Administering community contentAdded by IBM on February 11, 2013 | Version 1 (Original)
|You can create a dedicated administrator with access to all communities, public or restricted. This administrator has granular control over communities content, including the ability to edit or remove inappropriate content. This administrator is also required for IBM® Lotus® Sametime® integration with IBM Connections.
About this task
Global communities administrators can access all communities with rights to view and update community settings, members, invitations, bookmarks and feeds; however, within restricted communities the global administrator cannot view and manage remote widget applications, such as Activities, Blogs, Ideation Blogs, Files, Forums, and Wikis. To manage content in remote widget applications, you add the communities global administrator to the J2EE admin role for all of these applications. See Assigning people to J2EE roles
for detailed information. After communities global administrator is in the admin role for those applications, she can manage content in any of them, whether the applications are standalone or remote widgets in a community.
You can use search to find private communities, but you must add the global administrator to the search-admin role of the Search application. Use the Public Communities
view to find public and moderated communities.
Global administrators cannot add or remove widgets from communities by default. They must log into the community as the global administrator, and then add themselves as a community member with Owner access.
The global administrator role is not supported on mobile devices. Global administrators must use a supported browser.
- Find or create a user who will be dedicated to administering content, and add them to the J2EE admin role of Communities, Activities, Blogs, Files, Forums, and Wikis. Also add them to the search-admin role of Search. See Roles.
In the following steps, we will ensure that the communities-config.xml file contains the "admin" block of grant statements and is not commented out.
- Start the wsadmin client by completing the following steps:
- Open a command prompt, and then change to the following directory of the system on which you installed the deployment manager:
is the WebSphere Application Server installation directory and dm_profile_root
is the Deployment Manager profile directory, typically dmgr01. For example, on Windows:
You must run the following command to start the wsadmin client from this specific directory because the Jython files for the product are stored here. If you try to start the client from a different directory, then the execfile() command that you subsequently call to initialize the administration environment for an IBM
Connections component does not work correctly.
- Enter the following command to start the wsadmin client:
- AIX or Linux:
./wsadmin.sh -lang jython -user admin_user_id -password admin_password -port SOAP_CONNECTOR_ADDRESS_PORT
- Microsoft Windows:
wsadmin -lang jython -user admin_user_id -password admin_password -port SOAP_CONNECTOR_ADDRESS_PORT
Access and check out the Communities configuration files:
- admin_user_id is the user name of a person in the Administrator role on the IBM WebSphere® Application Server.
- admin_password is the password of the WebSphere Application Server administrator.
- SOAP_CONNECTOR_ADDRESS_PORT is the SOAP port for the WebSphere Application Server deployment manager server. The default value of the SOAP port is 8879. If you are using the default port value, you do not need to specify this parameter. If you are not using the default and you do not know the port number, you can look up its value in the WebSphere Application Server Integrated Solution Console. To look up the SOAP port number, perform the following steps:
- Open the WebSphere Application Server Integrated Solution Console for the deployment manager, and then select System Administration -> Deployment Manager.
- In the Additional properties section expand Ports, and then look for the SOAP_CONNECTOR_ADDRESS port entry to find the port number.
- AIX or Linux:
./wsadmin.sh -lang jython -username primaryAdmin -password p@assword -port 8879
- Microsoft Windows:
wsadmin -lang jython -username primaryAdmin -password p@assword -port 8879
From the temporary directory to which you just checked out the IBM Connections configuration files, open the communities-policy.xml file in a text editor.
Make sure the file contains the following grant statement, and that it is not "commented out" (disabled).
- Use the following command to access the Communities configuration files:
If prompted to specify a service to connect to, type 1 to pick the first node in the list. Most commands can run on any node. If the command writes or reads information to or from a file using a local file path, you must pick the node where the file is stored.
- Check out the Communities configuration files using the following command:
- working_directory is the temporary working directory to which the configuration XML and XSD files are copied. The files are kept in this working directory while you make changes to them.
Note: AIX and Linux only: The directory must grant write permissions or the command will not run successfully.
- cell_name is the name of the WebSphere Application Server cell hosting the IBM Connections application. This argument is required. If you do not know the cell name, you can determine it by typing the following command in the wsadmin command processor:
Save your changes to the communities-policy.xml file.
Check in the updated file using the following wsadmin client command:
<comm:principal class="com.ibm.tango.auth.principal.Role" name="admin" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityManagementPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityMembershipPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityAccessPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityReferencePermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityBroadcastPermission" communityType="*" action="*" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityInvitePermission" communityType="*" action="*" />
To exit the wsadmin client, type exit at the prompt.
Stop and restart the server hosting the Communities application.
When the global administrator specified in the various J2EE roles logs in to Communities, she should be able to view and edit all communities and community resources.
Parent topic: Administering application content
Managing community content
Adding owners and members to a community
Assigning people to J2EE roles
Configuring the Sametime Advanced server
Administering application content