IBM Connections send notifications links as http not https

    Kenio Carvalho  26 March 2015 08:24:37
    Links on messages from IBM Connections contains links as https and http. The customer want's only https links

    How to set :

    1 - On the DMGR profile:

    ./wsadmin.sh -lang jython -user admin_user_id -password admin_password

    2 -Type the following on wsadmin interface

    execfile("connectionsConfig.py")

    3 - Do a checkout of LotusConnections-config.xml

    LCConfigService.checkOutConfig("/tmp/",AdminControl.getCell())

    4 - Change de following to true



    5 Checkin the new LotusConnections-config.xml

    LCConfigService.checkInConfig()

    6 - Sync and restart the nodes

      Domino SSO with SharePoint using SPNEGO

      Kenio Carvalho  25 March 2015 12:37:49
      This week i setup Domino SSO with Windows. The customer will launch a SharePoint portal server and need a SSO with Domino Web Applications.

      I follow this tutorial, the setup is very simple but some problems arrive.

      The Domino server have the FQDN domino.mydomain.com.br  and the windows server  server.mydomain.com.br. The SSO doesn't work.
      I read the message  Attempt by HTTP client to authenticate using Windows NTLM security is not supported on Domino console.

      After the AD administrator setup the user dominostart, he issued the command SETSPN -a HTTP/domino.mydomain.com.br dominostart.

      When the user try to access a url of the domino server the browser show a logon dialog but the title of the dialog show the windows server name (server.mydomain.com.br).

      I asked the AD administrator to add another SPN SETSPN -a HTTP/server.mydomain.com.br dominostart

      Everything works after a Domino restart. :=)

      If you want to use Chrome as your browser you need to start Chrome with arguments

      /path/to/chrome --auth-server-whitelist="*.domain.com"

        Setup IBM Cognos Connections 5 on SLES11 and Oracle. A novel

        Kenio Carvalho  19 March 2015 08:23:12
        This week i spend several hours to setup a machine with IBM Cognos and IBM Connections 5 CR2 on SLES 11 SP3 using Oracle as database.

        The Cognos wizard complete the CognosBI setup but Trasnformer not.

        I set the logs to debug level and the messages does not help.

        The problem was when the error appears the wizard roll back the installation of CognosBI removing everything from WebSphere.

        After several reviews of the SLES libraries and Oracle client setup i made the setup only for CognosBI (previously i setup CognosBI + Transformer) successfully.

        I try to open the cognos URL like http://server:port/cognos/servlet/dispatch/ext but the server doesn't send any response

        Reading the cognos.log i found the following :

        Initialization_SESS Initialization_REQ Thread-70        CM        6304        1        Audit.cms.CM        StartService Warning
        CM-CFG-5063 A Content Manager configuration error was detected while connecting to the content store. sealing violation:
        package oracle.jdbc is sealed Runtime Exception stack trace: java.lang.SecurityException: sealing violation: package oracle.jdbc is sealed

        I don't now why but the installer copy the orajdbc6.jar into Cognos.ear.   I stop the cognos server, remove the orajdbc6.jar from the lib folder inside of cognos.ear and  start the server.

        The cognosBI works and  Transformer was installed without problems.

        The steps i follow

        1 - Setup Cognos BI
        2 - Stop the server and remove the orajdbc6.jar from the cognos.ear
        3 - Start the Cognos Server
        4 - Setup the Transformer

          IBM Connections requires that XMLHTTP is enabled in Internet Explorer

          Kenio Carvalho  9 March 2015 08:26:17
          IBM Connections requires that XMLHTTP is enabled in Internet Explorer, either through ActiveX or native object, for the dynamic AJAX functionality to function correctly.

          Check Enable native XMLHTTP support in the Advanced tab of the Internet Options dialog


          Image:IBM Connections requires that XMLHTTP is enabled in Internet Explorer

          Information from IBM TN 1698438

            IBM Connections 5.0 Search index error.

            Kenio Carvalho  3 March 2015 19:16:51
            Some users are receiving the message bellow instead of the search results:

            CLFRW0075W: Failed to load the index at startup, it may not have been created yet”

            The search index on one node was created/copied.

            To solve the problem i just copy the index from another node.

              IBM Connections 5 CR2 released

              Kenio Carvalho  26 February 2015 16:49:43
              1. Update strategy for IBM Connections 5.0:

              http://www-01.ibm.com/support/docview.wss?uid=swg21683118

              2. IBM Connections 5.0 requirements for IBM FileNet for use with Connections Content Manager (CCM):

              http://www-01.ibm.com/support/docview.wss?uid=swg21683147

              3. IBM Cognos Wizard for IBM Connections 5.0 Cumulative Refreshes (CRs)
              http://www-01.ibm.com/support/docview.wss?uid=swg21696033

              4. Fix list for IBM Connections 5.0 CR2:

              http://www-01.ibm.com/support/docview.wss?uid=swg21694318

              5. Updating the IBM Connections 5.0 databases to the required schema versions for Cumulative Refresh 2 (CR2):

              http://www-01.ibm.com/support/docview.wss?uid=swg21694319

              6. New functions included in IBM Connections 5.0 CR2
              http://www-01.ibm.com/support/docview.wss?uid=swg21695145

              7. Upgrade to IBM Connections 5.0 CR2 from IBM Connections 5.0 CR1 With Connections Content Manager (CCM)
              http://www-01.ibm.com/support/docview.wss?uid=swg21696235

                How to test your PC for the New "Superfish" Security Vulnerability

                Kenio Carvalho  19 February 2015 18:36:48
                Security researchers have discovered a vulnerability in a piece of adware called Superfish that makes your computer vulnerable to all kinds of attacks. Superfish ships preloaded on many Lenovo computers, but can also be installed on any machine. Here's what's going on and how to test if you're infected.

                See the full article here

                  WebSphere Portal is removing Apache commons-httpclient JAR files

                  Kenio Carvalho  12 February 2015 12:13:02
                  Due to security vulnerabilities (CVE-2012-6153 and CVE-2014-3577) WebSphere Portal is removing the Apache commons-httpclient JAR files from all releases and replacing them with the newer version (Apache HttpClient 4.3.6).  
                  Note that the JAR files may not be removed by a specific interim fix but the interim fix will remove all WebSphere Portal uses of those JAR files and the JAR files will be removed by a subsequent Cumulative Fix associated with that release.

                  These JAR files have been on the Portal classpath in many releases.  They were never intended to be used by our customers but it is possible that they could be used by a customer's custom portlets or by a third party's custom portlets.

                  The specific JAR files that will be removed are the following:

                          commons-httpclient-2.0.jar
                          commons-httpclient-3.0.jar
                          commons-httpclient-3.0.1.jar

                  The WebSphere Portal releases in which the removal takes place are:

                          WebSphere Portal V6.1.0.6
                          WebSphere Portal V6.1.5.3
                          WebSphere Portal V7.0.0.2
                          WebSphere Portal V8.0.0.1 (included in CF15)
                          WebSphere Portal V8.5.0.0


                  If you do not have any custom code or third party code that uses these JAR files you do not have to do anything as consequence of this removal.  

                  If you do have custom code or third party code that depends on these JAR files to be in the Portal Server classpath then you will have to make a change.  There are many options.  You can simply add a copy of the JAR back into the WebSphere Application Server or WebSphere Portal classpath, add the JAR into the appropriate portlet WAR file (neither of which will protect you from the security vulnerabilities) or change your custom source code to use the new Apache HttpClient 4.3.6 JAR that does fix the security vulnerability.  Changing the source code is the best option.  Note that Apache HttpClient 4.3.6 is a complete rewrite of the library and there is no backward compatibility.  Reference the Apache web site for more details.

                  From TN 1695483

                  New Entries

                  New Comments

                  Categories

                  Links

                  Feeds

                  Archives


                  Locations of visitors to this page