BP501 - Building and deploying custom IBM sametime connect client installations - IBM Connect 2014
Download as PPT, PDF2 likes21,515 views
El documento describe el proceso de instalación y personalización del cliente IBM Sametime Connect, abarcando la extensión de instalaciones predeterminadas con paquetes de corrección y aplicaciones de terceros. Se detallan pasos específicos para la gestión de configuraciones post-instalación y la personalización mediante archivos como managed-settings.xml y plugin_customization.ini. Además, el documento ofrece ejemplos de configuraciones, instrucciones sobre cómo firmar archivos y referencias útiles para la gestión del entorno de Sametime.
![Alternative method to install fixpacks, 3rd party integration
Sametime is based upon Expeditor, Expeditor has command switches that can be used to
install update sites.
Chain installations together, install client, then install update site, then install 3 rd party etc.
Using the following command to install update site
– “[STInstallDir]rcprcplauncher.exe” -nosplash
-com.ibm.rcp.provisioning#provisioningCommand -provisioningOperation provision
“install.xml" -application com.ibm.rcp.provisioning.application.ProvisioningApplication
-provisioningStatusLog “stInstall.log“
– Notice it points to the update sites install.xml not the site.xml
When performed, the client is not seen.
Remember to update plugin_customization.ini to allow the unsigned jars to install.
Often easier than editing/merging install.xml type documents.
13](https://image.slidesharecdn.com/ibmconnect2014-bp501-buildinganddeployingcustomibmsametimeconnectclientinstallations-140129102739-phpapp01/85/BP501-Building-and-deploying-custom-IBM-sametime-connect-client-installations-IBM-Connect-2014-13-320.jpg)
![Acknowledgements and Disclaimers
Availability. References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates.
The workshops, sessions and materials have been prepared by IBM or the session speakers and reflect their own views. They are provided for informational purposes only, and are neither
intended to, nor shall have the effect of being, legal or other guidance or advice to any participant. While efforts were made to verify the completeness and accuracy of the information
contained in this presentation, it is provided AS-IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise
related to, this presentation or any other materials. Nothing contained in this presentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM or
its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.
All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and
performance characteristics may vary by customer. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you
will result in any specific sales, revenue growth or other results.
© Copyright IBM Corporation 2014. All rights reserved.
U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
Please update paragraph below for the particular product or family brand trademarks you mention such as WebSphere, DB2, Maximo, Clearcase, Lotus, etc.
IBM, the IBM logo, ibm.com, [IBM Brand, if trademarked], and [IBM Product, if trademarked] are trademarks or registered trademarks of International Business Machines Corporation in
the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these
symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law
trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml
If you have mentioned trademarks that are not from IBM, please update and add the following lines:
[Insert any special 3rd party trademark names/attributions here]
Other company, product, or service names may be trademarks or service marks of others.
23](https://image.slidesharecdn.com/ibmconnect2014-bp501-buildinganddeployingcustomibmsametimeconnectclientinstallations-140129102739-phpapp01/85/BP501-Building-and-deploying-custom-IBM-sametime-connect-client-installations-IBM-Connect-2014-23-320.jpg)
BP501 - Building and deploying custom IBM sametime connect client installations - IBM Connect 2014
- 1. BP501: Building and Deploying Custom IBM Sametime Connect Client Installations Carl Tyler, Epilio © 2014 IBM Corporation
- 2. What we’ll cover… What’s in the IBM Sametime Installer? Extending a default IBM Sametime Install to include Fix packs or 3rd party applications How to predefine settings for users during installation Managing IBM Sametime Connect Client Settings post installation Questions (if time) 2
- 3. What’s in the Sametime Installation? Contained in the IBM Download – sametimeclient.for.notes • Notes Client Installer – sametimeclient.network.install • Sametime Client installer – packaged for placing on Community Server for installation via web browser – sametimeclient.optional.components • Office Components • SharePoint Components • Additional spell Check Languages – sametimeclient.standalone • Standalone Sametime Client Installer – Each contains Linux, Macintosh and Windows 3
- 4. Drill down into sametimeclient.standalone – Expand ZIP readme_silentinstall.html setup.bat – Can be edited and tweaked based upon whether this is a fresh installation, upgrade etc. Documented within file. setup.exe, setup.msi – If you want to save space, if you’re going to install with the MSI, delete the EXE and viceverse Deploy folder – Contains Java Signing keys, plugin_customization.ini, install.xml updateSite folder – Contains the features and plugins that make up the Sametime Client silentinstall.ini 4
- 5. silentinstall.ini - Customized settings for silent install Parameter Description LAPAGREE=YES Accept License Agreement, mustbe YES for silent install STSERVERNAME=st.acme.com Hostname of Sametime server STCOMMUNITYNAME=Name Community Name STSERVERPORT=1533 Sametime Server IP port number See readme_silentinstall.html for other parameters 5
- 6. Extending a default IBM Sametime Install to include Fix packs or 3rd party applications Step 1 – Obtain the Update site for the plug-in – This should contain • Site.xml • Features folder • Plugins folder Step 2 – Copy the contents of the features and plugins folders into their equivalent folder within the expanded Sametime Installer folders Step 3 – Update the contents of the site.xml within the expanded Sametime updatesite folder with the contents of the plugins update site site.xml file Step 4 – Update the contents of the install.xml within the deploy folder with the contents of the vendor supplied install.xml file. Step 5 – Sign Jars; if the jar files aren’t digitally signed, they need signing or plugin_customization.ini needs updating to allow unsigned code. 6
- 7. Step 3 More Detail – Update Site.xml Site.xml specifies the location of the features to install, think of it as a to do list of plugins to add. To add the plugin update site contents to the site.xml – Copy the plugin site.xml contents from between the <site> and </site> tags to the clipboard – Paste the contents above the line </site> in the installer site.xml – Example <feature url="features/Wallpaper_1.0.4.jar" id="Wallpaper" version="1.0.4"> <category name="Epilio Wallpaper for IBM Lotus Sametime"/> </feature> <category-def name="Epilio Wallpaper for IBM Lotus Sametime" label="Epilio Wallpaper for IBM Lotus Sametime"/> Some plugins may contain more features, the steps are the same. 7
- 8. Step 4 More Detail – Update install.xml Install.xml specifies the location of features to install To add the install.xml update site contents to the deploy install.xml – Copy the update site install.xml contents from between the <install> and </install> tags to the clipboard – Paste the contents above the </install> in deploy install.xml – Example <installfeature id="EpilioWallpaper" required="true" mergeaction="add"> <requirements> <feature id="Wallpaper" version="1.0.4" match="compatible" download-size="700" size="700" action="install" shared="true" url="“/> </requirements> 8
- 9. Step 5 - Signing Jars If the Jar is already signed by a trusted signer, no need for these steps. You will need the Java JDK, not just the Java runtime environment Create a keystore and generate the key pair – "c:javajdk1.7.0_51binkeytool" -genkey -dname "cn=Carl Tyler, ou=Dev, o=Epilio, c=US" -alias "Connect2014Cert" -keypass Connect2014Pass -keystore C:Keysmykeystore -storepass password -keyalg "RSA" -validity 720 Check the newly created self-signed certificate/key pair – “c:javajdk1.7.0_51binkeytool" -list -v -alias "Connect2014Cert" -keystore C:Keysmykeystore -storepass password 9
- 10. Step 5 - Signing Jars Continued… Sign the updatesite features JAR files (in the features folder) using the self-signed certificate/key pair – "c:javajdk1.7.0_51binjarsigner" -verbose -keystore C:Keysmykeystore -storepass password -keypass Connect2014Pass C:st9winupdateSitefeaturesWallpaper_1.0.4.jar "Connect2014Cert" -digestalg SHA1 -sigalg SHA1withRSA Sign the updatesite plugin JAR files (in the plugins folder) using the self-signed certificate/key pair – "c:javajdk1.7.0_51binjarsigner" -verbose -keystore C:Keysmykeystore -storepass password -keypass Connect2014Pass C:st9winupdateSitepluginscom.epilio.plugins.Wallpaper_1.0.4.jar "Connect2014Cert" -digestalg SHA1 -sigalg SHA1withRSA 10
- 11. Step 5 - Signing Jars Continued… Export a trust certificate that can authenticate your public key. – "c:javajdk1.7.0_51binkeytool" -export -alias "Connect2014Cert" -file SelfSignedCertforConnect2014.cer -keystore c:Keysmykeystore -storepass password Add the exported trust certificate to the Sametime install kit keystore to enable trust for your public key at install – "c:javajdk1.7.0_51binkeytool" -import -keystore "C:st9windeploy.keystore.JCEKS.IBM_J9_VM.install" -storetype JCEKS -alias "Connect2014Cert" -file SelfSignedCertforConnect2014.cer -storepass "changeit" List the entries in the Sametime Jar File (optional) – "c:javajdk1.7.0_51binkeytool" -list -v -keystore "C:st9windeploy.keystore.JCEKS.IBM_J9_VM.install" -storetype JCEKS -storepass "changeit" 11
- 12. Step 5 – Alternative, easier, less secure approach… Modify Sametime to trust unsigned jar files. Modify plugin_customization.ini located in the installers deploy folder Add/Modify the lines – # settings for enabling PKI based provisioning security com.ibm.rcp.security.update/VERIFICATION_LISTENER=com.ibm.rcp.security.update.DefaultVe rificationListener com.ibm.rcp.security.update/EXPIRED_SIGNATURE_POLICY=ALLOW com.ibm.rcp.security.update/UNSIGNED_PLUGIN_POLICY=ALLOW com.ibm.rcp.security.update/UNTRUSTED_SIGNATURE_POLICY=ALLOW If you take this approach, be sure to remove/change these settings after install to protect the Sametime installation from rogue code 12
- 13. Alternative method to install fixpacks, 3rd party integration Sametime is based upon Expeditor, Expeditor has command switches that can be used to install update sites. Chain installations together, install client, then install update site, then install 3 rd party etc. Using the following command to install update site – “[STInstallDir]rcprcplauncher.exe” -nosplash -com.ibm.rcp.provisioning#provisioningCommand -provisioningOperation provision “install.xml" -application com.ibm.rcp.provisioning.application.ProvisioningApplication -provisioningStatusLog “stInstall.log“ – Notice it points to the update sites install.xml not the site.xml When performed, the client is not seen. Remember to update plugin_customization.ini to allow the unsigned jars to install. Often easier than editing/merging install.xml type documents. 13
- 14. How to predefine settings for users during installation To preconfigure default settings for the client, you can use plugin_customization.ini, and also managed-settings.xml and managed-community-configs.xml plugin_customization.ini file is used to setup the clients “initial” runtime behavior – Modify the copy in the “deploy” folder of the installer to define settings – Settings are read when the user's workspace is created – Define settings you couldn’t set in silentinstall.ini, example multiple communities. The managed- settings allow items to be locked down, so the user cannot change them in the client, similar to policies, but allows them to be set before the client has connected to the Sametime Server and authenticated. List of Customization settings: – http://epil.io/hu530 14
- 15. Example for preconfiguring two communities #define managedIds for alternate communities com.ibm.collaboration.realtime.community/altCommunityConfig.managedIds=Host1,revProxy #define alternate community for altHost1 (disabled) com.ibm.collaboration.realtime.community/altCommunityConfig.Host1.enabled=false com.ibm.collaboration.realtime.community/altCommunityConfig.Host1.desc=Alternate host IP1 com.ibm.collaboration.realtime.community/altCommunityConfig.Host1.targetCommunityHost=st.ac me.com com.ibm.collaboration.realtime.community/altCommunityConfig.Host1.host=192.0.2.0 com.ibm.collaboration.realtime.community/altCommunityConfig.Host1.weight=1 com.ibm.collaboration.realtime.community/altCommunityConfig.Host1.port=1544 com.ibm.collaboration.realtime.community/altCommunityConfig.Host1.connectionType=direct #define alternate community for reverse proxy com.ibm.collaboration.realtime.community/altCommunityConfig.revProxy.desc=Reverse proxy for server1 com.ibm.collaboration.realtime.community/altCommunityConfig.revProxy.targetCommunityHost=st .acme.com com.ibm.collaboration.realtime.community/altCommunityConfig.revProxy.weight=0 com.ibm.collaboration.realtime.community/altCommunityConfig.revProxy.connectionType=reverse -proxy com.ibm.collaboration.realtime.community/altCommunityConfig.revProxy.proxyHost=http://rever seproxy.acme.com:81/server1 15
- 16. Managing IBM Sametime Connect Client Settings post installation For updating a deployed user base, rely on managed-settings.xml and managedcommunityconfigs.xml file to control settings – If local preferences are different to the server defined settings, the server provided managed settings will win – So configure locked down settings, and leave out the settings end users are allowed to change Files are served up from a HTTP server, both files should be placed in the location where the Sametime policy update site points. – Example, if the administration update site URL is http://acme.com/updates, the client looks for updated preferences in http://acme.com/updates/managed-settings.xml. Use different policies to point to different updatesite/settings file locations Managed settings are updated every 12 hours and whenever the Sametime Connect client is started. 16
- 17. Example managed-settings.xml to add alternative community <ManagedSettings> <settingGroup name="com.ibm.collaboration.realtime.community"> <setting name="altCommunityConfig.managedIds" value="Host2"/> <!-- define alternate community Host2 --> <setting name="altCommunityConfig.Host2.enabled" value="false"/> <setting name="altCommunityConfig.Host2.desc" value="Alternate host IP1"/> <setting name="altCommunityConfig.Host2.targetCommunityHost" value="st2.acme.com"/> <setting name="altCommunityConfig.Host2.host" value="192.0.3.0"/> <setting name="altCommunityConfig.Host2.weight" value="1"/> <setting name="altCommunityConfig.Host2.port" value="1544"/> <setting name="altCommunityConfig.Host2.connectionType" value="direct"/> </settingGroup> </ManagedSettings> This doesn’t replace the existing community, it adds a new alternative one. 17
- 18. Managing IBM Sametime Connect Client Settings post installation Continued… All unlocked settings can be modified by the user. Once a setting is modified by the user, any subsequent update to the same setting will not apply unless the setting is changed to isLocked=true on the settings XML file. This behavior is consistent with settings changed with the plugin_customization.ini file. User-modified preferences take precedence over settings from the plugin_customization.ini file and settings XML file. However, if the user's workspace is cleaned, the administrator's values will apply. Any settings or setting groups removed from the settings XML file (for example, to unmanage those settings) will remain on the client, and if the setting was previously locked, it will be automatically set to unlocked. All unmanaged settings will automatically be managed as standard preferences. 18
- 19. Changing a Sametime Server using managed-communityconfigs.xml This will update the existing Sametime Server Settings, to point to a new host. <managed-communities> <managed-community id="Host1" host="192.0.2.0" newHost="192.0.2.1"/> <managed-community-action type="update" managed-community-id="Host1"/> </managed-communities> By default update actions result in a client restart if the host name is changed. So using this managed-community-configs.xml the client will restart. 19
- 20. Really useful web pages List of client preferences – http://www.lotus.com/ldd/stwiki.nsf/dx/Sametime_client_preferences_st9 Automatically updating client preferences with the managed-settings.xml file – http://www.lotus.com/ldd/stwiki.nsf/dx/Automatically_updating_client_preferences_with_the_manage dsettings.xml_file_st9 Editing the plugin_customization.ini file to add custom features and change default preferences – http://www10.lotus.com/ldd/stwiki.nsf/dx/Editing_the_plugincustomization.ini_file_to_add_custom_features_and _change_default_preferences_st9 Configuring managed preferences providers – http://www.lotus.com/ldd/lewiki.nsf/dx/Configuring_providers_XPD623 Managed community settings – http://www.lotus.com/ldd/stwiki.nsf/dx/Managed_community_settings_sta9 20
- 21. Feel free to contact me Carl Tyler [email protected] Twitter: @flyboytyler Skype: CarlTyler Greenhouse: [email protected] Tel: 1-866-9Ep-ilio (937-4546) http://www.epilio.com 21
- 22. Access Connect Online to complete your session surveys using any: – Web or mobile browser – Connect Online kiosk onsite 22
- 23. Acknowledgements and Disclaimers Availability. References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. The workshops, sessions and materials have been prepared by IBM or the session speakers and reflect their own views. They are provided for informational purposes only, and are neither intended to, nor shall have the effect of being, legal or other guidance or advice to any participant. While efforts were made to verify the completeness and accuracy of the information contained in this presentation, it is provided AS-IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this presentation or any other materials. Nothing contained in this presentation is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results. © Copyright IBM Corporation 2014. All rights reserved. U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Please update paragraph below for the particular product or family brand trademarks you mention such as WebSphere, DB2, Maximo, Clearcase, Lotus, etc. IBM, the IBM logo, ibm.com, [IBM Brand, if trademarked], and [IBM Product, if trademarked] are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml If you have mentioned trademarks that are not from IBM, please update and add the following lines: [Insert any special 3rd party trademark names/attributions here] Other company, product, or service names may be trademarks or service marks of others. 23
Editor's Notes
- #2: Program Stream 2: For IT Practitioners Track Track 06: Best Practices Activity Type Lecture Speaker(s)Carl Tyler, Epilio Abstract IBM Sametime Connect is a powerful unified communications client, offering real-time communications capabilities. In this session, we'll cover how to build custom IBM Sametime installation packages, how to include interim fixes in the installation. We'll also cover how to customize various aspects of the client install with the installer, and how to ensure the install and uninstall is configured correctly. We'll also explain how you can manage IBM Sametime settings from the server post installation. When Tue, 28/Jan 01:30 PM - 02:30 PM Where Dolphin N. Hem D