A Technical Blog for Technology Minds: January 2014

Tuesday 21 January 2014

Configure SSO between IBM Sametime Community Server 8.5 and IBM Websphere Portal 8

Note: You need to configure SSO between IBM Websphere Portal and all the IBM Lotus Sametime Community Server only. The Proxy Server is never configured for SSO and is always called from Websphere Portal AJAX proxy or by ST Proxy 8.5.2 API.

Table of Contents:

1. Configure Security and Export LTPAToken from IBM Websphere Portal 8.
2. Configure Web SSO Document and Import LTPAToken in IBM Lotus Domino 8.5.
3. Creating the Resource Environment Providers in IBM Websphere Portal 8.
4. Updating the full profile to include the Sametime Proxy module.
5. Configure the AJAX Proxy in IBM WebSphere Portal 8.

1. Configure Security and Export LTPAToken from IBM Websphere Portal 8.

Source: http://www-01.ibm.com/support/docview.wss?uid=swg21575383

If you will use IBM Sametime with IBM WebSphere Portal, you can enable single sign-on by importing the WebSphere Portal LTPA token into the IBM Domino server used by Sametime, and then configuring WebSphere-based servers from both deployments to use the same realm.

a. On the WebSphere Application Server, start the administrative console and log in.

b. Select Security > Global security.

c. Select Web and SIP Security in Authentication Cache Settings

d. Click Single Sign-On, Make sure it is enable and have prod.rcds.lan in Domain name.

e. Select interoperability mode (for both LtpaToken and LtpaToken2).

f. Leave the cookie name field blank for both Ltpa1 and Ltpa2.

g. Select both Web inbound security attribute propagation and Set security cookies to HTTPOnly to help prevent cross-site scripting attacks.

h. Click Apply then OK and then save the settings to master configuration.

i. Again in Global Security, Under Authentication, click LTPA under Authentication mechanisms.

j. Type a password in the Password field and enter a name, path and file name in the Key File Name field and make a note of the password; you will need it during your next SSO task when you import the LTPA key into the Domino server.

k. Click the Export Keys button.

l. If you made changes, click Save to apply the changes to the master configuration, then Save again on the next screen.

m. Log out from the administrative console.

n. Copy the key file that was created during the export process to a location that is accessible to the Domino server.

2. Configure Web SSO Document and Import LTPAToken in IBM Lotus Domino 8.5

Note: Perform this step on all the IBM Lotus Domino Servers in the Cluster i.e. STChat1, STChat2, STChat3.

a. Open the names.nsf file on the Domino server for the Sametime Community Server.

b. Click Configuration > Web Web Configurations view.

c. Open the Web SSO Configuration for LtpaToken document.

d. Click Edit SSO Configuration.

e. Click Keys > Import WebSphere LTPA keys.

f. Type in the exact file location of the key file you created when you exported the LTPA token from WebSphere Portal in step 1.

g. Enter password you created when you exported the LTPA token from WebSphere Portal in step 1.

h. Click OK.

The message "Successfully imported WebSphere LTPA keys" appears after the key has been imported.

Important: MAKE SURE THE REALM NAME MATCHES HERE - remember that if it is a Portal realm, it often has the value ldaphost:389 as display, which means it needs to be modified to

ldaphost/:389 in the UI before saving.

3. Creating the Resource Environment Providers in IBM Websphere Portal 8

- Log in to the IBM WebSphere Application Server Integrated Solutions Console.

- Click Resources > Resource Environment Providers.

- Open the WP CommonComponentConfigService provider.

- Create the following custom properties if they are not already created:

cc.sametime.proxy.enabled

Set the value to true.

cc.sametime.proxy.scheme

Set the value to http or https. It must match the way your Sametime Proxy Server is accessed.

cc.sametime.proxy.host

Set the value to the name of your server. For example, hostname.domainname.com.

cc.sametime.proxy.port

Set the value to the port of your server.

cc.sametime.connect.client

Set the value to false. If you set the value to true Sametime Proxy uses the Sametime connect client which is installed on Sametime Proxy server machine.

cc.sametime.proxy.version

Set the value to 8.5.2.

Save to Master Configuration.

4. Updating the full profile to include the Sametime Proxy module.

Connect to the WebSphere Portal Express server using a WebDAV client. See the related links for information.

Navigate to the profiles folder /fs-type1/themes/Portal8.0/profiles.

Copy the profile_full.json file to your WebDAV client.

Edit the json file and add the wp_sametime_proxy to the moduleIDs section of the profile.

Copy the profile back to WebSphere Portal Express.

Restart WebSphere Portal Express to activate the profile.

Restart your WebSphere Portal Express server.

Log in as a user in the LDAP and open the page with the Sametime Web 2.0 Contact List portlet. Click Applications > Collaboration > IBM Sametime. The portlet shows that the user is online and you can use other Sametime Web 2.0 Contact List functions to see other online users

5. Configuring the AJAX Proxy on IBM Websphere Portal 8 Server.

Source: http://pic.dhe.ibm.com/infocenter/wpdoc/v6r1/index.jsp?topic=%2Fcom.ibm.wp.ent.doc_v6101%2Fdev%2Fajax_proxy_cfg_xmpl.html

To enable communication between WebSphere Portal and Lotus Sametime Proxy Server, do the following:

1. Navigate to the following directory: wp_profile_root\\installedApps\\node_name\\AJAX Proxy Configuration.ear\\wp.proxy.config.war\\WEB-INF

2. Locate and open proxy-config.xml with any text editor.

3. Locate the following element: .

4. Copy and paste the following XML beneath that element:

GET

HEAD

POST

PUT

DELETE

LTPAToken

LTPAToken2

JSESSIONID

AllAuthenticatedUsers

5. Edit the XML you pasted into the file to specify the server name and port number for Lotus Sametime Proxy Server.

6. Save and close proxy-config.xml.

7. Use the following command below to check the proxy-config.xml file in Websphere portal.

8. Now run the following command below:

ConfigEngine.bat checkin-wp-proxy-config -DProxyConfigFileName=dir_path/proxy-config.xml

Where dir_path/your_updated_proxy_file.name is the complete path of your modified proxy-config.xml file.

Monday 6 January 2014

Editing the Sametime System Console STSC database directly

Note: Do Not perform this on Production Environments. This is only for educational and reference purposes and should be performed in Test Environments only.

So i was working with the STSC database during my project and i found an interesting thing that i would like to share.

So during the deployments if you get stuck on a point where you want to
- remove/change your ST Proxy or ST Meeting Servers etc, deployment status due to failed installation.
- or you just want to change the status of a product from Uninstalled to install / registered or vice verse in the ST System Console under Sametime Guided Activities.

You can do that by changing the value in the DepStatus column of Deployment Table in STSC database as follow.

1. Open the DB2 Control Panel and Open STSC Database.
2. Open the Deployment Table.

Check the DepStatus Column you will see Someting link this.

In ST System Console:               In DepStatus Column of STSC Database:
Installed/Registered/Clustered            = 1798 (for ST Proxy).
Installed/Registered/Clustered            = 774 (for ST Community Server).
Uninstalled                                          = 15 (for ST Proxy).

So if you change the status code to 15 and Commit the changes in Deployment Table for ST Proxy you will notice that the product status changes to Uninstalled in the ST System Console - Sametime Guided Activities and the server entry will be removed from Sametime Servers - Sametime Proxy Servers.

Note: This will not remove any WAS node / server if they are added, federated or clusterd in the ST System Console DMGR. This only works similar to register or unregister the Sametime Servers using registerWASserver.bat or unregisterWASserver.bat scripts found under Sametime Servers (Console) folder.
You can note down the status codes during your installation phase, and can easily unregister/revert back to that state if you want by changing the status codes.

Friday 3 January 2014

Deploy and Configure IBM Sametime Standard 8.5.2 with IFR1 (Instant Messaging, Presense and Chat Logging Features)

Note: In this post i tried to list down as much information as possible. Please follow this IBM Redbook for more details: IBM Sametime 8.5 Enterprise Scale Deployment

http://www-10.lotus.com/ldd/stwiki.nsf/xpViewCategories.xsp?lookupName=IBM

%20Redbooks%3A%20Sametime%208.5%20Enterprise%20Scale%20Deployment

- All Sametime servers can be clustered except for the Sametime System Console and the Packet Switcher component of the Media Manager.
http://pic.dhe.ibm.com/infocenter/sametime/v8r5/index.jsp?topic=%2Fcom.ibm.help.sametime.v85.doc%2Fplan%2Fplan_clusters.html

Note: If you are deploying any Sametime Servers that use WAS in DMZ and Sametime Console in Internal Environment then remember the following points.
1. All Node to DMGR and DMGR to Node ports has to be open (SOAP, WCS_Admin, DCS_Unicast, etc)..
2. Ping / ICMP has to be open during Installation time.
3. Ldap port from Sametime Servers on WAS to LDAP Server.

TABLE OF CONTENTS:

1.    ENVIRONMENT DIAGRAM
2.    SAMETIME SERVER’S DETAILS WITH APPLICATION SOFTWARES
3.    SAMETIME SERVER’S INSTALLATION AND CONFIGURATION DETAILS
4.    CLUSTERING DOMINO SERVERS
5.    CLUSTERING SAMETIME COMMUNITY SERVERS
6.    CLUSTERING SAMETIME PROXY SERVERS
7.    ENABLE CHAT LOGGING

1. ENVIRONMENT DIAGRAM

2. SAMETIME SERVER’S DETAILS WITH APPLICATION SOFTWARES

Server 1    192.168.10.11     255.255.255.0    192.168.10.1         Sametime MUX 01              Mux01.rcds.net
Server 2    192.168.10.12     255.255.255.0    192.168.10.1         Sametime MUX 02              Mux02.rcds.net
Server 3    192.168.10.13     255.255.255.0    192.168.10.1         Sametime Proxy 01          Proxy01.rcds.net
Server 3    192.168.10.14    255.255.255.0    192.168.10.1         Sametime Proxy 02       Proxy02.rcds.net
Server 5    192.168.10.15    255.255.255.0    192.168.10.1         Sametime Proxy 03       Proxy03.rcds.net
Server 6    192.168.10.16    255.255.255.0    192.168.10.1         Sametime Community 01        Chat01.rcds.net
Server 7    192.168.10.17    255.255.255.0    192.168.10.1         Sametime Community 02        Chat02.rcds.net
Server 8    192.168.10.18    255.255.255.0    192.168.10.1         Sametime Community 03        Chat03.rcds.net
Server 9    192.168.10.19    255.255.255.0    192.168.10.1         Sametime Console 01        Console01.rcds.net
Server 10 192.168.10.20    255.255.255.0    192.168.10.1         Sametime Console 02        Console02.rcds.net

PART NUMBERS:

1. Using Mux Application from IBM Sametime Standard Community Server V8.5.2 Windows Multilingual (CZYD7ML).

2. Using IBM Sametime Standard Proxy Server V8.5.2 Windows Multilingual (CZYE6ML) with
Hot fix: ST-Proxy-IF-AGRE-94AF9F (http://www-01.ibm.com/support/docview.wss?uid=swg21623979).
Cumulative hotfix for Sametime Proxy 8.5.2 IFR 1. This fix must be installed on top of a Sametime Proxy Server 8.5.2 Interim Feature Release 1 (IFR 1). If the proxy server is running 8.5.2 (without the IFR 1 fix), then the IFR 1 fix will be automatically installed.

3. Using IBM Lotus Domino 8.5.2 32 bit for Windows English (CZIP9EN),
IBM Sametime Standard Community Server V8.5.2 Windows Multilingual (CZYD7ML).
IBM Sametime Community Server V8.5.2 IFR 1 Windows Multilingual (CI3Y9ML) with
Sametime 8.5.2 Cumulative Fix 2 for IBM Sametime Community Server 8.5.2 Based Versions 852IFR_NNUM-9A5DHD_20130406_win

4. Using IBM Sametime Standard System Console Server V8.5.2 Windows Multilingual (CZYF2ML) with IBM Sametime System Console V8.5.2 IFR 1 Windows, AIX, x86 Linux, Solaris, IBM i Multilingual (CI3Y8ML).

3. SAMETIME SERVER’S INSTALLATION AND CONFIGURATION DETAILS

A.    Steps to Perform for: [Console and Community Server Deployment]

I.    Copy all the required software’s on Sametime Console and Community Servers.
II.    Install the DB2 Database Server on ST Console Server 1.
III.    Create the STSC Database.
IV.    Install the Sametime System Console.
V.    Apply IBM Sametime System Console 8.5.2 IFR 1 Fix.
VI.    Perform Guided Activity: Connect to the LDAP Server.
VII.    Goto Community Server 1 and Install Lotus Domino.
VIII.    Goto ST Console Server and Create Deployment Plan for Sametime Community Server - Chat1.
IX.    Install Sametime Community Server on Community Server 1 using SSC - Chat1 Configuration.
X.    Install Domino Admin Client.
XI.    Register Chat2 Lotus Domino Server In Primary Chat1 Domino Server. - Server2 ID Created.
XII.    Register Chat3 Lotus Domino Server In Primary Chat1 Domino Server. - Server3 ID Created.
XIII.    Goto Community Server 2 and Install Lotus Domino Server using Server2 ID file.
XIV.    Goto ST Console Server and Create Deployment Plan for Sametime Community Server - Chat2.
XV.    Install Sametime Community Server on Community Server 2 using SSC - Chat2 Configuration.
XVI.    Goto Community Server 3 and Install Lotus Domino Server using Server3 ID file.
XVII.    Goto ST Console Server and Create Deployment Plan for Sametime Community Server- Chat3.
XVIII.    Install Sametime Community Server on Community Server 3 using SSC - Chat3 Configuration.
XIX.    Install IBM Sametime Community Server V8.5.2 IFR 1 Windows Multilingual (CI3Y9ML) with Sametime 8.5.2 Cumulative Fix 2 for IBM Sametime Community Server 8.5.2 Based Versions 852IFR_NNUM-9A5DHD_20130406_win on all ST Community Servers Chat1, Chat2, Chat3.

B.    Steps to Perform for: [Proxy Servers Deployment]

I.    Copy Required Softwares to All Proxy Servers.
II.    Install Proxy 1.
III.    Goto ST Console Server and Create Deployment Plan for Sametime Proxy Server. - Proxy1.
IV.    Install the First Sametime Proxy Server using Proxy1 Deployment Plan.
V.    Install Proxy 2.
VI.    Goto ST Console Server and Create Deployment Plan for Sametime Proxy Server. - Proxy2.
VII.    Install the Second Sametime Proxy Server using Proxy2 Deployment Plan.
VIII.    Install Proxy 3.
IX.    Goto ST Console Server and Create Deployment Plan for Sametime Proxy Server. - Proxy3.
X.    Install the Third Sametime Proxy Server using Proxy3 Deployment Plan.
XI.    Install Hot fix: ST-Proxy-IF-AGRE-94AF9F on all the Proxy Servers i.e. Proxy1, Proxy2, Proxy3.

(http://www-01.ibm.com/support/docview.wss?uid=swg21623979).

Cumulative hotfix for Sametime Proxy 8.5.2 IFR 1. This fix must be installed on top of a Sametime Proxy Server 8.5.2 Interim Feature Release 1 (IFR 1). If the proxy server is running 8.5.2 (without the IFR 1 fix), then the IFR 1 fix will be automatically installed.

C.    Steps to Perform for: [Multiplexer Servers Deployment]

I.    Copy Required Software’s to all multiplexer servers.
II.    Install Mux1.
III.    Configure sametime.ini for max users and st community server ip's.
IV.    Install Mux2.
V.    Configure sametime.ini for max users and st community server ip's.

----------------------------------------------------------------------------------------------------------------------------------------------

A.    Steps to Perform for: [Console and Community Server Deployment]

I. Copy all the required software’s on Sametime System Console and Community Servers.
        a)    Check the part numbers from the server details list and copy SW’s via ftp or rdp.

II. Install the DB2 Database Server on ST Console Server 1.
- Using software IBM DB2 9.7 - Limited Use for Windows on AMD64 and Intel EM64T systems (x64) (CZ1HLML).
-    Using DomAdmin user which is member of admin group on Console01 machine.
b)    DB2 Workgroup Server Edition Version 9.7 5765-F41
c)    run setup from D:\Sametime\DB2_97_x86_64bit\WSER\image\setup.exe
d)    Accept EULA.
e)    Install type Typical.
f)    Created response file C:\Users\DomAdmin\Documents\PROD_WSE.rsp.
g)    Installation Directory: D:\IBM\SQLLIB\
h)    Local User Account db2admin / P@ssw0rd for DAS as well as remaining db2 services.
j)    Instance name = DB2.
k)    Did not created tooldb and systools databases. (used for task center and scheduler). Can be created afterwards is required.
l)    Did not set notifications. (no smtp server configured).
m)    Enabled OS Security by creating DBADMNS and DB2USERS local groups.
o)    Setup Finished Sucessfully.

III. Create the STSC Database.
p)    Logged in as db2admin user.
q)    Create stsc database using [creteSCDb STSC db2admin] script from ssc install media.
r)    Check the stsc database using db control pannel.
s)    Added DomAdmin user dbadmns group rights.
t)    Logged off and logged in again with DomAdmin.

IV. Install the Sametime System Console.
a)    Using software IBM Sametime Standard System Console Server V8.5.2 Windows Multilingual (CZYF2ML).
b)    Run launchpad from D:\Sametime\SametimeSystemConsole.
b)    Click on install SCC.
c)    Selected IBM IM.
d)    Accepted EULA.
e)    Installation path = D:\IBM\Installation Manager\eclipse
f)    IM installed and restarted.
g)    Selected SSC v8.5.2 package from IM.
h)    Accept EULA.
i)    Shared resource directory D:\IBM\SSPShared.
j)    Sametime Server WAS install path D:\IBM\WebSphere.
k)    Using sametime installed WAS.
l)    Cell = SSCCell, Node = SSCNode,
m)    Server = Console01.rcds.net
n)    Wasadmin = wasadmin / P@ssw0rd
o)    Db2 database properties specified during installation.
p)    Server = Console01.rcds.net
q)    Port = 50000
r)    Database name = STSC
s)    App user ID = db2admin
t)    App Pass = P@ssw0rd
u)    Repository to be used d:\Softwares\sametimesystemconsle\SSC\
v)    size = 8.17 GB
w)    IBM Louts Sametime System Console Installed. 8.5.2.
x)    The WAS Services are set to manual.
y)    Type Services.msc in Run and set DMGR, NA and Application Server Services to automatically start.

V. Apply IBM Sametime System Console 8.5.2 IFR 1 Fix.
- Backup the DMGR Configuration.
- Backup DB2 Database.
- Close the App Server / Node and DMGR before starting the Installation.
- Follow this article first before apply 8.5.2 IFR 1.
http://www-01.ibm.com/support/docview.wss?uid=swg21574839
- Close the App Server / Node and DMGR before starting the Installation.
- Open Command Prompt with Admin Access.
- run update.exe from the software package.
- click update all and hit next.
- Select Package IBM SSC Server Fix 8.5.2.1 IFR1 and click next.
- Review the summary Information and click next.
- Click Update / finish to Install.

VI. Perform Guided Activity: Connect to the LDAP Server.

LDAP Configuration Settings:
------------------------------------------------------
Host name: ldap01.rcds.net
Port: 389
Is anonymous? No
Bind name: uid=wpsadmin,cn=users,o=rcds,c=us
Password: passw0rd
Is secure LDAP connection? No
LDAP base entry: o=rcds,c=us
LDAP Type: Tivoli Directory
User object class: inetOrgPerson
LDAP user search base: cn=users,o=rcds,c=us
Policy ID for users and groups: ibm-entryuuid
Display name: cn
Email address: email
Similar name distinguisher: uid
Membership attribute:
Home Sametime server:
Authentication attributes: mail;uid
Search attributes: mail;cn;uid
Group object class: groupOfNames
LDAP group search base: o=rcds,c=us
Display name: cn
Similar name distinguisher: cn
Member attribute: uniquemember

VII. Goto Community Chat Server 1 and Install Lotus Domino.
Goto Chat01 and run lotus_domino852.exe from d:\softwares
Using rcds\DomAdmin user.
1. Accept the EULA.
2. LD Program Files Directory = D:\IBM\Lotus\Domino
3. Data files Directory = D:\IBM\Lotus\Domino\data
4. Select Domino Enterprise Server.
5. Click next and finish.

Configuration
1. First Dom Server.
2. Server Name = Chat01
3. Server Title = Sametime Chat Server 1
4. Domino domain name = rcds
5. Lotus Domino Administrator name = Sametime Admin
6. LD Admin Password = P@ssw0rd
7. Saved a local copy of admin id = d:\ibm\lotus\domino\admin.id.
8. Select Web Browsers http services only.
9. Uncheck Directory services. (ldap services).
10. Click customize and select the following below, uncheck all other.
    - Database Replicator
    - Agent Manager
    - Administration Process
    - HTTP Server
11. Enabled port drivers = TCP/IP
12. HOST name = Chat01.rcds.net
13. Advance Settings = Encrypt and Compress not checked.
14. Port driver will be enabled checked.
15. Unchecked prohibit Anonymous access to all databases and templates.
16. Check Add LocalDomainAdmins Group to all databases and templates.
17. Click next and click setup. And it would come to finish screen.
18. Goto servics.msc and start domino service once for 10 or more minutes.
This is a mandatory step that is required prior installing IBM Lotus sametime system console.

VIII. Goto ST Console Server and Create Deployment Plan for Sametime Community Server - Chat1.
Deployment Summary
Product Settings:
    Deployment Name:     Chat1
    Product:     Sametime Community Server
    Version:     8.5.2.0
    Host Name:     Chat01.rcds.net
    HTTP Tunneling:     No
    Slide Conversion:     STServer
User Directory Settings:
    Host Name:     ldap01.rcds.net
    Search Base:     o=rcds,c=us

IX. Install Sametime Community Server on Community Server 1 using SSC - Chat1 Configuration.
1. Extract the part number.
2. Goto sametimestandardserver\server\ and run setupwin32.exe as admin.
3. Select language.
4. Click next, select EULA click next.
5. Use sametime system console click yes and next.
6. ST Consle hostname = Console01.rcds.net
7. Check use ssl.
8. Port = 9443.
9. Console admin = wasadmin
10. Password = P@ssw0rd
11. Fully qualified hostname for sametime server Chat01.rcds.net
12. Select Chat1 deployment plan and click next.

X. Install Domino Admin Client.
1. Goto Console02.rcds.net.
2. run notes_designer_admin852_w32en.exe from d:\softwares.
3. Accept Eula, Select All Default and Click Next.
4. Click Finish when Install.
5. Run Domino Admin from Desktop.
6. Give Full admin Name i.e Sametime Admin
7. Give fqdn of domino server to connect, i.e. Chat01.rcds.net in our case.
8. Select Next and give password.
9. No need to configure ldap or samtime chat configuration. Click Finish.

XI. Register Chat2 Lotus Domino Server In Primary Chat1 Domino Server. - Server2 ID Created.
Note: The password of current Chat3.id file was P@ssw0rd but was changed to blank after installing and configuring the server at server side.
To register the second chat server:
1. Launch the Domino Administrator client.
2. From the menu bar, select File → Open Server, enter in the host name of the first server that was set up (in our case, it was Chat1/RCDS), and click OK.
3. Click the Configuration tab.
4. On the right-hand side, select Tools → Registration → Server.
5. In the Choose a Certifier dialog window, click the Server button and enter the Domino name of the first server in your Domino domain (that is, chat1/RCDS).
6. Choose the Supply certifier ID and password option, click the Certifier ID button, and browse to the certifier ID file (cert.id).
[Cert.id can be copied from \\Chat01\d$\ibm\lotus\domino\data]
7. Click OK to continue.
8. Enter the password for the certifier ID file that is P@ssw0rd and click OK.
9. You may be prompted with a Certifier Recovery Information Warning dialog window. If you are, click OK to continue.
10. On the Register Servers dialog window, confirm that the registration server (chat1/RCDS) and certifier (/RCDS) are correct. Click Continue to proceed.
11. On the Register New Server(s) dialog window, enter the fields as shown in the table below. Register new servers
Field                Value
Server name            chat2
Server title (optional)        Sametime Chat Server 2
Domino domain name        rcds
Server administrator name    Sametime Admin/RCDS
Location for storing         Uncheck In Domino Directory. Check In file.
server ID If you store the ID
in the Domino directory, you
are forced to provide a
password for the server ID.
we do not recommend having
a password on the server ID.
12. Click Set ID File and browse to the location of where the ID file should be stored.
e.g D:\Ibm\Lotus\Notes\ids\servers\
13. Click the green check mark button to add the server to the registration queue.
14. Highlight the new server and click the Register button to complete the server registration.
15. Click done to close the Register New Server(s) dialog window.
XII. Register Chat3 Lotus Domino Server In Primary Chat1 Domino Server. - Server3 ID Created.
Note: The password of current Chat3.id file was P@ssw0rd but was changed to blank after installing and configuring the server at server side.

1. Follow step 1 to 10 above.
2. On the Register New Server(s) dialog window, enter the fields as shown in the table below. Register new servers
Field                Value
Server name            chat3
Server title (optional)        Sametime Chat Server 3
Domino domain name        rcds
Server administrator name    Sametime Admin/RCDS
Location for storing         Uncheck In Domino Directory. Check In file.
server ID If you store the ID
in the Domino directory, you
are forced to provide a
password for the server ID.
we do not recommend having
a password on the server ID.
XIII. Goto Community Server 2 and Install Lotus Domino Server using Server2 ID file Chat2.id.
Goto Chat02 and run lotus_domino852.exe from d:\softwares

Install Domino Server:
Using rcds\DomAdmin user.
1. Accept the EULA.
2. LD Program Files Directory = D:\IBM\Lotus\Domino
3. Data files Directory = D:\IBM\Lotus\Domino\data
4. Select Domino Enterprise Server.
5. Click next and finish.

    Configure Domino Server:
1.
2.    Additional Server.
3.    Browse and select chat2.id file. You can copy it from domino admin client machine.
4.    Verify server name Chat02/RCDS.
5.    Select only web browsers and customize it.
DB replicator.
Agent manager.
Administration process.
Http server.
6.    Click next on network settings. Ensure tcp/ip is in use with fqdn.
7.    Provide main domino server name and fqdn i.e Chat01/RCDS and Chat01.rcds.net click next.
8.    Select primary domino directory and uncheck create a replica of DA. (DA will be created automatically when you install IBM Sametime Community Server.
9.    Uncheck prohibit anonymous access.
10.    Click next and install.
11.    Double click on Domino Server icon on desktop and let it run for 10 mins before installing ST Community Server.

XIV. Goto ST Console Server and Create Deployment Plan for Sametime Community Server - Chat2.
1.    Deployment Summary
2.    Product Settings:
a.    Deployment Name:     Chat2
b.    Product:     Sametime Community Server
c.    Version:     8.5.2.0
d.    Host Name:     Chat02.rcds.net
e.    HTTP Tunneling:     No
f.    Slide Conversion:     STServer
3.    User Directory Settings:
a.    Host Name:     ldap01.rcds.net
b.    Search Base:     o=rcds,c=us

XV. Install Sametime Community Server on ST Community Server 2 using SSC - Chat2 Configuration.
1. Extract the part number.
2. Goto sametimestandardserver\server\ and run setupwin32.exe as admin.
3. Select language.
4. Click next, select EULA click next.
5. Use sametime system console click yes and next.
6. ST Consle hostname = Console01.rcds.net
7. Check use ssl.
8. Port = 9443.
9. Console admin = wasadmin
10. Password = P@ssw0rd
11. Fully qualified hostname for sametime server Chat02.rcds.net
12. Select Chat2 deployment plan and click next.

XVI. Goto Community Server 3 and Install Lotus Domino Server using Server3 ID file Chat3.id.

Goto Chat03 and run lotus_domino852.exe from d:\softwares

Install Domino Server:
Using rcds\DomAdmin user.
1. Accept the EULA.
2. LD Program Files Directory = D:\IBM\Lotus\Domino
3. Data files Directory = D:\IBM\Lotus\Domino\data
4. Select Domino Enterprise Server.
5. Click next and finish.

    Configure Domino Server:
1.    Additional Server.
2.    Browse and select chat3.id file. You can copy it from domino admin client machine.
3.    Verify server name Chat03/RCDS.
4.    Select only web browsers and customize it.
DB replicator.
Agent manager.
Administration process.
Http server.
5.    Click next on network settings. Ensure tcp/ip is in use with fqdn.
6.    Provide main domino server name and fqdn i.e Chat01/RCDS and Chat01.rcds.net click next.
7.    Select primary domino directory and uncheck create a replica of DA. (DA will be created automatically when you install IBM Sametime Community Server.
8.    Uncheck prohibit anonymous access.
9.    Click next and install.
10.    Double click on Domino Server icon on desktop and let it run for 10 mins before installing ST Community Server.
XVII. Goto ST Console Server and Create Deployment Plan for Sametime Community Server- Chat3.
1.    Deployment Summary
2.    Product Settings:
a.    Deployment Name:     Chat3
b.    Product:     Sametime Community Server
c.    Version:     8.5.2.0
d.    Host Name:     Chat03.rcds.net
e.    HTTP Tunneling:     No
f.    Slide Conversion:     STServer
3.    User Directory Settings:
a.    Host Name:     ldap01.rcds.net
b.    Search Base:     o=rcds,c=us

XVIII. Install Sametime Community Server on Community Server 3 using SSC - Chat3 Configuration.
1. Extract the part number.
2. Goto sametimestandardserver\server\ and run setupwin32.exe as admin.
3. Select language.
4. Click next, select EULA click next.
5. Use sametime system console click yes and next.
6. ST Consle hostname = Console01.rcds.net
7. Check use ssl.
8. Port = 9443.
9. Console admin = wasadmin
10. Password = P@ssw0rd
11. Fully qualified hostname for sametime server Chat03.rcds.net
12. Select Chat3 deployment plan and click next.

XIX. Install IBM Sametime Community Server V8.5.2 IFR 1 Windows Multilingual (CI3Y9ML) with Sametime 8.5.2 Cumulative Fix 2 for IBM Sametime Community Server 8.5.2 Based Versions

852IFR_NNUM-9A5DHD_20130406_win on all ST Community Servers Chat1, Chat2, Chat3.

Goto Chat1, Chat2 and Chat3 Sametime Community Servers one by one and perform the following steps below.
1.    Stop the domino server by giving quit command
2.    Goto d:\software\st_comm_svr_v8.5.2_ifr_1_win_ml\sametimeserver and run setupwin32.exe.
3.    Click Next, Accept EULA, Click Next and Finish when applied.
4.    Goto d:\software\852IFR_NNUM-9A5DHD_20130406_win and run setupwin32.exe
5.    Click Next, Accept EULA, Click Next and Finish when applied.

Steps to Perform for: [Proxy Servers Deployment]

I.    Copy Required Softwares to All Proxy Servers.
II.    Install Proxy 1.
III.    Goto ST Console Server and Create Deployment Plan for Sametime Proxy Server. - Proxy1.
IV.    Install the First Sametime Proxy Server using Proxy1 Deployment Plan.
V.    Install Proxy 2.
VI.    Goto ST Console Server and Create Deployment Plan for Sametime Proxy Server. - Proxy2.
VII.    Install the Second Sametime Proxy Server using Proxy2 Deployment Plan.
VIII.    Install Proxy 3.
IX.    Goto ST Console Server and Create Deployment Plan for Sametime Proxy Server. - Proxy3.
X.    Install the Third Sametime Proxy Server using Proxy3 Deployment Plan.
XI.    Install Hot fix: ST-Proxy-IF-AGRE-94AF9F on all the Proxy Servers i.e. Proxy1, Proxy2, Proxy3. (http://www-01.ibm.com/support/docview.wss?uid=swg21623979).
Cumulative hotfix for Sametime Proxy 8.5.2 IFR 1. This fix must be installed on top of a Sametime Proxy Server 8.5.2 Interim Feature Release 1 (IFR 1). If the proxy server is running 8.5.2

(without the IFR 1 fix), then the IFR 1 fix will be automatically installed.

Creating Deployment Plans:
Log on to Sametime system console. And select guided activity on left bottom and perform the following guided activity for all Proxy servers, i.e. Proxy1, Proxy2 and Proxy3.
For proxy2 and Proxy3, Select Secondary node during profile type, Node name will be changed automatically.
Install Sametime Proxy Server (Guided Activity).
-----------------------------------------------------
Deployment Summary
Product Settings:
    Deployment Name:     Proxy1
    Product:     Sametime Proxy Server
    Version:     8.5.2.0
WebSphere Application Server Settings:
Profile Type:     Network Deployment - Primary Node
Host Name:     Name not confirmed yet as dmz is not available.
Node Name:     Proxy01STPNode1
User ID:         wasadmin
Password:    P@ssw0rd
WAS Application Profile name: Proxy01STPPNProfile1
Node Federation at Install Time
    Deployment Manager:     System Console

Community Settings:
    Host Name:     Name not confirmed yet as dmz is not available.

Installing Sametime Proxy Server:
Follow the settings below for all sametime server, i.e. proxy1, proxy2 and proxy3.
Run the Installation from the d:\software or where copied.

- Start the installation from launchpad.
- Install Installation Manager.
- Restart IM.
- Select EULA.
- Select repository. d:\ibm
- Select Install from Sametime System Console and give SSC details. E.g (wasadmin/ P@ssw0rd / SSC Host Name / Port / Proxy Server Host name).
- Select proxy server deployment e.g Proxy1.
- Specify share resources directory:d:\ibm
- Select install directory. d:\ibm
- Select next and wait up till the install is over it will take approx. 2 hrs to complete.
- wasservice.exe -add "ProxyServerNodeAgent" -serverName nodeagent -profilePath "%PROFILE_PATH%\STPAppProfile" -logRoot "%PROFILE_PATH%\STPAppProfile\logs\nodeagent" -stopArgs "-username

wasadmin -password sametime" -encodeParams
- Change WC_defaulthost port 9080 to port 80 if required from ISC of SSC.
- Change WC_defaulthost_secure port 9443 to 443 if required from ISC of SSC.

Installing Sametime Proxy Server Hotfix:
Run the Installation from the d:\software or where copied.

1.    Run the installation.
2.    IIM is Already Installed so it will start automatically.
3.    Click the update icon.
4.    Select the IFR1 update.
5.    Click next and choose the WAS installed.
6.    Select next and wait for the installation to complete, it will take approx. 2 hrs.

B.    Steps to Perform for: [Multiplexer Servers Deployment]
- Copy Required Software’s to all multiplexer servers.
- Install Mux1.
- Configure sametime.ini for max users and st community server ip's.
- Install Mux2.
- Configure sametime.ini for max users and st community server ip's.

- Install Mux1.
1. Click on setupwin32 and run as administrator.
2. Select Language. English.
3. Except EULA.
4. Installation Directory D:\IBM\Lotus\Sametime Community Mux
5. Hostname of sametime server = Chat01.rcds.net
7. Size = 63.3 mb.
8. Click finish when done.

- Configure sametime.ini for max users and configure st community server ip's.
Edit Sametime.ini at d:\ibm\Lotus\Sametime Community Mux\
# Sametime.ini Configuration
[Config]
VPMX_CAPACITY=80000
[Connectivity]
UCM_RESOLVE_PREFERRED_IP_VER=IPv4
VPS_HOST= 192.168.10.16, 192.168.10.17, 192.168.10.18
- Install Mux2.
1. Click on setupwin32 and run as administrator.
2. Select Language. English.
3. Except EULA.
4. Installation Directory D:\IBM\Lotus\Sametime Community Mux
5. Hostname of sametime server = Chat01.rcds.net
6. Click install.
7. Size = 63.3 mb.
8. Click finish when done.

- Configure sametime.ini for max users and configure st community server ip's.
Edit Sametime.ini at d:\ibm\Lotus\Sametime Community Mux\
# Sametime.ini Configuration
[Config]
VPMX_CAPACITY=80000
[Connectivity]
UCM_RESOLVE_PREFERRED_IP_VER=IPv4
VPS_HOST= 192.168.10.16, 192.168.10.17, 192.168.10.18

----------------------------------------------------------------------------------------------------------------------------------------------

4. CLUSTERING DOMINO SERVERS

- Manually Replicate names.nsf, admin4.nsf Databases to Chat02 and Chat03
   - Type replicate Chat01/RCDS names.nsf
   - Type replicate Chat01/RCDS admin4.nsf
- Create replication document on Chat01 Server for Chat02 and Chat03 to Manually replication database below.
- Goto Configuration Table and click on Connections on left.
- Right click and create a new document.
- cldbdir.nsf, names.nsf, stauths.nsf, vpuserinfo.nsf, stnamechange.nsf, admin4.nsf.
- Create Domino Cluster between Chat01, Chat02 and Chat03.
- Give Cluster Name (DomCluster).
    - Add the Cluster Server.
    - Wait and check the cldbdir.nsf to be created on Chat02 and Chat03.
- Configure cldbdir.nsf to only replicate cldbdir.nsf, names.nsf, stauths.nsf, vpuserinfo.nsf, stnamechange.nsf, admin4.nsf.
   - Open the cldbdir.nsf in domino admin client.
   - Select all databases and mark them not to replicate.
   - select the following databases (cldbdir.nsf, names.nsf, stauths.nsf, vpuserinfo.nsf, stnamechange.nsf, admin4.nsf) and mark then replicate.
   - save and close cldbdir.nsf.

5. CLUSTERING SAMETIME COMMUNITY SERVERS

- Create Sametime Cluster between Chat1, Chat2 and Chat3 (ChatCluster.rcds.net).
- Open stconfig.nsf from domino admin client.
- Click create and add cluster information.
- From the menu bar, select Create → Cluster Information and fill in the fields shown in the table below in the document that appears.
- Press the Esc key and save the document.
- Close the stconfig.nsf database and the Notes client.
- Restart the Sametime server for these changes to take effect
- Manually Copy Cluster Document in STConfig.nsf of All Chat Servers.
- Add Nodename in Properties.Configuration File in \Domino\Console Directory of all Chat Servers. i.e. Chat1, Chat2 and Chat3.
- Run RegisterSTCluster.bat from Chat1 Server.
- Log into the Chat1/RCDS servers operating system.
- Select Start --> Run and type cmd to open a command prompt.
- Navigate to D:\IBM\Lotus\Domino\Console.
- Run the following command: registerSTCluster.bat, Press any key to continue.
- You will be asked for the location of the servers notes.ini file. Type D:\ibm\lotus\domino and Click Enter.
- You will be asked for the domino administrator name, RCDS uses Sametime Admin. Click Enter.
- Enter the user password that is P@ssw0rd and click Enter
- Enter the cluster name that was added to the configuration in stconfig.nsf, (in our case, we use chatcluster). Click Enter.
- Verify the batch file completed successfully and close the window.
- Restart the Chat1/RCDS server.
- Log into the Sametime System Console and check the cluster name on samtime server.

6. CLUSTERING SAMETIME PROXY SERVERS

1. Navigate your web browser to the Lotus Sametime System Console and log in using your administrator name and password. (use wasadmin / P@ssw0rd).
2. Select Cluster WebSphere Application Servers. Select Next.
3. On the Select Product to Cluster screen, select Sametime Proxy Server. Select Next.
4. On the Create Cluster screen, type in a descriptive name for the cluster. (stproxy.rcds.net), or can be anything else. Select Next.
5. On the Deployment Manager screen, select the Deployment manager, which should be your System Console. Select Next.
6. Select the SametimeProxy server's primary node that is Proxy1, Click the Federate Node button to provide the Deployment Manager with configuration information about the new node.
7. Select the Create cluster button. Do not click anywhere on the browser until the operation completes because it may interrupt the clustering process.
8. When the clustering process has completed, you will observe that the Create cluster button has disappeared and it will show that the Cluster is created. Select Next.
9. In the Secondary Nodes list, select the secondary node and click the Federate Node button. Again, be patient until this completes. It can take 3-5 minutes.
10. Note that the status changes from Not Federated to Federated. Once this occurs, select Next.
11. Select the secondary server node. You can rename the second cluster member name if you want. Select the Add to Cluster button. Do not proceed until the current cluster member's status changes from "Ready to cluster" to "Clustered".
12. When the status has changed to "Ready to cluster" to "Clustered", select Next.
13. You should now see the Deployment Summary. Select Finish.
14. Follow step 9 to 13 for Proxy3 as well.

7. ENABLE CHAT LOGGING

Note: Perform the following steps below on all domino servers in the cluster. i.e. ST Community Chat1, Chat2 and Chat3.
1.    Create CLData directory in [D:\IBM\lotus\domino]
2.    Use a text editor to edit the sametime.ini file, which is located in the Lotus Sametime Community Server installation directory (D:\IBM\lotus\domino).
-    Under [Config] Section add these lines below.
ST_LOG_ALL_CHATS=1
ST_PURGE_LOGS_OLDER_THAN=365
-    Set ST_CHAT_LOG in the sametime.ini file under the ST_BB_NAMES section.
ST_CHAT_LOG=File

2. Create chatlogging.ini in the same folder as sametime.ini.
3. Move all the attributes from sametime.ini related to [Chat Logging] to chatlogging.ini.

[ChatLogging]
CL_CHAT_START_DISCLAIMER=Disclaimer message.
CL_CHAT_START_DISCLAIMER_RICH_TEXT=This chat is being logged. Copyright RCDS @ 2013
[Library]
BB_CL_LIBRARY_PATH=D:\IBM\Lotus\Domino\CLData

4. From lotus domino console stop Sametime Server. [ tell staddin quit ]
5. Log in to the Samtime System Console via Integrated Solutions Console.
6. Click Sametime System Console → Sametime Servers → Sametime Community Servers.
7. In the Sametime Community Servers list, click the deployment name of the Server with the connectivity information that you want to change.
8. Click the Community Services tab.
9. In the Server Features section, under Enable chat logging, select one of the
Following choices:
-    Always
-    When available
-    Never
10. Click OK.
11. Restart the Lotus Sametime Community Server for settings to take effect.