Yesterday I moved a customers single Sametime 8.0.2 server to a new 8.5.2.1 server. The planning and execution went well apart for pesky iNotes integration with STLinks. The customer isn’t huge so going Sametime 9 with SSC and DB2 really didn’t warrant increased consultancy and support costs and certainly not a Sametime Proxy.

Anyway, the problem I had (which wasn’t happening with 8.0.2) was that in IE awareness wouldn’t appear. The buddy list would load and show users added to local groups and show the public groups but not the public groups content. Firefox and Chrome worked fine.

I enabled the Java console and saw errors when the browser tries to download STLinks from the Community server. The URL the browser was trying to use was prepended with HTTPS but the Community server has not been configured for SSL whilst iNotes has.

I then found the following draft Technote in IBM’s knowledge base which gave me two options, 1) to configure SSL on the Community server or 2) to use STLinks on the iNotes server instead thus meaning that SSL can be used.

I followed the instructions and after restarting HTTP on the two iNotes servers awareness and chat in IE worked.

Problem
sametime connection issue with INotes when SSL is used

Cause
There should be the internet hostname of the sametime server, not the domino name, update the Domino name and restart the inotes server.

Solution
A.  configure SSL on the sametime server

OR

B.  Make the following changes to download all stlinks files from the inotes server, but have the applet continue to contact sametime over http.

On the inotes servers please make the following changes.

1.  In the notes.ini set the following parameter:
iNotes_WA_STLinksCodebase=/sametime/stlinks

2.  Backup the stlinks directory on teh inotes server, replace it with the stlinks directory from the Sametime server

3.  In the hostInfo.js make sure you have the following set:

var HTTP_TUNNELING_PORT=8082;                 ** Note this may also be 80, it depends on the st config, either should be fine, just leave it as it’a already set **
var TUNNELING_ADDRESS=””;

4.  In the stlinks.js
set the following variable to the hostname of the sametime server:
var STHost=”sametime.moi.gov.kw”;

NOTE:  this variable already exists in the file, you simply need to update the value it’s set to.

4.  use the signed stlinks.jar
backup the existing stlinks.jar in lotus/domino/data/domino/html/sametime/stlinks
copy signed/stlinks.jar to the stlinks folder

5.  restart inotes to pick up all the changes
on the client you are testing with delete all temp internet and jvm files (control panel – java) and test inotes again.

During an install of Connections 4.5 I came across a problem when Configuring the IBMConnectionsMetricsAdmin role on Cognos which required me to disable anonymous access in the Cognos Configuration tool (Local Configuration -> Security -> Authentication -> Cognos to set Allow anonymous access? -> False) and save.

On saving I was getting the following error in the client.

2014-03-19_101919

I had previously applied 10.1.1 FP001 and believed something had happened during the upgrade.

Googling came up with some suggestions all around cryptography with How to Regenerate Cryptographic Keys seemingly the best way to try and get this working. The problem was that I couldn’t export a copy of the configuration.

I tried various approaches including configuring cogstartup.xml manually removing the encryption variables so no password was set, nothing worked.

The more I Googled and researched IBM/Cognos forums the more Java was mentioned. After burning the best part of a day I started to look at what version of Java was being used.

I have installed on CentOS (not supported I know) and the version of java is as follows.

[root@cognos ~]# java -version
java version “1.7.0_09-icedtea”
OpenJDK Runtime Environment (rhel-2.3.4.1.el6_3-x86_64)
OpenJDK 64-Bit Server VM (build 23.2-b09, mixed mode)

This is reading it from /usr/bin/java.

I didn’t set JAVA_HOME when installing Connections which installs Cognos so what version of Java is it using? I looked at the WebSphere SystemOut.log for the application server and noted that it is using the IBM JRE (/opt/IBM/WebSphere/AppServer/java).

After setting export JAVA_HOME=/opt/IBM/WebSphere/AppServer/java I could save my settings in the Cognos Configuration client.

When testing audio and video via a web browser of mobile phone I would see the following error in a browser when trying to use audio and video in a meeting. Using the thick client worked.

st2

Looking at the SIP Proxy Registrars SystemOut.log I saw the following exceptions.

[2/11/14 18:08:43:660 GMT] 000000a7 LdapPasswordS I LdapPasswordServer  CWSCT0359I: Hashed Credential attributes not found.
[2/11/14 18:08:43:661 GMT] 000000a7 SIPDigestServ E SIPDigestService  CWSCT0340E: Error – cannot retrieve password attribute.

I enabled trace on the SIP PR ( *=info:com.ibm.ws.security.*=all:com.ibm.ws.sip.*=all) and found that the LtpaToken was “undefined.”

REGISTER sip:prcf.collaborationben.com;transport=tls SIP/2.0
Content-Length: 0
Expires: 1800
Max-Forwards: 70
Cookie: LtpaToken=”undefined”
Supported: path, outbound
User-Agent: Sametime-ST9.0-Softphone
Contact: <sip:WebAVClient-Ben.Williams%40collaborationben.com@**********:54303;transport=tls>;methods=”INVITE,ACK,BYE,CANCEL,OPTIONS,INFO,MESSAGE,SUBSCRIBE,NOTIFY,PRACK,UPDATE,REFER”;reg-id=1;+sip.instance=”<urn:uuid:********************>”
Call-ID: *****************@192.0.1.58
CSeq: 1 REGISTER
To: sip:WebAVClient-Ben.Williams%40collaborationben.com@prcf.collaborationben.com
From: WebAVClient-Ben.Williams%40collaborationben.com <sip:WebAVClient-Ben.Williams%40collaborationben.com@prcf.collaborationben.com>;tag=BCF17103-85B0EEA0
Via: SIP/2.0/TLS 192.0.1.58:54303;branch=z9hG4bK42f99901F8B8AD8E

I also saw that when I logged in as an LDAP user the trace showed my file system administrative user.

user:defaultWIMFileBasedRealm/uid=wasadmin,o=defaultWIMFileBasedRealm

The LtpaToken must be working because the SIP PR is in the same cell as the majority of the other application servers and awareness works which means SSO must be working but the above shows that it isn’t. Odd.

I also noticed that if I authenticated with the Community server first and then switched to the meeting server URL, audio and video worked. It was the LtpaToken being provided by the WAS application server that was a problem.

I tried a couple of things such as changing the realm name to match the LDAP server as opposed to the default (defaultWIMFileBasedRealm) but this did not work.

Thankfully Khalid arranged a call with development and he asked me to uncheck “Set security cookies to HTTPOnly to help prevent cross-site scripting attacks.”

st3

After I resynchronised and stopped and started all the application servers and proxies I could then use audio and video in my clients!

This should be making its way into a Technote soon.

 

We all know that LDAP is the biggest threat to Sametime, don’t we? Are we all aware of how that impacts audio and video through business cards?

Well, a customer logged a problem yesterday after audio and video failed on their 8.5.2.1 infrastructure. What made this more difficult to troubleshoot was the fact that last week and we had other problems relating to audio and video which was “taken out” after a network change the weekend prior. With last weeks problem clouding my judgement I went down the route of checking for network and synchronisation issues (last weeks problem) that I failed to look at LDAP.

It wasn’t until I spent some hours checking that last weeks problem hadn’t reared it’s head again that I looked at client side trace and saw the following exception.

CLFRB1232W: When processing the softphone configuration encountered an error: com.ibm.collaboration.realtime.telephony.exception.TelephonyRuntimeException: Required directory or missing required configuration information. Voice and video services are not available. Please contact the administrator.

The error in the client was:

1

These errors indicate that the UserInfo service isn’t providing the email address to the client’s business card. Audio and video requires the email address to function. This was detailed in a Technote which now seems to be broken http://www-01.ibm.com/support/docview.wss?uid=swg21447891

I also checked the registered bindings in the SSC and saw people connected to the SIP Proxy Registrar with audio and video working for some. Business cards were not showing the email address and in the client trace there was further signs of UserInfo problems.

User attribute search returned 0 attributes for person CN=Joe Bloggs,OU=London,O=ACME (chat01.acme.com)

New DirectoryLookupThread created for [CN=Joe Bloggs,OU=London,O=ACME]
java.lang.Throwable
at com.ibm.collaboration.realtime.people.internal.DirectoryLookupThread.<init>(Unknown Source)
at com.ibm.collaboration.realtime.people.internal.PeopleCacheMgr.loadPersonData(Unknown Source)
at com.ibm.collaboration.realtime.people.internal.PeopleCacheMgr.loadPersonData(Unknown Source)
at com.ibm.collaboration.realtime.people.internal.PeopleCacheEventHandler.handlePartnerInteraction(Unknown Source)
at com.ibm.collaboration.realtime.people.internal.PeopleCacheEventHandler.handleBuddySelected(Unknown Source)
at com.ibm.collaboration.realtime.people.internal.PeopleCacheEventHandler.handleMessageEvent(Unknown Source)
at com.ibm.collaboration.realtime.magiccarpet.MessageEventHandlerProxy.handleMessageEvent(Unknown Source)
at com.ibm.collaboration.realtime.magiccarpet.MessageEventAdapter.processEvent(Unknown Source)
at com.ibm.collaboration.realtime.magiccarpet.messageprocessor.WorkItemRunnable.run(Unknown Source)
at com.ibm.collaboration.realtime.magiccarpet.messageprocessor.WorkThread.run(Unknown Source)

Calling the servlet via a web browser returned the correct results chat01.acme.com/servlet/UserInfoServlet?operation=3&userId=cn=Joe%20Bloggs,ou=London,o=Acme&setid=1.

 <?xml version=”1.0″ encoding=”UTF-8″ ?>
– <userinfo>
– <user id=”cn=Joe Bloggs,ou=London,o=acme“>
<field name=”Name” type=”text/plain”>Joe Bloggs</field>
<field name=”Company” type=”” error=”UNAVAILABLE” />
<field name=”Title” type=”” error=”UNAVAILABLE” />
<field name=”Telephone” type=”” error=”UNAVAILABLE” />
<field name=”MailAddress” type=”text/plain”>Joe.Bloggs@acme.com</field>
<field name=”Location” type=”” error=”UNAVAILABLE” />
<field name=”Photo” type=”” error=”UNAVAILABLE” />
</user>
</userinfo>

This customer has problems with LDAP and changing the max and low pending variables has been tried before but it broke other Sametime components. Until a test environment is provisioned or it is agreed that I can fix forward in production not much can be done with regards to performance tuning.

Anyway, the Community server was restarted this morning and business cards worked and so did audio and video. For the time being.

During the build of an internal Sametime 9 environment I came across problems with video calls via a meeting room, point-to-point was fine. I was getting the error “The call was not completed due to a dialling error. AVKCS2200E: Failure response 403 received in response to invitation to CN=Ben Williams, O=collaborationben. Reason is: Unspecified Dial Failure.”

2014-01-02_115441

I’ll explain how I have it set up. As this is all run on a bulky VMWare server at home I use hosts files to control DNS. I have called my domain “collaborationben.com” which is the same as my Blog. All servers can resolve themselves and can resolve DNS to the internet.

I enabled the following trace on the CF server:

*=info: com.ibm.mediaserver.*=all: com.ibm.telephony.conferencing.spi.*=all: com.ibm.ws.sip.*=all: com.lotus.sametime.telephonymanager.*=all: com.ibm.sip.*=all: com.ibm.vmgrconnector.*=all: com.lotus.sametime.telephony.*=all

On the VMgr I enabled:

“*=info: com.polycom.proximo.*=all

The errors in the VMgr were below:

[11/27/13 15:29:15:751 GMT] 000001a6 VideoMsMonito 3 com.polycom.proximo.mcu.VideoMsMonitorSupport$Ping run Connection to 192.168.1.45:8080 took 1 milliseconds connected: true
[11/27/13 15:29:16:028 GMT] 00000160 SuperclusterS 1 com.polycom.proximo.monitor.aggregator.SuperclusterStatusAggregateProviderImpl aggregateData Running supercluster status aggregation task.
[11/27/13 15:29:16:028 GMT] 00000160 SuperclusterS 1 com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator getSuperclusterStateOfHealth Enter getSuperclusterStateOfHealth
[11/27/13 15:29:16:028 GMT] 00000160 RemoteCommand 3 com.polycom.proximo.supercluster.RemoteCommandSupport getLocalClusterRemoteCommandProxy Generate proxy for ProximoMonitorServiceRemoteCommands to local cluster
[11/27/13 15:29:16:028 GMT] 00000160 RemoteCommand 1 com.polycom.proximo.supercluster.RemoteCommandSupport call URL from call method:
https://66.155.11.238:8444/PlcmRmWeb/remoteCommand?SuperclusterStateOfHealthAggregator_buildSuperclusterStateOfHealth_ArgsImpl
[11/27/13 15:29:16:028 GMT] 00000160 HttpUtils 1 com.polycom.proximo.util.HttpUtils makeHttpsUrlConnection Successfully established makeHttpsUrlConnection
[11/27/13 15:29:16:029 GMT] 00000160 RemoteCommand 3 com.polycom.proximo.supercluster.RemoteCommandSupport call Sending command:
https://66.155.11.238:8444/PlcmRmWeb/remoteCommand?SuperclusterStateOfHealthAggregator_buildSuperclusterStateOfHealth_ArgsImplSuperclusterStateOfHealthAggregator_buildSuperclusterStateOfHealth_ArgsImpl[]
[11/27/13 15:29:16:121 GMT] 00000160 SuperclusterS E com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator getSuperclusterStateOfHealth Unable to access server with virtual address. Using local info: Unexpected Exception
[11/27/13 15:29:16:121 GMT] 00000160 SuperclusterS 1 com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator buildSuperclusterStateOfHealth Enter buildSuperclusterStateOfHealth
[11/27/13 15:29:16:121 GMT] 00000160 SuperclusterS 1 com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator buildSuperclusterStateOfHealth Aggregating dashboard detail for cluster null.collaborationben.com
[11/27/13 15:29:16:121 GMT] 00000160 SuperclusterS 1 com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator buildSuperclusterStateOfHealth Adding dashboard detail for missing cluster 66.155.11.238
[11/27/13 15:29:16:122 GMT] 00000160 SuperclusterS 1 com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator updateActiveNodeStatus missing node detail for cluster null.collaborationben.com
[11/27/13 15:29:16:122 GMT] 00000160 SuperclusterS 1 com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator updateActiveNodeStatus missing node detail for cluster 66.155.11.238
[11/27/13 15:29:16:122 GMT] 00000160 RawClusterDat 1 com.polycom.proximo.monitor.aggregator.RawClusterDataCleaner cloneElements Sip Enabled: SipStatusDetailImpl[sipEnabled=true, defaultAddress=, sessionTimer=1800, listeningPointList=[ListeningPointImpl[address=192.0.80.250, port=5060, transport=TCP], ListeningPointImpl[address=192.0.80.250, port=5061, transport=TLS]]]
[11/27/13 15:29:16:122 GMT] 00000160 RawClusterDat 1 com.polycom.proximo.monitor.aggregator.RawClusterDataCleaner cloneElements Sip Enabled: null
[11/27/13 15:29:16:122 GMT] 00000160 Responsibilit E com.polycom.proximo.monitor.aggregator.ResponsibilityAggregator setAggregatedResponsibility NodeUID could not be determined for cluster: null.collaborationben.com
[11/27/13 15:29:16:122 GMT] 00000160 Responsibilit 1 com.polycom.proximo.monitor.aggregator.ResponsibilityAggregator setAggregatedResponsibility Cluster 66.155.11.238 uid[3b07956e-fff9-4d92-8fb0-7832ae60cd96]
[11/27/13 15:29:16:122 GMT] 00000160 Responsibilit 1 com.polycom.proximo.monitor.aggregator.ResponsibilityAggregator setAggregatedResponsibility Territory 76.74.254.120controlled[false] primary[true] backup[false] unowned[false]
[11/27/13 15:29:16:122 GMT] 00000160 Responsibilit 1 com.polycom.proximo.monitor.aggregator.ResponsibilityAggregator setAggregatedResponsibility Cluster 66.155.11.238 confRoom[INACTIVE_PRIMARY] calendaring[DISABLED] enterpriseDirectory[DISABLED]
[11/27/13 15:29:16:123 GMT] 00000160 SuperclusterS W com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator buildSuperclusterStateOfHealth Unable to determine local node name using hostname ‘vmgr.collaborationben.com’ instead
[11/27/13 15:29:16:123 GMT] 00000160 SuperclusterS W com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator buildSuperclusterSummary Unable to find cluster info for null.collaborationben.com
[11/27/13 15:29:16:123 GMT] 00000160 SuperclusterS W com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator buildSuperclusterSummary Info built for a cluster currently unreachable or in trouble.
[11/27/13 15:29:16:123 GMT] 00000160 SuperclusterS 1 com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator updateServerCounts Currently configured to connect to MCUs: [null.collaborationben.com]
[11/27/13 15:29:16:124 GMT] 00000160 SuperclusterS 1 com.polycom.proximo.monitor.aggregator.SuperclusterStateOfHealthAggregator buildSuperclusterStateOfHealth Exit buildSuperclusterStateOfHealth
[11/27/13 15:29:16:124 GMT] 00000160 DashboardMana 1 com.polycom.proximo.monitor.DashboardManager getDashboardDetail Getting dashboard info
[11/27/13 15:29:16:124 GMT] 00000160 SuperclusterA I com.polycom.proximo.supercluster.SuperclusterAccessCommands loadJuniperConfiguration loadJuniperConfiguration returning config: JuniperConfiguration[enableSRC:false, port:8080, forceHTTPS:false, useEPAddrForSubURI:true]
[11/27/13 15:29:16:126 GMT] 00000160 SuperclusterS 1 com.polycom.proximo.monitor.aggregator.SuperclusterStatusAggregateProviderImpl aggregateData Supercluster status aggregation task complete.
[11/27/13 15:29:17:612 GMT] 00000a63 LTPAServerObj E SECJ0369E: Authentication failed when using LTPA. The exception is com.ibm.websphere.wim.exception.PasswordCheckFailedException: CWWIM4537E No principal is found from the ‘admin’ principal name..
[11/27/13 15:29:17:614 GMT] 00000a63 LoginContextA I com.polycom.proximo.api.support.servlet.LoginContextAuthSession open Attempting to login to context: proxias-users requiring role: null, locale: en_us
[11/27/13 15:29:17:615 GMT] 00000a63 ProxiasLoginM I com.polycom.proximo.admin.login.ProxiasLoginModule initialize ProxiasLogin : Initialize …
[11/27/13 15:29:17:615 GMT] 00000a63 CustomLoginMo 1 com.polycom.proximo.admin.login.websphere.CustomLoginModuleWS initialize Initializing CustomLoginModuleWS class class com.polycom.proximo.admin.login.websphere.CustomLoginModuleWS
[11/27/13 15:29:17:616 GMT] 00000a63 ProxiasLoginM 1 com.polycom.proximo.admin.login.ProxiasLoginModule login Entering login()
[11/27/13 15:29:17:616 GMT] 00000a63 CustomLoginMo 1 com.polycom.proximo.admin.login.websphere.CustomLoginModuleWS createIdentity Inside CreateIdentity() method the Username : adminprincipalClassName value: com.ibm.security.auth.JAASPrincipal
[11/27/13 15:29:17:617 GMT] 00000a63 ProxiasLoginM I com.polycom.proximo.admin.login.ProxiasLoginModule validatePassword validating password for: LOCAL\admin
[11/27/13 15:29:17:618 GMT] 00000a63 ProxiasLoginM W com.polycom.proximo.admin.login.ProxiasLoginModule validatePassword Failed getting x509 certificate from HttpServletRequest

I highlighted a number of IP addresses all of which did not fit my internal 192.168.x.x addresses. After researching the IP addresses seen in the SystemOut.log I find links to ServerBeach and after a bit more digging I see they are associated with WordPress. Some of the other IP addresses are to WordPress themselves.

What was happening was that the host file entries were being ignored and the VMgr was resolving the domain .collaborationben.com and being directed to WordPress. I had to change the resolv.conf removing the nameserver which was router from all my Sametime 9 servers. After a reboot of all the servers video worked perfectly.

I questioned IBM as to why the host file is ignored but as yet I have not had a response. I’m aware that for the vast majority of people using Sametime 9 they will have DNS configured properly but for those who don’t…….

I like to use CentOS in the lab to install all IBM software to avoid licensing costs and Windows when possible. CentOS has always had it’s challenges and I have blogged a few times about additional libraries required to get software working. I use the basic server install which is pretty minimal but that’s what you should be using, right?

With Sametime 9 I have noticed the following gotchas you should be aware of.

Do not use 64 bit CentOS for the Community server

I have never been able to install Sametime Community server on a 64 bit version of CentOS. The same is still true for Sametime 9.

When installing Domino on the 64 bit version it helpfully tells you that you need to install 32 bit packages.

To run this installer you need 32bit (i686) packages installed on your 64 bit Linux RedHat.
They are not installed by default, but are mandatory. The installer will exit after this message.
        libXtst-1.0.99.2-3.el6.i686
        libXmu-1.0.5-1.el6.i686
        libXp-1.0.0-15.1.el6.i686
        libXft-2.1.13-4.1.el6.i686
        libXi-1.3-3.el6.i686

When installing the Community server I get various errors.

[root@st9 Server]# ./setuplinux.bin

     Initializing Wizard……..
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 712: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 712: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 712: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 712: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 712: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 712: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 712: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 712: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 712: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 1551: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 1551: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 1551: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 1551: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 1551: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 1551: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 1551: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 1551: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 1551: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 690: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 690: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 690: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 690: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 690: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 690: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 690: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 690: [: : integer expression expected
./setuplinux.bin: line 472: bc: command not found
./setuplinux.bin: line 690: [: : integer expression expected

[root@st9 Server]# yum install bc

./install_tdiv70_linux_x86_64.bin -is:tempdir /opt/temp

Initializing Wizard……..
Extracting Bundled JRE.

Bundled JRE is not binary compatible with host OS/Arch or it is corrupt.  Testing bundled JRE failed.

[root@st9 Server]# ./setuplinux.bin -console -is:log /tmp/installlog.txt

Log file created by MultiPlatform installer @Mon Sep 30 10:20:15 BST 2013
INSTALLER_PATH=/opt/installs/sametime/SametimeStandardServer/Server/./setuplinux.bin
Checking the environment variables specifed in the JVM files to find the JVM…
No JVM can  be found using the shell environment variable. Searching JVM will co
ntinue with Path Hints specified in the JVM Files…
jvm files not specified. Searching a JVM can not be performed.
Extracting bundled JRE…
checking disk space on the parition /tmp/istemp6007273102015 for /tmp/istemp6007273102015/ibm_linux_15.bin
83843 512 bytes disk blocks required.
29139696 512 bytes disk blocks  available on the partition /tmp/istemp6007273102015
Disk space check on the parition /tmp/istemp6007273102015 succeeded.
checking disk space on the parition /tmp/istemp6007273102015 for /tmp/istemp6007273102015/ibm_linux_15.bin
Bundled JRE is not binary compatible with host OS/Arch or it is corrupt.  Testing bundled JRE failed.

[root@st9 Server]# ./setuplinux.bin -is:extract
9 files extracted in the directory /opt/installs/sametime/SametimeStandardServer/Server/istemp6336273102254

I have tried setting a temp directory, extracting the jar file, nothing works. I now always use the 32 bit version of CentOS which works like a charm.

Install Perl

When installing the Video MCU (VMCU) and Video Manager (VMgr) you need to install additional packages as detailed in list of RPMs to install on the Sametime Video MCU. What I found after applying all the packages listed and others to cater for the fact that it is not RHEL is the following errors on start-up.

[10/24/13 6:44:38:124 BST] 00000047 SystemCommand W com.polycom.proximo.util.runtime.SystemCommand setStatus status changed for cmd[/usr/bin/sudo /opt/IBM/WebSphere/MediaServerPNVMGR/proximo/current/bin/admin-cfg-scripts/getNetworkInfo.pl] exitValue[1] status[ENDED_FAILURE]
[10/24/13 6:44:38:125 BST] 00000047 RedHatSystemC E com.polycom.proximo.shared.system.RedHatSystemCommandManager logFailedSc failed command: cmd[/usr/bin/sudo /opt/IBM/WebSphere/MediaServerPNVMGR/proximo/current/bin/admin-cfg-scripts/getNetworkInfo.pl] exitValue[1] status[ENDED_FAILURE]
[10/24/13 6:44:38:126 BST] 00000047 RedHatSystemC E com.polycom.proximo.shared.system.RedHatSystemCommandManager logFailedSc stderr: sudo: unable to execute /opt/IBM/WebSphere/MediaServerPNVMGR/proximo/current/bin/admin-cfg-scripts/getNetworkInfo.pl: No such file or directory

[10/24/13 6:44:38:126 BST] 00000047 RedHatSystemC E com.polycom.proximo.shared.system.RedHatSystemCommandManager logFailedSc stdout:
[10/24/13 6:44:38:132 BST] 00000047 DmaStartupSer E com.polycom.proximo.startup.DmaStartupServlet init Startup Serlvet experienced Problems: java.lang.NullPointerException
                                 java.lang.NullPointerException
    at com.polycom.proximo.supercluster.SuperclusterService.startService(SuperclusterService.java:616)
    at com.polycom.proximo.supercluster.SuperclusterServiceRuntimeExt.initialize(SuperclusterServiceRuntimeExt.java:52)
    at com.polycom.proximo.startup.DmaStartupServlet.init(DmaStartupServlet.java:146)
    at com.ibm.ws.webcontainer.servlet.ServletWrapper.init(ServletWrapper.java:338)
    at com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.init(ServletWrapperImpl.java:168)
    at com.ibm.ws.webcontainer.servlet.ServletWrapper.loadOnStartupCheck(ServletWrapper.java:1363)
    at com.ibm.ws.webcontainer.webapp.WebApp.doLoadOnStartupActions(WebApp.java:606)
    at com.ibm.ws.webcontainer.webapp.WebApp.commonInitializationFinally(WebApp.java:576)
    at com.ibm.ws.webcontainer.webapp.WebAppImpl.initialize(WebAppImpl.java:425)
    at com.ibm.ws.webcontainer.webapp.WebGroupImpl.addWebApplication(WebGroupImpl.java:88)
    at com.ibm.ws.webcontainer.VirtualHostImpl.addWebApplication(VirtualHostImpl.java:169)
    at com.ibm.ws.webcontainer.WSWebContainer.addWebApp(WSWebContainer.java:749)
    at com.ibm.ws.webcontainer.WSWebContainer.addWebApplication(WSWebContainer.java:634)
    at com.ibm.ws.webcontainer.component.WebContainerImpl.install(WebContainerImpl.java:426)
    at com.ibm.ws.webcontainer.component.WebContainerImpl.start(WebContainerImpl.java:718)
    at com.ibm.ws.runtime.component.ApplicationMgrImpl.start(ApplicationMgrImpl.java:1175)
    at com.ibm.ws.runtime.component.DeployedApplicationImpl.fireDeployedObjectStart(DeployedApplicationImpl.java:1370)
    at com.ibm.ws.runtime.component.DeployedModuleImpl.start(DeployedModuleImpl.java:639)
    at com.ibm.ws.runtime.component.DeployedApplicationImpl.start(DeployedApplicationImpl.java:968)
    at com.ibm.ws.runtime.component.ApplicationMgrImpl.startApplication(ApplicationMgrImpl.java:774)
    at com.ibm.ws.runtime.component.ApplicationMgrImpl.start(ApplicationMgrImpl.java:2182)
    at com.ibm.ws.runtime.component.CompositionUnitMgrImpl.start(CompositionUnitMgrImpl.java:445)
    at com.ibm.ws.runtime.component.CompositionUnitImpl.start(CompositionUnitImpl.java:123)
    at com.ibm.ws.runtime.component.CompositionUnitMgrImpl.start(CompositionUnitMgrImpl.java:388)
    at com.ibm.ws.runtime.component.CompositionUnitMgrImpl.access$500(CompositionUnitMgrImpl.java:116)
    at com.ibm.ws.runtime.component.CompositionUnitMgrImpl$CUInitializer.run(CompositionUnitMgrImpl.java:994)
    at com.ibm.wsspi.runtime.component.WsComponentImpl$_AsynchInitializer.run(WsComponentImpl.java:502)
    at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1862)

I tried calling the .pl files explicitly like the application was doing.

root@vmgr admin-cfg-scripts]# /usr/bin/sudo vi /opt/IBM/WebSphere/MediaServerPNMGR/proximo/current/bin/admin-cfg-scripts/getNetworkInfo.pl
root@vmgr admin-cfg-scripts]# /usr/bin/sudo /opt/IBM/WebSphere/MediaServerPNVMG/proximo/current/bin/admin-cfg-scripts/getNetworkInfo.pl
udo: unable to execute /opt/IBM/WebSphere/MediaServerPNVMGR/proximo/current/binadmin-cfg-scripts/getNetworkInfo.pl: No such file or directory
root@vmgr admin-cfg-scripts]# /opt/IBM/WebSphere/MediaServerPNVMGR/proximo/currnt/bin/admin-cfg-scripts/getNetworkInfo.pl
bash: /opt/IBM/WebSphere/MediaServerPNVMGR/proximo/current/bin/admin-cfg-script/getNetworkInfo.pl: /usr/bin/perl: bad interpreter: No such file or directory

The errors show that the .pl (Perl files) could not be called. Once I installed both versions of Perl I could start the server and call the various .pl files.

root@vmgr admin-cfg-scripts]# yum install perl
[root@vmgr admin-cfg-scripts]# yum install perl*.i686
I can now run /opt/IBM/WebSphere/MediaServerPNVMGR/proximo/current/bin/admin-cfg-script/getNetworkInfo.pl

I have been working with a customer introducing Connections 4.0, Sametime Proxy and moving their current two Community servers away from native Domino to AD LDAP.

We are now at the point where as we are looking at migrating the users from their current Community server to their new one. Normally DNS could be used to do this but since the authentication method is changing too then some further steps are required. To do this two approaches are required 1) the Sametime client needs to always pull the buddy list from the server and 2) the client needs to be redirected to the new server.

This could be done with desktop policies in the address book but these are flaky and do not work as they should often enough. Personally I like the way that an xml file can be used and a Sametime policy created to reference it for a group or list of people. It keeps the actions in Sametime and separates it from the customers desktop policies which all to often don’t work.

The first step is well documented and is performed using managed-settings.xml. There are dozens of blogs from people detailing how to do this. Here is the contents of the customer’s managed-settings.xml:

<ManagedSettings>
<settingGroup name=”com.ibm.collaboration.realtime.imhub” lastModDate=”20130821T115100Z”>
<setting name=”buddyListConflictPref” value=”replaceLocal” isLocked=”true”/>
<setting name=”showBuddyListConflictDialog” value=”false” isLocked=”true”/>
<setting name=”showExternalModificationDialog” value=”false” isLocked=”false”/>
</settingGroup>
</ManagedSettings>

This changes the following setting in the client. This is important so that their local buddy list is always replaced with the server version which will have users listed in a different format.

2013-08-30_114418

The customer at present is not converting the user’s buddy list. My experience of using the name conversion tool is bad and is inconsistent although there have been a number of new fixes in the recent past so may be the conversion is better? They could also use a 3rd party such as Instant Technologies to convert the buddy list for them though there is a cost associated but there is a guarantee to the conversion accuracy.

The redirection of the client is where the documentation is confusing.

Below is the output that worked for me. I had to raise a PMR because my various attempts would redirect my client but would not blank out the user name. This would confuse users as they would attempt to log in using their Domino credentials rather than their AD ones.

The first managed-community-configs.xml below is what I created based on the documentation available and the end result was that the client would redirect but the user name was still populated which should not happen when using “createNewConfig.”

In my case there are two addresses that could be used by users to log in “oldserveralias1.domain.com” and “oldserveralias2.domain.com.” Listing both of them ensures that whatever DNS alias is used will be redirected.

<?xml version=”1.0″ encoding=”UTF-8″?>
<managed-communities>
<managed-community id=”oldserveralias1.domain.com” host=”oldserveralias1.domain.com” newHost=”newserver.domain.com”/>
<managed-community id=”oldserveralias2.domain.com” host=”oldserveralias2.domain.com” newHost=”newserver.domain.com”/>
<managed-community-action type=”update” createNewConfig=”true” managed-community-id=”oldserveralias1.domain.com”/>
<managed-community-action type=”update” createNewConfig=”true” managed-community-id=”oldserveralias2.domain.com”/>
</managed-communities>

With a little help from Cormac O’Leary and L3 the proper syntax was provided which is below.

<?xml version=”1.0″ encoding=”UTF-8″?>
<managed-communities>
<managed-community id=”oldserveralias1.domain.com” host=”newserver.domain.com”/>
<managed-community id=”oldserveralias2.domain.com” host=”newserver.domain.com”/>
<managed-community-action type=”reset” createNewConfig=”true” managed-community-id=”oldserveralias1.domain.com”/>
<managed-community-action type=”reset” createNewConfig=”true” managed-community-id=”oldserveralias2.domain.com”/>
</managed-communities>

Follow

Get every new post delivered to your Inbox.

Join 55 other followers