Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Social Connections VII - IBM Connections Deep Dive

1,929 views

Published on

Overview on IBM Connections 5 deployment and dependencies
Session slide for Social Connections VII in Stockholm November 2014

Published in: Technology
  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Social Connections VII - IBM Connections Deep Dive

  1. 1. IBM  Connec*ons  Deep  Dive   Christoph  Stö5ner  –  Fritz  &  Macziol  GmbH  
  2. 2. 2  
  3. 3. Christoph  Stö5ner  -­‐  a stoeps   About  me   •  Christoph  Stö5ner   –  IBM  SoDware  Consultant  at  Fritz  &  Macziol   –  Specialized  in  the  IBM  Connec*ons  and  IBM  Domino   Infrastructure   –  Bavarian   –  Linux  and  Scrip*ng  Lover,  Blogger   –  Speaker  at:   3  
  4. 4. Christoph  Stö5ner  -­‐  a stoeps   Agenda   •  Components  of  IBM  Connec*ons   •  WebSphere  Applica*on  Server   •  Infrastructure   •  Troubleshoo*ng   •  System  Requirements   4  
  5. 5. Christoph  Stö5ner  -­‐  a stoeps   Data  flow  &  Interac*on  -­‐  IBM  Connec*ons   5   Browser IBM HTTP Server WebSphere Plugins WebSphere Application Server Shared Directory DB ProfileDB Applications DBs Access Files, Uploads, CSS, JAR (provision) Optional: Access Files and Attachments Forwards all Connections URLs Knows URLs forwarded to WAS Hosts & Ports LDAP Server Authentication TDI Links to files create, activate & delete Users read and write Display page after authentication (when Profile is available) Profile changes synchronize member tables through JMS Queue read user data
  6. 6. Christoph  Stö5ner  -­‐  a stoeps   Goal   •  No  fear  of  IBM  Connec*ons   •  Understand  rela*onships  between  the  components     •  Understand  configura*on  seZngs     •  Troubleshoo*ng  Basics   –  log  files     –  applica*ons     –  Troubleshoo*ng  tools   –  Examples     6  
  7. 7. Christoph  Stö5ner  -­‐  a stoeps   Comment  on  paths   •  all  paths  shown  are  Windows  Path   –  e.g.  D:IBMproduct   •  Linux  or  AIX  administrators  can  replace  with   –  /opt/IBM/product   7  
  8. 8. Christoph  Stö5ner  -­‐  a stoeps   IBM  CONNECTIONS   Components   8  
  9. 9. Christoph  Stö5ner  -­‐  a stoeps   System  requirements   •  h5p://www-­‐01.ibm.com/support/docview.wss? uid=swg27012786   •  Requirements  should  be  strictly  followed   –  IBM  only  supports  the  versions  of  requirements   documents   –  Check  regularly  -­‐>  approve  before  installa*on  or  update   –  Check  details  and  notes   9  
  10. 10. Christoph  Stö5ner  -­‐  a stoeps   System  requirements  example   •  WebSphere  Applica*on  Server     10  
  11. 11. Christoph  Stö5ner  -­‐  a stoeps   System  requirements  example  (2)   11  
  12. 12. Christoph  Stö5ner  -­‐  a stoeps   Installa*on  Manager   •  Use  a  actual  32  bit  install  package   –  integrated  IM  in  Connec*ons,  Forms  oDen  older   –  no  need  to  update  several   *mes  within  one     deployment   •  Uncheck  automa*c     updates   12  
  13. 13. Christoph  Stö5ner  -­‐  a stoeps   Browser  support   •  Official  supported   –  Internet  Explorer  8.0  –  11.0   –  Mozilla  Firefox  ESR  24,  26   –  Apple  Safari  7.0   –  Google  Chrome  31  (all  OS)   •  Nextgen  /  gen4  Theme   –  since  Connec*ons  4.5  CR2   –  IE  without  Compa*bility  Mode   •  h5p://www-­‐969.ibm.com/soDware/reports/compa*bility/clarity-­‐ reports/report/html/prereqsForProduct? deliverableId=1351088302698#!     13  
  14. 14. Christoph  Stö5ner  -­‐  a stoeps   IBM  CONNECTIONS   Deployments   14  
  15. 15. Christoph  Stö5ner  -­‐  a stoeps   Overview   •  Small  Deployment  <  1.000  registered  Users   –  1  Cluster  all  applica*ons   •  Medium  Deployment  1.000  –  10.000  registered  Users   –  several  Clusters  (Default:  3)   •  Large  Deployment  about  10.000  –  100.000  registered  Users   –  1  Cluster  for  each  applica*on   –  you  should  use  2  or  more  nodes     •  Large  Deployment  >  100.000  registered  Users   –  addi*onal  Nodes   –  redundant  database  servers   15  
  16. 16. Christoph  Stö5ner  -­‐  a stoeps   IBM  CONNECTIONS   Infrastructure   16  
  17. 17. Christoph  Stö5ner  -­‐  a stoeps   Minimum  Infrastructure   17   -  AD -  Domino -  LDAP v3
  18. 18. Christoph  Stö5ner  -­‐  a stoeps   Infrastructure  –  advanced   18   -  AD -  Domino -  LDAP v3
  19. 19. Christoph  Stö5ner  -­‐  a stoeps   Infrastructure  –  external  access   19  
  20. 20. Christoph  Stö5ner  -­‐  a stoeps   Infrastructure  -­‐  HA   20  
  21. 21. Christoph  Stö5ner  -­‐  a stoeps   WebSphere  Applica*on  Server  -­‐  Basics   21   Browser IBM HTTP Server WebSphere Plugins WebSphere Application Server Shared Directory DB ProfileDB Applications DBs Access Files, Uploads, CSS, JAR (provision) Optional: Access Files and Attachments Forwards all Connections URLs Knows URLs forwarded to WAS Hosts & Ports LDAP Server Authentication TDI Links to files create, activate & delete Users read and write Display page after authentication (when Profile is available) Profile changes synchronize member tables through JMS Queue read user data
  22. 22. Christoph  Stö5ner  -­‐  a stoeps   IBM  WebSphere  Applica*on  Server   •  Cell   –  In  a  network  deployment  a  cell  can  have  mul*ple  Nodes   –  SPOA  through  Deployment  Manager   •  Deployment  Manager  (dmgr)   –  Configura*on  server  of  a  cell   –  manage  the  master  configura*on   22  
  23. 23. Christoph  Stö5ner  -­‐  a stoeps   IBM  WebSphere  Applica*on  Server   •  Node   –  Group  of  applica*on  servers   –  each  node  is  managed  through  the  NodeAgent   •  NodeAgent   –  synchronize  configura*on  from  Deployment  Manager   –  copy  new  and  changed  files  to  Node  Config   23  
  24. 24. Christoph  Stö5ner  -­‐  a stoeps   IBM  WebSphere  Applica*on  Server   •  Applica*on  Server   •  Cluster   –  one  to  n  members   –  Loadbalancing  and  Failover  with  >=  two  members   •  Administra*on   –  Integrated  Solu*on  Console  (h5p://was_host:9060/admin)   –  wsadmin.bat|sh  (start  within  <Dmgr-­‐profile>/bin   24  
  25. 25. Christoph  Stö5ner  -­‐  a stoeps   Java  Virtual  Machine   •  Seperate  JVM   –  dmgr   –  nodeagent   –  applica*on  server   •  each  JVM  has  seperate  seZngs  for   –  logs   –  Java  Heap  Size   –  Java  Generic   –  Garbage  Collector   25  
  26. 26. Christoph  Stö5ner  -­‐  a stoeps   Compare  WebSphere  &  Domino   IBM  WebSphere  AppServer   •  Cell   •  Node   •  NodeAgent   •  Deployment  Manager   •  Applica*on  Server     IBM  Domino   •  Domino  Domain   •  Domino  Server  (par**oned)   •  Replicator  task   •  Administra*on  Server   26  
  27. 27. Christoph  Stö5ner  -­‐  a stoeps   Paths   •  WAS_HOME   –  D:IBMWebSphereAppServer   –  /opt/IBM/WebSphere/AppServer   •  Profiles   –  %WAS_HOME%profiles  |  $WAS_HOME/profiles   •  Dmgr01  (Default  Deployment  Manager)   •  AppSrv01  (Default  1.  Node)   •  AppSrv02  (op*onal)   27  
  28. 28. Christoph  Stö5ner  -­‐  a stoeps   Log  Files   •  Midsize  Deployment   –  $WAS_HOME/profiles/AppSrv01/logs   •  InfraCluster_server1/SystemOut.log   •  Cluster1_server1/SystemOut.log   •  Cluster2_server1/SystemOut.log   •  Large   –  $WAS_HOME/profiles/AppSrv01/logs   •  Ac*vi*esCluster_server1/SystemOut.log   •  BlogsCluster_server1/SystemOut.log   •  ...   28  
  29. 29. Christoph  Stö5ner  -­‐  a stoeps   WebSphere  Applica*on  Server  -­‐  Basics   29   Browser IBM HTTP Server WebSphere Plugins WebSphere Application Server Shared Directory DB ProfileDB Applications DBs Access Files, Uploads, CSS, JAR (provision) Optional: Access Files and Attachments Forwards all Connections URLs Knows URLs forwarded to WAS Hosts & Ports LDAP Server Authentication TDI Links to files create, activate & delete Users read and write Display page after authentication (when Profile is available) Profile changes synchronize member tables through JMS Queue read user data
  30. 30. Christoph  Stö5ner  -­‐  a stoeps   HTTP  Server,  Plugins  &  WebSphere  AppSrv   •  Interac*on   •  IHS_ROOT   –  D:IBMHTTPServer   –  /opt/IBM/HTTPServer   •  WAS_PLG_ROOT   –  D:IBMWebSpherePlugins   –  /opt/IBM/WebSphere/Plugins   •  Keystore   –  Check  SSL  Key  validity   30   IBM HTTP Server WebSphere Plugins WebSphere Application Server IHS_ROOT/ index.html http(s)://connections-url /homepage /profiles … https://was_host:9444/homepage https://was_host:9445/profiles { }
  31. 31. Christoph  Stö5ner  -­‐  a stoeps   Paths   HTTP  Server   •  Configura*on   –  %IHS_ROOT%conf   •  h5pd.conf   •  Logs   –  %IHS_ROOT%logs   •  access.log   •  error.log   WebSphere  Plugins   •  Configura*on   –  %WAS_PLG_ROOTconfig   •  webserver1  (Bsp.)   •  Logs   –  %WAS_PLG_ROOT%logs   •  webserver1  (Bsp.)   31  
  32. 32. Christoph  Stö5ner  -­‐  a stoeps   WebSphere  Plugins   •  Handle  HTTP(S)  requests  from  IHS  to  WebSphere  Server     •  Path:   –  changed  from  Version  7  to  8!!     •  ISC  (even  8.5.5)  set  the  old  path  as  default,  when  adding  a  webserver   –  Version  7:   •  D:IBMHTTPServerPluginslogscnxwebserver1   –  Version  8:   •  D:IBMWebSpherePluginslogscnxwebserver1 32  
  33. 33. Christoph  Stö5ner  -­‐  a stoeps   WebSphere  Plugins  (2)   33  
  34. 34. Christoph  Stö5ner  -­‐  a stoeps   WebSphere  Plugins  (3)   •  Configura*on  directory  contains   –  Plugin-­‐cfg.xml   •  Plugin  configura*on   •  Ports,  hostnames  from  WebSphere   –  Plugin-­‐key.kdb   •  Keystore  from  WebSphere  keys   •  Contains  Root  Cer*fier  from  WebSphere   –  Plugin-­‐key.sth   •  Stashfile  Keystore   •  Password  for  Keystore   •  Important:   do  not  use  plugin-­‐key.kdb  for  IHS  SSL  Keys   34  
  35. 35. Christoph  Stö5ner  -­‐  a stoeps   plugin-­‐cfg.xml   35  
  36. 36. Christoph  Stö5ner  -­‐  a stoeps   plugin-­‐cfg.xml  (2)   •  Ports   •  Urls   •  Route  to  Applica*on  Servers   36  
  37. 37. Christoph  Stö5ner  -­‐  a stoeps   Tivoli  Directoy  Integrator   37   Browser IBM HTTP Server WebSphere Plugins WebSphere Application Server Shared Directory DB ProfileDB Applications DBs Access Files, Uploads, CSS, JAR (provision) Optional: Access Files and Attachments Forwards all Connections URLs Knows URLs forwarded to WAS Hosts & Ports LDAP Server Authentication TDI Links to files create, activate & delete Users read and write Display page after authentication (when Profile is available) Profile changes synchronize member tables through JMS Queue read user data
  38. 38. Christoph  Stö5ner  -­‐  a stoeps   Tivoli  Directory  Integrator   •  TDI_ROOT   –  D:IBMTDIV7.1.1   •  TDISOL     (do  not  use  TDIPopula*on  from  Wizards,  copy  Connec*onsTDISOL)   –  D:IBMtdisol   •  Logs   –  %TDISOL%logsibmdi.log   •  Employee.*   –  .error   –  .update   –  .skip   38  
  39. 39. Christoph  Stö5ner  -­‐  a stoeps   map_dbrepos_from_source.proper*es   •  Configura*on  LDAP  /  Database  mapping   •  Important  (must  be  unambiguous)   –  email   –  uid   –  guid   •  Connec*ons  shows  CN,  when  a  User  creates  something   –  givenname  surname   •  Be  careful  with  mapping  (disable  edit  within  profiles)   –  descrip*on   –  about   39  
  40. 40. Christoph  Stö5ner  -­‐  a stoeps   profiles_tdi.proper*es   •  LDAP   –  Bind  User   •  source_ldap_user_login=cn=Bind  LDAP,ou=users,o=stoeps   –  Bind  Passwort  {protect}-­‐parameter  will  be  encrypted  aDer  star*ng   sync_all_dns.bat   •   {protect}-­‐source_ldap_user_password={encr}RU/IYGikSAnf/DDYN1hW6   –  LDAP  Host   •  source_ldap_url=ldap://mail.stoeps.local:389   –  Base  DN   •  source_ldap_search_base=o=stoeps   –  Search  Filter  (User  filter  for  synchronisa*on)   •  source_ldap_search_filter=(&(uid=*)(mail=*))   40  
  41. 41. Christoph  Stö5ner  -­‐  a stoeps   profiles_tdi.proper*es  (2)   •  Database   –  Host,  Port,  DB  (dbrepos_jdbc_url=jdbc:db2://cnxwin.stoeps.local:50000/ PEOPLEDB)   –  Password  ({protect}-­‐dbrepos_password={encr} Ua1BTSYdmu9ZDo662geoLc8C0=)   •  Hash   –  sync_updates_hash_field=uid  (uid,  email  or  guid)   –  is  used  to  find  matching  entries  between  DB  and  LDAP   •  important  to  sync  e.g.  renamed  users   •  uid  &  email  get  changed  when  Domino  renames  a  User   •  GUID  (Doc  ID)  change,  when  you  copy  and  paste  person  documents   •  debug_*=false|true  or  etc/log4j.proper*es   41  
  42. 42. Christoph  Stö5ner  -­‐  a stoeps   Create,  update  &  delete  User   •  User  Synchroniza*on   •  sync_all_dns.bat|sh   –  create  &  update   –  delete  or  inac*vate   –  sync_all_dns.lck   –  run  regularly   42  
  43. 43. Christoph  Stö5ner  -­‐  a stoeps   Create,  update  &  delete  User  (2)   •  collect_dns.bat     –  create  a  list  of  users  with  defined  search  filter   –  write  to  collect.dns   •  populate_from_dn_file.bat   –  create  &  update  users  listed  in  collect.dns   –  no  delete  or  inac*vate   –  always  use  uid  to  find  matching  entries  between  LDAP  &   database   43  
  44. 44. Christoph  Stö5ner  -­‐  a stoeps   fill_*.bat   •  Following  fields  are  not  directly  shown  in  Profiles   –  countryCode   –  deptNumber   –  organiza*on   –  workLoca*onCode   •  TDISOL/samples     –  example  csv   44  
  45. 45. Christoph  Stö5ner  -­‐  a stoeps   Possible  errors   •  New  users  does  not  appear  in  Profiles   –  sync_all_dns.lck  wasn't  deleted   –  run  collect_dns.bat   •  check  if  user  is  listed   –  LDAP  Search   –  employee.error,  employee.skip   –  check  Log-­‐File  (aDer  ac*va*ng  debug)   •  find  possible  valida*on  errors   45  
  46. 46. Christoph  Stö5ner  -­‐  a stoeps   IBM  CONNECTIONS   User  management   46  
  47. 47. Christoph  Stö5ner  -­‐  a stoeps   GUID,  UID,  UUID   •  UID   –  LDAP  a5ribute   –  Shortname  in  Domino   –  sAMAccountName  in  AD   •  GUID   –  LDAP  a5ribute   –  SSID  in  AD,  DocID  in  Domino   •  UUID   –  unambigous  ID  of  users  or  objects  in  Connec*ons  databases   47  
  48. 48. Christoph  Stö5ner  -­‐  a stoeps   Connec*ons  Users   •  each  user  need  a  profile  in  peopleDB   •  loginItems  must  be  unambigous   –  uid   –  E-­‐Mail   –  CN  (if  defined)   •  deac*vate  User   –  do  not  edit  the  database  directly   –  execfile("profilesAdmin.py")   ProfilesService.inac*vateUser("john.doe@example.com")   –  resync  with  sync_all_dns.bat   48  
  49. 49. Christoph  Stö5ner  -­‐  a stoeps   Returning  User  |  UID  recycle   •  When  you  delete  a  user  in  LDAP,  the  user  is   deac*vated  or  deleted  on  next  sync_all_dns   •  UID  reused  or  User  comes  back   –  depends  on  sync_updates_hash_field   –  UID   •  all  profile  fields  updated  to  new  values   •  old  documents  are  reassigned  to  User  with  UID   •  bad  if  it  is  an  other  User   49  
  50. 50. Christoph  Stö5ner  -­‐  a stoeps   Returning  User  |  UID  recycle  (2)   –  GUID   •  new  User  will  not  be  created,  because  GUID  changed   •  duplicate  UID  errors  appear  in  the  log   •  returning  user:   –  populate_from_dn_file  (hash  to  uid)   •  UID  recycle   –  you  have  to  rename  the  uid  of  the  old  user  (ProfilesService)!   –  Synchronisa*on  is  possible  aDer  this   50  
  51. 51. Christoph  Stö5ner  -­‐  a stoeps   Returning  User  |  UID  recycle  (3)   •  User  returns  with  different  UID   •  Remap  old  documents   ProfilesService.swapUserAccessByUserId(„oldGUID“,“newGUID“) ProfilesService.publishUserDataByUserId(„newGUID“) 51  
  52. 52. Christoph  Stö5ner  -­‐  a stoeps   Database  Server   52   Browser IBM HTTP Server WebSphere Plugins WebSphere Application Server Shared Directory DB ProfileDB Applications DBs Access Files, Uploads, CSS, JAR (provision) Optional: Access Files and Attachments Forwards all Connections URLs Knows URLs forwarded to WAS Hosts & Ports LDAP Server Authentication TDI Links to files create, activate & delete Users read and write Display page after authentication (when Profile is available) Profile changes synchronize member tables through JMS Queue read user data
  53. 53. Christoph  Stö5ner  -­‐  a stoeps   DB2   •  License  included  with  IBM  Connec*ons   •  Tables   –  not  documented   –  no  Support  aDer  direct  edit  the  databases   •  Troubleshoo*ng   –  db2diag.log   53  
  54. 54. Christoph  Stö5ner  -­‐  a stoeps   Shared  Directory   54   Browser IBM HTTP Server WebSphere Plugins WebSphere Application Server Shared Directory DB ProfileDB Applications DBs Access Files, Uploads, CSS, JAR (provision) Optional: Access Files and Attachments Forwards all Connections URLs Knows URLs forwarded to WAS Hosts & Ports LDAP Server Authentication TDI Links to files create, activate & delete Users read and write Display page after authentication (when Profile is available) Profile changes synchronize member tables through JMS Queue read user data
  55. 55. Christoph  Stö5ner  -­‐  a stoeps   Shared  Directory   •  Do  not  use  local  file  paths   –  when  adding  2.  Node  you  need  a  network  share   •  all  Nodes  must  use  the  same  path  or  URI   –  /opt/icshared   –  f:   –  san-­‐hostconnec*ons   –  path  must  have  a  high  availability   •  Connec*ons  must  be  restarted,  when  network  connec*on  drops   •  NFS  SMB   •  you  should  disable  virus  scanning  in  Shared  Directory   •  MicrosoD  Windows  Service:  Local  System  has  no  network   access   55  
  56. 56. Christoph  Stö5ner  -­‐  a stoeps   IBM  CONNECTIONS   Configura*on   56  
  57. 57. Christoph  Stö5ner  -­‐  a stoeps   Connec*ons  XML  Configura*ons   •  hold  configura*on  of   –  IBM  Connec*ons  general   –  Connec*ons  features   •  Configura*on  Change   –  Check  Out  XML  to  temporary  folder   –  Change  config   –  Check  In   •  Do  not  edit  the  configura*on  directly   •  Syntax  valida*on  on  Check  In   –  Synchronize  Nodes   –  Restart  Connec*ons  or  App  (depends  on  change)   57  
  58. 58. Christoph  Stö5ner  -­‐  a stoeps   Configura*on  backup   •  Do  not  create  backups  in  the  config  folder   •  WebSphere  reads  all  files  in  these  folders   •  Troubleshoo*ng  more  complicated   •  You  can  use  WAS_ROOTbinbackupConfig.bat   58  
  59. 59. Christoph  Stö5ner  -­‐  a stoeps   IBM  CONNECTIONS   Search   59  
  60. 60. Christoph  Stö5ner  -­‐  a stoeps   Search  serverStatus   •  h5p://your_connec*ons_server/search/serverStatus   –  J2EE  Rolle  Admin  in  Search  App  is  needed   –  feeds  and  seedlists  valida*on   –  last  log  messages   –  general  search  configura*on   •  When  you  install  CCM  and  do  not  configure  it   –  Search  will  never  finish   60  
  61. 61. Christoph  Stö5ner  -­‐  a stoeps   Configura*on   •  File  Extrac*on  binaries  should  be  started  local   –  oDen  problems  when  started  from  network   •  Dic*onaries   –  good  idea   –  weird  search  results  /  not  consistent  search   61  
  62. 62. Christoph  Stö5ner  -­‐  a stoeps   TROUBLESHOOTING   Network   62  
  63. 63. Christoph  Stö5ner  -­‐  a stoeps   Name  Lookup   •  Check  if  all  hosts  can  lookup  each  other   •  Connec*ons  use  only  one  hostname   –  e.g.  connec*ons.example.com   –  even  when  you  use  mul*ple  webservers,  the  virtual  host  name  must   be  the  same   –  configured  in  LotusConnec*ons-­‐config.xml   •  Tools   –  nslookup   –  dig   –  host   63  
  64. 64. Christoph  Stö5ner  -­‐  a stoeps   Changing  Hostname     •  oDen  complicated,  always  check  possibili*es  in  the   product  documenta*on   –  WebSphere  Applica*on  Server   –  DB2   •  Easier   –  Connec*ons  URL   64  
  65. 65. Christoph  Stö5ner  -­‐  a stoeps   Change  Connec*ons  URL   •  Problems   –  Homepage  (Ac*vityStream)   –  Blogs   •  Change   –  DNS   –  h5pd.conf  (virtualhost  for  new  name,  RewriteRule  for  old   name)   65  
  66. 66. Christoph  Stö5ner  -­‐  a stoeps   Change  Connec*ons  URL  (2)   •  Change   –  New  SSL  Key  (or  wildcard  key)   –  import  new  key  to  WebSphere  Truststore   –  URLs   •  Blogs   –  change  old  URLs  through  wsadmin   •  News   –  Entries  dissappear  aDer  some  days   66  
  67. 67. Christoph  Stö5ner  -­‐  a stoeps   TROUBLESHOOTING   General   67  
  68. 68. Christoph  Stö5ner  -­‐  a stoeps   Possible  Errors  –  Internal  Server  Error   •  Browser  displays           •  Error  message  in  IHS_ROOT/logs/error.log:  error  500   –  A  generic  error  message   68  
  69. 69. Christoph  Stö5ner  -­‐  a stoeps   Possible  reasons   •  Applica*on  Server  or  Applica*on  not  started   –  Check  with  ISC   •  SSL  Root  Cer*ficate  not  imported  in  WAS  Truststore   –  Import  Root  Cer*ficate   –  some*mes  seen  only  host  keys  imported,  aDer  key   rollover  not  longer  valid   69  
  70. 70. Christoph  Stö5ner  -­‐  a stoeps   Possible  reasons  (2)   •  SSL  Key  expired   –  IHSROOT/logs/error.log   •  GSK_ERROR_BAD_CERT   –  PLUGIN_ROOT/logs/webserver1/h5p_plugin.log   •  SSL0221E:  SSL  Handshake  Failed,  Either  the  cer*ficate  has  expired   or  the  system  clock  is  incorrect   70  
  71. 71. Christoph  Stö5ner  -­‐  a stoeps   App  not  available   •  Error  in  files-­‐config.xml  (in  this  case)   –  wouldn't  happen  when  use  Check  Out/In   71  
  72. 72. Christoph  Stö5ner  -­‐  a stoeps   Error  on  all  /  some  apps   •  Error  in  *-­‐config.xml   –  validate  through  Check  In/Out   •  User  synchronista*on  aDer  rename  not  complete   –  Applica*onMemberService.syncAllMembersByExtId   •  Profile  not  created  through  TDI   72  
  73. 73. Christoph  Stö5ner  -­‐  a stoeps   Applica*on  not  accesible   •  Applica*on  not  mapped  to  webserver   •  Generate  plugin-­‐config  and  copy  to  webserver   •  Restart  Webserver   73  
  74. 74. Christoph  Stö5ner  -­‐  a stoeps   RESSOURCES   74  
  75. 75. Christoph  Stö5ner  -­‐  a stoeps   Documenta*on  /  System  Requirements   •  Wiki  un*l  Connec*ons  4.5   –  h5p://www-­‐10.lotus.com/ldd/lcwiki.nsf/xpViewCategories.xsp? lookupName=Product%20Documenta*on   •  IBM  Knowledge  Center  (since  mid  2014)   –  h5p://www-­‐01.ibm.com/support/knowledgecenter/ SSYGQH_5.0.0/welcome/welcome_admin.html?lang=en     •  System  Requirements  Connec*ons  5   –  h5p://www-­‐969.ibm.com/soDware/reports/compa*bility/ clarity-­‐reports/report/html/prereqsForProduct? deliverableId=1351088302698#!     75  
  76. 76. Christoph  Stö5ner  -­‐  a stoeps   Tools:  (intercept)  Proxy   •  examine  communica*on  between  Browser  and  server   •  Fiddler   –  h5p://www.telerik.com/fiddler   –  Windows   •  Burpsuite   –  h5p://portswigger.net/burp/   –  Linux,  Windows  &  Mac  OS  X   –  depends  on  Java   –  Intercept  mode   76  
  77. 77. Christoph  Stö5ner  -­‐  a stoeps   Tools:  DB  Client   •  un*l  DB2  9.7:  db2cc   •  all  versions:  DB2  Data  Studio   –  View  and  Edit  table  entries   –  No  support  when  you  edit!   –  Good  to  check  entries  of  Users   •  Generic  JDBC  CLient   –  dbeaver   77  
  78. 78. Christoph  Stö5ner  -­‐  a stoeps   Tools:  Browser  Plugins   •  CipherFox  Secure   –  Display  current  SSL  cipher   •  CookieWatcher  or  Cookies  Manager   •  Empty  Cache  Bu5on   •  Firebug   –  Check  load  *me   –  Source  Code   –  Error  Console   •  Firesizer   •  Javascript  Debugger   •  Live  HTTP  headers   •  User  Agent  Switcher   78  
  79. 79. Christoph  Stö5ner  -­‐  a stoeps   Tools:  Editor,  Tail   •  Configura*on  Changes   –  Windows:  notepad++,  Ultraedit,  Atom   –  Linux:  vim,  geany,  atom   •  Log  Files   –  Windows:  baretail.exe,  mtail,  LogExpert   –  Linux:  tail  –f,  mul*tail   79  
  80. 80. Christoph  Stö5ner  -­‐  a stoeps   Tools:  LDAP  /  Network   •  LDAP  Browser   –  Apache  Directory  Studio   –  SoDerra  LDAP  Browser   –  SoDerra  LDAP  Admin   –  Jxplorer   –  ldapsearch   •  Not  enough?   –  Wireshark   –  tcpdump   80  
  81. 81. 81   Christoph  Stö5ner   IBM  SoDware  Consultant   Fritz  &  Macziol  GmbH   www.fum.de   cstoe5ner@fum.de   christophstoe5ner   www.stoeps.de   scrip*ng101.org   github.com/stoeps13   christoph.stoe5ner@stoeps.de   twi5er.com/stoeps   facebook.com/christoph.stoe5ner   www.stoeps.de/+   slideshare.net/ChristophStoe5ner   linkedin.com/pub/christoph-­‐stoe5ner/13/30a/2b3/   xing.com/profile/Christoph_Stoe5ner   about.me/stoeps   y y a b c 8 j l

×