Sametime Administrator's Guidefile/sthelpad.pdf · ® Sametime Administrator’s Guide Version 7.0...

Lotus Sametime

Administrators Guide

Version 7.0 for Windows, AIX, Solaris, and i5/OS

G210-2082-00

Note Before using this information and the product it supports, read the information in Notices, on page 671.

Eighth Edition (August 2005)

This edition applies to version 7.0 of IBM Lotus Sametime (product number L-GHUS-5Z7NTN) and to all subsequent releases and modifications until otherwise indicated in new editions.

This edition replaces G210-1821-00.

Copyright International Business Machines Corporation 2005. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

Contents

Chapter 1. Introduction to Sametime . . 1 What is Sametime? . . . . . . . . . . . . 1 Install Sametime on a Domino server . . . . . . 2 Sametime basics . . . . . . . . . . . . . 3

Collaborative activities and end-user features . . 3 Sametime administration terms and features . . 12 Sametime clients . . . . . . . . . . . . 19 Sametime services . . . . . . . . . . . 21

The Lotus Enterprise Meeting Server (EMS) . . . 25 Starting and stopping the Sametime server . . . . 25

Sametime on a Windows NT server . . . . . 25 Starting the Sametime server . . . . . . . 25 Stopping the Sametime server . . . . . . . 26 Sametime on a Windows 2000 server . . . . . 26 Starting the Sametime server . . . . . . . 26 Stopping the Sametime server . . . . . . . 26

Chapter 2. Using the Sametime Administration Tool . . . . . . . . . 27 Starting the Sametime Administration Tool . . . . 27

User name and password requirements . . . . 27 Details: Starting the Sametime Administration Tool . . . . . . . . . . . . . . . . 27

Overview of the Sametime Administration Tool features . . . . . . . . . . . . . . . . 28

Server Overview . . . . . . . . . . . . 28 Message From Administrator . . . . . . . 28 Monitoring . . . . . . . . . . . . . 28 Logging . . . . . . . . . . . . . . 28 Directory . . . . . . . . . . . . . . 28 Configuration . . . . . . . . . . . . 29 Server Overview feature . . . . . . . . . 30 Message From Administrator feature . . . . . 30 Monitoring the Sametime server . . . . . . 30 Logging Sametime activity . . . . . . . . 31 Managing users and Domino Directories . . . 31 Managing users and LDAP directories . . . . 31 Configuring ports and network connectivity . . 32 Configuring Community Services . . . . . . 33 Configuring Meeting Services . . . . . . . 34 Configuring Audio/Video Services . . . . . 34

Additional administrative tasks . . . . . . . . 35 Configuring Broadcast Services . . . . . . . 35 Deploying multiple Sametime servers . . . . 36 Managing security . . . . . . . . . . . 36 Maintaining the Sametime Meeting Center . . . 37

Adding a new Sametime administrator . . . . . 39 Allowing others to access the Sametime Administration Tool . . . . . . . . . . 39 Using individual names instead of an Administrators Group . . . . . . . . . . 40 Create a Person document for the administrator 40 Create an Administrators Group document . . . 41 Add the Administrators Group document to Sametime database ACLs . . . . . . . . . 41

Modifying the Server document of the Sametime server . . . . . . . . . . . . . . . 43 Adding and removing names from an Administrators Group document . . . . . . 44

Roles in Sametime database ACLs . . . . . . . 45 Roles in the Sametime Configuration database (stconfig.nsf) . . . . . . . . . . . . . 45 Roles in the Domino Directory (names.nsf) . . . 46 Roles in the Sametime Meeting Center (stconf.nsf) . . . . . . . . . . . . . . 46 Roles in the Domino Web Administration database (webadmin.nsf) . . . . . . . . . 47

Chapter 3. Using Domino Directories 49 Managing the Domino Directory . . . . . . . 49

Basic Domino Directory requirements . . . . 49 Managing multiple Domino Directories with Sametime . . . . . . . . . . . . . . 50 Directory security considerations . . . . . . 52 Using an LDAP directory instead of a Domino Directory . . . . . . . . . . . . . . 52

Managing users in the Domino Directory . . . . 53 Adding users . . . . . . . . . . . . . 53 Using Sametime self-registration . . . . . . 54 Managing Sametime users with the Sametime Administration Tool . . . . . . . . . . 55

How Sametime uses Domino Directory information 59 Person documents . . . . . . . . . . . 59 Group documents . . . . . . . . . . . 60 The Server document . . . . . . . . . . 61 Directory views used by Sametime features . . . 61

Managing users in buddy lists and privacy lists . . 61

Chapter 4. Using LDAP Directories with Sametime . . . . . . . . . . . . . 63 Using LDAP with the Sametime server . . . . . 63 How LDAP is used with Sametime . . . . . . 65

Authentication . . . . . . . . . . . . 65 Searches . . . . . . . . . . . . . . 65 Connectivity . . . . . . . . . . . . . 66 Administration and user management . . . . 66

Setting up an LDAP connection . . . . . . . 67 Selecting the appropriate LDAP options during the server installation . . . . . . . . . . 67 Alter the Directory Assistance document for the LDAP directory . . . . . . . . . . . . 68 Configure the LDAP Directory settings . . . . 69

LDAP directory settings . . . . . . . . . . 72 Connectivity . . . . . . . . . . . . . 72 Basics . . . . . . . . . . . . . . . 73 Authentication . . . . . . . . . . . . 73 Searching . . . . . . . . . . . . . . 73 Group Contents . . . . . . . . . . . . 73 Add Administrator . . . . . . . . . . . 73 Access Control . . . . . . . . . . . . 73

Copyright IBM Corp. 2005 iii

LDAP knowledge required to configure the LDAP Directory settings . . . . . . . . . 73 Configuring LDAP Connectivity settings . . . 74 Configuring the LDAP Basics settings . . . . 78 Configuring LDAP Authentication settings . . . 87 Configuring the LDAP Searching setting . . . . 89 Configuring the LDAP Group Contents setting 91

Using SSL to encrypt connections between the Sametime and LDAP servers . . . . . . . . 92

Using SSL to encrypt all data transmitted between the Sametime and LDAP servers . . . 93 Using SSL to encrypt only user passwords passing between the Sametime and LDAP servers 93 Allowing all data to pass unencrypted between the Sametime and LDAP servers . . . . . . 95 Modifying the Directory Assistance document of the LDAP server to encrypt the connection between the Sametime server and the LDAP servers . . . . . . . . . . . . . . . 96 Ensuring that the Sametime server trusts the LDAP server certificate (Windows and AIX/Solaris servers) . . . . . . . . . . 97 Ensuring that the Sametime server trusts the LDAP server certificate (i5/OS servers) . . . . 101

Adding a new administrator in the LDAP environment . . . . . . . . . . . . . . 103 Access Control Lists and LDAP User Names . . . 103 Setting up an LDAP connection after selecting the Domino directory during the server installation . . 104

Shut down the Sametime services but keep the Domino services active . . . . . . . . . 105 Set up a Directory Assistance database . . . . 105 Identify the Directory Assistance database on the Sametime server . . . . . . . . . . 106 Create a Directory Assistance document that enables the Sametime server to access the LDAP server . . . . . . . . . . . . . . . 106 Create an LDAP document in the Configuration database . . . . . . . . . . . . . . 109 Copy and rename the .DLL files, edit the Notes.ini file, or edit the Sametime.ini file . . . 110 Run the Lotus Sametime Name Conversion Utility . . . . . . . . . . . . . . . 111 Configuring the LDAP directory settings . . . 112 Restart the Sametime services on your Domino server . . . . . . . . . . . . . . . 112

Using Java classes to customizing LDAP directory searches . . . . . . . . . . . . . . . 112

Using a Java class to control directory searches for people and groups . . . . . . . . . 112 Using a Java class to control the format of user names returned in LDAP directory searches . . 116

Solving token authentication problems in mixed server and multiple LDAP directory environments . 120

Solving the token authentication problem . . . 121 Managing users in buddy lists and privacy lists in an LDAP environment . . . . . . . . . . 122

Chapter 5. Configuring Ports and Network Connectivity . . . . . . . . 123 Ports used by the Sametime server . . . . . . 123

HTTP Services, Domino Services, LDAP Services, and Sametime intraserver ports . . . 123 Community Services ports . . . . . . . . 124 Meeting Services ports . . . . . . . . . 125 Broadcast Services ports . . . . . . . . . 126 Audio/Video Services ports . . . . . . . 127

Proxy support for Sametime clients . . . . . . 128 Overview of Sametime client connectivity . . . . 129 Configuring Sametime Networks and Ports settings . . . . . . . . . . . . . . . 129

HTTP Services settings . . . . . . . . . 131 Community Services Network settings . . . . 132 Meeting Services Network settings . . . . . 140 Broadcast Services Network settings . . . . . 146 Interactive Audio/Video Network settings . . . 153

Community Services connectivity and the home Sametime server . . . . . . . . . . . . 155

Sametime Connect and the home Sametime server . . . . . . . . . . . . . . . 156 Assigning users to a home Sametime server . . 157 Home Sametime servers and self-registration 157 Home Sametime servers and instant meetings 157

Sametime Connect client connection processes . . 158 Basic Sametime Connect client connection process . . . . . . . . . . . . . . 158 Sametime Connect client connection process using the Web browser or Java Plug-in settings . 158 Basic Sametime Connect client connection process . . . . . . . . . . . . . . 159 Sametime Connect client connection processes using the Web browser or Java Plug-in connectivity settings . . . . . . . . . . 165

Changing the default connectivity settings of the Sametime Connect for browsers client . . . . . 171

Specifying the default configuration settings of the Sametime Connect for browsers client . . . 172 Creating the ConnectivityMethod applet parameter . . . . . . . . . . . . . 172 Syntax of the ConnectivityMethod applet parameter . . . . . . . . . . . . . 173 Complete examples of the ConnectivityMethod applet parameter . . . . . . . . . . . 174 Adding the ConnectivityMethod parameter to the STSrc.nsf database . . . . . . . . . 175 Example of custom HTML code required to launch the Sametime Connect for browsers client . . . . . . . . . . . . . . . 175

Meeting Room and Broadcast client connection processes . . . . . . . . . . . . . . . 176

Meeting Room and Broadcast client connection processes using the Sun or IBM JVM 1.4.2 . . . 176

About HTTP tunneling . . . . . . . . . . 193 What is HTTP tunneling on port 80? . . . . 194 Configuring HTTP-tunneling settings on a server that uses a single IP address . . . . . 195 Configuring HTTP tunneling on a server that uses multiple IP addresses . . . . . . . . 200 Notes about client connection processes using HTTP tunneling on port 80 . . . . . . . . 205

iv Sametime Administrators Guide

Sametime Connect client 2.5 and 7.0 compatibility issues with HTTP tunneling on port 80 . . . . . . . . . . . . . . 206

TCP tunneling of interactive audio/video streams on port 80 . . . . . . . . . . . . . . 208

Issues associated with TCP tunneling of interactive audio/video streams . . . . . . 209 Enabling TCP tunneling of interactive audio/video streams on port 80 . . . . . . 210

Assigning IP addresses to multiple Sametime servers installed on a single server machine . . . 214 Connecting to other Sametime servers . . . . . 214 Connecting Meeting Servers . . . . . . . . 215 Using the Servers in this Community settings . . 215 Extending a Sametime server to the Internet . . . 215 Using reverse proxy or portal servers with the Sametime server . . . . . . . . . . . . 216

What is a reverse proxy server? . . . . . . 216 Requirements and limitations of Sametime 7.0 reverse proxy support . . . . . . . . . 217 Configuring mapping rules on a reverse proxy server to support Sametime . . . . . . . 221 Configuring a Sametime server to operate with a reverse proxy server . . . . . . . . . 226 Sametime client connectivity and reverse proxy servers . . . . . . . . . . . . . . 227

Chapter 6. Configuring the Community Services . . . . . . . . 231 About the Community Services . . . . . . . 231 Community Services configuration settings . . . 232

General settings . . . . . . . . . . . 233 Server Features settings . . . . . . . . . 233 Sametime Connect for browsers settings . . . 233 Community Services connectivity settings . . . 234 Community Services server clusters . . . . . 234 Number of entries on each page in dialog boxes that show names in the directory . . . . . . 234 How often to poll for new names added to the Sametime Community directory . . . . . . 235 How often to poll for new servers added to the Sametime Community . . . . . . . . . 235 Maximum user and server connections to the Community server . . . . . . . . . . 236 Allow users to authenticate using either LTPA or Sametime Tokens (stauths.nsf and stautht.nsf) 237 Display the Download Sametime Connect for the desktop link . . . . . . . . . . . 237 Allow users to transfer files to each other . . . 238 Allow users to send announcements . . . . . 239 Allow Connect users to save their user name, password, and proxy information (automatic login) . . . . . . . . . . . . . . . 240 Display the Launch Sametime Connect for browsers link . . . . . . . . . . . . 241

Anonymous Access Settings for Community Services . . . . . . . . . . . . . . . 242

Anonymous users can participate in meetings or enter virtual places . . . . . . . . . . 243

Users of Sametime applications can specify a display name so that they do not appear online as anonymous. . . . . . . . . . . . 244 Directory Searching and Browsing options . . . 245

Allowing users to control the default screen location and size of chat windows . . . . . . 246

One-to-one chat windows and n-way chat windows . . . . . . . . . . . . . . 247 Enabling users to select the default location and size of chat windows . . . . . . . . . . 248

Prohibiting logins from insecure clients to the server . . . . . . . . . . . . . . . . 248

Specifying the security level (minimum allowed client version) . . . . . . . . . . . . 249 Allowing logins from clients that do not conform to the security level . . . . . . . 250 Configuring the server to send instant messages to clients that do not conform to the security level . . . . . . . . . . . . . . . 251 Specifying the name to display in the title bar of instant messages sent by the server . . . . . 252

Chat Logging . . . . . . . . . . . . . 252 Deploying a Community Services multiplexer on a separate machine . . . . . . . . . . . . 253

Performance improvements with a separate multiplexer . . . . . . . . . . . . . 254 Installing and setting up a separate Community Services multiplexer . . . . . . . . . . 254 Community Services multiplexer preinstallation considerations . . . . . . . . . . . . 255 Install the Community Services multiplexer . . 255 Configure security settings in the Configuration database on the Sametime server . . . . . . 255 Configure settings in the Sametime.ini file on the multiplexer machine . . . . . . . . . 256 Configuring client connectivity to the Community Services multiplexer machine . . . 257 (Optional) Dynamically load balancing client connection to the multiplexers . . . . . . . 258

Enabling Sametime Connect for browsers to function in kiosk mode . . . . . . . . . . 259

Enabling the kiosk mode . . . . . . . . 259 Enabling the kiosk mode by adding an applet parameter to the HTML in the STSrc.nsf database . . . . . . . . . . . . . . 260 Example of custom HTML code that loads the Sametime Connect for browsers client . . . . 261

Deploying the Macintosh Sametime Connect client for the desktop . . . . . . . . . . . . . 261

Authentication . . . . . . . . . . . . 262 Deploying the client . . . . . . . . . . 262 Configuring the client to connect to the Sametime server . . . . . . . . . . . 263

Chapter 7. Enabling the SIP Gateway 265 Using the SIP functionality with Sametime . . . 265

Using the SIP functionality in a Windows, AIX, or Solaris environment . . . . . . . . . 265 Using the SIP functionality in an IBM i5/OS environment . . . . . . . . . . . . . 266

Overview of SIP components . . . . . . . . 267

Contents v

What are SIP and SIMPLE . . . . . . . . 267 Sametime SIP Gateway overview . . . . . . 267 Sametime SIP Connector overview . . . . . 268 SIP proxies and connections . . . . . . . 269

Setting up the SIP Gateway functionality . . . . 270 Setting up the SIP Gateway functionality (Windows, AIX, or Solaris environment) . . . . 270

Review the SIP Connector planning considerations (Windows/AIX/Solaris environment) . . . . . . . . . . . . 270 Install the SIP Connector (Windows/AIX/Solaris environment) . . . . 272 Configuring the SIP Gateway and SIP Connector parameters (Windows/AIX/Solaris environment) . . . . . . . . . . . . 272

Setting up the SIP Gateway functionality (IBM i5/OS environment) . . . . . . . . . . . 277

Review the SIP Connector planning considerations (IBM i5/OS environment) . . . 277 Installing or enabling the SIP Connector (IBM i5/OS environment) . . . . . . . . . . 280 Configuring the SIP Gateway and SIP Connector parameters (IBM i5/OS environment) . . . . 281

Disabling the SIP Gateway functionality . . . . 286 Encrypting SIP traffic with Transport Layer Security (TLS) . . . . . . . . . . . . . 286

Specify the host name and port for TLS connections . . . . . . . . . . . . . 287 Set the TLS encryption mode . . . . . . . 288 Managing the certificates required for TLS connections (integrated SIP Connector on IBM i5/OS) . . . . . . . . . . . . . . . 288 Managing the certificates required for TLS connections (standalone SIP Connector on Windows) . . . . . . . . . . . . . 291

Enabling client certificate authentication for a standalone SIP Connector on a Windows machine (optional) . . . . . . . . . . . . . . . 298

Enabling a SIP Connector to operate as a client when client certificate authentication is required . 299 Enabling a SIP Connector to require client certificate authentication . . . . . . . . . 299

Audio/Video connectivity with SIP . . . . . . 301 End user experience with the SIP Gateway . . . 302

Chapter 8. Configuring the Meeting Services . . . . . . . . . . . . . 305 About the Meeting Services . . . . . . . . 305 Meeting Services configuration settings . . . . . 306

General . . . . . . . . . . . . . . 306 Connection Speed Settings . . . . . . . . 306 Meeting Services connectivity settings . . . . 306 Meeting Services bandwidth control . . . . . 306 Accessing the Meeting Services configuration settings . . . . . . . . . . . . . . 306 General Settings for Meeting Services . . . . 307 Managing recorded meetings (Record and Playback) . . . . . . . . . . . . . . 315 Connection Speed Settings for Meeting Services 324

Controlling the bandwidth usage of the Meeting Services . . . . . . . . . . . . . . . 328

Enabling the Bandwidth Control feature . . . 329 MaxBandwidthAvailable . . . . . . . . . 329 BandwidthUpdateInterval . . . . . . . . 330 BandwidthReportInterval . . . . . . . . 330

Chapter 9. Configuring the Broadcast Services . . . . . . . . . . . . . 331 Broadcast Services components and clients . . . 331

Broadcast Services server components . . . . 331 Broadcast Services client . . . . . . . . . 332

Using multicast . . . . . . . . . . . . . 333 Configuring the Broadcast Services settings . . . 335

Broadcast configuration settings . . . . . . 335 Broadcast Services Connection Speed Settings and meeting performance . . . . . . . . 335

Broadcast Services performance issues . . . . . 339

Chapter 10. Configuring the Audio/Video Services . . . . . . . . 341 About the Audio/Video Services . . . . . . . 341

Audio/Video Services Connectivity settings . . 342 Client system requirements for the Audio/Video Services . . . . . . . . . . . . . . . 342

Supported sound cards and cameras . . . . 343 Sound cards . . . . . . . . . . . . . 343 Cameras . . . . . . . . . . . . . . 343

IP audio/video terminology and concepts . . . . 344 Audio/Video Services components and clients . . 346

Audio/Video Services server components . . . 347 Audio/Video Services client . . . . . . . 349

Audio/Video Services configuration settings . . . 350 Interactive Audio/Video Services settings . . . 350 Connection Speed Settings . . . . . . . . 350 Usage Limits and Denied Entry settings . . . 351 Interactive Audio/Video Network and Ports settings . . . . . . . . . . . . . . 351 Accessing the Audio/Video Services configuration settings . . . . . . . . . . 351 Interactive Audio/Video Services settings . . . 351 Connection Speed Settings for Audio/Video Services . . . . . . . . . . . . . . 355 Usage Limits and Denied Entry . . . . . . 365

Prioritizing audio/video UDP data (TOS values) 372 Using a 360-degree video camera with Sametime 373 Tips for using audio/video . . . . . . . . . 374

Chapter 11. Monitoring the Sametime Server . . . . . . . . . . . . . . 375 Accessing the Monitoring charts . . . . . . . 375 General Server Status . . . . . . . . . . . 375

Total Active Meetings . . . . . . . . . 375 Total Meeting Room Connections . . . . . . 376 Total Community Logins . . . . . . . . 376 Total Broadcast Connections . . . . . . . 377 Total Broadcast Streams . . . . . . . . . 377

Logins . . . . . . . . . . . . . . . . 378 Meetings and Participants . . . . . . . . . 378 Tools in Meetings . . . . . . . . . . . . 379 Miscellaneous . . . . . . . . . . . . . 380

Memory . . . . . . . . . . . . . . 380

vi Sametime Administrators Guide

Disk Space . . . . . . . . . . . . . 380 Web Statistics . . . . . . . . . . . . 380 Domino HTTP Requests . . . . . . . . . 380 Domino HTTP Commands . . . . . . . . 381

Chapter 12. Logging Sametime Activity . . . . . . . . . . . . . . 383 Community Logins/Logouts . . . . . . . . 383

Community Login/Logout information . . . . 383 Community Statistics . . . . . . . . . . . 384

Community Statistics information . . . . . 385 Community Events . . . . . . . . . . . 385

Community Events information . . . . . . 386 Place Login Failures . . . . . . . . . . . 386

Place Login Failure information . . . . . . 387 Meeting Login Failures . . . . . . . . . . 388

Meeting Login Failures information . . . . . 388 Meeting Connections . . . . . . . . . . . 389

Meeting Connections information . . . . . 389 Server Connections . . . . . . . . . . . 390

Server Connections information . . . . . . 390 Meeting Statistics . . . . . . . . . . . . 390

Meeting Statistics information . . . . . . . 391 Meeting Events . . . . . . . . . . . . . 391

Meeting Events information . . . . . . . 391 Capacity Warnings . . . . . . . . . . . 393

Capacity Warnings information . . . . . . 393 Usage Limits in the log . . . . . . . . . . 394

Usage Limits and Denied Entries information 394 Domino log . . . . . . . . . . . . . . 394

Content of the Domino log . . . . . . . . 395 Views in the Domino log . . . . . . . . 395

Sametime log settings . . . . . . . . . . 396 General log settings . . . . . . . . . . 396 Capacity Warnings log settings . . . . . . 399

Chapter 13. Managing Security . . . . 401 Getting started with Sametime security . . . . . 401

The required fully qualified server name . . . 401 Basic password authentication and authentication by token . . . . . . . . . 401 User requirements for basic password authentication . . . . . . . . . . . . 402 Changing a users password . . . . . . . 405 Anonymous access and the Sametime Meeting Center . . . . . . . . . . . . . . . 406

Domino security and the Web browser connection 408 Using database ACLs for identification and authentication . . . . . . . . . . . . . 409

Using database ACLs . . . . . . . . . . 409 Maximum Internet name & password setting 410 Adding a name to a database Access Control List (ACL) . . . . . . . . . . . . . 410 Database ACL settings . . . . . . . . . 411 Anonymous access and database ACLs . . . . 415 Basic password authentication and database ACLs . . . . . . . . . . . . . . . 417

Authentication by token using LTPA and Sametime tokens . . . . . . . . . . . . . . . . 419

Authentication by token using the Domino Single Sign-On (SSO) feature . . . . . . . 420 Altering the Domino Web SSO configuration following the Sametime server installation . . . 421 Manually enabling the Domino SSO feature . . 424 Using the Sametime custom logon form for SSO 427 Authentication by token using Secrets and Tokens databases . . . . . . . . . . . 428

Security recommendations for self-registration . . 430 Encryption and meeting passwords . . . . . . 431 Using SSL with Sametime . . . . . . . . . 432

Encrypting Web browser connections with SSL 432 Ensuring access to Sametime servlets when Domino requires SSL for all connections . . . 432 Encrypting connections to an LDAP server . . 432 Setting up SSL for Sametime on Windows . . . 433 Setting up SSL for Sametime on Solaris/AIX 436

Ensuring Sametime servlet access when Domino requires SSL for all connections . . . . . . . 440

Obtaining the appropriate SSL trusted root or SSL server certificate . . . . . . . . . . 441 Import the SSL certificate into the STKeys.jks key database . . . . . . . . . . . . 444 Configure the Sametime.ini file on the Sametime server . . . . . . . . . . . . . . . 446

Chapter 14. Deploying Multiple Lotus Sametime Servers . . . . . . . . . 449 About Sametime server clusters . . . . . . . 449 Advantages of using multiple Sametime servers 449

Advantages of multiple home Sametime servers 450 Advantages of a single meeting on multiple servers . . . . . . . . . . . . . . 450

Integrating a Sametime server into an existing Sametime community . . . . . . . . . . 451

Installing a Sametime server into an existing Sametime community . . . . . . . . . 452 Configuring ports for server-to-server connections . . . . . . . . . . . . . 455 Synchronizing the Sametime server with other Sametime servers . . . . . . . . . . . 456

Extending Sametime to Internet users . . . . . 463 Positioning a Sametime server in the network DMZ . . . . . . . . . . . . . . . 464 Opening ports on the internal firewall . . . . 465 Opening ports on the external firewall . . . . 468 Screen-sharing security and Internet users . . . 471

Extending a single Sametime community across multiple Domino domains . . . . . . . . . 472

Example of extending a single Sametime community across two Domino domains . . . 473

Chapter 15. Introduction to server clusters and the Enterprise Meeting Server . . . . . . . . . . . . . . 483 Creating Sametime server clusters . . . . . . 483

Clustering Community Services and Meeting Services . . . . . . . . . . . . . . 483 Clustering the Community Services without clustering the Meeting Services . . . . . . 484

Contents vii

Clustering the Meeting Services without clustering the Community Services . . . . . 484 Clustering both the Community Services and the Meeting Services . . . . . . . . . . 485 About clustering both the Meeting Services and the Community Services . . . . . . . . . 486

Overview of Community Services clustering . . . 487 Differences between the clustering and single-server approaches . . . . . . . . . 487 Load balancing and failover in Community Services clusters . . . . . . . . . . . 490

Overview of the Enterprise Meeting Server and Meeting Services clustering . . . . . . . . . 490

What is the Enterprise Meeting Server? . . . . 491 Scheduling and load balancing in the Meeting Services cluster . . . . . . . . . . . . 493 Booking meetings in the Meeting Services cluster . . . . . . . . . . . . . . . 494 Monitoring the health of servers in the cluster 495 Managing meeting materials with the EMS . . 496 User interaction with the Enterprise Meeting Server . . . . . . . . . . . . . . . 497 Client connectivity in a Meeting Services cluster 498 Enterprise Meeting Server security . . . . . 499 LDAP directory access and the Enterprise Meeting Server . . . . . . . . . . . . 500

Chapter 16. Setting up a Community Services cluster without clustering the Meeting Services . . . . . . . . 503 Community Services cluster setup procedures . . 503

Community Services clustering preparations . . 504 Deploying an LDAP directory server . . . . 505 Installing the Sametime servers for the Community Services cluster . . . . . . . 506 Creating a Domino server cluster . . . . . . 508 Setting up replication of Sametime databases 509 Deploying separate Community Services multiplexers (optional) . . . . . . . . . 511 Set up the load-balancing mechanism (rotating DNS or Network Dispatcher) . . . . . . . 515 Creating a cluster document in the Configuration database (stconfig.nsf) . . . . 517 Creating a cluster document on other Sametime servers in the community . . . . . . . . 518 Configuring client connectivity for the Community Services cluster . . . . . . . 519

Adding another server to the Community Services cluster . . . . . . . . . . . . . . . . 521 Creating multiple Community Services clusters in a single Sametime community . . . . . . . . 522

Creating multiple Community Services clusters 522 Create the Community Services clusters . . . 522 Copy the Cluster Information documents to all servers in the community . . . . . . . . 522

Rotating DNS Limitations with cached DNS resolve requests . . . . . . . . . . . . 523

Sametime Connect for the desktop . . . . . 523 Sametime Connect for browsers . . . . . . 524

Chapter 17. Setting Up the Enterprise Meeting Server and a Meeting Services Cluster . . . . . . . . . . 527 EMS deployment and Meeting Services cluster setup procedures . . . . . . . . . . . . 528 EMS pre-deployment requirements and considerations . . . . . . . . . . . . . 529

Ensuring the hardware required for an EMS deployment is available . . . . . . . . . 530 Deploying an LDAP directory . . . . . . . 531 Create or identify the required LDAP directory accounts . . . . . . . . . . . . . . 532 Installing the Sametime servers . . . . . . 534 Ensuring the software required for EMS deployment is available . . . . . . . . . 536

Installing the J2EE infrastructure on the EMS computer . . . . . . . . . . . . . . . 537

Setting up the required Windows administrator account . . . . . . . . . . . . . . 538 Installing the DB2 server . . . . . . . . 539 Installing WebSphere MQ V5.3.0.2 . . . . . 540 Installing WebSphere MQ 5.3 CSD08 (Fix Pack 8) . . . . . . . . . . . . . . . . 543 Installing the WebSphere Application Server V5.1, Advanced Edition . . . . . . . . . 544 Installing the WebSphere Application Server V5.1 Fix Pack 1 . . . . . . . . . . . . 545 Installing the WebSphere V5.1.1 Cumulative Fix 2 . . . . . . . . . . . . . . . . 546 Setting up the JMS system queues . . . . . 547 Ensuring WebSphere MQ supports the Double-Byte Character Set (DBCS) . . . . . 549

Configuring WebSphere server security and LDAP directory access . . . . . . . . . . . . . 550

Next step: . . . . . . . . . . . . . 553 Deploying the Enterprise Meeting Server . . . . 553

Creating and configuring three additional WebSphere Application Servers . . . . . . 553 Installing the Enterprise Meeting Server files 556 Creating the DB2 database . . . . . . . . 556 Creating the WebSphere MQ queues . . . . . 557 Defining the WebSphere Variables . . . . . 558 Defining the JAAS Alias . . . . . . . . . 559 Setting up the JDBC Provider Resource and creating the Data Source . . . . . . . . . 559 Creating the JMS Connection Factory . . . . 560 Creating the JMS Destinations . . . . . . . 561 Ensuring UTF-8 Unicode character support for the EMS . . . . . . . . . . . . . . 562 Deploying the STAdmin, STCenter, and STServer Enterprise Archive (EAR) files . . . 563 Regenerating the WebServer plugin and starting the Enterprise Meeting Server Enterprise Applications . . . . . . . . . . . . . 565

Adding Sametime servers to the EMS . . . . . 566 Synchronizing the Single Sign-On (SSO) support for the EMS and Sametime servers . . . . . 567 Edit the Sametime.ini file on the Sametime servers . . . . . . . . . . . . . . 569

viii Sametime Administrators Guide

Edit the MeetingServices document in the Configuration database on the Sametime server . 570 Provide the WebSphere and EMS administrator account with Manager access to the stconfig.nsf database . . . . . . . . . . . . . . 571 Enable the Sametime servers to store recorded meeting files on a remote server . . . . . . 572 Start the EMS Administration Tool for the first time . . . . . . . . . . . . . . . 573 Adding a Sametime server using the EMS Administration Tool . . . . . . . . . . 574 Specifying Usage Limits and Denied Entry settings for the Sametime server . . . . . . 575

Accessing the EMS user interface . . . . . . . 581

Chapter 18. Creating a Community Services cluster with the Enterprise Meeting Server . . . . . . . . . . . 583 Community Services cluster setup procedures (with the EMS) . . . . . . . . . . . . . 583

Create a Domino server cluster . . . . . . 584 Set up real-time replication of Sametime databases . . . . . . . . . . . . . . 585 (Optional) Deploying separate Community Services multiplexers . . . . . . . . . . 585 Set up a load balancing mechanism . . . . . 587 Configure the Community Services clustering parameters in the DB2 database . . . . . . 587 Configure client connectivity . . . . . . . 589

Chapter 19. Setting Up Security for the Enterprise Meeting Server . . . . 593 Securing user access to the Enterprise Meeting Server . . . . . . . . . . . . . . . . 593

Understanding the Enterprise Meeting Server security roles . . . . . . . . . . . . 593 Sample security configurations . . . . . . 597 Assigning security roles to users in the LDAP directory . . . . . . . . . . . . . . 598

Encrypting EMS HTTP traffic with SSL . . . . . 599 Encrypting Web browser connections to the EMS with SSL . . . . . . . . . . . . 600 Encrypting HTTP traffic between the EMS and Sametime servers with SSL . . . . . . . . 621

Chapter 20. Administering Sametime servers from the Enterprise Meeting Server . . . . . . . . . . . . . . 637 Using the EMS Administration Tool to administer Sametime servers . . . . . . . . . . . . 637 Sending a message from the administrator . . . 639 Monitoring Sametime servers added to the EMS 639

General Server Status . . . . . . . . . . 639 Logins . . . . . . . . . . . . . . . 640 Meetings and Participants . . . . . . . . 641

Tools in Meetings . . . . . . . . . . . 641 Using the EMS Administration Tool logging features . . . . . . . . . . . . . . . 641

Managing the Community Statistics and Meeting Statistics logging views . . . . . . 643

Configuring LDAP directory settings from the EMS Administration Tool . . . . . . . . . . . 647 Configuring connectivity for Sametime servers added to the EMS . . . . . . . . . . . . 647

Meeting Room and Broadcast client connections (Meeting Services and Broadcast Services) . . . 647 Configuring connectivity for Meeting Services and Broadcast Services connections . . . . . 648 Sametime Connect client connections (Community Services) . . . . . . . . . 649 Configuring connectivity for the Community Services . . . . . . . . . . . . . . 649

Configuring the Community Services of Sametime servers added to the EMS . . . . . . . . . 649 Configuring the Meeting Services of Sametime servers added to the EMS . . . . . . . . . 650 Configuring the Audio/Video Services of Sametime servers added to the EMS . . . . . . . . . 651 Working with the Broadcast Services of Sametime servers added to the EMS . . . . . . . . . 652

Chapter 21. Using the StdebugTool.exe utility . . . . . . . 653 Running the StdebugTool.exe utility . . . . . . 653

Trace file location . . . . . . . . . . . 654 Step-by-step example of running the StdebugTool.exe utility . . . . . . . . . 654

Chapter 22. Using the Name Conversion Utility . . . . . . . . . 657 Using the Name Conversion Utility . . . . . . 657 When to run the Name Conversion Utility . . . 657 Preparing to run the Name Conversion Utility . . 658

Managing the vpuserinfo.nsf database . . . . 658 Editing the text files that control the operation of the utility . . . . . . . . . . . . . 659

Running the Name Conversion Utility . . . . . 660 Converting buddy lists and privacy lists from the Domino directory format to the LDAP directory format . . . . . . . . . . . 660 Changing user names and group names . . . 662 Changing organizational unit names . . . . . 666

Debug and trace file information . . . . . . . 668 Known issues and limitations . . . . . . . . 669

Appendix. Notices . . . . . . . . . 671 Trademarks . . . . . . . . . . . . . . 672 Third Party Notices . . . . . . . . . . . 673

Index . . . . . . . . . . . . . . . 679

Contents ix

x Sametime Administrators Guide

Chapter 1. Introduction to Sametime

This chapter provides network administrators with an overview of the IBM

Lotus

Sametime

server. This chapter introduces Sametime collaborative features, clients, services, applications, administrative features, and the IBM Lotus Sametime Enterprise Meeting Server (EMS) application. The EMS application is an add-on product for a Sametime deployment that must be purchased separately from the Sametime server.

What is Sametime? Sametime consists of client and server applications that enable a community of users to collaborate in real-time online meetings over an intranet or the Internet. Members of the Sametime community use collaborative activities such as presence, chat, screen sharing, a shared whiteboard, and real-time audio/video capabilities to meet, converse, and work together in instant or scheduled meetings.

Sametime presence technology enables members who have logged in to the Sametime server to see all other members who are online (logged in). The names of online users display in presence lists in Sametime applications. From these presence lists, members of the community can converse through instant messaging sessions or start instant meetings that include chat, screen-sharing, whiteboard, question and answer polls, the ability to send Web pages to other users, and audio/video capabilities.

While presence lists support instant awareness and instant collaboration with other online users, the Sametime Meeting Center on the Sametime server provides a central meeting place for members of the community. In the Meeting Center, users can schedule meetings to start at a particular time. Users access the Sametime Meeting Center with Web browsers at the scheduled meeting time to attend the meeting.

The two primary Sametime client applications are the IBM Lotus Sametime Connect client and the Sametime Meeting Room client. The Sametime Connect client is a Windows

application that contains a presence list that displays selected members of the community who are online. From Sametime Connect, a user can collaborate by sending instant messages or by starting an instant meeting with any other online member of the community.

The Sametime Meeting Room client is a JavaTM applet that loads and runs in a users Web browser whenever the user attends an instant or scheduled meeting. The Sametime Meeting Room client contains components that support the full range of Sametime collaborative activities, including interactive audio and video.

Sametime supports a broadcast technology that enables a large number of view-only users (or audience members) to watch a small number of users (or presenters) interact in a meeting. The broadcast technology is especially useful for meetings in which one person, or a small group of people, make presentations to a large audience. Audience members watch a broadcast meeting using a separate receive-only Java client called the Sametime Broadcast client.

Each Sametime server contains an IBM Lotus DominoTM Directory that maintains information about all users and servers that comprise the Sametime community.

Copyright IBM Corp. 2005 1

The Sametime server can also be configured to operate as a client to a Lightweight Directory Access Protocol (LDAP) server containing an LDAP directory.

Sametime works through the interaction of its client applications with services on the Sametime server. The Sametime services include the Community Services, Meeting Services, Broadcast Services, Domino/Web Application Services, and Audio/Video Services. Managing the directory, ensuring that Sametime clients can connect to the Sametime server, configuring the Sametime services, and monitoring the server are some of the primary administrative tasks associated with the Sametime server.

Sametime administrators use the Web-based Sametime Administration Tool. This tool runs in a Web browser and is available from the Administer the Server link on the Sametime server home page.

The Sametime 7.0 server includes the concept of server clustering. Sametime server clusters: v Enhance server scalability and reliability to enable Sametime to meet the

demands of large user populations. v Provide load balancing and failover capabilities for Sametime Community

Services and Meeting Services.

For more information about server clusters, see Sametime server clusters.

Install Sametime on a Domino server A Sametime server must be installed on a Domino server. Sametime can be installed on a Domino server running on a Windows, IBM iSeriesTM, or IBM pSeriesTM server. This documentation uses the term Sametime server to refer to the server that includes both Domino and Sametime.

Note: For detailed information about system requirements, installation procedures, and the version of Domino on which Sametime must be installed, see the Lotus Sametime Server 7.0 Installation Guide (stinstall.nsf or stinstall.pdf) that is shipped with the Sametime server. Separate installation guides are provided for each platform.

Sametime uses the Directory, security, and replication features of Domino servers. It is best if the Sametime server is dedicated to supporting the real-time, interactive communication services of Sametime. A Sametime server should not be used for other high-demand Domino services such as mail storage and routing, application and database storage, or centralized Directory and administration services.

Note: An IBM i5/OS or IBM pSeries server can run multiple partitioned servers on the same Domino system. While it is possible to add Sametime to an existing production Domino server, this configuration is not recommended. Instead, consider creating a new Domino server for running Sametime. The new Domino server can reside on the same system as your existing production server.

Users must access the Sametime server with a Web browser. IBM Lotus Notes

client access to the Sametime server home page (stcenter.nsf) or the Sametime Meeting Center database (stconf.nsf) is not supported. All other Sametime clients, including the Sametime Connect client, can be downloaded by end users from the Sametime server home page.

2 Sametime Administrators Guide

You can install more than one Sametime server in a Domino environment. Installing multiple Sametime servers provides several advantages related to load balancing and network usage and can enhance meeting and server performance. For more information, see Advantages of using multiple Sametime servers.

If you install multiple Sametime servers, the administrator has the option of clustering the Sametime servers. Clustering Sametime servers provides failover and load balancing capabilities, and can increase the reliability and scalability of Sametime. For more information, see Creating Sametime server clusters.

The Web-based Sametime Administration Tool is the recommended administration tool for the Sametime components of the Sametime server. The Sametime Administration Tool should be used for most administrative tasks. See Sametime Administration Tool for more information about tasks that are not performed with the Sametime Administration Tool.

Sametime basics This section introduces Sametime administrators to basic Sametime terms, concepts, and features that appear throughout this administrators guide. The terms, concepts, and features are grouped into four basic categories: v Collaborative activities and end-user features v Administration terms and features v Sametime clients v Sametime services

Collaborative activities and end-user features This section provides brief descriptions of Sametime collaborative activities and end-user features that are referred to throughout this administrators guide. Sametime administrators should be familiar with these terms. To learn more about these collaborative activities and features, you can experiment with the end-user features of Sametime. Online help for many of these features is also available from the Documentation link of the Sametime server home page.

The Sametime collaborative activities and end-user features include: v Presence v Chat v Meetings v Screen sharing v Shared whiteboard v Send Web Pages v Polling v Hand raise v Transfer files v Record and Playback (Recorded Meetings) v IP audio v IP video v Sametime server home page v Sametime Meeting Center v Breakout sessions

Chapter 1. Introduction to Sametime 3

Presence Presence refers to the ability of a user to detect when other users are online. A user can view a presence list in a Sametime client or application that displays the names of other online users. Presence is sometimes called awareness or online awareness.

A presence list (or contact list) is a starting point for immediate or instant collaboration. Presence lists in Sametime clients display the names of online users in bold green text. Instant messaging sessions and instant meetings can be started immediately from a contact list. A user simply double-clicks or right-clicks an online users name to send an instant message or start an instant meeting.

Contact lists are found in all Sametime clients. The Sametime Connect client includes a contact list that can display the names of all users in the community who are online. The Sametime Meeting Room client contains a Participant List that displays the names of all users attending a particular meeting.

A user logs in to the Community Services on the Sametime server to become present in the community or an online place (such as a Sametime meeting or Web site enabled with Sametime technology). The Community Services on the Sametime server support all presence functionality in Sametime.

Chat Sametime supports text-based chat and instant messaging. A chat session can consist of two (or more) users exchanging instant messages. Chat or instant messaging sessions can be initiated from any contact list in a Sametime client.

The Sametime Connect client includes a contact list from which instant messaging sessions can be started with any other member in the community who is online. Additional community members can be invited into instant messaging sessions to form group chat conferences.

The Sametime Meeting Room client contains a public chat area (called the Meeting Room chat tool) that enables all participants in a meeting to view and enter messages. All messages entered in the public chat area can be viewed by all participants in the meeting.

In addition to the Meeting Room chat tool, the Sametime Meeting Room client also includes a Participant List. The Participant List is a contact list from which one user can initiate a private chat session with another user in the meeting. The messages exchanged in the private chat session are seen by the users engaging in the chat session, but not by all participants in the meeting. The Meeting Room chat tool is the public chat tool in a meeting. The Participant List supports private chats in the meeting.

All instant messaging and chat activity is supported by Community Services on the Sametime server.

Meetings Sametime meetings are either instant or scheduled.

An instant meeting is started immediately from a presence list in any Sametime client. Whiteboard files cannot be saved during instant meetings. Instant meetings cannot be recorded.


A scheduled meeting is scheduled to start at a particular time and date. Scheduled meetings are created in advance in the Sametime Meeting Center application (stconf.nsf) on the Sametime server. Users access the Sametime Meeting Center application on the Sametime server with a Web browser at the scheduled meeting time to attend the meeting.

Note: You can create a meeting in the Sametime Meeting Center and enable the meeting to Start immediately. For clarity, such a meeting is considered a scheduled meeting. Any meeting started in the Sametime Meeting Center is a scheduled meeting. Any meeting started from a contact list is an instant meeting.

A collaborative session is a meeting if the Sametime Meeting Room client is launched. The Sametime Meeting Room client is launched for collaborative sessions that include any of the following activities: screen sharing, whiteboard, question and answer polling, send Web pages, Meeting Room chat, audio, and video. However, the Sametime Meeting Room client is not launched for chat-only sessions between users. A session that includes only instant messaging or a group chat conference does not require the use of the Sametime Meeting Room client.

The Meeting Services and the Community Services support the starting, stopping, and creation of meetings on the Sametime server. Components of the Sametime Meeting Room clients interact with the Meeting Services, Community Services, and Audio/Video Services when participating in Sametime meetings.

Breakout sessions Users who are attending a meeting see a list of all meeting participants in the Participant List component of the Meeting Room client. While the meeting is in progress, a user can start a breakout session with any user displayed in the Participant List.

A breakout session is an instant meeting that is started from the Participant List of a meeting that is currently active. To start a breakout session, the user selects the name of another meeting participant (or participants) from the Participant List and starts an instant meeting with that user. Other users can also be invited to this breakout session.

Breakout sessions have the following characteristics: v If a breakout session will include any collaborative activities other than chat

(such as whiteboard or screen sharing), the user must have permission to edit/share from the Meeting Moderator to start a breakout session. If the breakout session will use chat only, no permissions are necessary to start the breakout session.

v When the user starts a breakout session, the original meeting remains open in a browser window, and the user is still a participant in the original meeting. To return to the original meeting, the user leaves the instant meeting and selects the browser window that contains the active meeting.

v When a breakout session begins, it does not contain any information (such as a chat transcript or whiteboard file) from the original meeting.

v If both the original meeting and the breakout session include IP audio, the users voice is heard in both meetings. Users should mute their microphones in either the original meeting or the breakout session so that their voices are heard in only one meeting at a time. Users should also mute their speakers in one of the meetings if they do not want to hear audio from both meetings at once.


v If the original meeting includes IP audio and the breakout session includes IP video, the users video image is not seen in the breakout session until his or her microphone is muted in the original meeting. If a user was the last person to speak in the original meeting, the users video image continues to appear in the original meeting until someone else in the original meeting speaks.

Screen sharing Screen sharing is a Sametime collaborative activity that enables multiple users to work within a single application on one users computer. Geographically dispersed users in remote locations can collaborate within a single application to produce a document, spreadsheet, blueprint, or any other file generated from a Windows application. Screen sharing is sometimes also referred to as application sharing.

In a meeting that includes screen sharing, one end user uses the screen-sharing tool in the Sametime Meeting Room client to share a screen or application on the users local computer with other meeting participants in remote locations. The other meeting participants also use the screen-sharing tools of the Sametime Meeting Room client on their local computers to view and make changes to the shared screen or application. It is not necessary for the remote users to have the application that is being shared installed on their local systems. (The remote users share a single instance of the application that is running on only one meeting participants computer.)

Only one user at a time can be in control of the shared screen. Most users see the initials of the user who controls the shared screen beside the cursor. The person who is sharing the screen does not see the initials when someone else controls the shared screen. The person who is sharing the screen must view the Participant List details to confirm who controls the shared screen.

The administrator controls whether this collaborative activity is available for meetings on the Sametime server from the Configuration - Meeting Services - General tab of the Sametime Administration Tool.

Screen sharing is supported by T.120 components of the Meeting Services on the Sametime server. For more information about using this collaborative activity in a meeting, see the Sametime end-user online help.

Shared whiteboard The shared whiteboard is a Sametime collaborative activity that supports interactive presentations. A shared whiteboard presentation closely resembles a slide show.

In a whiteboard presentation, one participant presents images in the whiteboard tool of the Sametime Meeting Room client on the participants local computer. Remote meeting participants can view the images and annotate the images using the whiteboard tools in the Sametime Meeting Room clients running on their local computers.

Before images can be presented on the whiteboard, a file containing the images must be attached to the meeting. Users can attach files when creating meetings, and the Moderator can attach files before or during meetings. Files are automatically converted into the file type required for display in the whiteboard tool.

In some cases, the format of a file that is added to the Attachments dialog might not be properly preserved and the file might not display correctly during a


whiteboard meeting. In these cases, the IBM Lotus Sametime Print Capture utility provides an alternate method of creating a whiteboard file. The Sametime Print Capture operates much like a printer driver and enables end users to print output from any Windows application to the file format required by the whiteboard.

Note: Sametime servers that run on operating systems other than Windows only support whiteboard attachments created with the Sametime Print Capture utility. For more information on how to use the Sametime Print Capture utility, see the Sametime end-user help and the Sametime Print Capture help.

The shared whiteboard is supported by T.120 components of the Meeting Services on the Sametime server.

The administrator controls whether the shared whiteboard collaborative activity is available for meetings on the Sametime server by selecting a setting in the Configuration - Meeting Services - General tab of the Sametime Administration Tool. For more information about using the shared whiteboard collaborative activity in a meeting, see the Sametime end-user online help available from the Documentation link on the server home page.

Saving the whiteboard: During a meeting, the meeting Moderator can save a whiteboard file so that others can view it when the meeting is over. For example, if someone has presented a file on the whiteboard, and several participants have annotated the file, the Moderator can save the changed file.

The whiteboard file is saved on the Sametime server as an attachment to the Meeting Details document associated with the meeting. The whiteboard is saved in two file formats: RTF and SWB (Sametime whiteboard). The RTF file can be opened in most word processing or graphics applications for printing or viewing after the meeting has ended. The SWB file can be attached to future meetings and presented on the whiteboard during those meetings.

If the whiteboard is saved more than once during a meeting, only the most recently saved version is available from the Meeting Details document. The most recently saved version is available in both the RTF and SWB formats.

The administrator controls whether the Meeting Moderator is allowed to save the whiteboard from the Configuration - Meeting Services - General tab of the Sametime Administration Tool.

Send Web Pages Send Web Pages is a Sametime collaborative activity that enables a Meeting Moderator to send a Web page URL to all participants in a meeting, including audience members in broadcast meetings. When the Moderator sends a Web page URL to the meeting participants, a browser window opens on each participants screen and displays the Web page. If the Moderator sends an additional Web page URL to the meeting participants, the new Web page replaces the previous Web page in the Web browser window.

The Send Web Pages feature enables the Moderator to ensure that all meeting participants are looking at the same Web page. However, if the Meeting Moderator or any meeting participant clicks a link or scrolls the Web page, the other meeting participants do not see this activity occurring in the Web browser window on their


local machines. Each participant can explore the Web page, go to a different Web page, or close the window without affecting what other participants see in their browser windows.

The administrator controls whether this collaborative activity is available for meetings on the Sametime server from the Configuration - Meeting Services - General settings of the Sametime Administration Tool.

For more information about using the Send Web Pages feature in a meeting, see the Sametime end-user online help available from the Documentation link on the Sametime server home page.

Polling Polling is a Sametime collaborative activity that enables a Meeting Moderator to use polls (or ask questions) to gather feedback from meeting participants. For example, the Moderator might ask meeting participants to vote to approve or reject a proposal. Only the Moderator can send polls.

Note: During broadcast meetings, only presenters can respond to polls, but both presenters and audience members can view poll responses shared by the Moderator. During fully-interactive Sametime meetings, all meeting participants can respond to polls and view responses shared by the Moderator.

Participants responses to poll questions are tallied in the Moderators Poll Tab. The Moderator can keep the poll responses private, or share them with the other meeting participants.

When sending a poll, the Moderator can also: v Share the tallied responses with other participants - Normally, the Moderator is

the only person who sees poll responses. The Moderator can choose to share the tallied poll responses so that all participants see the responses in the Poll Tab of the Sametime Meeting Room client.

v Allow anonymous responses - By default, the Moderator can see each participants response to poll questions. (These individual responses cannot be shared with other meeting participants.) Because people often answer more freely when they know their identity will not be revealed, the Moderator can preserve participants privacy by allowing anonymous responses to poll questions. During Broadcast meetings, only presenters can respond to polls.

v Mark correct answers - The Moderator can specify correct answers for poll questions. When the Moderator shares the poll responses, participants can see if they answered the question correctly.

The administrator controls whether this collaborative activity is available for meetings on the Sametime server from the Configuration - Meeting Services - General tab of the Sametime Administration Tool.

For more information about using this collaborative activity in a meeting, see the Sametime end-user online help available from the Documentation link on the Sametime server home page.

Hand raise Hand raise is a collaborative activity that allows users to raise a hand at any time during a meeting. When users raise their hands, a hand icon appears next to their names in the Participant List.


A user might raise a hand to: v Ask for permission to edit/share or permission to speak. v Respond to a question or speak during the meeting. v Attract the Moderators attention.

The Moderator can lower raised hands at any time, or users can lower their own hands. Users do not need permission to edit/share or permission to speak to raise their hands.

Transfer files Transferring files is a Sametime collaborative activity that enables users to send a file to another user via a contact list in the Sametime Meeting Room or the Sametime Connect client. Users must transfer one file at a time to one person at a time. File transfers are automatically encrypted.

The administrator can enable or disable this feature. When you enable this feature, both authenticated and anonymous users can transfer files.

CAUTION: To protect against viruses that might be spread through file transfers, users should have current anti-virus software. The softwares real-time protection settings should be enabled and set to scan all files.

For more information about enabling, disabling, and setting size limits for file transfers, see Allow users to transfer files to each other.

Note: The file transfer feature does not work with Sametime Links. For more information about Sametime Links, see the the Sametime Directory and Database Access Toolkit documentation available from IBM DeveloperWorks (http://www.ibm.com/developerworks/lotus/products/instantmessaging/. Follow the link for Toolkits and Drivers.

Record and Playback (Recorded Meetings) Sametime includes a Record and Playback feature that enables a user to record meetings. When scheduling a meeting, the user selects a check box labeled Record this meeting so that others can replay it later to record the meeting.

When a user records a meeting, a Sametime Record and Playback (.RAP) file that contains a recorded version of the meeting is automatically saved as an attachment to the Meeting Details document when the meeting ends. Anyone who has access to the meeting can click a Replay the Meeting button on the Meeting Details document in the Sametime Meeting Center to play the recorded version of the meeting.

When the user clicks Replay the Meeting, a modified version of the Sametime Broadcast client Java applet starts in a Web browser window on the users machine and connects to the Broadcast Gateway component of the Sametime server. The Broadcast client is modified to include controls that enable the user to stop, pause, and resume the playback of recorded meeting files.

The following restrictions apply to recorded meetings: v Users cannot choose to record a meeting after the meeting begins; they must

select the Record this meeting... option when scheduling the meeting. v Users can only record a scheduled meeting; it is not possible to record an instant

meeting.


The administrator controls whether the Record and Playback feature is available for meetings on the Sametime server from the Configuration - Meeting Services - General tab of the Sametime Administration Tool.

If the administrator allows the Record and Playback feature to be available on the server, there are administrative tasks associated with managing the recorded meeting files. These tasks include: v Exporting (or saving) a recorded meeting v Deleting a recorded meeting v Replacing a recorded meeting with another recorded meeting file v Importing a recorded meeting file

See Managing recorded meetings (Record and Playback) for more information.

IP audio Interactive IP Audio is a Sametime collaborative activity that enables multiple (two or more) users to transmit and receive audio over an IP network.

In a meeting that includes interactive IP audio, the audio can operate in either the automatic microphone or the request microphone mode. The request microphone mode is the more controlled mode. Only one user can speak at a time and a user must request the microphone before speaking. The automatic microphone mode enables two users to speak simultaneously. In the automatic microphone mode, the person speaking is automatically detected by the Audio/Video Services on the Sametime server (it is not necessary to request the microphone before speaking). Automatic microphone mode offers a more natural form of conversation but provides less control.

The end user uses the audio tool of the Sametime Meeting Room client when participating in a meeting that includes IP audio. This tool contains microphone and speaker volume controls and mute features, and a button that allows users to configure the audio and video preferences on their computers. For more information about the end-user aspects of the IP Audio collaborative activity, see the Sametime end-user online help.

The term interactive IP audio refers to the technology that enables all participants in a meeting to both transmit and receive IP audio packets on the network. In an interactive IP audio meeting, one user transmits a stream of audio packets to the server and the server disseminates this stream to all other meeting participants. This one-to-many form of communication is sometimes called multipoint audio.

The term broadcast IP audio refers to the streaming technology that enables a large group of users (or audience members) to receive the audio from a meeting but not transmit audio to other users in a meeting.

IP audio is supported by the Audio/Video Services on the Sametime server. Broadcast IP audio is supported by the Audio/Video Services and the Broadcast Services on the Sametime server.

IP video Interactive IP video is a Sametime collaborative activity that enables multiple users to transmit and receive video packets over an IP network.

In a meeting that includes interactive IP video, the video follows the audio. The video component of the Sametime Meeting Room client includes a Remote and


Local video window. The Remote window displays images from the camera of the person who is speaking and the Local window displays the image from a users local camera.

Sametime does not support video-only meetings. A meeting that includes IP video must also include IP audio. For more information about the end-user aspects of this collaborative activity, see the Sametime end-user online help.

The term interactive IP video refers to the technology that enables all participants in a meeting to both transmit and receive IP video packets on the network. In an interactive IP video meeting, one user transmits a stream of video packets to the server and the server disseminates this stream to all other meeting participants. This one-to-many form of communication is sometimes called multipoint video.

The term broadcast IP video refers to the streaming technology that enables a large group of users (or audience members) to receive video but not transmit it.

Interactive IP video is supported by the Audio/Video Services on the Sametime server. Broadcast IP video is supported by the Audio/Video Services and the Broadcast Services on the Sametime server.

Sametime server home page (stcenter.nsf) The Sametime server home page is an HTML page that exists in the Sametime Center database (stcenter.nsf). The Sametime server home page can only be accessed by a Web browser and is the end-user entry point to the Sametime server.

After installing the Sametime server on the Domino server, you must set stcenter.nsf as the Home URL for the server. To do this, open the Server document for the Domino server that includes Sametime, select the Internet Protocols tab, select the HTTP tab, and enter stcenter.nsf in the Home URL field of the Mapping section of the Server document.

As the user entry point to the Sametime server, the Sametime server home page contains links to the following important Sametime entities: v Sametime Meeting Center v Sametime Connect client (includes clients that can be downloaded) v Self-registration feature v Sametime Administration Tool v End-user documentation v Sametime Developers Web site

Sametime Meeting Center (stconf.nsf) The Sametime Meeting Center is an application (a Lotus Notes database named stconf.nsf) on the Sametime server that is accessed by a Web browser. This application is a central meeting place for members of the Sametime community. From the Sametime Meeting Center, you can schedule a meeting, start a meeting immediately, attend a meeting, and view information about scheduled and finished meetings.

Users access the Sametime Meeting Center database by clicking Attend a Meeting or Schedule a Meeting on the Sametime server home page.

Note: All scheduled meetings in Sametime are created in the Sametime Meeting Center. A user who starts an instant meeting from a contact list does not access the Sametime Meeting Center.


Anonymous access is allowed to the Sametime Meeting Center database by default. With anonymous access, users are not required to authenticate when accessing the Sametime Meeting Center. For more information about the implications of anonymous access to the Sametime Meeting Center, see Anonymous Access Settings for Community Services.

Sametime administration terms and features This section provides brief descriptions of general Sametime administration terms that appear throughout this administrators guide. Sametime administrators should be familiar with these terms and features. Issues and administrative procedures associated with these terms are discussed in greater detail in subsequent chapters and topics of this administrators guide.

Some basic Sametime administration terms and features include: v Sametime server v Sametime Administration Tool v Community v Domino Directory v LDAP directory v Self-registration v Connectivity (firewall and proxy support) v Broadcast v Monitoring and logging v Security v SIP Gateway and SIP Connector v Reverse proxy and portal server support v Chat logging v Sametime server clusters v Name Conversion Utility v StdebugTool.exe Utility

Sametime server The term Sametime server is used throughout the documentation to refer to a server that has both Sametime and Domino installed.

Sametime Administration Tool The Sametime Administration Tool is an HTML and XML based application that runs in a Web browser. You open the Sametime Administration Tool by clicking Administer the Server on the Sametime server home page. The Sametime Administration Tool is the primary administration tool for the Sametime server. For more information about the Sametime Administration Tool, see Overview of the Sametime Administration Tool features.

During the Sametime installation, one user is specified as the administrator of the Sametime server. This administrator has access to the Sametime Administration Tool and all of its administrative features. The administrator specified during the installation can provide other administrators with access to the Sametime Administration Tool as needed.

The Sametime Administration Tool should be used to perform all administrative procedures on the Sametime server with the following exceptions:


v Replication and creation of new Lotus Notes databases - If a Sametime procedure requires you to replicate a database or create a new database, you must use a Lotus Notes or Domino Administrator client. The Sametime Administration Tool does not provide the functionality required to create one-time replicas (replica stubs) or other new databases, or set up replication schedules.

v Managing LDAP users - If you have configured Sametime to operate as a client to an LDAP server, you cannot use the Sametime Administration Tool to add or delete users in the LDAP directory on the LDAP server. Use the software provided with the LDAP server for management of the LDAP directory.

Note: Although you cannot use the Sametime Administration Tool to manage users in an LDAP directory on a third-party server, you must use the Sametime Administration Tool to configure the Sametime server to access the LDAP directory on the third-party LDAP server.

v Setting up Secure Sockets Layer (SSL) on the Sametime server - If you want to configure the Sametime server so that all Web browser clients use the SSL protocol when connecting to the Sametime server, you must use a Lotus Notes client or the Domino Administrator client to set up SSL on the server.

v Enabling a SIP gateway and deploying a SIP Connector - If you want to allow users in your Sametime community to communicate with users in other instant messaging communities that support the SIP/SIMPLE protocol, you must use a Lotus Notes client to enable the Session Initiation Protocol (SIP) Gateway.

v Implementing chat logging - The chat logging feature can capture all chat conversations that occur on the Sametime server, including instant messages, chat conferences (chats involving more than two people), and Meeting Room chats. For more information about chat logging, see the Sametime Directory and Database Access Toolkit documentation available from IBM DeveloperWorks (http://www.ibm.com/developerworks/lotus/products/instantmessaging/. Follow the link for Toolkits and Drivers.

v Creating Community Services clusters - A Community Services cluster consists of multiple Sametime servers configured to operate together, providing failover and load balancing for the Sametime instant messaging and presence functionality. For more information see Overview of Community Services clustering.

v Starting or stopping Sametime services - You must use the Services settings in the Windows NT Control Panel or Windows 2000 Administrative Tools to start or stop a Sametime service.

Community The Sametime community refers to all users that have Web browser access to a Sametime server (or servers) and all Sametime servers that support those users. The Sametime community can be maintained in the Domino Directory on the Sametime Server or in an LDAP Directory on a third-party LDAP-compliant server.

Specifically, the Sametime community can be described as follows: v A shared directory, or set of directories, that lists the people and groups of the

community v One or more Sametime servers that each have access to the shared directory or

set of directories

For information on integrating multiple Sametime servers into a single community, see Deploying multiple Sametime servers.


Domino Directory The Sametime server uses the Domino Directory of the Domino server on which Sametime is installed.

The Domino Directory is a database that serves as a central repository for information about Sametime users (or members of the Sametime community). The Domino Directory contains a separate Person document for each Sametime user. The Person document contains the User Name and Internet password required for authentication with the Sametime server. The Person document also contains a Sametime server field that is used to specify a users home Sametime server. The home Sametime server is the Sametime server a user connects to when logging in to the Community Services for presence and chat activity.

The Domino Directory also contains Group documents that hold lists of users that perform similar tasks. Group documents also define the Public Groups that end users can add to the Sametime Connect client presence list.

Other information stored in the Domino Directory includes server configuration information in the Server document, database configuration settings, and Access Control Lists (ACLs).

Person and Group documents, and ACLs within the Domino Directory, can be accessed from the Sametime Administration Tool.

Sametime administrators have the option of using the Domino Directory for user management or configuring Sametime to connect to an LDAP directory on an LDAP server for user management.

To maintain current information about users, groups, and servers in the Sametime community, the Community Services must receive periodic updates from the Domino Directory.

For more information about the Domino Directory, see Managing the Domino Directory.

LDAP directory The administrator can configure the Sametime server to connect to a Lightweight Directory Access Protocol (LDAP) server. This capability enables an administrator to integrate Sametime into an environment in which LDAP servers and LDAP directories are already deployed.

When Sametime is configured to connect to an LDAP server, the Sametime server searches and authenticates user names against entries in the LDAP directory on the third-party LDAP server. The LDAP directory replaces the Domino Directory as the user repository in the community. The community is defined by the users in the LDAP directory.

Sametime can access LDAP directories on multiple LDAP servers.

For more information, see Using LDAP with the Sametime server.

Self-registration The Sametime server includes a self-registration feature. This feature allows an end user to create a Person document that contains a User Name and Internet password in the Domino Directory on the Sametime server.


Date post:	16-Mar-2018
Category:	Documents
Upload:	trankhuong
View:	240 times
Download:	1 times

Sametime Administrator's Guidefile/sthelpad.pdf · ® Sametime Administrator’s Guide Version 7.0...

Documents