continue.
57. © 2013 IBM Corporation
Again remove “Program Files” and click the “Next” button to continue.
We recommend to use path names without spaces (as some scripts may require this) and also
shorten the path name so that the typical limits of some operating systems and applications for
path + file name length are avoided.
58. © 2013 IBM Corporation
Click the “Next” button to continue.
59. © 2013 IBM Corporation
Enter the DB2 Administrator Username (we use the default “db2admin”) and enter
the DB2 Administrator Password twice. Then click the “Next” button to continue
If you use Windows 2008, be sure to enter a password that meets the password policy. The
DB2 Admin User password should not be longer then 8 characters. Change the local security
policy to allow passwords with 8 characters length. This db2admin user will be created as a
local user or as a Active Directory User. This can not be done if the user already exists. Same
with the 2 groups that the DB2 Installer adds.
60. © 2013 IBM Corporation
Click the “Install” button to install the DB2 Server
61. © 2013 IBM Corporation
The Installation Manager installs the IBM DB2 Server now. This step takes
approximately 10 to 15 minutes.
62. © 2013 IBM Corporation
Important to know...
Your DB2 Database Server is a sensitive component in your Sametime
Environment.
It stores all the predefined configuration data and holds the information how to
communicate with your servers for administration and maintenance.
We highly recommend to make regularly a backup of your DB2 database using a
DB2 aware backup software, or export data and backup the exported data.
It is possible to implement your DB2 Server for high availability and load balancing
using DB2 methods.
For more information check into the DB2 InfoCenter, or download and read the
RedBook „High Availability and Disaster Recovery Options for DB2 on
Linux, UNIX, and Windows“
The steps to create a DB2 database need the database name as a
command line parameter. We would recommend using a CMD command
line window to enter this commands.
63. © 2013 IBM Corporation
When the installation has finished successfully, click the „Finish“ button and then close
the Installation Manager and the Launchpad.
64. © 2013 IBM Corporation
STEP FOUR: Create a DB2 Database for the
Sametime System Console
Summary
This step creates the Sametime System Console Database on the DB2
Server.
If you want to use a dedicated DB2 server or if you already have a DB2
9.7 Server environment available, you can find the Database creation
scripts in the DB2 installation package or in the particular installer
directory of the Sametime System Console and the Sametime Meeting
Server.
65. © 2013 IBM Corporation
Before we can continue with the next step, you need to restart the CMD-Line window
under Windows 2003.
Under Windows 2008 it is required to start a DB2 CMD Line with Administrative Access..
66. © 2013 IBM Corporation
Enter the command “cd installSametimeDB2DatabaseScriptsSystemConsole”.
Do not copy and paste any commands from this document into your CMD line. This does not
work because this would copy some special characters.
67. © 2013 IBM Corporation
Enter the command “createSCDb.bat STSC db2admin”.
The name of the database should not be the name of the Sametime System Console Server. If
your SSC is named „stsc.renovations.com“ then you can not name the database STSC. Then
you need to use another name for example „STSCDB“. In this example we use
„webchat.renovations.com“. So we dont have any issue with the Database Name „STSC“.
68. © 2013 IBM Corporation
The DB2 database is now created and confgured. Be sure that you see „The
SQL command completed successfully.“ response after every command.
If you don't see this responses or get an error message, be sure that your DB2
server is up and running (listening on Port 50.000 or 50.001) and you are
authenticated with the correct user and password.
69. © 2013 IBM Corporation
STEP FIVE: Install the IBM Sametime System
Console Server
Summary
This step installs the Sametime System Console Server.
70. © 2013 IBM Corporation
Navigate to the „InstallSametimeSystemConsole“ directory and enter the
command „Launchpad“
71. © 2013 IBM Corporation
The Sametime 8.5.2 Launchpad opens. Click the „Install IBM Lotus
Sametime System Console“ link on the left side.
72. © 2013 IBM Corporation
Now click the link „Launch IBM Lotus Sametime System Console 8.5.2
Installation“
73. © 2013 IBM Corporation
The Installation Manager is now loading.
74. © 2013 IBM Corporation
Click the „Install“ icon to start the installation.
75. © 2013 IBM Corporation
Select „IBM Sametime System Console server“ and „Version 8.5.2“. Then click the
„Next“ button to continue.
76. © 2013 IBM Corporation
Accept the terms in the license agreement and click the „Next“ button to continue.
77. © 2013 IBM Corporation
Enter the correct path (remove „Program Files“ and click the „Next“ button to continue.
The Package group is the installation destination for the IBM Lotus WebSphere base files. The
first installation requires the creation of a new package group. If you install more WebSphere
based applications on the same hardware (like the Sametime Proxy Server and the Sametime
Meeting Server) they can use the existing package group. Then you cannot change the
installation path.
78. © 2013 IBM Corporation
Click the „Next“ button to continue.
79. © 2013 IBM Corporation
With IBM Sametime 8.5.2 it is possible to install Sametime on top of an existing
Websphere 7.0.0.15 Server. We don't want to do this in this pilot deployment.
Just click “Next” to continue.
80. © 2013 IBM Corporation
In this screen you define the WebSphere Application Server administrative user. You
need to authenticate with this user to access the Sametime System Console. It is
important that this user does not exist in your LDAP. In this example we use the
standard „wasadmin“. Enter the password twice and click the „Next“ button to continue.
81. © 2013 IBM Corporation
Enter the host name of your DB2 server and the DB2 Administrator password. In this
example we have installed the DB2 server on the „webchat.renovations.com“ server.
Then click the „Validate“ button to continue.
82. © 2013 IBM Corporation
If the DB2 connection was successful, then you should see that the text in the button
has changed to „Validated“.
Now click the „Next“ button to continue.
83. © 2013 IBM Corporation
Click the „Install“ button to install the Sametime System Console Server.
84. © 2013 IBM Corporation
The Installation Manager now installs the Sametime System Console. This
step can take approximately 30 to 45 Minutes.
85. © 2013 IBM Corporation
Important to know...
If you plan to use the IBM Lotus Sametime System Console, you should install this part
first. But it is possible to add an already installed Sametime Server to the System
Console for managing and administration. This can be done with every new Sametime
component.
By the way, if for some reason, something happens to the system console, it may be
possible to recover without having to rebuild everything - contact support for
assistance.
Be sure to make a backup of all related data and files (DB2 and WebSphere) because
it is much faster to restore a backup if a failure occurs.
You will see that it is worth to learn about the Sametime System Console and use it
very soon!
86. © 2013 IBM Corporation
The Installer first unpacks the WebSphere Application Server install files
Then he installs the WebSphere Application Server 7.0.0.3 binaries
Then he creates the WebSphere profiles
Then he installs the Update Installer
Then he installs the Update to WebSphere 7.0.0.15
Then he install the application and configures everything
87. © 2013 IBM Corporation
Director on Windows 2008: C:UsersAll UsersIBMInstallation Managerlogsant
In this directory is the log file where the installer logs its progress. The file increases up
to approximately 302 KBytes.
The last step is to configure the services and some post install tasks.
88. © 2013 IBM Corporation
The Sametime System Console server has installed successfully. Click the „Finish“
button and close the Installation Manager and the Launchpad.
89. © 2013 IBM Corporation
STEP SIX: Update the IBM Sametime System
Console Server
Summary
This step updates the IBM Sametime 8.5.2 System Console Server to the
IFR1 release.
We like to use a CMD command line window to enter some of the commands
and start the installers. For that we have created a short cut in our fast start
section. Right click the icon and select “Run as Administrator” in the menu.
You can use the Windows Explorer as well to navigate to the destination
directory and double click the installation file (setupwin32.exe)
90. © 2013 IBM Corporation
Before you can upgrade the Sametime System Console you need to stop all server tasks
who where started during the installation.
In your existing CMD line window navigate to the Application Server binaries directory with
the command: “cd IBMWebShereAppServerprofilesSTSCAppProfilebin”.
Then enter the command “stopserver STConsoleServer -username wasadmin
-password passw0rd”.
91. © 2013 IBM Corporation
Stop the nodeagent with the command “stopnode -username wasadmin -password
passw0rd”. Then change to the dmgr bin directory wqith the command “cd
....STSCDmgrProfilebin”. And stop the dmgr with the command “stopmanager
-username wasadmin -password passw0rd”.
92. © 2013 IBM Corporation
Enter the command “cd InstallSametimeSystemConsole V8.5.2 IFR1” and
press the “Enter” key. If you have unpacked the zip file to a different directory,
then navigate to your directory where you can find the update.bat file.
93. © 2013 IBM Corporation
Enter the command “update.bat” and press the “Enter” key.
94. © 2013 IBM Corporation
The IBM Installation Manager is starting up.
95. © 2013 IBM Corporation
Now click the “Update” button to continue.
96. © 2013 IBM Corporation
Select the Product you want to upgrade. Here we select “IBM Sametime Server
Platform”. Then click the “Next” button to continue
97. © 2013 IBM Corporation
Click the “Next” button to continue
98. © 2013 IBM Corporation
Be sure that all WebSphere Servers are shut down on this box and that all federated
WebSphere Servers on other boxes are shut down as well before continuing with the
SSC update. Then click the “Next” button to continue.
99. © 2013 IBM Corporation
Click the “Update” button to install the Sametime System Console IFR1.
100. © 2013 IBM Corporation
The Sametime System Console IFR1 Update is now installing. This step takes
approximately 30 to 45 minutes.
101. © 2013 IBM Corporation
When the installation has finished successfully, click the „Finish“ button to close the
Installer.
102. © 2013 IBM Corporation
Click “File” and then “Exit” to quit the Installation Manager.
103. © 2013 IBM Corporation
STEP FSEVEN: Log in to the IBM Sametime System
Console Server
Summary
Start your preferred Browser, enter the System Console URL and log in.
In this example we use the Mozilla Firefox.
104. © 2013 IBM Corporation
Enter the URL „http://webchat.renovations.com:8700/admin“.
Then click the “Add Exception” button.
The WebSphere Application
Server Administrative interface
(the Integrated Solutions
Console ISC) is always secured
by SSL. Therefore you will be
redirected to HTTPS and the
port 8701 automatically. You
are prompted to accept the
default certificate. For different
browsers the procedure to
accept this IBM signed
certificate is different.
You can use the direct URL:
„https://webchat.renovations.c
om:8701/ibm/console“.
105. © 2013 IBM Corporation
The IBM signed certificate is not trusted by the browser. Click the „Get Certificate“
button to accept the certificate by clicking the “Confirm Security Exception Button”.
(this dialog is different using other browsers)
106. © 2013 IBM Corporation
Enter the WebSphere Application Server Administrative User name and its password.
We use „wasadmin“. Then click the „Log in“ button to continue.
107. © 2013 IBM Corporation
You have now reached the IBM Lotus Sametime System Console.
Next step is to configure the LDAP connectivity.
108. © 2013 IBM Corporation
STEP EIGHT: Configure the „Connect to LDAP
Server“ Prerequisite.
Summary
In this step you configure the LDAP connectivity in the Sametime System
Console. This is used for the Sametime Community Server installation as
well as in the Sametime Meeting Server and Media Manager installation.
You can change this LDAP connectivity later. But this will not apply to any
Deployment Plan or to any already installed server. Any changes needs to
be done in the servers configuration directly. (Community, Meeting, Media
) This is only for the first installation of the servers before creating the
Deployment Plan.
109. © 2013 IBM Corporation
Now click the „Sametime Prerequisites“ link.
Next click the „Connect to LDAP Servers“ link.
Click the „S a m e tim e S ys te m C ons ole “ link.
110. © 2013 IBM Corporation
On any Sametime System
Console Screen you can
find additional information
on the middle part of the
page. There are Links to the
official Sametime InfoCenter
for the particular step you
want to do next.
111. © 2013 IBM Corporation
To connect to an LDAP server click the „Add“ button to continue.
112. © 2013 IBM Corporation
Configure the LDAP connectivity
information on this screen.
- The Deployment Name can be anything
describing this LDAP connection.
- The Host name should be the Full
Qualified Host name. The Port depends
on the LDAP.
- An MS AD LDAP Server normally uses
the Port 3268. Other LDAP Systems use
the Port 389.
- Do not use the secure connection
unless you have imported the certificate
from the LDAP server.
- The Bind Distinguished Name should
be the full qualified Distinguished Name
(DN) of the Bind user.
Click the „Next“ button to continue.
113. © 2013 IBM Corporation
The system now connects to the LDAP server, authenticates and requests the LDAP
parameters. It detects the possible Base DN's and the Directory type.
Select the right Base DN on this screen. For Domino LDAP this feeld must be empty.
Check the „Configure advanced LDAP settings“ checkbox to see more LDAP
parameters.
Click the „Next“ button to continue.
114. © 2013 IBM Corporation
Click the „Next“ button to continue.
115. © 2013 IBM Corporation
Click the „Next“ button to continue.
116. © 2013 IBM Corporation
Click the „Finish“ button to save the settings and configure the
LDAP connection in the Symetime System Console Server.
117. © 2013 IBM Corporation
The LDAP connection is now successfully created and the Sametime System
Console server configured. This is a major security configuration change that
requires a WebSphere server restart.
118. © 2013 IBM Corporation
The Sametime System Console is now configured to use LDAP. The server needs to be
restarted. The Services have not changed, but they seem not to be started.
119. © 2013 IBM Corporation
But in the Task Manager you see that there are several java.exe processes running.
The Installation Manager starts the services in the background but not using the OS
Service start mechanism. The Service does not recognize that it is started and cant
show this status in the Services view.
120. © 2013 IBM Corporation
In your existing CMD line window navigate to the Application Server binaries directory with
the command: “cd IBMWebShereAppServerprofilesSTSCAppProfilebin”.
Then enter the command “stopserver STConsoleServer -username wasadmin
-password passw0rd”.
121. © 2013 IBM Corporation
Stop the nodeagent with the command “stopnode -username wasadmin -password
passw0rd”. Then change to the dmgr bin directory wqith the command “cd
....STSCDmgrProfilebin”. And stop the dmgr with the command “stopmanager
-username wasadmin -password passw0rd”.
122. © 2013 IBM Corporation
Then set all of the 3 WebSphere services to automatic.
Double click the service. In the “General” tab, near “Startup type”
select “Automatic”. Then click the “Apply” button.
123. © 2013 IBM Corporation
When this is done for all 3 services, then you can easily restart the
Sametime System Console by restarting the operating system.
Note: During the Sametime 8.5.2 installation, the required server processes are starting
automatically. The services are added at the end of the installation. This means just after the
installation the IBM WebSphere services are shown as not started, but the tasks are running.
If you now try to start the services in the services view, this will fail. You need to restart the
operating system once, and then you can start / stop the services in the services dialog.
124. © 2013 IBM Corporation
Now reboot the Operating System. Then all services who are set to start automatic, are
starting using the service startup method.
125. © 2013 IBM Corporation
In the Task Manager you can now see the 3 java.exe processes of the Sametime System
Console.
126. © 2013 IBM Corporation
STEP NINE: Run the Guided Activity to configure the
IBM Sametime Community Server deployment
plan
Summary
This guided activity takes you through the steps of creating a deployment plan, which
collects information that pre-populates installation screens.
We need this Sametime Community Server deployment plan to create the Sametime
Proxy Server deployment plan. In this Sametime Proxy Server deployment plan you
have to configure a Sametime Community Server to where the Sametime Proxy
Server needs to connect first.
Without a Sametime Community Server deployment plan you can not create a
Sametime Proxy Server deployment plan.
127. © 2013 IBM Corporation
If you already have a Sametime System Console Server in place and your
Sametime Community Server(s) are registered with this console, then you can use
one of these Deployment plans and do not create this plan.
But if you
●
do not want to touch your existing Sametime Community environment
●
do not want to migrate them to LDAP now
●
do not want to upgrade them to Sametime release 8.5.2 now
then you need to create this deployment plan in the Sametime System Console and
will not install the Community Server using this plan now. This is only a dummy to
point the Sametime Proxy Server deployment to connect to the right Sametime
Community Server.
With this dummy Sametime Community Server deployment plan you can not
manage the Sametime Community Server policies in the Sametime System console
and you can not administer your Sametime Community Server from the Sametime
System Console unless you migrate to LDAP and register it with the Sametime
System Console.
128. © 2013 IBM Corporation
Be sure that your Domino Server is up and running and the HTTP Task is started.
129. © 2013 IBM Corporation
Start your Browser now and connect to the Sametime System Console. Then login as
described in Step 5.
Now click on „Sametime System Console“ and then „Guided Activities“.
Then click the „S a m e tim e S ys te m C ons ole “ link.
130. © 2013 IBM Corporation
Confirm that „Create a New Deployment Plan“ is checked and click the „Next“ button.
131. © 2013 IBM Corporation
Enter a name for your Community Server Deployment Plan. In this example we just
name it „Chat Server“. Then click the „Next“ button to continue.
132. © 2013 IBM Corporation
We want to install the Product Version 8.5.2. Leave it as it is and just click the „Next“
button.
133. © 2013 IBM Corporation
Enter the Host name of your running Domino Server. The port should only be changed
if your Domino HTTP task listens on another port. Enter the Domino Administrators
User ID and the password. In this example we use „Domino Admin“. Click the „Next“
button to continue.
134. © 2013 IBM Corporation
On Windows it is standard to use the local Sametime Server for Slide Conversion. But
it is possible that you have a stand alone Slide Conversion server running. Then you
can fill this settings. In this example we just click the „Next“ button to continue.
135. © 2013 IBM Corporation
Select the LDAP you want to use for the Sametime Community Server. In this
example we use the „Renovations AD LDAP“. (it is the only one we have).
Then click the „Next“ button to continue.
136. © 2013 IBM Corporation
HTTP Tunneling is required if your Sametime Clients need to connect to your
Sametime Server through a Web Proxy or Reverse Proxy Server. But then
performance can be slower. Only enable HTTP tunneling when urgently required.
Then click the „Next“ button to continue.
137. © 2013 IBM Corporation
Confirm all settings and then click the „Finish“ button.
138. © 2013 IBM Corporation
You have now successfully created a deployment plan for your Sametime Community
Server.
The next step is to install the Sametime Community Server - but we jump to
STProxy planning and its installation next.
139. © 2013 IBM Corporation
Summary
Use the Lotus Sametime System Console to prepare to install a Lotus Sametime
Proxy Server by pre-populating values required for installation.
STEP TEN: Run the guided activity to configure the
IBM Sametime Proxy Server deployment plan
140. © 2013 IBM Corporation
In the Sametime System Console click on „Sametime System Console“, then on
„Sametime Guided Activities“ and then click „Install Sametime Proxy Server“.
141. © 2013 IBM Corporation
Confirm that „Create a New Deployment Plan“ is checked and click the „Next“
button.
142. © 2013 IBM Corporation
Enter a name for your Proxy Server Deployment Plan. In this example we just
name it „Proxy Server“. Then click the „Next“ button to continue.
143. © 2013 IBM Corporation
We want to install the actual version 8.5.2. just click the „Next“ button to continue.
144. © 2013 IBM Corporation
The default setting is „Primary Node“ that we use this example. If you plan to
implement the Sametime Proxy Server in a standalone environment, then select
„Cell“. Note that it is not possible to implement a Cell Profile and a Network
Deployment on the same box.
Click „Next“ to continue.
145. © 2013 IBM Corporation
A “Primary Node” can be federated to an existing Deployment Manager. We
want to federate our environment to the Deployment Manager of our Sametime
System Console. Select the “Systemconsole...”.
Click „Next“ to continue.
146. © 2013 IBM Corporation
Enter the full qualified host name of your proxy server. In this example we use
„webchat.renovations.com“. Enter a WebSphere administrative user name and its
password twice. We just use the standard „wasadmin“ name.
Click the „Next“ button to continue.
147. © 2013 IBM Corporation
Select the Community Server you want your Proxy Server to connect to. You need to
connect only to one Community Server. The Proxy Server gets information about
other Servers in the community and connects to this servers automatic. (Don't forget
to enable trust on the other servers as well) In this example we just select the „Chat
Server“. Then click „Next“ to continue.
148. © 2013 IBM Corporation
Control your settings and if all is correct click the „Finish“ button to save the new
deployment plan.
149. © 2013 IBM Corporation
We have now successfully created our Sametime Proxy Server deployment plan.
150. © 2013 IBM Corporation
STEP ELEVEN: Install the Sametime Proxy Server
8.5.2 as a Primary Node profile
Summary
This step installs the IBM Sametime Proxy Server 8.5.2.
151. © 2013 IBM Corporation
Navigate to the Installation Directory and start the launchpad installer. We use a
Windows CMD command window and enter the commands: „cd
InstallSametimeProxyServer“ and just „launchpad“
152. © 2013 IBM Corporation
The Sametime Proxy Launchpad Installer is loading. Click the link „Install IBM Lotus
Sametime Proxy Server“
153. © 2013 IBM Corporation
Now click the link „Launch IBM Lotus Sametime proxy Server 8.5.2 Installation“
154. © 2013 IBM Corporation
The IBM Installation Manager is loading.
155. © 2013 IBM Corporation
To Install the Sametime Proxy Server click the „Install“ icon.
156. © 2013 IBM Corporation
Check the „IBM Sametime Proxy server“ and „Version 8.5.2“ entries. They are
unchecked by default. Then click the „Next“ button.
157. © 2013 IBM Corporation
Accept the terms in the license agreement and click the „Next“ button.
158. © 2013 IBM Corporation
Click the “Next” button to continue.
159. © 2013 IBM Corporation
We want to use a predefined Deployment Plan from the Sametime System console.
Leave the “Use Lotus Sametime System Console to Install” option checked and
click the „Next“ button to continue.
160. © 2013 IBM Corporation
With IBM Sametime 8.5.2 it is possible to install Sametime on top of an existing
Websphere 7.0.0.15 Server. We don't want to do this in this pilot deployment.
Just click “Next” to continue.
161. © 2013 IBM Corporation
Enter the host name of the Sametime System Console. We use
“webchat.renovations.com”. Enter the WebSphere Administrator user name and password.
In the last field enter the host name of the computer where you want to install the Sametime
proxy Server to. We use “webchat.renovations.com” as well. Then click the “Validate”
button.
162. © 2013 IBM Corporation
The settings are validated. Click the “Next” button to continue.
163. © 2013 IBM Corporation
Select the deployment plan for your Sametime Proxy Server. Then click the “Next” button to
continue.,
164. © 2013 IBM Corporation
Check your settings again and then click the „Next“ button to continue.
165. © 2013 IBM Corporation
Start the installation by clicking the „Install“ button.
166. © 2013 IBM Corporation
The Sametime Proxy Server is now installing. This step takes approximately 20 to 30
minutes because you are installing the second WebSphere instance on a Server.
167. © 2013 IBM Corporation
Important to know...
The Sametime Proxy Server...
● while the STProxy application itself does not "need" an LDAP server, as soon as it is
part of a CELL that has LDAP (and security) configured - it will need access to the
LDAP host as well
● it provides a web application that provides browser access
● is like a Web based Sametime Connect Client
● supplies the new Web API for Web based application integration
● can be implemented with or without the Sametime System Console
● can be connected to existing older Sametime Servers
● can be connected to a community cluster
You can have one or more Proxies in your organization
You can implement one or more Proxies and cluster them
● using the WebSphere Cluster Method (Network Deployment)
● individual Proxies with a Load Balancer in front of them
By default the Sametime Proxy Server installs to use Port 9080 and 9443 (SSL).
If you want to use Port 80 and 443 you need to enter the Sametime Sametime System
Console and change the port settings in the Application Server. Detailed instructions can
be found later in this documentation.
168. © 2013 IBM Corporation
When the Sametime Proxy Server has installed successfully just click the „Finish“
button. Then exit the Installation Manager and the Launchpad.
169. © 2013 IBM Corporation
STEP TWELVE: Update the Sametime Proxy Server
to IFR1 with the latest cumulative Hotfix
Summary
Use this procedure to apply the Interim Feature Release to the IBM
Sametime 8.5.2 Proxy Server.
170. © 2013 IBM Corporation
The installation in the previous step started all the components of the IBM Sametime
Proxy server. For the upgrade to IFR1 it is required to stop the Sametime Proxy Server
tasks first. But because they are started before the services are created, the services do
not reflect the running tasks.
171. © 2013 IBM Corporation
Do not copy and paste any commands from this document into your CMD line. This does not
work because this would copy some special characters.
Open a CMD line Window and navigate to the directory:
“cd IBMWebSphereAppServerprofileswebchatSTPPNProfile1bin”.
Then enter the command:
“stopServer STProxyServer -username wasadmin -password passw0rd”.
172. © 2013 IBM Corporation
When the Sametime Proxy Server has stopped stop the nodeagent next with the command
“stopNode -username wasadmin -password passw0rd”.
173. © 2013 IBM Corporation
Change to the Proxy Hotfix Installation directory with the command “cd
InstallSTProxyHotfix” and press the “Enter” key. If you have unpacked the
zip file to a different directory, then navigate to your directory where you can
find the update.bat file.
174. © 2013 IBM Corporation
Enter the command “update.bat” and press the “Enter” key.
175. © 2013 IBM Corporation
The IBM Installation Manager is starting up.
176. © 2013 IBM Corporation
Now click the “Update” button to continue.
177. © 2013 IBM Corporation
Select the Product you want to upgrade. Here we select “IBM Sametime Server
Platform”. Then click the “Next” button to continue
178. © 2013 IBM Corporation
Click the “Next” button to continue
179. © 2013 IBM Corporation
We are sure that all WebSphere Servers are shut down. Just click the “Next” button
to continue.
180. © 2013 IBM Corporation
Click the “Update” button to install the IBM Sametime Proxy Server IFR1.
181. © 2013 IBM Corporation
The IBM Sametime Proxy Server IFR1 Update is now installing. This step takes
approximately 20 to 25 minutes.
182. © 2013 IBM Corporation
Important to know...
A new main feature in Sametime 8.5.2 IFR1 Proxy Server is the Apple iOS integration
using an App that can be installed for free from the Apple App store.
This app then connects to your Sametime proxy Server through the Internet. For this
can work, your Sametime Proxy Server must be accessible from the Internet.
This means you need to set it up in your DMZ or configure a reverse proxy in your
DMZ and forward the traffic to your Sametime Proxy in the intranet. But the
recommended way is to implement your Sametime Proxy Server in your DMZ.
Another recommendation is that your Sametime Proxy Server can communicate with
the Apple notification service. For this can work you need to open 2 ports in your
firewall to this servers in the internet. These ports are 2195 to the Apple notification
server and port 2196 to the Apple feedback server.
183. © 2013 IBM Corporation
When the installation has finished successfully, click the „Finish“ button to close the
Installer.
184. © 2013 IBM Corporation
Click “File” and then “Exit” to quit the Installation Manager.
185. © 2013 IBM Corporation
STEP THIRTEEN: Post Install Tasks for the IBM
Sametime Proxy Server
Summary
This procedure configures the Sametime Proxy Server to listen on ports
80 and 443. The default after a standard installation is to listen on ports
9080 or 9081 and 9443 or 9444.
Be sure no other application listens on this ports (IIS, other web server,
anti virus software or management software)
186. © 2013 IBM Corporation
Open your preferred browser and enter the URL
“http://webchat.renovations.com:8700/admin”.
Login to the WebSphere Integrated Solutions Console of
your Sametime Proxy Server using the wasadmin
username and its password.
187. © 2013 IBM Corporation
Click on “Servers” - “Server Types” and then on “WebSphere application servers”.
188. © 2013 IBM Corporation
Click your “STProxyServer” now.
189. © 2013 IBM Corporation
Click the “Ports” link.
190. © 2013 IBM Corporation
Click the “WC_defaulthost” link.
191. © 2013 IBM Corporation
Change the port to “80” and click the “OK” button.
192. © 2013 IBM Corporation
Now click the “WC_defaulthost_secure” link
193. © 2013 IBM Corporation
Change the port to “443” and click the “OK” buton.
194. © 2013 IBM Corporation
Click the “Save” link to save your last changes.
195. © 2013 IBM Corporation
You have now successfully changed the your Sametime Proxy Server to listen on Ports
80 and 443.
196. © 2013 IBM Corporation
You need to configure SSO/LTPA-Token stuff now
reasons
● security is enabled
● After successful login to community - an LTPA-Token will be generated and placed
in the users session
● since the LTPA token is in the session, since security is enabled, WebSphere will
go ahead and attempt to validate that token.
● We've seen cases where the inability to validate that token causes issues - at the
min, "lots of prints" in systemout that lead to confusion - at the max, failure to
successfully use the Sametime Proxy web application(s) for example in iNotes or
Connections.
With this configuration you also have them ready to install the other components later
when you choose to do it, and meeting web client awareness will already be ready to
work.
197. 197 © 2010 IBM Corporation
Social Business
In the ISC go to “Security” - “Global Security”
198. 198 © 2010 IBM Corporation
Social Business
Then go to “Web and SIP security” - “Single sign-on (SSO)”
199. 199 © 2010 IBM Corporation
Social Business
Enter your Domain – we use “renovations.com” and check the “Interoperability Mode”
checkbox. Then click the “Apply” button.
200. 200 © 2010 IBM Corporation
Social Business
To save the changes, just click the “Save” link.
201. 201 © 2010 IBM Corporation
Social Business
In “Security” - “Global Security” click the “LTPA” link on the right side.
202. 202 © 2010 IBM Corporation
Social Business
Change the LTPA timeout to “600” minutes. And click the “Apply” button.
203. 203 © 2010 IBM Corporation
Social Business
To save the changes, just click the “Save” link.
204. 204 © 2010 IBM Corporation
Social Business
In “Security” - “Global Security” click again the “LTPA” link on the right side.
205. 205 © 2010 IBM Corporation
Social Business
Enter a password for your LTPA Token Key twice, the path where to store the key file –
we use “c:tempLTPA_token.key” - and then click the “Export Keys” button.
206. 206 © 2010 IBM Corporation
Social Business
The Key file is now stored on the local hard disk of the System Console Server.
207. 207 © 2010 IBM Corporation
Social Business
In the Global Security Screen click the “Apply” button
208. 208 © 2010 IBM Corporation
Social Business
Click “Save” to save the last security changes to the master configuration repository.
209. 209 © 2010 IBM Corporation
Social Business
Now we need to import the Key file to the Domino based Sametime Community
Server. Start your Domino Administrator and open the Domino Directory on the
Sametime Community Server. Then click into “Servers” - “Web Configurations” and
open the Document “Web SSO Configuration for LtpaToken”
210. 210 © 2010 IBM Corporation
Social Business
Click the “Edit SSO Configuration” button. If you get a warning saying you can
not access parts of the document, then you need to open the document directly
on the Sametime Server using the Server ID file. (start nlnotes.exe)
211. 211 © 2010 IBM Corporation
Social Business
Click the “Keys” button and then the “Import WebSphere LTPA Keys” entry.
212. 212 © 2010 IBM Corporation
Social Business
Yes we want to overwrite the existing Key. Click the “OK” button.
Copy the Keyfile that you have exportet in the previous step to the Sametime Community
Server machine and ehter the path to this key here. If you have copied the key just use
“c:tempLTPA_token.key” or just “sametime.renovations.comc$tempLTPA_token.key”
Then click the “OK” button.
Enter the password for the key and click the “OK” button.
213. 213 © 2010 IBM Corporation
Social Business
You should get this message now if the path to the file and the
password was correct.
214. 214 © 2010 IBM Corporation
Social Business
Change the Token Format...
215. 215 © 2010 IBM Corporation
Social Business
Select “LtpaToken and LtpaToken2...” and click the “OK” button.
216. 216 © 2010 IBM Corporation
Social Business
Set the “Expiration (minutes)” to “600” and then click the “Save & Close” button.
217. 217 © 2010 IBM Corporation
Social Business
Last step is to restart the domino server for the changes take effect. Enter the
command “restart server”. (but don't do this in a production Sametime Server. You
know...See Page 142...)
218. © 2013 IBM Corporation
Summary
This step is to create and configure the DB2 Database for the Sametime Proxy
Server. This database is required to cache the Sametime messages sent to iOS
mobile devices.
STEP FOURTEEN: Create the DB2 Database for the
Sametime Proxy Server
219. © 2013 IBM Corporation
Next is to create the database in the DB2 Server. If your DB2 Server is on a separate
machine or on another machine, then you need to copy the database creation script
files to this server first. Copy the files “createProxyDb.bat” and “proxyServer.ddl” to a
directory on your DB2 Server.
Open a Administrative DB2 CMD window using “Start” - “All Programms” - “IBM DB2”
- “DB2COPY1 (Default)” - “Command Line Tools” - “Command Window” -
Administrator”.
220. © 2013 IBM Corporation
Navigate to the directory containing the database creation script. In this Zero to Hero
example we use just “cd C:InstallSTProxyHotfixDatabaseScripts”.
221. © 2013 IBM Corporation
Run the database creation script with the command: “createProxyDb.bat STPR
db2admin”. The term “STPR” is the name of the database and “db2admin” is the DB2
Database Server Administrator.
222. © 2013 IBM Corporation
Be sure that you see the “...command completed successfully” message after all
commands.
223. © 2013 IBM Corporation
Summary
In this step you configure the DB2 Database in the Sametime Proxy server.
STEP FIFTEEN: Configure the Proxy Server to use
the DB2 Database
224. © 2013 IBM Corporation
Open a File explorer and navigate to “C:InstallSTProxyHotfixDatabaseScripts”. If
you have unpacked the install zip file to a different directory then use this one.
225. © 2013 IBM Corporation
Open a second explorer window and navigate to the directory
“C:IBMWebSphereSTPServerPN”. Then copy the file “proxyDBSetup.py” from the
install directory to this directory.
226. © 2013 IBM Corporation
Next is to navigate to the directory
“C:IBMWebSphereSTPServerPNSametimeProxyServerOfferingSametimeServer
STProxyproxy”. In this directory open the file “proxy.properties” with Notepad or
Wordpad or with your favorite text editor.
227. © 2013 IBM Corporation
Edit the following values:
* proxy.DbAppUser (db2admin)
* proxy.DbAppUserPassword (db2admin password)
* proxy.DataBaseServerName (host name of the DB2 server)
* proxy.DataBaseServerPort (default port for DB2)
* proxy.DbName (database name created earlier)
Then save and close the file.
228. © 2013 IBM Corporation
Now it is required to configure the DB2 Database who caches messages to the iOS
devices in the Sametime Proxy Server. For this a long command in a CMD line window is
required. Several paths are required. To get and paste this path into a CMD-Line window it
is easy to use the Windows Explorer. First navigate to the directory
“C:IBMWebSphereAppServerprofileswebchatSTPPNProfile1bin”. But do not mark
the full path. Mark only the part starting from “AppServer...”. Then press the Ctrl-C to copy
this path to the dashboard.
229. © 2013 IBM Corporation
Open a CMD-Line window and navigate to the directory
“C:IBMWebSphereSTPServerPN”.
230. © 2013 IBM Corporation
Now start entering the command. Begin just with “..”. Next is to paste the part from the
dashboard.
231. © 2013 IBM Corporation
Continue with “wsadmin.bat -lang jython -user wasadmin -password passw0rd -f “”
Don't forget the “ at the end because the next part is a path that needs to be in
doublequotes.
232. © 2013 IBM Corporation
Now we need the path to the file “proxyDBSetup.py” including the filename.
233. © 2013 IBM Corporation
Copy and paste the path from the explorer window, add the backslash and then copy and
paste the filename from the explorer window. Add a doublequote sign at the end.
234. © 2013 IBM Corporation
Now we need the path and filename of the “proxy.properties” file that we have edited
just before.
235. © 2013 IBM Corporation
Start with blank and double quotes then paste the path. Then add the backslash and then
paste the filename. Add a double quote at the end.
Now the command is completed and you can confirm with the “ENTER” key.
236. © 2013 IBM Corporation
The script is now running.
237. © 2013 IBM Corporation
The script has finished.
238. © 2013 IBM Corporation
After the database configuration the IBM Sametime Proxy Server needs to be restarted
for the configuration changes are in effect.
Change to the Sametime Proxy profiles binary directory with the command “cd
IBMWebSphereAppServerprofileswebchatSTPPNProfile1bin”.
Stop the Proxy Server with the command: “stopserver STProxyServer -username
wasadmin -password passw0rd”. Stop the Nodeagent with the command “stopnode
-username wasadmin -password passw0rd”.
239. © 2013 IBM Corporation
Now it is required to create the service for the Sametime Proxy Servers nodeagent. Change
to the WebSphere binaries directory with the command “cd
IBMWebSphereAppServerbin”. Now create the service with the command “wasservice
-add STProxyServer_NA -serverName nodeagent -profilePath
C:IBMWebSphereAppServerprofileswebchatSTPPNProfile1bin -stopArgs “-
username wasadmin -password passw0rd” -encodeParams”. Now configure the
dependency with the command “sc config “IBMWAS70Service – STProxyServer”
depend= “IBMWAS70Service - STProxyServer_NA””.
240. © 2013 IBM Corporation
In the Services window start the STProxyServer service now.
241. © 2013 IBM Corporation
Set both Sametime Proxy Services to start automatic.
242. © 2013 IBM Corporation
Open your browser and navigate to your Proxy – ISC. Log in with your wasadmin user
and then navigate to “Resources” - “JDBC” - “JDBC providers”. Here you should see
the newly created JDBC Provider configuration for your Proxy Server.
243. © 2013 IBM Corporation
Now click on “Resources” - “JDBC” - “Data sources”. Here you should see your newly
created Data Source configuration.
244. © 2013 IBM Corporation
Check mark the “STProxyDataSource” and click the “Test connection” button. This
test will only work if the Sametime Proxy Server is up and running after the restart.
245. © 2013 IBM Corporation
Be sure that the result says “successful”. The warning message can be ignored.
246. © 2013 IBM Corporation
Summary
This section describes how the Apple Push Notification (APNS) works and
how it needs to be configured in your Sametime Proxy Server.
STEP SIXTEEN: Apple Notification to iOS devices
247. 247 © 2013 IBM Corporation
Sametime for iOS Message / Notification Flow
VPN /
Reverse
Proxy
Sametime
Proxy
DMZ
Internet Intranet
Apple
PNS
HTTPS
TLS/SSL
(push notifications only, no sensitive data)
TCP port 2195 for notification connection
TCP port 2196 for error reporting connection (feedback service)
Community
Server
HTTPS
Push
Nofications
iOS Device
248. 248 © 2013 IBM Corporation
Sametime for iOS Message / Notification Flow
VPN /
Reverse
Proxy
Sametime
Proxy
DMZ
Internet Intranet
Apple
PNS
HTTPS
TLS/SSL
(push notifications only, no sensitive data)
TCP port 2195 for notification connection
TCP port 2196 for error reporting connection (feedback service)
Community
Server
HTTPS
Push
Nofications
iOS Device
Sametime registers with APNS, gets
assigned a device token
249. 249 © 2013 IBM Corporation
Sametime for iOS Message / Notification Flow
VPN /
Reverse
Proxy
Sametime
Proxy
DMZ
Internet Intranet
Apple
PNS
HTTPS
TLS/SSL
(push notifications only, no sensitive data)
TCP port 2195 for notification connection
TCP port 2196 for error reporting connection (feedback service)
Community
Server
HTTPS
Push
Nofications
iOS Device Sametime logs in, sending device token
250. 250 © 2013 IBM Corporation
Sametime for iOS Message / Notification Flow
VPN /
Reverse
Proxy
Sametime
Proxy
DMZ
Internet Intranet
Apple
PNS
HTTPS
TLS/SSL
(push notifications only, no sensitive data)
TCP port 2195 for notification connection
TCP port 2196 for error reporting connection (feedback service)
Community
Server
HTTPS
Push
Nofications
iOS Device Sametime sends 'pause' command before
going to background
251. 251 © 2013 IBM Corporation
Sametime for iOS Message / Notification Flow
VPN /
Reverse
Proxy
Sametime
Proxy
DMZ
Internet Intranet
Apple
PNS
HTTPS
TLS/SSL
(push notifications only, no sensitive data)
TCP port 2195 for notification connection
TCP port 2196 for error reporting connection (feedback service)
Community
Server
HTTPS
Push
Nofications
iOS Device
Another user sends
message to mobile user
252. 252 © 2013 IBM Corporation
Sametime for iOS Message / Notification Flow
VPN /
Reverse
Proxy
Sametime
Proxy
DMZ
Internet Intranet
Apple
PNS
HTTPS
TLS/SSL
(push notifications only, no sensitive data)
TCP port 2195 for notification connection
TCP port 2196 for error reporting connection (feedback service)
Community
Server
HTTPS
Push
Nofications
iOS Device
Proxy sees mobile user is
Paused. Stores in database.
253. 253 © 2013 IBM Corporation
Sametime for iOS Message / Notification Flow
VPN /
Reverse
Proxy
Sametime
Proxy
DMZ
Internet Intranet
Apple
PNS
HTTPS
TLS/SSL
(push notifications only, no sensitive data)
TCP port 2195 for notification connection
TCP port 2196 for error reporting connection (feedback service)
Community
Server
HTTPS
Push
Nofications
iOS Device
Proxy sends device token to APNS,
Requests a push notification be
sent to device
254. 254 © 2013 IBM Corporation
Sametime for iOS Message / Notification Flow
VPN /
Reverse
Proxy
Sametime
Proxy
DMZ
Internet Intranet
Apple
PNS
HTTPS
TLS/SSL
(push notifications only, no sensitive data)
TCP port 2195 for notification connection
TCP port 2196 for error reporting connection (feedback service)
Community
Server
HTTPS
Push
Nofications
iOS Device
APNS sends
push
notification
to device
255. 255 © 2013 IBM Corporation
Sametime for iOS Message / Notification Flow
VPN /
Reverse
Proxy
Sametime
Proxy
DMZ
Internet Intranet
Apple
PNS
HTTPS
TLS/SSL
(push notifications only, no sensitive data)
TCP port 2195 for notification connection
TCP port 2196 for error reporting connection (feedback service)
Community
Server
HTTPS
Push
Nofications
iOS Device When user selects view: Sametime
reconnects to server and sends command
to retrieve messages.
256. 256 © 2013 IBM Corporation
Sametime for iOS Message / Notification Flow
VPN /
Reverse
Proxy
Sametime
Proxy
DMZ
Internet Intranet
Apple
PNS
HTTPS
TLS/SSL
(push notifications only, no sensitive data)
TCP port 2195 for notification connection
TCP port 2196 for error reporting connection (feedback service)
Community
Server
HTTPS
Push
Nofications
iOS Device Sametime proxy sends queued
message(s) to device from database
257. © 2013 IBM Corporation
The IBM Sametime 8.5.2 IFR1 Proxy update installer copies a certificate to the server
that is required to communicate with the Apple Notification Servers with SSL encryption.
This certificate has to be copied to the WebSphere Application Server directories now.
Find the certificate file “apns-prod.pkcs12” in the directory
“C:IBMWebSphereAppServerprofilesSTPSNAppProfileconfigcellswebchatSTP
Cell1nodeswebchatSTPNode1”.
258. © 2013 IBM Corporation
Copy this certificate file “apns-prod.pkcs12” to the directory
“C:IBMWebSphereAppServerprofilesSTSCDMgrProfileconfigcellswebchatSSCCell”
.
259. © 2013 IBM Corporation
Copy this certificate file “apns-prod.pkcs12” to the directory
“C:IBMWebSphereAppServerprofilesSTPDMgrProfileconfigcellswebchatProxyCell
nodeswebchatproxyNode”.
260. © 2013 IBM Corporation
To synchronize the last changes, go into your WebSphere Integrated Solutions (Admin)
Console and click on “System administration” - “Nodes”.
261. © 2013 IBM Corporation
Select your “webchatProxyNode” server and click the “Full Resynchronize” button.
262. © 2013 IBM Corporation
The new APNS certificate files are now synchronized to your application server.
263. © 2013 IBM Corporation
Summary
For iOS devices to connect to the Sametime Proxy Server without any
additional security settings, a trusted SSL certificate needs to be installed.
STEP SEVENTEEN: Configure SSL in the Proxy
Server and deploy the certificate
264. © 2013 IBM Corporation
Installation and configuration of the SSL certificates requires this steps:
1) Create the certificate request and send it to the Certificate Authority
2) Receive the certificate and import it into your WebSphere server
3) Add the root and intermediate certificates
4) Configure the specific SSL configuration for endpoint in the inbound and outbound
tree
5) Save the configuration and syncronize
6) Restart the server
265. © 2013 IBM Corporation
In your WebSphere Integrated Solutions Console click on “Security” - “SSL certificate
and key management”.
266. © 2013 IBM Corporation
Click on “Key stores and certificates”.
267. © 2013 IBM Corporation
Now click on “CellDefaultKeyStore”.
268. © 2013 IBM Corporation
And now click on “Personal certificate requests”.
269. © 2013 IBM Corporation
Now click the “New” button to create a new certificate request.
270. © 2013 IBM Corporation
Fill the form with your data:
File for certificate request:
“c:tempcert_req.cer”
Key label:
“SSL_Cert”
Common name:
(your server host name alias)
“webchat.renovations.com”
Organization:
Your organization or company
Locality:
Your city or locality
State or province:
Your province
Zip Code:
Your ZIP code.
Country or region:
Select your country
Then click the “OK” button.
271. © 2013 IBM Corporation
Click on “Save” to save your last changes.
272. © 2013 IBM Corporation
Now copy the certificate request file that you have created into your local workstation.
Then request a trusted server certificate from your favorite trust center by sending the
content of the file (or the complete file).
273. © 2013 IBM Corporation
You will receive the certificate from your trust center by e-mail or as a file attachment.
Copy the certificate text starting with “-----BEGIN CERTIFICATE-----” and ending with “-----
END CERTIFICATE-----” without any trailing or ending characters into a file.
Copy this file to your Sametime Proxy Server to the “C:temp” directory.
Download the Root and intermediate certificates from your trust center web site and copy this
files as well to your “C:temp” directory
274. © 2013 IBM Corporation
Now click on “Personal certificates”.
275. © 2013 IBM Corporation
Click the button “Receive from a certificate authority...”.
276. © 2013 IBM Corporation
In the field “Certificate file name” enter the path and filename to your received server
certificate “c:tempserver_cert.cer”. Then click the “OK” button.
277. © 2013 IBM Corporation
Click the “Save” link to save your last changes.
278. © 2013 IBM Corporation
Your new server certificate is now imported successfully.
279. © 2013 IBM Corporation
Next is to import the root and intermediate certificates. Click the “Key stores and
certificates” link.
280. © 2013 IBM Corporation
Click on “CellDefaultTrustStore”.
281. © 2013 IBM Corporation
Click “Signer certificates”.
282. © 2013 IBM Corporation
Click the “Add” button.
283. © 2013 IBM Corporation
Enter an Alias for the root certificate “verisign_root” and enter the path and file name to the
root certificate file. Then click the “OK” button.
284. © 2013 IBM Corporation
Click “Save” to save your last changes.
285. © 2013 IBM Corporation
Now you have successfully adde the root certificate. Do the same steps with the Intermediate
certificate.
286. © 2013 IBM Corporation
Click the “Add” button.
287. © 2013 IBM Corporation
Enter an Alias for the root certificate “verisign_intermediate” and enter the path and file
name to the intermediate certificate file. Then click the “OK” button.
288. © 2013 IBM Corporation
Click “Save” to save your last changes.
289. © 2013 IBM Corporation
Now you have successfully adde the intermediate certificate.
290. © 2013 IBM Corporation
Click on “Security” - “SSL certificates and key management” and then on “Manage
endpoint security configuration”.
291. © 2013 IBM Corporation
In the “Inbound” tree open the “webchatProxyNode(nodeDefaultSSLSettings)” -
“Servers”. Then click on “STProxyServer”.
292. © 2013 IBM Corporation
Check the check-box “Override inherited values” and then click the “Update certificate
alias list” button.
293. © 2013 IBM Corporation
In the “Certificate alias in key store” select your “ssl_cert”. Then click the “OK” button.
294. © 2013 IBM Corporation
In the “Outbound” tree open the “webchatProxyNode(nodeDefaultSSLSettings)” -
“Servers”. Then click on “STProxyServer”.
295. © 2013 IBM Corporation
Check the check-box “Override inherited values” and then click the “Update
certificate alias list” button.
In the “Certificate alias in key store” select your “ssl_cert”. Then click the “OK” button.
296. © 2013 IBM Corporation
Save the last changes by clicking the “Save” link.
297. © 2013 IBM Corporation
All services are set to start automatic. We recommend to restart your operating system to
be sure all services are stopping and starting up correctly.
When the OS is restarted then you are ready to test all features.
Check that your server communicates with the Sametime Community Server on port
1516 and with the Apple Notification Server.
298. © 2013 IBM Corporation
Additional Steps after the installation:
Some additional Tuning steps can be done after all components are installed. You
should consult the Sametime Product Documentation in the Internet about this steps
here:
http://www-10.lotus.com/ldd/stwiki.nsf/dx/Tuning_st852
299. © 2013 IBM Corporation
UC Sessions at IBM Connect 2013
Sunday
08:00 AM - 10:00 AM SHOW401 : Demystifying Your IBM Sametime Deployment with the Configuration Validator - Jeff Miller
10:30 AM - 12:30 PM JMP204 : IBM Sametime 8.5.3 Architecture and Deployment Workshop - Wes Morgan
01:30 PM - 03:30 PM JMP206 : IBM Sametime Unified Telephony QuickStart Deployment - Chris Price
04:00 PM - 06:00 PM JMP205 : From Zero to Mobile Hero: IBM Sametime 8.5.2 Mobile Access Server install - Frank Altenburg Volker Juergensen
Monday
01:00 PM - 02:00 PM BP102 : Build Your Free Admin Toolkit - Chris Miller
02:15 PM - 03:15 PM SPOT102 : Web Experience and Social Communications - Carsten Gericke Volker Juergensen
05:00 PM - 06:00 PM INV103 : Social Communications Strategy and the IBM Sametime Roadmap - John Del Pizzo
Tuesday
11:15 AM - 12:15 PM AD109 : Using the IBM Sametime Proxy SDK: Websphere Portal, IBM Connections - and Beyond - William Holmes Carl Tyler
ID401 : What's Next in IBM Sametime - Marlon Machado
01:30 PM - 02:30 PM INV302 : Face It, We Need to Talk! Rich Media in IBM Sametime - Julie Reed
AD107 : Delivering Customer Experience Excellence via the IBM Sametime Proxy - Brendan Murray
ID401 : What's Next in IBM Sametime - Marlon Machado
03:00 PM - 04:00 PM CUST101 : Continental: Unleashing a Smarter Workforce with IBM Sametime for Social Collaboration - Eckard Jakobi Volker
Juergensen
05:30 PM - 06:30 PM ID402 : IBM Sametime Mobile Instant Messaging and Meetings - David Langley Russ Fahey Steve Babin
SPOT105 : Collaboration Re-Invented: Interactive Tables and Videoconferencing - Frank Sonder Volker Juergensen
Wed
08:00 AM - 09:45 AM SHOW400 : If it Fits, it Ships! Getting the Most out of Your IBM Sametime Client Install - Clayton Markos Nancy Pittman
08:15 AM - 09:15 AM ID407 : Seeing is Believing: Advanced Video Technology for IBM Sametime - Pat Galvin Bhavuk Srivastava
10:00 AM - 11:00 AM ID404 : Best Practices for IBM Sametime Meetings Deployment End-to-End - Ben Gold
01:30 PM - 02:30 PM AD108 : Social Collaboration in the Real World - Brendan Arthurs
BP301 : Rock Solid IBM Sametime For High Availability - Gabriella Davis
04:15 PM - 05:15 PM ID405 : Taking IBM Sametime to the Edge: Deploying a Collaborative Extranet - Tony Payne
05:30 PM - 06:30 PM ID403 : IBM Sametime System Console: One-Stop Sametime Administration - Frank Altenburg Volker Juergensen
BP302 : Social Communications: A Roadmap to Connecting Sametime with Everything - Peter Lurie David Price
Thursday
08:30 AM - 09:30 AM ID406 : Best Practices in Voice and Video Deployment - Uri Segev
11:15 AM - 12:15 PM ASK102 : Ask the Product Managers
01:30 PM - 02:45 PM ASK101 : Ask the Developers
300. 300 © 2013 IBM Corporation
Legal Disclaimer
© IBM Corporation 2013. All Rights Reserved.
The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this publication, it is
provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not
be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any
warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.
References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in this
presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. Nothing
contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results.
Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending
upon many factors, including considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no
assurance can be given that an individual user will achieve results similar to those stated here.
All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance
characteristics may vary by customer.
IBM, the IBM logo, Lotus, Lotus Notes, Notes, Domino, Quickr, Sametime, WebSphere, UC2, PartnerWorld and Lotusphere are trademarks of International Business Machines Corporation in the United States,
other countries, or both. Unyte is a trademark of WebDialogs, Inc., in the United States, other countries, or both.
Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries.
Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.
Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both.
Intel, Intel Centrino, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.
Other company, product, or service names may be trademarks or service marks of others.