Random thoughts from an unusual company

More Lessons From Sametime 8.5 Deployments And One Big Old BUG

Gabriella Davis  18 February 2010 22:04:19
As everyone knows by now, Sametime 8.5 shipped at the end of December and since then I've been doing a lot of installs, both for my own training purposes and for customers.  In my previous blog entry the day after Sametime shipped I gave some advice based on my experience with the Beta program but now I'm deep into production installs there's a few more things you need to know
  • You can go ahead and install the Community server on Domino 8.5.1 as IBM announced on January 28th that technical support will cover that option
  • If you install the Community Server on Domino now and want to install the other components later on Websphere you'll need to set up the Sametime System Console (SSC) and re-install the Community Server as part of that process.  Don't worry though, it will allow you to install the Community Server files again on top of your existing install without changing your configuration, you just have to create a deployment plan in the SSC first
  • If you're going to use the SSC you'll need to download Sametime Standard not Sametime Entry. The Sametime Entry install files don't prompt you to use the SSC during install.  This is the screenshot you should see during install.  You'll notice there's an option for "No" which reverts you to the old school Sametime install options
Image:More Lessons From Sametime 8.5 Deployments And One Big Old BUG
  • BUG: If you jumped onto the IBM site and downloaded the Linux install files prior to this week, you'll need to go back and get them again.  The DB2 install on partnerwold gave two download options DB2 V9.5 and DB2 V9.5 FP1, unfortunately neither of them had the files needed to run the install as per the documentation.  That was fixed this week and if you download DB2 V9.5 FP1 only and extract it you'll see it creates a directory called SametimeDB2 within which is the launchpad.sh file you need to run
  • There is a known bug if you are using Domino as your LDAP server which will result in your Meeting Server appearing to work immediately after the install (allowing you access to create meetings from the browser or via the rich client) but then breaking sometime later (YMMV but so far we've seen and had reports of anything from a day to a week after install).  The problem is that in setting up LDAP under the SSC you are asked for a base dn but this is optional, if you don't set it (which we don't usually when using Domino for LDAP as so many names in directories aren't hierarchical) IBM sets a default of c=US when it federates the LDAP directory into WAS.  This is fairly common behaviour for Lotus products and usually they just allow any records that don't have a "C=" setting at all.  Unfortunately the Meeting Server will decide sometime after install that it doesn't like any user who doesn't have C=US in their hierarchy and start denying access.

    There's no hotfix yet I don't believe but there is a 'fix' you can do easily (although it still requires all users to be hierarchical). Ready?
1.        Access the Meeting Server console which is on https://:8501/ibm/console (dont' use the SSC console which is on the same URL but port 8701)
2.        Choose Security then Global Security from the menu
Image:More Lessons From Sametime 8.5 Deployments And One Big Old BUG
3.        Choose "Configure" next to Federated Repositories at the bottom of the right hand pane
Image:More Lessons From Sametime 8.5 Deployments And One Big Old BUG
4.        Click on C=US at the bottom of your new right hand pane
Image:More Lessons From Sametime 8.5 Deployments And One Big Old BUG
5.        Now enter your base dn (essentially your Organisation within Domino - mine being "Turtle").  Make sure you enter it in both fields
Image:More Lessons From Sametime 8.5 Deployments And One Big Old BUG
6.        Apply the change and Save back to the Master Repository
7.        Restart the Meeting Server components (node agent, STMeetingServer and STMeetingHttpProxy)
  • Once you install the Media Server you will notice there are some quirks and limitations.  The options on your client preferences page for Audio and Video are only available if your client can reach the Media Server over the network.  This means if your Media Server is behind a NAT address, you won't get the options.  IBM also don't support you using a VM for your client (which is a shame for those of us on a Mac), that's not to say it won't work just that IBM won't help you if it doens't.  Finally we have seen several issues with VPNs refusing to work with the Media Server.  
  • If you don't have a camera or mic on your PC then you won't have the Audio / Video options available under your client preferences so you can't create a meeting that uses A/V

So those are the biggees so far that I can talk about, there are a couple more things I'd like to work through with IBM before bringing them to you but on Windows at least with the above in mind the install should be fairly painless for you.  Good luck!
Comments

1Sjaak Ursinus  20/02/2010 23:04:46  More Lessons From Sametime 8.5 Deployments And One Big Old BUG

Gabrielle ... thanks for sharing

I have some questions though, I tried to build a demo environment on windows and the DB2 9.5 FP1 installation files (the one which is packeged together wih the IBM installation manager) doesn't seem to work also. Installed on 3 seperetae freshly installed windows hosts and all gave the same error.

Then I did go for the normall (manual) install of DB2 9.5 and I got System Console finally installed also. Then I wanted to install the community server (The Domino server where Communtiy is going to run on is also my LDAP server) I couldn't get Community server installed. The installer was telling me that it couldn't login to the SystemConsole. So This is where I stranded so far. Do you have any insight on this ?

2Gabriella Davis  21/02/2010 20:09:07  More Lessons From Sametime 8.5 Deployments And One Big Old BUG

@1 sounds like you have some pretty core problems with the install on Windows which doesn't match my experience. You don't say what error you got from the DB2 install originally and also whether you are checking the status of the started servers. If you want to contact me online (via LotusLive or email) i'll check a few things through with you

Gab

3Pernille Herold  26/02/2010 19:42:10  More Lessons From Sametime 8.5 Deployments And One Big Old BUG

Well, I got everything up and running in first try. But I also had to install the DB2 manuel, else the rest was working like documented.

But I was setting up a seperated test inviroment. I have hard from others that have tried to upgrade, that there was prolems, especially about the body list as you had to change your Sametime community server to LDAP as the same time. But I am not sure how they did it. But if someone have some tricks about upgrading the production community to LDAP and 8.5 I would like to hear about it.

4Gabriella Davis  02/03/2010 13:44:06  More Lessons From Sametime 8.5 Deployments And One Big Old BUG

@Pernille - yes you do have to use LDAP for the Community Server on 8.5 if you are planning to use the other components (if you are only ever going to do IM you can stay with Domino Directory). The key to converting to LDAP is that after you have modified the configuration you have to run the buddy list conversion tool to change all the storage data in vpuserinfo from Domino format to LDAP format - that may be the step some people are missing?