IBM G325-2585-02 manual Proper Configuration

Page 45

IBM Lotus Sametime 7.5.1

Release Notes

in stlinks.js without any change:

var is TAM-env=false;

//racingConnTimeout-Timeout between racing connections in milliseconds. The value is sent to the STLinks applet.

1.Enable reverse proxy support and specify the WebSEAL junction in the Sametime Administration Tool on the Sametime 7.5.x server.

-Open the Sametime Administration Tool on the Sametime 7.5.x server.

-Select Configuration-Connectivity.

-In the "Reverse Proxy Support" section, select the "Enable Reverse Proxy Discovery on the client" setting to enable the reverse proxy support.

-In the "Reverse Proxy Support" section, enter the WebSEAL junction name in the "Server Alias" field. In this example, "st" is the WebSEAL junction name.

2.Create the Tivoli Access Manager WebSEAL junction as shown below:

pdadmin> server task webseald-[servername] create -t tcp -h [sametime hostname] -p 80 -i -j -A -F [ path to LTPA key] -Z [LTPA key password]/junction

You cannot use the -w parameter for this setup. Some requests generated by Sametime are not allowed through the junction if the -w exists. You must also ensure that the LTPA key used in the junction is the same LTPA key that the Sametime server uses in its Web SSO Configuration document

After performing these configurations, you should be able to login to https://webseal/stjunction and be prompted by WebSEAL for authentication. Once authenticated, SSO between WebSEAL and Sametime should work and all requests for Sametime will route through WebSEAL.

Sametime

Sametime Administrator needs to be in LDAP for policies to work

Existing Sametime customers that use LDAP may have the Sametime Administrator defined in the local Domino Directory. Until now, those customers did not need to have a Sametime Administrator defined in LDAP; this is now required for Policy Administration.

Proper Configuration

Add the Distinguished Name (DN) of an LDAP user to the Access Control List (ACL) of stconfig.nsf with the following access: Person/Manager - with all privileges and all roles.

Notes

1.Make sure that you change the commas to slashes when entering the name into the ACL.

2.In the third example below (Sametime Administrator), note that the canonical format changes to the hierarchical format. Since the LDAP hierarchy matches Domino's hierarchy, the ACL will automatically normalize the name to the hierarchical format.

For example, if you enter 'cn=Sametime Administrator/ou=Austin/O=IBM', the ACL will automatically show 'Sametime Administrator/Austin/IBM'. When using Domino LDAP you will see this behavior, since the hierarchy of Domino LDAP matches the hierarchy system of standard Domino.

Below are examples of what the DN looks like in LDAP, and what it should look like in the ACL:

39

Image 45
Contents Release Notes First Edition Revised May 31 About this release Known limitations, problems, and workarounds IBM Lotus Sametime Documentation updates New features in IBM Lotus Sametime New in this releaseSametime Connect Client Sametime Mobile Sametime MeetingsSametime Server Backward compatibility Limitations Beta releaseSummary Sametime Sametime pre-7.5 LimitationsSametime Sametime pre-7.5 Product compatibility Installing Sametime 7.5.1 integration with Microsoft OfficeKnown issues Third Party Limitations Sametime 7.5.1 integration with Microsoft OfficeInitializing Sametime within Microsoft Outlook Features Sametime Toolbar in Microsoft OutlookIBM Lotus Sametime IBM Lotus Sametime IBM Lotus Sametime IBM Lotus Sametime IBM Lotus Sametime IBM Lotus Sametime IBM Lotus Sametime Sametime task menu in Microsoft Office Smart Tags IBM Lotus Sametime Configuration options IBM Lotus Sametime IBM Lotus Sametime Synchronization Sametime Client Limitations using Macintosh OSSpell checker overview Supported languages in this releaseUnsupported languages in this release 1 Hungarian Hardware requirements for Sametime Hardware requirementsOperating system Linux Operating system Microsoft WindowsClient hardware requirements Linux Client hardware requirements MacintoshVideo Chat Supported PC Cameras and WebCams Hardware requirements for Sametime 7.5.1 MobileClient hardware requirements for Instant Messaging Mobile Client requirementsSoftware requirements IBM Lotus Sametime 7.5.1 Server software requirements IBM Lotus Sametime 7.5.1 Meetings requirementsMeetings Client Browsers supported Server Operating SystemInstallation notes Silent Install configurationSametime Client for Macintosh Additional Java requirements Installing the Lotus Sametime 7.5.1 Software Development Kit Pre-installation steps for Linux Sametime Server Linux Sametime Server 7.5.1 installation on VMWareHard Nofile 65535 Soft Operating System Single Sign-On feature installation Installing Sametime Conversion ServicesTroubleshooting Installing OS Single Sign-OnRemoving OS Single Sign -On Run ssoremove.cmdInstalling additional Spell Checker dictionaries Registry entry for Sametime installation directory Upgrade notesConversion Services upgrade required Migrating privacy data after upgrading the serverLaunching and configuring the Sametime Connect 7.5.1 client Configuration notesConfiguring Sametime to work behind WebSEAL reverse proxy Connecting to a Sametime server using a reverse proxy serverProper Configuration Ldap Distinguished Name DN How name should appear in ACL Sametime Connect and Https connections on port 443 orAdd a new IP address to the Sametime server machine Services IBM Lotus Sametime Windows DEP process causes launch error Adjusting the logging level in sametime .propertiesWorkaround Allow only one chat client connection per IP address Single client loginCase-sensitivity for the client Configurable preferred log-in listCase insensitive ID compare Collecting Resolve statisticsDisabling partial search for users or public groups Conversion Services on Windows Sametime serversHow to configure Force users to connect through home clusterMultiple Community considerations Sametime Connect client file transfer overview Server file transfer RTCPeer-to-peer file transfer P2P Virus scanning is not enabled on the server Virus scanning is enabled on the serverVirus Scanning RTC or P2P?Sametime does not provide a virus scanner Which transfer method is my client using ?Sametime Policy for Anonymous user STPolicy exhaustive search through Domino DirectoryUser Consent framework Video Chat Automatically adjusting bit rate Video Chat CPU UsageVoice chat and Network Address Translation NAT IBM Lotus Sametime Uninstall on AIX when only Application Server is selected Uninstallation informationLimitations Sametime Connect client accessibility issues Possible Linux sound issues with OSSHow Policy affects client-to-client telephony Linux Automatic Reconnect not workingClick-to-call only works with primary community Contact issuesLinux Date displays incorrectly for Login Internationalization issuesMeeting issues Conversion Service failure produces no error messagePreferences/Status Messages In a Meeting settings Password is not case-sensitive using Mozilla with RedHatPremiere Global Services audio adapter not supported Telephony, Mute may not work as expectedSome German characters may not work in shared application When shared window is obstructed users will see grayStarOffice Calc and Impress files cannot be attached Date/time format in unlisted meeting pages is unlocalizedSametime Gateway issues Known issues with Sametime Connect and Yahoo ! MessengerExternal user does not receive status messages Domino Web Administration does not support Firefox Server issuesSametime capabilities are limited with external users Sametime Gateway has limited NAT supportSametime setup fails when xACL enabled for Domino Directory Known problems and workaroundsTab order problems in installation program Internet e-mail addresses not supported in Ldap attributeCorrupt .oit directory can cause conversions to fail on Unix Cannot rejoin conference call after hanging up phoneUnable to log in to Sametime from Suse Linux client Microsoft Office Integration Re-enable Smart TagPreventing errors when UserInfo servlet processes updates I5/OS Update Business Card setup after changing to LdapCall menu item on right-click Person menu loses sub-menu Attribute name Attribute valueSetting the company name for Domino Ldap Do not use the Euro symbol in an attachment nameEuro symbol may display incorrectly International characters on slides may not display correctly Linux Square symbol may appearCannot edit Telephony-based meetings Users may see incoherent message when ending a meetingDisk space limits for recorded meetings Do not use certain characters in a meeting passwordDo not import a nonexistent recorded meeting file Do not use certain characters in a meeting nameInvalid blacklisted wildcards on Properties Linux Crash when using the IBM JVM 1.4.2 with FirefoxConversion Service and files with wrong extensions Pre-7.5 Sametime clients are not licensed for useURLs displayed twice Policy Assign Users incorrectly says to select a directory Quick find behavior when Sametime server uses Domino LdapPolicy Assign Users pages does not detect Java VM STPolicy Server Application trace file size decreasingUpgrading to Sametime 7.5.x breaks Avaya Service Provider IBM Lotus Sametime I5/OS Updates to Installation Guide Installing the Sametime serverCase insensitive awareness Enabling Telephony supportAdministering the Sametime server Ltpa token authenticationClient log file overview Sametime Connect Client end-user Help Sametime Connect Client end-user Help updates/correctionsSametime Meetings end-user Help Meetings end-user Help updates/correctionsIBM Lotus Sametime Where to find notice and license information Trademarks IBM Lotus Sametime