Besides supporting Sun Java System Messaging Server and Sun Java System Calendar Server for the communication channels, Sun Java System Portal Server also supports Microsoft Exchange Server and IBM Lotus Notes server.
Log into your Primary Domain Controller (PDC) as an administrator of the domain.
Select Start, Programs, Administrative Tools, User Manager for Domains and create an account with user name MAXHost.
Select Groups and add MAXHost to the groups, Administrators, and Domain Admins.
Ensure that MAXHost can log on locally to the MAIL_HOST, Domain Controllers, and MAX_HOST.
Set the password.
Log in to your Exchange 5.5 (MAIL_HOST) as MAXHost.
Go to Start, Programs, Microsoft Exchange, Microsoft Exchange Administrator.
For each end user, set permissions to the mailbox.
To enable the permissions tab, go to Tools, Options, Permissions, and enable Show Permissions Page for All Objects.
Double-click on the user name.
Select the permissions tab and select Add from the permissions page to add MAXHost and leave role as User.
Repeat steps 9 through 11 for each user who accesses the communication channels.
Unzip the ocxhost.zip file located in the following directory:
PortalServer-base/SUNWportal/export.
When unzipping the file, you see the following file format:
Archive: ocxhost.zip creating: ocxhost creating: ocxhost/international inflating:ocxhost/international/ocxhostEnglishResourceDll.dll inflating:ocxhost/ocxhost.exe |
Register ocxhost as follows:
To set the properties of ocxhost utility:
Configure the necessary DCOM settings for the ocxhost utility using the dcomcnfg utility. That is:
Select Start and Run.
Type dcomcnfg and select OK.
In the Distributed COM Configuration Properties dialog box:
Select Default Properties tab:
Select the Applications tab.
Double-click the ocxhost utility in the Properties dialog.
The ocxhost properties window is displayed.
Check Run Application on this Computer under the Location tab.
Set Use custom access permissions, Use custom launch permissions, and Use custom configuration permissions under the Security tab.
Select Edit for the Access, Launch, and Configuration settings and ensure that the following users are included in the Access Control List (ACL):
Select a User under the Identity tab in the ocxhost properties window.
Select Browse and locate the MAXHost.
Enter the password and confirm the password.
Select OK.
The ocxhost DCOM component is now configured and ready to communicate with the Exchange Servers.
To set up Portal Server to access Calendar data from an Exchange Server 2000 environment in a complex Windows 2000 Domain configuration, install ocxhost.exe on a dedicated System (called MAX_HOST).
Examples of a complex Domain configuration can be:
A configuration that includes an Exchange Server that is a Cluster and front-end, and a back-end Exchange Server.
A configuration in which a Windows user and Exchange Mailbox of the same end user are in different Domains.
Installing ocxhost.exe on a dedicated machine is useful for two reasons:
It allows easier troubleshooting if a user cannot access his calendar from the portal.
It allows a more restrictive security setup if a firewall exists between the Portal Server and the Windows Domain.
The following instructions assume that:
MAX_HOST
is the name of the dedicated Windows 2000 System running Outlook 2000 and where ocxhost.exe is installed.
MAIL_HOST
is the Exchange Server on which the mailboxes of the end users reside.
PORTAL
is the Java Enterprise System Portal Server 7 2005Q3
DOMAIN
is the Windows Domain with MAX_HOST and MAIL_HOST
When setting up the dedicated Windows 2000 System (MAX_HOST) note the following requirements and assumptions:
Windows 2000 Server SP3 or Windows 2000 Professional.
Microsoft Outlook 2000 with CDO enabled.
The Operating System and Outlook 2000 is installed. Assign an IP Address and bring the new Host in the same Domain as the Exchange Server.
Create a User MAXhost in the Domain.
Log into your Host (MAX_HOST) as an administrator of the domain.
Select Start, Programs, Administrative Tools, Active Directory Users and Computers and create an domain account with user name MAXHost.
Select User->Properties->Member of and add the group Administrators (local)
Ensure that MAXHost can log on locally to the MAIL_HOST and MAX_HOST.
Set the password.
Configure Outlook for MAXHost user.
Configure Microsoft Exchange Server for Address Book, Calendar, and Mail.
Log in to your Exchange 2000 Server (MAIL_HOST) as MAXHost.
If you are using an Exchange 2000 Front-End Server, log in to your front-end Server as MAXHost.
Go to Start, Programs, Microsoft Exchange, Active Directory Users and Computers.
For each end user, set permissions to the mailbox.
Select View->Advanced Features
Double-click on the user name.
Select the Exchange Advanced tab and select Mailbox Rights.
Add MAXHost and give MAXHost full access.
Repeat steps Configuring Microsoft Exchange Server or IBM Lotus Notes through Configuring Microsoft Exchange Server or IBM Lotus Notes for each user who access the communication channels.
Install ocxhost.exe on the MAX_HOST.
Log in to MAX_HOST as domain user MAXhost.
Unzip the ocxhost.zip file located in the following directory:
PortalServer-base/SUNWportal/export .
When unzipping the file, you see the following file format:
Register ocxhost as follows:
Configure the necessary DCOM settings for the ocxhost utility using the dcomcnfg utility.
Select Start and Run.
Type dcomcnfg and select OK.
In the Distributed COM Configuration Properties dialog box select Default Properties tab and use the following settings:
Select the Applications tab.
Double-click the ocxhost utility in the Properties dialog.
The ocxhost properties window is displayed.
Check Run Application on this Computer under the Location tab.
Set Use custom access permissions, Use custom launch permissions and Use custom configuration permissions under the Security tab.
Select Edit for the Access, Launch, and Configuration settings and ensure that the following users are included in the Access Control List (ACL):
Select a User under the Identity tab in the ocxhost properties window.
Select Browse and locate the MAXHost.
Enter the password and confirm the password.
Select OK.
The ocxhost DCOM component is now configured and ready to communicate with the Exchange Servers. It is launched by RPC call when the first access from the Portal Server occurs.
Change MAXHost users group.
For security reasons you may want to remove the domain user from the Administrators group:
Log out and log in again as Administrator on MAX_HOST.
Remove the user MAXHost from local Administrators group, (and assign it to Domain User Group).
Do not use a firewall should between the Portal and the MAX_HOST.
(RPC calls using dynamic ports are used for the communication from Portal Server to ocxhost.exe.)
Do not use a firewall between the MAX_HOST and the MAIL_HOST.
To set up Portal Server to access Calendar data from an Exchange Server 2003 environment in a complex Windows 2000 Domain configuration, install ocxhost.exe on a dedicated System (called MAX_HOST).
Examples of a complex Domain configuration can be:
A configuration that includes an Exchange Server that is a Cluster and front-end, and a back-end Exchange Server.
A configuration in which a Windows user and Exchange Mailbox of the same end user are in different Domains.
Installing ocxhost.exe on a dedicated machine is useful for two reasons:
It allows easier troubleshooting if a user cannot access his calendar from the portal.
It allows a more restrictive security setup if a firewall exists between the Portal Server and the Windows Domain.
The following instructions assume that:
MAX_HOST
is the name of the dedicated Windows 2000 System running Outlook 2000 and where ocxhost.exe is installed.
MAIL_HOST
is the Exchange Server on which the mailboxes of the end users reside.
PORTAL
is the Java Enterprise System Portal Server 7.1
DOMAIN
is the Windows Domain with MAX_HOST and MAIL_HOST
When setting up the dedicated Windows 2000 System (MAX_HOST) note the following requirements and assumptions:
Windows 2000 Server SP3 or Windows 2000 Professional.
Microsoft Outlook 2000 with CDO enabled.
The Operating System and Outlook 2000 is installed. Assign an IP Address and bring the new Host in the same Domain as the Exchange Server.
Create a User MAXhost in the Domain.
Log into your Host (MAX_HOST) as an administrator of the domain.
Select Start, Programs, Administrative Tools, Active Directory Users and Computers and create an domain account with user name MAXHost.
Select User->Properties->Member of and add the group Administrators (local)
Ensure that MAXHost can log on locally to the MAIL_HOST and MAX_HOST.
Set the password.
Configure Outlook for MAXHost user.
Configure Microsoft Exchange Server for Address Book, Calendar, and Mail.
Log in to your Exchange 2003 Server (MAIL_HOST) as MAXHost.
If you are using an Exchange 2003 Front-End Server, log in to your front-end Server as MAXHost.
Go to Start, Programs, Microsoft Exchange, Active Directory Users and Computers.
For each end user, set permissions to the mailbox.
Select View->Advanced Features
Double-click on the user name.
Select the Exchange Advanced tab and select Mailbox Rights.
Add MAXHost and give MAXHost full access.
Repeat steps Configuring Microsoft Exchange Server or IBM Lotus Notes through Configuring Microsoft Exchange Server or IBM Lotus Notes for each user who access the communication channels.
Install ocxhost.exe on the MAX_HOST.
Log in to MAX_HOST as domain user MAXhost.
Unzip the ocxhost.zip file located in the following directory:
PortalServer-base/SUNWportal/export .
When unzipping the file, you see the following file format:
Register ocxhost as follows:
Configure the necessary DCOM settings for the ocxhost utility using the dcomcnfg utility.
Select Start and Run.
Type dcomcnfg and select OK.
In the Distributed COM Configuration Properties dialog box select Default Properties tab and use the following settings:
Select the Applications tab.
Double-click the ocxhost utility in the Properties dialog.
The ocxhost properties window is displayed.
Check Run Application on this Computer under the Location tab.
Set Use custom access permissions, Use custom launch permissions and Use custom configuration permissions under the Security tab.
Select Edit for the Access, Launch, and Configuration settings and ensure that the following users are included in the Access Control List (ACL):
Select a User under the Identity tab in the ocxhost properties window.
Select Browse and locate the MAXHost.
Enter the password and confirm the password.
Select OK.
The ocxhost DCOM component is now configured and ready to communicate with the Exchange Servers. It is launched by RPC call when the first access from the Portal Server occurs.
Change MAXHost users group.
For security reasons you may want to remove the domain user from the Administrators group:
Log out and log in again as Administrator on MAX_HOST.
Remove the user MAXHost from local Administrators group, (and assign it to Domain User Group).
Do not use a firewall should between the Portal and the MAX_HOST.
(RPC calls using dynamic ports are used for the communication from Portal Server to ocxhost.exe.)
Do not use a firewall between the MAX_HOST and the MAIL_HOST.
Set up SSO Adapter for Calendar if you are using a dedicated Server for ocxhost.exe (MAX_HOST).
Create an SSO Adapter template.
Log in to the Access Manager administration console.
Select the Service Configuration Tab.
Select SSOAdapter.
Select New.
Enter a name for your new template and select the existing EXCHANGE-CALENDAR from the list.
Select Next.
In the line for the ocxHost enter the dns-name or IP-Address of the system were oxchost.exe resides, in this case MAX_HOST.
Select Save.
Create an SSO Adapter configuration for your organization.
From the Identity Management tab, select your organization.
Select Services from the scroll down menu
Select SSOAdapter.
Under SSO Adapter Configurations, select New.
Enter a name for the configuration and select the previously created Template.
Select Next.
Modify the properties as needed.
You can provide a default Host name which is your MAIL_HOST (DNS name or IP-Address), or you can leave it blank
Select Save and note the message Changes Saved.
Unregister ocxhost as follows:
Locate the ocxhost.exe utility.
Select Start and Run.
Type the following in the Run window:
ocxhost.exe /unregserver
Delete the files ocxhost.exe and ocxhostEnglishResourceDll.dll
Open the Lotus Administrator by selecting Start, Programs, Lotus Applications, and Lotus Administrator.
Go to Administration, Configuration, Server, Current Server Documents.
In the Security tab, set the following settings:
Under Java/COM Restrictions, set Run restricted Java/Javascript/COM and Run unrestricted Java/Javascript/COM to *.
Under Security Settings, set:
Under Server Access, set Only allow server access to users listed in this Directory to No.
Under Web Server Access, set Web Server Authentication to More Name Variations with lower security.
In the Ports tab:
Select the Notes Network Ports tab and ensure that TCPIP is ENABLED.
Select Internet Ports tab and the Web tab.
Ensure that TCP/IP port status is Enabled.
Under Authentication options, ensure that Name and password and Anonymous are Yes.
Select the Directory tab and ensure that:
Select the Mail tab and ensure that:
TCP/IP port status is Enabled.
Authentication options Name and Password and Anonymous are set as follows:
Mail (IMAP) |
Mail (POP) |
Mail (SMTP Inbound) |
SMTP (Outbound) |
---|---|---|---|
Name and Password |
Yes |
Yes |
No |
Anonymous |
N/A |
N/A |
Yes |
Select the IIOP tab and ensure that:
Select the Internet Protocols tab and the IIOP sub-tabs. Ensure that the Number of threads is at least 10.
Save and close.
Restart the server by typing the following in the Domino server console:
restart server
Restarting the server enables the settings to take effect.
Enable DIIOP server by typing the following command in the console:
load diiop
Check to see if diiop_ior.txt has been generated at location:
C:\\Lotus\\Domino\\Data\\domino\\html\\diiop_ior.txt |
Enable HTTP service by typing the following command in the console:
load http
If another service is using port 80, the HTTP service does not start. Stop the service running on port 80 and retype the following in the console: load http
Or
Use the existing service. To do this, copy the diiop_ior.txt file into the root or home directory of the web server running on port 80. You can include both the HTTP service and the DIIOP service in the notes.ini file to ensure that both services start when you start the server.
To access a Lotus Notes system using the Sun Java System Portal Server Mail and Calendar channels, you must add another file to the Sun Java System Portal Server. This file is called NCSO.jar. It must be obtained from the Lotus Notes product CD or the IBM web site.
This file is available with the Domino Designer and Domino Server products from IBM in the domino\\java subdirectory. It is also available in a Web download from the following Web site:
http://www-10.lotus.com/ldd/toolkits |
Go to the Lotus Domino Toolkit link and then to the Java/Corba R5.0.8 update link.
The download file, which performs the extraction of this file and other files, is an .exe file.
Place the NCSO.jar file in the global class path of the web container (web server or application server) as described in the subsequent sections about each of the four possible web containers. For three of the four web containers, the NCSO.jar file is placed in /usr/share/lib. The following table summarizes the steps that follow.
The table outlines the process of placing the JAR file in the global class path by indicating where the NCSO.jar file can be placed: in the System Classpath or in the Portal WAR. The table also indicates if special instructions are needed. If so, they are included later in this section.
Web Container |
System Classpath |
Portal WAR |
Special Instructions |
---|---|---|---|
Sun Java System Web Server |
Yes |
Yes |
N/A |
Sun Java System Application Server |
Yes |
Yes |
N/A |
BEA WebLogic Server |
Yes |
No |
How to update system classpath |
IBM WebSphere Application Server |
No |
Yes |
How to prune JAR file |
The following instructions are provided for each web container:
To complete the following steps for your web container, you must have administrative rights to it. Also you should have access to the web container documentation to obtain detailed information on various web container processes and commands.
For more information concerning the Sun Java System web containers, see Sun Java System Application Server Administrator’s Guide or Sun Java System Sun Java System Web Server, Enterprise Edition Administrator’s Guide.
Place the NCSO.jar in the following Sun Java System Portal Server directory:
/usr/share/lib
Update the web container class path to include:
/usr/share/lib/NCSO.jar
Restart the Sun Java System Web Server . Though often not mandatory, this practice is a good one.
Place the NCSO.jar file in the following directory:
PortalServer-base/SUNWportal/web-src/WEB-INF/lib
Redeploy the web application with the following command:
PortalServer-base/SUNWportal/bin/deploy redeploy
Restart the web container.
Place the NCSO.jar in the following Sun Java System Portal Server directory:
/usr/share/lib
Update the web container class path to include /usr/share/lib/NCSO.jar using the Sun Java System Application Server administration console.
Launch the Sun Java System Application Server administration console.
Select the domain.
Select the server instance.
Select the JVM Settings tab in the server instance view.
Select Path Settings under the JVM Settings tab.
Add /usr/share/lib/NCSO.jar in the Classpath Suffix list.
Select Save.
Select Apply Changes under the General tab of the instance.
Select Restart.
Place the NCSO.jar file in the following directory:
PortalServer-base/SUNWportal/web-src/WEB-INF/lib
Redeploy the web application with the following command:
PortalServer-base/ SUNWportal/bin/deploy redeploy
Where PortalServer-base represents the directory in which the Sun Java System Portal Server was originally installed.
Restart the web container.
Place the NCSO.jar in the following Sun Java System Portal Server directory:
/usr/share/lib
Update the web container class path to include /usr/share/lib/NCSO.jar using the command line.
Change directories to the web container install directory:
WebContainer-base /bea/wlserver6.1/config
Where WebContainer-base represents the directory in which the web container was originally installed.
Change directories to the directory that contains the domain instance:
mydomain
Edit the startWebLogic.sh file using the editor of your choice.
Add /usr/share/lib/NCSO.jar to the end of the CLASSPATH.
The startWebLogic.sh file may contain multiple CLASSPATH definitions. Locate the last definition of the variable and add the following string to the very end of the CLASSPATH:
/usr/share/lib/NCSO.jar
Restart the web container.
Prune the classes under org/w3c/dom/ and org/xml/sax/ from the NCSO.jar file and rejar.
The classes should include the following:
org/w3c/dom/Document.class
org/w3c/dom/Node.class
org/xml/sax/InputSource.class
org/xml/sax/SAXException.class
You can perform this task in many ways. Two examples are provided here. Follow the method that suits you best:
The following method requires you to manually unjar and rejar the file:
Download and place the file in the following directory:
/tmp/ncsoprune/work
Unjar the file while it is in that directory.
Remove the preceding four classes.
Rejar the file.
The following method requires you to run a script that automates the jar and unjar logic.
Download and place the file in the following directory:
/tmp/ncsoprune/work
Run the following script:
!/bin/ksh JAR=/usr/j2se/bin/jar JAR_FILE=NCSO.jar RM=/usr/bin/rm BASE_DIR= /tmp/ncsoprune WORK_DIR=${BASE_DIR}/work cd to director of jar file cd $WORK_DIR # unjar $JAR xvf $JAR_FILE prune classes $RM $WORK_DIR/org/w3c/dom/Document.class $RM $WORK_DIR/org/w3c/dom/Node.class $RM $WORK_DIR/org/xml/sax/InputSource.class $RM $WORK_DIR/org/xml/sax/SAXException.class jar $JAR cvf $BASE_DIR/$JAR_FILE META-INF com lotus org |
Place the re-jarred NCSO.jar file in the following directory:
PortalServer-base/SUNWportal/web-src/WEB-INF/lib
Redeploy the web application with the following command:
PortalServer-base/ SUNWportal/bin/deploy redeploy
Where PortalServer-base represents the directory in which the Sun Java System Portal Server was originally installed.