361 Lotus blogs updated hourly. Who will post next? Home | Downloads | Events | Pods | Blogs | Search | myPL | About 
 
Latest 7 Posts
Cannot edit Media Manager policies due to incomplete xml data in DB2
Tue, Nov 25th 2014 45
“System version is null” on new IBM Sametime Video Manager installation
Mon, Oct 20th 2014 129
CCM/FileNet search index fails in IBM Connections 4.5 due to special character
Mon, Sep 22nd 2014 85
Sametime 9 business cards revisited and beaten!
Thu, Aug 21st 2014 88
Stproxyconfig.xml is overwritten with incorrect APNs port and changed when applying an update
Fri, Aug 15th 2014 96
Solution for Sametime connection issue with iNotes when SSL is used
Thu, Jun 26th 2014 87
The importance of Java and Cognos with IBM Connections
Tue, Mar 25th 2014 44
Top 10
“System version is null” on new IBM Sametime Video Manager installation
Mon, Oct 20th 2014 129
Stproxyconfig.xml is overwritten with incorrect APNs port and changed when applying an update
Fri, Aug 15th 2014 96
Audio and video not woriking in a web browser due to LtpaToken “undefined”
Mon, Feb 17th 2014 94
IBM Sametime 9 Video Manager ignores host file
Thu, Jan 2nd 2014 91
IBM Installation Manager cannot find a supported browser
Fri, Aug 10th 2012 90
Sametime 9 business cards revisited and beaten!
Thu, Aug 21st 2014 88
Solution for Sametime connection issue with iNotes when SSL is used
Thu, Jun 26th 2014 87
CCM/FileNet search index fails in IBM Connections 4.5 due to special character
Mon, Sep 22nd 2014 85
CWPKI0662E error when importing certificate into Sametime Gateway
Fri, Dec 21st 2012 78
SIP SDP problems with Lync and Sametime Gateway
Fri, Aug 16th 2013 71


Portal to Sametime – SSO & LTPAToken issue
collaborationben    

I had a customer get in touch with me about a problem they were having when trying to start Sametime Classic meetings from IBM WebSphere Portal. They have a link in Portal to a load balancer which then directed HTTP traffic to one of two Sametime Classic Meeting servers.

When logging into Portal and selecting the link a browser would launch and the user would be logged into STCenter.nsf via SSO. When scheduling a meeting the Meeting Room Client (MRC) would load but as soon as the MRC tries to connect to Sametime Community services (chat) an error appears on the user’s screen.

I took this into a development environment and replicated the behaviour. After enabling debugging on the Sametime server I saw the following output in the stusers*.txt

101117_095933.869,INF,Users   ,VpUsrAuthenticate::handleCheckUser: authenticating user with loginName=CN=Ben Williams/O=ACME by a single token
101117_095933.869,FTL,LDAP Aut,authenticating user by tokens
101117_095933.869,INF,LDAP Aut,Starting auth by tokens for [CN=Ben Williams/O=ACME] in org[]
101117_095933.869,FTL,LDAP Aut,checking LDAP format….
101117_095933.884,FTL,LDAP Aut,token verification failed. [4098]
101117_095933.884,INF,LDAP Aut,AuthTokenContext::authenticateBeforeDirSearch verifyTokenAndExtractUserId failed with reason 4098
101117_095933.884,FTL,LDAP Aut,AuthContext::start: authenticateBeforeDirSearch failed with reason 4098
101117_095933.884,INF,Users   ,VpUsrAuthenticate::checkedUser: VpUsrAuthenticate: bad login

I added debug_sso_trace_level=7 and Websess_verbose_Trace=1 to the Notes.ini but again nothing showed apart from when the browser opened STCenter.nsf, so on the Domino side of things SSO is working as expected.

Looking at the Java console output in the web browser when the MRC loaded I noticed “reverse proxy support disabled and detected” appear a few times. I observed this in the customer’s production environment and not in development so I ignored it which turned out to be a red herring.

It got me thinking about a problem I had with Sametime 8.0.2 and an LTPA parsing issue which produced similar errors although not exactly the same. That problem was fixed with a Sametime hot fix and was included in later versions of Sametime so it couldn’t be the same but must be along the same lines.

I exported the LTPAToken from the Portal deployment manager (DM) and imported it back into the Domino web SSO configuration document and restarted but this didn’t resolve the problem.

I then took more time looking at the Portal DM and noticed that Interoperability Mode was enabled which means that LTPAToken and LTPAToken2 are created.

Looking at the web SSO configuration document it was set to LTPAToken only.

After changing it to LTPAToken and LTPAToken2 and restarting things started working and users could now schedule and start meetings.




---------------------
http://collaborationben.com/2010/12/06/portal-to-sametime-sso-ltpatoken2-issue/
Dec 06, 2010
69 hits



Recent Blog Posts
45


Cannot edit Media Manager policies due to incomplete xml data in DB2
Tue, Nov 25th 2014 11:10a   Ben Williams
I had a few problems with a customer’s deployment of Sametime 9 which probably come down to deployment plans and the order of the servers being installed. During installation I had problems detailed in “System version is null” on new IBM Sametime Video Manager installation which forced me to uninstall the VMGR and install again with a new deployment plan. The outcome of this was that I could not administer the default policies nor create new Media Manager policies in the SSC, I saw the [read] Keywords: admin agent connections ibm policies sametime application applications citrix database db2 password server sql xml
129


“System version is null” on new IBM Sametime Video Manager installation
Mon, Oct 20th 2014 3:11p   Ben Williams
I am installing Sametime 9 for a customer but had a prickly moment after installing the VMGR on RHEL 6.5. After installing I couldn’t access the VMGR from the SSC, it was registered, I couldn’t get access to the SIP peer and other details. Looking in the VMGR SystemOut.log I saw the following: [10/13/14 12:24:02:709 BST] 000000a0 APIAuthorizat I com.polycom.proximo.api.support.servlet.APIAuthorizationFilter passLicensingTest API Licensing: rejecting request; API is not licensed and n [read] Keywords: connections ibm lotus notes notes client sametime java linux
85


CCM/FileNet search index fails in IBM Connections 4.5 due to special character
Mon, Sep 22nd 2014 6:11a   Ben Williams
The customer told me that his search index never completed correctly when Connections was initially deployed and now users are complaining that search results do not contain CCM documents. The customer had tried recreating the index but to no avail and called me to take a look. I first enabled trace on one of the infrastructure nodes (*=info: com.ibm.connections.search.index.indexing.*=all: com.ibm.connections.search.seedlist.*=all: com.ibm.connections.httpClient.*=all: com.ibm.connections.searc [read] Keywords: connections ibm ldd lotus applications community interface java password security server websphere wiki xml
88


Sametime 9 business cards revisited and beaten!
Thu, Aug 21st 2014 3:16p   Ben Williams
Over the years I have always struggled to get to grips with business cards and particularly photos mainly because I do it for a customer, forget about it and then have to do it again six months later. I have a Sametime 9 build coming up and I wanted to revisit business cards and for once write a conclusive guide which I have decided to share in case it helps anyone else out there. Note – I have not looked at (yet) the mobile applications and how business cards and photos are obtained from [read] Keywords: acl admin administration collaboration connections domino ibm ldd lotus notes notes client roaming sametime application applications centos community database email java linux mobile office password server xml
96


Stproxyconfig.xml is overwritten with incorrect APNs port and changed when applying an update
Fri, Aug 15th 2014 6:11a   Ben Williams
I have seen this problem a couple of years ago but didn’t follow it up with IBM through a PMR. For another customer I found the following happened after I applied the latest Sametime Proxy 8.5.2.1 (STProxy) patch available on Fix Central. After applying the update the stproxyconfig.xml was changed and the bespoke values that were previously there removed. This was odd in itself but after applying the values again through the SSC the values sticked. The values that were removed are as follo [read] Keywords: ibm sametime apple server xml
87


Solution for Sametime connection issue with iNotes when SSL is used
Thu, Jun 26th 2014 6:10a   Ben Williams
Yesterday I moved a customers single Sametime 8.0.2 server to a new 8.5.2.1 server. The planning and execution went well apart for pesky iNotes integration with STLinks. The customer isn’t huge so going Sametime 9 with SSC and DB2 really didn’t warrant increased consultancy and support costs and certainly not a Sametime Proxy. Anyway, the problem I had (which wasn’t happening with 8.0.2) was that in IE awareness wouldn’t appear. The buddy list would load and show users ad [read] Keywords: domino ibm inotes lotus notes sametime community db2 firefox integration java server




44


The importance of Java and Cognos with IBM Connections
Tue, Mar 25th 2014 12:10p   Ben Williams
During an install of Connections 4.5 I came across a problem when Configuring the IBMConnectionsMetricsAdmin role on Cognos which required me to disable anonymous access in the Cognos Configuration tool (Local Configuration -> Security -> Authentication -> Cognos to set Allow anonymous access? -> False) and save. On saving I was getting the following error in the client. I had previously applied 10.1.1 FP001 and believed something had happened during the upgrade. Googling came up wi [read] Keywords: connections ibm ldd lotus application centos java password security server vm websphere xml
94


Audio and video not woriking in a web browser due to LtpaToken “undefined”
Mon, Feb 17th 2014 9:10a   Ben Williams
When testing audio and video via a web browser of mobile phone I would see the following error in a browser when trying to use audio and video in a meeting. Using the thick client worked. Looking at the SIP Proxy Registrars SystemOut.log I saw the following exceptions. [2/11/14 18:08:43:660 GMT] 000000a7 LdapPasswordS I LdapPasswordServer  CWSCT0359I: Hashed Credential attributes not found. [2/11/14 18:08:43:661 GMT] 000000a7 SIPDigestServ E SIPDigestService  CWSCT0340E: Error – cannot [read] Keywords: agent ibm sametime application community development mobile password security server
62


Sametime audio and video failing due to business cards
Tue, Feb 4th 2014 5:09a   Ben Williams
We all know that LDAP is the biggest threat to Sametime, don’t we? Are we all aware of how that impacts audio and video through business cards? Well, a customer logged a problem yesterday after audio and video failed on their 8.5.2.1 infrastructure. What made this more difficult to troubleshoot was the fact that last week and we had other problems relating to audio and video which was “taken out” after a network change the weekend prior. With last weeks problem clouding my judg [read] Keywords: collaboration ibm sametime community email java network server xml
91


IBM Sametime 9 Video Manager ignores host file
Thu, Jan 2nd 2014 6:11a   Ben Williams
During the build of an internal Sametime 9 environment I came across problems with video calls via a meeting room, point-to-point was fine. I was getting the error “The call was not completed due to a dialling error. AVKCS2200E: Failure response 403 received in response to invitation to CN=Ben Williams, O=collaborationben. Reason is: Unspecified Dial Failure.” I’ll explain how I have it set up. As this is all run on a bulky VMWare server at home I use hosts files to control DN [read] Keywords: admin calendaring ibm lotus sametime password security server vmware websphere




Created and Maintained by Yancy Lent - About - Blog Submission - Suggestions - Change Log - Blog Widget - Advertising - Mobile Edition