IBM Lotus Notes and Domino 8.5.1 — Save 50%
Upgrade your system and embrace the exciting new features of the IBM Lotus Notes and Domino 8.5.1 platform with this book and eBook
In this article by Barry Rosen, we will discuss about the integration of the add-on product—Lotus QuickPlace/Quickr with the typical Notes/Domino infrastructure.
In this article, we will learn about:
- Quickr with services for Domino
- Installing Lotus Quickr
- Directory integration
- Integrating Lotus Sametime
- Application development
- Quickr with services for WebSphere Portal
- Installing Lotus Quickr services
- Lotus Quickr J2EE directory integration
- Integrating Sametime for Quickr WebSphere Portal
The Lotus brand within the IBM Software group represents the "people facing" side of the overall IBM product family. This does not necessarily mean the end user uses no other IBM products, but the Lotus brand is the front end of the IBM SOA Interaction Services component.
The following diagram shows the interaction between these components. Each can be deployed as a separate infrastructure piece and provide value. However, when they are leveraged as an integrated solution, the possibilities are nearly endless.
- WebSphere Portal Server provides an on-the-glass integration solution for your enterprise. It allows you to create composite role-based applications from different data sources. For more information, visit http://www.ibm.com/websphere/portal
- Web Content Management is now an integrated piece of the WebSphere Portal Server. It provides an end user driven content authoring and content delivery system. Visit http://www.ibm.com/websphere/portal
- Lotus Notes/Domino is IBM's fagship messaging and collaboration product, deployed to over 100 million users. It provides a foundation on which many of the other value-added products build. Visit http://www.ibm.com/software/sw-lotus/products/product4.nsf/wdocs/dominohomepage
- Lotus QuickPlace/Quickr is IBM's team collaboration product. It provides template-based services and a set of content connectors, allowing end users to quickly create interactive team places, all without the need for administrator intervention. Visit http://www.ibm.com/software/sw-lotus/products/product3.nsf/wdocs/ltwhome
- Lotus Sametime is IBM's unified communications and collaboration product. It provides enterprise-class instant messaging and web conferencing services, as well as a platform for many other capabilities. This includes telephony and voice integration services. Visit http://www.ibm.com/software/sw-lotus/products/product3.nsf/wdocs/st75home
- Lotus Connections is IBM's "social networking" product. It provides a new category of integrated application services covering the following areas: activities, dogear, blogs, communities, and profles. Visit http://www.ibm.com/software/sw-lotus/products/product3.nsf/wdocs/connections
This article does not cover all the products available under the Lotus brand. For additional information on these, visit http://www.lotus.com
The Lotus QuickPlace product has been available for several years. QuickPlace has become recognized as a leader in web-based team collaboration, and it is used in many large corporations throughout the world.
In early 2007, IBM announced two important changes to the QuickPlace product family:
- The new version of Lotus QuickPlace will be renamed Lotus Quickr
- A new J2EE-based version of QuickPlace will be introduced, also called Lotus Quickr
These two versions of Quickr (one based on Domino and one based on WebSphere Portal) form a single product. They do, however, have very different deployment architectures. From an end user's standpoint, they should be viewed as collaboration appliances. They will be presented with a consolidated list of places where they are involved so that the end users can easily navigate. This will be the case regardless of the backend deployment architecture.
The goal of these changes to QuickPlace/Quickr is simplification. IBM wants the product to be so simple that an end user can, with a few clicks, generate productive services. There is also a focus on server deployment simplification.
One of the key components of Quickr is the connector technology that it introduces. These connectors will allow for direct and programmatic interaction with the data stored in the Quickr places. Connectors that will be shipping with Quickr 8.0 are the following:
- File System/Windows Explorer
In this section, we will cover each edition and discuss how it integrates with Domino. We will not be covering how to install the product itself; this is covered in detail within the product documentation.
Quickr with services for Domino
The Domino-based edition of Quickr should be thought of as a signifcant upgrade to the existing QuickPlace product line. This product has been maturing over many years, and this new release provides many new capabilities. These include native support for wikis and blogs "out of the box".
Installing Lotus Quickr
The basic installation process for Quickr with service for Domino is very simple. It involves installing a base Domino server v7.0.2 FP1. The Quickr product components are then installed on top of this server.
After installation, there is some additional configuration required, depending on the intended usage. They are:
- User/group directory configuration is used to control the authorization and authentication of the environment
- Sametime integration is used to enable presence awareness within the places
- QPServlet confguration is used for WebSphere Portal integration
The user/group directory configuration allows you to select one of three directory types:
- Internal place level directory allows for registration of users at a place level. The users are independent of any corporate directory that may be in place. Generally this is used to support external user access.
- Lotus Domino Directory allows users and groups to be stored in the names.nsf database (public address book) and corresponding directories surfaced via directory assistance.
- LDAP directory allows for users in a supported native LDAP directory (for example, Domino, IBM Tivoli Directory Server, Microsoft Active Directory, Novelle Directory, or Sun One Directory). This configuration allows for the refinement of the settings used to interact with the LDAP source.
The directory can be configured by first logging as an administrative user. In the following screenshot, we have logged in as user in Admin from the Domino Directory.
Next, select the User Directory option from Site Administration. The following screen shows the default value of No Directory selected. This is the base setup where the contacts.nsf database for each place will be used as a user directory.
It is possible to change the user directory by clicking the Change Directory button. This lets you choose between No Directory, LDAP Server, and Domino Server.
If LDAP Server is selected, then options for connecting to the directory server will be displayed, as shown in the following screenshot:
This screen contains the following felds:
- Name provides the host name of the LDAP Directory Server.
- Port number is the LDAP TCP/IP port used to communicate with the server.
- Check for SSL connection with LDAP User Directory enables SSL encryption of the LDAP traffic. Note that this is an "all or nothing" selection. It is not possible to only encrypt parts of the conversation with the LDAP server.
- Search base controls determines where in the LDAP tree to search for users and groups. For a Domino LDAP directory this value is generally left blank. This is because groups in Domino, as seen through LDAP, have no organizational component (for example, cn=Sales Users).
- Narrow searches to the place name further restricts the LDAP search to users that contain the Quickr place name (for instance, Sales).
- Check to use credentials specified below when searching the directory controls whether or not anonymous access is used for the LDAP directory. It is very common to have read-only binding credentials to search the directory.
- Username provides the user's distinguished Name for the LDAP server (for example, cn=quickrbind, ou=Admin, o=Acme).
- Password is the password for the username above.
- Authentication Timeout controls the time in seconds for the login operation to timeout. The default is 120 seconds.
- Search Timeout controls the time in seconds for LDAP searches to timeout. The default is 120 seconds.
eBook Price: $29.99
Book Price: $49.99
The next section of the directory configuration screen determines whether or not new users can be controlled at the place level. Specifically, this allows for the place manager to create new users that are not in the directory. Otherwise, they can only add users that exist in the directory.
After you complete the configuration, the LDAP directory is available for use. If additional configuration is needed beyond this, then a qpconfig.xml file must be used. This file is created in the Quickr server data directory, where there is a sample configuration file called qpconfig_sample.xml.
The qpconfig.xml file can be used to fine tune the LDAP directory settings, including attribute mappings and LDAP search flters.
If Lotus Dino is selected as the directory type, the only option is management of the place level security. This is the same option as in the LDAP server setting.
Integrating Lotus Sametime
The process required to configure Sametime integration with Quickr is similar. From the Site Administration screen, select Other Options and then select Edit Options.
The Sametime Servers section controls the host names to be used for the Quickr server. This screen has numerous other items as well, which are covered in the administration help.
Enter the Sametime Community and Meeting Server host names. Depending on the environment, these may be the same hosts.
The next configuration step is to set up a new Web SSO document into the Domino Directory shared by the Quickr and Sametime servers. (If you are using WebSphere Portal server, as shown in a later section, this Web SSO document will contain the imported WebSphere application server token.)
You must now copy several files from the Sametime server to the Quickr server. These files will be used for both awareness and meeting services. The fnal step is to ensure that the Chat: Shot the Chat link is enabled. It should be enabled by default.
Integration with Lotus Sametime and Quickr services for Domino involves the qpconfig.xml fle. It manages the Sametime features available within Quickr. When using Sametime with Quickr, only users that are in the LDAP directory will be visible. Any locally created users will not have awareness.
The final integration component of Quickr with services for WebSphere Portal and Domino comes in the area of application development. Since this edition of Quickr is built on top of a Domino foundation, it is possible to use traditional Domino development techniques to customize and extend it in many ways. Developers can use the standard Lotus Developer client to extend the use of Quickr.
Quickr with services for WebSphere Portal
The WebSphere Portal-based edition of Quickr represents a significant application in the Web 2.0 space. It heavily leverages these technologies to bring an industry-leading collaboration experience. This product expands on the capabilities originally created from IBM Workplace Collaboration Services and IBM Workplace Services Express.
The user interface is very similar to the Domino-based edition. The feature sets between these two are different at the moment. Therefore, it is important for customers to evaluate the requirements for each place to determine if the Domino or J2EE foundation provides the necessary features
Installing Lotus Quickr services
The installation of Quickr services for WebSphere Portal server has been optimized for ease of deployment.
There are three installation types that are available in the setup program:
- Departmental/Express provides for the fastest deployment. The server is fully deployed with all necessary components including DB2.
- Advanced Single Server allows for additional options during setup for future expansion.
- Advanced Enterprise Cluster allows for a base installation that is intended for a clustered deployment.
Additional details about the product installation are available in the Quickr administration guide.
Lotus Quickr J2EE directory integration
Since the J2EE-based version of Quickr is built on top of the WebSphere application server and the WebSphere Portal server, there are only two directory configurations:
- Custom user registry is the internal directory built in on top of the Quickr RDBMS
- LDAP user registry is the external LDAP directory
Even though you have to transfer security to an external LDAP directory as a separate step, it should not be inferred that security is not enabled in Quickr. The installation process enables WebSphere Portal security against the custom user registry with a user specified during the installation. This user is quikradm by default.
The custom user registry is similar to the default Domino edition of Quickr. That is, it's the place administrators can manage new users without having them written into the corporate directory. When using an LDAP user registry, it is common for these to have write-access restricted, limiting the creation of new users outside of the Directory administration team. The process of security transfer to an external LDAP source is handled by the Configuration Wizard.
It is recommended that, if you are planning to transfer security to an external LDAP directory, this should be done during the initial installation. It is technically possible to do this transfer with data in the system, but you risk causing harm to that information later. This is particularly true if your user credentials are changing as part of this move.
In preparation for the security transfer, several users and groups need to be created in the LDAP directory.
- wpsadmin: WebSphere Portal server administrative user account.
- wpsbind: LDAP bind user account.
- wsadmin: WebSphere application server administrative user account.
- wpsadmins: WebSphere Portal server administrative group account. This should contain wpsadmin user account at a minimum.
- wpsContentAdministators: WebSphere web content manager administrative group. This should contain the same users as wpsadmins as a minimum.
- wpsDocReviewer: WebSphere Portal document manager administrative group. This should contain the same users as wpsadmins as a minimum.
It is possible to use different names for these entries as needed.
The specific process for the security transfer is beyond the scope of this article. It is very similar to that used for WebSphere Portal itself. Refer to the Quickr administration guide for additional information.
Integrating Sametime for Quickr WebSphere Portal
The use of awareness within Quickr services for WebSphere Portal is configured in the same way as any other WebSphere Portal installation:
- Configure the Sametime server using the LDAP directory. It is possible to use the native Domino directory for Sametime, but integration is easier if WebSphere Portal/Quickr and Sametime are both using LDAP.
- Configure SSO between WebSphere Portal/Quickr and Sametime. This is accomplished by exporting the LTPA token value from the WebSphere application server and importing it into the Domino domain hosting the Sametime servers.
- Update the wpconfig.properties file for WebSphere Portal/Quickr with the values for the Sametime server. This includes the following:
- Sametime host name
- Sametime protocol (http)
- Sametime http port
- There are additional confguration options available in the CSEnvironment.properties fle to facilitate name mapping, if a different directory is used for Sametime.
- Run the WPSconfig.bat/.sh lcc-configure-sametime configuration program to name the necessary system changes.
In this article, we discussed about the integration of the add-on product—Lotus QuickPlace/Quickr with a typical Notes/Domino infrastructure.
If you have read this article you may be interested to view :
eBook Price: $29.99
Book Price: $49.99
About the Author :
Barry Rosen is an IBM Senior IT Certified Managing Consultant with IBM Software Services for Collaboration . During the last six years, he has worked on several global messaging and migration projects as well as performing Domino upgrades, messaging assessments, and client deployments. Currently, Barry is heavily involved in IBM SmartCloud for social business migrations and hybrid deployments. Prior to IBM Software Services for Collaboration, he was a Software Engineer in Lotus Support for over five years. While in support, Barry was on several teams specializing in mail routing, Lotus Notes Client, calendaring and scheduling, and server core. Barry is an SME on clustering, Lotus Notes for Macintosh, and rooms and resources. He is also a published author with several articles and books written on Lotus products.