Weird issue with TDI Connections Wizards

I noticed a weird issue with the TDI Connections population wizard today.

Originally we had TDI 7.1 installed for some specific issue that were addressed when synching different LDAPs together – that worked, the connections population wizard and all the scripts worked a treat (good news if you want to use TDI 7.1)

Now due to one thing and another we took TDI 7.1 off and put TDI 7.0.0.5 back on the machine – BUT if you do not replace the Connections Wizards directory you will get issues.

The GUI DB population wizard runs, everything looks good, you can fill all the info in it will do things, but then reports zero records added – build sucessful !! I was puzzled, I could connect to the LDAP ok – an LDAP search reports back ok, DB connections are all ok – what is going on.

The main issue is once you have run the wizard over a TDI 7.1 install the derby DB inside the wizards directory updates to a newer version. If you then downgrade TDI and run the same population wizard TDI throws an error as soon as it attempts to iterate at all as it can not read the internal derby DB – reporting it is at a newer version and is not compatible.

The only reason I discovered this was to run the collect_dns job and watch the TDI log. If you tail the TDI log from the wizard, becuase it runs multiple jobs and they wizz past bt so quickly you can not catch the error!!

So its an easy fix – delete the exising wizards directory and re-extract it and attempt again – and of course it will work.

I am guessing the moral of the story is use TDI 7.0.0.5 unless you HAVE to use 7.1 and try not to have to roll it back 🙂

 

 

 

 

Social Connections II a grand day out

It’s taken me a while to post this – mainly becuase I am still recovering from the ‘Zombie Flu’ – aka the hideuos cold and chest infection which is now on week number 4!!

Social Connections II was in a not so sunny Cardiff Wales and my adventure started when I picked Ms Lisa Duke up at Gatwick airport very early the day before the conference.

To cut a long story short,  5 trains, a quick lunch, much social and work related brain storming, a very wet walk in some ‘angry rain’ and much cussing the googlemaps mobile app, we arrived in Cardiff.

We had a great afternoon / evening on thrusday – finalising a few things at the venue, finishing off the badges and then off out for a meal at a fish resturant in Cardiff centre.

 

Friday AM we were all go, reception desk to set up, badges to sort, signs etc … the catering appeared at the correct time and so did most of the speakers (Mr Paul Mason from my own company Applicable was coming at lunchtime), and virtually all the attendees appeared when they were supposed to – so all in all a good start.

We had a few minor issues with the streaming sorted out very quickly – and judging from the #soccnx has tag on twitter we had lots of people watching and interested.

All the session slides will be available shortly as well as the video’s – please watch the Social Connections site for details.

Highlights for me:

  • Finally getting to meet mr Louis Richardson – what a top man, he was engaged through the entire day and it will be fantastic to catch up with him again at lotusphere
  • John Scott and Joe Nicholls presentation on students and social – it was brilliant and I am looking forward to watching that back
  • Meeting many new people, the social interaction was fantastic – many questions at the end of sessions, good two way diaglog and conversations inbetween sessions, over coffee and lunch and at the after conference dinner.

I would personally like to thank Mark, Gary and the boys from the Salvation Army who did a fantastic job of the videoing again – they are superb. Thanks guys you are amazing 🙂

Claire from Cardiff Uni who assisted on the reception desk and generally helped throughout the day – thank you xx

and to Lisa Duke for not only being an awesome friend, pod casting queen and social media “finder-outer”, but she was my able bodied assistant for the day as I was completely disabled by the “zombie flu”

So thanks guys from me and Stuart and Simon .. and here is to the next one 🙂

 

 

 

Issues with TAM and Connections – SOLVED

Issues with TAM and Connections

For those of you that follow me on Twitter you will all know that I have had huge issues with Connections and TAM integration.
I am pleased to report that the issue is now resolved – Instructions below:

Created the transparent junctions as per the info center
Created the ACL defs as per the info center
Created default acl – connectionsdefaultacl and attached to junctions as per the info center
Created additional acl – connectionsacl as per the info center

Resources that do not require authentication which should have connectionsacl applied

/activities/images – Information present in the Lotus Connections wiki but not the official IBM Infocenter documentation.
/files/basic/anonymous/atom – Information present in the Lotus Connections wiki but not the official IBM Infocenter documentation.
/files/form/anonymous/atom – Missing from ALL official IBM documentation

Resources that require basic authentication which should have connectionsacl applied

/blogs/blogsapi – Information present in the Lotus Connections wiki but not the official IBM Infocenter documentation.
/blogs/blogsfeed – Information present in the Lotus Connections wiki but not the official IBM Infocenter documentation.
/communities/dsx – Missing from ALL official IBM documentation
/profiles/dsx – Missing from ALL official IBM documentation

Applied the require forms authentication which should have connectionsdefaultacl applied as per the info center
Created dynurl file as per the info center and applied connectionsacl to /blogs/blogsfeed, /blogs/blogsapi
Edited the web seal config added dynurl-allow-large-posts = yes, forms-auth = https or both, use-same-session = yes
Add the filter types as per the info center
Adding FQDN of load balanced TAM server virtual host – web-host-name = tam.your.domain.com
Import the connectionsAdmin user into TAM via the Web Portal Manager or pdadmin – This step is missing from ALL official IBM documentation
Update LC config file
set dynamic host enabled to “true” and the href/ssl_href to FQDN of load balanced TAM server virtual host i.e my.city.ac.uk
Ensure that the static href, static ssl_href and interService URLs for all services are pointing at the WebSEAL cluster i.e my.city.ac.uk
Set cusom authenticator to TAMAuthenticator and check timeout settings as per the info center
Configure the Lotus Connections directory service extensions to point to the Tivoli Access Manager server i.e setting the extension hrefs to:
http://tam.your.domain.com/ communities/dsx/ & http://tam.your.domain.com/profiles/dsx/

Lotus Connections applications will attempt to open server to server communications with other Lotus Connections applications via Tivoli Access Manager. If forms-auth has been set to https in the webseald-.conf file, then the signer certificate for WebSEAL client-side SSL communications should be added to the WebSphere trust stores – Missing from ALL official IBM documentation

Add the log out button to the HTTP server rewrite config / http config (depending on the set up)

Big thanks to Stephen Swann for the assist (@stephenjswann) – It is now deployed live and working as expected

Issues with Oracle with Connections 2.5 RESOLUTION

as posted by me on the Connections Blog earlier today :

IBM have now released new trigger code to resolve this issue.

The steps are simple

* Stop the application
* Backup the DB
* Run through the code to remove the Trigger
* Recreate the Trigger
* Start the primary server and test
* Assuming all is well start the other App Servers in the clusters

As yet IBM are unsure as to how they are going to release the fix as it falls out of the typical iFix scope.
If you are seeing this specific issue please contact the Lotus Connections Support team who will furnish you with the appropriate code to resolve the issue.
As soon as I have confirmation on how this will be distributed I will add what will hopefully be the final update to this on-going saga.

Big thanks to Kieran Reid at IBM and Andrew Frayling and his team at Cardiff Uni for assistance and support in resolving this issue. Great work all round.

Big maintenance weekend coming up

This weekend I am really going to Maintenance town on my live connections cluster.

I have the infamous DB issue to fix. Big props to Kieran Reid from IBM for all the help with this. So triggers to delete and re-add .. no bigg just have to have the system down to solve this ..

That got me thinking .. while its down I may get some other things sorted.
I have some LC config changes to make which should hopefully fix some of the issues I am seeing using Connections with TAM. Hopefully these will work straight away which will lend more power to my elbow that some TAM config changes need to take place (long story will blog when I find the solution) ..

And as we have a new shiny fix pack for connections, I am going to take the opporuinity to take the cluster over the whole weekend and get everything on before we potentially turn it lose on students.

I shall be a busy little nerd girl over the weekend but I am really looking forward to it 🙂

Issues with Oracle on Solaris with Connections 2.5 UPDATE

As I posted on the Connections Blog earlier today …

At last it appears there may be a *real* fix for this .. IBM have changed the trigger code which should hopefully fix the mutating trigger issue we see when deleting files ..

I will be testing this today and if it works rolling it out to my live environment over the next week.

I will attempt to get some confirmation if this code will be fixed in all new fix packs and APARS – watch this space and hopefully some great news

Issues with Oracle on Solaris with Connections 2.5 – UPDATE

After some testing with the SPARC version of this fix – which actually did work we were pleased to find out that Oracle had released a version for x86.

We applied this – this morning, and I am sorry to say it doesn’t work. If you try to delete a file from the DB directly or through the connections interface, the DB is still throwing the mutating trigger issue.

Plot thickens – time to go back to oracle 🙂

Issues with Oracle on Solaris with Connections 2.5

There is an issue when running Connections with Oracle on Solaris
Symptoms of the problem are you can not delete certain files and / or the files widget from communities

The error in the logs is – table FILES.MEDIA is mutating

08/02/10 00:01:00:569 GMT] 0000005d Library E EJPVJ9166E: Unable to delete the library with id b855660b-d6bc-4b19-891f-2087aa3d9a0c. [UserImpl@26ce26ce id=64377ea3-e571-4323-922a-dc0723fead36 directoryId=2BE4B3FF-4AB4-48FF-9B83-73689537A16A]
java.sql.SQLException: ORA-04091: table FILES.MEDIA is mutating, trigger/function may not see it
ORA-06512: at “FILES.PKG_MED_DOWNLOAD_UPD”, line 45
ORA-06512: at “FILES.MED_DOWNLOAD_UPD_S”, line 2
ORA-04088: error during execution of trigger ‘FILES.MED_DOWNLOAD_UPD_S’

at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112)

We have since discovered (thanks to Kieran Reid in Connections Support for doing the leg work) that this is an issue with Oracle 10.2.0.4 on Solaris – the triggers have an issue which is fixed in 10.2.0.5 – which is a big no no as far as connections go. There is a fix that you can apply to 10.2.0.4 that will resolve the problem.

From support.oracle.com search the knowledge base for 4574851
You should get three results, select the third match
Click on the link for Patch.4574851
Select the 10.2.0.4 release for the Solaris platform
Download, install and test.

*NOTE* this fix is only available for SPARC not x86

So far this appears to have fixed the issue on the backup of the Prod database (I have put a stand-alone LC25 in front of it to test which involved all sorts of DB hacking to get it to work – not recommended unless you are desperate for a quick test). I am hoping to schedule moving our prod DB from x86 to SPARC applying the patch and then plugging my LC25 cluster into it.

Changing the title on the Connections 2.5 Homepage

Changing the title on the homepage is a bit of a pain .. The steps are as follows :

Make a back up copy of the COMPRESSED homepage.ear file from the deployed application config

ND – < was ROOT >profiles< profile> configcells< cell Name >applicationsHomepage.earHomepage.ear

StandAlone – < was ROOT >profiles< profile >configcells< cell Name >applicationsHomepage.earHomepage.ear

extract it to a temp folder ie D:tempextractedhomepage

find the dboard.common.jar and extract that to a temporary folder i.e D:tempextractedDashboard

drill down into the extracted file >

> com/ibm/lotus/connections/dashboard/nls/

and find the file jsp_resources.properties

change the jsp.homepage.title = < “your new title” >

change any instances of “IBM Lotus Connections Home Page” in this file to < “your new title” >

save and close the file

do the same for any additional languages that you are supporting

re-compress the dboard.common.jar and copy the newly edited compressed version into the extracted directory of the homepage ear file.

re-crompress the homepage ear file

stop all server instances that are running the homepage application replace the newly edited and compressed homepage.ear file in the deployed application config

you will also need to replace the newly edited dboard.common.jar in the installedApps folder on your primary / standalone server.

< was_root >profiles< profile name >installedApps< cell name >Homepage.ear

once the servers are restarted they will use the new title in the homepage app

Connections 2.5 – WebSphere Tips

WebSphere Tip : 1

When clustering Connections you may encounter issues when the wizard attempts to federate the node into your deployment manager. This is a known WAS issue as the JVM suffers out of memory errors (is you delve deep in the add node log file / dmgr log you will find them).

There is a quick work around that can solve this:

Increasing the WAS HEAP size
In order for the add node command to work correctly when running the cluster wizard please do the following:

Connection servers
On each of the connections servers browse to bin and edit the addNode file (.bat or .sh depending on your OS).

Insert the line set WAS_HEAP=-Xms256M -Xmx1500M at the top of the file to set a variable (for example – under the set CMD variable)

set CMD_NAME_ONLY=%~n0
set WAS_HEAP=-Xms256M -Xmx1024M

at the bottom of the file find the “%JAVA_HOME%binjava” line and add the variable

“%JAVA_HOME%binjava” -Dcmd.properties.file=%TMPJAVAPROPFILE% %WAS_HEAP% %WAS_DEBUG% %WAS_TRACE% %CONSOLE_ENCODING% “%CLIENTSOAP%” “%JAASSOAP%” “%CLIENTSAS%” “%CLIENTSSL%” %USER_INSTALL_PROP% “-Dwas.install.root=%WAS_HOME%” “-DWAS_HOME=%WAS_HOME%” “com.ibm.wsspi.bootstrap.WSPreLauncher” -nosplash -application “com.ibm.ws.bootstrap.WSLauncher” “com.ibm.ws.runtime.NodeFederationUtility” “%CONFIG_ROOT%” “%WAS_CELL%” “%WAS_NODE%” %*

save the file.

Deployment Manager
On the deployment manager machine.
Open the Administrative Console.
Open System Administration > Deployment Manager > Process Definition > Java Virtual Machine.
Specify 256 for Initial Heap Size and 1500 for Maximum Heap Size.

Save your changes and restart the Deployment Manager.

This should resolve the issue – you may need to increase the Dmgr maximum heap slightly more but I found 1000 was just not enough and 1500 did the trick.

When you run the cluster wizard now it should run as expected 🙂

WebSphere Tip : 2

A handy tip to note if you are not a huge WebSphere guru.

To enable commands to be run from the command line without the need of the -username and -password arguments configure SOAP security.

Every WebSphere profile has a file called soap.client.props which hold soap connector client information. The path to the files is as follows : /profiles//properties

SOAP connector security is disabled by default.

When enabled with the correct information it is possible to run the standard WAS start , stop and status commands for instance by just running the .bat or .sh command without passing the extra credentials.

### EXAMPLE ###

###############################################################################
#
# JMX SOAP Connector Client Properties File
#
# This file contains properties that are used by the JMX SOAP Connector Client
# of the WebSphere Application Server product. SOAP Connector executes on WebSphere
# java servers and client systems with java applications that access WebSphere servers.
#
# ** Encoding Passwords in this File **
#
# The PropFilePasswordEncoder utility may be used to encode passwords in a
# properties file. To edit an encoded password, replace the whole password
# string (including the encoding tag {…}) with the new password and then
# encode the password with the PropFilePasswordEncoder utility. Refer to
# product documentation for additional information.
#
###############################################################################

#——————————————————————————
# SOAP Client Security Enablement
#
# – security enabled status ( false[default], true )
#——————————————————————————
com.ibm.SOAP.securityEnabled=true

com.ibm.SOAP.loginUserid=wasadminuser
com.ibm.SOAP.loginPassword=wasadminpassword

#——————————————————————————