These release notes contain important information available at the time of the Release 3.0.1 version of iPlanetTM Portal Server: Instant Collaboration Pack (also referred to as iPlanetTM Instant Messaging Server). New features and enhancements, installation notes, known problems, and other late-breaking issues are addressed here. Read this document before you begin using iPlanet Portal Server: Instant Collaboration Pack.
These release notes contain the following sections:
iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1
Troubleshooting iPlanet Portal Server: Instant Collaboration Pack
iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 includes the following features:
Instant messaging and chat for one-on-one communication and group collaboration.
Availability and presence management for users to advertise and monitor availability and location.
Virtual teams, file sharing, conferencing, polling, and team chats for project-based collaboration.
News channels to access published information on a subscription basis.
Integration with iPlanet Portal Server to incorporate community management, Single Sign-on (SSO), and secure remote access capabilities.
Multi-platform support (SolarisTM and Windows NT).
Support for secure communication between servers (Secure Sockets Layer, server to server). See the iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 Administrator's Guide for instructions on how to configure SSL between iIM servers.
Emoticons are available for chat and conferences. They can also be customized per site.
Support for Macintosh OS X 10.1 as client platform
A new configuration option is added to allow specification of charset for email of forwarded alerts.
API documentation (javadoc) is now bundled with the product.
When used in standalone mode, without a iPlanet Portal Server and its Secure Remote Access Pack, you can now have a secure connection between the client and the server. The multiplexor component of the server is really what the client is communicating to, so strictly speaking, the secure connection is between the iIM client and the iIM multiplexor. The connection between the iIM multiplexor and the iIM server is not encrypted. Be sure to refer to the Administration Guide to understand the different components of the iPlanet Instant Messaging Server.
There are four general steps necessary to set up SSL between the multiplexor and the client. They are:
Configuring the iIM server to enable SSL between the multiplexor and the client
Configuring the web server to serve the secure client application
When configured properly, the iIM client will show a small lock icon near the top right corner of the main window when SSL is used to communicate with the Multiplexor.
In order to enable SSL between client and the multiplexor, you must get a certificate and create several databases used for secure communication. The simplest way is to request and install the certificate using iPlanet Web Server. The following shows how you do this using iPlanet Web Server 6.0.
Connect to iPlanet Web Server Administration Server, and login as the administrator. For example, you may
connect to http://hostname:8888/ if 8888 is the administration port of your web server. Login as "Admin", or whatever you configured as the iPlanet Web Server administration server user.
Add a separate web server instance, so the SSL key database will only be used for iIM. Enter the following information for the server to be added
Server Name: iim
Server Port: 9000 (pick a random unused number)
Server Identifier: IM
Server User: root
MTA Host: localhost (or the name of a server with SMTP server on it)
click OK to create it. Do not bother to configure or start the server.
Manage the server you just created
Click on the "Security" tab
Initialize your trust database (using the "Create Database" option), choose a password that will be used to secure your certificate's private key.
Click on "Request a Certificate"
Fill in the blanks. Note that "Key Pair File Password" is the password used to secure your trust database. "Common name" is the host name of the system that will be running the iIM multiplexor.
Submit the Certificate Request to your Certificate Authority. You will receive a Certificate back from the Certificate Authority.
Repeat steps 1, 3 of the Requesting a certificate instructions above
Click on "Install Certificate"
Enter your trust database password in the "Key Pair File Password" field.
Enter the string "Instant-Messaging" (without the quotation marks) in the "Certificate Name" field. Make sure this name is not in conflict with an existing certificate. It is important not to leave this field blank, which would then generate a default name of "Server-Cert" and possibly overwriting an existing certificate. This won't be a problem if you are using a new server instance just for this purpose.
Select "Message text (with headers)" and paste in the certificate into that field (including the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" lines).
Click OK.
Verify the certificate is correct and, if so, click "Add Server Certificate".
It is not necessary to restart your web server as the certificates are used by the iIM Multiplexor.
In your iPlanet Web Server "alias" directory, you'll find three files that you will need to copy to your iIM system
https-IM-*-cert7.db
https-IM-*-key3.db
secmod.db
Copy these database files to your iIM config directory as, respectively:
cert7.db
key3.db
secmod.db
Make sure these files are owned and readable by the user you created for iPS:iCP when you installed it. The files should not be readable by others. When using the names specified here, you do not need to specify the prefix options later.
Create a file in the iIM config directory called sslpassword.conf, and put into this file:
Internal (Software) Token:password
replacing the "password" with whatever password you used to create your trust
database. Make sure the file is owned and readable by the user you created for iPS:ICP when you installed it. The file should not be readable by others.
After verifying that SSL is working, you can go back and remove the instance of the server created in the "Requesting a certificate" section above.
3. Configuring the iIM Server to enable SSL between the client and multiplexor.
Edit your iim.conf to add these options for the multiplexor to enable SSL below:
|
Parameter |
Default Value |
Description |
|
iim_mux.usessl |
off |
Either on or off. If set to on, the multiplexor requires an SSL handshake for each connection it accepts, prior to exchanging any application data. |
|
iim_mux.secconfigdir |
instancedir/config where instancedir is the value of the iim.instancedir parameter. |
The directory containing the key and certificate databases. And usually the security module database, unless it is set by the iim_mux.secmodfile parameter. |
|
iim_mux.keydbprefix |
None |
The key database filename prefix. The key database file name must always end with key3.db So if the filename is This-server-key3.db, then this parameter should be set to "This-server-". If the filename is key3.db, then there is no prefix, and this parameter does not need to be set. |
|
iim_mux.certdbprefix |
None |
The certificate database filename prefix. The certificate database file name must always end with cert7.db So if the filename is Secret-stuff-cert7.db, then this parameter should be set to "Secret-stuff-". If the filename is simply cert7.db, then this parameter does not need to be set since there is no prefix. |
|
iim_mux.secmodfile |
secmod.db |
The name of the security module file, relative to iim_mux.secconfigdir. |
|
iim_mux.certnickname |
Server-Cert |
The name of the certificate you entered in step 4 of "Installing the certificate" instructions above. This name is case-sensitive. |
|
iim_mux.keystorepasswordfile |
sslpassword.conf |
The relative path of the file containing the password to the key database. This file must contain one line which has the format: Internal (software) Token:<password> where <password> is the password protecting the key database. The path is relative to what is specified in iim_mux.secconfigdir. |
4. Configuring the web server to serve the secure client application.
The files making up the iPlanet Instant Messenger (jar files, html files, help files, ...) are located under a directory called client_dir (by default /opt/SUNWiim/html). This directory contains the applet descriptor files iim.jnlp and iim.html. It also contains the secure version of these files, respectively iimssl.jnlp and iimssl.jnlp. The secure version of iIM client can be downloaded and run by accessing these files from a browser, through the web server.
It may be necessary to
make these URLs available as links from a well-known page. For
instance, links to the secure iIM applet descriptors can be added to
the splash page (index.html).
The privileges for conference rooms have been expanded to be Manage, Write, Read and None. In the previous version we had Manage, Join and None, where Join allowed you to both read and write messages in the conference room. Join privilege in existing conference rooms automatically changes to Write, so there is no effect on existing conferences.
To use this feature, a conference room would be set up with at least one user with Manage privilege, and either
default of Read privilege, or
default of None privilege, and a set of users with Read privilege.
Now if a user has only Read privilege in a conference room, he cannot post messages directly, but has to wait for a moderator to moderate the conference room. When a user with Manage privilege enters the room, he would see a Moderate button above the text entry area. He can start moderating the room by hitting the Moderate button. At which time another area would be displayed above the conference room display showing messages from users with Read only privileges. The moderator can choose to accept or reject the message by selecting the message(s) and hitting the Accept or Reject button. A new moderator can use the Help button to get online help on how to moderate a conference room. It is advised that only one moderator is active at a time. The moderator can stop moderating by hitting the Stop Moderating button.
A user with Write privilege would be able to read and write messages without a moderator. Users with Read privilege would see messages written by a user with Write privilege.
iim.mail.charset is a
new configuration option for the configuration file iim.conf.
|
Parameter |
Default Value |
Description |
|
iim.mail.charset |
None |
Default means the headers of the mail are in ascii and not encoded. Name of the charset to be used to encode the headers of the mail message sent out for offline alerts. Example: iim.mail.charset=iso-2022-jp |
The following new
configuration option are for the configuration file iim.conf.
|
Parameter |
Default Value |
Description |
|
iim_server.usesso |
0 |
Either 0,1 or -1. Tells the server whether or not
to rely on the SSO provider during authentication. An SSO
provider is a module which the server uses to validate a
session id with a SSO service. values: This parameter is used in conjunction with the iim_server.ssoprovider parameter described below. |
|
iim_server.ssoprovider |
None |
Specifies the class implementing SSOProvider. If iim_server.usesso is not equal to 0 and this option is not set, the default iPS-based SSOProvider is used. |
Customizable emoticons in the chat rooms are now available. They can be customized as follows (the instructions are for Solaris), you would need at least JDK 1.3.
cd /tmp
cp /opt/SUNWiim/html/iimres.jar iimres.jar (be sure to save a copy of the original iimres.jar file)
jar xvf iimres.jar
Create or modify the gif files in the com/iplanet/im/client/images/emoticons directory
Edit the file com/iplanet/im/client/swing/chat/emoticons.properties to reflect the new files added above
Edit the file com/iplanet/im/client/swing/chat/chat.properties to reflect new shortcuts for the icons
jar uf iimres.jar com/iplanet/im/client/swing/chat/*.properties
jar uf iimres.jar com/iplanet/im/client/images/emoticons/*.gif
cp iimres.jar /opt/SUNWiim/html/
Restart the IM server, and restart the client to see the changes
API Javadoc files are
automatically installed under <install-dir>/html/javadoc.
This directory contains two subdirectories
icapi
contains the javadoc file for the client API.
iimspi
contains the javadoc files for the server-side service provider API:
Authentication provider API and Archive provider API.
If the client component
is installed in <install-dir>/html, which is the
default, the documentation can be accesses using the following URLs.
http://<your server name>/javadoc/icapi
http://<your server name>/javadoc/iimspi
Before installing iPlanet Portal Server: Instant Collaboration Pack, make sure you have met the minimum hardware and operating system requirements.
This release of iPlanet Portal Server: Instant Collaboration Pack supports the following platforms as servers:
Solaris 2.6 with recommended patches and Java patches (see http://java.sun.com/j2se/1.3/install-solaris-patches.html#2.6)
Solaris 8 with recommended patches (no Java patches necessary)
Windows NT 4.0 with Service Pack 6a (in stand-alone mode only, does not support portal mode)
A list of recommended patches for Solaris 2.6 and Solaris 8 can be found at http://access1.sun.com/patch.public/.
This release of iPlanet Portal Server: Instant Collaboration Pack supports the following client platforms:
Solaris 2.6 and 8
Microsoft Windows 9x/Windows NT (SP 6a)/Microsoft Windows 2000
Apple Macintosh running Mac OS X 10.1
This release of iPlanet Portal Server: Instant Collaboration Pack supports the following browsers for accessing the iPlanet Instant Messenger web client:
NetscapeTM Communicator 4.7x on Solaris
Netscape Communicator 4.7x and 6.2 on Windows 9x/NT/2000
Internet Explorer 5.0+ on Windows 9x/NT/2000
The basic minimum hardware requirements for installing iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 are:
Roughly 300 MB of free disk space for the installation.
Approximately 5K of disk space for each user.
At least 256 MB of RAM. The amount of RAM you will need is dependent upon the number of concurrent client connections, and if the server and multiplexor are deployed on the same host. For more information on calculating the amount of RAM, see the iPlanet Portal Server: Instant Collaboration Pack Release 3.0 Deployment Guide.
The basic minimum hardware requirements for the client are:
Solaris - 128 MHz with at least 64MB RAM
Microsoft Windows 95/98, Microsoft Windows 2000, Windows NT - 200+ MHz Pentium with at least 96MB RAM
Apple Macintosh Mac OS X 10.1 with at least 128MB RAM
iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 has the following software requirements:
iPlanet Portal Server 3.0 SP3 or later, when installing in the portal environment.
|
A portal deployment of iPlanet Portal Server: Instant Collaboration Pack requires that you use the Solaris operating environment. iPlanet Portal Server currently runs only on Solaris. Additionally, though iPlanet Portal Server supports Solaris 2.6, Solaris 7, and Solaris 8, iPlanet Portal Server: Instant Collaboration Pack supports just Solaris 2.6 and Solaris 8. If your portal is running Solaris 7, you cannot install iPlanet Portal Server: Instant Collaboration Pack. |
An external LDAP directory server, such as iPlanet Directory Server 4.16 or later, is required. (In a portal deployment, you can use iPlanet Portal Server's internal directory instead of an external LDAP server.) iPlanet Directory Server 5.1 is recommended because of the pending end of support for Directory Server 4, but either versions would work.
|
Instant Collaboration Pack runs on both Solaris 2.6 and Solaris 8. However, iPlanet Directory Server 5.1 is not supported on Solaris 2.6. We recommend you use Solaris 8 with the appropriate patches if Instant Collaboration Pack and Directory Server are installed on the same system. |
A web server, such as iPlanet Web Server 6.0 SP2 or later, is required to serve up HTML to the iPlanet Instant Messenger web client.
|
If your web server is not installed on the default port, after installation, you must edit the iim.jnlp, iimres.jnlp, iim.html, iimssl.html and imssl.jnlp files. (The last two files if you are using the client to server SSL configuration) See the iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 Administrator's Guide for details. |
An SMTP server, such as found in iPlanet Messaging Server 5.1 or later, is required to send email to users who receive alerts while offline. In the absence of an SMTP server, alerts cannot generate email for offline users; otherwise, the product still functions normally.
(Optional) If you already have iPlanet Messaging Server and are using iPlanet Delegated Administrator (iDA), you can use iDA as a user provisioning tool to add and delete user IDs, and to change passwords.
A functioning DNS/name lookup service is also required. The system on which the server and multiplexor are installed must be resolvable in DNS. Also, the system on which the server and multiplexor are installed must have access to DNS for host resolution.
On Solaris systems, the installation package is a GNU-zipped tar file. To unzip it, you will need a copy of gunzip. On Windows NT, the installation package is zipped. To unzip it, you will need an unzip utility.
A web browser, such as Netscape Communicator 4.76 or Internet Explorer 5.0, is required to launch iPlanet Instant Messenger bundled with the server.
Java Runtime Environment (JRE) 1.3.
Java Web Start 1.0.1 (or later), or Java Plug-in 1.3.x.
Solaris and Macintosh clients must use Java Web Start. Windows client can use either Java Web Start or the Java Plug-in.
For Solaris client platforms, you need to download both the JRE for Solaris and Java Web Start.
For Windows client platforms:
If you download the JRE for Windows, it includes the Java Plug-in, so you don't need to download and install it separately.
If you download Java Web Start, the JRE is bundled and you don't need to download and install it separately.
For
Macintosh client platforms, Java Web Start is part of the Mac OS X
10.1 release.
This section contains important information you should know before installing or upgrading the product. For complete installation-related information and instructions, see the iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 Installation Guide.
You can install and configure iPlanet Portal Server: Instant Collaboration Pack in one of two ways:
As part of the iPlanet Portal Server environment. Users log on to iPlanet Portal Server and launch iPlanet Instant Messenger as an application in the iPlanet Portal Server Desktop Applications channel (Solaris platform only).
As a stand-alone server. Users authenticate to iPlanet Instant Messaging server through an external LDAP directory and launch iPlanet Instant Messenger from a well-known URL. iPlanet Portal Server software is not used in this type of deployment, however, you still must meet the product licence requirements.
Whether you install iIM Server in the iPlanet Portal Server environment or as a stand-alone server, you can use a variety of configurations to fit your site needs. See the iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 Administrator's Guide for more information on these configurations.
|
Currently, you must use the Solaris platform to install a portal deployment of iPlanet Portal Server: Instant Collaboration Pack. |
Most likely, you will install iPlanet Portal Server: Instant Collaboration Pack and iPlanet Portal Server components on the same host. However, this is not a requirement. You might have installed iPlanet Portal Server: Instant Collaboration Pack as a stand-alone server, and now you want to have it function within a portal framework, which you install on a second server. Or, you might want to separate the two servers for other reasons, such as load balancing.
In this type of configuration, you install iPlanet Portal Server: Instant Collaboration Pack and a "disabled" (not running) iPlanet Portal Server on one host, and the iPlanet Portal Server: Instant Collaboration Pack client component and an "enabled," or running version of iPlanet Portal Server on the other host. This is necessary because iIM server authenticates the user's portal session using the iPlanet Portal Server session APIs.
To use this type of configuration, see the iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 Installation Guide for more information.
iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 supports only flat namespace DIT (Directory Information Tree) layouts, not hosted domain namespaces. See the iPlanet Portal Server: Instant Collaboration Pack Release 3.0 Deployment Guide for more information.
The installer and documentation recommend installing iPlanet Delegate Administrator (iDA) for user provisioning, however, it is not recommended unless you are already using it in conjunction with iPlanet Messaging Server. Additionally, iDA is not included on the iPlanet Portal Server: Instant Collaboration Pack distribution CD.
For portal deployments, iPlanet Portal Server problem 4487666 prevents External Ldap attributes mapping added using ipsadmin from working. (This problem is recorded as 559333, 4537874 for iPlanet Portal Server: Instant Collaboration Pack.)
As a result, after completing the installation, you must fix the external LDAP attribute mappings created by the iPlanet Portal Server: Instant Collaboration Pack installer.
If iPlanet Portal Server 3.0 SP3 is used or if iPlanet Portal Server 3.0 SP4 is used in a multi-domain deployment, you must remove and add the mapping from the Administration Console.
If For iPlanet Portal Server 3.0 iPlanet Portal Server 3.0 SP4 is used in a single domain deployment, the attribute mapping is automatically added, so this additional step is not necessary.
The mapping created by iPlanet Portal Server: Instant Collaboration Pack is iwtUser-iIMUserId=uid. To convert this mapping from inherited to customized, or to manually add the mapping, select the appropriate procedure below.
From the iPlanet Portal Server Administration Console, click Manage Domains.
Click the appropriate domain.
Click External LDAP Configuration.
Click Attributes aliases Mapping.
If the iwtUser-iIMUserId=uid mapping is present then remove it, and save the configuration. Then go back to the external LDAP configuration page.
Scroll down to the attributes mapping section and add the iwtUser-iIMUserId=uid mapping back in. Save the configuration.
From the iPlanet Portal Server Administration Console, click Manage Domains.
Click the appropriate domain.
Click External LDAP Configuration.
Click Attributes aliases Mapping.
Scroll down to the attributes mapping section and add the iwtUser-iIMUserId=uid mapping. Save the configuration.
For portal deployments running HP 3, during installation of iPlanet Portal Server: Instant Collaboration Pack, the entry for attribsMap is added to the default domain if it is not already present. If the ExtLdap server name is not entered in the iPlanet Portal Server's external LDAP configuration, users will not be able to log on to the iPlanet Portal Server Desktop. Instead, they will receive the error message, "Error due to misconfiguration on the server." Either both the ExtLdap server name and attribsMap entry should be entered, or neither should be present. Deployments using the internal LDAP configuration need to remove the attribsMap entry after the iPlanet Portal Server: Instant Collaboration Pack installation has completed.
During the installation, the installer prompts you to choose to start iPlanet Portal Server: Instant Collaboration Pack at boot. If you do not select to start at boot, but would like to after completing the installation, you do not need to rerun the installer.
On Solaris, you can create the following soft links to accomplish this:
ln -s /etc/init.d/sunwiim /etc/rc3.d/S94sunwiim
ln -s /etc/init.d/sunwiim /etc/rc2.d/K94sunwiim
On Windows platforms, use the Services Panel to change the startup settings for the server and multiplexor to automatic.
After completing a fresh installation of iPlanet Portal Server: Instant Collaboration Pack in stand-alone mode, you need to edit the index.html, iim.html, iim.jnlp, and iimres.jnlp files to meet your site's needs. If you configured for client and server SSL, then also iimssl.html and iimssl.jnlp files. You should edit these files to customize the text and title, and perhaps change the background. The index.html file provides the starting point for users of both the Java Plug-in and Java Web Start versions of iPlanet Instant Messenger. The iim.html file is called to download the applet. Generated during installation, iim.html has an applet argument that points to the multiplexor.
|
In the iim.html file, "<PARAM NAME="-server" VALUE="servername">" represents the iPlanet Instant Messaging multiplexor and port. |
iPlanet Portal Server: Instant Collaboration Pack ships with instructions for configuring and launching the iPlanet Instant Messenger client. Instructions are found in the installation guide and in the solaris.htm and windows.htm files, which get installed as part of the client component in the html directory. You should customize these setup instructions to meet your site's specific needs. For example, if you only want your clients to run the Java Web Start version of iPlanet Instant Messenger, or if you only have Solaris clients, you can remove the parts of these instructions that do not apply to your site. You can also fill in your exact web server URL for your clients. For example, the instructions currently show a URL to launch iPlanet Instant Messenger as:
http://webserver:webserverport/subdirectory
You would fill in the specific information for your site, for example:
http://iim.company22.com/iim.
For more information on customizing your iPlanet Portal Server: Instant Collaboration Pack installation, see the iPlanet Portal Server: Instant Collaboration Pack Release 3.0 Administrator's Guide.
By default, iPlanet Portal Server: Instant Collaboration Pack expects to find the iPlanet Instant Messenger software (client files) installed in the Web Server Document Root. However, you might choose to install the iPlanet Instant Messenger software files in a directory other than the Web Server Document Root. If you do not install the client files in the Web Server Document Root, you need to take additional steps so that web server can "serve" the files to the iPlanet Instant Messenger clients. This applies only to stand-alone deployments, not portal deployments.
|
If you install the client files in the Web Server Document Root, you do not need to do anything else. |
You either have to configure the web server to enable access to the directory where you installed the iPlanet Instant Messenger files, or create a symbolic link in the Web Server Document Root. Use one of the following procedures.
You also need to change the codebase parameter in the iim.jnlp and iimres.jnlp files, if you plan on using Java Web Start to launch iPlanet Instant Messenger. You will also need to modify iimssl.html and imssl.jnlp files if you are configuring for client and server SSL.
Use your web server's administration interface to enable access to the directory where you installed the client files. For example, on iPlanet Web Server:
Log on to Web Server Administration.
Click Manage Server for that particular server.
Click "View Server Settings."
Click "Additional Document Directory."
Enter a URL prefix (for example, iim) and enter the directory where the client files are located.
Click OK.
Use the ln command to create a symbolic link in the web server document root that points to the directory where the client files are located.
|
By using a symbolic link, you do not need to change the web server's configuration. |
For example, on iIM Server host iim.i-zed, if the iPlanet Instant Messenger software is installed in the /opt/SUNWiim/html directory, you could create a symbolic link iim, which points to /opt/SUNWiim/html, in the Web Server Document Root.
Users would then type the following URL to access the iPlanet Instant Messenger main page (index.html):
http://iim.i-zed.com/iim/
The iim.html, iim.jnlp, iimssl.jnlp and iimres.jnlp files have a codebase parameter that needs to be changed to reference the web server and create a path to the iPlanet Instant Messenger software. The line to change is:
codebase="http://servername:port/path/"
You only need to include the port number of the web server if it is not using the default (80).
For example, on iIM server host iim.i-zed, if the iPlanet Instant Messenger software is installed in the /opt/SUNWiim/html directory, you could create a symbolic link iim, which points to /opt/SUNWiim/html, in the Web Server Document Root.
Then you would change the codebase parameters in the iim.html, iim.jnlp, iimssl.jnlp and iimres.jnlp files:
codebase="http://iim.i-zed.com/iim/"
|
The iim.jnlp, iimssl.jnlp and iimres.jnlp files are used for Java Web Start configurations. |
iPlanet Portal Server: Instant Collaboration Pack does not provide user administration tools.
There are no iPlanet Portal Server: Instant Collaboration Pack specific commands to add, modify, or delete an iPlanet Instant Messenger user. Because users exist in the directory, use your site provisioning tools to perform these operations.
Likewise, you cannot disable an iPlanet Instant Messenger user. The only way to prevent users from using iPlanet Portal Server: Instant Collaboration Pack is to delete them from the directory.
Before installing iPlanet Portal Server: Instant Collaboration Pack on the Solaris 2.6 platform, you need to install the recommended patches and Java patches. Without these patches, the iIM Server graphical installation program fails with a message similar to the following:
|
|
|
/bin/java/jre/bin/../bin/sparc/native_threads/java: fatal: libCrun.so.1: open failed: No such file or directory setup: The installation failed with errors. |
|
|
This section contains information specific to upgrading from version 3.0 of iIM Server to Release 3.0.1.
The iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 installer includes an upgrade option to upgrade from earlier versions. To preserve your previous installation, you must use the upgrade option.
As part of upgrading your iIM Server installation, the installer creates .new files in your config and html directories. These files contain all the changes made to their various corresponding files for this new version. For example, if you found an iim.conf.new file, it would contain all the changes for the iim.conf file for the new version. It will be necessary for you to merge these files into the corresponding old files. This was done to prevent the installation from overwriting your customizations to these files.
After upgrading, find the .new files, and merge the changes into your existing corresponding files, taking care to preserve your customizations. This step is necessary for the new version features to take effect.
When merging the changes, compare the old files with the .new files, line by line, and edit your existing files to incorporate these changes.
News channel and conference room ACL files are automatically updated to the new values when the room or news channel is modified, no manual intervention is neccessary.
See the upgrade instructions in Appendix B of the iPlanet Portal Server: Instant Collaboration Pack Release 3.0 Installation Guide.
|
After upgrading, remove the iim30_install_dir/SUNWiim/java directory. It is no longer needed. This applies to Solaris installations only. This directory was installed by the beta version. |
If you upgrade from a beta version to Release 3.0, the iim_server.db_path parameter no longer exists in the iim.conf file; this situation is listed as Problem (4533831). Currently, instead of iim_server.db_path, the server uses the iim_server.instancevardir parameter to set the directory to contain runtime files, including the user profile database, logs, and other files created by the server and multiplexor at runtime.
This new parameter will be present in the iim.conf.new file. You need to merge the iim_server.instancevardir parameter (and potentially other new parameters) into your existing iim.conf file. See "Upgrading from Release 3.0 to Release 3.0.1" for more information on upgrading your system.
The install/upgrade creates the following .new files in the html directory. If you have modified the corresponding original files, you need to look at these .new files and merge the changes into the original files. The files are:
iim.html.new
iim.jnlp.new
iimres.jar.new
iimres.jnlp.new
index.html.new
iimssl.html.new
iimssl.jnlp.new
For all files except iimres.jar.new, the merged changes are text-only changes.
The install/upgrade does not create a new iimres.jar file in the html directory, but instead creates an iimres.jar.new file.
If you have customized the beta iimres.jar file, you need to first merge those changes into the iimres.jar.new file, then copy iimres.jar.new over the existing iimres.jar file. If you have not customized the beta iimres.jar file, simply copy iimres.jar.new over the existing iimres.jar file.
This section contains troubleshooting information.
If iPlanet Instant Messenger users have problems connecting to the iPlanet Instant Messaging server, check the mux.log file for host name lookup failures. You need to set up DNS correctly if there are host name lookup failures.
If you install the client HTML files in a directory other than the web server document root, you can create a soft link under the web server doc directory pointing to the html directory. When you do so, you need to also change the iim.jnlp and iimres.jnlp files to include the directory name in the codebase line.
If you do not do this, and you then launch iPlanet Instant Messenger by using Java Web Start, you will receive an error that the iimres.jnlp cannot be downloaded. If, at this point, you change the codebase of all the relevant files and you still cannot launch the Java Web Start version, this is because it still uses the cached iim.jnlp file and not the new one. Users need to then remove the Java Web Start cache from their machines for this to work.
If your directory does not permit anonymous user search, you will see an error similar to the following:
|
|
|
DEBUG: Searching for user by uid: filter=(&(|ojbectclass=inetorgperson)(objectlass=webtopuser))(uid=unknown)) base=o=i-zed.com,o=i-zed |
|
|
You need to configure a specific user to be able to search your directory. See Chapter 2 of the iPlanet Portal Server: Instant Collaboration Pack Release 3.0 Administrator's Guide for steps to do this.
If the credentials you configured for the specific user to search the directory are invalid, you will see errors similar to the following:
|
|
|
DEBUG:
Connecting to LDAP server |
|
|
If this happens, correct the credentials you supplied for the iim_ldap.usergroupbinddn and/or iim_ldap.usergroupbindcred parameters in the iim.conf file.
When you see an error similar to the following, this means that for the given uid, the LDAP directory is not using the mail attribute. iPlanet Instant Messenger uses this attribute to forward alerts to users who are offline:
|
|
|
ERROR: Cannot find MAIL address for user msg-admin-1 |
|
|
By default, the iim_ldap.user.mailattr contains the value mail. Change this value to your site's value.
This section describes any errors or changes to the iPlanet Portal Server: Instant Collaboration Pack Release 3.0 documentation set.
The section titled "Viewing Online Help," which occurs in both Chapter 2 and Chapter 3 of the iPlanet Portal Server: Instant Collaboration Pack Release 3.0 Installation Guide, no longer applies. You do not need to perform any additional steps to cause the iPlanet Instant Messenger help to be displayed.
The iPlanet Portal Server: Instant Collaboration Pack Release 3.0 Administrator's Guide states that the iPlanet Instant Messenger online help files are installed in the html directory. This is incorrect. The online help files are installed in the iimhelp directory (relative to the directory where you install the iPlanet Instant Messenger client files).
The section titled "Using External LDAP with iPlanet Portal Server" in Chapter 2 of the iPlanet Portal Server: Instant Collaboration Pack Release 3.0 Installation Guide is superseded by "Ensuring That LDAP Attribute Mappings Work (Portal Deployment Only)" of these Release Notes.
iPlanet Portal Server: Instant Collaboration Pack Release 3.0.1 includes the following known limitations and considerations:
Problem (535697,4559817) is a known limitation
On Windows 98, when Internet Explorer 5.0 is the browser, the User Search window might not display the full list of groups. The list entitled "add users to contact group" could consist of items that are not visible to the user. This is a limitation of the Internet Explorer browser.
On Solaris only, when you receive an attached file sent through Chat, you cannot use Launch to open the file as you can on Windows. The workaround is to click Save in order to save the file to disk and then to open it with the appropriate application.
In a News Channel tab, when you right click the mouse and change any of the settings that involve tabs and tools, such as showing and hiding them, the effects will be temporary, lasting only as long as the News Channel tab is open. Therefore, any changes you make will not be saved. The workaround is to use the News tab in the User Settings window to make permanent changes to your News Channel setup.
The News Channels, Chat, and User Settings windows are not always quickly accessible. When any of these windows are on your computer desktop, but in the background, clicking the respective button on the iPlanet Instant Messenger window might not bring them to the foreground. The workaround is to either move other windows out of the way and click the window you want or to click the window's icon from the task bar (Windows platforms only).
Problem
(560623,4535921,4561274)
News channel messages are not marked as read from one iPlanet Instant Messenger session to the next. Thus, news channel messages that users have read during one session appear as new messages at the next session (log on).
iPlanet Instant Messenger does remember during a session which news channel messages have been read.
Problem
(4545736) is a known limitation
When using Java Web Start on Solaris to launch iPlanet Instant Messenger in secure mode in the iPlanet Portal Server environment, clicking the Help button after accessing the Netlet window stops the Netlet from working. When this happens, iPlanet Instant Messenger disconnects. This is a limitation of Java Web Start which does not allow opening of a new browser window given an URL.
The work around is to restart the Netlet applet by clicking another link on the Portal Desktop page then clicking the link for iPlanet Instant Messenger.
In a stand-alone deployment, if you do not install the iIM client files in the web server's document root, the installed jnlp files do not work; the codebase lines are not automatically set to your site's web server. The workaround is to manually change the codebase line for the iim.jnlp file and the iimres.jnlp files. See Chapter 3 in the iPlanet Portal Server: Instant Collaboration Pack Release 3.0 Administrator's Guide for a more detailed explanation of the workaround. (This is not a problem for portal deployments).
Problem
(4533831) is a known limitation
On Solaris only, an upgrade from a beta deployment that was installed or last upgraded before 09/26/01 fails unless a parameter is added to the iim.conf file. Add the iim.instancevardir parameter, for example on Solaris:
iim.instancevardir = /var/opt/SUNWiim
Then, restart the iIM server. More information on this problem is provided in the section "Old Parameter in iim.conf File."
|
The value for this parameter is the directory where you chose to install the runtime files directory. |
If you choose to install only the iIM multiplexor (that is, you want this host to provide only the multiplexor process and not the server), after installation, both the iIM multiplexor and server are started. This consumes unnecessary resources.
Depending on your situation, use one of the following workarounds to prevent the server process from starting:
Manually stop the iIM service after the installation by using the iimadmin stop iim_server command, or the Services Management tool on Windows NT. Make sure to leave the multiplexor running.
To make sure that the server is not restarted at each reboot:
Problem
(537172,4540655,561308,4536073) is a known limitation
From the installer, when the Help window and HTML panel for the database location initially appear, they are not large enough to display all of their contents. The workaround is to increase the window size, then click Dismiss and then click Help again. Sometimes you will see imcompletely rendered bits of characters on the screen.
Problem
(537276,4540667,4539053) is a known limitation
If you install the iPlanet Portal Server: Instant Collaboration Pack server and client components at different times, and then later you uninstall the components, select "Partial" from the Uninstall panel then select the components you want to remove. Note, in this situation, if you select "Full" from the Uninstall panel, it does not remove all the components, but only the most recently added component.
On Windows NT only, running the uninstall utility does not remove java/jre, License.txt, or readme.txt files and directories. The workaround is to remove these directories manually.
On Solaris only, if you remove and reinstall iPlanet Portal Server: Instant Collaboration Pack, do not enter a different user identification or a different user group than you entered in the previous installation. iIM server uses the user and group values to set the ownership of all the installed files. If you enter a different user or group, the installer does not update the owner and group settings for the existing server.log and mux.log files. As a result, iIM server cannot access these log files. When you restart iIM server, log messages are rerouted to standard output instead of to the log files. To work around this problem, when the installer prompts you for the owners of the installed files, enter the same user identification and user group from the previous installation. Alternately, if you do change this information, you must manually update the ownership of the server.log and mux.log files.
Problem (561730,4536210) is a known limitation
On Windows NT only, during an installation, do not increase the size of the install panel. Doing so can distort the text.
Problem (4626241) is a known limitation
Using Netscape 6.2 when you click on the "launch using webstart" button the browser does not bring up the IM application but instead tries to display the jnlp file even though Java Web Start is installed on the desktop. Part of this problem is because Java Web Start doesn't automatically register the jnlp MIME type with Netscape 6. The other part of the problem is because the Java Script to detect if Java Web Start is installed does not work in Netscape 6.
This is the workaround:
1. Register the Java Web
Start jnlp MIME type with Netscape 6:
- Bring up the Netscape
6 preferences from the edit menu.
- Go to the "Helper
Applications" tab under "Navigator"
- If the file
type "application/x-java-jnlp-file" does not exist click on
"New Type"
- Add the following:
Description: <description such as java webstart>
File extension: jnlp
MIME type: application/x-java-jnlp-file
Application: <full path to the javaws executable>
- Click OK
- Click OK
for the main preferences.
2. The user can now access the jnlp file directly using (http://<iim codebase>/iim.jnlp) to bring up IM using Java Web Start.
Alternatively, once Java Web Start has the application cached, use Java Web Start to start IM.
Attribute iwtUser-iIMUserId not getting populated. See also Ensuring That LDAP Attribute Mappings Work (Portal Deployment Only) for detailed instructions.
Problem (4628826)
On Solaris only, Audio device may be tied up by the iIM client even if sound is not enabled in the settings. This does not seem happen all the time. It is possible that you lose the use of your audio on your Solaris box when running the iIM client on the Solaris platform.
Problem (4632312)
Client API may throw NullPointerException when accessing the News channel when using the OnMessageAdded method. There is no workaround.
Problem (4632723)
On Macintosh clients, the iIM client does not detect when the user is idle. So if you are away from the keyboard for a long time, you should manually change you status to Away or a custom message.
Problem (4648143)
Client leaks memory when you login from another system. This problem may occur when a user signs on using one system, and switches the system to standby mode, then logs in from another system. When re-powering the first system, the client may be in an unstable state and consume a lot of memory. The remedy is to end the iIM application using the task manager, and start a new instance.
Problem (4654728)
When a user sends a Poll reply to a query, the client may eventually timeout while waiting for the server to acknowledge the reply. This may prevent the use of the client API to poll users.
Problem (4671883)
When the acl file for a room is missing or misprotected, a user can not login and gets "Error connecting to server" message even though that is not the real problem. The server log file would show the line "ERROR: acl missing: java.io.FileNotFoundException:" with the missing filename, and also an "ERROR: user: While Processing Message: java.lang.NullPointerException" error, and the user is disconnected from the server. The workaround is to ensure the acl files are not missing or misprotected.
Problem (4664311) is a known limitation
A client logged onto a 3.0 version of the iIM server can not join a conference on a 3.0.1 co-server, and vice versa. Due to changes in the client protocol, all the co-servers must be running the same version.
Problem (4637318) is a known limitation
If the communication between 2 servers is interrupted, it may take up to 5 minutes to reestablish it, after the root cause of the interruption has been removed. During this time, users on one of the servers may be unable to access resources on the remote server.
Problem (4691667) has a workaround
Multiple localized clients can not be installed on the same system. Each additional localized installation would replace the previously installed localized client files, thus preventing more than one localized languages to be installed. We have provided a workaround for this release 3.0.1 such that when installing the localized language version of iPlanet Portal Server: Instant Collaboration Pack 3.0.1 on either Solaris or NT platforms, all localized languages will be installed at once. In a future version, it may be necessary to install multiple languages separately.
Problem (4609599)
Font customization buttons, bold, italic and underline, have no effect for multibyte languages such as Chinese or Japanese. User should type the characters, then select them using the cursor, then hit the customization buttons. However, the Bold button has no effect.
The section titled "To Enable iIM Server to Conduct Directory Searches as a Specific User (Not Anonymous)" in Chapter 2 of the iPlanet Portal Server: Instant Collaboration Pack Release 3.0 Administration Guide had an error in the following, iim_ldap.usergroupbinddn="cn=bind dn" which should read instead iim_ldap.usergroupbinddn="bind dn" has been corrected in the 3.0.1 Administration Guide.
Creating a conference room sometimes sets the wrong default access. For example, you might create a conference room with default access allowing everyone to join yet users cannot see the conference room. The Room Administration window then shows the default access as None.
Currently, a client may hang in an environment where multiple iIM servers are configured to communicate with one another. This appears to happen only when users on one server attempt to communicate with another server and the server to server connections failed.
Problem (4554976)
When installing iPlanet Portal Server: Instant Collaboration Pack on Windows platforms, users are not able to view the online help for iPlanet Instant Messenger. This happens because the installer puts the online help files into the client_files_install_dir/help directory instead of the client_files_install_dir/iimhelp directory.
Problem (4527286)
When using the poll option, it is important that you do not forget to enter a subject in the subject line. If you do forget, the following message will appear: "There are no users in the recipient list!" At that point you can click OK or you can close the window. However, in both cases the window will close and you will lose the poll.
When a user's status is set to Away, if the iIM server is restarted the user's status is automatically changed from Away to Online when the client reconnects instead of staying as Away.
Problem
(4556879)
Server to server miscommunication can cause client to hang (open)
Problem
(4587827)
When logging in the first time, the login window is showing 127.0.0.1 as the server instead of the name of the server.
Problem (4528763)
The cut and paste sequence used on the desktop (Solaris?) does not work in the Instant Messaging chat window.
Problem
(4532636)
When searching for a user in the directory, one can not enter a contact with a 2 characters name in Japanese or Chinese. This has been fixed so it is possible to enter 2 Chinese or Japanese characters. In English or other non-multibyte languages, you still must enter at least three characters.
Problem (551394,4536577)
When you shut down then restart the iIM server, existing iPlanet Instant Messenger chat sessions or chat room sessions do not reestablish their connection to the server. Thus, users who were chatting when the server was stopped then restarted are not able to chat. The users will no longer see these chat sessions as active, after the iIM server is restarted, users can restart chat sessions.
Problem (4537801)
When you uninstall on
Solaris, the Instant Messaging Server is stopped, but the multiplexor
is not. This has been fixed.
Problem (4620000)
The client api's and net classes creates 2 threads per user, taking up more resource than necessary. They have been fixed to create only one thread.
Problem (558951,4537801)
On Solaris only, when you uninstall iPlanet Portal Server: Instant Collaboration Pack, it does not stop the currently running multiplexor; it only stops iIM server. The workaround is to stop the multiplexor manually. This has been fixed.
Problem (4634202)
If a user's password started with ^^^ or ~~~, the server would hang. This problem has been fixed.
Problem (4640270)
No error message was displayed when you create a conference room with a name already created. You now get an error message saying that room already exists.
Problem (4637557)
Offline alerts are not always delivered. Every other one is delivered when the user logs on and others are delivered during later login. This has been fixed.
If you have problems with iPlanet Portal Server: Instant Collaboration Pack, contact customer support using one of the following mechanisms:
iPlanet online support web site at http://www.sun.com/service/support/software/iplanet/index.html
From this location, the Online Support Center tools are available for logging problems. iPlanet Knowledge Base, available from the above site, allows you to find answers to common questions about the products.
The telephone dispatch number associated with your maintenance contract.
So that we can best assist you in resolving problems, please have the following information available when you contact support:
Description of the problem, including the situation where the problem occurs and its impact on your operation
Machine type, operating system version, and product version, including any patches and other software that might be affecting the problem
Detailed steps on the methods you have used to reproduce the problem
Any error logs or core dumps
Useful iPlanet information can be found at the following Internet locations:
iPlanet release notes and other documentation --- http://docs.iplanet.com/docs/manuals/
iPlanet product status --- http://www.iplanet.com/support/technical_resources/
iPlanet Professional Services information --- http://www.iplanet.com/services/professional_services_3_3.html
iPlanet developer information --- http://developer.iplanet.com/
iPlanet learning solutions --- http://www.iplanet.com/learning/index.html
iPlanet product data sheets --- http://www.iplanet.com/products/index.html
Use of iPlanet Portal Server: Instant Collaboration Pack is subject to the terms described in the license agreement accompanying it.
Copyright © 2001 Sun Microsystems, Inc. All rights reserved.
Sun, Sun Microsystems, the Sun logo, Java, iPlanet, and all Sun, Java, and iPlanet based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries.
Last Updated April, 2002