More Lessons From Sametime 8.5 Deployments And One Big Old BUG

Gabriella Davis  February 18 2010 10:04:19 PM

As everyone knows by now, Sametime 8.5 shipped at the end of December and since then I've been doing a lot of installs, both for my own training purposes and for customers.  In my previous blog entry the day after Sametime shipped I gave some advice based on my experience with the Beta program but now I'm deep into production installs there's a few more things you need to know

• You can go ahead and install the Community server on Domino 8.5.1 as IBM announced on January 28th that technical support will cover that option
• If you install the Community Server on Domino now and want to install the other components later on Websphere you'll need to set up the Sametime System Console (SSC) and re-install the Community Server as part of that process.  Don't worry though, it will allow you to install the Community Server files again on top of your existing install without changing your configuration, you just have to create a deployment plan in the SSC first
• If you're going to use the SSC you'll need to download Sametime Standard not Sametime Entry. The Sametime Entry install files don't prompt you to use the SSC during install.  This is the screenshot you should see during install.  You'll notice there's an option for "No" which reverts you to the old school Sametime install options
  

• BUG: If you jumped onto the IBM site and downloaded the Linux install files prior to this week, you'll need to go back and get them again.  The DB2 install on partnerwold gave two download options DB2 V9.5 and DB2 V9.5 FP1, unfortunately neither of them had the files needed to run the install as per the documentation.  That was fixed this week and if you download DB2 V9.5 FP1 only and extract it you'll see it creates a directory called SametimeDB2 within which is the launchpad.sh file you need to run
• There is a known bug if you are using Domino as your LDAP server which will result in your Meeting Server appearing to work immediately after the install (allowing you access to create meetings from the browser or via the rich client) but then breaking sometime later (YMMV but so far we've seen and had reports of anything from a day to a week after install).  The problem is that in setting up LDAP under the SSC you are asked for a base dn but this is optional, if you don't set it (which we don't usually when using Domino for LDAP as so many names in directories aren't hierarchical) IBM sets a default of c=US when it federates the LDAP directory into WAS.  This is fairly common behaviour for Lotus products and usually they just allow any records that don't have a "C=" setting at all.  Unfortunately the Meeting Server will decide sometime after install that it doesn't like any user who doesn't have C=US in their hierarchy and start denying access.
  
  There's no hotfix yet I don't believe but there is a 'fix' you can do easily (although it still requires all users to be hierarchical). Ready?

1.        Access the Meeting Server console which is on https://:8501/ibm/console (dont' use the SSC console which is on the same URL but port 8701)
2.        Choose Security then Global Security from the menu

3.        Choose "Configure" next to Federated Repositories at the bottom of the right hand pane

4.        Click on C=US at the bottom of your new right hand pane

5.        Now enter your base dn (essentially your Organisation within Domino - mine being "Turtle").  Make sure you enter it in both fields

6.        Apply the change and Save back to the Master Repository
7.        Restart the Meeting Server components (node agent, STMeetingServer and STMeetingHttpProxy)

• Once you install the Media Server you will notice there are some quirks and limitations.  The options on your client preferences page for Audio and Video are only available if your client can reach the Media Server over the network.  This means if your Media Server is behind a NAT address, you won't get the options.  IBM also don't support you using a VM for your client (which is a shame for those of us on a Mac), that's not to say it won't work just that IBM won't help you if it doens't.  Finally we have seen several issues with VPNs refusing to work with the Media Server.  
• If you don't have a camera or mic on your PC then you won't have the Audio / Video options available under your client preferences so you can't create a meeting that uses A/V

So those are the biggees so far that I can talk about, there are a couple more things I'd like to work through with IBM before bringing them to you but on Windows at least with the above in mind the install should be fairly painless for you.  Good luck!

• Comments [4]