Author: <span class="vcard">Kenio Carvalho</span>

This week i spend several hours to setup a machine with IBM Cognos and IBM Connections 5 CR2 on SLES 11 SP3 using Oracle as database.

The Cognos wizard complete the CognosBI setup but Trasnformer not.

I set the logs to debug level and the messages does not help.

The problem was when the error appears the wizard roll back the installation of CognosBI removing everything from WebSphere.

After several reviews of the SLES libraries and Oracle client setup i made the setup only for CognosBI (previously i setup CognosBI + Transformer) successfully.

I try to open the cognos URL like http://server:port/cognos/servlet/dispatch/ext but the server doesn’t send any response

Reading the cognos.log i found the following :

Initialization_SESS Initialization_REQ Thread-70        CM        6304        1        Audit.cms.CM        StartService Warning
CM-CFG-5063 A Content Manager configuration error was detected while connecting to the content store. sealing violation:
package oracle.jdbc is sealed Runtime Exception stack trace: java.lang.SecurityException: sealing violation: package oracle.jdbc is sealed

I don’t now why but the installer copy the orajdbc6.jar into Cognos.ear.   I stop the cognos server, remove the orajdbc6.jar from the lib folder inside of cognos.ear and  start the server.

The cognosBI works and  Transformer was installed without problems.

The steps i follow

1 – Setup Cognos BI
2 – Stop the server and remove the orajdbc6.jar from the cognos.ear
3 – Start the Cognos Server
4 – Setup the Transformer

IBM Connections requires that XMLHTTP is enabled in Internet Explorer, either through ActiveX or native object, for the dynamic AJAX functionality to function correctly.

Check Enable native XMLHTTP support in the Advanced tab of the Internet Options dialog

Information from IBM TN 1698438

Some users are receiving the message bellow instead of the search results:

CLFRW0075W: Failed to load the index at startup, it may not have been created yet�

The search index on one node was created/copied.

To solve the problem i just copy the index from another node.

1. Update strategy for IBM Connections 5.0:

http://www-01.ibm.com/support/docview.wss?uid=swg21683118

2. IBM Connections 5.0 requirements for IBM FileNet for use with Connections Content Manager (CCM):

http://www-01.ibm.com/support/docview.wss?uid=swg21683147

3. IBM Cognos Wizard for IBM Connections 5.0 Cumulative Refreshes (CRs)
http://www-01.ibm.com/support/docview.wss?uid=swg21696033

4. Fix list for IBM Connections 5.0 CR2:

http://www-01.ibm.com/support/docview.wss?uid=swg21694318

5. Updating the IBM Connections 5.0 databases to the required schema versions for Cumulative Refresh 2 (CR2):

http://www-01.ibm.com/support/docview.wss?uid=swg21694319

6. New functions included in IBM Connections 5.0 CR2
http://www-01.ibm.com/support/docview.wss?uid=swg21695145

7. Upgrade to IBM Connections 5.0 CR2 from IBM Connections 5.0 CR1 With Connections Content Manager (CCM)
http://www-01.ibm.com/support/docview.wss?uid=swg21696235

Security researchers have discovered a vulnerability in a piece of adware called Superfish that makes your computer vulnerable to all kinds of attacks. Superfish ships preloaded on many Lenovo computers, but can also be installed on any machine. Here’s what’s going on and how to test if you’re infected.

See the full article here

Due to security vulnerabilities (CVE-2012-6153 and CVE-2014-3577) WebSphere Portal is removing the Apache commons-httpclient JAR files from all releases and replacing them with the newer version (Apache HttpClient 4.3.6).  
Note that the JAR files may not be removed by a specific interim fix but the interim fix will remove all WebSphere Portal uses of those JAR files and the JAR files will be removed by a subsequent Cumulative Fix associated with that release.

These JAR files have been on the Portal classpath in many releases.  They were never intended to be used by our customers but it is possible that they could be used by a customer’s custom portlets or by a third party’s custom portlets.

The specific JAR files that will be removed are the following:

        commons-httpclient-2.0.jar
        commons-httpclient-3.0.jar
        commons-httpclient-3.0.1.jar

The WebSphere Portal releases in which the removal takes place are:

        WebSphere Portal V6.1.0.6
        WebSphere Portal V6.1.5.3
        WebSphere Portal V7.0.0.2
        WebSphere Portal V8.0.0.1 (included in CF15)
        WebSphere Portal V8.5.0.0

If you do not have any custom code or third party code that uses these JAR files you do not have to do anything as consequence of this removal.  

If you do have custom code or third party code that depends on these JAR files to be in the Portal Server classpath then you will have to make a change.  There are many options.  You can simply add a copy of the JAR back into the WebSphere Application Server or WebSphere Portal classpath, add the JAR into the appropriate portlet WAR file (neither of which will protect you from the security vulnerabilities) or change your custom source code to use the new Apache HttpClient 4.3.6 JAR that does fix the security vulnerability.  Changing the source code is the best option.  Note that Apache HttpClient 4.3.6 is a complete rewrite of the library and there is no backward compatibility.  Reference the Apache web site for more details.

From TN 1695483

External collaboration is a new feature of Connections 5.

External user are any users “marked” or “selected” as a external.

External users can:

• Only see Files and Communites that he/she has given access to
• See people in the community and business card (limited to some information)
• Search, but no public data will be returned.

The process is not complicated. The key is how to mark or select external users on your ldap. The options are;

1 – Map standard LDAP attribute for external users
2 – Map standard LDAP attribute using JavaScript
3 – Use an LDAP branch to store external users.

I use the option 3 because on our LDAP external users are in another branch

I am using linux .

1 – First create another folder above /opt/IBM/TDI/V7.1.1 and copy the content of the TDISOL. I create with the nameTDISOLEXTERNAL
2- Edit map_dbrepos_from_source.properties and add a line

 mode={func_mode_visitor_branch}

3 Edit profiles_tdi.properties and set the properties

source_ldap_url_visitor_confirm=ldap://:389
source_ldap_search_base_visitor_confirm=ou=external,o=Plansis
source_ldap_search_filter_visitor_confirm=(&(objectclass=inetOrgPerson))
source_ldap_search_base=ou=external,o=Plansis
source_ldap_search_filter=(&(objectclass=inetOrgPerson))
source_ldap_urlldap://:389

4- Append a string to an external user´s display name in map_dbrepos_from_source.properties

displayName={func_decorate_displayName_if_visitor}
displayNameLdapAttr=cn
decorateVisitorDisplayName=-Terceiro

5 – Run collect.dns and verify the list of users. Do not run sync_all_dns.sh or you will inactivate internal users!

6 – run populate_from_dn_file.sh

7 – Only internal users with the role EMPLOYEE_EXTENDED can share content with external users. Add the role to the users using wsadmin

execfile(“profilesAdmin.py”)
ProfileService.setRole(“[email protected]”, EMPLOYEE_EXTENDED)

Now you can collaborate with external users.

After i setup the IBM Connections 5.0 CR1 i open the homepage and the theme was show as the old IBM Connections theme not the new one.

I found on the systemout.log the following

net.jazz.ajax.internal.util.TraceSupport warn The StyleSheet “com.ibm.lconn.core.styles.oneui3/base/applications/profiles”

To solve the problem shutdown the connections server and clean the temp folder of the websphere application server on all nodes.

Restart the server and everything must be ok.

Thanks to Michael Urspinger tip