Skip Headers
Oracle® Secure Enterprise Search Administrator's Guide
11g Release 2 (11.2.2)

Part Number E23427-01
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

Setting Up EMC Documentum Content Server Sources

Documentum data is stored in DocBases, which can contain cabinets and folders. A Documentum Content Server instance can have one or more DocBases crawled with an EMC Documentum Content Server source. The Documentum Content Server source navigates through the DocBases and the inline cabinets to crawl all the documents in Documentum Content Server. Oracle SES creates an index, stores the metadata, and accesses information in Oracle SES to provide search capabilities according to the end user permissions.

Oracle SES supports incremental crawling; that is, it crawls and indexes only those documents that have changed after the most recent crawling was scheduled. A document is re-crawled if either the content or metadata or the direct security access information of the document has changed. A document is also re-crawled if it is moved within Documentum Content Server and the end user has to access the same document with a different URL. Documents deleted from a DocBase are removed from the index during incremental crawling.

Important Notes for EMC Documentum Content Server Sources

The Documentum source in Oracle SES must use the administrator account of a DocBase for crawling and indexing documents of that DocBase.

Required Software

  • Documentum Content Server DA (Documentum Administrator) or Documentum Content Server WebTop application must be installed and configured.

  • Documentum Foundation Classes (DFC) must be installed on the server running Oracle SES.

  • Currently supported Documentum version is 6.5.

Required Tasks

  • Because EMC Documentum Content Server software is not included with Oracle SES, certain files must be copied manually into Oracle SES.

    The DFC installation asks for destination directory and user directory. For Windows, the default destination directory is C:\Program Files\Documentum and default user directory is C:\Documentum.

    For Linux, you must create a DFC program root and a DFC user root. For example, DFC program root might be user_home/documentum_shared and DFC user root might be user_home/documentum.

  • Copy files from EMC Documentum Content Server. The files may be stored in the shared, dfc, or config subdirectories.

    • Copy these files to ORACLE_HOME/search/lib/plugins/dcs/:

      dctm.jar
      dfc.jar
      dfcbase.jar
      aspectjrt.jar
      certjFIPS.jar
      jsafeFIPS.jar
      configservice-api.jar
      dfc.properties
      
    • Create a subdirectory with a name such as dcsothers in ORACLE_HOME/search/lib/plugins/dcs/, and make a second copy of dfc.properties in it.

  • Add the following to DMCL.ini:

    max_session_count = 20
    max_connection_per_session = 20
    

    In Windows, DMCL.ini is located in the WINNT folder. In Linux, DMCL.ini is available in the Documentum folder (DFC user root).

  • In Windows 2003 server, copy dmcl40.dll from DFC_destination_directory/shared/ to ORACLE_HOME/product/ version/SES Instance Name/BIN. For Linux, copy the file according to Table 6-1.

  • The environment variables $DOCUMENTUM_SHARED (DFC Program root) and $DOCUMENTUM (DFC user directory) must be created before installing DFC on Linux. Also note that these variables must to be exported again, and Oracle SES must be restarted when the system restarts. These variables can also be exported permanently in Linux.

    Use the following commands to export environmental variables in Linux:

    For DOCUMENTUM:

    export DOCUMENTUM=/home/sesuser/DOCUMENTUM
    

    For DOCUMENTUM_SHARED:

    export DOCUMENTUM_SHARED=/home/sesuser/DOCUMENTUM_SHARED
    
  • Restart the middle tier.

    On Windows, restart the computer after installing DFC.

Table 6-1 DFC Files to Copy for Linux

Platform Copy File From To

Linux x86-64

libdmcl40.so

DFC_destination_directory/dfc

$ORACLE_HOME/lib32


Known Issues

  • In this release, search results cannot be viewed in Documentum desktop. The documents and folders can be viewed only using Documentum Administrator (DA) or Webtop applications.

  • For the Container name parameter, a value of repository name alone might not work. Enter the value of RepositoryName/CabinetName. For example, DocBaseName/CabinetName/FolderName/SubFolderName.

  • Incremental crawls do not recognize an ACL modification of access permissions from None to Browse and Browse to None. The DCSCHECKSUM attribute value is same for both settings.

Configuration for Documentum Content Server 6.5

For Windows, the JAR files can be taken from the application server directory where DA is deployed. For DFC installation on Linux, it is a prerequisite to create DFC program root and DFC user root. For example, the DFC program root can be USER HOME/DOCUMENTUM_SHARED and the DFC user root can be USER HOME/DOCUMENTUM. Table 6-2 lists the location of the JAR files in Windows and Linux platforms.

Table 6-2 Location of the JAR Files

JAR File Name Windows Location Linux Location

dfc.jar

Application server home directory/da deployment directory/WEB-INF/lib

DFC_destination_directory

aspectjrt.jar

Application server home directory/da deployment directory/WEB-INF/lib

DFC_destination_directory/dfc

certjFIPS.jar

Application server home directory/da deployment directory/WEB-INF/lib

DFC_destination_directory/dfc

jsafeFIPS

Application server home directory/da deployment directory/WEB-INF/lib

DFC_destination_directory/dfc

dfc.properties

Application server home directory/da deployment directory/WEB-INF/classes

DFC_user_directory/config/

configservice-api.jar

Application server home directory/da deployment directory/WEB-INF/lib

DFC_destination_directory/dfc


To configure the crawler plug-in: 

  1. Create a new directory under ORACLE_HOME/search/lib/plugin/dcs/. For example, dcsothers.

  2. Copy dfc.properties to the folder created in the previous step (dcsothers) and to the main folder (dcs).

  3. Copy dfc.jar, aspectjrt.jar, certjFIPS.jar, jsafeFIPS.jar, configservice-api.jar to the dcs folder in the following path ORACLE_HOME/search/lib/plugin/dcs.

  4. The environment variables $DOCUMENTUM_SHARED (DFC Program root) and $DOCUMENTUM (DFC user directory) must be created before installing DFC on Linux. Also note that the environment variables $DOCUMENTUM_SHARED, $DOCUMENTUM, and $CLASSPATH must be exported again, and Oracle SES must be restarted when the computer restarts. These variables can also be exported permanently in Linux.

    Export environmental variables in Linux using commands like these:

    For DOCUMENTUM:

    export DOCUMENTUM=/home/sesuser/DOCUMENTUM
    

    For DOCUMENTUM_SHARED:

    export DOCUMENTUM_SHARED=/home/sesuser/DOCUMENTUM_SHARED
    

    For CLASSPATH:

    export CLASSPATH=$DOCUMENT_SHARED/dctm.jar:$DOCUMENTUM_SHARED/config
    

Setting Up Identity Management for EMC Documentum Content Server

Setting up identity management requires administration steps in both Oracle SES and EMC Documentum. It includes the following steps:

Activating the Documentum Identity Plug-in

To activate the Documentum identity plug-in, perform the following steps:

  1. Select Documentum Identity Plug-in.

  2. Click Activate.

  3. Enter a valid DocBase name.

  4. Enter a valid user name and password.

  5. Ensure that the environment variable DOCUMENTUM and DOCUMENTUM_SHARED are set correctly.

  6. Click Finish.

Activating the Oracle Internet Directory Identity Plug-In

Before activating the Oracle Internet Directory Identity plug-in, Documentum Content Server should be synchronized with Oracle Internet Directory as an LDAP server. For synchronization, you must import the users and groups from Oracle Internet Directory to Documentum.

To synchronize users and groups in Oracle Internet Directory and Documentum Content Server: 

  1. Create an LDAP Configuration Object in Documentum Administrator (DA):

    1. Login to DA.

    2. Navigate to Administration, User Management, LDAP.

    3. In the File Menu, select File, New, LDAP Configuration Object.

    4. In the Name field, enter a name for LDAP Configuration Object.

    5. Select dm_user as the user subtype.

    6. Under Communication Mode, select Regular.

    7. Under Import, select Users and Groups.

    8. Select Default Configuration Object to use this configuration object in the server field.

    9. Click Next.

    10. In the Directory Type field, select Oracle Internet Directory Server.

    11. In the Bind Type field, select Bind by Searching for Distinguished Name.

    12. In the Binding Name field, provide the administrative user name of Oracle Internet Directory. This is usually cn=orcladmin.

    13. In the Binding Password field, provide the administrative user password.

    14. In the Host Name field, provide the Oracle Internet Directory host name.

    15. Retain the default port number of Oracle Internet Directory (389).

    16. In the Person Object Class field, provide the information of Base Person Object, typically the value is inetOrgPerson.

    17. In the Person Search Base field, provide the person search base defined in Oracle Internet Directory. For example, cn=Users, dc=us, dc=oracle, dc=com.

    18. In the Person Search Filter field, specify cn=*.

    19. In the Group Object Class field, provide the Group Object. Typically the value is groupOfUniqueNames.

    20. In the Group Search Filter field, specify cn=*.

    21. Click Next.

    22. The Attribute Map information is displayed. Click Finish.

  2. Run the LDAP_Synchronization job:

    1. Login to DA.

    2. Navigate to Administration, Job Management, Jobs.

    3. Open the job dm_LDAPsynchronization.

    4. In the state field, select Active.

    5. Select Deactivate On Failure.

    6. In Designated Server, select the host name of Documentum Server.

    7. Select Run After Update.

    8. Click the Schedule tab.

    9. In the Start Date And Time field, set the current date and time.

    10. Select Repeat time from the Repeat list.

    11. Set the Frequency field to any numeric value.

    12. Select End Date And Time and specify how long the Synchronization job should run.

    13. Click the Method tab.

    14. Select Pass Standard Argument.

    15. Click the SysObject info tab.

    16. Click OK.

After synchronizing the Documentum Content Server with Oracle Internet Directory, you must activate the Oracle Internet Directory activity plug-in in Oracle SES.

To activate the Oracle Internet Directory Activity Plug-in: 

  1. Log in to Oracle SES as the admin user.

  2. Click Global Settings.

  3. Select System, Identity Management Setup.

  4. Select Oracle Internet Directory identity plug-in manager and click Activate.

  5. Select nickname from the Authentication Attribute list.

  6. Provide the following values:

    • Host name: The host name of the computer where Oracle Internet Directory is running.

    • Port: The default LDAP port number, 389.

    • Use SSL: true or false based on your preference.

    • Realm: The Oracle Internet Directory realm, for example, dc=us.dc=oracle.dc=com

    • User name: The Oracle Internet Directory administrative user name, for example, cn=orcladmin.

    • Password: Administrative password

Activating the AD Identity Plug-In

Before activating the AD Identity plug-in for validating the users in AD, Documentum Content Server must be synchronized with AD as an LDAP server. For synchronization, you must import users and groups from AD to Documentum.

To configure Documentum Content Server as an LDAP server: 

  1. Create an LDAP Configuration Object in DA:

    1. Log in to DA.

    2. Navigate to Administration, User Management, LDAP.

    3. Select File, New, LDAP Configuration Object.

    4. Enter a name for ldap configuration object.

    5. Select dm_user as User Subtype.

    6. In the Communication Mode field, select Regular.

    7. In the Import field, select Users and Groups.

    8. Select Default Configuration Object in the server field, and click Next.

    9. Provide the following values:

      Directory Type: Select Active Directory Server.

      Bind Type: Select Bind by Searching for Distinguished Name

      Binding Name: Provide the admin user name of AD. It is normally domainName/Administrator.

      Binding Password: The password of the AD admin user.

      Host Name: AD host name.

      Port: Default port number of AD, 389.

      Person Object Class: The Base Person Object, typically the value is user.

      Person Search Base: The person search base defined in AD, for example cn=Users,dc=us, dc=oracle,dc=com.

      Person Search Filter: Enter cn=*.

      Group Object Class: The group object. Typically the value is group.

      Group Search Base: The group search base defined in AD. For example, dc=us,dc=oracle,dc=com.

      Group Search Filter: Enter cn=*.

    10. Click Next.

    11. The Attribute Map information is displayed. Click Finish.

  2. Run the LDAP_Synchronization job:

    1. Login to DA.

    2. Navigate to Administration, Job Management, Jobs.

    3. Open the job dm_LDAPsynchronization.

    4. In the state field, select Active.

    5. Select Deactivate On Failure.

    6. In Designated Server, select the host name of Documentum Server.

    7. Select Run After Update.

    8. Click the Schedule tab.

    9. In the Start Date And Time field, set the current date and time.

    10. Select Repeat time from the Repeat list.

    11. Set the Frequency field to any numeric value.

    12. Select End Date And Time and specify how long the Synchronization job should run.

    13. Click the Method tab.

    14. Select Pass Standard Argument.

    15. Click the SysObject info tab.

    16. Click OK.

After synchronizing the Documentum Content Server with the AD, you must activate the identity for AD Identity plug-in.

To activate the identity plug-in: 

  1. Log in to Oracle SES as admin user.

  2. Click Global Settings, and then select System, Identity Management Setup.

  3. Select Activity Directory Identity Plug-in Manager, and click Activate.

  4. Provide the following values:

    • Authentication Attribute: Select USER_NAME.

    • Directory URL: Provide the host name and the port number. For example, ldap://ldapserverhost:port.

    • Directory account name: Provide the AD user name, for example Administrator.

    • Directory account password: AD user password.

    • Directory subscriber: Provide the directory subscriber (ldap base). For example, dc=us.dc=oracle.dc=com.

    • Directory security protocol: Specify either none or portnumber.

  5. Click Finish.

Activating SunOne Identity Plug-In

Before activating the SunOne Identity plug-in for validating the users in SunOne, you must synchronize Documentum Content Server with SunOne as an LDAP server. For synchronization, you must import the users and groups from Oracle Internet Directory to Documentum Content Server.

To import users and groups from Oracle Internet Directory: 

  1. Create an LDAP Configuration Object in DA:

    1. Log in to DA.

    2. Navigate to Administration, User Management, LDAP.

    3. Select File, New, LDAP Configuration Object.

    4. Enter a name for ldap configuration object.

    5. Select dm_user as User Subtype.

    6. In the Communication Mode field, select Regular.

    7. In the Import field, select Users and Groups.

    8. Select Default Configuration Object in the server field, and click Next.

    9. Provide the following values:

      Directory Type: Select Netscape/iPlanet Directory Server

      Bind Type: Select Bind by Searching for Distinguished Name

      Binding Name: Provide the admin user name of SunOne. It is normally cn=Administrator.

      Binding Password: The password of the SunOne admin user.

      Host Name: SunOne host name.

      Port: Enter the port number used for SunOne. The default port number of SunOne is 389.

      Person Object Class: The Base Person Object, typically the value is person.

      Person Search Base: The person search base defined in SunOne, for example cn=Users,dc=us, dc=oracle,dc=com.

      Person Search Filter: Enter cn=*.

      Group Object Class: The group object. Typically the value is groupOfUniqueNames.

      Group Search Base: The group search base defined in AD. For example, dc=us,dc=oracle,dc=com.

      Group Search Filter: Enter cn=*.

    10. Click Next.

    11. The Attribute Map information is displayed. Click Finish.

  2. Run the LDAP_Synchronization job:

    1. Login to DA.

    2. Navigate to Administration, Job Management, Jobs.

    3. Open the job dm_LDAPsynchronization.

    4. In the state field, select Active.

    5. Select Deactivate On Failure.

    6. In Designated Server, select the host name of Documentum Server.

    7. Select Run After Update.

    8. Click the Schedule tab.

    9. In the Start Date And Time field, set the current date and time.

    10. Select Repeat time from the Repeat list.

    11. Set the Frequency field to any numeric value.

    12. Select End Date And Time and specify how long the Synchronization job should run.

    13. Click the Method tab.

    14. Select Pass Standard Argument.

    15. Click the SysObject info tab.

    16. Click OK.

After the Documentum Content Server is synchronized with SunOne, the identity is activated for SunOne Identity plug-in.

To activate the identity for the SunOne plug-in: 

  1. Log in to Oracle SES as the administrative user.

  2. Click Global Settings, and then select System, Identity Management Setup.

  3. Select Sun Java System Directory Server Manager, and click Activate.

  4. Provide the following values:

    • Authentication Attribute: Select USER_NAME.

    • Directory URL: Provide the host name and the port number. For example, ldap://ldapserverhost:port.

    • Directory account name: Provide the Directory Server user name, for example Administrator.

    • Directory account password: Directory Server user password.

    • Directory subscriber: Provide the directory subscriber (ldap base). For example, dc=us.dc=oracle.dc=com.

    • Directory security protocol: Specify either none or portnumber.

  5. Click Finish.

Creating an EMC Documentum Content Server Source

Create an EMC Documentum Content Server source on the Home - Sources page. Select EMC Documentum Content Server from the Source Type list, and click Create. Enter values for the following parameters:

  • Container name: The names of the containers to be crawled by Oracle SES. You can crawl an entire Documentum DocBase or a specific repository/cabinet/folder. The format is DocBaseName/CabinetName/FolderName/SubFolderName. Multiple comma-delimited container names can be entered. This parameter is case-sensitive; hence, enter the exact same cabinet name as in the Documentum repository. Required

    These are examples of container names:

    • DocBase1: The entire DocBase1 is crawled.

    • DocBase2/Cabinet21: Cabinet21 and its sub-folders within DocBase2 are crawled.

    • DocBase2/Cabinet21/Folder11: Folder11 and its sub-folders are crawled.

    • DocBase1, DocBase2/Cabinet21/Folder11: The entire DocBase1 and Folder 11 in DocBase2/Cabinet21 are crawled.

  • Attribute list: The comma-delimited list of Documentum attributes along with their data types to be searchable. The format is AttributeName:AttributeType, AttributeName:AttributeType. Valid values are String, Number, and Date. See Table 6-3, "Documentum Data Type Mapping".

    While crawling a DocBase, an attribute is indexed only if both name and type match the configured name and type; otherwise, it is ignored. This is an optional parameter.

    For example, assume that you have the following Documentum attributes with the indicated data types

    • account name: String

    • account ID: Integer

    • creation date: Date

    To make these attributes searchable, enter this value for Attribute list:

    Account Name:String, Account ID:Number, Creation Date:Date

    The default searchable attributes for Documentum Content Server are Modified Date, Title, and Author.

    Multiple attributes with same name are not allowed, such as Emp_ID:String and Emp_ID:Number.

  • User name: Enter the user name of a valid Documentum Content Server user. The user should be an administrator user or a user who has access to all cabinets, folders, and documents of the DocBases configured in the Container name parameter. The user should be able to retrieve content, metadata, and ACL from cabinets, folders, documents and other custom sub classes of all DocBases configured in Container name parameter. Required.

  • Password: Password of the Documentum user. Required.

  • Crawl versions: Indicate whether multiple versions of documents should be crawled, either true or false. The default value is false. Any other value is false and only the latest versions of a document are crawled. Optional.

  • Crawl folder attributes: Indicate whether folder attributes must be crawled, either true or false. This is an optional parameter. The default value is false. Any other value is interpreted as false.

  • URL for viewing the documents: A valid URL for Documentum WebTop or DA application used for viewing the Oracle SES search results. For example:

    http://IP_address:port/da

    or

    http://IP_address:port/webtop

  • Authentication Attribute: This parameter is used to set ACLs. This parameter lets you set multiple LDAP servers. If Oracle SES and Documentum Content Server are synchronized with Active Directory, then enter the value USER_NAME. If Oracle Internet Directory is used, then enter nickname.

Table 6-3 Documentum Data Type Mapping

Sr. No Documentum Data Type Oracle SES Data Type

1

Boolean

Number

2

Integer

Number

3

String

String

4

ID

String

5

Time or Date

Date

6

Double

Number