More Related Content Similar to IBM Sametime 8.5.2 installation - From Zero To Hero - Edge Components 18.12.2011 (20) IBM Sametime 8.5.2 installation - From Zero To Hero - Edge Components 18.12.20111. IBM Collaboration Solutions
Installation and Setup of
IBM Sametime 8.5.2
”From Zero to Hero”
Part 2 – Edge Components
Frank Altenburg | SME for Sametime
IBM Collaboration Solutions
mailto:frank.altenburg@de.ibm.com
Social Business
New version from 18. 12. 2011
© 2009 IBM Corporation
2. Agenda
● Components of IBM Sametime 8.5.2
● Requirements for a IBM Sametime 8.5.2 Edge deployment
● Architecture of a IBM Sametime 8.5.2 Edge deployment
● The 25 steps to a IBM Sametime 8.5.2 Edge deployment
Social Business 2 © 2010 IBM Corporation
3. The IBM Sametime 8.5.2 Components we will cover
In Part 1:
● IBM DB2 Database Server
● IBM Sametime System Console
● IBM Sametime Community Server
● IBM Sametime Proxy Server
● IBM Sametime Meeting Server
● IBM Sametime Media Manager
● IBM Sametime Advanced Server (optional)
● IBM Sametime Connect Client
In this Part 2:
● IBM Sametime Community MUX (optional)
● IBM Sametime SIP Edge Proxy
● IBM Sametime Meeting HTTP Proxy
● IBM Sametime TURN Server
● IBM Sametime Gateway (optional)
In Part 3:
● Moving Sametime Servers to separate boxes
● Implementing additional Servers for clustering
● Clustering of Sametime Servers
Social Business 3 © 2010 IBM Corporation
4. IBM Sametime System Level Architecture
Sametime Clients
HTTP HTTP
VP
SIP, RTP SIP, RTP
Meeting Advanced
Server VP Server
Community
VP Server VP
Media Unified
Manager Telephony
VP VP
SIP
SIP, TCSPI
Partner Enterprise Phone
Sametime Sametime System
A/V Bridges
Proxy Gateway
SIP, XMPP
HTTP
Logical servers shown – may External IM
be combined physically Embedded Applications, Communities
depending on user workload including Web Client, Portal, and
Mobile
Social Business 4 © 2010 IBM Corporation
5. IBM Sametime System Console
● Manage prerequisites.
– System console manages all needed info for
prerequisite components
– No install/reinstall of IBM DB2® (for example) for Sametime
Domino
each separate offering Presence/IM
Sametime System Console
Sametime
● Centralize configuration. Classic LDAP
– Setup & testing of things like LDAP centralized in Meetings
a single location, instead of various wizards in
Sametime
different installers New Meetings
Facilitate deployment planning.
WebSphere
● Sametime
Media
– Mechanism to plan the Sametime server Server
deployment
Sametime
Proxy
DB2
– Installation of server nodes is simpler, as the
shared configuration already exists. Server
Sametime
installers are “headless”, and need no input Advanced
from user
● Single point of action for
administrative tasks
– Example: Policies are managed from a single
place for all components
Social Business 5 © 2010 IBM Corporation
6. Agenda
● Components of IBM Sametime 8.5.2
● Requirements for a IBM Sametime 8.5.2 Edge deployment
● Architecture of a IBM Sametime 8.5.2 Edge deployment
● The 25 steps to a IBM Sametime 8.5.2 Edge deployment
Social Business 6 © 2010 IBM Corporation
7. IBM Sametime 8.5.2 Prerequisites
● IBM Sametime 8.5.2 Community MUX Server requires
● IBM Sametime Community Server (Version >= 7.5.1)
● IBM Sametime 8.5.2 SIP Edge Proxy
● IBM WebSphere Application Server 7.0.0.15 (provided automatically via Install)
● IBM Sametime 8.5.2 Mdia Manager
● IBM Sametime 8.5.2 Meeting HTTP Proxy
● IBM WebSphere Application Server 7.0.0.15 (provided automatically via Install)
● IBM Sametime 8.5.2 Meeting Server
● IBM Sametime 8.5.2 TURN Server requires
● IBM Sametime 8.5.2 Media Manager
● IBM Sametime 8.5.2 Gateway Server requires
● IBM WebSphere Application Server 7.0.0.15 (provided automatically via Install)
● IBM DB2 9.7 or 9.5 FP1
● LDAP directory server (Supported IBM® Lotus® Domino® Directory LDAP, Microsoft®
Active Directory, IBM Tivoli® Directory Server, SunOne® iPlanet®, Novell®
eDirectory®)
● IBM Sametime Community Server (Version >= 8.0.1)
Social Business 7 © 2010 IBM Corporation
8. IBM Sametime 8.5.2 Prerequisites (cont.)
● IBM Sametime 8.5.2 System Console Server requires
● IBM WebSphere Application Server 7.0.0.15 (provided automatically via Install)
● IBM DB2 9.7 or 9.5 FP1
● LDAP directory server (Supported IBM® Lotus® Domino® Directory LDAP, Microsoft®
Active Directory, IBM Tivoli® Directory Server, SunOne® iPlanet®, Novell®
eDirectory®)
● IBM Sametime 8.5.2 Community Server requires
● IBM Lotus Domino 8.5.1 or 8.5.2 (32 Bit Version only)
● LDAP directory server
● IBM Sametime 8.5.2 Proxy Server requires
● IBM WebSphere Application Server 7.0.0.15 (provided automatically via Install)
● IBM Sametime Community Server (Version >= 7.5.1)
● IBM Sametime 8.5.2 Meeting Server requires
● IBM WebSphere Application Server 7.0.0.15 (provided automatically via Install)
● IBM DB2 9.5 FP1 (provided automatically via Install)
● LDAP directory server
● IBM Sametime 8.5.2 Media Manager requires
● IBM WebSphere Application Server 7.0.0.15 (provided automatically via Install)
● IBM Sametime 8.5.2 Community Server
● LDAP directory server
Social Business 8 © 2010 IBM Corporation
9. IBM Sametime 8.5.2 Prerequisites (cont.)
● IBM Sametime 8.5.2 Advanced Server requires
● IBM WebSphere Application Server 7.0.0.15 (provided automatically via Install)
● IBM DB2 9.7 or 9.5 FP1
● LDAP directory server (Supported IBM® Lotus® Domino® Directory LDAP, Microsoft®
Active Directory, IBM Tivoli® Directory Server, SunOne® iPlanet®, Novell®
eDirectory®)
● IBM Sametime Community Server (Version >= 8.0.1)
Social Business 9 © 2010 IBM Corporation
10. IBM Sametime 8.5.2 Prerequisites (continued)
● Software requirements
● Client
● Windows XP (SP2), XP Tablet, Vista and Windows 7 – 32 and 64 bit
● MAC OS X 10.6.2 x86-64 and future OS fix packs
● RHEL 5.0 Update 4 Desktop Edition x86-32 and future OS fix packs
● SLED 10.0 SP3 and 11.0 SP1 32 and 64 bit and future OS fix packs
● Ubuntu 10.04 LTS x85-32 and future OS fix packs
● Server
● Windows Server 2003/2008 - 32 and 64 bit (including R2)
● Linux (RHEL, SLES) - 32 and 64 bit
● AIX 5.3/6.1
● i5/OS 5.4, 6.1
● Solaris 10
● ESX and ESXi 4.0, MS Hyper-V R2
● Browsers
● Microsoft® Internet Explorer 6.x, 7.x, 8.0 (Windows)
● Firefox 3.5 and 3.6 (Windows, Mac, Linux)
● Safari 5.0 (Mac)
● Other
● Domino 8.5.1/8.5.2 for Community Server / 'Classic' meetings
● WebSphere Application Server 7 for new servers and gateway (included)
● DB2 9.7 for new servers and gateway (included)
Social Business 10 © 2010 IBM Corporation
11. IBM Sametime 8.5.2 Prerequisites (continued)
● Software requirements
● For WEB A/V
● Microsoft® Internet Explorer 6.x(!!), 7.x, 8.0 (Windows)
● Firefox 3.5 and 3.6 (Windows, Mac)
SPECIAL NOTE:
Microsoft Internet Explorer 9, Apple Safari and Google Chrome are
not supported with the Sametime Audio/Video Browser Plugin in
this actual Sametime Version 8.5.2.
We do not support any Linux based OS now for Browser A/V.
Microsoft Internet Explorer 6 should work and is officially
supported. But it is not recommended to use this version because
it can cause issues when several parallel connections needs to be
established with the meeting server.
Social Business 11 © 2010 IBM Corporation
12. Other requirements
● Make sure that all servers you want to use can be resolved in DNS.
● If DNS is not available then list all full qualified server names and IP addresses
from all servers in the hosts file and publish this file to all servers.
● The Media Manager Server does not work when installing with a DNS alias. You
must configure the full qualified machine host name (including domain part)
and use this for the installation. This name does not need to be configured
anywhere else and the client does not see it.
● If you use Windows 2008 as Operating System, then you need to start all
installations and configurations in „Administrative mode“.
● You need a LDAP Server hosting your user base. This can be a Domino LDAP or
Microsoft Active Directory or any other supported V3 LDAP.
● The Sametime gateway requires a public, not NATed IP address. NAT does not
work with SIP traffic (specially when using TLS encryption) because the SIP
packages contain the sending IP address inside. Then the receiver refuses the
SIP package coming from another address then the one inside the package.
Social Business 12 © 2010 IBM Corporation
13. Required files for a deployment on Windows
For a Windows installation of the Edge components you need to download these files
from Passport Advantage:
CZYD7ML.zip IBM Sametime Community Server Standard
CZYE0ML.zip IBM Sametime Meeting Server
CZYF0ML.zip IBM Sametime Media Manager Server
CZYF9ML.exe IBM Sametime Gateway
CZYA0ML.zip IBM Sametime WebSphere Application Server
CZYH1ML.zip IBM Sametime WebSphere Application Server iFixes
Create a directory, for example “C:Install”, on the servers where you want to install.
Then unpack the downloaded files into this directory. Just unpack the files required for
your deployment architecture on the particular server.
If you run the CZYF9ML.exe, create a subdirectory “C:InstallSametimeGateway” to
unpack the file.
When unpacked the CZYH1ML.zip file go into the subdirectory
“C:InstallSametimeWASiFixesWebSphereUPDI” and unzip the update installer for
your used operating system.
Social Business 13 © 2010 IBM Corporation
14. Agenda
● Components of IBM Sametime 8.5.2
● Requirements for a IBM Sametime 8.5.2 Edge deployment
● Architecture of a IBM Sametime 8.5.2 Edge deployment
● The 25 steps to a IBM Sametime 8.5.2 Edge deployment
Social Business 14 © 2010 IBM Corporation
15. IBM Sametime 8.5.2 - Our pilot recommendation
Compared with the last version of this document installing IBM Lotus
Sametime 8.5.1 (from Lotusphere 2011), we have changed again our
recommendation for a pilot deployment.
The reason for the change is the availability of new features in
installation methods as well as our increased experience and many
successful installations using this method in the last months.
The most Edge components described in this part 2 can be installed
on one single box in the DMZ because all of them use different ports
for communication. Only the Sametime Gateway requires a separate
box because it uses the SIP Protocol and requires a non NATed
public IP address. The Sametime Gateway is optional and not
required for the other Edge components to work properly.
It is important to have the full environment described in the Part 1 of
this documentation up and running before starting the Edge
components installation. The Sametime Advanced part is not
required for this installation.
Social Business 15 © 2010 IBM Corporation
16. IBM Sametime 8.5.2 Edge – our pilot deployment
DNS entries:
sametime.renovations.com
STMux
DB2 9.5 meeting.renovations.com
Sametime
Server chat.renovations.com
System
webchat.renovations.com
Console
edge.renovations.com
SIP pointing to 192.168.0.1
Edge
Sametime Proxy
Media edge.renovations.com
Manager 192.168.40.40 192.168.0.1
192.168.30.50
WAS
sametime.renovations.com
HTTP
192.168.30.10 Port Forwardings:
Proxy
80 TCP
1533 TCP
5061 TCP
Sametime Sametime TURN
Server 5081 TCP
Meeting Proxy Server
3478 UDP
Server
to 192.168.40.40
meeting.renovations.com webchat.renovations.com
192.168.30.10 192.168.30.30
Active Sametime
Directory Sametime
Community gateway.renovations.com gateway.renovations.com
LDAP Gateway
Server 192.168.30.60 Server 192.168.0.60
ldap.renovations.com
chat.renovations.com
192.168.30.99
192.168.30.20
Social Business 16 © 2010 IBM Corporation
17. Hardware required for this Pilot Example Deployment
● 1 Server for the IBM Sametime 8.5.2 Community MUX, IBM Sametime 8.5.2
Meeting HTTP Proxy, IBM Sametime 8.5.2 SIP Edge Proxy, IBM Sametime 8.5.2
TURN Server
Quad CPU, 8GB RAM or more, 100GB disk space or more, 64 Bit OS
1 GBit Network Interface with 2 IP addresses (internal and external).
● 1 Server for the IBM Sametime 8.5.2 Gateway Server
Dual CPU, 4GB RAM or more, 50GB disk space or more, 64 Bit OS
1 GBit Network Interface with 2 IP addresses (internal and external but not
NATed).
● Various client endpoints
With such a configuration you can host up to
● 300 concurrent Meeting Participants *
● 5.000 concurrent Sametime Clients *
● 150 concurrent Media Streams *
● 1500 concurrent Proxy web client users *
* Ask you IBM representative for more detailed sizing information in a defined
environment
Social Business 17 © 2010 IBM Corporation
18. Special IP configuration for the WebSphere based Server
For this Edge environment it is required to have the same FQ Host
names that you use in the internal network (see Part 1 of this
documentation) be configured in the public DNS pointing to the public
IP address of the server machine in the DMZ hosting the Edge
components. This means splitted DNS configuration is required.
Host Name: edge.renovations.com
Alias Names: sametime.renovations.com
meeting.renovations.com
webchat.renovations.com
chat.renovations.com
Public IP: 192.168.0.1 (NATed to the DMZ IP)
DMZ IP: 192.168.40.40
Local address in the Intranet:
Host Name: edge.renovations.com
IP: 192.168.30.50
Social Business 18 © 2010 IBM Corporation
19. Special IP configuration for the WebSphere based Server (cont)
For the Sametime Gateway Server a not NATed public IP address is
required. Best practice is to have a splited DNS configuration.
Public address in the Internet:
Host Name: gateway.renovations.com
Public IP: 192.168.0.60 (not NATed)
Local address in the Intranet:
Host Name: gateway.renovations.com
IP: 192.168.30.60
Social Business 19 © 2010 IBM Corporation
20. Required technical users for IBM Sametime 8.5.2
IBM Sametime requires some technical users for components to
communicate in an authenticated mode. All of this users should be
configured so that the password never expires and never needs to be
changed.
db2admin
This user is created during installation of the DB2 server in the
Operating System. Do not create this user in advance.
It is the user for all IBM Sametime related components using DB2 to
access their databases. Be sure to match the password policy
requirements of the OS.
wasadmin
This is the user to access the IBM WebSphere components and to
administer the system. This user must not exist in your LDAP directory.
It is created during WebSphere installation in a local file repository. You
can use the same user name and password for all components (makes
it easier) or different names and passwords. But again, it does not work
when this user exists in the LDAP.
Social Business 20 © 2010 IBM Corporation
21. Required technical users for IBM Sametime 8.5.2 (cont)
Domino Administrator
This user is created during installation of Domino for the IBM Sametime
Community Server. It is a best practice to not use a existing
administrative account because it is the account with that the IBM
Sametime System Console communicates with the Community Server.
LDAP Bind User
This is a user account in your LDAP directory. This account is used to
connect in authenticated mode to the LDAP server to get all required
attributes. It is possible to connect anonymously to the LDAP but then it
does not work with some LDAP systems or the LDAP server requires
special configuration to allow anonymous bind.
Social Business 21 © 2010 IBM Corporation
22. Starting and stopping the WebSphere based Server
In this pilot deployment we install and configure all WebSphere based
Sametime servers using a single Cell. Then it is easy to administer all
of them using just one administrative interface. (The Integrated
Solutions Console of the Sametime System Console)
With Sametime 8.5.1 the services where created automatically for all
servers because we used for all of them a separate “Cell Profile”
deployment. Now with IBM Sametime 8.5.2 we use the Network
deployment method by implementing all servers as a Primary Node
federated to the Deployment Manager of the Sametime System
Console in just one Cell.
Using this method the installer does not create some required
components and it does not create some services in the Windows
operating system. We need to manually create this components and
Services. All the required steps are described in detail later this slide
deck.
Social Business 22 © 2010 IBM Corporation
23. Audio/Video Plug-In for Browser access to Meeting Rooms
The Meeting Plug-In is shipped with the Media Manager in two formats.
1.) Download Version
This version files needs to be copied onto a Web Server that can be
accessed by the Browser from the client who want to access the Meetings
using Audio and Video services. This could be the Domino based
Sametime Community Server, the Sametime Proxy Server or the Sametime
Meeting Server or any other web server in your organization.
In this pilot deployment recommendation we use the Sametime Proxy
server for this service.
To download and install this Plug-In it is required to have Administrative
access rights on Windows 7. With all other OS the user right is enough
2.) Deployment Version
This version can be deployed using your preferred deployment tool. It
contains a MSI installer file. But be careful in some operating systems as
Windows 7, it is required to install this version with administrative rights.
Social Business 23 © 2010 IBM Corporation
24. Agenda
● Components of IBM Sametime 8.5.2
● Requirements for a IBM Sametime 8.5.2 Edge deployment
● Architecture of a IBM Sametime 8.5.2 Edge deployment
● The 25 steps to a IBM Sametime 8.5.2 Edge deployment
Social Business 24 © 2010 IBM Corporation
25. The 25 steps to deploy a Sametime 8.5.2 EDGE environment
1.Enable Trust for the Community Mux in the Sametime Community
Server
2.Install the Sametime Community Mux
3.Configure the Community Mux in the Sametime System Console
4.Install the SIP EDGE Proxy without the Sametime System Console
5.Configure the SIP Edge Proxy
6.Post Install Tasks
7.Create a Deployment Plan for the Sametime Meeting HTTP Proxy
8.Install the Sametime Meeting HTTP Proxy
9.Run the guided activity to add the Sametime Meeting HTTP Proxy to
the Meeting Cluster
10.Remove the Sametime Meeting Server on the Edge Server
11.Create the WebSphere Meeting Http Proxy on the Edge Server
12.Post Install tasks
13.Install the TURN Server
14.Configure the TURN Server and enable NAT Traversal
15.Test all the Edge components
Social Business 25 © 2010 IBM Corporation
26. The 25 steps to deploy a Sametime 8.5.2 EDGE environment
16.Create the Sametime gateway DB2 Database
17.Configure the DB2 Database Prerequisite in the Sametime System
Console
18.Enable Trust for the Gateway in the Sametime Community Server
19.Install the Sametime Gateway without the Sametime System Console
20.Post Install Tasks
21.Register the Gateway to the Sametime System Console
22.Connect to the local Sametime Community
23.Connect to a Partner Sametime Community
24.Enable clients to use the Sametime Gateway
25.Test the Gateway
Social Business 26 © 2010 IBM Corporation
27. STEP ONE: Enable Trust for the Community MUX in the
Sametime Community Server
Summary
A Sametime Community Server only accepts connections from a Community Services
multiplexer that is listed in the "CommunityTrustedIps" field of a
"CommunityConnectivity" document to prevent an unauthorized machine from
connecting to the Sametime community server.
This can be configured directly in the “STCONFIG.NSF” Database -
“CommunityConnectivity” Document, or – and this is now much easier – in the
Sametime System Console. This is the way we want to configure this part.
Social Business 27 © 2010 IBM Corporation
28. Enter the URL „http://sametime.renovations.com:8700/admin“.
The WebSphere Application Server Administrative interface (the Integrated Solutions
Console ISC) is always secured by SSL. Therefore you will be redirected to HTTPS and the
port 8701 automatically. You are prompted to accept the default certificate. For different
browsers the procedure to accept this IBM signed certificate is different.
You can use the direct URL: „https://sametime.renovations.com:8701/ibm/console“.
Social Business 28 © 2010 IBM Corporation
29. Enter the WebSphere Application Server Administrative User name and its password.
We use „wasadmin“. Then click the „Log in“ button to continue.
Social Business 29 © 2010 IBM Corporation
30. You have now reached the IBM Lotus Sametime System Console.
Social Business 30 © 2010 IBM Corporation
31. Click on “Sametime System Console”, then on “Sametime Servers” and then on
“Sametime Community Servers”.
Social Business 31 © 2010 IBM Corporation
33. Go to the bottom of the page and enter the IP address of your Edge server that hosts your
Sametime Community MUX. Then click the “Add” button
Social Business 33 © 2010 IBM Corporation
34. The IP address is now added. Click the “OK” button to save the setting into the
Sametime Community Server configuration.
Social Business 34 © 2010 IBM Corporation
35. Restart your Sametime Community Server to apply the trust settings. Be aware to use this
“restart server” console command only in your test environment. On a production server
this won't work because the restart is often faster then stopping all 41 Sametime server
tasks. The complete restart can take up to 5 minutes. Wait until all 41 ST... tasks appear in
your Task Manager.
Social Business 35 © 2010 IBM Corporation
36. STEP TWO: Install the Sametime Community MUX
Summary
This step installs theIBM Sametime 8.5.2 Community MUX.
We like to use a CMD command line window to enter some of the commands
and start the installers. For that we have created a short cut in our fast start
section.
You can use the Windows Explorer as well to navigate to the destination
directory and double click the installation file (setupwin32.exe)
Social Business 36 © 2010 IBM Corporation
37. Enter the command “cd InstallCommunityMux” and press the “Enter” key.
Enter the command “setupwin32.exe” and press the “Enter” key.
Social Business 37 © 2010 IBM Corporation
38. My Operating System was set to German language. But I want to use the English
language (default) for the installation. Just click the “OK” button.
Social Business 38 © 2010 IBM Corporation
39. Now click the “Next” button to continue.
Social Business 39 © 2010 IBM Corporation
40. Accept the terms in the license agreement and click the “Next” button to continue
Social Business 40 © 2010 IBM Corporation
41. Remove “Program Files” and click the “Next” button to continue
We recommend to use path names without spaces (as some scripts may require this) and
also shorten the path name so that the typical limits of some operating systems and
applications for path + file name length are avoided.
Social Business 41 © 2010 IBM Corporation
42. Enter the full qualified host name of your community Server. We use
“chat.renovations.com”. Then click the “Next” button to continue.
Social Business 42 © 2010 IBM Corporation
43. Click the “Install” button to install the Community MUX.
Social Business 43 © 2010 IBM Corporation
44. The Sametime Community MUX is now installing. This step takes approximately 1 to 2
minutes.
Social Business 44 © 2010 IBM Corporation
45. Important to know...
Consider the requirements of the community server multiplexer machine before
installing it.
* community server multiplexer installation files are available for Windows®, AIX®,
Linux®, and Solaris. A stand-alone community server multiplexer cannot be
installed on IBM® i. However, Sametime® on IBM i supports the use of a stand-
alone multiplexer installed on a Windows system.
* The minimum system requirements for the community server multiplexer
machine are the same as the system requirements for the core Sametime
community server.
* A machine that meets the minimum system requirements should be able to
handle approximately 20,000 simultaneous client connections.
* Testing indicates that machines with dual 1133 MHz CPUs and 2 GB of RAM
can handle approximately 30,000 simultaneous client connections.
* TCP/IP connectivity must be available between the community server multiplexer
machine and the Sametime community server. Port 1516 is the default port for
the connection from the community server multiplexer machine to the Sametime
Community Server.
Social Business 45 © 2010 IBM Corporation
46. When the installation has finished successfully, click the „Finish“ button to close the
Installer.
Social Business 46 © 2010 IBM Corporation
47. Set the preferences of the Community Mux “ST Mux” service to start and stop
automatic with the Operating System. Then start the service.
Social Business 47 © 2010 IBM Corporation
48. The Community Mux is now setup to start and stop automatic with the Operating System,
and it is started.
Social Business 48 © 2010 IBM Corporation
49. Install a Sametime Connect client in the public network and connect to your Sametime
Community Mux server. In the public network this should be the same address as in
your local network “chat.renovations.com”. The Sametime Community Mux forwards
your connection to the internal Sametime Community Server. Login with a user in your
directory to see that the Mux works.
Social Business 49 © 2010 IBM Corporation
50. Another way to test the functionality and connectivity of your Sametime Community Mux is
to enter the command “netstat -an” in a CMD line window. There you should see the ST
Mux is listening on ports 1533 and 8082. There are established connections to your
Community Server (IP 192.168.30.20) on port 1516 and from your Sametime Client (IP
192.168.0.9) on port 1533.
Social Business 50 © 2010 IBM Corporation
51. STEP THREE: Configure the Community MUX in the
Sametime System Console
Summary
Use the IBM® Sametime System Console to connect to a Sametime
Community Mux and validate its settings.
Social Business 51 © 2010 IBM Corporation
52. Click on “Sametime System Console” then on “Sametime Prerequisites” and then on
“Connect to Sametime Community Mux Servers”.
Social Business 52 © 2010 IBM Corporation
53. Click the “Add” button
Enter the host name of your Sametime Community Mux server (we use
“edge.renovations.com”) and click the “Save” button.
Social Business 53 © 2010 IBM Corporation
54. The Sametime Community Mux Server is now successfully added to your Sametime
System Console.
Social Business 54 © 2010 IBM Corporation
55. STEP FOUR: Install the SIP EDGE Proxy without the
Sametime System Console
Summary
The IBM® Lotus® SIP Edge Proxy is a SIP Application installed over a
WAS server. Since there is no specific installer for the IBM Lotus SIP
Edge Proxy server, you can use the SIP Proxy/Registrar installer and then
perform manual steps in order to adjust the environment to the Lotus SIP
Edge Proxy.
Social Business 55 © 2010 IBM Corporation
56. Navigate to the „InstallSametimeMediaManager“ directory and enter the
command „Launchpad“
Social Business 56 © 2010 IBM Corporation
57. The Sametime 8.5.2 Launchpad opens. Click the „Install IBM Lotus
Sametime Media Manager“ link on the left side.
Social Business 57 © 2010 IBM Corporation
58. Now click the link „Launch IBM Lotus Sametime Media Manager 8.5.2
Installation“
Social Business 58 © 2010 IBM Corporation
60. Click the “Next” button to continue.
Social Business 60 © 2010 IBM Corporation
61. Accept the terms in the license agreement and click the “Next” button to continue
Social Business 61 © 2010 IBM Corporation
62. Remove “Program Files” and click the “Next” button to continue
We recommend to use path names without spaces (as some scripts may require this) and
also shorten the path name so that the typical limits of some operating systems and
applications for path + file name length are avoided.
Social Business 62 © 2010 IBM Corporation
63. Click the “Install” button to install the Installation Manager.
Social Business 63 © 2010 IBM Corporation
65. If you are using Windows 2008 R2 or Windows 2003 R2 then it can be possible that
you run into a JAVA heap memory overflow. To prevent this issue change a parameter in
The “IBMIM.INI” configuration file of the Sametime Install Manager. See the next 2 slides
how to do this. And then click the „Restart Installation Manager“ button to continue.
Social Business 65 © 2010 IBM Corporation
66. In the File Explorer navigate to your Install Manager's eclipse directory “C:IBMInstall
Managereclipse”. Then open the configuration file “IBMIM.ini” in notepad.
Social Business 66 © 2010 IBM Corporation
67. Add he parameter “-Xmx1024m” at the end. Then save and close the file.
This parameter is case sensitive.
Now click the “Restart Installation Manager” button in your Install Manager screen
to continue your Installation.
Social Business 67 © 2010 IBM Corporation
68. Click the „Install“ icon to start the installation.
Social Business 68 © 2010 IBM Corporation
69. Select „IBM Sametime Media Manager“ and „Version 8.5.2“. Then click the „Next“
button to continue.
Social Business 69 © 2010 IBM Corporation
70. Accept the terms in the license agreement and click the „Next“ button to continue.
Social Business 70 © 2010 IBM Corporation
71. Enter the correct path (remove „Program Files“) and click the „Next“ button to continue.
Social Business 71 © 2010 IBM Corporation
72. Enter the correct path (remove „Program Files“) and click the „Next“ button to continue.
Social Business 72 © 2010 IBM Corporation
73. Select “IBM Sametime Media Server 8.5.2” but deselect “Use Lotus Sametime
System Console to Install”. Then click the „Next“ button to continue.
Social Business 73 © 2010 IBM Corporation
74. With IBM Sametime 8.5.2 it is possible to install Sametime on top of an existing
WebSphere 7.0.0.15 Server. We don't want to do this in this pilot deployment.
Just click “Next” to continue.
Social Business 74 © 2010 IBM Corporation
75. In this screen you need to select the WebSphere deployment method. We use
“Standalone” for this installation. And you need to define the WebSphere Application
Server administrative user. You need to authenticate with this user to access the
Integrated Solutions Console of your Media Manager Server. It is important that this
user does not exist in your LDAP. In this example we use the standard „wasadmin“.
Enter the password twice and click the „Next“ button to continue.
Social Business 75 © 2010 IBM Corporation
76. The host names for the SIP Proxy/Registrar, Conference Manager, Packet Switcher,
and Community Server must be all different. The Proxy/Registrar host name should be
the local host, and the others should be different from the Proxy/Registrar host name
and also from each other. We use in this example:
* Conference Manager host name: “sametime.renovations.com”
* Proxy/Registrar host name: “edge.renovations.com”
* Packet Switcher host name: “meeting.renovations.com”
For the Community Server we use our chat server “chat.renovations.com”
Then click the „Validate“ button to continue.
Social Business 76 © 2010 IBM Corporation
77. If the connection to the different hosts was successful, then you should see that the
text in the button has changed to „Validated“.
Now click the „Next“ button to continue.
Social Business 77 © 2010 IBM Corporation
78. Select the checkbox “Configure LDAP after the installation” and click the “Next” button.
Social Business 78 © 2010 IBM Corporation
79. Click the „Install“ button to install the Sametime Media Manager Server.
Social Business 79 © 2010 IBM Corporation
80. The Installation Manager now installs the Sametime Media Manager. This
step can take approximately 30 to 45 Minutes.
Social Business 80 © 2010 IBM Corporation
81. Important to know...
It should be possible to do this installation with every other Sametime component that
is WebSphere based to just have the WebSphere binaries and the Cell profile structure
on the box. But we need to implement a special application - the Edge Proxy
Application. This application is shipped in the Media Manager install package. So it is
easier to use this installer for this installation.
If you plan to implement all Edge components on one box, like described in this
document, then you need to install the SIP Edge Proxy component first – before the
Meeting Http Edge Proxy. The reason is the required configuration steps for the
Meeting Http Edge Proxy disallow the complete Cell installation of the SIP Edge Proxy.
Social Business 81 © 2010 IBM Corporation
82. The Installer first unpacks the WebSphere Application Server install files
Then he installs the WebSphere Application Server 7.0.0.3 binaries
Then he creates the WebSphere profiles
Then he installs the Update Installer
Then he installs the Update to WebSphere 7.0.0.15
Then he install the application and configures everything
Social Business 82 © 2010 IBM Corporation
83. In this directory is the log file where the installer logs its progress. The file increases up
to approximately 302 KBytes.
Director on Windows 2008: C:UsersAll UsersIBMInstallation Managerlogsant
The last step is to configure the services and some post install tasks.
Social Business 83 © 2010 IBM Corporation
84. The Sametime Media Manager server has installed successfully. Click the „Finish“
button and close the Installation Manager and the Launchpad.
Social Business 84 © 2010 IBM Corporation
85. STEP FIVE: Configure the SIP Edge Proxy
Summary
The SIP Edge Proxy needs to be configured. Several steps are required to
complete this configuration:
A)Login to the new Media Manager integrated Solutions Console
B)Uninstall all Media manager applications
C)Install the new SIP Edge Proxy application
D)Configure the SIP Ports
E)Modify the SIP Edge Proxy Settings in the edge-proxy.xml file
F)Replace the default certificate
G)Exchange certificates between the SIP Edge Proxy and the SIP Proxy
Registrar
Social Business 85 © 2010 IBM Corporation
86. A) Login to the new Media Manager integrated Solutions Console
Enter the URL „http://edge.renovations.com:8800/admin“.
Then click the “Add Exception” button.
The WebSphere Application Server
Administrative interface (the
Integrated Solutions Console ISC) is
always secured by SSL. Therefore
you will be redirected to HTTPS and
the port 8701 automatically. You are
prompted to accept the default
certificate. For different browsers the
procedure to accept this IBM signed
certificate is different.
You can use the direct URL:
„https://sametime.renovations.com:8
801/ibm/console“.
Social Business 86 © 2010 IBM Corporation
87. The IBM signed certificate is not trusted by the browser. Click the „Get Certificate“
button to accept the certificate by clicking the “Confirm Security Exception Button”.
(this dialog is different using other browsers)
Social Business 87 © 2010 IBM Corporation
88. Enter the WebSphere Application Server Administrative User name and its password.
We use „wasadmin“. Then click the „Log in“ button to continue.
Social Business 88 © 2010 IBM Corporation
89. You have now reached the IBM WebSphere Integrated Solutions Console.
Social Business 89 © 2010 IBM Corporation
90. B) Uninstall all Media manager applications
Click on “Applications” - “Application Types” and then on “WebSphere
enterprise applications”.
Social Business 90 © 2010 IBM Corporation
91. Select the installed applications “ConferenceFocus” and “SSCConnect.ear”. If other
applications are installed like “SIP Proxy”, “SIP Registrar” or “Packet Switch”, select
them as well and then click the “Uninstall” button.
Social Business 91 © 2010 IBM Corporation
92. Click the “OK” button to continue.
Social Business 92 © 2010 IBM Corporation
93. Yes we want to save the changes and click the “save” link.
Social Business 93 © 2010 IBM Corporation
94. C) Install the new SIP Edge Proxy application
The applications are now deleted. Next is to install the SIP Edge Proxy application. Click
the “Install” button.
Social Business 94 © 2010 IBM Corporation
95. If you run your browser on the Edge machine, you can use “Local File System”. If you
use your Browser from your workstation, then the install files are “remote”. So use the
“Remote file system” and click the “Browse” button.
Social Business 95 © 2010 IBM Corporation
96. Select the directory where you have unpacked the Media Manager install files. And from
there the subdirectory “SIPEdgeProxy”. Then select the “EdgeProxyAppl.ear” file and
click the “OK” button.
Social Business 96 © 2010 IBM Corporation
97. Click the “Next” button to continue.
Social Business 97 © 2010 IBM Corporation
98. Click the “Next” button to continue.
Social Business 98 © 2010 IBM Corporation
99. Click the “Next” button to continue.
Social Business 99 © 2010 IBM Corporation
100. Click the “Next” button to continue.
Social Business 100 © 2010 IBM Corporation
101. Click the “Next” button to continue.
Social Business 101 © 2010 IBM Corporation
103. Click the “save” link to continue.
Social Business 103 © 2010 IBM Corporation
105. D) Configure the SIP Ports
To set up ports for the IBM® Lotus® SIP Edge Proxy, an administrator needs to determine
the SIP ports used for the SIP Proxy/Registrar and ensure that the Lotus SIP Edge Proxy
listens on these same ports.
To perform this configuration step we open a new browser window and connect to our
Sametime System Console – Integrated Solutions Console. Enter the URL
“http://sametime.renovations.com:8700/admin”.
If the console is already open in your browser, then switch to this browser window.
Social Business 105 © 2010 IBM Corporation
106. Click on “Servers” - “Server Types” and then on “WebSphere application servers”.
Social Business 106 © 2010 IBM Corporation
108. On the right side under “Communications” click on “Ports”.
Social Business 108 © 2010 IBM Corporation
109. Record the ports that are used for the “SIP_ProxyRegHOST” and “SIP_ProxyReg_SECURE”.
Here we can find ports “5080” and “5081”.
Social Business 109 © 2010 IBM Corporation
110. Go back to the Integrated Solutions Console of your Edge Media Manager installation.
Now click on “Servers” -
“Server Types” and then on
“WebSphere application
servers”.
Social Business 110 © 2010 IBM Corporation
112. On the right side under “Communications” click on “Ports”.
Social Business 112 © 2010 IBM Corporation
114. Enter the Port “5062” and click the “OK” button.
Social Business 114 © 2010 IBM Corporation
116. Enter the Port “5063” and click the “OK” button
Social Business 116 © 2010 IBM Corporation
118. Enter the Port “5080” and click the “OK” button.
Social Business 118 © 2010 IBM Corporation
120. Enter the Port “5081” and click the “OK” button.
Social Business 120 © 2010 IBM Corporation
121. Click the “Save” link to save the last changes.
Social Business 121 © 2010 IBM Corporation
122. Next is to add the ports to the virtual hosts table. Click on “Environment” and then on
“Virtual hosts”.
Social Business 122 © 2010 IBM Corporation
124. Click on “Host Aliases”.
Social Business 124 © 2010 IBM Corporation
125. Click the “New” button to add a new entry.
Social Business 125 © 2010 IBM Corporation
126. Leave the Host Name as it is and enter the Port “5080” in the Port field. Then click the
“OK” button.
Social Business 126 © 2010 IBM Corporation
127. To add an other entry click the “New” button again.
Social Business 127 © 2010 IBM Corporation
128. Enter the Port “5081” and click the “OK” button.
Social Business 128 © 2010 IBM Corporation
129. We have changed the SIP_ProxyRegHOST and SIP_ProxyReg_SECURE ports. So we
need to map this changes here as well. Click the “*” near the Port “5060”.
Social Business 129 © 2010 IBM Corporation
130. Change the port to “5062” and click the “OK” button.
Social Business 130 © 2010 IBM Corporation
131. Now click the “*” near the port “5061”.
Social Business 131 © 2010 IBM Corporation
132. Change the port to “5063” and click the “OK” button.
Social Business 132 © 2010 IBM Corporation
133. Click the “Save” link to save the last changes.
Social Business 133 © 2010 IBM Corporation
134. We have now successfully configured the host aliases for our SIP Edge Proxy
server.
Social Business 134 © 2010 IBM Corporation
135. Now we need to make sure that the setting “Use available authentication data when an
unprotected URI is accessed” is switched off. To check that click on “Security” - “Global
Security”.
Social Business 135 © 2010 IBM Corporation
136. Under “Web and SIP security” click on “General settings”.
Social Business 136 © 2010 IBM Corporation
137. Confirm that the check box near “Use available authentication data when an
unprotected URI is accessed” is switched off.
Social Business 137 © 2010 IBM Corporation
138. Now we need to confirm 2 more settings in the Server configuration for our SIP Edge
Proxy Server. Click on “Servers” - “Server Types” and then on “WebSphere application
servers”
Social Business 138 © 2010 IBM Corporation
140. Under “SIP Container Settings” click on “SIP container”.
Social Business 140 © 2010 IBM Corporation
141. Now click on “Custom properties”
Social Business 141 © 2010 IBM Corporation
142. Confirm that the setting “com.ibm.ws.sip.sent.by.host” contains the full qualified host
name of your Edge Proxy Server machine. If this is wrong, click on
“com.ibm.ws.sip.sent.by.host” and change the host name. Then check that a
property “com.ibm.ws.sip.security.trusted.iplist” does not exist. If it exists mark it
and click the “Delete” button. Then click the “Save” link in the next screen.
Social Business 142 © 2010 IBM Corporation
143. E) Modify the SIP Edge Proxy Settings in the edge-proxy.xml file
Next step is to configure the “edge-proxy.xml” file and populte it to the server node.
Open a windows File explorer and navigate to the directory:
“C:IBMWebSphereAppServerprofilesSTMSDMgrProfileconfigcellsedgeMediaCe
llapplicationsEdgeProxyAppl.eardeploymentsEdgeProxyApplEdgeProxyWeb.wa
rWEB-INF”. Then open the file “edge-proxy.xml” with notepad or better with wordpad.
Social Business 143 © 2010 IBM Corporation
144. The authoritativeProxy section contains the hostname, port, and transport of the SIP
Proxy/Registrar:
* Specify the SIP port used for TCP.
* Specify the SIP port used for TLS.
The edgeProxy section contains the hostname, port, and transport of the Lotus SIP Edge
Proxy:
* Specify the SIP port used for TCP.
* Specify the SIP port used for TLS.
The authProxySourceAddr section specifies the address of the SIP Proxy/Registrar.
When the Lotus SIP Edge Proxy receives stand-alone or initial requests, it determines the
remote address from which the request was received. If the remote address does not
match the SIP Proxy/Registrar address, the request is sent to the SIP Proxy/Registrar for
further processing. Supported values: IP address, regular expression that matches the
SIP Proxy/Registrar address (for example, "10.10.102.14 | 10.10.102.16").
Social Business 144 © 2010 IBM Corporation
145. We use in our example:
authProxyHost=”sametime.renovations,com”
authProxyPort=”5081”
authProxyTransport=”TLS”
authProxySourceAddr=”192.168.30.10”
edgeProxyHost=”edge.renovations.com”
edgeProxyPort=”5081”
edgeProxyTransport=”TLS”
Now save the file and close your wordpad editor.
Social Business 145 © 2010 IBM Corporation
146. Next is to copy the edited file to the application server configuration in the Deployment
Manager. Open a second File explorer and navigate to the directory:
“C:IBMWebSphereAppServerprofilesSTMSDMgrProfileconfigcellsedgeMediaCell
nodesedgeMediaNodeserversSTMediaServer”.
Social Business 146 © 2010 IBM Corporation
147. Now copy the file. (be sure to copy and not move the file)
Social Business 147 © 2010 IBM Corporation
148. Next is to synchronize the file to the node. In your Edge Integrated Solutions Console
click on “System administration” - “Nodes”.
Social Business 148 © 2010 IBM Corporation
150. F) Replace the default certificate
To avoid the problem of IBM® Sametime® clients rejecting the certificate issued for the
IBM Lotus® Edge Proxy server, an administrator needs to replace the default certificate on
the Lotus SIP Edge Proxy so that it contains the SIP Proxy/Registrar's FQDN.
These instructions are for the default certificate, which is meant for internal
communications (not meant to act as a CA). Sametime clients verify that the certificate
was issued for the SIP Proxy/Registrar. In a Lotus SIP Edge Proxy deployment, the client
opens a TLS connection to the Lotus SIP Edge Proxy resulting in the client receiving a
certificate issued for the Lotus SIP Edge Proxy server. This certificate will be rejected by
the client.
Click on “Security” and then on
“SSL certificate and key
management”.
Social Business 150 © 2010 IBM Corporation
151. Now click the “Manage endpoint security configurations” link.
Social Business 151 © 2010 IBM Corporation
152. Open the “Inbound” tree and click on “edgeMediaCell” and then “edgeMediaNode”
Social Business 152 © 2010 IBM Corporation
153. Click the “Manage certificates” button.
Social Business 153 © 2010 IBM Corporation
154. Click the “Create” button and then the “Chained Certificate...” menu entry.
Social Business 154 © 2010 IBM Corporation
155. This fields are required to continue:
Alias “sip-pr-cn-cert”
Common name
“sametime.renovations.com”
Organization
“renovations”
Country or region
“US”
Then click the “OK” button.
Social Business 155 © 2010 IBM Corporation
156. To save the last changes just click the “Save” link.
Social Business 156 © 2010 IBM Corporation
157. Now click again the “edgeMediaNode” in the “Inbound” tree.
Social Business 157 © 2010 IBM Corporation
158. Click the “Manage certificates” button.
Social Business 158 © 2010 IBM Corporation
159. Check mark the “default” certificate and then click the “Replace” button.
Social Business 159 © 2010 IBM Corporation
160. In the “Replace with” selection box select the newly generated “sip-pr-cn-cert” certificate.
Check mark both check boxes “Delete old certificate after replacement” and “Delete old
signers”. Then click the “OK” button.
Social Business 160 © 2010 IBM Corporation
161. To save the last changes click the “Save” link.
Social Business 161 © 2010 IBM Corporation
162. G) Exchange certificates between the SIP Edge Proxy
and the SIP Proxy Registrar
Click “Security” and then on “SSL certificate and key management”.
Social Business 162 © 2010 IBM Corporation
163. Now click “Key stores and certificates” on the right side.
Social Business 163 © 2010 IBM Corporation
165. On the right side click on “Signer certificates”.
Social Business 165 © 2010 IBM Corporation
166. Check the check box near the root certificate (the one with the “root” alias). Then click
the “Extract” button.
Social Business 166 © 2010 IBM Corporation
167. Enter a path to save the certificate. We use “c:tempedgeroot.cer”. Then click the
“OK” button.
Social Business 167 © 2010 IBM Corporation
168. The certificate was extracted successful. Now you need to copy this certificate file to your
Sametime Media Manager box. Best is to copy it there into the “C:temp” directory.
Social Business 168 © 2010 IBM Corporation
169. We have exported the root certificate in the SIP Edge Server and need to import that into
the Sametime Media Manager. We have copied the file and need to import it next. Go to
the Sametime System Console (which is the Integrated Solutions Console for our
Sametime Media Manager). The Browser window should still be open from a previous
step. But it can be possible that the session is timed out. Then you need to re-authenticate
with your “wasadmin” account.
Social Business 169 © 2010 IBM Corporation
170. Click on “Security” and then on “SSL certificate and key management”.
Social Business 170 © 2010 IBM Corporation
171. On the right side click on “Key stores and certificates”.
Social Business 171 © 2010 IBM Corporation
173. On the right side click on “Signer certificates”.
Social Business 173 © 2010 IBM Corporation
174. To import the root certificate from the SIP Edge Proxy server click the “Add” button.
Social Business 174 © 2010 IBM Corporation
175. Enter a name for the certificate, we just use “edge_root”. In the “File name” field enter
the path to where you have copied the certificate file and the filename. We use
“c:tempedgeroot.cer”. Then click the “OK” button.
Social Business 175 © 2010 IBM Corporation
176. To save the last changes click the “Save” link.
Social Business 176 © 2010 IBM Corporation
177. Now we need to do the same thing in the opposite direction. Copying the root certificate of
our Media Manager to the SIP Edge Proxy. For that we check the check box near the root
certificate (the one with “root” in the Alias) and then click the “Export” button.
Social Business 177 © 2010 IBM Corporation
178. Enter a path and file name to where the certificate should be saved. We use
“c:tempsiproot.cer”. Then click the “OK” button.
Social Business 178 © 2010 IBM Corporation
179. The certificate is now saved. Next is to copy this file from the Media manager to the SIP
Edge Proxy box. Best is to copy the file to “c:temp”.
Social Business 179 © 2010 IBM Corporation
180. Go back to the Integrated Solutions Console of your SIP Edge Proxy server. There just
click the “Add” button.
Social Business 180 © 2010 IBM Corporation
181. Enter a name for the Media Managers root certificate. We just use “sip_root”. In the
“File name” field enter the path to where you have copied the file and the file name. We
just use “c:tempsiproot.cer”. Then click the “OK” button.
Social Business 181 © 2010 IBM Corporation
182. To save the last changes just click the “Save” link.
Social Business 182 © 2010 IBM Corporation
183. Because we did security changes in bot servers it is required to restart the Deployment
Manager and all nodes on both servers. Lets start with the Sametime Media Manager
Server first.
In the Services window select the Deployment Manager (the Service with the “..._DM” at
the end) and click the “Stop service” button. You are asked to stop all services. Click
“Yes” to really stop all services.
Social Business 183 © 2010 IBM Corporation
184. When all services are stopped you should start all services. Start with the Sametime
System Console, then the Media Manager, then the Meeting Server and at last the
Proxy Server. This takes a long time and sometimes the services cause into a popup
Window saying a service could not be started. You can ignore that and just wait until
All services are started.
Another option is to reboot the Operating system of the box. Then you need to wait as
Well until all services are started. This really can take some time.
We can recommend to check this in your “Task Manager”. Wait until you can see 10
Java.exe tasks running and each of them consuming between 170 and 450 MB of RAM.
When the CPU usage goes down then the startup of all tasks has finished.
For the SIP Edge Proxy Server box we will do the restart after we configured the
post install tasks.
Social Business 184 © 2010 IBM Corporation
185. STEP SIX: Post Install tasks for the Sametime SIP
Edge Proxy
Summary
This step is to configure automatic stop, startup and dependencies in the
Windows Operating System Services.
Social Business 185 © 2010 IBM Corporation
186. Configure the properties of all 3 task to start automatic.
Then restart the Operating System of your SIP Edge Proxy Server.
Social Business 186 © 2010 IBM Corporation
187. When the Operating System has restarted, you should see all 3 services as started.
Social Business 187 © 2010 IBM Corporation
188. STEP SEVEN: Run the guided activity to configure
the IBM Sametime Meeting Server deployment
plan for the Meeting Edge HTTP Proxy
Summary
This step is to preconfigure the settings for the Sametime Meeting Edge HTTP
Proxy Server installation.
Social Business 188 © 2010 IBM Corporation
189. Start your browser and enter the URL “http://sametime.renovations.com:8700/admin” to
access the Sametime System Console.
Log in with your “wasadmin” user.
Social Business 189 © 2010 IBM Corporation
190. In your Sametime System Console click on „Sametime System Console“ then
„Sametime Guided Activities“ and then on „Install Sametime Meeting Server“.
Social Business 190 © 2010 IBM Corporation
191. Use the first entry „Create a New Deployment Plan“ and click the „Next“ button.
Social Business 191 © 2010 IBM Corporation
192. Enter a name for your Meeting Server Deployment Plan. In this example we use
„Meeting Edge“. Then click the „Next“ button to continue.
Social Business 192 © 2010 IBM Corporation
193. We want to install the product version „8.5.2“. Click the „Next“ button to continue.
Social Business 193 © 2010 IBM Corporation
194. Change to „Secondary Node“ and click the „Next“ button to continue.
Social Business 194 © 2010 IBM Corporation
196. Enter the full qualified host name of your Sametime Meeting Server. In this
example we use „edge.renovations.com“. Enter a WebSphere administrative
user name and its password twice. We just use the standard „wasadmin“
name.
Click the „Next“ button to continue.
Social Business 196 © 2010 IBM Corporation
197. Check your settings and then click the „Finish“ button to save the new Deployment Plan.
Social Business 197 © 2010 IBM Corporation
198. You have now successfully created a Deployment Plan for the Sametime Meeting
Edge Server installation.
The next step is to install the Sametime Meeting Edge Server.
Social Business 198 © 2010 IBM Corporation
199. STEP EIGHT: Install the IBM Sametime Meeting
Server
Summary
In this step you install the Sametime Meeting Server secondary node for the
Sametime Meeting Edge HTTP Proxy Server using the preconfigured settings in
the deployment plan on the Sametime System Console.
Social Business 199 © 2010 IBM Corporation
200. On your Edge Box start a CMD line window and navigate to the Sametime Meeting
Server install directory. We do this with the command: „cd
InstallSametimeMeetingServer“. Then start the Launchpad installer with the
command „launchpad“.
Social Business 200 © 2010 IBM Corporation
201. Click the „Install IBM Lotus Sametime Meeting Server“ link.
Social Business 201 © 2010 IBM Corporation
202. Click the „Launch IBM Lotus Sametime Meeting Server 8.5.2 Installation“ link.
Social Business 202 © 2010 IBM Corporation
204. Just click the „Install“ icon to start the Sametime Meeting Server installation.
Social Business 204 © 2010 IBM Corporation
205. Check the „IBM Sametime Meetings server“ and „Version 8.5.2“ entries.
They are unchecked by default. Then click the „Next“ button.
Social Business 205 © 2010 IBM Corporation
206. Accept the terms in the license agreement and click the „Next“ button.
Social Business 206 © 2010 IBM Corporation
207. Because we have already installed a WebSphere based Sametime Server on this box,
(The Sametime SIP Edge Proxy Server) we can reuse the installed binaries. The
installer detects this and checks the „Use the existing package group“. And
therefore the path is greyed and can not be changed. Click the „Next“ button to
continue.
Social Business 207 © 2010 IBM Corporation
208. We want to use the predefined Deployment Plan from the Sametime System Console.
Click the „Next“ button to continue.
Social Business 208 © 2010 IBM Corporation
209. We don't want to use an other existing WebSphere Application Server
installation so we just click the “Next” button.
Social Business 209 © 2010 IBM Corporation
210. Enter the Sametime System Console Server information and credentials to authenticate.
In our example we use „sametime.renovations.com“ as SSC Server name and
„wasadmin“ as the WebSphere Administrative User name. The last field is the host
name where we want to install the Sametime Meeting Server. Here we use
„edge.renovations.com“. Then click the „Validate“ button to check the connection to
the System Console Server.
Social Business 210 © 2010 IBM Corporation
211. The connection to the Sametime System Console was successful when the
button text „Validate“ changes to „Validated“. Click the „Next“ button to
continue.
Social Business 211 © 2010 IBM Corporation
212. Select your Sametime Meeting Server Deployment plan that you have created in
the previous step. We use our „Meeting Edge“. Then click the „Next“ button to
continue.
Social Business 212 © 2010 IBM Corporation
213. Control the settings you received from the System Console. Then click the „Next“ button.
Social Business 213 © 2010 IBM Corporation
214. To start the installation click the „Install“ button.
Social Business 214 © 2010 IBM Corporation
215. The Sametime Meeting Server is now installing. This takes approximately 30 to 45
minutes. But because we already have the binaries installed and reuse this data, the
installation is much shorter. It then takes only 15 to 20 minutes.
Social Business 215 © 2010 IBM Corporation
217. Important to know...
The Meeting Server can be clustered using the WebSphere Network Deployment. This
can be configured and deployed with the Sametime System Console.
The new Sametime Meeting Server consists of two components.
- the Meeting Server
- the Meeting HTTP Proxy
Clustering means that a meeting room is running only on one server at a time. The
Meeting Proxy servers have the information on witch Meeting Server instance the
Meeting Room is running and forward incoming requests to the right server. Meeting
data are stored only in the database. In case of a fail over the Meeting Room will be
started on another Meeting Server in the cluster immediately.
For external access a separate Sametime Meeting Server in your DMZ is recommended
for better security.
Social Business 217 © 2010 IBM Corporation
218. You have now successfully installed the Sametime Meeting Server. Click the „Finish“
button and exit the Installation Manager and Launchpad.
Social Business 218 © 2010 IBM Corporation
219. Click “File” in the menue bar and then “Exit”.
Social Business 219 © 2010 IBM Corporation
220. In the Launchpad click again on “Exit”.
Social Business 220 © 2010 IBM Corporation
221. Click the “OK” button to close the Launchpad.
Social Business 221 © 2010 IBM Corporation
222. Close the CMD line window with the command “exit”.
Social Business 222 © 2010 IBM Corporation
223. STEP NINE: Use the Guided Activity in the Sametime
System Console to federate the new installed
Meeting Server node to the Deployment
Manager and cluster it.
Summary
In this step you create a Meeting cluster, add the new node on your Edge Server
to the WebSphere Cell of your Sametime System Console and add it to the
cluster.
Social Business 223 © 2010 IBM Corporation
224. In your Sametime System Console click on “Sametime System Console” - “Sametime
Guided Activities” and then on “Cluster WebSphere Application Servers”.
Social Business 224 © 2010 IBM Corporation
225. Click the “Next” button to continue.
Social Business 225 © 2010 IBM Corporation
226. We want to cluster our Meeting Server installations. So select “Sametime Meeting
Server” and click the “Next” button.
Social Business 226 © 2010 IBM Corporation
227. Enter a name for the cluster. We use “Meeting_Cluster”. Then click the “Next” button.
The cluster name can not contain blank characters.
Social Business 227 © 2010 IBM Corporation
228. We want to use the “System Console” Deployment Manager. Select the entry and click
the “Next” button.
Social Business 228 © 2010 IBM Corporation
229. Click the “Create cluster” button to create the cluster. This step can take 4 or 5
minutes. If the process takes too long and runs into a timeout, then you get a failure
message here. Wait 2 minutes and click the button “Create cluster” again. Then it
works mostly.
Social Business 229 © 2010 IBM Corporation
230. The cluster is now created successfully. Click the “Next” button to continue.
Social Business 230 © 2010 IBM Corporation
231. The secondary node is already federated to the cell. Click the “Next” button to continue.
Social Business 231 © 2010 IBM Corporation
232. To add the secondary node to the cluster click the “Add to cluster” button.
Social Business 232 © 2010 IBM Corporation
233. The secondary node is now successfully added to the cluster. Click the “Next” button to
continue.
Social Business 233 © 2010 IBM Corporation
234. Now you have successfully clustered the 2 Sametime Meeting Servers. Click the
“Finish” button to continue.
Social Business 234 © 2010 IBM Corporation
235. STEP TEN: Remove the newly created application
server “Meeting Server”.
Summary
In this step you remove the installed meeting server. We only need the node
installation for the Edge HTTP Proxy but we dont need the Server.
Social Business 235 © 2010 IBM Corporation
236. In your Sametime System Console – Integrated Solutions Console – click on “Servers” -
“Server Types” and then on “WebSphere application servers”.
Social Business 236 © 2010 IBM Corporation
237. Check the check box near your new meeting Server “STMeetingServer1”. The one who is
not running and installed on your edge box. Be sure to select the right one. Then click the
“Delete” button.
Social Business 237 © 2010 IBM Corporation
238. Crosscheck that you have selected the right one. If yes, then click the “OK” button.
Social Business 238 © 2010 IBM Corporation
239. Save the last changes by clicking the “Save” link.
Social Business 239 © 2010 IBM Corporation
240. STEP ELEVEN: Create the WebSphere Meeting HTTP
Edge Proxy.
Summary
In this step you create a Meeting HTTP Edge Proxy on your Edge Server to
forward incomming HTTP requests from Internet clients to your Sametime
Meeting and Sametime Proxy servers in your Intranet.
This step has to be done in your Sametime System Consoles Integrated
Solutions Console.
Social Business 240 © 2010 IBM Corporation
241. Click on “Servers” - “Server Types” and then on “WebSphere proxy servers”.
Social Business 241 © 2010 IBM Corporation
242. Click the “New” button to create the new HTTP Proxy server.
Social Business 242 © 2010 IBM Corporation
243. Select the node on your edge server “edgeSTMNode1” and enter a name for your Edge
HTTP Proxy Server. We just use “STMeetingHttpEdgeProxy”. Then click the “Next”
button to continue.
Social Business 243 © 2010 IBM Corporation
244. Uncheck the “SIP” property. In this server we only need HTTP. Then click the “Next”
button to continue.
Social Business 244 © 2010 IBM Corporation
245. Click the “Next” button to continue.
Social Business 245 © 2010 IBM Corporation
246. Click the “Next” button to continue.
Social Business 246 © 2010 IBM Corporation
247. Save the last changes by clicking the “Save” link.
Social Business 247 © 2010 IBM Corporation
248. STEP TWELVE: Post Install tasks for the WebSphere
Meeting HTTP Edge Proxy.
Summary
In this step you configure the ports used by your HTTP Edge Proxy Server and
the Services for automatic startup with the Operating System.
Social Business 248 © 2010 IBM Corporation
249. Click on “Servers” - “Server Types” and then on “WebSphere proxy servers”.
Social Business 249 © 2010 IBM Corporation
250. Click the newly created “STMeetingHttpEdgeProxy” server.
Social Business 250 © 2010 IBM Corporation
251. On the right side click on “Ports”.
Social Business 251 © 2010 IBM Corporation
253. Change the Port to “80” and click the “OK” button.
Social Business 253 © 2010 IBM Corporation
254. Now click the “PROXY_HTTPS_ADDRESS”.
Social Business 254 © 2010 IBM Corporation
255. Change the port to “443” and click the “OK” button.
Social Business 255 © 2010 IBM Corporation
256. To save the last changes click the “Save” link.
Social Business 256 © 2010 IBM Corporation
257. The Installer has installed a service for an server that does not exist anymore. We first
need to remove that service and then create the services we need.
Social Business 257 © 2010 IBM Corporation
258. In a CMD line window navigate to the directory WebSphere binaries directory with the
command “cd IBMWebSphereAppServerbin”.
Social Business 258 © 2010 IBM Corporation
259. Remove the service with the command: “wasservice -remove STMeetingServer”.
Social Business 259 © 2010 IBM Corporation
260. Confirm that the removal was successful.
Social Business 260 © 2010 IBM Corporation
261. To create the right services we need the profile path in the command line.
In your file explorer navigate to the directory
“C:IBMWebSphereAppServerprofilesedgeSTMSNProfile1”.
Copy the link into your dashboard with the “Ctrl-C” keycombination.
Social Business 261 © 2010 IBM Corporation
262. Now enter the command to create the service:
“wasservice -add STMeetingHttpEdgeProxy -serverName STMeetingHttpEdgeProxy
-profilePath C:IBMWebSphereAppServerprofilesedgeSTMSNProfile1
-stopArgs “-username wasadmin -password passw0rd” -encodeParams”.
Check that the command was processed successfully.
Social Business 262 © 2010 IBM Corporation