Congratulations!

[Valid RSS] This is a valid RSS feed.

Recommendations

This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.

Source: http://techblog.gis-ag.info/feed/

  1. <?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
  2. xmlns:content="http://purl.org/rss/1.0/modules/content/"
  3. xmlns:wfw="http://wellformedweb.org/CommentAPI/"
  4. xmlns:dc="http://purl.org/dc/elements/1.1/"
  5. xmlns:atom="http://www.w3.org/2005/Atom"
  6. xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
  7. xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
  8. >
  9.  
  10. <channel>
  11. <title>GIS Techblog</title>
  12. <atom:link href="http://techblog.gis-ag.info/feed/" rel="self" type="application/rss+xml" />
  13. <link>http://techblog.gis-ag.info</link>
  14. <description></description>
  15. <lastBuildDate>Thu, 21 Dec 2017 19:18:52 +0000</lastBuildDate>
  16. <language>en-US</language>
  17. <sy:updatePeriod>hourly</sy:updatePeriod>
  18. <sy:updateFrequency>1</sy:updateFrequency>
  19. <generator>https://wordpress.org/?v=4.9.1</generator>
  20. <item>
  21. <title>WAS 8.5.5 FP12 breaks Domino &#8220;root&#8221; base entry setting</title>
  22. <link>http://techblog.gis-ag.info/2017/12/21/was-8-5-5-fp12-breaks-domino-root-base-entry-setting/</link>
  23. <comments>http://techblog.gis-ag.info/2017/12/21/was-8-5-5-fp12-breaks-domino-root-base-entry-setting/#respond</comments>
  24. <pubDate>Thu, 21 Dec 2017 19:18:52 +0000</pubDate>
  25. <dc:creator><![CDATA[Julius Schwarzweller]]></dc:creator>
  26. <category><![CDATA[IBM Connections]]></category>
  27. <category><![CDATA[WebSphere Portal]]></category>
  28. <category><![CDATA[base entry]]></category>
  29. <category><![CDATA[CWWIM4527E]]></category>
  30. <category><![CDATA[domino]]></category>
  31. <category><![CDATA[PI88438]]></category>
  32. <category><![CDATA[root]]></category>
  33. <category><![CDATA[WebSphere]]></category>
  34. <category><![CDATA[wimconfig.xml]]></category>
  35.  
  36. <guid isPermaLink="false">http://techblog.gis-ag.info/?p=2253</guid>
  37. <description><![CDATA[Hi all, after updating a portal 9 environment to WAS 8.5.5 FP12, I was not able to login anymore with any user&#8230; The error in the log: com.ibm.websphere.wim.exception.EntityNotFoundException: CWWIM4527E The LDAP entry 'uid=wpadmin,o=defaultWIMFileBasedRealm' was not found: ' javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'uid=wpadmin,o=defaultWIMFileBasedRealm'; resolved object [email protected]'. at com.ibm.ws.wim.adapter.ldap.LdapConnection.getAttributes (LdapConnection.java:1267) [&#8230;]]]></description>
  38. <content:encoded><![CDATA[<p>Hi all,</p>
  39. <p>after updating a portal 9 environment to WAS 8.5.5 FP12, I was not able to login anymore with any user&#8230;</p>
  40. <p>The error in the log:</p>
  41. <pre>com.ibm.websphere.wim.exception.EntityNotFoundException:
  42. CWWIM4527E The LDAP entry 'uid=wpadmin,o=defaultWIMFileBasedRealm' was not found: '
  43. javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
  44. remaining name 'uid=wpadmin,o=defaultWIMFileBasedRealm';
  45. resolved object [email protected]'.
  46. at com.ibm.ws.wim.adapter.ldap.LdapConnection.getAttributes (LdapConnection.java:1267)
  47. at com.ibm.ws.wim.adapter.ldap.LdapConnection. checkAttributesCache(LdapConnection.java:1573)
  48. </pre>
  49. <p>Rolling back FP12 to FP11 resolved the issue.</p>
  50. <p>This issue occurs when using Domino in combination with a federated repository configuration set to base &#8220;root&#8221;. There are several good reasons to use the &#8220;root&#8221; base entry when dealing with a Domino LDAP&#8230;</p>
  51. <p>IBM introduced a change in FP12 to allow setting of &#8220;root&#8221; as base entry for Active Directory also! It seems that something got broken within the part for Domino.</p>
  52. <p>There is a workaround for this:</p>
  53. <ul>
  54. <li>Change the order of the federated repository in wimconfig.xml to set the LDAP entry before the file based entry</li>
  55. </ul>
  56. <p>or IBM already created a <a href="http://www.ibm.com/support/docview.wss?rs=180&amp;uid=swg1PI88438">technote</a> for this issue. The ifix for this issue is called &#8220;8.5.5.10-WS-WAS-IFPI88438&#8221; &#8230;</p>
  57. <p>After this everything works as expected.</p>
  58. ]]></content:encoded>
  59. <wfw:commentRss>http://techblog.gis-ag.info/2017/12/21/was-8-5-5-fp12-breaks-domino-root-base-entry-setting/feed/</wfw:commentRss>
  60. <slash:comments>0</slash:comments>
  61. </item>
  62. <item>
  63. <title>Update to RHEL 7.4 breaks DB2 Cluster (TSAMP / RSCT)</title>
  64. <link>http://techblog.gis-ag.info/2017/11/28/update-to-rhel-7-4-breaks-db2-cluster-tsamp-rsct/</link>
  65. <comments>http://techblog.gis-ag.info/2017/11/28/update-to-rhel-7-4-breaks-db2-cluster-tsamp-rsct/#respond</comments>
  66. <pubDate>Tue, 28 Nov 2017 09:33:53 +0000</pubDate>
  67. <dc:creator><![CDATA[Julius Schwarzweller]]></dc:creator>
  68. <category><![CDATA[IBM Connections]]></category>
  69. <category><![CDATA[IBM Sametime]]></category>
  70. <category><![CDATA[2610-415]]></category>
  71. <category><![CDATA[DB2 10.5]]></category>
  72. <category><![CDATA[error]]></category>
  73. <category><![CDATA[hadr]]></category>
  74. <category><![CDATA[lssam]]></category>
  75. <category><![CDATA[resource manager not available]]></category>
  76. <category><![CDATA[RHEL 7.4]]></category>
  77. <category><![CDATA[RSCT]]></category>
  78. <category><![CDATA[TSAMP]]></category>
  79. <category><![CDATA[watchdog]]></category>
  80.  
  81. <guid isPermaLink="false">http://techblog.gis-ag.info/?p=2244</guid>
  82. <description><![CDATA[Update to RHEL 7.4 breaks DB2 Cluster (TSAMP / RSCT) Hi all, after updating a RHEL 7.3 system to RHEL 7.4 the DB2 HADR / TSAMP cluster stopped working. I was able to establish the HADR connection but the service IPs were not assigned to the network interface. Executing the command &#8220;lssam&#8221; to display the [&#8230;]]]></description>
  83. <content:encoded><![CDATA[<p><strong>Update to RHEL 7.4 breaks DB2 Cluster (TSAMP / RSCT)</strong></p>
  84. <p>Hi all,</p>
  85. <p>after updating a RHEL 7.3 system to RHEL 7.4 the DB2 HADR / TSAMP cluster stopped working. I was able to establish the HADR connection but the service IPs were not assigned to the network interface.</p>
  86. <p>Executing the command &#8220;lssam&#8221; to display the cluster state showed that nearly all resources are in the &#8220;Pending online state&#8221;.</p>
  87. <p>First of all I though it is an issue with the cluster config &#8211; so that I deleted the HA domain and recreated it.</p>
  88. <p>What I did to recreate the config:</p>
  89. <p><em>Note: It is always a good idea to use xml files for the config and not using the &#8220;interactive db2haicu&#8221; cmd tool! Recreating a cluster is a matter of minutes.</em></p>
  90. <p><strong>On the standby side:</strong></p>
  91. <pre>db2haicu -f db2config_standby.xml</pre>
  92. <p>&#8211;&gt; this worked pretty well.</p>
  93. <p><strong>On the primary side:</strong></p>
  94. <pre>db2haicu -f db2config_primary.xml
  95. </pre>
  96. <p>&#8211;&gt; this did not work and ran into an error after a very long time!<br />
  97. db2diag.log showed the following error / warnings:</p>
  98. <pre>2017-11-20-10.39.08.311255+000 I58687E428 LEVEL: Warning PID : 37088 TID : 140686421243776 PROC :
  99. db2havend (db2ha) INSTANCE: stinst1 NODE : 000 HOSTNAME: server1.server.com
  100. FUNCTION: DB2 UDB, high avail services, db2haAddResource, probe:12318
  101. DATA #1 : Error adding resource db2_stinst1_stinst1_STSC-rs to group db2_stinst1_stinst1_STSC-rg, resource handle is NOT valid
  102. </pre>
  103. <p>and</p>
  104. <pre>2017-11-20-10.27.12.993773+000 E56921E880            LEVEL: Error
  105. PID     : 34868                TID : 140601694013312 PROC : db2havend (db2ha)
  106. INSTANCE: stinst1              NODE : 000
  107. HOSTNAME: server1.server.com
  108. FUNCTION: DB2 UDB, high avail services, db2haMapResourceNameToHandle, probe:22152
  109. MESSAGE : RM-specific error detected during query. If the affected RM is not
  110.          the owner of the resource being queried then this is not a fatal
  111.          error, but otherwise the operation leading to this error will fail.
  112. DATA #1 : String, 8 bytes
  113. IBM.Test
  114. DATA #2 : String, 27 bytes
  115. db2_stinst1_server1_0-rs
  116. DATA #3 : String, 0 bytes
  117. Object not dumped: Address: 0x0000000000000000 Size: 0 Reason: Address is NULL
  118. DATA #4 : String, 87 bytes
  119. 2610-415 Cannot execute the command. The resource manager IBM.TestRM is not available.
  120. DATA #5 : unsigned integer, 4 bytes
  121. 262154
  122. </pre>
  123. <p>It was pretty obvious that this was related to the RHEL 7.4 update&#8230; Digging deeper into this problem together with IBM, the following <a href="https://developer.ibm.com/answers/questions/406023/tsamp-issues-after-updating-to-red-hat-74.html">developerworks</a> atricle brought us the solution:</p>
  124. <p><a href="http://techblog.gis-ag.info/2017/11/28/update-to-rhel-7-4-breaks-db2-cluster-tsamp-rsct/bildschirmfoto-2017-11-28-um-10-20-52/" rel="attachment wp-att-2245"><img class="alignnone size-full wp-image-2245" src="http://techblog.gis-ag.info/wp-content/uploads/2017/11/Bildschirmfoto-2017-11-28-um-10.20.52.png" alt="" width="802" height="703" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/11/Bildschirmfoto-2017-11-28-um-10.20.52.png 802w, http://techblog.gis-ag.info/wp-content/uploads/2017/11/Bildschirmfoto-2017-11-28-um-10.20.52-300x263.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/11/Bildschirmfoto-2017-11-28-um-10.20.52-768x673.png 768w" sizes="(max-width: 802px) 100vw, 802px" /></a></p>
  125. <p>I decided to install the efix and this solved the problem. After running db2 db2haicu command all resources showed up to be online again!</p>
  126. <p><a href="http://techblog.gis-ag.info/2017/11/28/update-to-rhel-7-4-breaks-db2-cluster-tsamp-rsct/bildschirmfoto-2017-11-28-um-10-24-47/" rel="attachment wp-att-2246"><img class="alignnone size-full wp-image-2246" src="http://techblog.gis-ag.info/wp-content/uploads/2017/11/Bildschirmfoto-2017-11-28-um-10.24.47.png" alt="" width="306" height="510" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/11/Bildschirmfoto-2017-11-28-um-10.24.47.png 306w, http://techblog.gis-ag.info/wp-content/uploads/2017/11/Bildschirmfoto-2017-11-28-um-10.24.47-180x300.png 180w" sizes="(max-width: 306px) 100vw, 306px" /></a></p>
  127. <p>Next time it is NOT mandatory to recreate the db2 cluster config&#8230; Just install the eFix and the problem is gone!</p>
  128. ]]></content:encoded>
  129. <wfw:commentRss>http://techblog.gis-ag.info/2017/11/28/update-to-rhel-7-4-breaks-db2-cluster-tsamp-rsct/feed/</wfw:commentRss>
  130. <slash:comments>0</slash:comments>
  131. </item>
  132. <item>
  133. <title>Domino 10 &#8211; to be continued!</title>
  134. <link>http://techblog.gis-ag.info/2017/11/06/domino-10-to-be-continued/</link>
  135. <comments>http://techblog.gis-ag.info/2017/11/06/domino-10-to-be-continued/#respond</comments>
  136. <pubDate>Mon, 06 Nov 2017 07:48:04 +0000</pubDate>
  137. <dc:creator><![CDATA[Frederik Potyka]]></dc:creator>
  138. <category><![CDATA[Domino]]></category>
  139. <category><![CDATA[domino]]></category>
  140. <category><![CDATA[Domino 10]]></category>
  141. <category><![CDATA[Domino Support]]></category>
  142. <category><![CDATA[Domino10]]></category>
  143. <category><![CDATA[IBM Notes]]></category>
  144. <category><![CDATA[IBM Verse]]></category>
  145. <category><![CDATA[Lotus Notes]]></category>
  146. <category><![CDATA[Lotus Notes Support]]></category>
  147. <category><![CDATA[Managed Services Domino]]></category>
  148. <category><![CDATA[Notes 10]]></category>
  149. <category><![CDATA[Notes Support]]></category>
  150. <category><![CDATA[Notes10]]></category>
  151.  
  152. <guid isPermaLink="false">http://techblog.gis-ag.info/?p=2226</guid>
  153. <description><![CDATA[Welcome to the first post about IBM Domino on our GIS AG Techblog! Here at GIS AG, we have a dedicated IBM Domino team made up of certified specialists for everything from development, to administration, support and beyond. On this blog we will be sharing the latest news and technical information about IBM Domino. If [&#8230;]]]></description>
  154. <content:encoded><![CDATA[<p><strong>Welcome</strong> to the first post about IBM Domino on our GIS AG Techblog!</p>
  155. <p>Here at GIS AG, we have a dedicated IBM Domino team made up of certified specialists for everything from development, to administration, support and beyond. On this blog we will be sharing the latest news and technical information about IBM Domino.</p>
  156. <p>If you have any questions or comments, please, feel free to write an Email to: <a href="mailto:[email protected]">[email protected]</a><br />
  157. Visit our <a href="http://techblog.gis-ag.info/aboutus/">About Us</a> page!</p>
  158. <hr />
  159. <p><span style="color: #000000;"><strong>Domino  10 </strong></span><strong>&#8211; This year Notes and Domino 9.0.1 FP10 will be released and 2018 Domino 10 unveiled.</strong><br />
  160. In response to popular demand, IBM announced they have formed a strategic initiative to investigate in their Domino Product Family (Notes, Domino, Sametime und Verse).<br />
  161. IBM partner global IT services provider HCL Technologies will take care of the software development.  IBM customers are involved in the implementation of the strategy #Domino2025  &#8211; &#8220;Help us define the future&#8221;</p>
  162. <p>Check out the message from VP of Product Management, Ed Brill:</p>
  163. <p><a href="https://www.ibm.com/social-business/us-en/announce/domino-jam2025/">https://www.ibm.com/social-business/us-en/announce/domino-jam2025/</a><br />
  164. <a href="https://www.ibm.com/blogs/social-business/2017/10/25/ibm-announces-investment-notes-domino-version-10-beyond/">https://www.ibm.com/blogs/social-business/2017/10/25/ibm-announces-investment-notes-domino-version-10-beyond/</a></p>
  165. ]]></content:encoded>
  166. <wfw:commentRss>http://techblog.gis-ag.info/2017/11/06/domino-10-to-be-continued/feed/</wfw:commentRss>
  167. <slash:comments>0</slash:comments>
  168. </item>
  169. <item>
  170. <title>IBM Connections 6 &#8211; Following and Followers blank</title>
  171. <link>http://techblog.gis-ag.info/2017/10/25/ibm-connections-6-following-and-followers-blank/</link>
  172. <comments>http://techblog.gis-ag.info/2017/10/25/ibm-connections-6-following-and-followers-blank/#respond</comments>
  173. <pubDate>Wed, 25 Oct 2017 08:42:16 +0000</pubDate>
  174. <dc:creator><![CDATA[Julius Schwarzweller]]></dc:creator>
  175. <category><![CDATA[IBM Connections]]></category>
  176. <category><![CDATA[blank]]></category>
  177. <category><![CDATA[followers]]></category>
  178. <category><![CDATA[Following]]></category>
  179. <category><![CDATA[IBM Connections 6]]></category>
  180. <category><![CDATA[isResourceFollowed]]></category>
  181. <category><![CDATA[NR_RESOURCE]]></category>
  182. <category><![CDATA[oracle]]></category>
  183. <category><![CDATA[ORGANIZATION_ID]]></category>
  184.  
  185. <guid isPermaLink="false">http://techblog.gis-ag.info/?p=2213</guid>
  186. <description><![CDATA[IBM Connections 6 &#8211; Following and Followers blank Hi, during the last weeks we had to deal with a strange problem in an IBM Connections 6 environment. The system was migrated from IC 5.5 to IC 6 and live for about 4 weeks when suddenly the following problem occurred: Neither users that I follow nor [&#8230;]]]></description>
  187. <content:encoded><![CDATA[<h1>IBM Connections 6 &#8211; Following and Followers blank</h1>
  188. <p>Hi,</p>
  189. <p>during the last weeks we had to deal with a strange problem in an IBM Connections 6 environment.</p>
  190. <p>The system was migrated from IC 5.5 to IC 6 and live for about 4 weeks when suddenly the following problem occurred:</p>
  191. <p><a href="http://techblog.gis-ag.info/2017/10/25/ibm-connections-6-following-and-followers-blank/following1/" rel="attachment wp-att-2214"><img class="alignnone size-full wp-image-2214" src="http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following1.png" alt="" width="729" height="315" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following1.png 729w, http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following1-300x130.png 300w" sizes="(max-width: 729px) 100vw, 729px" /></a></p>
  192. <p>Neither users that I follow nor followers were shown in the UI. Despite installing the latest Fixes no bigger changes have been performed on the system.</p>
  193. <p>I was able to follow a user:</p>
  194. <p><a href="http://techblog.gis-ag.info/2017/10/25/ibm-connections-6-following-and-followers-blank/following2/" rel="attachment wp-att-2216"><img class="alignnone size-full wp-image-2216" src="http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following2.png" alt="" width="962" height="340" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following2.png 962w, http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following2-300x106.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following2-768x271.png 768w" sizes="(max-width: 962px) 100vw, 962px" /></a></p>
  195. <p>Looks good:</p>
  196. <p><a href="http://techblog.gis-ag.info/2017/10/25/ibm-connections-6-following-and-followers-blank/following3/" rel="attachment wp-att-2218"><img class="alignnone size-large wp-image-2218" src="http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following3.png" alt="" width="640" height="257" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following3.png 1009w, http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following3-300x120.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following3-768x308.png 768w" sizes="(max-width: 640px) 100vw, 640px" /></a></p>
  197. <p>Then opening &#8220;Following&#8221; shows the right results:</p>
  198. <p><a href="http://techblog.gis-ag.info/2017/10/25/ibm-connections-6-following-and-followers-blank/following4/" rel="attachment wp-att-2219"><img class="alignnone size-large wp-image-2219" src="http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following4-1024x444.jpeg" alt="" width="640" height="278" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following4-1024x444.jpeg 1024w, http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following4-300x130.jpeg 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following4-768x333.jpeg 768w" sizes="(max-width: 640px) 100vw, 640px" /></a></p>
  199. <p>But then after some minutes&#8230; the entries vanish!</p>
  200. <p>Opening up a PMR ended in a nightmare that took nearly 8 weeks until the solution was found!</p>
  201. <p>During this time there were various troubleshooting sessions where:</p>
  202. <ul>
  203. <li>customizations have been completely disabled</li>
  204. <li>ST integration was switched off</li>
  205. <li>HTTP Rewrite rules were introduced to prevent caching</li>
  206. <li>traces and again traces</li>
  207. </ul>
  208. <p>All data was available in database&#8230; but the UI had in a way problems to correctly retrieve the data.</p>
  209. <p>The solution:</p>
  210. <p>In the trace for the news app IBM saw the following incorrect OrgID:</p>
  211. <pre>[10/18/17 14:58:36:669 UTC] 00000116 FollowingImpl &gt; com.ibm.lconn.news.following.impl.FollowingImpl getResourceId ENTRY ResourceImpl [source=PROFILES, type=PROFILE, id=A6906D52-F329-43C8-9F97-5D0E7005E486, organizationId=00000000-0000-0000-0000-000000000000, ]
  212. [10/18/17 14:58:36:670 UTC] 00000116 FollowingImpl &lt; com.ibm.lconn.news.following.impl.FollowingImpl getResourceId RETURN [Ljava.lang.Object;@ba483562
  213. [10/18/17 14:58:36:670 UTC] 00000116 FollowingImpl 3 com.ibm.lconn.news.following.impl.FollowingImpl isResourceFollowed Resource is not known, therefore cannot be followed by anybody yet!
  214. [10/18/17 14:58:36:670 UTC] 00000116 FollowingImpl &lt; com.ibm.lconn.news.following.impl.FollowingImpl isResourceFollowed RETURN false
  215. </pre>
  216. <p>It seems that a database table HOMEPAGE.NR_RESOURCE had null values in the column &#8220;ORGANIZATION_ID&#8221;:</p>
  217. <p><a href="http://techblog.gis-ag.info/2017/10/25/ibm-connections-6-following-and-followers-blank/following5/" rel="attachment wp-att-2220"><img class="alignnone size-full wp-image-2220" src="http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following5.png" alt="" width="720" height="112" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following5.png 720w, http://techblog.gis-ag.info/wp-content/uploads/2017/10/Following5-300x47.png 300w" sizes="(max-width: 720px) 100vw, 720px" /></a></p>
  218. <p>If this is the case you know that you seem to have the same or similar problem&#8230;</p>
  219. <p>Updating the columns to match the actual ORGANIZATION_ID of the system solved the problem:</p>
  220. <pre>UPDATE HOMEPAGE.NR_RESOURCE SET ORGANIZATION_ID='00000000-0000-0000-0000
  221. -000000000000' WHERE ORGANIZATION_ID IS NULL</pre>
  222. <p>Hope this helps someone out there.</p>
  223. <p>Btw. it is not yet known where this comes from. Neither why this happened. It seems other environments are also affected. I think it is a rare specialty that only occurs when using ORACLE as DBMS.</p>
  224. <p>&nbsp;</p>
  225. <p><em><strong>EDIT</strong></em>: Yesterday I`ve got a mail from Frank, who was working on a CNX 5.5 to 6 migration. He observed the same behavior but with DB2 as DBMS! The solution is the same&#8230; SO it seems this issue does NOT only occur with oracle but also with DB2.</p>
  226. <p>The fix above fixes the issue &#8211; a permanent solution will be introduced with IBM Connections 6 CR!</p>
  227. ]]></content:encoded>
  228. <wfw:commentRss>http://techblog.gis-ag.info/2017/10/25/ibm-connections-6-following-and-followers-blank/feed/</wfw:commentRss>
  229. <slash:comments>0</slash:comments>
  230. </item>
  231. <item>
  232. <title>Exchange integration into WebSphere Portal (SSO &#8211; Kerberos)</title>
  233. <link>http://techblog.gis-ag.info/2017/09/26/exchange-integration-into-websphere-portal-sso-kerberos/</link>
  234. <comments>http://techblog.gis-ag.info/2017/09/26/exchange-integration-into-websphere-portal-sso-kerberos/#respond</comments>
  235. <pubDate>Tue, 26 Sep 2017 12:03:14 +0000</pubDate>
  236. <dc:creator><![CDATA[Julius Schwarzweller]]></dc:creator>
  237. <category><![CDATA[WebSphere Portal]]></category>
  238. <category><![CDATA[EWS]]></category>
  239. <category><![CDATA[Exchange]]></category>
  240. <category><![CDATA[JWebServices]]></category>
  241. <category><![CDATA[Kerberos]]></category>
  242. <category><![CDATA[outbound proxy]]></category>
  243. <category><![CDATA[SSO]]></category>
  244. <category><![CDATA[Token delegation]]></category>
  245.  
  246. <guid isPermaLink="false">http://techblog.gis-ag.info/?p=2204</guid>
  247. <description><![CDATA[Exchange integration into WebSphere Portal (SSO &#8211; Kerberos) During the last years working with Portal I had several challenges with WebSphere Portals HTTP Outbound Proxy (aka. Ajax Proxy) in terms of authenticating backend calls to various other systems. What we`ve done so far in terms of SSO / backend authentication: &#8211; Authenticating using LTPAToken &#8211; [&#8230;]]]></description>
  248. <content:encoded><![CDATA[<p><strong>Exchange integration into WebSphere Portal (SSO &#8211; Kerberos)</strong></p>
  249. <p>During the last years working with Portal I had several challenges with WebSphere Portals HTTP Outbound Proxy (aka. Ajax Proxy) in terms of authenticating backend calls to various other systems.</p>
  250. <p>What we`ve done so far in terms of SSO / backend authentication:</p>
  251. <p>&#8211; Authenticating using LTPAToken<br />
  252. &#8211; Authenticating using SAML<br />
  253. &#8211; Authenticating using SPNEGO / Kerberos (this was a new one for me)</p>
  254. <p>The challenge this time was to introduce Exchange mailboxes / calendar data into portal. There is no out of the box integration (well some really old portlets that are more or less unusable) so we decided to write our own portlets using <a href="http://www.independentsoft.de/jwebservices/index.html">independent soft (JWEBSERVICES) </a>API that provides access capabilities to EWS.</p>
  255. <p>The problem was „how to authenticate users towards Exchange“?<br />
  256. <em>The solution</em>: Kerberos and HTTP outbound proxy… The approach is similar what IBM Connections Mail integration uses when integrating Exchange backends. Michele Buccarello wrote a <a href="https://de.slideshare.net/michelebuccarello/connections-mail-with-exchange-backend">great guide</a> &#8220;IBM Connections Mail Plugin Configuration with Exchange Backend&#8221;. Thanks also to Michele who was a great help when dealing with Kerberos delegation.</p>
  257. <p><strong>So how does it work?</strong></p>
  258. <p>A user logins to portal using Kerberos. The Kerberos token is granted. If you now access Exchange Web Service (using the services file in order to describe the contact between client and server), you can use the Outbound Proxy URL for testing:</p>
  259. <p>https://portal-dev.server.com/wps/myproxy/https/exchange.com/EWS/Services.wsdl</p>
  260. <p><a href="http://techblog.gis-ag.info/2017/09/26/exchange-integration-into-websphere-portal-sso-kerberos/bildschirmfoto-2017-09-26-um-12-36-50/" rel="attachment wp-att-2205"><img class="alignnone size-full wp-image-2205" src="http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.36.50.png" alt="" width="896" height="795" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.36.50.png 896w, http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.36.50-300x266.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.36.50-768x681.png 768w" sizes="(max-width: 896px) 100vw, 896px" /></a></p>
  261. <p>&nbsp;</p>
  262. <p>Through delegation of Kerberos Tokens, the Outbound Proxy uses the Token from the current session and sends it to Exchange which logs in the user.</p>
  263. <p>So how did I realize this?</p>
  264. <p>1. Enabled Kerberos on Exchange side (will not be described here)<br />
  265. 2. Enabled SPNEGO and Kerberos on Portal side</p>
  266. <p><a href="http://techblog.gis-ag.info/2017/09/26/exchange-integration-into-websphere-portal-sso-kerberos/bildschirmfoto-2017-09-26-um-12-47-51/" rel="attachment wp-att-2206"><img class="alignnone size-full wp-image-2206" src="http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.47.51.png" alt="" width="316" height="381" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.47.51.png 316w, http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.47.51-249x300.png 249w" sizes="(max-width: 316px) 100vw, 316px" /></a></p>
  267. <p><a href="http://techblog.gis-ag.info/2017/09/26/exchange-integration-into-websphere-portal-sso-kerberos/bildschirmfoto-2017-09-26-um-12-48-03/" rel="attachment wp-att-2207"><img class="alignnone size-full wp-image-2207" src="http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.48.03.png" alt="" width="712" height="422" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.48.03.png 712w, http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.48.03-300x178.png 300w" sizes="(max-width: 712px) 100vw, 712px" /></a></p>
  268. <p>3. Enabled Token delegation for the portal SPN User</p>
  269. <p><a href="http://techblog.gis-ag.info/2017/09/26/exchange-integration-into-websphere-portal-sso-kerberos/bildschirmfoto-2017-09-26-um-12-57-28/" rel="attachment wp-att-2208"><img class="alignnone size-full wp-image-2208" src="http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.57.28.png" alt="" width="424" height="563" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.57.28.png 424w, http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.57.28-226x300.png 226w" sizes="(max-width: 424px) 100vw, 424px" /></a></p>
  270. <p>4. configured HTTP Outbound Proxy to loop through the Kerberos token</p>
  271. <pre>&lt;?xml version="1.0" encoding="UTF-8"?&gt;
  272.  &lt;proxy-rules xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  273.  xsi:noNamespaceSchemaLocation="http://www.ibm.com/xmlns/prod/sw/http/outbound/proxy-config/2.0"&gt;
  274.  &lt;mapping contextpath="/myproxy" url="*"&gt;
  275.    &lt;policy url="https://exchange.server.com/*" basic-auth-support="true"&gt;
  276.     &lt;actions&gt;
  277.      &lt;method&gt;GET&lt;/method&gt;
  278.      &lt;method&gt;POST&lt;/method&gt;
  279.     &lt;/actions&gt;
  280.  &lt;meta-data&gt;
  281.     &lt;name&gt;hpaa.authtype&lt;/name&gt;
  282.     &lt;value&gt;spnego&lt;/value&gt;
  283.  &lt;/meta-data&gt;
  284.  &lt;/policy&gt;
  285. &lt;/mapping&gt;
  286. &lt;/proxy-rules&gt;
  287. </pre>
  288. <p>You then need to activate the policy using the CE task:</p>
  289. <p>./ConfigEngine.sh update-outbound-http-connection-config -DConfigFileName=/ibm/install/proxy_rules/spnego_proxy.xml</p>
  290. <p>After restarting the server the result looks like this</p>
  291. <p><a href="http://techblog.gis-ag.info/2017/09/26/exchange-integration-into-websphere-portal-sso-kerberos/bildschirmfoto-2017-09-26-um-12-36-08/" rel="attachment wp-att-2209"><img class="alignnone wp-image-2209 size-full" src="http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.36.08.png" alt="" width="1232" height="644" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.36.08.png 1232w, http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.36.08-300x157.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.36.08-768x401.png 768w, http://techblog.gis-ag.info/wp-content/uploads/2017/09/Bildschirmfoto-2017-09-26-um-12.36.08-1024x535.png 1024w" sizes="(max-width: 1232px) 100vw, 1232px" /></a></p>
  292. <p>Pretty cool 😉 A custom Exchange Portlets that looks nice and offers a great preview of mails and calendar entries.</p>
  293. ]]></content:encoded>
  294. <wfw:commentRss>http://techblog.gis-ag.info/2017/09/26/exchange-integration-into-websphere-portal-sso-kerberos/feed/</wfw:commentRss>
  295. <slash:comments>0</slash:comments>
  296. </item>
  297. <item>
  298. <title>User provisioning for IBM Connections Cloud – You have the choice</title>
  299. <link>http://techblog.gis-ag.info/2017/08/28/user-provisioning-for-ibm-connections-cloud-you-have-the-choice/</link>
  300. <comments>http://techblog.gis-ag.info/2017/08/28/user-provisioning-for-ibm-connections-cloud-you-have-the-choice/#comments</comments>
  301. <pubDate>Mon, 28 Aug 2017 13:42:47 +0000</pubDate>
  302. <dc:creator><![CDATA[Julius Schwarzweller]]></dc:creator>
  303. <category><![CDATA[IBM Connections]]></category>
  304. <category><![CDATA[BSS]]></category>
  305. <category><![CDATA[business support system]]></category>
  306. <category><![CDATA[cloud]]></category>
  307. <category><![CDATA[ibm]]></category>
  308. <category><![CDATA[IBM Connections Cloud]]></category>
  309. <category><![CDATA[Integration server]]></category>
  310. <category><![CDATA[user provisioning]]></category>
  311.  
  312. <guid isPermaLink="false">http://techblog.gis-ag.info/?p=2187</guid>
  313. <description><![CDATA[User provisioning for IBM Connections Cloud – You have the choice Customers who use IBM Cloud for Connections, Sametime or other applications face the problem to manage their cloud accounts. For some single users you can use the Web frontend to add or change user accounts or to assign subscriptions and licenses to users. But [&#8230;]]]></description>
  314. <content:encoded><![CDATA[<p><strong>User provisioning for IBM Connections Cloud – You have the choice</strong></p>
  315. <p>Customers who use IBM Cloud for Connections, Sametime or other applications face the problem to manage their cloud accounts. For some single users you can use the Web frontend to add or change user accounts or to assign subscriptions and licenses to users. But in real world scenarios it is not possible to manage thousands of users manually or to keep them synchronized with an on-prem user repository or LDAP.</p>
  316. <p>This can be handled smarter.</p>
  317. <p>There is an API for this &#8211; of course. In fact there are at least two of them:</p>
  318. <ul>
  319. <li>Using the <a href="https://www-10.lotus.com/ldd/appdevwiki.nsf/xpAPIViewer.xsp?lookupName=API+Reference#action=openDocument&amp;res_title=Overview_of_IBM_SmartCloud_SaaS_Business_Support_System_bss&amp;content=apicontent">IBM Business Support System API (or BSS)</a></li>
  320. <li>Use of the <a href="https://www.ibm.com/support/knowledgecenter/en/SSL3JX/admin/IntegrationServer/llis_admin_top.html">IBM Integration Server</a></li>
  321. </ul>
  322. <p>In one of our last projects we had to learn that both of them have advantages and disadvantages:</p>
  323. <p><em><strong>IBM Integration Server</strong></em></p>
  324. <p>Customers can request IBM to enable this feature. Then they are allowed to upload user information over ftp or http. The IBM integration server then processes these files in batch mode and provides result files which can be downloaded to check if everything was processed correctly.</p>
  325. <p>The csv file format is quite simple and straight forward. A file can look like this:</p>
  326. <pre>emailAddress,action, isManager, description, experience
  327.  
  328. <a href="mailto:[email protected]">[email protected]</a>,update, N,"some description","user experiences"
  329.  
  330. <a href="mailto:[email protected]">[email protected]</a>,update, N,"other description","other experiences"
  331. </pre>
  332. <p>This is really simple and good especially for one time provisioning users.</p>
  333. <p>But it has some crucial limitations you should be aware of:</p>
  334. <ul>
  335. <li>The csv files are limited to 200 lines, so you have to split it up, if you have more users.</li>
  336. <li>The processing is delayed, depending on the server load</li>
  337. <li>The batch processing approach doesn’t fit to handle more complex scenarios e.g if you try to create a user that already exists or try to assign more than the allowed number of users to a license.</li>
  338. <li>There are operations which are not supported for example if you want to assign users to applications without forcing each of them to accept a TOC.</li>
  339. </ul>
  340. <p>There are solutions which utilize this approach.</p>
  341. <p>In our case we had the additional challenge to sync IBM Cloud users periodically from a local LDAP.</p>
  342. <p><em><strong>IBM Business Support System API (or BSS)</strong></em></p>
  343. <p>&#8230; matches these requirements. This REST based API deals with JSON objects. It is really powerful and provides a wide range of actions managing user accounts and licenses. Also it is very easy to use. To read all users, whos email start with “julius”, you can simply use this one line of code:</p>
  344. <pre>curl -k -u &lt;user&gt;:&lt;pwd&gt;  "https://apps.na.collabserv.com/api/bss/resource/subscriber?_namedQuery=getSubscriberByEmailAddress&amp;emailAddress=julius*"</pre>
  345. <p><a href="http://techblog.gis-ag.info/2017/08/28/user-provisioning-for-ibm-connections-cloud-you-have-the-choice/bss_api1-3/" rel="attachment wp-att-2193"><img class="alignnone size-full wp-image-2193" src="http://techblog.gis-ag.info/wp-content/uploads/2017/08/BSS_API1-2.png" alt="" width="695" height="151" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/08/BSS_API1-2.png 695w, http://techblog.gis-ag.info/wp-content/uploads/2017/08/BSS_API1-2-300x65.png 300w" sizes="(max-width: 695px) 100vw, 695px" /></a></p>
  346. <p>This API can easily be used with any programming language. In our case we used python language to implement a user sync process from the customers LDAP and to provide additional maintenance functions as well. This script is triggered periodically to keep Cloud users in sync with customer LDAP.</p>
  347. <p>In this project the use of BSS API and a powerful script language was the key to solve the requirements with minimal efforts and costs.</p>
  348. <p>If you plan to use IBM Connections in the cloud you should be aware of a limitation which is really hard to accept! The BSS API updates the users in the internal BSS cloud database that handles access and licenses. But only basic information such as DisplayName and JobTitle are updated in the users Connection profile which is visible for normal users. All other profiles fields are intended to be managed by the user themselves in their profile.</p>
  349. <p>Also the IBM Connections profiles-admin API which would be an approach in an on-prem environment is disabled by the IBM Cloud team. At the moment the only way to update Connections profiles is to use the Integration Server. Not really convenient!</p>
  350. <p>Currently we ask ourselves if a mixture of both APIs would be the best and somehow only way to solve this problem. But we are not happy with this. We`ll keep you updated once we found a smarter way.</p>
  351. ]]></content:encoded>
  352. <wfw:commentRss>http://techblog.gis-ag.info/2017/08/28/user-provisioning-for-ibm-connections-cloud-you-have-the-choice/feed/</wfw:commentRss>
  353. <slash:comments>4</slash:comments>
  354. </item>
  355. <item>
  356. <title>SAML &#038; IBM Connections 5.5 &#8211; not a dream team</title>
  357. <link>http://techblog.gis-ag.info/2017/08/18/saml-ibm-connections-5-5-not-a-dream-team/</link>
  358. <comments>http://techblog.gis-ag.info/2017/08/18/saml-ibm-connections-5-5-not-a-dream-team/#respond</comments>
  359. <pubDate>Fri, 18 Aug 2017 06:45:52 +0000</pubDate>
  360. <dc:creator><![CDATA[Julius Schwarzweller]]></dc:creator>
  361. <category><![CDATA[IBM Connections]]></category>
  362. <category><![CDATA[ADFS 3.0]]></category>
  363. <category><![CDATA[com.ibm.websphere.security.disableGetTokenFromMBean]]></category>
  364. <category><![CDATA[IBM Connections 5.5]]></category>
  365. <category><![CDATA[IdP]]></category>
  366. <category><![CDATA[opaque token]]></category>
  367. <category><![CDATA[SAML]]></category>
  368. <category><![CDATA[SSO Token]]></category>
  369.  
  370. <guid isPermaLink="false">http://techblog.gis-ag.info/?p=2181</guid>
  371. <description><![CDATA[Hi all, last week we had to fight with an activation of SAML on a IC 5.5 CR3 environment. The setup was: IBM Connections 5.5 CR3 as test instance ADFS Server 3.0 (I know&#8230; it is only tested with ADFS 2.0 &#8211; but works with 3.0 too) We followed the instructions from the IBM Connections [&#8230;]]]></description>
  372. <content:encoded><![CDATA[<p>Hi all,</p>
  373. <p>last week we had to fight with an activation of SAML on a IC 5.5 CR3 environment.</p>
  374. <p>The setup was:</p>
  375. <ul>
  376. <li>IBM Connections 5.5 CR3 as test instance</li>
  377. <li>ADFS Server 3.0 (I know&#8230; it is only tested with ADFS 2.0 &#8211; but works with 3.0 too)</li>
  378. </ul>
  379. <p>We followed the instructions from the IBM Connections <a href="https://www.ibm.com/support/knowledgecenter/en/SSYGQH_5.5.0/admin/secure/t_inst_set_up_saml_2.html">Knowledge Center</a>. Smooth setup everything standard procedure. When testing this setup, the redirect to the IdP was initiated. After logging into the IdP the browser was redirected to IBM Connections ACS app. But then a loop started. IdP &#8211; Connections &#8211; IdP &#8211; Connections &#8211; IdP &#8230;Just until the ADFS Server detected this look and cancelled the request (from the ADFS error log):</p>
  380. <p>&nbsp;</p>
  381. <pre>Encountered error during federation passive request.
  382. Additional Data
  383. Protocol Name:
  384. Saml
  385. Relying Party:
  386. https://connections.server.com/samlsps/acs
  387.  
  388. Exception details:
  389. Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042: The same
  390. client browser session has made '6' requests in the last '2' seconds.
  391. Contact your administrator for details.
  392.   at
  393. Microsoft.IdentityServer.Web.Protocols.PassiveProtocolHandler.UpdateLoopDetectionCookie
  394. (WrappedHttpListenerContext context)
  395.   at
  396. Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.SendSignInResponse
  397. (SamlContext context, MSISSignInResponse response)
  398.   at
  399. Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest
  400. (ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
  401.   at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext
  402. (WrappedHttpListenerContext context)
  403. </pre>
  404. <p>Enabling traces on both InfraCluster &amp; UtilsCluster showed us the following error message:</p>
  405. <pre>[8/15/17 9:06:59:669 CEST] 000000fb ContextManage 3 Opaque token lookup via mbean will not occur.
  406. [8/15/17 9:06:59:669 CEST] 000000fb ContextManage 3 Exception getting opaque token from originating server.
  407. com.ibm.websphere.security.auth.WSLoginFailedException: <strong>SSO token uniqueID not null, but opaque token not found.</strong> Need to re-challenge the user to login again.
  408. at com.ibm.ws.security.auth.ContextManagerImpl.getOpaqueTokenFromCacheOrOriginatingServer(ContextManagerImpl.java:1924)
  409. at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextManagerImpl.java:3483)</pre>
  410. <p>There is a <a href="http://www-01.ibm.com/support/docview.wss?uid=swg21986804">technote</a> for this describing this issue.</p>
  411. <p>Basically this technote summarizes that this problem is caused by:</p>
  412. <p>&#8220;In Websphere Application Server 8.5.5.7 and 8.5.5.8 there are two settings which can contradict each other in certain circumstances if they are both set to true. &#8221;</p>
  413. <p><em>Addition to this: The properties IBM talks about is also active in WAS 8.5.5.9. From 8.5.5.10 on the property was removed.</em></p>
  414. <p>The property is called &#8220;com.ibm.websphere.security.disableGetTokenFromMBean&#8221;</p>
  415. <p><a href="http://techblog.gis-ag.info/2017/08/18/saml-ibm-connections-5-5-not-a-dream-team/bildschirmfoto-2017-08-18-um-08-26-48/" rel="attachment wp-att-2182"><img class="alignnone size-large wp-image-2182" src="http://techblog.gis-ag.info/wp-content/uploads/2017/08/Bildschirmfoto-2017-08-18-um-08.26.48-1024x368.png" alt="" width="640" height="230" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/08/Bildschirmfoto-2017-08-18-um-08.26.48-1024x368.png 1024w, http://techblog.gis-ag.info/wp-content/uploads/2017/08/Bildschirmfoto-2017-08-18-um-08.26.48-300x108.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/08/Bildschirmfoto-2017-08-18-um-08.26.48-768x276.png 768w" sizes="(max-width: 640px) 100vw, 640px" /></a></p>
  416. <pre><em><strong>....
  417. com.ibm.websphere.security.disableGetTokenFromMBean</strong></em>
  418. Use this property to disable the outbound SOAP call to retrieve the subject from the originating server when Single Sign-On is enabled. Typically, when Single Sign-On is enabled, and an inbound request needs to be authenticated, the receiving server attempts to retrieve the authentication from the originating server. The connection between the sending and receiving servers never times out during this callback process. <strong>When this property is set to true, the receiving server does not attempt to authenticate the inbound request.
  419. .... </strong></pre>
  420. <p>&nbsp;</p>
  421. <p>And it is set to true by default. This caused the loop.</p>
  422. <p>Setting this to &#8220;false&#8221; and restarting the cell, SAML authentication immediately started working.</p>
  423. <p>It would be very helpful to get a short link in the IBM Connections 5.5 Knowledge Center to the above technote! This would have saved quite some time.</p>
  424. ]]></content:encoded>
  425. <wfw:commentRss>http://techblog.gis-ag.info/2017/08/18/saml-ibm-connections-5-5-not-a-dream-team/feed/</wfw:commentRss>
  426. <slash:comments>0</slash:comments>
  427. </item>
  428. <item>
  429. <title>IBM Docs &#8211; Migration from DB2 &#8211;&gt; ORACLE</title>
  430. <link>http://techblog.gis-ag.info/2017/07/07/ibm-docs-migration-from-db2-oracle/</link>
  431. <comments>http://techblog.gis-ag.info/2017/07/07/ibm-docs-migration-from-db2-oracle/#respond</comments>
  432. <pubDate>Fri, 07 Jul 2017 08:52:51 +0000</pubDate>
  433. <dc:creator><![CDATA[Julius Schwarzweller]]></dc:creator>
  434. <category><![CDATA[IBM Connections]]></category>
  435. <category><![CDATA[CONCORD]]></category>
  436. <category><![CDATA[Database transfer]]></category>
  437. <category><![CDATA[DB2]]></category>
  438. <category><![CDATA[DB2-ORACLE]]></category>
  439. <category><![CDATA[DBT]]></category>
  440. <category><![CDATA[oracle]]></category>
  441.  
  442. <guid isPermaLink="false">http://techblog.gis-ag.info/?p=2168</guid>
  443. <description><![CDATA[IBM Docs &#8211; Migration from DB2 &#8211;&#62; ORACLE Hi, within our last big project, we had the challenge to transfer the IBM Docs database from DB2 to ORACLE. Within this database comments and other document related data is stored. Officially there is no script available to perform this move using DBT (remove constraints / transfer [&#8230;]]]></description>
  444. <content:encoded><![CDATA[<h1>IBM Docs &#8211; Migration from DB2 &#8211;&gt; ORACLE</h1>
  445. <p>Hi,</p>
  446. <p>within our last big project, we had the challenge to transfer the IBM Docs database from DB2 to ORACLE. Within this database comments and other document related data is stored.</p>
  447. <p>Officially there is no script available to perform this move using DBT (remove constraints / transfer / reapply constraints). We looked into the database and figured out how to perform this task using DBT &#8211; so we are not dependent on any other products. We migrated from DEV (IBM Docs CR1) to PROD (IBM Docs CR1)</p>
  448. <p><em><strong>The following procedure is officially NOT supported by IBM:</strong> </em></p>
  449. <p>1.Create the source databases on ORACLE</p>
  450. <pre>sqlplus "USER/[email protected]_SID"
  451. @createDb.sql
  452. ./updateDBSchema.sh
  453.  
  454. #UPDATE TO 2.0 CR1
  455. updateDBSchema.sh</pre>
  456. <p>2.Drop constraints</p>
  457. <pre> DELETE FROM CONCORDDB.PRODUCT;
  458. ALTER TABLE CONCORDDB.TASK DROP CONSTRAINT CONSTRAINT_TASK;
  459. ALTER TABLE CONCORDDB.TASKHISTORY DROP CONSTRAINT CONSTRAINT_TASKHIS;</pre>
  460. <p>3. Create dbt transfer xml file (Oracle RAC config taken into consideration in this example):</p>
  461. <pre>&lt;dbTransfer xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"&gt;
  462. &lt;database role="source"
  463. driver="com.ibm.db2.jcc.DB2Driver"
  464. url="jdbc:db2://DB2_SERVER:50001/CONCORD"
  465. userId="docinst1"
  466. schema="CONCORDDB"
  467. dbType="DB2"/&gt;
  468. &lt;database role="target"
  469. driver="oracle.jdbc.driver.OracleDriver"
  470. url="jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=ORACLE_SERVER_1)(port=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=ORACLE_SERVER_2)(port=1521)))(FAILOVER=on)(LOAD_BALANCE=off)(CONNECT_TIMEOUT=10)(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=ORACLE_SID)))"
  471. userId="DOCSUSER"
  472. schema="CONCORDDB"
  473. dbType="oracle"/&gt;
  474. &lt;/dbTransfer&gt;
  475. </pre>
  476. <p>4.Transfer the data</p>
  477. <pre>6.0-Wizards/jvm/linux/jre/bin/java -Xms3072m -Xmx8192m -cp /MIGRATION/_DOCS/DBT_HOME/dbt.jar:/MIGRATION/_DOCS/DBT_HOME/jdbc/ojdbc7.jar:/MIGRATION/_DOCS/DBT_HOME/jdbc/db2jcc4.jar com.ibm.wps.config.db.transfer.CmdLineTransfer -logDir /MIGRATION/_DOCS/DBT_HOME/logs -xmlfile /MIGRATION/_DOCS/DBT_HOME/concord.xml -sourcepassword xxx -targetpassword xxx</pre>
  478. <p>5.Reapply the constraints</p>
  479. <pre>ALTER TABLE CONCORDDB.TASK ADD CONSTRAINT CONSTRAINT_TASK FOREIGN KEY (ASSOCIATION_ID) REFERENCES CONCORDDB.ASSOCIATEDWITH (ASSOCIATION_ID) ON DELETE CASCADE;
  480. ALTER TABLE CONCORDDB.TASKHISTORY ADD CONSTRAINT CONSTRAINT_TASKHIS FOREIGN KEY (TASK_ID) REFERENCES CONCORDDB.TASK (TASK_ID) ON DELETE CASCADE;</pre>
  481. <p>That`s it</p>
  482. <p>All content was available during our tests and we created an easy and reproducible procedure when transferring databases from one to the other vendor.</p>
  483. ]]></content:encoded>
  484. <wfw:commentRss>http://techblog.gis-ag.info/2017/07/07/ibm-docs-migration-from-db2-oracle/feed/</wfw:commentRss>
  485. <slash:comments>0</slash:comments>
  486. </item>
  487. <item>
  488. <title>IBM Connections &#8211; trouble adding additional nodes</title>
  489. <link>http://techblog.gis-ag.info/2017/05/31/ibm-connections-trouble-adding-additional-nodes/</link>
  490. <comments>http://techblog.gis-ag.info/2017/05/31/ibm-connections-trouble-adding-additional-nodes/#comments</comments>
  491. <pubDate>Wed, 31 May 2017 13:52:00 +0000</pubDate>
  492. <dc:creator><![CDATA[Julius Schwarzweller]]></dc:creator>
  493. <category><![CDATA[IBM Connections]]></category>
  494. <category><![CDATA[additional node]]></category>
  495. <category><![CDATA[custom properties]]></category>
  496. <category><![CDATA[IBM Connections 6]]></category>
  497. <category><![CDATA[servlet and command caching]]></category>
  498. <category><![CDATA[WebConatiner]]></category>
  499. <category><![CDATA[WorkerManager]]></category>
  500.  
  501. <guid isPermaLink="false">http://techblog.gis-ag.info/?p=2149</guid>
  502. <description><![CDATA[IBM Connections &#8211; trouble adding additional nodes Hi all, we are currently involved in a project where we installed a 1 node IBM Connections 6 Cluster and later added a second node to the cell. So far so good&#8230; Everything that needs to be done after adding the second node is described here &#8230; Everything? [&#8230;]]]></description>
  503. <content:encoded><![CDATA[<p><strong>IBM Connections &#8211; trouble adding additional nodes</strong></p>
  504. <p>Hi all,</p>
  505. <p>we are currently involved in a project where we installed a 1 node IBM Connections 6 Cluster and later added a second node to the cell.</p>
  506. <p>So far so good&#8230; Everything that needs to be done after adding the second node is described <a href="https://www.ibm.com/support/knowledgecenter/SSYGQH_6.0.0/admin/install/t_adding_nodes_to_cluster.html">here</a> &#8230; Everything? Yes, mainly&#8230; but not in the mandatory details as I think! Missing custom properties and other settings might result in non-functional nodes. Especially not setting httpSessionIdReuse results in strange errors &#8211; IBM makes it themselves easy by saying:</p>
  507. <p><a href="http://techblog.gis-ag.info/2017/05/31/ibm-connections-trouble-adding-additional-nodes/bildschirmfoto-2017-05-31-um-11-42-07/#main" rel="attachment wp-att-2150"><img class="alignnone wp-image-2150" src="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Bildschirmfoto-2017-05-31-um-11.42.07-1024x111.png" alt="" width="696" height="75" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Bildschirmfoto-2017-05-31-um-11.42.07-1024x111.png 1024w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Bildschirmfoto-2017-05-31-um-11.42.07-300x32.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Bildschirmfoto-2017-05-31-um-11.42.07-768x83.png 768w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Bildschirmfoto-2017-05-31-um-11.42.07.png 1395w" sizes="(max-width: 696px) 100vw, 696px" /></a></p>
  508. <p>I would expect some more details, as you do not really know what exactly custom properties have been set&#8230;</p>
  509. <p>There are also other steps you need to do to set all properties &#8211; I tried to summarize everything:</p>
  510. <ol>
  511. <li>Servlet and command caching &#8211; this is activated on Node1 and shall be activated on Node2 too (It is recommended to disabled this for the Files application when you use the large deployment and plan to use large file downloads)</li>
  512. </ol>
  513. <p><a href="http://techblog.gis-ag.info/2017/05/31/ibm-connections-trouble-adding-additional-nodes/cluster_servletcaching/#main" rel="attachment wp-att-2151"><img class="alignnone size-full wp-image-2151" src="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_servletcaching.png" alt="" width="1019" height="585" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_servletcaching.png 1019w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_servletcaching-300x172.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_servletcaching-768x441.png 768w" sizes="(max-width: 1019px) 100vw, 1019px" /></a></p>
  514. <p>2) Log settings need to be adjusted to match node 01</p>
  515. <p><a href="http://techblog.gis-ag.info/2017/05/31/ibm-connections-trouble-adding-additional-nodes/cluster_logsettings-2/#main" rel="attachment wp-att-2155"><img class="alignnone size-full wp-image-2155" src="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_logsettings-1.png" alt="" width="1003" height="1021" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_logsettings-1.png 1003w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_logsettings-1-295x300.png 295w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_logsettings-1-768x782.png 768w" sizes="(max-width: 1003px) 100vw, 1003px" /></a></p>
  516. <p>3) WebContainer custom properties need to be set</p>
  517. <p><a href="http://techblog.gis-ag.info/2017/05/31/ibm-connections-trouble-adding-additional-nodes/cluster_webcontainer_1/#main" rel="attachment wp-att-2158"><img class="alignnone size-full wp-image-2158" src="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_webcontainer_1.png" alt="" width="1019" height="436" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_webcontainer_1.png 1019w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_webcontainer_1-300x128.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_webcontainer_1-768x329.png 768w" sizes="(max-width: 1019px) 100vw, 1019px" /></a></p>
  518. <p>4) Amount of WebContainer threads needs to be adjusted</p>
  519. <p><a href="http://techblog.gis-ag.info/2017/05/31/ibm-connections-trouble-adding-additional-nodes/cluster_webcontainer-2/#main" rel="attachment wp-att-2163"><img class="alignnone size-full wp-image-2163" src="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_webcontainer-1.png" alt="" width="1016" height="658" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_webcontainer-1.png 1016w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_webcontainer-1-300x194.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster_webcontainer-1-768x497.png 768w" sizes="(max-width: 1016px) 100vw, 1016px" /></a></p>
  520. <p>5) JVM custom properties need to be set</p>
  521. <p><a href="http://techblog.gis-ag.info/2017/05/31/ibm-connections-trouble-adding-additional-nodes/cluster1_jvm_custom_properties/#main" rel="attachment wp-att-2160"><img class="alignnone size-full wp-image-2160" src="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster1_JVM_custom_properties.png" alt="" width="1010" height="544" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster1_JVM_custom_properties.png 1010w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster1_JVM_custom_properties-300x162.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster1_JVM_custom_properties-768x414.png 768w" sizes="(max-width: 1010px) 100vw, 1010px" /></a></p>
  522. <p>6) HttpSessionIdReuse has to be set for all AppServers + additionally session timeouts &#8230;</p>
  523. <p><a href="http://techblog.gis-ag.info/2017/05/31/ibm-connections-trouble-adding-additional-nodes/cluster1_sessionidreuse/#main" rel="attachment wp-att-2161"><img class="alignnone size-full wp-image-2161" src="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster1_sessionIdReuse.png" alt="" width="1006" height="299" srcset="http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster1_sessionIdReuse.png 1006w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster1_sessionIdReuse-300x89.png 300w, http://techblog.gis-ag.info/wp-content/uploads/2017/05/Cluster1_sessionIdReuse-768x228.png 768w" sizes="(max-width: 1006px) 100vw, 1006px" /></a></p>
  524. <p>If you have a large deployment where we talk about 18 servers &#8211; it is a hell of work to do all this manually. We created a small script &#8211; I will try to post this as soon as we had time to make this a bit &#8220;nicer&#8221; &#8230;</p>
  525. <p>In an earlier post of <a href="https://meisenzahl.org/2016/06/17/search-not-working-adding-second-node-connections-5-5-cluster/">Nico Meisenzahl</a> he described that after adding a node to an IBM Connections 5.5 Cluster search did not work. It seems that this has been solved in IBM Connections 6. Even though IBM tells you to create WorkerManagers for the second node, I think this is not mandatory as in IC6 all WorkerManagers are created within the Cluster Scope&#8230; So thoses workers are valid for all AppServers in the cluster. The search started working directly after adding the node without creating additional Worker managers.</p>
  526. <p>&nbsp;</p>
  527. <p>&nbsp;</p>
  528. ]]></content:encoded>
  529. <wfw:commentRss>http://techblog.gis-ag.info/2017/05/31/ibm-connections-trouble-adding-additional-nodes/feed/</wfw:commentRss>
  530. <slash:comments>1</slash:comments>
  531. </item>
  532. <item>
  533. <title>SNOUG 2017 Presentation &#8211; SikaConnect goes External</title>
  534. <link>http://techblog.gis-ag.info/2017/03/23/snoug-2017-presentation-sikaconnect-goes-external/</link>
  535. <comments>http://techblog.gis-ag.info/2017/03/23/snoug-2017-presentation-sikaconnect-goes-external/#respond</comments>
  536. <pubDate>Thu, 23 Mar 2017 13:06:42 +0000</pubDate>
  537. <dc:creator><![CDATA[Julius Schwarzweller]]></dc:creator>
  538. <category><![CDATA[IBM Connections]]></category>
  539. <category><![CDATA[extranet]]></category>
  540. <category><![CDATA[SIKA]]></category>
  541. <category><![CDATA[SNouG]]></category>
  542. <category><![CDATA[TAI]]></category>
  543. <category><![CDATA[Zuerich]]></category>
  544.  
  545. <guid isPermaLink="false">http://techblog.gis-ag.info/?p=2137</guid>
  546. <description><![CDATA[SNOUG 2017 Presentation &#8211; SikaConnect goes External Hi all, yesterday I was at SNouG in Zurich. I had a great time there &#8211; good speakers and a overall perfectly organized event (would we expect sth. else from Switzerland? 😉 ) Raymond Weber from SIKA Informationssysteme AG and I did a session about the SIKA Extranet [&#8230;]]]></description>
  547. <content:encoded><![CDATA[<h1>SNOUG 2017 Presentation &#8211; SikaConnect goes External</h1>
  548. <p>Hi all,</p>
  549. <p>yesterday I was at SNouG in Zurich. I had a great time there &#8211; good speakers and a overall perfectly organized event (would we expect sth. else from Switzerland? 😉 )</p>
  550. <p>Raymond Weber from SIKA Informationssysteme AG and I did a session about the SIKA Extranet Feature:</p>
  551. <iframe class="pdfjs-viewer" width="1024px" height="480px" src="http://techblog.gis-ag.info/wp-content/plugins/pdf-viewer/stable/web/viewer.html?file=http://techblog.gis-ag.info/wp-content/uploads/2017/03/SNOUG_2017_SikaConnect_goes_External.pdf"></iframe>
  552. ]]></content:encoded>
  553. <wfw:commentRss>http://techblog.gis-ag.info/2017/03/23/snoug-2017-presentation-sikaconnect-goes-external/feed/</wfw:commentRss>
  554. <slash:comments>0</slash:comments>
  555. </item>
  556. </channel>
  557. </rss>
  558.  

If you would like to create a banner that links to this page (i.e. this validation result), do the following:

  1. Download the "valid RSS" banner.

  2. Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)

  3. Add this HTML to your page (change the image src attribute if necessary):

If you would like to create a text link instead, here is the URL you can use:

http://www.feedvalidator.org/check.cgi?url=http%3A//techblog.gis-ag.info/feed/

Copyright © 2002-9 Sam Ruby, Mark Pilgrim, Joseph Walton, and Phil Ringnalda