SlideShare a Scribd company logo

The Sametime Mobile Experience

Gabriella Davis
Gabriella Davis

Having a full set of Sametime features available on mobile devices has been a priority for IBM so if you are deploying, whether it’s the complete feature set including meetings audio and video or just instant messaging you can extend the functionality using IBM Connections Chat and IBM Connections Meetings applications which are available for most mobile platforms. In this session we will review both the backend server configuration and the features available via the mobile applications and discuss usability, bandwidth and security implications

Mobile
1 of 72
Download to read offline
Deploying Instant Messaging For Mobile Devices Gabriella Davis Technical Director The Turtle Partnership gabriella@turtlepartnership.com
Who Am I? Admin of all things and especially quite complicated things where the fun is Working with security , healthchecks, single sign on, design and deployment of Domino, ST, Connec>ons and things that they talk to Stubborn and relentless problem solver Lives in London about half of the >me gabriella@turtlepartnership.com twiDer: gabturtle Awarded the first IBM Life>me Achievement Award for Collabora>on Solu>ons
Architecture
DB2 ❖ Licensed as part of Sametime Communicate or Complete ❖ Used to store data for the Apple push notification activity ❖ If you aren’t using iOS devices then the DB2 database for STProxy isn’t being used ❖ In default mode when coming out of the IM or Meeting application on iOS it is remains backgrounded and you remain logged in and available to other users ❖ Backgrounding can be disabled as a server setting
Sametime System Console ❖ The SSC is used to manage all the Sametime components ❖ It must be aware of all servers in order to integrate their services ❖ It also manages all policies ❖ A Sametime Proxy server doesn’t have to be installed as part of the SSC Cell
Domino ❖ Sametime 9.0.1 still requires Domino and is still a 32bit application ❖ You must first install Domino before you can install the 32bit Community Server using it
Community Server ❖ Installs on top of Domino ❖ Is a subtask of the HTTP server ❖ load staddin ❖ Create a deployment plan in the SSC and install using that so it’s federated ❖ All the other servers need to know about it ❖ Using Domino’s proprietary directory standard is no longer supported for any components, you must use LDAP ❖ Using Domino as LDAP is supported
Sametime Proxy Server ❖ The Sametime Proxy server is a HTTP proxy which connects to the Sametime Community Server ❖ By default it will attempt to consume any server in the domain ❖ Any server document with “Is Sametime Server” set to “yes” ❖ The Sametime Proxy server is used by ❖ Web clients ❖ Web meetings ❖ Mobile applications ❖ Awareness in applications ❖ Connections integration
Sametime System Console Deployment Plan Sametime Server Server Configuration Server Policies DB2 SSC Policies (STSC) STProxy for iOS push Sametime Proxy Server Web Proxy Sametime Community Server Client Mobile Request Request access for chat or meetings over port 443 Request is passed to the Community server for validation LDAP Server Community server authenticates credentials Policies are applied Policies are read Mobile Access Architecture
Client Mobile Request InternalMobile DMZ DB2 SSC Policies (STSC) STProxy for iOS push Sametime System Console Deployment Plan Sametime Server Server Configuration Server Policies LDAP Server Sametime Community Server Sametime Proxy Server Request is passed to the Community server for validation Community server authenticates credentials 443 1516 Mobile Access and Security
Configuration
Create A Proxy Database ❖ Create a DB2 database to be used by iOS applications ❖ createProxyDb STPROXY db2admin script to create the database database schema
It can take a few minutes to run but when complete you should see this message
Add It To The SSC db2 server hostname & port Newly created db name stdb.turtlehost.net
Create A Deployment Plan Only visible to administrators not users
Create A Deployment Plan Each cluster can only have one primary node Each cell can only have one cluster of each server type
Adding A Primary Node To The SSC Add the new node to the existing Cell (the System Console)
Create A Deployment Plan One option is to install additional Sametime Proxy Servers in their own cells
Hostname for the install WebSphere credentials for the install. If the server is federated into an existing cell these are removed
Confirming The Install
Verifying SSC-Proxy host and credentials the SSC uses to open the proxy server
If this page opens successfully you have confirmed the routing from SSC to Proxy
Installing Standalone ❖ The Sametime Proxy server can only be federated into the SSC as a single cluster ❖ When WAS servers are clustered horizontally with a primary and several secondary nodes , they are all considered “equal” ❖ Horizontal clusters are not suitable if you want to manage access by location
Virtual Hosts ❖ Create a specific virtual host for all the hostname:port combinations your Sametime Proxy Server will use ❖ These should be unique within your cell as they tell WebSphere how to route traffic to the application ❖ avoid using wildcard hostnames application ports
Mapping Virtual Hosts ❖ Once our virtual host is created we need to map the modules associated with the application to use it instead of “default_host”
Proxy Server Configuration how a web meeting is started. Servers should share a LtpaToken specific community clusters by name to use or specific community servers
Mobile Configuration server -wide settings to determine client behaviour
Meeting Server Configuration
Server-Wide Mobile Security Settings
Meeting Server Configuration ❖ There are additional settings that can be force users to upgrade their mobile clients if they are using versions older than X ❖ That’s a very specific, and potentially painful, admin use case ❖ mobile.Android.currentVersion / mobile.Android.minVersion ❖ mobile.iOS.currentVersion / mobile.iOS.minVersion
Clustering ❖ Each cluster must be managed by a deployment manager ❖ That deployment manager can be, but does not have to be, the SSC ❖ There can be only one primary node in a cluster ❖ Deployment plans can only be created for one cluster of Sametime Proxy Servers ❖ but a different cluster can be added manually ❖ Servers in the same cluster are considered the same for serving user requests and users could be directed to any available member
Security
Reverse Proxies ❖ A reverse or authenticating proxy can provide secure access through a DMZ to your meeting servers ❖ For larger deployments you may want to keep the Sametime Proxy and Meeting Servers on the internal network and use a reverse proxy in the DMZ ❖ These proxies will authenticate with the LDAP servers directly before passing the authorisation through to the application servers
Deploying A SSL Certificate ❖ Never deploy to mobile clients without SSL ❖ A trusted SSL certificate is particularly important when deploying mobile clients ❖ Both the Chat and Meeting applications allow users to accept untrusted SSL certificates ❖ You can turn that off in the server configuration ❖ Replace the installed internal SSL certificate with one you have purchased
Adding A New SSL Certificate ❖ Under Security - SSL Certificates and Key Management ❖ We want to import the trusted roots of the CA into the Trust Store ❖ In this example GoDaddy suppled a CRT bundle that I simply “Added”
Adding A New SSL Certificate ❖ I then had the IBM signer created during install and the GoDaddy signer that will be used to create my certificate
Creating A CSR ❖ The simplest method of getting a certificate into WebSphere is to create the CSR there ❖ Then you can simple “receive” the new certificate into the DefaultKeyStore BEWARE!!
Adding A Personal Certificate ❖ If you can’t do that, then a P12 works well ❖ You must have the private key component of the certificate you want to add
Replacing The Default Certificate ❖ In my environment I have purchased a wildcard turtlehost.net certificate I want each server to use ❖ Rather than individually change each server, I can replace the default certificate with my new wildcard once it’s imported ❖ Select the “default” certificate and choose “Replace”
Or..Apply To EndPoints ❖ If I want to apply different certificates to different servers I can do this by mapping the server endpoints to each one
You MUST map both the inbound and outbound endpoints , sync and restart the servers
Beware! 4096 Certificates ❖ WebSphere Application Server does not support 4096 certificates out of the box ❖ Previously if you attempted to add one you would get an error “RSA Premaster Secret” and it would refuse to add ❖ Now you don’t get the error, it does add ❖ It just doesn’t work ❖ There’s an easy fix
Unrestricted Java Policy Files ❖ Downloaded the unrestricted java policy files from IBM Fix Central ❖ There are two files local_policy.jar and US_export_policy.jar that overwrite those in ❖ <websphere install directory>/java/jre/lib/security ❖ Shutdown your servers ❖ Replace the files ❖ Start the servers ❖ Not doing this and deploying 4096 certificates will lead to ❖ servers being unable to talk to each other ❖ you being unable to stop your servers cleanly ❖ audio and video not working
Chat Policies
Meeting Policies ❖ There are no specific policy settings for mobile users in Meeting Rooms ❖ Mobile specific settings are in the Meeting server configuration itself as they apply to all users ❖ Meeting policies apply to a user whether they are on a mobile device or not
Media Policies ❖ The line rate will affect how much video data is broadcast to the mobile client
Client Behaviour
Apple Push Notification Service ❖ To enable push notifications for iOS devices you must allow traffic outbound ❖ gateway.push.apple.com 2195 ❖ feedback.push.apple.com 2196 ❖ find the file apns-prod.pkcs12 which is on the Proxy server node ❖ <websphere profile>/config/cells/cellName/nodes/ stproxyPNNodename/apns-prod.pkcs12 ❖ Copy it to the Node directory for any Sametime Proxy server under the Deployment manager e.g. ❖ /STSCDMgrProfile/config/cells/balticcell/nodes/stproxynodename ❖ Always check fix central for an updated version of this certificate which needs to be deployed
Google Cloud Messaging ❖ Used for Sametime notifications on Android devices ❖ Use “Retrieve from port” in the Trust Store to bring the Google certificate into your deployment manager
Google Cloud Messaging
Tablet Phone
Tablet Phone
Tablet Contact list audio & video if you are both able Recent audio and video calls
iOS Meetings Phone - add files Phone
Tablet Screen sharing with pointer activity Conference dial in
Phone landscape mode Phone portrait mode
Creating A Meeting ❖ Shared files are commonly URLs or Photos ❖ The mobile application can’t access the mobile file system
Whiteboard Meeting on the iPad
Video Meeting on the iPad click to call via phone (not my number :-))
Pre-Configuring Clients ❖ Create a custom URL for users that will provision their mobile chat client ❖ sametime://@stproxy.turtlehost.net:443/? AddCommunity&ssl=true ❖ creates a new community for the server stproxy.turtlehost.net using the secure 443 port and prompts the user for their name ❖ Other optional parameters include ❖ savePassword (true/false) ❖ communityName (if you want to give it a specific name)
Sharing Meeting Server Configuration Sharing options also available on Android devices
Troubleshooting
Trusted IPs Long time bug. When WAS writes the Trusted IPs as a string rather than a list Until this is fixed by saving the document in stconfig.nsf nothing will work
Trusted IPs ❖ This has been a recurring problem since 8.5.2 ❖ With this bug if you change the Trusted IPs in WebSphere the next time the Community server is restarted, they will be broken ❖ On 9.0.1 I’ve also seen an error where a single trusted ip is listed with a “.” at the end, causing it to fail
Routing To The Correct Server ❖ Regardless which Community server you configure the Sametime Proxy server to use in its deployment plan ❖ It can and will connect to any server in the Domino domain configured as a “Sametime” server ❖ Edit the Sametime Proxy configuration to force routing to a specific server, servers or cluster ❖ Check the SystemOut.log on the Sametime Proxy server to determine which server it is trying to connect to ❖ Check the sametimexxx.log in the DominoTrace directory to verify if connections are being refused and why
This is left empty on install so by default all domain Sametime servers can be consumed
Re-Mapped Virtual Host ❖ During fix updates or patches it’s common for the Virtual Hosts of each application to be reset to “default_host” instead of the specific one we created ❖ If you get an error 500 or “SRVE0255E: A WebGroup/ Virtual Host to handle /mapping has not been defined” these are commonly associated with an incorrect virtual host
Bandwidth ❖ The largest consumption of resource for a Sametime Proxy Server is the network ❖ If the server is virtualised, make sure the network card assigned isn’t shared ❖ Monitor the network traffic to the server ❖ Audio and Video streams on mobile services are sent via the Sometime Proxy server which was probably not designed for media traffic
Mobile Bandwidth ❖ There is a maximum number of video feeds that are supported for a Meeting on mobile devices ❖ the setting (which can’t be changed) is 4 + you ❖ This can be further limited if bandwidth goes beyond the configured allowable amount
Media Using The Wrong Server ❖ Random media errors can be the result of the Conference Manager attempting to connect to the wrong Community Server ❖ If everything else appears started with no errors, verify the SystemOut.log of the Conference Manager for any errors relating to other servers ❖ If a server exists in the domain (Domino Directory) and has “Is This A Sametime Server?” field marked as “yes” it will be consumed by the servers in the SSC
Questions?

Recommended

Planning and Completing an IBM Connections Upgrade
Planning and Completing an IBM Connections UpgradePlanning and Completing an IBM Connections Upgrade
Planning and Completing an IBM Connections UpgradeGabriella Davis
 
Becoming A Connections Administrator
Becoming A Connections AdministratorBecoming A Connections Administrator
Becoming A Connections AdministratorGabriella Davis
 
1084: Planning and Completing an IBM Connections Upgrade
1084: Planning and Completing an IBM Connections Upgrade 1084: Planning and Completing an IBM Connections Upgrade
1084: Planning and Completing an IBM Connections UpgradeGabriella Davis
 
SmartCloud Administration Best Practices MWLUG 2016
SmartCloud Administration Best Practices MWLUG 2016SmartCloud Administration Best Practices MWLUG 2016
SmartCloud Administration Best Practices MWLUG 2016David Hablewitz
 
What We Wish We Had Known: Becoming an IBM Connections Administrator
What We Wish We Had Known: Becoming an IBM Connections AdministratorWhat We Wish We Had Known: Becoming an IBM Connections Administrator
What We Wish We Had Known: Becoming an IBM Connections AdministratorGabriella Davis
 
Taking IBM Sametime Mobile
Taking IBM Sametime MobileTaking IBM Sametime Mobile
Taking IBM Sametime MobileGabriella Davis
 
Traveler management, security and performance
Traveler management, security and performanceTraveler management, security and performance
Traveler management, security and performanceGabriella Davis
 
Planning & Completing An IBM Connections Upgrade
Planning & Completing An IBM Connections UpgradePlanning & Completing An IBM Connections Upgrade
Planning & Completing An IBM Connections UpgradeGabriella Davis
 

Recommended

Planning and Completing an IBM Connections Upgrade
Planning and Completing an IBM Connections UpgradePlanning and Completing an IBM Connections Upgrade
Planning and Completing an IBM Connections UpgradeGabriella Davis
 
Becoming A Connections Administrator
Becoming A Connections AdministratorBecoming A Connections Administrator
Becoming A Connections AdministratorGabriella Davis
 
1084: Planning and Completing an IBM Connections Upgrade
1084: Planning and Completing an IBM Connections Upgrade 1084: Planning and Completing an IBM Connections Upgrade
1084: Planning and Completing an IBM Connections UpgradeGabriella Davis
 
SmartCloud Administration Best Practices MWLUG 2016
SmartCloud Administration Best Practices MWLUG 2016SmartCloud Administration Best Practices MWLUG 2016
SmartCloud Administration Best Practices MWLUG 2016David Hablewitz
 
What We Wish We Had Known: Becoming an IBM Connections Administrator
What We Wish We Had Known: Becoming an IBM Connections AdministratorWhat We Wish We Had Known: Becoming an IBM Connections Administrator
What We Wish We Had Known: Becoming an IBM Connections AdministratorGabriella Davis
 
Taking IBM Sametime Mobile
Taking IBM Sametime MobileTaking IBM Sametime Mobile
Taking IBM Sametime MobileGabriella Davis
 
Traveler management, security and performance
Traveler management, security and performanceTraveler management, security and performance
Traveler management, security and performanceGabriella Davis
 
Planning & Completing An IBM Connections Upgrade
Planning & Completing An IBM Connections UpgradePlanning & Completing An IBM Connections Upgrade
Planning & Completing An IBM Connections UpgradeGabriella Davis
 
Upgrading to Sametime 9.0.1
Upgrading to Sametime 9.0.1Upgrading to Sametime 9.0.1
Upgrading to Sametime 9.0.1Gabriella Davis
 
Setting Up a Hybrid Domino Environment to Ease your Way to the Cloud
Setting Up a Hybrid Domino Environment to Ease your Way to the CloudSetting Up a Hybrid Domino Environment to Ease your Way to the Cloud
Setting Up a Hybrid Domino Environment to Ease your Way to the CloudGabriella Davis
 
Fixing Domino Server Sickness
Fixing Domino Server SicknessFixing Domino Server Sickness
Fixing Domino Server SicknessGabriella Davis
 
Working With Sametime For Mobile Devices
Working With Sametime For Mobile DevicesWorking With Sametime For Mobile Devices
Working With Sametime For Mobile DevicesGabriella Davis
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To DockerGabriella Davis
 
Inform2015 - What's New in Domino 9 & 9.0.1 for Admins
Inform2015 - What's New in Domino 9 & 9.0.1 for AdminsInform2015 - What's New in Domino 9 & 9.0.1 for Admins
Inform2015 - What's New in Domino 9 & 9.0.1 for AdminsJared Roberts
 
A Guide To Sametime 9.0.1 Audio & Video
A Guide To Sametime 9.0.1 Audio & VideoA Guide To Sametime 9.0.1 Audio & Video
A Guide To Sametime 9.0.1 Audio & VideoGabriella Davis
 
Practical solutions for connections administrators lite
Practical solutions for connections administrators litePractical solutions for connections administrators lite
Practical solutions for connections administrators liteSharon James
 
You don't want to do it like that
You don't want to do it like thatYou don't want to do it like that
You don't want to do it like thatSharon James
 
Connections install in 45 mins
Connections install in 45 minsConnections install in 45 mins
Connections install in 45 minsSharon James
 
IBM Traveler Management, Security and Performance
IBM Traveler Management, Security and PerformanceIBM Traveler Management, Security and Performance
IBM Traveler Management, Security and PerformanceGabriella Davis
 
Practical solutions for connections administrators
Practical solutions for connections administratorsPractical solutions for connections administrators
Practical solutions for connections administratorsSharon James
 
IAmLUG presentation: Domino Admin Best Practices - Hunting the Gremlins
IAmLUG presentation: Domino Admin Best Practices - Hunting the GremlinsIAmLUG presentation: Domino Admin Best Practices - Hunting the Gremlins
IAmLUG presentation: Domino Admin Best Practices - Hunting the GremlinsDavid Hablewitz
 
Sa106 – practical solutions for connections administrators
Sa106 – practical solutions for connections administratorsSa106 – practical solutions for connections administrators
Sa106 – practical solutions for connections administratorsSharon James
 
Rock Solid Sametime for High Availability
Rock Solid Sametime for High AvailabilityRock Solid Sametime for High Availability
Rock Solid Sametime for High AvailabilityGabriella Davis
 
Bp307 Practical Solutions for Connections Administrators, tips and scrips for...
Bp307 Practical Solutions for Connections Administrators, tips and scrips for...Bp307 Practical Solutions for Connections Administrators, tips and scrips for...
Bp307 Practical Solutions for Connections Administrators, tips and scrips for...Sharon James
 
Spnego configuration
Spnego configurationSpnego configuration
Spnego configurationGabriella Davis
 
HTTP - The Other Face Of Domino
HTTP - The Other Face Of DominoHTTP - The Other Face Of Domino
HTTP - The Other Face Of DominoGabriella Davis
 
IBM Connect 2016 - 60+ in 60 - Admin Tips Power Hour
IBM Connect 2016 - 60+ in 60 - Admin Tips Power HourIBM Connect 2016 - 60+ in 60 - Admin Tips Power Hour
IBM Connect 2016 - 60+ in 60 - Admin Tips Power HourChris Miller
 
What's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesWhat's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesGabriella Davis
 
SYN224: Best practices for migrating from Web Interface to StoreFront Services
SYN224: Best practices for migrating from Web Interface to StoreFront ServicesSYN224: Best practices for migrating from Web Interface to StoreFront Services
SYN224: Best practices for migrating from Web Interface to StoreFront ServicesCitrix
 
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...Concentrated Technology
 

More Related Content

What's hot

Upgrading to Sametime 9.0.1
Upgrading to Sametime 9.0.1Upgrading to Sametime 9.0.1
Upgrading to Sametime 9.0.1Gabriella Davis
 
Setting Up a Hybrid Domino Environment to Ease your Way to the Cloud
Setting Up a Hybrid Domino Environment to Ease your Way to the CloudSetting Up a Hybrid Domino Environment to Ease your Way to the Cloud
Setting Up a Hybrid Domino Environment to Ease your Way to the CloudGabriella Davis
 
Fixing Domino Server Sickness
Fixing Domino Server SicknessFixing Domino Server Sickness
Fixing Domino Server SicknessGabriella Davis
 
Working With Sametime For Mobile Devices
Working With Sametime For Mobile DevicesWorking With Sametime For Mobile Devices
Working With Sametime For Mobile DevicesGabriella Davis
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To DockerGabriella Davis
 
Inform2015 - What's New in Domino 9 & 9.0.1 for Admins
Inform2015 - What's New in Domino 9 & 9.0.1 for AdminsInform2015 - What's New in Domino 9 & 9.0.1 for Admins
Inform2015 - What's New in Domino 9 & 9.0.1 for AdminsJared Roberts
 
A Guide To Sametime 9.0.1 Audio & Video
A Guide To Sametime 9.0.1 Audio & VideoA Guide To Sametime 9.0.1 Audio & Video
A Guide To Sametime 9.0.1 Audio & VideoGabriella Davis
 
Practical solutions for connections administrators lite
Practical solutions for connections administrators litePractical solutions for connections administrators lite
Practical solutions for connections administrators liteSharon James
 
You don't want to do it like that
You don't want to do it like thatYou don't want to do it like that
You don't want to do it like thatSharon James
 
Connections install in 45 mins
Connections install in 45 minsConnections install in 45 mins
Connections install in 45 minsSharon James
 
IBM Traveler Management, Security and Performance
IBM Traveler Management, Security and PerformanceIBM Traveler Management, Security and Performance
IBM Traveler Management, Security and PerformanceGabriella Davis
 
Practical solutions for connections administrators
Practical solutions for connections administratorsPractical solutions for connections administrators
Practical solutions for connections administratorsSharon James
 
IAmLUG presentation: Domino Admin Best Practices - Hunting the Gremlins
IAmLUG presentation: Domino Admin Best Practices - Hunting the GremlinsIAmLUG presentation: Domino Admin Best Practices - Hunting the Gremlins
IAmLUG presentation: Domino Admin Best Practices - Hunting the GremlinsDavid Hablewitz
 
Sa106 – practical solutions for connections administrators
Sa106 – practical solutions for connections administratorsSa106 – practical solutions for connections administrators
Sa106 – practical solutions for connections administratorsSharon James
 
Rock Solid Sametime for High Availability
Rock Solid Sametime for High AvailabilityRock Solid Sametime for High Availability
Rock Solid Sametime for High AvailabilityGabriella Davis
 
Bp307 Practical Solutions for Connections Administrators, tips and scrips for...
Bp307 Practical Solutions for Connections Administrators, tips and scrips for...Bp307 Practical Solutions for Connections Administrators, tips and scrips for...
Bp307 Practical Solutions for Connections Administrators, tips and scrips for...Sharon James
 
HTTP - The Other Face Of Domino
HTTP - The Other Face Of DominoHTTP - The Other Face Of Domino
HTTP - The Other Face Of DominoGabriella Davis
 
IBM Connect 2016 - 60+ in 60 - Admin Tips Power Hour
IBM Connect 2016 - 60+ in 60 - Admin Tips Power HourIBM Connect 2016 - 60+ in 60 - Admin Tips Power Hour
IBM Connect 2016 - 60+ in 60 - Admin Tips Power HourChris Miller
 
What's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesWhat's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesGabriella Davis
 

What's hot (20)

Upgrading to Sametime 9.0.1
Upgrading to Sametime 9.0.1Upgrading to Sametime 9.0.1
Upgrading to Sametime 9.0.1
 
Setting Up a Hybrid Domino Environment to Ease your Way to the Cloud
Setting Up a Hybrid Domino Environment to Ease your Way to the CloudSetting Up a Hybrid Domino Environment to Ease your Way to the Cloud
Setting Up a Hybrid Domino Environment to Ease your Way to the Cloud
 
Fixing Domino Server Sickness
Fixing Domino Server SicknessFixing Domino Server Sickness
Fixing Domino Server Sickness
 
Working With Sametime For Mobile Devices
Working With Sametime For Mobile DevicesWorking With Sametime For Mobile Devices
Working With Sametime For Mobile Devices
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To Docker
 
Inform2015 - What's New in Domino 9 & 9.0.1 for Admins
Inform2015 - What's New in Domino 9 & 9.0.1 for AdminsInform2015 - What's New in Domino 9 & 9.0.1 for Admins
Inform2015 - What's New in Domino 9 & 9.0.1 for Admins
 
A Guide To Sametime 9.0.1 Audio & Video
A Guide To Sametime 9.0.1 Audio & VideoA Guide To Sametime 9.0.1 Audio & Video
A Guide To Sametime 9.0.1 Audio & Video
 
Practical solutions for connections administrators lite
Practical solutions for connections administrators litePractical solutions for connections administrators lite
Practical solutions for connections administrators lite
 
You don't want to do it like that
You don't want to do it like thatYou don't want to do it like that
You don't want to do it like that
 
Connections install in 45 mins
Connections install in 45 minsConnections install in 45 mins
Connections install in 45 mins
 
IBM Traveler Management, Security and Performance
IBM Traveler Management, Security and PerformanceIBM Traveler Management, Security and Performance
IBM Traveler Management, Security and Performance
 
Practical solutions for connections administrators
Practical solutions for connections administratorsPractical solutions for connections administrators
Practical solutions for connections administrators
 
IAmLUG presentation: Domino Admin Best Practices - Hunting the Gremlins
IAmLUG presentation: Domino Admin Best Practices - Hunting the GremlinsIAmLUG presentation: Domino Admin Best Practices - Hunting the Gremlins
IAmLUG presentation: Domino Admin Best Practices - Hunting the Gremlins
 
Sa106 – practical solutions for connections administrators
Sa106 – practical solutions for connections administratorsSa106 – practical solutions for connections administrators
Sa106 – practical solutions for connections administrators
 
Rock Solid Sametime for High Availability
Rock Solid Sametime for High AvailabilityRock Solid Sametime for High Availability
Rock Solid Sametime for High Availability
 
Bp307 Practical Solutions for Connections Administrators, tips and scrips for...
Bp307 Practical Solutions for Connections Administrators, tips and scrips for...Bp307 Practical Solutions for Connections Administrators, tips and scrips for...
Bp307 Practical Solutions for Connections Administrators, tips and scrips for...
 
Spnego configuration
Spnego configurationSpnego configuration
Spnego configuration
 
HTTP - The Other Face Of Domino
HTTP - The Other Face Of DominoHTTP - The Other Face Of Domino
HTTP - The Other Face Of Domino
 
IBM Connect 2016 - 60+ in 60 - Admin Tips Power Hour
IBM Connect 2016 - 60+ in 60 - Admin Tips Power HourIBM Connect 2016 - 60+ in 60 - Admin Tips Power Hour
IBM Connect 2016 - 60+ in 60 - Admin Tips Power Hour
 
What's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesWhat's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-Premises
 

Similar to The Sametime Mobile Experience

SYN224: Best practices for migrating from Web Interface to StoreFront Services
SYN224: Best practices for migrating from Web Interface to StoreFront ServicesSYN224: Best practices for migrating from Web Interface to StoreFront Services
SYN224: Best practices for migrating from Web Interface to StoreFront ServicesCitrix
 
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...Concentrated Technology
 
Web375 course project web architecture plan for the de vry daily tribune new...
Web375 course project web architecture plan for the de vry daily tribune new...Web375 course project web architecture plan for the de vry daily tribune new...
Web375 course project web architecture plan for the de vry daily tribune new...bestwriter
 
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdfLearn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdfReliqusConsulting
 
Mobile frame getting started guide v5 0
Mobile frame getting started guide v5 0Mobile frame getting started guide v5 0
Mobile frame getting started guide v5 0MobileWorxs
 
15 Vmware interview questions & answers 2018
15 Vmware interview questions & answers 201815 Vmware interview questions & answers 2018
15 Vmware interview questions & answers 2018Mercury Solutions
 
Mobile crm installation & configuration details
Mobile crm installation & configuration detailsMobile crm installation & configuration details
Mobile crm installation & configuration detailsArbind Tiwari
 
Us sbsc aurora presentation
Us sbsc aurora presentationUs sbsc aurora presentation
Us sbsc aurora presentationRick Bahl
 
DirectShare Quick Start Setup Guide
DirectShare Quick Start Setup GuideDirectShare Quick Start Setup Guide
DirectShare Quick Start Setup GuideChristian Petrou
 
Virtualization auditing & security deck v1.0
Virtualization auditing & security deck v1.0Virtualization auditing & security deck v1.0
Virtualization auditing & security deck v1.0Concentrated Technology
 
Serverless: The future of application delivery
Serverless: The future of application deliveryServerless: The future of application delivery
Serverless: The future of application deliveryDoug Vanderweide
 
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and Uses
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and UsesVDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and Uses
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and UsesConcentrated Technology
 
JAX 2014 - The PaaS to a better IT architecture.
JAX 2014 - The PaaS to a better IT architecture.JAX 2014 - The PaaS to a better IT architecture.
JAX 2014 - The PaaS to a better IT architecture.Sebastian Faulhaber
 
PACLUG sametime presentation
PACLUG sametime presentationPACLUG sametime presentation
PACLUG sametime presentationamhiggins
 
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29MysoreMuleSoftMeetup
 

Similar to The Sametime Mobile Experience (20)

SYN224: Best practices for migrating from Web Interface to StoreFront Services
SYN224: Best practices for migrating from Web Interface to StoreFront ServicesSYN224: Best practices for migrating from Web Interface to StoreFront Services
SYN224: Best practices for migrating from Web Interface to StoreFront Services
 
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...
WinConnections Spring, 2011 - How to Securely Connect Remote Desktop Services...
 
Web375 course project web architecture plan for the de vry daily tribune new...
Web375 course project web architecture plan for the de vry daily tribune new...Web375 course project web architecture plan for the de vry daily tribune new...
Web375 course project web architecture plan for the de vry daily tribune new...
 
Vdi in-a-box
Vdi in-a-boxVdi in-a-box
Vdi in-a-box
 
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdfLearn to Add an SSL Certificate Boost Your Site's Security.pdf
Learn to Add an SSL Certificate Boost Your Site's Security.pdf
 
Mobile frame getting started guide v5 0
Mobile frame getting started guide v5 0Mobile frame getting started guide v5 0
Mobile frame getting started guide v5 0
 
15 Vmware interview questions & answers 2018
15 Vmware interview questions & answers 201815 Vmware interview questions & answers 2018
15 Vmware interview questions & answers 2018
 
VDI Cost benefit analysis
VDI Cost benefit analysisVDI Cost benefit analysis
VDI Cost benefit analysis
 
Mobile crm installation & configuration details
Mobile crm installation & configuration detailsMobile crm installation & configuration details
Mobile crm installation & configuration details
 
Us sbsc aurora presentation
Us sbsc aurora presentationUs sbsc aurora presentation
Us sbsc aurora presentation
 
Resume
ResumeResume
Resume
 
DirectShare Quick Start Setup Guide
DirectShare Quick Start Setup GuideDirectShare Quick Start Setup Guide
DirectShare Quick Start Setup Guide
 
Virtualization auditing & security deck v1.0
Virtualization auditing & security deck v1.0Virtualization auditing & security deck v1.0
Virtualization auditing & security deck v1.0
 
Prerequisites
PrerequisitesPrerequisites
Prerequisites
 
Serverless: The future of application delivery
Serverless: The future of application deliveryServerless: The future of application delivery
Serverless: The future of application delivery
 
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and Uses
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and UsesVDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and Uses
VDI-in-a-Box: Microsoft Desktop Virtualization for Smaller Businesses and Uses
 
JAX 2014 - The PaaS to a better IT architecture.
JAX 2014 - The PaaS to a better IT architecture.JAX 2014 - The PaaS to a better IT architecture.
JAX 2014 - The PaaS to a better IT architecture.
 
10052016115136.pptx
10052016115136.pptx10052016115136.pptx
10052016115136.pptx
 
PACLUG sametime presentation
PACLUG sametime presentationPACLUG sametime presentation
PACLUG sametime presentation
 
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
 

More from Gabriella Davis

Engage2022 - Domino Admin Tips
Engage2022 - Domino Admin TipsEngage2022 - Domino Admin Tips
Engage2022 - Domino Admin TipsGabriella Davis
 
. Design Decisions: Developing for Mobile - The Template Experience Project
. Design Decisions: Developing for Mobile - The Template Experience Project. Design Decisions: Developing for Mobile - The Template Experience Project
. Design Decisions: Developing for Mobile - The Template Experience ProjectGabriella Davis
 
Domino Server Health - Monitoring and Managing
Domino Server Health - Monitoring and Managing Domino Server Health - Monitoring and Managing
Domino Server Health - Monitoring and ManagingGabriella Davis
 
Face Off Domino vs Exchange On Premises
Face Off Domino vs Exchange On PremisesFace Off Domino vs Exchange On Premises
Face Off Domino vs Exchange On PremisesGabriella Davis
 
Adminlicious - A Guide To TCO Features In Domino v10
Adminlicious - A Guide To TCO Features In Domino v10Adminlicious - A Guide To TCO Features In Domino v10
Adminlicious - A Guide To TCO Features In Domino v10Gabriella Davis
 
An Introduction to Configuring Domino for Docker
An Introduction to Configuring Domino for DockerAn Introduction to Configuring Domino for Docker
An Introduction to Configuring Domino for DockerGabriella Davis
 
An Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsAn Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsGabriella Davis
 
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...Gabriella Davis
 
An introduction to configuring Domino for Docker
An introduction to configuring Domino for DockerAn introduction to configuring Domino for Docker
An introduction to configuring Domino for DockerGabriella Davis
 
How To Approach GDPR Preparation & Discovery
How To Approach GDPR Preparation & DiscoveryHow To Approach GDPR Preparation & Discovery
How To Approach GDPR Preparation & DiscoveryGabriella Davis
 
An Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsAn Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsGabriella Davis
 
A Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration SolutionsA Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration SolutionsGabriella Davis
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To DockerGabriella Davis
 
Embracing iot in the enterprise
Embracing iot in the enterpriseEmbracing iot in the enterprise
Embracing iot in the enterpriseGabriella Davis
 
Benefits and Risks of a Single Identity - IBM Connect 2017
Benefits and Risks of a Single Identity - IBM Connect 2017Benefits and Risks of a Single Identity - IBM Connect 2017
Benefits and Risks of a Single Identity - IBM Connect 2017Gabriella Davis
 
Domino in the Back, Party In The Front
Domino in the Back, Party In The FrontDomino in the Back, Party In The Front
Domino in the Back, Party In The FrontGabriella Davis
 

More from Gabriella Davis (20)

Engage2022 - Domino Admin Tips
Engage2022 - Domino Admin TipsEngage2022 - Domino Admin Tips
Engage2022 - Domino Admin Tips
 
. Design Decisions: Developing for Mobile - The Template Experience Project
. Design Decisions: Developing for Mobile - The Template Experience Project. Design Decisions: Developing for Mobile - The Template Experience Project
. Design Decisions: Developing for Mobile - The Template Experience Project
 
Domino Server Health - Monitoring and Managing
Domino Server Health - Monitoring and Managing Domino Server Health - Monitoring and Managing
Domino Server Health - Monitoring and Managing
 
Face Off Domino vs Exchange On Premises
Face Off Domino vs Exchange On PremisesFace Off Domino vs Exchange On Premises
Face Off Domino vs Exchange On Premises
 
60 Admin Tips
60 Admin Tips60 Admin Tips
60 Admin Tips
 
Adminlicious - A Guide To TCO Features In Domino v10
Adminlicious - A Guide To TCO Features In Domino v10Adminlicious - A Guide To TCO Features In Domino v10
Adminlicious - A Guide To TCO Features In Domino v10
 
An Introduction to Configuring Domino for Docker
An Introduction to Configuring Domino for DockerAn Introduction to Configuring Domino for Docker
An Introduction to Configuring Domino for Docker
 
An Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsAn Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation Requirements
 
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...
 
An introduction to configuring Domino for Docker
An introduction to configuring Domino for DockerAn introduction to configuring Domino for Docker
An introduction to configuring Domino for Docker
 
How To Approach GDPR Preparation & Discovery
How To Approach GDPR Preparation & DiscoveryHow To Approach GDPR Preparation & Discovery
How To Approach GDPR Preparation & Discovery
 
An Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsAn Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation Requirements
 
Brand Yourself
Brand YourselfBrand Yourself
Brand Yourself
 
Home Working
Home WorkingHome Working
Home Working
 
A Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration SolutionsA Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration Solutions
 
The Imposter Syndrome
The Imposter SyndromeThe Imposter Syndrome
The Imposter Syndrome
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To Docker
 
Embracing iot in the enterprise
Embracing iot in the enterpriseEmbracing iot in the enterprise
Embracing iot in the enterprise
 
Benefits and Risks of a Single Identity - IBM Connect 2017
Benefits and Risks of a Single Identity - IBM Connect 2017Benefits and Risks of a Single Identity - IBM Connect 2017
Benefits and Risks of a Single Identity - IBM Connect 2017
 
Domino in the Back, Party In The Front
Domino in the Back, Party In The FrontDomino in the Back, Party In The Front
Domino in the Back, Party In The Front
 

The Sametime Mobile Experience

  • 1. Deploying Instant Messaging For Mobile Devices Gabriella Davis Technical Director The Turtle Partnership gabriella@turtlepartnership.com
  • 4. DB2 ❖ Licensed as part of Sametime Communicate or Complete ❖ Used to store data for the Apple push notification activity ❖ If you aren’t using iOS devices then the DB2 database for STProxy isn’t being used ❖ In default mode when coming out of the IM or Meeting application on iOS it is remains backgrounded and you remain logged in and available to other users ❖ Backgrounding can be disabled as a server setting
  • 5. Sametime System Console ❖ The SSC is used to manage all the Sametime components ❖ It must be aware of all servers in order to integrate their services ❖ It also manages all policies ❖ A Sametime Proxy server doesn’t have to be installed as part of the SSC Cell
  • 6. Domino ❖ Sametime 9.0.1 still requires Domino and is still a 32bit application ❖ You must first install Domino before you can install the 32bit Community Server using it
  • 7. Community Server ❖ Installs on top of Domino ❖ Is a subtask of the HTTP server ❖ load staddin ❖ Create a deployment plan in the SSC and install using that so it’s federated ❖ All the other servers need to know about it ❖ Using Domino’s proprietary directory standard is no longer supported for any components, you must use LDAP ❖ Using Domino as LDAP is supported
  • 8. Sametime Proxy Server ❖ The Sametime Proxy server is a HTTP proxy which connects to the Sametime Community Server ❖ By default it will attempt to consume any server in the domain ❖ Any server document with “Is Sametime Server” set to “yes” ❖ The Sametime Proxy server is used by ❖ Web clients ❖ Web meetings ❖ Mobile applications ❖ Awareness in applications ❖ Connections integration
  • 9. Sametime System Console Deployment Plan Sametime Server Server Configuration Server Policies DB2 SSC Policies (STSC) STProxy for iOS push Sametime Proxy Server Web Proxy Sametime Community Server Client Mobile Request Request access for chat or meetings over port 443 Request is passed to the Community server for validation LDAP Server Community server authenticates credentials Policies are applied Policies are read Mobile Access Architecture
  • 10. Client Mobile Request InternalMobile DMZ DB2 SSC Policies (STSC) STProxy for iOS push Sametime System Console Deployment Plan Sametime Server Server Configuration Server Policies LDAP Server Sametime Community Server Sametime Proxy Server Request is passed to the Community server for validation Community server authenticates credentials 443 1516 Mobile Access and Security
  • 12. Create A Proxy Database ❖ Create a DB2 database to be used by iOS applications ❖ createProxyDb STPROXY db2admin script to create the database database schema
  • 13. It can take a few minutes to run but when complete you should see this message
  • 14. Add It To The SSC db2 server hostname & port Newly created db name stdb.turtlehost.net
  • 15. Create A Deployment Plan Only visible to administrators not users
  • 16. Create A Deployment Plan Each cluster can only have one primary node Each cell can only have one cluster of each server type
  • 17. Adding A Primary Node To The SSC Add the new node to the existing Cell (the System Console)
  • 18. Create A Deployment Plan One option is to install additional Sametime Proxy Servers in their own cells
  • 19. Hostname for the install WebSphere credentials for the install. If the server is federated into an existing cell these are removed
  • 20.
  • 22. Verifying SSC-Proxy host and credentials the SSC uses to open the proxy server
  • 23. If this page opens successfully you have confirmed the routing from SSC to Proxy
  • 24. Installing Standalone ❖ The Sametime Proxy server can only be federated into the SSC as a single cluster ❖ When WAS servers are clustered horizontally with a primary and several secondary nodes , they are all considered “equal” ❖ Horizontal clusters are not suitable if you want to manage access by location
  • 25. Virtual Hosts ❖ Create a specific virtual host for all the hostname:port combinations your Sametime Proxy Server will use ❖ These should be unique within your cell as they tell WebSphere how to route traffic to the application ❖ avoid using wildcard hostnames application ports
  • 26. Mapping Virtual Hosts ❖ Once our virtual host is created we need to map the modules associated with the application to use it instead of “default_host”
  • 27. Proxy Server Configuration how a web meeting is started. Servers should share a LtpaToken specific community clusters by name to use or specific community servers
  • 28. Mobile Configuration server -wide settings to determine client behaviour
  • 31. Meeting Server Configuration ❖ There are additional settings that can be force users to upgrade their mobile clients if they are using versions older than X ❖ That’s a very specific, and potentially painful, admin use case ❖ mobile.Android.currentVersion / mobile.Android.minVersion ❖ mobile.iOS.currentVersion / mobile.iOS.minVersion
  • 32. Clustering ❖ Each cluster must be managed by a deployment manager ❖ That deployment manager can be, but does not have to be, the SSC ❖ There can be only one primary node in a cluster ❖ Deployment plans can only be created for one cluster of Sametime Proxy Servers ❖ but a different cluster can be added manually ❖ Servers in the same cluster are considered the same for serving user requests and users could be directed to any available member
  • 34. Reverse Proxies ❖ A reverse or authenticating proxy can provide secure access through a DMZ to your meeting servers ❖ For larger deployments you may want to keep the Sametime Proxy and Meeting Servers on the internal network and use a reverse proxy in the DMZ ❖ These proxies will authenticate with the LDAP servers directly before passing the authorisation through to the application servers
  • 35. Deploying A SSL Certificate ❖ Never deploy to mobile clients without SSL ❖ A trusted SSL certificate is particularly important when deploying mobile clients ❖ Both the Chat and Meeting applications allow users to accept untrusted SSL certificates ❖ You can turn that off in the server configuration ❖ Replace the installed internal SSL certificate with one you have purchased
  • 36. Adding A New SSL Certificate ❖ Under Security - SSL Certificates and Key Management ❖ We want to import the trusted roots of the CA into the Trust Store ❖ In this example GoDaddy suppled a CRT bundle that I simply “Added”
  • 37. Adding A New SSL Certificate ❖ I then had the IBM signer created during install and the GoDaddy signer that will be used to create my certificate
  • 38. Creating A CSR ❖ The simplest method of getting a certificate into WebSphere is to create the CSR there ❖ Then you can simple “receive” the new certificate into the DefaultKeyStore BEWARE!!
  • 39. Adding A Personal Certificate ❖ If you can’t do that, then a P12 works well ❖ You must have the private key component of the certificate you want to add
  • 40. Replacing The Default Certificate ❖ In my environment I have purchased a wildcard turtlehost.net certificate I want each server to use ❖ Rather than individually change each server, I can replace the default certificate with my new wildcard once it’s imported ❖ Select the “default” certificate and choose “Replace”
  • 41. Or..Apply To EndPoints ❖ If I want to apply different certificates to different servers I can do this by mapping the server endpoints to each one
  • 42. You MUST map both the inbound and outbound endpoints , sync and restart the servers
  • 43. Beware! 4096 Certificates ❖ WebSphere Application Server does not support 4096 certificates out of the box ❖ Previously if you attempted to add one you would get an error “RSA Premaster Secret” and it would refuse to add ❖ Now you don’t get the error, it does add ❖ It just doesn’t work ❖ There’s an easy fix
  • 44. Unrestricted Java Policy Files ❖ Downloaded the unrestricted java policy files from IBM Fix Central ❖ There are two files local_policy.jar and US_export_policy.jar that overwrite those in ❖ <websphere install directory>/java/jre/lib/security ❖ Shutdown your servers ❖ Replace the files ❖ Start the servers ❖ Not doing this and deploying 4096 certificates will lead to ❖ servers being unable to talk to each other ❖ you being unable to stop your servers cleanly ❖ audio and video not working
  • 46. Meeting Policies ❖ There are no specific policy settings for mobile users in Meeting Rooms ❖ Mobile specific settings are in the Meeting server configuration itself as they apply to all users ❖ Meeting policies apply to a user whether they are on a mobile device or not
  • 47. Media Policies ❖ The line rate will affect how much video data is broadcast to the mobile client
  • 49. Apple Push Notification Service ❖ To enable push notifications for iOS devices you must allow traffic outbound ❖ gateway.push.apple.com 2195 ❖ feedback.push.apple.com 2196 ❖ find the file apns-prod.pkcs12 which is on the Proxy server node ❖ <websphere profile>/config/cells/cellName/nodes/ stproxyPNNodename/apns-prod.pkcs12 ❖ Copy it to the Node directory for any Sametime Proxy server under the Deployment manager e.g. ❖ /STSCDMgrProfile/config/cells/balticcell/nodes/stproxynodename ❖ Always check fix central for an updated version of this certificate which needs to be deployed
  • 50. Google Cloud Messaging ❖ Used for Sametime notifications on Android devices ❖ Use “Retrieve from port” in the Trust Store to bring the Google certificate into your deployment manager
  • 54. Tablet Contact list audio & video if you are both able Recent audio and video calls
  • 55. iOS Meetings Phone - add files Phone
  • 56. Tablet Screen sharing with pointer activity Conference dial in
  • 58. Creating A Meeting ❖ Shared files are commonly URLs or Photos ❖ The mobile application can’t access the mobile file system
  • 60. Video Meeting on the iPad click to call via phone (not my number :-))
  • 61. Pre-Configuring Clients ❖ Create a custom URL for users that will provision their mobile chat client ❖ sametime://@stproxy.turtlehost.net:443/? AddCommunity&ssl=true ❖ creates a new community for the server stproxy.turtlehost.net using the secure 443 port and prompts the user for their name ❖ Other optional parameters include ❖ savePassword (true/false) ❖ communityName (if you want to give it a specific name)
  • 62. Sharing Meeting Server Configuration Sharing options also available on Android devices
  • 64. Trusted IPs Long time bug. When WAS writes the Trusted IPs as a string rather than a list Until this is fixed by saving the document in stconfig.nsf nothing will work
  • 65. Trusted IPs ❖ This has been a recurring problem since 8.5.2 ❖ With this bug if you change the Trusted IPs in WebSphere the next time the Community server is restarted, they will be broken ❖ On 9.0.1 I’ve also seen an error where a single trusted ip is listed with a “.” at the end, causing it to fail
  • 66. Routing To The Correct Server ❖ Regardless which Community server you configure the Sametime Proxy server to use in its deployment plan ❖ It can and will connect to any server in the Domino domain configured as a “Sametime” server ❖ Edit the Sametime Proxy configuration to force routing to a specific server, servers or cluster ❖ Check the SystemOut.log on the Sametime Proxy server to determine which server it is trying to connect to ❖ Check the sametimexxx.log in the DominoTrace directory to verify if connections are being refused and why
  • 67. This is left empty on install so by default all domain Sametime servers can be consumed
  • 68. Re-Mapped Virtual Host ❖ During fix updates or patches it’s common for the Virtual Hosts of each application to be reset to “default_host” instead of the specific one we created ❖ If you get an error 500 or “SRVE0255E: A WebGroup/ Virtual Host to handle /mapping has not been defined” these are commonly associated with an incorrect virtual host
  • 69. Bandwidth ❖ The largest consumption of resource for a Sametime Proxy Server is the network ❖ If the server is virtualised, make sure the network card assigned isn’t shared ❖ Monitor the network traffic to the server ❖ Audio and Video streams on mobile services are sent via the Sometime Proxy server which was probably not designed for media traffic
  • 70. Mobile Bandwidth ❖ There is a maximum number of video feeds that are supported for a Meeting on mobile devices ❖ the setting (which can’t be changed) is 4 + you ❖ This can be further limited if bandwidth goes beyond the configured allowable amount
  • 71. Media Using The Wrong Server ❖ Random media errors can be the result of the Conference Manager attempting to connect to the wrong Community Server ❖ If everything else appears started with no errors, verify the SystemOut.log of the Conference Manager for any errors relating to other servers ❖ If a server exists in the domain (Domino Directory) and has “Is This A Sametime Server?” field marked as “yes” it will be consumed by the servers in the SSC