S1: Setting up the Tivoli Access Manager server 

The next step is to configure the Tivoli Access Manager (TAM) server for use with Lotus Connections. Complete instructions are available in the Lotus Connections Information Center at:

http://publib.boulder.ibm.com/infocenter/ltscnnct/v2r0/topic/com.ibm.connections.25.help/t_secure_with_tam.html

Ensure that all configuration steps are completed before continuing. For the purposes of this deployment scenario, it is assumed that the TAM server is already configured.
The focus of this article is to describe the changes made to the Lotus Connections and WebSphere Application Server side of this configuration.

Prior to setting up the TAM junction, you must share the following information with the TAM server from the Lotus Connection side (discussed in the information link above).

1. LTPA Token – This is the same token that was previously shared with Lotus Quickr to enable single-sign on between both products.
2. Import the IBM HTTP Server certificate into the TAM keystore.

After these two items have been configured correctly, Lotus Connections is accessible via the TAM junction. For example:

http://tamserver.example.com/
However, before starting Connections and attempting to log in via this URL, there are some changes required to be made to the LotusConnections-config.xml file. The updated access URLs need to be reflected in this configuration file so that the Connections UI does not redirect users back to the HTTP Server.

You can use a text editor to open this configuration file. LotusConnections-config.xml is located on the deployment manager in the following directory. It is recommended that you back up this file before proceeding.

C:\IBM\WebSphere\AppServer\profiles\Dmgr01\config\cells\pvtdubvm1Cell01\LotusConnections-config

This time, for each component within this file, you must update the href and ssl_href properties to that of the TAM server URL. Do not change the interservice href and leave it to that of the Web server as shown in this example:




Note that the three bootstrap entries should not be modified from their previous values.

After these changes are made, save this file. The nodes are now resynchronized to ensure these changes are propagated to the individual nodes.

As Lotus Quickr administrator, you should also make sure that the TAM server is configured with the Quickr server. For details, see the Lotus Quickr 8.1.1 information center at: http://publib.boulder.ibm.com/infocenter/lqkrhelp/v8r0/topic/com.ibm.lotus.quickr.admin.wpv81.doc/ecm/ic_ecm_c_sso_tam.html

After TAM enablement is complete and the necessary modifications are made on the Connections and Quickr configurations, you should restart all servers in the configuration.

Go to the next topic: S1: Scenario environment S1: Prerequisites S1: Configuration diagrams S1: Machine details S1: Installing Lotus Connections in a network scenario S1: Starting Lotus Connections S1: Integrating Lotus Connections with Lotus Quickr for WebSphere Portal S1: Setting up the Tivoli Access Manager server S1: Supporting Lotus Quickr authenticated feeds in Communities S1: Troubleshooting Table of Contents: Lotus Connections 2.5 network deployment scenario