Installing Tivoli Directory Server 6.2

Steps to install Tivoli Directory Server 6.2 on Windows

Assumptions:
a). DB2 is already installed
b). Websphere Portal or Applicaiton Server is already installed. This is not mandatory, required only when you want use the tivoli web admin console


1. Select features want to install

If you want to install the Tivoli Web Admin Console on existing WAS install , don't select the embeded WAS.


2.  Click Next,  There you will have different options
     a) Create proxy directory server (If you want to use this as Proxy server between multiple LDAP's)   

     b) Create default directory server

Click this button if you want to create a new directory server instance with default settings. The default instance will be named dsrdbm01, and a user name of dsrdbm01 will be created on the system if it does not exist. The administrator DN for the instance will be 'cn=root'. The database instance name will be dsrdbm01 and the database name will be dsrdbm01. You will be asked to provide a password for the user, a password for the administrator DN, and an encryption seed , salt for the directory server instance.

TDS instance: dsrdbm01  / pwd

TDS user       : dsrdbm01  / pwd

Admin DN    : cn=root    / pwd

DB instance   : dsrdbm01

DB Name       : dsrdbm01

Encryption      : encryption-abcdefghi

Encryption salt: abcdefg-salt (exactly 12 chars)

      c) Create new directory server with custom settings


Enter the directory server instance name (It will create the OS user ,if its not there already), Enter bother Encryption Seed String and Salt (below image doesn't show the the seed value, but make sure to enter both).

3. Click Next to create the DB2 database instance

4. Click Next to create the LDAP admin user

5. Click Next , It will shows the default ports , no need to change anything
6. Click Finish in final summary page



Troubleshooting Information

Following errors I came across while installing TDS


Problem 1: Stash Key Problems
Solution: Please make sure to enter the "encryption salt string"


Problem 2: Problems creating the DB2 instance

Solution: Make sure to login as local user(created by DB2) who is a member of local Administrators, DB2ADMNS groups, and if you logged in as the Domain user It doesn’t work while installing.

Note: Extension to this problem some time you may need to run the following DB2 command to create the DB2ADMNS and DB2USERS group in local. If the DB2USERS group is not found, extended security for DB2 on Windows might not be enabled. To enable extended security on Windows, stop the database, run the db2extsec.exe command, and then restart the database again as shown.

Db2stop

Db2extsec

Db2start

NOTE : 
1. If any problem you can delete the TDS instance and corresponding the DB2 instance using the TDS adminstration console, and re-create using the above steps
2. Once the installation done, you should able to see new DB2 instance , to list the DB2 instances use following cmd

list all db2 instances :> db2ilist

TDS - Web Administration Tool

Copy the IDSWebApp.war file from the TDS installer and install this on the WAS console as any other war file and you can access using URL like below

http://localhost:9082/IDSWebApp/IDSjsp/IDSConsoleFrameWork.jsp

Use the default UserID/Pwd : superadmin/ secret
 

Retrieving the Image Element Dimensions in LWCM7

Following is a simple way you can retrieve the height and width of image element of Content Item in the presentation template.

Images height: [Element context="current" type="content" key="imageEle" format="height"]<br/>

Images width: [Element context="current" type="content" key="imageEle" format="width"]<br/>

Place the above tags in presentation template and “imageEle” is name of the image element from the content Item.

Note: Above tags will retrieve actual height and width of the image directly.Author doesn't need give image dimensions in Authoring Template . If you want to avoid the authors to edit the height and width of the image , we can hide them in Authoring Template default content properties section so that author can't input the dimensions .

When referencing file resource and image elements, format attribute has following different options:

• Use format="mimetype" to render the mime type of a file or image. If no valid mime type can be determined then "www/unknown" is rendered.
• Use format="filename" to render the name of a file or image.
• Use format="size" to render the size of a file or image using the most appropriate unit. If the resource is smaller than 1K, then the size in bytes is rendered. If the size of the resource is less than 1MB, then the size in kilobytes is rendered. If the size is greater than or equal to 1MB, then the size is rendered in megabytes.
• Use format="size_bytes" to render the size of a file or image in bytes. Only the numeric value is displayed.
• Use format="size_KB" to render the size of a file or image in kilobytes. Only the numeric value is displayed.
• Use format="size_MB" to render the size of a file or image in megabytes. Only the numeric value is displayed.

Note: format=”height” and format=”width” is not mentioned anywhere in the info center but it is working fine when I tested it in my local.

Note: Along with width and height you can use format="{alt, border, basewidth, baseheight, name, attributes}" to access any of the specific attributes assigned to the image component and construct your own image tag

Taglib URI reference problems in WP7

In WP7 , taglib description files (.tld) files are not available under the wps.ear/wps.war/WEB-INF/tld. (I couldn’t find them anywhere directly under installed location).

<%@ taglib uri="http://www.ibm.com/xmlns/prod/websphere/portal/v7.0/portal-fmt" prefix="portal-fmt" %>
<%@ taglib uri="http://www.ibm.com/xmlns/prod/websphere/portal/v7.0/portal-core" prefix="portal-core" %>

Faced problem with the WP7 taglib uri references when I was developing the Custom Theme ,but to overcome this problem I have exported the existing theme as war using the EARExpander tool and imported into RAD and updated the custom code and deployed that WAR file. It resolved the taglib references problem.

But actual solution to resolve the taglib references problem in the WP7 is to copy  the empty decorations.xml file under the WEB-INF folder of web application(custom theme).This will make sure to get the all tagLib references at runtime.

Note : You can find more updated information at this link

Multilingual site solution for LWCM7

IBM has updated Multilingual solution for Portal and Web Content Management V7.

General Idea behind multilingual(multi locale) site is to have multiple libraries in WCM, each library serves different locale. One library acts as default (master library) and all other libraries mirror the master, except they contain translated content.

When you create a piece of content in the master library through the authoring portlet, you can have that content item copied to each of the localized libraries.  While that content won’t be translated automatically, you can have WCM’s workflow kickoff to notify the owners of each library to begin the translation process. 

ClickHere to download solution from the IBM Lotus GreenHouse Business Catalog.

This solution contains custom workflow actions that can be embedded into your workflows to keep the various libraries in-sync.  So as you edit content, publish it, move it, expire or delete it in the master library, the workflow tasks implement these same actions in the localized libraries.

This new version includes enhancements that are worth noting:

• An Authoring Plug-in (aka Custom Fields) to display information about associated language translations;
• A number of Workflow Synchronization Plug-ins (aka Custom Workflow Actions) to automate the creation of translated documents and handle publishing, expiry and delete synchronization of those documents;
• Installation of the solution is much easier.  IBM included an install batch file that adds plug-ins, etc to the correct applications.
• A Library Copy Portlet allows you to copy the master library to the localized libraries when setting up a new locale.
• A number of Rendering Plug-ins (aka LRP Context Processor and Servlet JSPs) to enable end-users to see content in the right language and allow switching between languages;

WebDAV - WebSphere Portal

Web DAV support is introduced in the IBM websphere portal from  v6.1 onwards , but in v7.x it drew lot of attention because you can do lot of different things like below

1. WebDAV for managing pages and static content
1. Portal pages are represented as folders. They can contain subfolders that represent child pages.
2. Static pages are placed in a separate folder. The content of static pages is represented as an additional folder named staticcontent.
3. Updating metadata , globalization information
2. WebDAV filestore. For example, this is used by mashup integration in the portal.
1. Accessing public,users, system folders related to mashups.
3. WebDAV for Web Content Management.
1. Creating siteareas, components, updating the acl…etc

You can obtain the entry point URL to the WebDAV file store from the service document under the URL http://localhost:10039/wps/mycontenthandler/!ut/p/model/service-document

Different WebDAV entry points in websphere portal and WCM

1. Entry point to access the Portal Themes

http://localhost:10039/wps/mycontenthandler/dav/themelist

http://localhost:10039/wps/mycontenthandler/dav/themelist/all

http://localhost:10039/wps/mycontenthandler/dav/fs-type1/themes

Note: 
a. To download theme as zip file
http://localhost:10039/wps/mycontenthandler/dav/themelist/<theme_dir>?mime-type=application/zip

b. To upload zip file to WebDAV
./ConfigEngine.sh webdav-deploy-zip-file -DTargetURI=dav:fs-type1/iwidgets/myWidget/ -DZipFilePath=/tmp/myWidget.zip

2. Entry point to access the Portal Skins

http://localhost:10039/wps/mycontenthandler/dav/skinlist

http://localhost:10039/wps/mycontenthandler/dav/skinlist/all

http://localhost:10039/wps/mycontenthandler/dav/fs-type1/skins

Note: To download skin as zip file
http://localhost:10039/wps/mycontenthandler/dav/skinlist/<skin_dir>?mime-type=application/zip

3. Entry point to access the Static Resources (common-resources, layouts,…etc)

http://localhost:10039/wps/mycontenthandler/dav/fs-type1

4. Entry point to access the Portal Pages  :
1. For default portal installations

http://localhost:10039/wps/mycontenthandler/dav/contentmodel/wps.content.root/

2. For virtual portals

                                                               i.      If host name was specified when the virtual portal was created, the WebDAV URL looks like this

http://virtual_portal_host_name:port_number/wps/mycontenthandler/dav/contentmodel/wps.content.root

                                                             ii.      If the virtual portal was created with a URL context only and no host name was specified, the WebDAV URL looks like this

http://localhost:10039/wps/mycontenthandler/URL_context_of_the_virtual_portal/!ut/p/dav/contentmodel/wps.content.root/

 

5. Entry point to access WCM libraries

http://localhost:10039/portal_context_root/mycontenthandler/dav/content/libraries/

Folder Structure looks like

libraries

   - wcm.library.my_library

       - authoringTemplates

       - components

       - presentationTemplates

       - sites

       - taxonomies

   - wcm.library.contentlibrary

       - components

       - presentationTemplates

       - sites

       - taxonomies

Note: “/all” at end of URL is temporary fix who are using 7.0.0.0 (without any cumuliative fix)

Folder structure and reserved folder names under fs-type1

The fs-type1 WebDAV entry points provide the following set of predefined root folders used by the Page Builder theme:

• themes
• skins
• layout-templates
• common-resources
• iwidgets

The fs-type1 WebDAV entry points provide the following set of predefined root folders used by mashup integration:

• public
• users
• system

Note:

1. None of these folders can be deleted, not even by an administrator
2. Folder and file structure is only simulated and is not a real file system structure.
3. The properties files are only simulated. They contain parameters and their values. You cannot save any additional information, for example comments.

Using WebDAV , we can

1. browse, changing metadata of portal pages.
2. create, update, deletion of static pages under staticcontent. Users can access the content of static pages via the subfolder staticcontent

Using WebDAV, we can’t

1. creating the new pages, updating the uniquename or objectid, copy or moving pages .
2. updating portal content

WebDAV-Security

The WebDAV entry point requires user authentication via HTTP basic authentication. SSL access is not supported at this time. To use WebDAV, users log in to the portal with their portal user ID. Users can then access and work with portal pages according to their access permissions as set by Portal Access Control.

By default only administrative users can perform write operations on specific folders of the WebDAV file store. This affects public and user owned folders. You can enable write access for all authenticated users on WebDAV file stores folders.

Managing access control for theme and mashup folders:

1. All users have view access to all resources in these folders. This includes both anonymous users and authenticated users.
2. You can administer write access to the these folders via the virtual resource THEME MANAGEMENT provided by portal access control.
1. To give users write access to resources contained in theme folders, for example to create, modify, or delete such resources, assign the users MANAGER role on the virtual resource THEME MANAGEMENT in portal access control.
3. To enable write access for all authenticated users, add the following property to the WP ConfigService resource environment provider in the WebSphere Application Server administrative console: filestore.writeaccess.allowed. Set the value for the property to true .
1. There are several WebDAV entry points. However, the property filestore.writeaccess.allowed applies to the filestore entry points for home directories for each user located at: http://server_name:WC_default_host/wps/mycontenthandler/dav/fs-type1/users/user_name
2. Users can modify only their own directories. You must grant additional permissions for users to modify other directories.

Filestore cache control

The WebDAV file store supports serving timeout values for HTTP Cache Header entries. You need to add the following two custom properties to the WP Config Service resource environment provider with the following key = value properties:

 

filestore.cache.expiration.id.re=regular expression
filestore.cache.expiration.id.seconds=value

Ex:

All items under the /themes folder have an expiration time of 1800 seconds:

filestore.cache.expiration.0.re=themes/.*
filestore.cache.expiration.0.seconds=1800

All css files in the themes folder have an expiration time of 8000 seconds:

filestore.cache.expiration.2.re=themes/.*\\.css
filestore.cache.expiration.2.seconds=8000

All items of a certain resource type, suchas jpg or gif have an expiration time of 6000 seconds:

filestore.cache.expiration.1.re=.*\\.jpg|.*\\.gif
filestore.cache.expiration.1.seconds=6000

NOTE:

1. By default WebDAV clients passes the authentication information using  basic authentication method but if portal is setup using SSO(single sign on)  like SiteMinder with form based authentication you need to the following steps.
1. Enable the HTTPBasicAuthentication only for /mycontenthandler/dav/*.
2. Add/update all WebDav HTTP methods to policy server

2. If you plan to use an HTTP server to work with WebDAV, need to do the following steps:
1. Access the WebSphere Application Server administrative console.
2. Select Web servers -> webserver name -> Plug-in properties -> Request and response.
3. Set Accept content for all requests to true for the Web server plugin.
4. Regenerate the web server plug-in.
5. Copy the file plugin-cfg.xml to the Plugin directory.
6. Restart the web server.

Problems

1. Conflicts with implicit login filter – 302 redirect issue

WebDAV - Introduction

WebDAV (Web Distributed Authoring and Versioning) or simply DAV is a protocol.

WebDAV is not a API or an application. It is a specification, a protocol, a set of extension to existing HTTP protocol.

WebDAV is defined by RFC2518 as an HTTP extension framework with a plug point for the access and management of hierarchical data , for example, in content management systems. WebDAV stores the data in collections. A folder represents a WebDAV collection.

Apart from distributed authoring, WebDAV is also targeted to provide other benefits like:

1.      Network file system suitable for internet

2.      Supporting remote software development teams

3.      Common interface to a wide range of repositories, such as databases, file systems, document management, configuration management, etc

4.      WebDAV has no restrictions on the type of documents which can be authored

5.      Concurrency control

6.      Meta-data or Properties

7.      name space management (ability to copy and move Web pages within a server's namespace)

8.      collections (creation, removal, and listing of resources)

This protocol consists of a set of new methods and headers for use in HTTP. The added methods include:

• PROPFIND — used to retrieve properties, stored as xml, from a resource. It is also overloaded to allow one to retrieve the collection structure (a.k.a. directory hierarchy) of a remote system.
• PROPPATCH — used to change and delete multiple properties on a resource in a single atomic act
• MKCOL — used to create collections (a.k.a. a directory)
• COPY — used to copy a resource from one URI to another
• MOVE — used to move a resource from one URI to another
• LOCK — used to put a Lock on a resource. WebDAV supports both shared and exclusive locks.
• UNLOCK — to remove a lock from a resource

WebDAV Clients

Few webdav clients listed below,

1. Microsoft WebFolders(Inbuild in O.S),

 To connect to WebDAV for WebSphere Portal by using WebFolders, proceed as follows:

• Open “my network places” .
• Add Network place , Nextà Select “choose another network location” and next
• Enter the WebDAV url to access.

http://localhost:10039/wps/mycontenthandler/dav/contentmodel/wps.content.root/

• Enter your user ID and password for the portal.
• Type a name for the network place and click Next.
• Click Finish.

Microsoft WebFolders Fix for XP (you may need download and install small patch), ClickHere to download.

You can also use MS-Office product to open the webDAV files.

2. AnyClient, (Freeware)

 Can download from the here

3. BitKinex (Freeware)

 Can download from the here  

4. WebDrive (WebDrive is supported by WebSphere Portal)

Approaches to write simple conditional logic in presentation template

As there is no direct way of writing the logic inside the presentation template , we need do this indirectly in different ways.  Following are two most common ways of handling logic before presenting the content from presentation template.

1. Create JSP Component that refers JSP contains logic and display the content
2. Write JavaScript Code directly in the presentation template (or write it in the Separate HTML components or Content and refer from presentation).


Example scenario

1. Have one authoring Template called "News_AT" and one presentation template called "News_PT".
2. "Type of News" option selection Element in above template
3. Created different types of News content (HR, Business, Technical) and content is spread across the multiple site areas.
4. Mapping between the "News_AT" and "News_PT" defined at Site level (As content spread across the Site).

To display different presentations based on the value selected "Type of News" element in the content ,write below code in presentation template


<div id="pattern1" style="display:None">
    <element key=""..../>
    some HTML Design  based on the elements
</div>

<div id="pattern2" style="display:none">
    <element key=""..../>
    some HTML Design  based on the elements
</div>

<script>
function testFunc(){
  var typeOfNews="<element key="Type of News" context="current"/>";
  if("HR" == typeOfNews){
    document.getElementById(pattern1).style.display="";
  }else if("Technical" == typeOfNews){
    document.getElementById(pattern2).style.display="";
  }

}
</scirpt>

Friendly URL's Vs URL mappings in Websphere Portal

Friendly URL's
WebSphere Portal 6.1. introduced a friendly URL service. It simplifies creating friendly URLs for pages within portal structure. Click on Page Properties icon to give friendly URL which will be appended to portal URL

Friendly URL's from 6.1 , work very similar to the existing URL mapping feature. Important thing to remember about friendly URLs is path must reflect pages hierarchy. Example

1. Create page called "blog" under the content root and specify friendly URL for this page as "blog"
2. Create page called "home" under the "blog" page and specify the friendly URL for this page as "home"
3. Create page called "posting1" under the "home" page and specify the friendly URL for this page as "posting1"

you can access the pages as

http://localhost:10040/wps/portal/blog/home for the home page
http://localhost:10040/wps/portal/blog/home/posting1 for the posting1 page

Using URL mapping , you can access the pages as similar to Friendly URL's

1. Created URL Mapping as "blog" and point to blog Page
2. Created URL Mapping as "home" under the "blog" context and point to "home" Page
3. Created URL Mapping as "posting1" under the "home" context and point to "posting1" Page

How its different from the URL mappings:

Earlier we used to maintain mappings separately (Its not part of the portal page metadata), but if you assign friendly URL to a page then it gets stored as value of com.ibm.portal.friendly.name parameter in the page level metadata

<content-node action="update" active="true" allportletsallowed="true" content-parentref="3_BDGEF479FE090I4BOYUE80JN74" 
create-type="explicit" domain="rel" objectid="9_BDGEF479FE090I4BOYUEL32J74" ordinal="200" type="page">
  <supported-markup markup="html" update="set"/>
  <localedata locale="en">
    <title>SivaVaka</title>
  </localedata>
  <parameter name="com.ibm.portal.IgnoreAccessControlInCaches" type="string" update="set"><![CDATA[false]]></parameter>
  <parameter name="com.ibm.portal.bookmarkable" type="string" update="set"><![CDATA[Yes]]></parameter>
  <parameter name="com.ibm.portal.friendly.name" type="string" update="set"><![CDATA[sivavaka]]></parameter>
  <parameter name="com.ibm.portal.remote-cache-expiry" type="string" update="set"><![CDATA[0]]></parameter>
  <parameter name="com.ibm.portal.remote-cache-scope" type="string" update="set"><![CDATA[NON-SHARED]]></parameter>

URL mapping

 <url-mapping-context action="update" domain="rel" label="flashquery" objectid="7_KG10VI89N0I2UF0LM8SB0V90G2">
  <access-control externalized="false" owner="uid=wpsadmin,o=defaultwimfilebasedrealm" private="false"/>
  <portal-url resourceref="6_3_BDGEF479FE090I4BOYUE80JN74" update="set"/>
</url-mapping-context>  

Main advantage here is , No need to maintain the URL mappings separately from the pages , but portal still attaches the navigational state to the URL when we browsing through the navigation



Note: If service disabled (disabled in some installations), follow below steps to enable it:

• log in to WebSphere Application Server console
• navigate to Resources -> Resource Environment -> Resource Environment Providers
• click WP ConfigService on the  providers list
• click Custom properties under Additional properties section
• add new property called friendly.enabled and set it to true
• save changes
• restart server

.


Dynacache Replication in Cluster Environment

You may need to setup the dynacache replication domain when you have some sort of configuration information need share across the clusters in dynacache objects

Following steps explains setting up the replicated dynacache in cluster environment

1. Login to the WebSphere Administrative console for your server.
2. Go to Resources > Cache Instances > Object cache instances .
3. Click the Browse Clusters button and choose the cluster that you want to create the cache for.
4. Click Apply to save your choices.
5. Click New to create a new cache.
6. Enter missedabspath in the Name field and services/cache/iwk/missed in the JNDI name field. These values are used to lookup the cache and use it. Leave all other fields set to their default values.
7. Select Enable Cache Replication.
8. Go to the Full group replication domain drop-down box and select the name of the cluster you want to cache.
9. Select Choose Push-Only from the Replication type drop down box.
10. Enter 1 in the Push Frequency field. Leave all other fields set to their default values.
11. Click OK and then Save > Save > OK.