Creating a communities global administratorAdded by IBM on March 15, 2012 | Version 1 (Original)
|To integrate IBM® Lotus® Sametime® with IBM Connections you must create a dedicated communities global administrator with access to all communities, public or restricted.
To integrate IBM
® with IBM
Connections you must create a dedicated communities global administrator with access to all communities, public or restricted.
About this task
A communities global administrator can access all communities with rights to view and update community settings, members, invitations, bookmarks and feeds. Those rights are sufficient for Sametime
integration, but you must also add the administrator login and password credentials to the Sametime
Advanced server so that you can connect on their behalf to list all of the communities. See IBM Connections Communities and Sametime Advanced Server Integration
You only need to perform these steps once. However, you can change who the global administrator is at any time.
- Find or create a user who will be dedicated to administering content, and add them to the Communities J2EE admin role. See Roles.
- Start the wsadmin client by completing the following steps:
- Open a command prompt, and then change to the following directory of the system on which you installed the deployment manager:
is the WebSphere Application Server installation directory and <dm_profile_root>
is the Deployment Manager profile directory, typically dmgr01. For example, on Windows:
You must run the following command to start the wsadmin client from this specific directory because the Jython files for the product are stored here. If you try to start the client from a different directory, then the execfile() command that you subsequently call to initialize the administration environment for an IBM
Connections component does not work correctly.
- Enter the following command to start the wsadmin client:
- AIX or Linux:
./wsadmin.sh -lang jython -user <admin_user_id> -password <admin_password> -port <SOAP_CONNECTOR_ADDRESS Port>
- Microsoft Windows:
wsadmin -lang jython -user <admin_user_id> -password <admin_password> -port <SOAP_CONNECTOR_ADDRESS Port>
Access and check out the Communities configuration files:
- <admin_user_id> is the user name of a person in the Administrator role on the IBM WebSphere® Application Server.
- <admin_password> is the password of the WebSphere Application Server administrator.
- <SOAP_CONNECTOR_ADDRESS Port> is the SOAP port for the WebSphere Application Server. The default value of the SOAP port is 8879. If you are using the default port value, you do not need to specify this parameter. If you are not using the default and you do not know the port number, you can look up its value in the WebSphere Application Server Integrated Solution Console. To look up the SOAP port number, perform the following steps:
- Open the WebSphere Application Server Integrated Solution Console for the deployment manager, and then select System Administration -> Deployment Manager.
- In the Additional properties section expand Ports, and then look for the SOAP_CONNECTOR_ADDRESS port entry to find the port number.
- AIX or Linux:
./wsadmin.sh -lang jython -username primaryAdmin -password p@assword -port 8879
- Microsoft Windows:
wsadmin -lang jython -username primaryAdmin -password p@assword -port 8879
From the temporary directory to which you just checked out the IBM Connections configuration files, open the communities-policy.xml file in a text editor.
Make sure the file contains the following grant statement. If not, copy and paste it into the section containing grant statements.
- Use the following command to access the Communities configuration files:
If prompted to specify a service to connect to, type 1 to pick the first node in the list. Most commands can run on any node. If the command writes or reads information to or from a file using a local file path, you must pick the node where the file is stored.
- Check out the Communities configuration files using the following command:
- <working_directory> is the temporary working directory to which the configuration XML and XSD files are copied. The files are kept in this working directory while you make changes to them.
Note: AIX and Linux only: The directory must grant write permissions or the command will not run successfully.
- <cell_name> is the name of the WebSphere Application Server cell hosting the IBM Connections application. This argument is required. If you do not know the cell name, you can determine it by typing the following command in the wsadmin command processor:
Save your changes to the communities-policy.xml file.
Check in the updated file using the following wsadmin client command:
<comm:principal class="com.ibm.tango.auth.principal.Role" name="admin" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityManagementPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityMembershipPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityAccessPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityReferencePermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityBroadcastPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityInvitePermission" communityType="*" action="*" />
To exit the wsadmin client, type exit at the prompt.
Stop and restart the server hosting the Communities application.
Parent topic: Configuring the Sametime Advanced server
Profiles Administration API
Configuring the Sametime Advanced server