Plan And Prepare Your Environment For Filenet P8 47371v

parameter is appended to the server URL. This convention applies to both Content Engine and Process Engine client applications. Applying a patch or an Content Platform Engine server software affects all tenants simultaneously. In other words, you cannot patch or upgrade just a single tenant. Each tenant has a single database connection. The tenant GCD database, and all object stores and isolated regions, use this shared database connection. The service provider designates what database each tenant uses. A tenant can be configured to use the same database as either the master domain or another tenant, but the recommended configuration is for each tenant to use a separate database. In cloud-based scenarios, the cloud provider defines the authentication scheme, which typically is some type of federated identity management. The cloud provider sets the AuthenticationRealmName property of each tenant domain; Content Platform Engine then ensures that only s who have been authenticated against the tenant's WebSphere realm can access resources within that tenant domain. Each tenant could be configured to replicate its s and groups into a cloud-based directory for use by the tenant domain for authorization purposes.

10

Planning for FileNet P8

It is recommended to use email address as the NameAttribute for the directory configuration in the master domain. Doing so avoids a conflict in which a in a tenant domain might have the same name as a in the master domain; neither would be able to . In a multiple domain scenario, Content Platform Engine must use WebSphere Application Server. Multiple domains are ed only for new installations and not for upgrades. In addition, for a multiple domain configuration is currently limited to custom applications. At time of writing, IBM client applications that use Content Platform Engine as their foundation (such as IBM Content Navigator and IBM Case Manager) do not a multiple domain configuration. For custom applications, for a multiple domain configuration is limited to applications that use the Content Engine and Process Engine Java APIs. Custom applications that were written using some other interface (such as IBM CMIS or Process Engine REST Service) are not ed in a multiple domain configuration. Also note that, in the multiple domain model, there is no mechanism to partition processing resources (such as memory, U cycles, threads, and database connections) so as to prevent one tenant from using a disproportionate amount of resources. Because of this, multiple domain configurations are primarily suited for more narrow applications where the solution does not expose the full capabilities of the Content Engine and Process Engine APIs. For most customers with a need to multiple business units, hosting multiple virtualized P8 domains on shared hardware is the preferred approach. This approach does provide the ability to limit the resources used by any tenant, and is therefore more appropriate for most customers who want to share hardware resources across multiple applications.

Definition of installation roles The installation tasks and the rows in the Installation and Upgrade Worksheet are organized by istrative roles. Your organization might have different roles, and some of the responsibilities of listed roles will vary from those assigned by default in this documentation.

Installation v Runs FileNet P8 installation programs during initial setup. v Runs Configuration Manager during initial setup, followed by starting IBM istration Console for Content Platform Engine. v Runs FileNet P8 upgrade programs during upgrades. v Abbreviated as IA®. Responsible for coordinating the information described in this worksheet. The information itself will require the input from the other roles. The role of IA is usually filled by an IBM FileNet Certified Professional (F).

Information technology v Responsible for the networking and operating systems settings required by FileNet P8. v Responsible for performing certain security configurations. v Abbreviated as ITA. Responsible for providing the information in the rows in the Installation and Upgrade Worksheet with a value of ITA in the Role column.

Planning and preparing for FileNet P8 installation

11

Security v Responsible for configuring the directory servers required by FileNet P8 components. v Creates and maintains directory server and group s. v Abbreviated as SA. Responsible for providing the information in the rows in the Installation and Upgrade Worksheet with a value of SA in the Role column.

Database v Creates, configures, maintains database installations and database or table spaces. v Responsible for creating database s needed by FileNet P8. v For purposes of this documentation, the database is expected to have responsibilities regarding the JDBC data sources. v Abbreviated as DBA. Responsible for providing the information in the rows in the Installation and Upgrade Worksheet with a value of DBA in the Role column.

Application server v Responsible for providing the application servers required by FileNet P8. v Responsible for application server istrative s. v Abbreviated as ASA. Responsible for providing the information in the rows in the Installation and Upgrade Worksheet with a value of ASA in the Role column.

FileNet P8 v This role designation refers to the or s who perform regular maintenance of Content Platform Engine. v The who logs on to IBM istration Console for Content Platform Engine by using the gcd_ or an object_store_ is considered a FileNet P8 . v Abbreviated as P8A. Responsible for providing the information in the rows of the Installation and Upgrade Worksheet with a value of P8A in the Role column. Related concepts: “Using the installation and upgrade worksheet” on page 13 The Installation and Upgrade Worksheet is a Microsoft Excel spreadsheet (p8_worksheet.xls). The worksheet describes the properties and parameters required to complete FileNet P8 installation, upgrade, and configuration programs, and provides a way to record the values you assign to these properties and parameters. “IT installation tasks” on page 15 The Information Technology must prepare the network and operating systems, and carry out certain security configurations to prepare your environment for FileNet P8. “Security installation tasks” on page 45 The Security must prepare the security environment for the FileNet P8 platform, including planning the security environment, configuring the directory server, and creating s. “Database installation tasks” on page 70 The database must prepare the databases that are required for FileNet P8, which includes gathering information about data sources, creating databases and database s.

12


“Application Server installation tasks” on page 95 The Application Server must prepare the application servers for FileNet P8, including planning deployment, creating istrative s, and configuring JDBC drivers for Content Platform Engine.

Using the installation and upgrade worksheet The Installation and Upgrade Worksheet is a Microsoft Excel spreadsheet (p8_worksheet.xls). The worksheet describes the properties and parameters required to complete FileNet P8 installation, upgrade, and configuration programs, and provides a way to record the values you assign to these properties and parameters. s who are preparing the environment for installation or upgrade of FileNet P8 components must use the worksheet during their preparation tasks to record the appropriate values and provide them to the Installation who runs the installation or upgrade programs. Some of the features of the Installation and Upgrade Worksheet are: v Instructions: describes the worksheet and includes a button that runs the Customize Worksheet macro. v The two highlighted columns, Property or Parameter and ENTER YOUR VALUE HERE, provide the simplest view of the requirement. The others add identifying information and help you sort and filter the rows usefully. v The Role column assigns each row to an and uses the following acronyms: – IA: Installation – ITA: Information Technology – ASA: Application Server – DBA: Database – SA: Security – P8A: FileNet P8 v Property definitions are contained in the column titled Description. v Some rows, though not all, contain a hyperlink in the IC help link column. Click this hyperlink to run a query against the online documentation, which opens with the Search Results pane showing the topics that contain the words in the query phrase. Browse the search results until you have enough information to be able to enter a value in the Worksheet row. “Running the Customize Worksheet macro” The Customize Worksheet macro lets you extract only those rows that describe your environment. “Autofiltering and sorting the Worksheet” on page 14 There are several ways to organize the Worksheet to make finding properties and entering values easier.

Running the Customize Worksheet macro The Customize Worksheet macro lets you extract only those rows that describe your environment. Important: For of the full range of built-in filter and macro features, use Microsoft Excel to view the Installation and Upgrade Worksheet file. You can use other spreadsheet programs to view the file; however, filter and macro can


13

vary. For example, in Calc from OpenOffice.Org, the column filters work as expected, but the Customize Worksheet button does not. To run the Customize Worksheet macro: 1. Open the Installation and Upgrade Worksheet (p8_worksheet.xls) and click the Instructions worksheet (also called a tab). 2. Scroll down until you see the button representing the Customize Worksheet macro. Click the button. 3. Select the components and options that describe the environment you are preparing for FileNet P8. v Installation or Upgrade v FileNet P8 Components v Application Server type v Operating system v Database type v Directory Server type v Number of object stores (adds new sets of rows for creating additional data sources) v Name of customized sheet 4. Click OK. The macro copies the rows that fulfill your selection criteria into a new worksheet with the name you entered. Enter the values for your environment into this new worksheet. 5. Click the name of the new worksheet at the bottom of the Excel window. Add your preparation values into this new worksheet. 6. Notice that the new worksheet has buttons at the top titled Show Installer View and Show Full View, depending on its state. The Show Installer View displays only those columns that you need while running installation or configuration programs.

Autofiltering and sorting the Worksheet There are several ways to organize the Worksheet to make finding properties and entering values easier. AutoFiltering is a quick way to display only those rows that meet a certain criterion. To use AutoFilter: 1. Make sure AutoFiltering is enabled. (Select the entire row with the column headers, then click Data > Filter > Autofilter.) AutoFilter arrows will appear to the right of the column labels. 2. Click the AutoFilter arrow in the Installation or Configuration Program column header and select the program you are interested in (for example, E installer). 3. For a custom AutoFilter, click the AutoFilter arrow in any column header, select Custom, and use the dialog box to define a filter that will show rows that meet your criteria. 4. To turn off AutoFiltering in a column, click the column AutoFilter arrow and select (All). 5. To reorder rows alphabetically, do a Sort: a. Click anywhere in a column, for example, Column A Role.

14


The only possible values in the Role column are ASA, SA, DBA, ITA, and P8A. Sorting on Role therefore groups the rows by this attribute, in alphabetic order. Several other columns also have a limited number of possible values which means they can be usefully sorted. b. Click the Sort Ascending icon in the Excel toolbar, or use the Data > Sort menu command. The rows sort on Role. Sorting the Worksheet reassigns row numbers. If you refer to rows by number, be aware that row numbers change if you change the sort order.

Performing the required installation preparation tasks To efficiently carry out the required installation preparation tasks, you must assign your staff to carry out the tasks that are organized by istrative role. Some tasks require input that results from other preparation tasks performed by other roles. While performing the tasks, record results in the Installation and Upgrade Worksheet. See the “Using the installation and upgrade worksheet” on page 13 topic for details. To prepare the IBM FileNet P8 environment, perform the tasks assigned to the following roles. “IT installation tasks” The Information Technology must prepare the network and operating systems, and carry out certain security configurations to prepare your environment for FileNet P8. “Security installation tasks” on page 45 The Security must prepare the security environment for the FileNet P8 platform, including planning the security environment, configuring the directory server, and creating s. “Database installation tasks” on page 70 The database must prepare the databases that are required for FileNet P8, which includes gathering information about data sources, creating databases and database s. “Application Server installation tasks” on page 95 The Application Server must prepare the application servers for FileNet P8, including planning deployment, creating istrative s, and configuring JDBC drivers for Content Platform Engine.

IT installation tasks The Information Technology must prepare the network and operating systems, and carry out certain security configurations to prepare your environment for FileNet P8. v Review all rows assigned to the IT (ITA) in the “Using the installation and upgrade worksheet” on page 13. While you complete the following preparation tasks, provide values for the rows that are appropriate to your installation. Tip: With the Data > Filter > AutoFilter command enabled, as it is by default in the worksheet file (p8_worksheet.xls), perform the following actions to quickly see only the properties assigned to a particular role: –

Click the AutoFilter drop-down arrow in the Role column header and select ITA.


15

–

Further filter the result set by clicking the AutoFilter drop-down arrow in any of the other columns and selecting a value or clear a filter by selecting All. v If you are installing in a non-English environment, review Preparing non-English environments for installing FileNet P8 before you begin your preparation tasks. “Creating Content Platform Engine operating system s” You must create several operating system s. “Creating Application Engine or Workplace XT s” on page 22 Several operating system s are needed to install and deploy Application Engine or Workplace XT. “Preparing for IBM Content Search Services” on page 25 If you are installing IBM Content Search Services, you must do some things to get ready. “Configuring AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris” on page 28 The FileNet P8 system components require some specific configuration settings on the machines where you install them. “Configuring Microsoft Windows” on page 33 Perform certain operating system procedures on all Windows-based servers where you will install FileNet P8. “Configuring the network” on page 34 You must perform certain configurations on the network before installing FileNet P8 platform. “Storage area options for object stores” on page 35 An object store has several options for storage areas. You need to determine the appropriate types of storage areas for your requirements. “Advantages of advanced storage areas” on page 36 Advanced storage areas offer several advantages over other types of storage areas. “Replication models for advanced storage areas” on page 37 If you use advanced storage areas for your object stores, you need to choose a replication model that best suits your storage requirements. “Preparing advanced storage areas” on page 39 Before you create an advanced storage area, you need to complete the following planning-related actions: “Preparing file servers for file storage areas” on page 40 To prepare for file storage, you must configure file servers for file storage areas, configure a remote access protocol, and prepare the file servers where file storage areas are to be located. “Using IBM data collection tools” on page 44 The IBM data collection tools can help you troubleshoot problems with your installed IBM FileNet P8 products by collecting and analyzing problem-related diagnostic data.

Creating Content Platform Engine operating system s You must create several operating system s. s are referred to in documentation in the following ways: v

16


By a display name; for example, Database Name. An 's display name is how the FileNet P8 interface, such as a setup program or dialog box, refers to the . Many s have both a display name and a variable.

v

By a variable designator; for example e_db_, using lower-cased italics and underscores. The variable is intended to show that you must designate your own to act in the role described by the variable. The variable is the unique identifier for a particular .

If you see a reference to an that you do not understand, search the documentation for that reference. “Creating the Content Platform Engine application server installation ” An operating system you used to install the Content Platform Engine application server. “Creating the Content Platform Engine application server installation group” on page 18 An operating system group to which several Content Platform Engine s must belong. “Creating Content Platform Engine installer ” on page 19 An operating system you use to install Content Platform Engine. “Creating Content Platform Engine operating system ” on page 19 The you use to create and configure the shared root directory of a file storage area or content cache area. “Creating Configuration Manager ” on page 20 An operating system you use to run Configuration Manager. “Creating the Content Platform Engine for DB2 for Linux, UNIX and Windows” on page 21 An operating system on the database server that Content Platform Engine uses to access DB2 for Linux, UNIX and Windows. “Creating the Content Platform Engine for DB2 for z/OS” on page 21 An operating system that Content Platform Engine uses to connect to DB2 for z/OS® databases containing the GCD and object stores. “Creating the Content Platform Engine instance s for DB2 for z/OS” on page 22 Operating system and database and group s that Content Platform Engine uses to connect to DB2 for z/OS. Creating the Content Platform Engine application server installation : An operating system you used to install the Content Platform Engine application server. 1. Create the following operating system : Content Platform Engine application server installation Unique identifier e_appserver_install_ Description The e_appserver_install_ is needed during the installation process to perform the following tasks: v Create and configure the application server/domain/profile for Content Platform Engine. v Start or stop the application server instance when needed. If you are prompted for credentials (which might happen if WebSphere Global security is enabled or if WebLogic is in Planning and preparing for FileNet P8 installation

17

Production Mode), in the credentials of the appserver_ or appserver_console_. See those entries for more information. v Modify the application server files or directories as needed for deploying Content Platform Engine using the Configuration Manager tool. v Provide create, read and write permissions for directories on devices or drives that are used for external Content Platform Engine file storage. e_appserver_install_ must belong to the e_appserver_install_group. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_appserver_install_.

Creating the Content Platform Engine application server installation group: An operating system group to which several Content Platform Engine s must belong. 1. Create the following operating system : Content Platform Engine application server installation group Unique identifier e_appserver_install_group Description An operating system group . You will be instructed to grant certain permissions to this group during Content Platform Engine installation and configuration. The s in e_appserver_install_group will perform the following tasks: v Give operating system privileges to the directories used for Content Platform Engine installation and for the application server's instance/domain/profile. v Configure and deploy the Content Platform Engine EAR files which require access to the application server's instance/domain/profile directories. v Have permissions on devices/drives to read and write that are designated for external Content Platform Engine file storage. Minimum required permissions Use your local machine's istrative tools to add the following s to this group: v e_appserver_install_ v e_install_ v config_mgr_ 2.

18


Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_appserver_install_group.

Creating Content Platform Engine installer : An operating system you use to install Content Platform Engine. 1. If installing Content Platform Engine on Windows, create the following operating system : Content Platform Engine installer (Windows) Unique identifier e_install_ Description An operating system used to run the Content Platform Engine installation program. Minimum required permissions Use Windows istrative tools to add e_install_ to the Local s group and to the e_appserver_install_group. 2. If installing Content Platform Engine on AIX®, Solaris, HPUX, HPUXi, Linux, Linux on System z®, create the following operating system Content Platform Engine installer (AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris) Unique identifier e_install_ Description An operating system used to run the Content Platform Engine installation program. Minimum required permissions Use your istrative tools to grant e_install_ at least the following permissions: v Read, write, and execute permissions to the device or location where: – Content Platform Engine is to be installed. – The application server instance/domain/profile has been installed. v Write permission to the directories where you create file storage areas, index areas, and content caches. v Write permission on the /tmp directory. v hip in the e_appserver_install_group. 3.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_install_.

Creating Content Platform Engine operating system : The you use to create and configure the shared root directory of a file storage area or content cache area. 1. Create the following operating system : Content Platform Engine operating system Unique identifier e_os_


19

Description An operating system you must log on as to create and configure the shared root directory of a file storage area or content cache area. The operating system who logs on to the Content Platform Engine server and starts the local application server process is the that must be used to secure the folders and files in a file storage area. From a practical standpoint, the that is used to install the application server should be the same that is used to start the application server process. As an , you will always using the same e_os_ to secure the folders and files in the file system that Content Platform Engine will use for a file storage area. Minimum required permissions Windows For Windows-based Content Platform Engine and file storage areas, e_os_ must reside in the same Windows domain or in trusted Windows domains as the servers that host Content Platform Engine and the file storage area. For Windows-based file storage areas and using WebSphere: you must set the WebSphere service to logon as the e_os_. AIX, HPUX, HPUXi, Linux, Linux for System z, Solaris For AIX, HPUX, HPUXi,Linux, Linux for System z, or Solaris-based Content Platform Engine and file storage areas, configuring security requires the use of NFS. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_os_.

Creating Configuration Manager : An operating system you use to run Configuration Manager. 1. Create the following operating system : Configuration Manager Unique identifier config_mgr_ Description An operating system you will use to run Configuration Manager. Minimum required permissions config_mgr_ must belong to the e_appserver_install_group. (Windows only) Using Active Directory tools, add config_mgr_ to either the Power® s group or the Local s group. At several points in the installation process you will be instructed to grant additional permissions to config_mgr_, including the following permissions:

20


v Execute permission to the Configuration Manager executable file, configmgr.exe (Windows) or configmgr.sh (AIX, HPUX, HPUXi, Linux, Linux for System z, Solaris). v Read and write permission to the directory where Configuration Manager will create the configuration XML files. For example: – the directory you specify using the optional -path parameter when you run Configuration Manager. – the default directory, ce_install_path/tools/configure/ profiles, if you do not specify a path parameter. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of config_mgr_.

Creating the Content Platform Engine for DB2 for Linux, UNIX and Windows: An operating system on the database server that Content Platform Engine uses to access DB2 for Linux, UNIX and Windows. 1. Create the following operating system : : The name length is restricted to no more than eight characters. Content Platform Engine database (DB2 for Linux, UNIX and Windows) Unique identifier e_db_ Description This is granted database permissions for Content Platform Engine access to the DB2 database. Separate s can be used for each object store, but are not required. Additional database-specific permissions must be added by the DBA. Minimum required permissions Access to the DB2 for Linux, UNIX and Windows GCD database and each object store database. See the DBA section for the database permissions required by this . 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_db_.

Creating the Content Platform Engine for DB2 for z/OS: An operating system that Content Platform Engine uses to connect to DB2 for z/OS databases containing the GCD and object stores. 1. Create the following operating system : Content Platform Engine database (DB2 for z/OS) Unique identifier edb Description Planning and preparing for FileNet P8 installation

21

Operating system s on the database server. Use one for the GCD (for example, edb1) and one for object stores (for example, edb2). DB2 for z/OS does not allow underscores in names. Minimum required permissions The DBA grants this permissions for Content Platform Engine access to the DB2 database. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of edb.

Creating the Content Platform Engine instance s for DB2 for z/OS: Operating system and database and group s that Content Platform Engine uses to connect to DB2 for z/OS. 1. Create the following operating system : Instance owner and instance owner primary group (DB2 for z/OS) Unique identifiers e_db_db2_ instanceowner and e_db_db2_group Description Operating system and group that must exist on the database server. The e_db_db2_ instanceowner will create databases and set a number of configuration parameters. Minimum required permissions The DBA grants these s permissions for Content Platform Engine access to DB2 for z/OS. 2.


Creating Application Engine or Workplace XT s Several operating system s are needed to install and deploy Application Engine or Workplace XT. s are referred to in documentation in the following ways: v


v


If you see a reference to an that you do not understand, search the documentation for that reference. Create the following s and groups. All IBM FileNet Workplace s, as well as s for other client applications and expansion products that use Content Platform Engine or Application Engine, must have s.

22


“Creating the Application Engine or Workplace XT installer ” An operating system that you use to run the installation program for Application Engine or Workplace XT. “Creating the Application Engine or Workplace XT deployment ” on page 25 Creating the Application Engine or Workplace XT installer : An operating system that you use to run the installation program for Application Engine or Workplace XT. 1. Create the following operating system : Application Engine or Workplace XT installer (Windows) Unique identifier ae_install_ or wpxt_install_ Description The operating system you will use to log on to a Windows machine and launch the Application Engine or Workplace XT installation program. Minimum required permissions This must be a Windows Local or a with equivalent permissions. If the P8TASKMAN_HOME environment variable exists, you must grant read and write permission to the ../Common Files/taskmaninstances.xml file. The default location for Common Files for Windows: C:\Program Files\IBM\FileNet\ Common Files. The installer (ae_install_ or wpxt_install_) must be granted read/write/execute permission to these directories and files: Installation paths (ae_install_path or wpxt_install_path) Grant ae_install_ read and write permission to the ae_install_path. Grant wpxt_install_ read and write permission to the wpxt_install_path. WebSphere Application Server WAS_HOME/profiles/default/installedApps/ node_name/app_engine_war.ear/app_engine.war WAS_HOME/profiles/default/config/cells/ machine_name/Node01cell/nodes/machine_name/ Node01/serverindex.xml WebLogic WL_HOME\server\bin/startWLS.sh or start WLS.cmd Oracle\Middleware\_projects\domains\ domain_name/config/config.xml JBoss

JBOSS_HOME/bin/run.sh or run.bat


23

JBOSS_HOME/server/default/conf/config.xml (on both Content Platform Engine and Application Engine servers) Installation paths (BPMClient_directory) Grant ae_install_ read and write permission to the BPMClient_directory. Grant wpxt_install_ read and write permission to the BPMClient_directory. Default BPMClient directory (Windows): c:\Program Files\IBM\FileNet\BPMClient Application Engine or Workplace XT installer (AIX, HPUX, Linux, Solaris) Unique identifier ae_install_ or wpxt_install_ Description The operating you will use to log on to a AIX, HPUX, Linux, or Solaris machine and launch the Application Engine or Workplace XT installation program. Minimum required permissions If the P8TASKMAN_HOME environment variable exists, you must grant read and write permission to the ../Common Files/taskmaninstances.xml file. The default location for Common Files: /opt/IBM/FileNet/CommonFiles. The installer (ae_install_ or wpxt_install_) must be granted read/write/execute permission to these directories and files: Installation paths (ae_install_path or wpxt_install_path) Grant ae_install_ read and write permission to the ae_install_path. Grant wpxt_install_ read and write permission to the wpxt_install_path. WebSphere Application Server WAS_HOME/profiles/default/installedApps/ node_name/app_engine_war.ear/app_engine.war WAS_HOME/profiles/default/config/cells/ machine_name/Node01cell/nodes/machine_name/ Node01/serverindex.xml WebLogic WL_Home/server/bin/startWLS.sh or start WLS.cmd Oracle/Middleware/_projects/domains/ domain_name/config/config.xml JBoss

JBOSS_home/bin/run.sh or run.bat JBOSS_home/server/default/conf/config.xml (on both Content Platform Engine and Application Engine servers)

24


Installation paths (BPMClient_directory) Grant ae_install_ read and write permission to the BPMClient_directory. Grant wpxt_install_ read and write permission to the BPMClient_directory. Default BPMClient directory (AIX, HPUX, Linux, Solaris): /opt/IBM/FileNet/BPMClient 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of ae_install_ or wpxt_install_.

Creating the Application Engine or Workplace XT deployment : 1. Create the following operating system : Application Engine or Workplace XT deployment Unique identifier ae_deploy_ or wpxt_deploy_ Description This will have permissions to deploy an application. It can be the same as the Application Engine or Workplace XT installer . Minimum required permissions The deployment (ae_deploy_ or wpxt_deploy_) must be granted read/write/execute permission to these directories and files: WebSphere Application Server WAS_HOME/profiles/default/installedApps/node_name/ app_engine_war.ear/app_engine.war WAS_HOME/profiles/default/config/cells/ machine_name/Node01cell/nodes/machine_name/Node01/ serverindex.xml WebLogic 10.x WL_Home/wlserver_10.3/server/bin/startWLS.sh or start WLS.cmd WL_Home/_projects/domains/domain_name/config/ config.xml JBoss

JBOSS_home/bin/run.sh or run.bat JBOSS_home/server/default/conf/-config.xml (on both Content Platform Engine and Application Engine servers)

2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of ae_deploy_ or wpxt_deploy_.

Preparing for IBM Content Search Services If you are installing IBM Content Search Services, you must do some things to get ready.


25

Important: It is a best practice for Content Platform Engine storage areas and IBM Content Search Services full-text indexes to not share the same root directory, disk, or volume. Otherwise, disk I/O contention will cause degraded performance. “Creating IBM Content Search Services s” If you are installing IBM Content Search Services, you must create new IBM Content Search Services s. “Choosing a load balancing method for IBM Content Search Services servers” on page 27 To optimize indexing and search performance, you need to decide on a method to balance the load among the IBM Content Search Services servers. “Choosing a standby index area activation policy for IBM Content Search Services” on page 28 To maintain a uniform distribution of input/output among the disks used for searching and indexing, you need to keep a steady number of open index areas. Creating IBM Content Search Services s: If you are installing IBM Content Search Services, you must create new IBM Content Search Services s. s are referred to in documentation in the following ways: v


v


If you see a reference to an that you do not understand, search the documentation for that reference. “Creating the IBM Content Search Services operating system ” The operating system that you use to start and stop the IBM Content Search Services software. “Creating the IBM Content Search Services installer ” on page 27 An operating system you use to install IBM Content Search Services. Creating the IBM Content Search Services operating system : The operating system that you use to start and stop the IBM Content Search Services software. 1. Use your operating system tools to create the following operating system on the IBM Content Search Services server: IBM Content Search Services operating system Unique identifier css_os_ Description Use this to run the IBM Content Search Services startup and shutdown commands. Minimum required permissions This must be an operating system with rights to

26


run the IBM Content Search Services startup and shutdown commands. By default, the css_install_ can also run these commands. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of css_os_.

Creating the IBM Content Search Services installer : An operating system you use to install IBM Content Search Services. 1. Use your operating system tools to create the following operating system : IBM Content Search Services installer Unique identifier css_install_ Description Run the IBM Content Search Services installation program using this . Minimum required permissions On Windows, this must be a Windows Local or a with equivalent permissions. Read/write/execute permission to the css_install_path. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of css_install_.

Choosing a load balancing method for IBM Content Search Services servers: To optimize indexing and search performance, you need to decide on a method to balance the load among the IBM Content Search Services servers. By default Content Platform Engine uses a built-in load-balancing algorithm to assign IBM Content Search Services servers to indexes according to the indexing workload of the servers. The assignments are based on the number of index servers and the resources that are available to each server. If you want to override this built-in algorithm, you can use istration Console for Content Platform Engine to create affinity groups and manually dedicate IBM Content Search Services servers to specific index areas. An affinity group is a group of one or more servers that are dedicated to one or more index areas. A server that is a member of an affinity group can serve only index areas that are assigned to that affinity group and that belong to the same site as the server. A server that is not a member of an affinity group can serve only index areas that do not belong to an affinity group and belong to the same site as the server. With an affinity group, the can limit the load balancing for an index area to the servers that are of the group. These servers do the indexing and searching of full-text indexes. All servers in the group must have equal access to the root directory of the index area. The affinity group should include servers that can do indexing and searching. The affinity group improves performance because you can index your data on a disk that is local to IBM Content Search Services. The downside is that Content Planning and preparing for FileNet P8 installation

27

Platform Engine cannot provide failover. If the local disk that hosts the index area fails, all indexing and search requests to that index area fail. To avoid the possibility of a single point of failure for an affinity group, do not store full-text index data on local (non-shared) disks. Instead, store your index data on shared disks with data redundancy, as described in “IBM Content Search Services distributed installation scenario” on page 8. If you must use local disks, be sure to implement data redundancy by using a high availability strategy for failover of the IBM Content Search Services server and the disks, provided by Veritas, Microsoft Cluster Server, or IBM PowerHA®. Choosing a standby index area activation policy for IBM Content Search Services: To maintain a uniform distribution of input/output among the disks used for searching and indexing, you need to keep a steady number of open index areas. To maintain a constant number of index areas in open state, Content Platform Engine needs to open a standby index area as soon as any other index area becomes full. If no standby index areas are available, then Content Platform Engine logs a warning. To implement this policy, the Content Platform Engine needs to create some standby index areas in advance and assign a priority to each one. Content Platform Engine uses the priority to determine which standby index area to open when another index area becomes full. The also uses the priority to decide on the storage that is allocated to the index area and to create a backup policy. By default, the priority of each index area is zero, the highest priority.

Configuring AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris The FileNet P8 system components require some specific configuration settings on the machines where you install them. “Configuring AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris for FileNet P8 servers (all components)” on page 29 When configuring AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris, ensure the hosts file contents, ensure the minimum required disk and temp space, and determine your port requirements. “Configuring Content Platform Engine servers (AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris)” on page 29 If Content Platform Engine is configured for full-text indexing, video transcription, or thumbnail generation, then before you start the Content Platform Engine installation on AIX, Linux, Solaris, or Linux on System z, you must ensure that the fsize and nofiles parameters are set to their unlimited value. “Configuring IBM Content Search Services servers (AIX, Linux, Linux on System z, Solaris)” on page 30 Before you start the IBM Content Search Services installation on AIX, Linux, Solaris, or Linux on System z, you must ensure that certain ulimit settings are set to their unlimited value.

28


“Configuring Application Engine (Solaris)” on page 32 When Solaris starts up, it takes the first several ports, called anon ports, to use for its communication daemons. “Configuring Application Engine or Workplace XT servers (Linux)” on page 33 To configure Linux-based servers for Application Engine or Workplace XT, you must ensure that Linux libraries are installed. Configuring AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris for FileNet P8 servers (all components): When configuring AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris, ensure the hosts file contents, ensure the minimum required disk and temp space, and determine your port requirements. To configure AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris for FileNet P8 servers: 1. Ensure hosts file contents. On each FileNet P8 server that does not use DNS (Domain Name Service) or NIS (Network Information Service), the /etc/hosts file must contain the name and Internet Protocol (IP) address of all servers it will communicate with, including the remote database server, if applicable. 2. Ensure minimum required disk space and temp space for installation. See IBM FileNet P8 system requirements. 3. Determine port requirements. Consult with the application server, database, and FileNet P8 s to determine port requirements for all the servers in your installation environment. 4. If you intend to install FileNet P8 components interactively, ensure that each FileNet P8 server running on AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris uses the X Window system. If you are going to install components from a remote machine, that the remote machine has an X Window terminal emulator. If you will use a Windows client to connect to the AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris server to install, either set the DISPLAY environment variable to the null (blank) value, or start X Window on the server before you begin the silent installation or uninstallation procedure. 5. For Red Hat Linux 5.x or higher, change the security setting before installation. Red Hat Enterprise Linux versions 5.x or higher have a security feature that can cause errors during installation. For details on resolving the issue before you install, see System requirements: Hardware and software requirements for IBM FileNet P8. Search for the term SELinux. Configuring Content Platform Engine servers (AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris): If Content Platform Engine is configured for full-text indexing, video transcription, or thumbnail generation, then before you start the Content Platform Engine installation on AIX, Linux, Solaris, or Linux on System z, you must ensure that the fsize and nofiles parameters are set to their unlimited value. The fsize parameter controls the maximum file size; the nofiles parameter controls the maximum number of open files per process. To ensure that the values of fsize and nofiles are set to their unlimited value: 1. Run the following command to check the value of the fsize parameter: ulimit -f


29

If the parameter value is already unlimited (-1), continue at step 3. 2. Open for editing one of the following files, which contain the fsize parameter. Set the parameter value to -1, and save your edit. Table 1. Name of the file to be edited Operating System

File name

AIX

/etc/security/limits

Solaris, Linux, HP-UX, HP-UXi, and Linux on System z

/etc/security/limits.conf

3. Run the following command to check the value of the nofiles parameter: ulimit -n

The value of nofiles is unlimited if it is one of the following values, depending on your operating system: Table 2. Unlimited value Operating system

Unlimited value

AIX and Solaris

-1

HP-UX, HP-UXi, Linux, and Linux on System z

65536

If the value is already unlimited, continue at step 5. 4. Open for editing (if it is not already open) one of the following files, which contain the nofiles parameter. Set the parameter to its unlimited value, and save your edit. Table 3. Name of the file to be edited Operating system

File name

AIX


Solaris, Linux, HP-UX, HP-UXi, and Linux on System z


5. Log out of the current session. If you changed the value of fsize or nofiles, log back in for the changes to take effect. Configuring IBM Content Search Services servers (AIX, Linux, Linux on System z, Solaris): Before you start the IBM Content Search Services installation on AIX, Linux, Solaris, or Linux on System z, you must ensure that certain ulimit settings are set to their unlimited value. The IBM Content Search Services installation startup script checks the ulimit value of the fsize and nofiles parameters. The fsize parameter controls the maximum file size; the nofiles parameter controls the maximum number of open files per process. If the values are not set to unlimited, the startup script attempts to change them to unlimited. If the startup script cannot change the value to unlimited, a warning is generated. The ulimit value for the rss parameter (which controls the maximum resident set size) and for the maximum size of virtual memory must also be set to unlimited. (The installation startup script does not check these values.)

30


To ensure that the values of fsize, nofiles, rss, and virtual memory are set to their unlimited value: 1. Run the following command to check the value of the fsize parameter: ulimit -f

If the parameter value is already unlimited (-1), continue at step 3. 2. Open for editing one of the following files, which contains the fsize parameter. Set the parameter value to -1, and save your edit. Table 4. Name of the file to be edited Operating System

File name

AIX


Solaris, Linux, and Linux on System z


3. Run the following command to check the value of the nofiles parameter: ulimit -n

The value of nofiles is unlimited if it is one of the following values, depending on your operating system: Table 5. Unlimited value Operating system

Unlimited value

AIX and Solaris

-1

Linux and Linux on System z

65536

If the value is already unlimited, continue at step 9 on page 32. 4. Open for editing (if it is not already open) one of the following files, which contains the nofiles parameter. Set the parameter to its unlimited value, and save your edit. Table 6. Name of the file to be edited Operating system

File name

AIX




5. Run the following command to check the value of the rss parameter: ulimit -m

The value of rss is unlimited if it is one of the following values, depending on your operating system: Table 7. Unlimited value Operating system

Unlimited value

AIX and Solaris

-1


65536

If the value is already unlimited, continue at step 9 on page 32. 6. Open for editing (if it is not already open) one of the following files, which contains the rss parameter. Set the parameter to its unlimited value, and save your edit.


31

Table 8. Name of the file to be edited Operating system

File name

AIX




7. Run the following command to check the value for the maximum size of virtual memory: ulimit -v

The value for the maximum size of virtual memory is unlimited if it is one of the following values, depending on your operating system: Table 9. Unlimited value Operating system

Unlimited value

AIX and Solaris

-1


65536

If the value is already unlimited, continue at step 9. 8. Run the following command to set the value for the maximum size of virtual memory to unlimited: Table 10. Command to set unlimited value Operating system

Command

AIX and Solaris

ulimit –v -1


ulimit –v 65536

9. Log out of the current session. If you changed any of the ulimit values, log back in for the changes to take effect. Configuring Application Engine (Solaris): When Solaris starts up, it takes the first several ports, called anon ports, to use for its communication daemons. By default, the maximum t_smallest_anon_port is 32768. FileNet P8 uses several ports higher than 32768. To use these ports on Solaris-based systems, you must first enable the ports by setting the smallest anon port to 32778. By doing so, the ports used by Solaris communication daemons will be 32778 or greater, leaving 32777 available for FileNet P8 use. The Solaris platform provides several different tools, such as the netstat command, to determine if a port is in use. 1. Determine the current t_smallest_anon_port setting. From the command line, enter the following command: ndd -get /dev/t t_smallest_anon_port 2. Enable port 32777. If the port returned in the step above is less than 32778, you must enable port 32777. Edit the /lib/svc/method/net-init file. Add the following line before the exit 0 entry at the bottom of the file: ndd -set /dev/t t_smallest_anon_port 32778

32


3. Reboot the Application Engine server to force the release of ports required by the Application Engine that might be in use by the operating system. Failure to reboot after these changes are made can result in the port being unavailable, generating OpenSocket errors. Configuring Application Engine or Workplace XT servers (Linux): To configure Linux-based servers for Application Engine or Workplace XT, you must ensure that Linux libraries are installed. To install Application Engine or Workplace XT on Linux, several legacy libraries are required. You must install the compat-libstdc++ packages on your Red Hat system before beginning your install of Application Engine or Workplace XT.

Configuring Microsoft Windows Perform certain operating system procedures on all Windows-based servers where you will install FileNet P8. “Configuring Windows for FileNet P8 servers” To configure Windows for FileNet P8 servers, ensure the minimum disk and temporary space and determine the port requirements. “Configuring Windows for .NET and COM compatibility clients” Microsoft .NET Framework is a prerequisite for installing .NET API Clients and COM Compatibility clients. Some clients might also require the installation of Microsoft Web Services Enhancements (WSE). “Configuring Windows for Content Platform Engine on Active Directory” on page 34 If Windows Active Directory is your directory service, set the primary DNS server IP address on your Content Platform Engine machine to the IP address of the machine where DNS is installed. “Adding inbound rules to the Windows 2008 firewall” on page 34 Configure inbound rules in the Windows 2008 firewall to allow the following ports access. Configuring Windows for FileNet P8 servers: To configure Windows for FileNet P8 servers, ensure the minimum disk and temporary space and determine the port requirements. To configure Windows for FileNet P8 servers: v Ensure minimum required disk space and temporary space for installation. See the IBM FileNet P8 system requirements web page. v Determine port requirements. Consult with the application server, database, and FileNet P8 s to determine port requirements for all the servers in your installation environment. Also see the FileNet P8 ports section of the Planning and preparing for IBM FileNet P8 documentation. v If you intend to deploy Content Platform Engine on a Windows Server 2008 host that is configured with Simplified Chinese, the host must have an English name. Configuring Windows for .NET and COM compatibility clients: Microsoft .NET Framework is a prerequisite for installing .NET API Clients and COM Compatibility clients. Some clients might also require the installation of Microsoft Web Services Enhancements (WSE). To configure Windows for .NET and COM compatibility clients: Planning and preparing for FileNet P8 installation

33

1. If you have client programs that use Windows Communication Foundation (WCF) to access Content Platform Engine, ensure that .NET 3.x is installed. WCF is embedded with .NET 3.x or later and requires an SSL secured network connection to Content Platform Engine. 2. Backward compatibility is provided for client programs that use Web Services Enhancements (WSE) to access Content Platform Engine. These clients require the installation of .NET 2.x and WSE 3.0. Configuring Windows for Content Platform Engine on Active Directory: If Windows Active Directory is your directory service, set the primary DNS server IP address on your Content Platform Engine machine to the IP address of the machine where DNS is installed. Adding inbound rules to the Windows 2008 firewall: Configure inbound rules in the Windows 2008 firewall to allow the following ports access. Open all of the ports that are appropriate in your configuration. Port

Protocol

Used for

32771

T

RMI

32775

T

This is the primary IBM System Dashboard for Enterprise Content Management listener port.

Internal port number

HTTP

In a cluster configuration, set it to a non-zero value in istration Console for Content Platform Engine and use that port number here to open it in the Windows 2008 firewall.

Configuring the network You must perform certain configurations on the network before installing FileNet P8 platform. “Prerequisites to configuring your network” A small number of tasks are required to ensure proper network communications before you install FileNet P8 platform. Perform the prerequisite tasks in any order. “Synchronizing machine clocks” on page 35 FileNet P8 processes require that you synchronize the clocks on all of the machines that are running FileNet P8 servers and FileNet P8 clients. “Creating a local or shared directory for the shared configuration files (Application Engine or Workplace XT)” on page 35 You can create a local or shared directory for the shared configuration files in highly available environments. Prerequisites to configuring your network: A small number of tasks are required to ensure proper network communications before you install FileNet P8 platform. Perform the prerequisite tasks in any order. v Ensure T/IP settings. the T/IP settings on the UNIX and Windows servers and IBM istration Console for Content Platform Engine clients that are configured for FileNet P8 enable the servers and clients to communicate with one another.

34


v Ensure availability of required port numbers. Several port numbers are required by the various FileNet P8 components. Synchronizing machine clocks: FileNet P8 processes require that you synchronize the clocks on all of the machines that are running FileNet P8 servers and FileNet P8 clients. 1. Make sure that the machine clocks on all FileNet P8 servers, including Content Platform Engine, Application Engine, as well as all database servers and those of FileNet P8 client applications including Workplace XT, Rendition Engine, IBM Case Manager, and so on, are synchronized. Errors that might arise if they are not synchronized include those of authentication, cooperative locking, communication between servers, and others. | | | |

2. You can run a clock synchronization utility to synchronize all of the clocks on your Java™ virtual machines with a reliable time source. If the clocks get out of sync by 60 seconds or more, you can configure a scheduler in the clock synchronization utility to periodically synchronize the time of the clocks. Creating a local or shared directory for the shared configuration files (Application Engine or Workplace XT): You can create a local or shared directory for the shared configuration files in highly available environments. : At a minimum, the running the install and the Application Engine/Workplace XT processes needs write access to this directory. Do not use one of the cluster servers for the file location as this creates a single point of failure. The bootstrap.properties file could, theoretically, be placed on a local Windows share or local NFS export directory from any of the systems in the Application Engine/Workplace XT cluster (that is, shared out from the default file location from the first installation). However, if the local system holding the file would go down, other Application Engine/Workplace XT instances will be unable to find the bootstrap.properties file and will return error messages.

Storage area options for object stores An object store has several options for storage areas. You need to determine the appropriate types of storage areas for your requirements. An object store can have up to four types of storage areas, and multiple instances of each type, for the content of documents and business objects. The name of each storage area in an object store must be unique. advanced storage area An advanced storage area s these underlying advanced storage devices: OpenStack cloud storage and file system storage. One or more advanced storage devices can be associated with an advanced storage area. An advanced storage area s native content replication for disaster recovery and online backups solutions. In addition, an advanced storage area leverages the Content Platform Engine sweep service to perform queue processing for replication, content deletion, and abandoned content backout. An advanced storage area can coexist with other storage areas: database, file system, or fixed content. Data can be moved between an advanced Planning and preparing for FileNet P8 installation

35

storage area and other types of storage areas. And, like other storage areas, advanced storage areas can be assigned to storage policies. file storage area A file storage area stores content in a file system. A file storage area is usually not on the machine where Content Platform Engine is installed. A file storage area cannot reside on a write-once-read-many (WORM) device. fixed storage area A fixed storage area resides on a large-capacity, (possibly) write-once, fixed content device. A fixed storage area uses a file storage area directory structure as a temporary staging area before migrating files to permanent storage on the external device. Multiple fixed storage areas can share the same fixed content device, or a fixed storage area can have its own fixed content device. database storage area A database storage area stores content as binary large objects (BLOBs) in a database. Related concepts: Storage area types

Advantages of advanced storage areas Advanced storage areas offer several advantages over other types of storage areas. Advanced storage areas have two main advantages over other storage areas: They content replication over storage devices, and they offer storage on OpenStack-based cloud objects. Advanced storage areas also offer direct content . That is, content ed by a client application to an advanced storage area goes directly to a storage device without needing to be written to temporary storage. The core features that advanced storage areas are as follows: for Content Platform Engine content replication Content Platform Engine can replicate content to more than one type of storage device and to multiple instances of the same type. Mounting of file system replicas between sites is not required. If Content Platform Engine determines that it has connectivity to a cross-site replica, it reads or writes to the replica directly. The advanced storage area implements a connectivity detection scheme, caching the results, and using this information when reading or writing to a replica. If server communication is configured for a site, then server communication is the favored route to content in a different site. If direct connectivity between sites is not available, then server communication must be configured to allow content to be accessed across sites. Direct connectivity for a file system storage device means that the file system is mounted across the WAN between sites to every Content Platform Engine server. If server communication is not configured, then direct connectivity is required. for direct use of cloud object storage Content Platform Engine can transfer content to a cloud object, and without needing to use temporary disk storage. for direct of content

36


Content flows directly from a client application as a single stream to the storage device; the content is never written to temporary storage. Only a single instance of Content Platform Engine is involved in the . for replica repair If a replica contains damaged (missing or incorrect) content, Content Platform Engine can detect the damage and re-replicate the correct content to the replica. The following table summarizes the differences between advanced storage areas and other storage areas in of their of core features: Table 11. Core feature by advanced storage areas and other types of storage areas Core feature

ed by advanced storage areas?

ed by other types of storage areas?

File storage

yes

yes

Database storage

no

yes

OpenStack-based cloud storage

yes

no

Fixed content storage

no

yes

Replication

yes

no

Direct content

yes

no

Replica repair

yes

no

Replication models for advanced storage areas If you use advanced storage areas for your object stores, you need to choose a replication model that best suits your storage requirements. Advanced storage areas are designed to be flexible enough to a wide variety of replication models, including the following common modes: traditional high availability/disaster recovery, remote site, and grid storage. Configuring replicas can sometimes be complex. By using istration Console for Content Platform Engine, an can configure common and complex custom replication models. Traditional high availability/disaster recovery The traditional high availability/disaster recovery replication model consists of an active (main) data center, a ive bunker data center, and a ive disaster recovery data center. The bunker data center and the disaster recovery data center provide database redundancy for content. They are ive in the sense that they are activated only during a failover. The database and content are synchronously replicated from the active data center to the bunker data center, and asynchronously replicated from the active data center to the disaster recovery data center. Bunker data centers and disaster recovery data centers differ only in how they receive database and content (synchronously or asynchronously). If the main data center fails, the bunker data center is started and takes on the role of the main data center. Replication to the disaster recovery data center is synchronous until the main data center is restored. The following figure illustrates normal operation for this replication model:


37

Bunker data center

Main data center

Disaster recovery data center

Content Platform Engine

Object store database

Object store database replica

Storage device replica



Content Platform Engine content replication

Synchronous

Storage device replica Asynchronous

Database system replication

The following figure illustrates a failover: Bunker data center

Main data center

Disaster recovery data center


Object store database





Content Platform Engine content replication

Storage device replica Synchronous writes

Remote site The remote site replication model extends the high availability/disaster recovery model by adding for replication to and from a replica on a remote site. Content is synchronously written to the local site (Content Platform Engine 1 and 2) and asynchronously written to the remote site (Content Platform Engine 3A and 4A). The following figure illustrates content being ingested in Content Platform Engine 1:

Content Platform Engine 1


Content Platform Engine 3A






The following figure illustrates content being ingested in Content Platform Engine 3:

38










Grid storage The grid storage model uses cloud storage. The cloud content stores are not tied to any of specific Content Platform Engine site. Content is ed to any of the Content Platform Engine instances. Content is synchronously written to two of the three cloud content stores, and asynchronously written to the third store. The following figure illustrates content being written to the cloud stores: Site 1

Site 2

Site 3




Cloud object storage replica 1



Preparing advanced storage areas Before you create an advanced storage area, you need to complete the following planning-related actions: v Create a storage plan that is based on your replication requirements. See “Replication models for advanced storage areas” on page 37 for an overview of ed replication models. v Consider whether you require site-setting overrides for replication. v Decide on key configuration settings for an advanced storage area. For storing content, do you need compression, duplication suppression, or encryption? For deleting content, which method of removal satisfies your security requirements? v Consider your need to assign the advanced storage area to a storage policy. Do you want to distribute content between storage areas, where the system evaluates configured criteria to determine which area to store the content? After your storage plan is in place, create one or more advanced storage devices to connect to the advanced storage area. You can use OpenStack cloud storage and file system storage as advanced storage devices. You must create the advanced storage devices before you can create an advanced storage area for an object store.


39

Preparing file servers for file storage areas To prepare for file storage, you must configure file servers for file storage areas, configure a remote access protocol, and prepare the file servers where file storage areas are to be located. “Configuring file servers for file storage areas” You must configure file servers for the initial file storage areas of the object stores to be created, and for additional file storage areas of existing object stores. “Configuring settings on file servers” on page 41 The following table shows the operating system and group on the machine where Content Platform Engine is to be deployed that are involved in securing file storage areas. The and group must be defined in the directory service that the operating system uses to authenticate s, which is not necessarily the same directory service that Content Platform Engine Server uses. “Configuring the remote access protocol on the client machine” on page 43 When configuring the remote file access protocol (NFS or CIFS), the client machine is the one where Content Platform Engine Server or IBM Content Search Services are running. Configuring the remote access protocol (NFS or CIFS) means designating a directory (where content is be stored) so that it appears to be on the local file system of the client machine. Configuring file servers for file storage areas: You must configure file servers for the initial file storage areas of the object stores to be created, and for additional file storage areas of existing object stores. See IBM FileNet P8 system requirements for currently ed operating systems for file servers. Configuring a file server for file storage areas involves the following general steps, which are described in more detail in the procedures later in this task. To configure file servers for file storage areas: 1. Create or designate an existing top-level directory on the file server where file storage areas will reside. 2. Secure the directory so only Content Platform Engine Server can access it. 3. Expose the directory via the remote file access protocol that applies to the operating system of the file server. 4. (Best practice) Under the top-level directory, create a subdirectory for each file storage area you intend to create. If you decide to put a file storage area directly within a top-level directory, rather than in a subdirectory, and you later decide to create an additional file storage area on this file server, you will have to create another top-level directory for it, because you will not be able to use the previously created top-level directory. “Remote file access protocols” on page 41 The ed remote file access protocols between Content Platform Engine and a file server are Common Internet File System (CIFS), Network File System (NFS), and Distributed File System (DFS). DFS is ed if you are using it to manage a file storage area; however, the replication feature of DFS is not ed.

40


Remote file access protocols: The ed remote file access protocols between Content Platform Engine and a file server are Common Internet File System (CIFS), Network File System (NFS), and Distributed File System (DFS). DFS is ed if you are using it to manage a file storage area; however, the replication feature of DFS is not ed. The communication method between the Content Platform Engine computer and the file server depends on the operating systems that are running on the two computers. To upgrade a file store, you must use some type of CIFS, NFS, or DFS gateway. You can use an iSCSI device as a Windows CIFS share with Content Platform Engine servers as follows: v You can mount an iSCSI device on one computer and then share that drive to another computer as a Windows CIFS share. v You cannot mount an iSCSI device on multiple computers where the Content Platform Engine servers on the different computers can access the same storage area on the iSCSI device. Install a UPS power supply backup system on each file server to enable graceful shutdown. Loss or corruption of data occurs if a file server does not shut down gracefully. Configuring settings on file servers: The following table shows the operating system and group on the machine where Content Platform Engine is to be deployed that are involved in securing file storage areas. The and group must be defined in the directory service that the operating system uses to authenticate s, which is not necessarily the same directory service that Content Platform Engine Server uses. The and group variables in this table are placeholders for the actual names that you designate. Table 12. and group names s and Groups

Role

Content Platform Engine operating system (e_os_)

The under which Content Platform Engine server runs (typically, the that starts Content Platform Engine server).

Content Platform Engine operating system group (e_os_group)

The group that contains: v Content Platform Engine operating system

“Configuring a file server based on AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris” on page 42 You need to create a directory and specify permissions for the Content Platform Engine operating system before you can create a storage area. “Configuring a Windows-based file server for a Windows client using CIFS” on page 42 You must configure security permissions on the directories where file storage areas are going to be located.


41

“Configuring a Windows-based file server for an AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris client using NFS” on page 43 To configure Windows Services for NFS, use the procedures in Microsoft documentation. Configuring a file server based on AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris: You need to create a directory and specify permissions for the Content Platform Engine operating system before you can create a storage area. To configure a file server based on AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris: 1. Log on to the file server as a with read/write access to the device where you want to create a storage area. 2. Create or designate a directory for the first storage area where content will be stored (as in, fsa1). For example: $ mkdir /opt/filenet/file_stores/fsa1

3. Set the Content Platform Engine operating system as the owner of fsa1 and give group access permission to the Content Platform Engine operating system group. For example: chown e_os_:e_os_group fsa1

Tip: The UID ( ID) for e_os_ and the GID (group ID) for e_os_group on the file server must match the UID and GID for the same and group on the machine where Content Platform Engine and Content Search Engine are running. This will normally be true if all machines use the same directory service, but they might be different. 4. Change the permissions on fsa1 so that e_os_ and e_os_group both have read/write/execute privileges and all other s have no privileges: chmod 0770 fsa1

5. Via NFS, export fsa1. Alternatively, if the file server will host more than one file storage area, export the parent directory. In the latter case, for example, export /opt/filenet/file_stores, rather than /opt/filenet/file_stores/fsa1, and then create a separate subdirectory to serve as the root of each file storage area. Tip: It is a best practice to restrict trusted hosts to just those on which an instance of Content Platform Engine Server or Content Search Engine is executing. Root access should also be restricted. Refer to the AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris manual for details on exporting files in NFS. Configuring a Windows-based file server for a Windows client using CIFS: You must configure security permissions on the directories where file storage areas are going to be located. To configure a Windows-based file server: 1. Log on to the Windows file server as e_os_. 2. Create (or designate) a directory fsa1 where content will be stored. For example: C:\filenet\file_stores\fsa1 3. Navigate in Windows Explorer to fsa1, right-click the file icon, and choose Properties.

42


4. In the Security tab, click Advanced. 5. In the Advanced Security Settings dialog box: a. Grant Full Control to e_os_ and e_os_group, and select This Folder, subfolders, and files from the Apply to drop-down list. b. Remove all other s and groups in the Permission entries table. c. Click OK. 6. In the Sharing tab, perform the following tasks: a. Click Share this folder and click Permissions. b. Grant Full control to e_os_ and e_os_group. c. Remove all other s and groups in the Permission entries table. d. Click OK. Configuring a Windows-based file server for an AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris client using NFS: To configure Windows Services for NFS, use the procedures in Microsoft documentation. To configure Windows Services for NFS: 1. Do all the steps in “Configuring a Windows-based file server for a Windows client using CIFS” on page 42. 2. Use the procedures in Microsoft documentation to configure Windows Services for NFS to expose fsa1. Tip: v Windows Services for NFS is an optional Windows component. v As part of configuring Windows Services for NFS, you must set up a mapping of Windows s and groups to the AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris s and groups. When setting up the mapping for e_os_ and e_os_group, you must specify the same UID (UNIX ID) and GID (UNIX group ID) that these s have on the machine where Content Platform Engine Server is installed. Configuring the remote access protocol on the client machine: When configuring the remote file access protocol (NFS or CIFS), the client machine is the one where Content Platform Engine Server or IBM Content Search Services are running. Configuring the remote access protocol (NFS or CIFS) means designating a directory (where content is be stored) so that it appears to be on the local file system of the client machine. To configure remote access protocol: v To configure AIX, HPUX, HPUXi, Linux, or Solaris-based Content Platform Engine Server to communicate with an AIX, HPUX, HPUXi, Linux, Solaris or Windows file server via NFS: 1. On the application server where you are going to deploy Content Platform Engine Server, log on as the who launched the application server. 2. Mount the exported NFS file system (from step 5 on page 42 of “Configuring a file server based on AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris” on page 42) onto a local directory on the Content Platform Engine


43

machine. The mount point must be in the same location in the local file system on all machines where Content Platform Engine Server is going to be installed. For example, on Linux or AIX: mount filesrv:/opt/filenet/file_stores/home/filenet/file_stores

where filesrv is the host name of the file server where the exported NFS file system is located. In this example, all Content Platform Engine Server machines (including machines that are part of the same server farm or cluster) must mount the remote file system at /home/filenet/file_stores. v To configure Windows-based Content Platform Engine Server to communicate with a Windows file server via CIFS: 1. If both Content Platform Engine Server and the file server are in the same Windows domain, no action is required. If they are in different domains, establish access to the file server machine from the machine where you will install Content Platform Engine Server.

Using IBM data collection tools The IBM data collection tools can help you troubleshoot problems with your installed IBM FileNet P8 products by collecting and analyzing problem-related diagnostic data. IBM data collection tools automate the gathering and sending of appropriate diagnostic data to IBM for investigation and resolution of installation, upgrade, or runtime problems in IBM FileNet P8 products. Typically you would run an IBM data collection tool after installing or upgrading the product, or when the IBM FileNet P8 system is in production. To use an IBM data collection tool, your IBM FileNet P8 product must be ed by the tool and must have Internet access to the IBM back-end servers where the collected data is analyzed. If your product does not meet these requirements, IBM can assist you in determining the most effective manual method to collect and deliver the diagnostic data for analysis. Two IBM Assistant data collection tools are available, at the IBM Assistant Data Collectors website: v IBM Assistant Data Collector is a web-based tool that can be used at any time; there is nothing to install. v IBM Assistant Lite Data Collector must be installed on the servers where you installed or upgraded your IBM FileNet P8 products before it can be used. By installing the tool before your IBM FileNet P8 system goes into production, you avoid the possibility of not being able to install it after a runtime problem occurs. To determine which IBM data collection tool s your IBM FileNet P8 product: 1. Browse to the IBM Assistant Data Collectors website. 2. Find an IBM data collection tool that s your product: v To determine whether IBM Assistant Data Collector s your product, complete the following substeps: a. Click the Data Collectors tab on the IBM Assistant Data Collectors home page, and then click Launch.

44


b. Expand the I need to collect data for drop-down list. If your product is listed, then you can use IBM Assistant Data Collector. v To determine whether IBM Assistant Lite Data Collector s your product, complete the following substeps: a. Click the Data Collectors tab on the IBM Assistant Data Collectors home page. b. Choose Enterprise Content Management in the Select a brand to begin the process drop-down list. c. Expand the Select a product to access the page drop-down list. If your product is listed, then you can use IBM Assistant Lite Data Collector. 3. Follow the instructions on the web page for the tool that s your product to use the tool directly or to install it, as needed.

Security installation tasks The Security must prepare the security environment for the FileNet P8 platform, including planning the security environment, configuring the directory server, and creating s. Review all rows assigned to the Security (SA) in the Installation and Upgrade Worksheet. While you complete the following preparation tasks, provide values for the rows that are appropriate to your installation. With the Data > Filter > AutoFilter command enabled, as it is by default in the worksheet file (p8_worksheet.xls), perform the following actions to quickly see only the properties assigned to a particular Role: v

Click the AutoFilter drop-down arrow in the Role column header and select SA.

v

Further filter the result set by clicking the AutoFilter drop-down arrow in any of the other columns and selecting a value or clear a filter by selecting All. “Security planning considerations” Information in this section is provided to assist in the security planning process but is not a complete description of any security feature or level of . “Configuring directory server” on page 48 The Security must perform certain configurations on the directory server that will provide the authentication repository for your FileNet P8 system. “Creating the application server istrative console (WebSphere)” on page 57 An LDAP to which you have granted the WebSphere Application Server istrative role. “Creating Content Platform Engine directory server s” on page 58 Content Platform Engine requires several directory server s that must be provided during installation. “Creating Application Engine or Workplace XT directory server s” on page 70 Directory server s are needed to ister Application Engine or Workplace XT.

Security planning considerations Information in this section is provided to assist in the security planning process but is not a complete description of any security feature or level of . Planning and preparing for FileNet P8 installation

45

Authentication and authorization are separate processes. Authentication (logon security) is separate from authorization (object and process security). You must configure your JAAS on the Content Platform Engine application server so that any or group that can successfully log on to FileNet P8 resources can also be authorized to work within FileNet P8 interfaces, using the Content Platform Engine directory service provider connection. Configuration Manager captures configuration information to create your application server authentication provider; or you can use an authentication provider that already exists on the application server. Immediately following the initial Content Platform Engine deployment, you will use IBM istration Console for Content Platform Engine to configure the Content Platform Engine authorization by creating a Directory Configuration. s are done through JAAS. FileNet P8 uses Java Authentication and Authorization Service (JAAS) for authentication, which is a process that occurs between a Java EE client application, a Java EE application server, and one or more JAAS modules. This process does not involve any FileNet P8 code. FileNet P8 platform uses JAAS for authentication only, not for authorization on stored objects. Also, it does not Java Security Manager. Determine single sign-on (SSO) requirements. Content Platform Engine ability to use JAAS-based authentication means that if a single sign-on (SSO) provider writes a JAAS Module for a ed application server, then clients of FileNet P8 applications hosted in that application server can use that SSO solution. See Single Sign-On Solutions for IBM FileNet P8 at ibm.com/redbooks for configuration information. Determine Kerberos applicability. You can use Kerberos for SSO authentication between .NET applications or other products that use it, provided you use Windows Active Directory as the directory server. Decide how many authentication realms you require. At least one authentication realm is required, which you create during an initial installation by running the Configuration Manager Configure LDAP task. After making sure that the first realm is working properly, you can configure additional realms, depending on your security model and requirements. Make sure that you have a directory service provider in place. Directory services are provided by third-party directory servers. Refer to the IBM FileNet P8 system requirements for the list of ed products. Starting with version 5.2, Content Platform Engine s heterogeneous directory server configurations when running in an IBM virtual member manager environment. (To use virtual member manager, Content Platform Engine requires WebSphere Application Server version 7.0 or above.) For all other directory environments, only homogenous LDAP server combinations are ed, meaning that a single FileNet P8 domain can be configured to use only one of the ed directory servers. Understand the s and groups required for FileNet P8. All general istrative s and groups needing access to FileNet

46


P8-based applications must reside in one of the ed directory servers. The planning and preparation tasks provide instructions for creating the istrative s required for installation and initial configuration. (WebLogic only) Any WebLogic authentication provider must be dedicated to FileNet P8. For performance reasons, do not share any authentication provider that is used by WebLogic for deployed FileNet P8 components with applications used for other purposes. You can configure Content Platform Engine to use email or UPN for You can assign the directory server's email attribute or, for Active Directory, the PrincipalName (UPN) to be the short name that is used for . Instructions in the IBM FileNet P8 Platform Installation and Upgrade Guide provide a link to a procedure that explains how to do this. (WebSphere only) Choose Stand-alone or Federated repository type. There is an option in the Configuration Manager Configure LDAP task to select whether the WebSphere Application Server repository type is Stand-alone LDAP registry or Federated repositories. To have Configuration Manager use your repository type setting, select the Configuration Manager option Set as current active registry. If you choose Stand-alone LDAP registry Configuration Manager changes the istrative console to the you enter as the istrative console name. This must reside in the Stand-alone LDAP registry location. The existing istrative console , if any, becomes invalid. To have Configuration Manager replace an existing Stand-alone LDAP registry configuration, you must enable the Configuration Manager option Overwrite existing repository. If you choose Federated repositories By choosing the Federated repositories option in Configuration Manager, you are adding a new LDAP realm to an existing Federated LDAP repository. The istrative console name that you provide must be a unique across all federated realms. Avoid overlapping realm definitions In the Configuration Manager task Configure LDAP, if you set the WebSphere Application Server LDAP repository type option to Federated repositories, do not enter repositories with overlapping suffixes as they are not ed. For example, the following two repositories with overlapping Base entry distinguished names are not ed: v dc=ibm,dc=com v dc=filenet,dc=ibm,dc=com This restriction especially applies to Active Directory parent and child domains, since by definition parent/child domains in AD have overlapping suffixes. The repositories in the next example are ed, because they are sibling repositories and do not overlap: v dc=tivoli,dc=ibm,dc=com v dc=filenet,dc=ibm,dc=com Planning and preparing for FileNet P8 installation

47

istrative security must be enabled Configuration Manager does not change the state of WebSphere istrative security. If it was on before running Configuration Manager, then it stays on; if it was off before, then it stays off. WebSphere Application Server security domains Content Platform Engine s WebSphere Application Server security domains, a feature that is introduced in WebSphere Application Server 7.0. Security domains allow s to define multiple security configurations for use in a single cell or application server. By default, all istrative and applications in WebSphere Application Server use the same global security configuration. However, with security domains, you can create additional security configurations if you want to specify different security attributes for some or all of your applications. For example, you can define different settings (such as a different registry) for applications than for istrative applications. You can also define separate security configurations for applications that are deployed to different servers and clusters. To use security domains, you deploy Content Platform Engine in the normal way, and then use your WebSphere Application Server istrative console to create a security domain and to assign Content Platform Engine to it. Content Platform Engine code then automatically honors this domain setting. All Content Platform Engine servers and clients must be in one of the available WebSphere security domains. Also, the Content Platform Engine bootstrap (e_bootstrap_) must be present in both the WebSphere Application Server global security configuration and the security domain that applies to the Content Platform Engine; or you can skip the bootstrap at the server startup by setting the JVM argument -Dcom.filenet.engine.init.BGThreadsAsBootstrapId=false.

Configuring directory server The Security must perform certain configurations on the directory server that will provide the authentication repository for your FileNet P8 system. “Configuring Windows Active Directory” on page 49 You can configure Microsoft Windows Active Directory to be the directory service for FileNet P8. “Configuring Active Directory Lightweight Directory Services (AD LDS)” on page 49 You can configure Active Directory Lightweight Directory Services (AD LDS) to be the directory service for FileNet P8. “Configuring Oracle Directory Server Enterprise Edition” on page 50 You can configure Oracle Directory Server Enterprise Edition to be the directory service for FileNet P8. “Configuring Novell eDirectory” on page 51 You can configure Novell eDirectory to be the directory service for FileNet P8. “Configuring Oracle Internet Directory” on page 51 You can configure Oracle Internet Directory to be the directory service for FileNet P8. “Configuring IBM Tivoli Directory Server” on page 52 You can configure IBM Tivoli Directory Server to be the directory service for FileNet P8.

48


“Configuring IBM virtual member manager” on page 52 You can configure IBM virtual member manager to be the directory service for FileNet P8. “Configuring CA Directory” on page 57 You can configure CA Directory to be the directory service for FileNet P8. Configuring Windows Active Directory: You can configure Microsoft Windows Active Directory to be the directory service for FileNet P8. In a multi-domain Active Directory environment, a logon will fail for any whose name and in a parent/child domain does not match those in a child/parent domain. If you have an Active Directory failover configuration, you can configure FileNet P8 to follow this failover sequence whenever Content Engine attempts to authorize an already authenticated . You can do this during Content Engine installation while running the Create a Directory Configuration wizard, or at any time after. Server Side Sorting (SSS) must be enabled. This is because FileNet P8 components call on Content Platform Engine to perform searches using a sorted paging mechanism. Note that SSS is normally enabled by default but is sometimes disabled due to concerns with performance. DNS forwarders provide external DNS lookup functionality. If you are working in an "isolated" network, a DNS forwarder is not required. However, if you want to access the Internet or other network resources, then a DNS forwarder pointing to a DNS server that serves the external resources (for example, the Internet) is required. To enable DNS forwarders: 1. On the machine that is configured as the Windows DNS Server, log on with an that can configure the DNS components. 2. Start DNS. For example, on Windows 2008, choose Start > All Programs > istrative Tools > DNS . 3. Right-click the your_computer_name container and select Properties. 4. Select the Forwarders tab and the check box for Enable forwarders is selected. If this feature is grayed out (unavailable), you must reconfigure your DNS server. 5. If you selected the check box, add an appropriate IP address and click OK. This IP address can be the IP address of a DNS server that allows traffic to the Internet. Configuring Active Directory Lightweight Directory Services (AD LDS): You can configure Active Directory Lightweight Directory Services (AD LDS) to be the directory service for FileNet P8. Server Side Sorting (SSS) must be enabled. This is because FileNet P8 components call on Content Platform Engine to perform searches using a sorted paging mechanism. Note that SSS is normally enabled by default but is sometimes disabled due to concerns with performance.


49

You can use AD LDS as a standalone directory service, or you can synchronize AD LDS with Active Directory, using Microsoft's built-in tools. Synchronization is invisible to FileNet P8 applications and authentication. It is a best practice to establish the connection between Active Directory and AD LDS before installing IBM FileNet P8. Consult your AD LDS documentation for full information. Configuring Oracle Directory Server Enterprise Edition: You can configure Oracle Directory Server Enterprise Edition to be the directory service for FileNet P8. On Windows servers, Oracle Directory Server Enterprise Edition should be installed on an NTFS hard drive partition. If there are more than 2,000 s in the Directory Server, you must increase the resource limits to correctly display s in FileNet P8. IBM recommends setting this limit to -1 (unlimited). You can either set this limit for the entire LDAP server or for the individual FileNet P8 s. Server Side Sorting (SSS) must be enabled. This is because FileNet P8 components call on Content Platform Engine to perform searches using a sorted paging mechanism. Note that SSS is normally enabled by default but is sometimes disabled due to concerns with performance. “Setting the resource limits for the entire Oracle Directory Server Enterprise Edition (v 5.2)” resource limits take precedence over server resource limits. Existing s who have a value specified for resource limits will not be affected by the changes made in the following steps. “Setting the resource limits for individual FileNet P8 s (Oracle Directory Server Enterprise Edition)” on page 51 Set resource limits any time you add IBM FileNet P8 s to your configured Oracle Directory Server Enterprise Edition. Setting the resource limits for the entire Oracle Directory Server Enterprise Edition (v 5.2): resource limits take precedence over server resource limits. Existing s who have a value specified for resource limits will not be affected by the changes made in the following steps. To set the resource limits: 1. On the server where Oracle Directory Server Enterprise Edition (formerly named Sun Java System Directory Server) is installed, with an that has rights to modify the Oracle Directory Server Enterprise Edition environment. 2. Run the Oracle Directory Server Enterprise Edition console and . 3. Expand the Domain > Server Group containers and select your Directory Server. 4. Right-click and select Open. 5. Select the Configuration tab. 6. Select the Performance container. 7. Select the Client Control tab. 8. For the LDAP group box, ensure that Size limit and Look-through limit are both set to Unlimited.

50


9. If changes were made, click Save. 10. Select the Tasks tab and Restart the Directory Server if changes were made. Setting the resource limits for individual FileNet P8 s (Oracle Directory Server Enterprise Edition): Set resource limits any time you add IBM FileNet P8 s to your configured Oracle Directory Server Enterprise Edition. To set the resource limits for individual s: 1. From the Oracle Directory Server Enterprise Edition console, expand the Domain > Server Group containers and select your Directory Server. Then click Open. 2. Select the Directory tab. 3. From the left pane, select the Object (OU, etc.) that contains the (s) you want to change. 4. For each FileNet P8 whose limit you want to change, complete the following steps: a. From the right pane, double-click the name. b. Select Properties. c. On the left pane of the Properties dialog box, select . d. Enter -1 in the Look through limit and size limit fields. e. Click OK. 5. Restart the Directory Server. Configuring Novell eDirectory: You can configure Novell eDirectory to be the directory service for FileNet P8. Make sure to consider the following requirements: v The Windows server where Novell eDirectory Server is installed must have an NTFS hard drive partition. v The Novell eDirectory might have to create an index if the sorting attribute is not in the list of default attributes shipped by eDirectory. v Access control settings in FileNet P8 require that all s have Browse access on the directory server. If you do not want to set Browse access at the individual level, it is a best practice to establish a Public trustee for the realm. v FileNet P8 s cross-realm group hips. This means that FileNet P8 s a configuration in which a group is in one realm while some or all of its s are in another. v Server Side Sorting (SSS) must be enabled. This is because FileNet P8 components call on Content Platform Engine to perform searches using a sorted paging mechanism. Note that SSS is normally enabled by default but is sometimes disabled due to concerns with performance. Configuring Oracle Internet Directory: You can configure Oracle Internet Directory to be the directory service for FileNet P8. Make sure to consider the following requirements:


51

v When installing Oracle Internet Directory (OID) using the Oracle Universal Installer, you must at a minimum select to install the Oracle Internet Directory component. The Oracle Universal Installer will ensure that certain other components that OID requires will also be installed. v If Oracle Internet Directory is installed on a Windows server, it must have an NTFS hard drive partition. v The security might have to create an index if the sorting attribute is not in the list of default attributes shipped by Oracle Internet Directory. v Access control settings in FileNet P8 require that all s have Browse access on the directory server. If you do not want to set Browse access at the individual level, it is a best practice to establish a Public trustee for the realm. v Server Side Sorting (SSS) must be enabled. This is because FileNet P8 components call on Content Platform Engine to perform searches using a sorted paging mechanism. Note that SSS is normally enabled by default but is sometimes disabled due to concerns with performance. Configuring IBM Tivoli Directory Server: You can configure IBM Tivoli Directory Server to be the directory service for FileNet P8. Server Side Sorting (SSS) must be enabled. This is because FileNet P8 components call on Content Platform Engine to perform searches using a sorted paging mechanism. Note that SSS is normally enabled by default but is sometimes disabled due to concerns with performance. If your system requires continuous availability and a high degree of reliability, you should configure failover for authorization. Configuring IBM virtual member manager: You can configure IBM virtual member manager to be the directory service for FileNet P8. A directory service provider, called VMM Provider, is implemented to retrieve s and groups from virtual member manager repositories. VMM Provider is used only with WebSphere Application Server version 7.0 or above that is configured for Federated Repositories. Virtual member manager is a system component of WebSphere Application Server. It performs Java™ Authentication and Authorization Service (JAAS) authentication by WebSphere Federated Repository, which is a type of WebSphere Application Server module. Virtual member manager repositories are therefore the same as WebSphere federated repositories. In addition to serving as a WebSphere Application Server authentication provider, virtual member manager is also treated by Content Platform Engine as a virtual directory service. When you use WebSphere Application Server as the hosting application server, you can configure Content Platform Engine to retrieve s and groups from virtual member manager for the purposes of authorization.

52


WebSphere Server

Content Platform Engine VMM Provider

VMM VMM API

Adapter SPI

File Repository

LDAP Repository

Custom Repository

Virtual member manager provides the following benefits: v for heterogeneous directory services, such as both Active Directory and Tivoli Directory Server. v for heterogeneous repositories, such as LDAP repositories and file repositories. Not all virtual member manager repositories server-side sorting. To keep the behavior the same across repositories, VMM Provider does not retrieve the entire search result set; it retrieves only the first N principals from virtual member manager repositories for Principal Search. The value of N is defined by the page size of finds() or findGroups() method in the Content Platform Engine Realm class. VMM Provider returns only the first page of search result for Principal Search. “Configuring a virtual member manager LDAP repository” You can configure IBM virtual member manager to use an approved LDAP repository to be the directory service for FileNet P8. “Configuring a virtual member manager file repository” on page 55 You can configure IBM virtual member manager to use a file-based repository to be the directory service for FileNet P8. “Configuring a virtual member manager custom repository” on page 56 You can configure IBM virtual member manager to use a custom repository to be the directory service for FileNet P8. Configuring a virtual member manager LDAP repository: You can configure IBM virtual member manager to use an approved LDAP repository to be the directory service for FileNet P8. You must provide and configure one or more LDAP repositories that are certified for use by WebSphere Application Server. This task describes the values that you must provide when you configure Content Platform Engine using Configuration Manager. Configuring Content Platform Engine to use virtual member manager LDAP repositories is slightly different from configuring a typical Content Platform Engine-LDAP connection. Planning and preparing for FileNet P8 installation

53

1. To prepare Content Platform Engine to connect to a directory server through virtual member manager specify the following properties in Configuration Manager and istration Console for Content Platform Engine: Configuration Manager Configure LDAP task property

Enter this value

Directory service provider type

Specify the directory server that you are using behind IBM virtual member manager. (Content Platform Engine points to IBM virtual member manager that points to the LDAP you specify with this property.) Examples include Active Directory and eDirectory. Note: If you use multiple LDAPs, use the WebSphere istrative console to add more LDAP repositories.

WebSphere Application Server LDAP repository type

Select Federated repositories. Note: This value ensures that Content Platform Engine uses virtual member manager.

Set as current active registry

Select the check box.

Configuration Manager Bootstrap and Text Extraction task property

Enter this value

Bootstrap name (e_bootstrap_)

Use an that exists in the IBM virtual member manager LDAP repository. Note: Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_bootstrap_.

istration Console for Content Platform Engine Create a New Domain wizard property Directory Service Provider type

Enter this value IBM virtual member manager Note: You do not need to specify values for any of the other directory service properties, such as Host, Port, Base DN, or Search Filter. Note: Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of ACCE: New Domain wizard.

2.

Record these values in your customized Installation and Upgrade Worksheet. To help find these properties, search the worksheet for instances of virtual member manager.

3. to the WebSphere istrative console as a local WebSphere istrative . a. Navigate to Security > Global security > Federated repositories.

54


b. that only two repositories are in the realm: o=defaultWIMFileBasedRealm, and the one you created. Keep the file repository in the list because you must use the local WebSphere istrative . c. If there are other unrelated repositories in the list, delete them, save the change, and restart WebSphere Application Server. Configuring a virtual member manager file repository: You can configure IBM virtual member manager to use a file-based repository to be the directory service for FileNet P8. An installation of WebSphere Application Server automatically has a file repository ready to use, along with a local WebSphere istrative . A file-based repository can be used by about 1000 s and 50 groups. The number of groups that are defined and the number of s per group affect the performance of searching for the group hip of a . This task describes the values that you should provide while you carry out steps that are described elsewhere. It is assumed that you already have a file-based repository that is populated with the and group s that are required by your application. Configuring Content Platform Engine to use virtual member manager file-based repositories is slightly different from configuring a normal Content Platform Engine-LDAP connection. 1. that you have a file repository in the realm: a. to WebSphere Application Server istrative Console as a local WebSphere istrative . b. Navigate to Security > Global security > Federated repositories. c. Make sure you see only the Base Entry o=defaultWIMFileBasedRealm. If there are other unrelated repositories in the list, delete them, save the change, and restart WebSphere Application Server. 2. To prepare Content Platform Engine to use VMM file repository: Configuration Manager Configure LDAP task property

Enter this value

Do not run the Configure LDAP task.

Do not provide values for the Configure LDAP task.

Configuration Manager Bootstrap and Text Extraction task property Bootstrap name (e_bootstrap_)

Enter this value Use an that resides in the virtual member manager file-based repository. Note: Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_bootstrap_.


55



3.

Record these values in your customized Installation and Upgrade Worksheet. To help find these properties, search the worksheet for instances of virtual member manager.

Configuring a virtual member manager custom repository: You can configure IBM virtual member manager to use a custom repository to be the directory service for FileNet P8. For Custom repositories, you must provide an adapter which implements the com.ibm.wsspi.wim.Repository interface. While IBM will these custom configurations, you must be prepared to work with the vendor who provided the custom adapter implementation, as well as the underlying repository. IBM cannot take responsibility for issues that require changes to either the adapter or the underlying repository. This task describes the values you should provide while you carry out steps that are described elsewhere. It is assumed that you have already provided a custom repository populated with the and group s required by your application. Configuring Content Platform Engine to use virtual member manager custom repositories is different than configuring a normal Content Platform Engine-LDAP connection. To prepare Content Platform Engine to connect to a directory server through virtual member manager using a custom repository: Configuration Manager Configure LDAP task property Do not run the Configure LDAP task.

56


Enter this value Do not provide values for the Configure LDAP task.

Configuration Manager Bootstrap and Text Extraction task property Bootstrap name (e_bootstrap_)

Enter this value Use an that resides in the virtual member manager custom repository. Note: Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_bootstrap_.



Configuring CA Directory: You can configure CA Directory to be the directory service for FileNet P8. Make sure to consider the following requirements: v The Windows server where CA Directory Server is installed must have an NTFS hard drive partition. v The CA Directory might have to create an index if the sorting attribute is not in the list of default attributes shipped by CA Directory. v Access control settings in FileNet P8 require that all s have Browse access on the directory server. If you do not want to set Browse access at the individual level, it is a best practice to establish a Public trustee for the realm. v FileNet P8 s cross-realm group hips. This means that FileNet P8 s a configuration in which a group is in one realm while some or all of its s are in another. v Server Side Sorting (SSS) must be enabled. This is because FileNet P8 components call on Content Platform Engine to perform searches using a sorted paging mechanism. Note that SSS is normally enabled by default but is sometimes disabled due to concerns with performance.

Creating the application server istrative console (WebSphere) An LDAP to which you have granted the WebSphere Application Server istrative role. 1. Create the following directory service : WebSphere istrative console


57

Unique identifier appserver_console_ Description The appserver_console_ is an LDAP to which you have granted the WebSphere Application Server istrative role so that it can to the WebSphere istrative console. v If your WebSphere repository type is Stand-alone LDAP registry, when you run the Configuration Manager Configure LDAP task, enter the credentials of a valid LDAP to be the appserver_console_ for the entry labeled istrative console name. Configuration Manager grants this WebSphere istrative console istrative rights. Alternatively, you can enter an LDAP that you have already configured as a console . v If your WebSphere Application Server LDAP repository type is Federated repositories, you can use the same defined as your appserver_. However, if you specify a for the istrative console name that is different from appserver_, it must be unique across all federated realms including the WebSphere Application Server local file-based repository. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of appserver_console_.

Creating Content Platform Engine directory server s Content Platform Engine requires several directory server s that must be provided during installation. s are referred to in documentation in the following ways: v


v


If you see a reference to an that you do not understand, search the documentation for that reference. Create the following s and groups: “Creating Content Platform Engine bootstrap ” on page 59 An that Content Platform Engine uses to establish a connection with the application server, access the application server's JNDI tree, look up the data sources for accessing the GCD, and start up Content Platform Engine background tasks. “Creating the GCD ” on page 61 A directory service that has Full Control access to the Content Platform Engine domain object.

58


“Creating the object store ” on page 62 A directory service that has Full Control access to a Content Platform Engine object store. “Creating directory service (Active Directory)” on page 63 A directory service that Content Platform Engine uses to connect to the directory server. “Creating directory service (AD LDS)” on page 64 A directory service that Content Platform Engine uses to connect to the directory server. “Creating directory service (Oracle Directory Server Enterprise Edition)” on page 65 A directory service that Content Platform Engine uses to connect to the directory server. “Creating directory service (Novell eDirectory)” on page 65 A directory service that Content Platform Engine uses to connect to the directory server. “Creating directory service (IBM Tivoli Directory Server)” on page 66 A directory service that Content Platform Engine uses to connect to the directory server. “Creating directory service (Oracle Internet Directory)” on page 67 A directory service that Content Platform Engine uses to connect to the directory server. “Creating directory service (CA Directory)” on page 68 A directory service that Content Platform Engine uses to connect to the directory server. “Creating the workflow system ” on page 68 A directory server that is used by workflow to create isolated regions. “Creating workflow system groups” on page 69 Directory server groups whose can manage workflows. Creating Content Platform Engine bootstrap : An that Content Platform Engine uses to establish a connection with the application server, access the application server's JNDI tree, look up the data sources for accessing the GCD, and start up Content Platform Engine background tasks. 1. Create the following LDAP : Content Platform Engine bootstrap Unique identifier e_bootstrap_ Description The e_bootstrap_, also known as the Content Platform Engine system , is an that is stored in the CEMPBoot.properties file that is archived in the Content Platform Engine EAR file. You enter the bootstrap 's credentials while running the Configuration Manager's Configure Bootstrap Properties task. Any deployments of the EAR file for the same FileNet P8 domain must use the same credentials for the bootstrap . Content Platform Engine uses this to authenticate to the application server and access the data sources named in the Planning and preparing for FileNet P8 installation

59

GCDConnection property. Content Platform Engine will not be able to start if this is not able to authenticate. In keeping with the principle of granting to an only those permissions necessary to accomplish its purpose, do not use the e_bootstrap_ to serve in the role of gcd_. This can happen if you as e_bootstrap_ the first time you start IBM istration Console for Content Platform Engine following initial installation. Doing this places e_bootstrap_ on the security tab of the FileNet P8 domain object with Full Control access rights. The result is that the e_bootstrap_ is functioning as the gcd_. This is not a recommended configuration. If it is your configuration, consider using IBM istration Console for Content Platform Engine to add a new gcd_ to the security of the FileNet P8 domain object, making sure to grant Full Control to the P8 domain, and then removing the e_bootstrap_ from the security tab of the P8 domain. To make sure it is not misused or locked out by accident, do not use e_bootstrap_ as an all-purpose . For example, if a tried to log on to some other application using the e_bootstrap_ and provided the wrong several times, thereby exceeding the number of allowable failures, this could be locked out of the directory server, depending on your local policies. This would mean that Content Platform Engine would not start. If possible, exempt e_bootstrap_ from policies requiring periodic change. If you change your system's parameters so that the e_bootstrap_ credentials are no longer valid, the result would be that Content Platform Engine will not be able to start. For example, if you modified the Short Name Attribute or Search Filter, in the application server's authentication provider and in the IBM istration Console for Content Platform Engine P8 Domain Properties > Modify Directory Configuration > property sheet, from samName to distinguishedName, you would also need to use the Configuration Manager bootstrap task to make the same change in the Content Platform Engine EAR file. Restriction: If you are deploying Content Platform Engine on an application server with federated repositories and with multiple realms in your FileNet P8 domain, be sure that no two realms contain the same short name for this ; otherwise, this will not be able to authenticate. Minimum required permissions The must be a directory server that resides in the realm that has been configured for Content Platform Engine authentication. An exception to this rule is that if you are using IBM virtual member manager, the bootstrap must reside in the file-based repository if your repository is file-based, or in the custom repository if your repository is a custom repository.

60


If your application server is WebSphere Application Server and your database is DB2 for z/OS, the used for e_bootstrap_ must be a member of at least the WebSphere Monitor role. This is required because Content Platform Engine must add custom properties to the data sources, and the Monitor role is the minimum privilege required to read data source properties. If you are using WebSphere Application Server security domains, see “Security planning considerations” for additional requirements for e_bootstrap_. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_bootstrap_.

Related tasks: “Creating the GCD ” A directory service that has Full Control access to the Content Platform Engine domain object. Creating the GCD : A directory service that has Full Control access to the Content Platform Engine domain object. 1. Create the following directory server : GCD Unique identifier gcd_ Description The gcd_ is able to create, modify, and delete Content Platform Engine domain resources. The gcd_ must reside in the directory service realm specified in Configuration Manager's Configure LDAP task. A GCD can grant Full Control rights to additional s and groups, thereby making them GCD s as well. Being a GCD does not automatically make you an object_store_, which is assigned on the object store's own property sheet. Log on to IBM istration Console for Content Platform Engine as gcd_ in order to: v Create the GCD by launching the Configure New Domain Permissions wizard the first time you start IBM istration Console for Content Platform Engine to establish the FileNet P8 domain. v Carry out istrative tasks for the FileNet P8 domain. Minimum required permissions Use IBM istration Console for Content Platform Engine to grant Full Control access to the Content Platform Engine domain object. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of gcd_. Planning and preparing for FileNet P8 installation

61

Creating the object store : A directory service that has Full Control access to a Content Platform Engine object store. 1. Create the following directory server : Object Store and group Unique identifier object_store_ or object_store__group Description A directory service that can ister an object store by having Full Control access to it. You can also grant Full Control to an object store to group s, thereby making all of the group object store s. Each time a gcd_ runs the Object Store Wizard, you are asked to specify the s and groups who should have istrative access to the object store. Each object store could therefore have a different set of object store s. Conversely, if you want the same groups to ister all object stores in the FileNet P8 domain, you must add them while creating each new object store using the Object Store Wizard. By default, the GCD creating the object store also becomes an object store , but you can remove it if your security design requires dedicated s for each object store and GCD. Object store istrative rights do not include the ability to add, move, or remove object stores, fixed content devices, content cache areas, or any of the other FileNet P8 domain resources. These permissions are granted only to GCD s. An object store is not also a GCD unless also specifically granted those permissions. This means that an object store who is not also a GCD would have to request that a GCD create a new domain resource like an object store. Once these objects are created by the GCD , however, the object store can populate the object store with new classes and folders, store content in the file storage area, assign markings, and so on. The list of object store s is available for viewing and modifying in the IBM istration Console for Content Platform Engine Object Store > Properties > Security property page. You can add or remove s or groups from this list at any time later on. Tip: Keeping the number of s assigned as object store s or object store s as small as possible will improve performance and simplify istration. The best way to do this is to use group s instead of large numbers of individual s. Groups can have as many as you want and can contain other groups.

62


Minimum required permissions Use IBM istration Console for Content Platform Engine to grant an object_store_ or object_store__group Full Control access to one or more object stores. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of object_store_ and object_store__group.

Creating directory service (Active Directory): A directory service that Content Platform Engine uses to connect to the directory server. 1. Create the following directory server : Directory service (bind) (Active Directory) Unique identifier e_service_ Description Provide the fully qualified distinguished name of e_service_ as the directory service bind name while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. e_service_ performs the following roles: v Acts as the bind specified by the application server to search through realms to authenticate a when the logs in to a Content Platform Engine client. v Acts as the specified in the GCD that searches s and groups to authorize access to a specific FileNet P8 object after a has been authenticated. Provide the fully qualified distinguished name of e_service_ as the LDAPBindDN while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. Available for viewing and modifying in the istration Console for Content Platform Engine Directory configuration tab. The Directory Service cannot be accessed using referrals. Minimum required permissions Use Active Directory tools to grant e_service_ at least the following minimum rights to all entries (including and group entries) in each security realm that is configured for your FileNet P8 domain: v Read access rights (specifically the Read All Properties permission) to the forest-wide configuration directory partition and the domain directory partition in each desired domain in the Active Directory forest. Because Authenticated s by default is a member of the Pre-Windows 2000 Compatible Access group which has these permissions, you will need to assign the permissions to e_service_ only if the default is modified or Authenticated s access rights are restricted. Planning and preparing for FileNet P8 installation

63

2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_service_.

Creating directory service (AD LDS): A directory service that Content Platform Engine uses to connect to the directory server. 1. Create the following directory server : Directory service (bind) (Active Directory Lightweight Directory Service) (AD LDS, formerly known as ADAM) Unique identifier e_service_ Description Provide the fully qualified distinguished name of e_service_ as the directory service bind name while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. e_service_ performs the following roles: v Acts as the bind specified by the application server to search through realms to authenticate a when the logs in to a Content Platform Engine client. v Acts as the specified in the GCD that searches s and groups to authorize access to a specific FileNet P8 object after a has been authenticated. Provide the fully qualified distinguished name of e_service_ as the LDAPBindDN while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. Available for viewing and modifying in the istration Console for Content Platform Engine Directory configuration tab. The Directory Service cannot be accessed using referrals. Minimum required permissions An AD LDS that Content Platform Engine uses to connect to a single Microsoft AD LDS partition. To configure this, perform the following steps: a. Start ADAM ADSI Edit under Start > All Programs > ADAM. b. Connect to the partition. Expand partition in left-hand pane and click the CN=Roles node.) Be sure you have selected the CN=Roles container in the partition not under the CN=Configuration.) c. In the right-hand pane right-click the CN=Readers group and select Properties. d. In the Attributes list double-click the “member” attribute. e. Click Add ADAM .

64


f. Enter the full DN of the to be designated as the service while running the Content Platform Engine installation program, and click OK. g. Click OK and click OK again. 2.


Creating directory service (Oracle Directory Server Enterprise Edition): A directory service that Content Platform Engine uses to connect to the directory server. 1. Create the following directory server : Directory service (bind) (Oracle Directory Server Enterprise Edition) Unique identifier e_service_ Description Provide the fully qualified distinguished name of e_service_ as the directory service bind name while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. e_service_ performs the following roles: v Acts as the bind specified by the application server to search through realms to authenticate a when the logs in to a Content Platform Engine client. v Acts as the specified in the GCD that searches s and groups to authorize access to a specific FileNet P8 object after a has been authenticated. Provide the fully qualified distinguished name of e_service_ as the LDAPBindDN while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. Available for viewing and modifying in the istration Console for Content Platform Engine Directory configuration tab. The Directory Service cannot be accessed using referrals. Minimum required permissions Use your directory server's tools to grant e_service_ at least the following minimum rights to all entries (including and group entries) in each security realm that is configured for your FileNet P8 domain: Read, Search, Compare. 2.


Creating directory service (Novell eDirectory): A directory service that Content Platform Engine uses to connect to the directory server. 1. Create the following directory server : Planning and preparing for FileNet P8 installation

65

Directory service (bind) (Novell® eDirectory) Unique identifier e_service_ Description Provide the fully qualified distinguished name of e_service_ as the directory service bind name while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. e_service_ performs the following roles: v Acts as the bind specified by the application server to search through realms to authenticate a when the logs in to a Content Platform Engine client. v Acts as the specified in the GCD that searches s and groups to authorize access to a specific FileNet P8 object after a has been authenticated. Provide the fully qualified distinguished name of e_service_ as the LDAPBindDN while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. Available for viewing and modifying in the istration Console for Content Platform Engine Directory configuration tab. The Directory Service cannot be accessed using referrals. Minimum required permissions Use your directory server's tools to grant e_service_ at least the following minimum rights to all entries (including and group entries) in each security realm that is configured for your FileNet P8 domain: Read and Compare. 2.


Creating directory service (IBM Tivoli Directory Server): A directory service that Content Platform Engine uses to connect to the directory server. 1. Create the following directory server : Directory service (bind) (IBM® Tivoli®) Unique identifier e_service_ Description Provide the fully qualified distinguished name of e_service_ as the directory service bind name while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. e_service_ performs the following roles:

66


v Acts as the bind specified by the application server to search through realms to authenticate a when the logs in to a Content Platform Engine client. v Acts as the specified in the GCD that searches s and groups to authorize access to a specific FileNet P8 object after a has been authenticated. Provide the fully qualified distinguished name of e_service_ as the LDAPBindDN while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. Available for viewing and modifying in the istration Console for Content Platform Engine Directory configuration tab. The Directory Service cannot be accessed using referrals. Minimum required permissions Use your directory server's tools to grant e_service_ at least the following minimum rights to all entries (including and group entries) in each security realm that is configured for your FileNet P8 domain: Read, Search, Compare. 2.


Creating directory service (Oracle Internet Directory): A directory service that Content Platform Engine uses to connect to the directory server. 1. Create the following directory server : Directory service (bind) (Oracle Internet Directory) Unique identifier e_service_ Description Provide the fully qualified distinguished name of e_service_ as the directory service bind name while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. e_service_ performs the following roles: v Acts as the bind specified by the application server to search through realms to authenticate a when the logs in to a Content Platform Engine client. v Acts as the specified in the GCD that searches s and groups to authorize access to a specific FileNet P8 object after a has been authenticated. Provide the fully qualified distinguished name of e_service_ as the LDAPBindDN while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. Available for viewing and modifying in the istration Console for Content Platform Engine Directory configuration tab. Planning and preparing for FileNet P8 installation

67

The Directory Service cannot be accessed using referrals. Minimum required permissions Use your directory server's tools to grant e_service_ at least the following minimum rights to all entries (including and group entries) in each security realm that is configured for your FileNet P8 domain: Read, Search, Compare. 2.


Creating directory service (CA Directory): A directory service that Content Platform Engine uses to connect to the directory server. 1. Create the following directory server : Directory service (bind) (CA Directory) Unique identifier e_service_ Description Provide the fully qualified distinguished name of e_service_ as the directory service bind name while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. e_service_ performs the following roles: v Acts as the bind specified by the application server to search through realms to authenticate a when the logs in to a Content Platform Engine client. v Acts as the specified in the GCD that searches s and groups to authorize access to a specific FileNet P8 object after a has been authenticated. Provide the fully qualified distinguished name of e_service_ as the LDAPBindDN while running Configuration Manager and also when you run the istration Console for Content Platform Engine Directory Configuration Wizard. Available for viewing and modifying in the istration Console for Content Platform Engine Directory configuration tab. The Directory Service cannot be accessed using referrals. Minimum required permissions Use your directory server's tools to grant e_service_ at least the following minimum rights to all entries (including and group entries) in each security realm that is configured for your FileNet P8 domain: Read, Search, Compare. 2.


Creating the workflow system : A directory server that is used by workflow to create isolated regions.

68


The variable name for this has been changed from earlier releases. It was formerly referred to as the pe_region_, but the permissions are the same. 1. Create the following : Workflow system Unique identifier workflow_system_ Description A directory server that has Full Control access rights to the FileNet P8 domain, and has also been granted rights through its hip in the workflow__group. The workflow_system_ therefore has permissions equivalent to the gcd_ but should be used only for workflow purposes. Content Platform Engine permissions can be granted by a gcd_ who uses IBM istration Console for Content Platform Engine to add the workflow_system_ to the ACL of the FileNet P8 domain and grant it Full Control. Permissions are granted by using your directory server tools to add the workflow_system_ to the workflow__group. The workflow__group permissions are configured while running IBM istration Console for Content Platform Engine. Minimum required permissions Full Control access rights on the FileNet P8 domain. hip in the workflow__group. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of workflow_system_.

Creating workflow system groups: Directory server groups whose can manage workflows. 1. Create the following directory server groups: Workflow system istration group Unique identifier workflow_system__group Description of this group are granted privileges for istering the workflow system by the istration Console for Content Platform Engine. Workflow system configuration group Unique identifier workflow_system_config_group Description of this group are granted privileges for configuring the workflow system by the istration Console for Content Platform Engine. 2. Provide these group names while configuring database connection points in istration Console for Content Platform Engine.


69

3.

Record this value in your customized Installation and Upgrade Worksheet. To find these properties, search the worksheet for instances of workflow_system__group and workflow_system_config_group.

Creating Application Engine or Workplace XT directory server s Directory server s are needed to ister Application Engine or Workplace XT. s are referred to in documentation in the following ways: v


v


If you see a reference to an that you do not understand, search the documentation for that reference. Create the following s and groups. All IBM FileNet Workplace s, as well as s for other client applications and expansion products that use Content Engine or Application Engine, must have s. “Creating the Application Engine or Workplace XT ” Creating the Application Engine or Workplace XT : 1. Create the following directory server : Application Engine or Workplace XT Unique identifier ae__ or wpxt__ Description This serves in the role of Application Engine or Workplace XT . You will specify this as a member of the Application Engine or Workplace XT role when you set bootstrap preferences. The must have a . 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of ae__ or wpxt__.

Database installation tasks The database must prepare the databases that are required for FileNet P8, which includes gathering information about data sources, creating databases and database s. Review all rows that are assigned to the database (DBA) in the Installation and Upgrade Worksheet. While you complete the following preparation tasks, provide values for the rows that are appropriate to your installation. (Your organization might have different roles, and some of the responsibilities of listed roles vary from the roles that are assigned by default in this documentation.)

70


Tip: With the Data > Filter > AutoFilter command enabled, as it is by default in the worksheet file (p8_worksheet.xls), complete the following actions to quickly see only the properties assigned to a particular Role: v Click the AutoFilter drop-down arrow in the Role column header and select DBA. v Further filter the result set by clicking the AutoFilter drop-down arrow in any of the other columns and selecting a value or clear a filter by selecting (All). As an alternative, you can use the Customize Worksheet filtering macro, which is in the Instruction tab on the Installation and Upgrade Worksheet. If you are installing in a non-English environment, review the information and procedures in Appendix A, “Preparing non-English environments for installing FileNet P8,” on page 163 before you begin your preparation tasks. If you are installing Content Platform Engine in a highly available environment, it is important that you follow the high availability steps within the Content Platform Engine installation tasks. If Content Platform Engine is not available due to a system failure, the other components are affected as well. If you plan to tune the performance of your databases, review the information in Tuning FileNet P8 databases before you begin. “Creating Content Platform Engine database s” Use your database tools to create new or designate existing database s for Content Platform Engine. “Preparing Microsoft SQL Server” on page 75 Plan the SQL Server installation and configuration, install the software, and configure database components for FileNet P8 components after reviewing the requirements. “Preparing Oracle server” on page 81 Plan the Oracle installation and configuration, install the software, and configure database components for FileNet P8 components after reviewing the requirements. “Preparing DB2 for z/OS servers” on page 87 Plan the DB2 for z/OS installation and configuration, install the software, and configure database components. “Preparing the DB2 for Linux, UNIX and Windows server” on page 89 Plan and prepare your IBM DB2 for Linux, UNIX and Windows server for FileNet P8 installation.

Creating Content Platform Engine database s Use your database tools to create new or designate existing database s for Content Platform Engine. s are referred to in documentation in the following ways: v


v



71

If you see a reference to an that you do not understand, search the documentation for that reference. Create the following s and groups. After the IT creates operating system s and groups for DB2 databases, you must grant database permissions to those s. “Creating a Content Platform Engine database for DB2 for Linux, UNIX and Windows” An operating system on the database server that Content Platform Engine uses to access DB2 for Linux, UNIX and Windows databases containing the GCD and object stores. “Creating a database for DB2 for z/OS” on page 73 A database that Content Platform Engine uses to access DB2 for z/OS. This is initially created as an operating system . “Creating a Content Platform Engine database for Oracle” on page 74 A database that Content Platform Engine uses to connect to Oracle databases containing the GCD and object stores. “Creating a Content Platform Engine database for SQL Server” on page 75 A database that Content Platform Engine uses to connect to SQL Server databases containing the GCD and object stores. Creating a Content Platform Engine database for DB2 for Linux, UNIX and Windows: An operating system on the database server that Content Platform Engine uses to access DB2 for Linux, UNIX and Windows databases containing the GCD and object stores. 1. Create the following database after the database instance has been created: : The name length is restricted to no more than eight characters. Content Platform Engine database (DB2 for Linux, UNIX and Windows) Unique identifier e_db_ Description The IT (ITA) creates this operating system , after which the database (DBA) grants it additional database permissions. Separate s can be used for each object store, but are not required. Do not create databases with the RESTRICTIVE option. Minimum required permissions Use your database tools to grant the following database permissions to this :

| | | |

v GRANT CONNECT ON DATABASE TO e_db_

|

v GRANT CREATETAB ON DATABASE TO e_db_

|

v GRANT USE OF TABLESPACE Tablespace TO e_db_

| |

v GRANT USE OF TABLESPACE TemporaryTablespace TO e_db_

|

v GRANT SELECT on SYSIBM.SYSVERSIONS TO e_db_

|

v GRANT SELECT on SYSCAT.DATATYPES TO e_db_

72


| |

v GRANT SELECT on SYSCAT.INDEXES TO e_db_ v GRANT SELECT on SYSIBM.SYSDUMMY1 TO e_db_

| | |

v GRANT USAGE on workload SYSDEFAULTWORKLOAD TO e_db_ v GRANT IMPLICIT_SCHEMA on DATABASE TO e_db_

| |

For added security in a shared database environment, you can remove the Connect privilege from the Public group.

| |

Grant the following permissions if you want to use dedicated table spaces for Data, Index, and LOB.

| |

v GRANT USE OF TABLESPACE DataTablespace TO e_db_

| |

v GRANT USE OF TABLESPACE IndexTablespace TO e_db_

| |

v GRANT USE OF TABLESPACE LOBTablespace TO e_db_

| |

v GRANT USE OF TABLESPACE TemporaryTablespace TO e_db_ 2.


Creating a database for DB2 for z/OS: A database that Content Platform Engine uses to access DB2 for z/OS. This is initially created as an operating system . 1. Make sure you have already created the operating system edb for DB2 for z/OS. This procedure grants database permissions to that operating system . 2. Use your database tools to grant the following permissions to the already-created edb: Content Platform Engine database (DB2 for z/OS) Unique identifier edb Description The edb must have DB authority of the DB2 instance that will be used by the workflow system software. DB2 for z/OS does not allow underscores in names. In a farmed or cluster configuration, each workflow system must be configured to use the same database name. Minimum required permissions Grant the following database permissions to this : v GRANT DB ON DATABASE e_databasename TO edb v GRANT USE OF STOGROUP storagegroupname TO edb v GRANT USE OF BUFFERPOOL buffer_pool_name TO edb v GRANT EXECUTE ON PACKAGE NULLID.* TO edb v GRANT SELECT ON SYSIBM.SYSINDEXES TO edb Planning and preparing for FileNet P8 installation

73

v GRANT SELECT ON SYSIBM.SYSDUMMY1 TO edb v GRANT SELECT ON SYSIBM.SYSSEQUENCES TO edb v GRANT SELECT ON SYSIBM.SYSTABLES TO edb v GRANT SELECT ON SYSIBM.SYSVIEWS TO edb v GRANT SELECT ON SYSIBM.SYSDATABASE TO edb v (Required if you want to use data source sharing) GRANT CREATEIN, ALTERIN, DROPIN ON SCHEMA * TO edb 3.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of edb.

Creating a Content Platform Engine database for Oracle: A database that Content Platform Engine uses to connect to Oracle databases containing the GCD and object stores. 1. Create the following database after creating the database instance: Content Platform Engine database (Oracle) Unique identifier e_db_ Description The owner that Content Platform Engine uses to access Oracle. Use one for the object store and one for the GCD. In order to share database connections in Oracle, you must grant additional privileges to e_db_ . See the topic Sharing database connections in Oracle. Minimum required permissions Grant each e_db_ at least the following permissions: v CREATE SESSION v CREATE TABLE v CREATE VIEW v CREATE SEQUENCE v Alter set QUOTA UNLIMITED on all table spaces used by db v SELECT on pending_trans$ v SELECT on dba_2pc_pending v SELECT on dba_pending_transactions v SELECT on DUAL v SELECT on product_component_version v SELECT on _INDEXES v EXECUTE on dbms_xa 2.

74



Creating a Content Platform Engine database for SQL Server: A database that Content Platform Engine uses to connect to SQL Server databases containing the GCD and object stores. 1. Create the following database after the SQL Server instance is created: Content Platform Engine database (SQL Server) Unique identifier e_db_ Description The database s that Content Platform Engine uses to access SQL Server. You can use the same for the GCD and object store databases. Or you can use one (for example, e_db_1 ) for the GCD database and one for the object stores (for example, e_db_2 . e_db_ must be a SQL Server . It does not have to be an in the configured directory service. Minimum required permissions Use your database tools to grant each e_db_ at least the following database access permissions: v db_datawriter v db_datareader v db_ddl v public Add these s to SQL Server's master database and grant the public role to each. When you perform the procedure described in the section on Configuring the JDBC distributed transaction components, these s will also be granted the SqlJDBCXA role. 2.


Preparing Microsoft SQL Server Plan the SQL Server installation and configuration, install the software, and configure database components for FileNet P8 components after reviewing the requirements. “Microsoft SQL Server database planning” Determine whether Microsoft SQL Server database components are dedicated to individual FileNet P8 components or shared components after you review the requirements “ing that Microsoft SQL Server is ready for FileNet P8” on page 76 To prepare your databases before installing FileNet P8, you must install the SQL Server software and configure the database components for your installation. Microsoft SQL Server database planning: Determine whether Microsoft SQL Server database components are dedicated to individual FileNet P8 components or shared components after you review the requirements


75

In a shared configuration, multiple FileNet P8 components can store their data in a single database. Most components allow for data to be collocated. However, it is recommended to keep some in dedicated databases: v The global configuration database: it is recommended not share this database. v Object stores and their workflow system data, which is part of a single application family can be collocated given the factors that are listed in the following paragraph. v Rendition Engine data v IBM Content Navigator configuration data: sharing the IBM Content Navigator database with the global configuration database is not ed. When you decide about whether to share a database for multiple components, consider the following factors: v Database backup/recovery requirements allow for the data in a single database to be backed up and recovered together. v Database security allows for collocation of data. v Sharing of a database might allow for more efficient usage of database resources like database connections. Important: READ_COMMITTED_SNAPSHOT is required for the database where the Content Platform Engine schema is installed. To enable READ_COMMITTED_SNAPSHOT for the object store, see the instructions in Creating a Microsoft SQL Server database for an object store.

| | | |

The file groups in the database can optionally be shared. For SQL Server database requirements for Rendition Engine, see the IBM FileNet Rendition Engine Installation and Upgrade Guide. ing that Microsoft SQL Server is ready for FileNet P8: To prepare your databases before installing FileNet P8, you must install the SQL Server software and configure the database components for your installation. “Installing and configuring Microsoft SQL Server” Install and configure SQL Server software and create one or more instances. “Creating a Microsoft SQL Server database for the Content Platform Engine GCD” on page 77 Create a database for the Content Platform Engine global configuration database (GCD) on Microsoft SQL Server. “Creating a Microsoft SQL Server database for an object store” on page 78 Create a Microsoft SQL Server database for an object store. “Enabling XA transactions” on page 80 Configure the Windows server to enable XA transactions. “Reducing deadlock errors in Microsoft SQL Server” on page 81 High Microsoft SQL Server concurrency causes transaction deadlock errors because writers block access, by readers, to database resources. You can reduce the likelihood of deadlock by setting the READ_COMMITTED_SNAPSHOT ON option for your database. Installing and configuring Microsoft SQL Server: Install and configure SQL Server software and create one or more instances.

76


Create and configure one or more database instances for use by FileNet P8 components based on these requirements. 1. Create one or more instances for use by FileNet P8 software or that such instances exist. 2. If you create an instance, indicate an appropriate name based on which databases will use the instance. 3. that the authentication mode is Mixed Mode. 4. Select the database collation settings: Choose one of the following from the collation options: v Dictionary order, case-insensitive, for use with 1252 Character Set (or any case-insensitive SQL Server collation). Case-insensitive collation is the Microsoft default and the setting most used in FileNet P8 environments (because it offers search results without regard to character case). v Dictionary order, case sensitive, for use with 1252 Character Set (or any case-sensitive SQL Server collation). Select case-sensitive SQL Server collation only if your site requires (and will continue to require) searches that must differentiate uppercase from lowercase characters. If you plan to use the Content Platform Engine with CFS/IS, you must configure case sensitive. The FileNet Image Services database is configured as case sensitive and the Content Platform Engine database must match. Important: Select your SQL Server collation setting carefully. If you want to switch from case-sensitive to case-insensitive collation after significant activity, switching collation settings after installation can be difficult and time-consuming. If you have a case-sensitive database and you want to perform a case-insensitive search (programmatically or otherwise), you might encounter serious performance degradation on SQL Server because the database cannot use column, or property, indexes in these cases. 5. See IBM FileNet P8 system requirements for required operating system and database patch sets and service packs. that the required service pack is installed before proceeding. 6. Record the values for the database server name and database port number in your customized Installation and Upgrade Worksheet.

To find these properties, set the Autofilter for Column E Installation or Configuration Program for CM: Configure Object Store JDBC Data Sources (object store 1) or CM: Configure GCD JDBC Data Sources. Then set the Autofilter for Column D ISV Component Vendor to SQL Server. If your customized worksheet shows more than one object store, create and provide values for all of them. Creating a Microsoft SQL Server database for the Content Platform Engine GCD: Create a database for the Content Platform Engine global configuration database (GCD) on Microsoft SQL Server. Do not share the database that is used for the GCD with object stores or IBM Content Navigator configuration data. 1. Create the database with a minimum size of 100 MB. In Microsoft SQL Server, the PRIMARY file group holds the database system objects. Create an extra file group and designate it as the default file group to hold the FileNet P8 tables.


77

Record the values for the Database name, the Database port number, and the file group name in your customized Installation and Upgrade Worksheet. To find these properties, set the Autofilter for Column E Installation or Configuration Program for CM: Configure GCD JDBC Data Sources. Then, set the Autofilter for Column D ISV Component Vendor to SQL Server. 2. READ_COMMITTED_SNAPSHOT must be enabled for the GCD. Run the following command: ALTER DATABASE mydbname SET READ_COMMITTED_SNAPSHOT ON

Important: The who runs the command must be the only who is connected to the database when this command is run. For more information, see the Microsoft SQL Server documentation that was provided with your database.

| | | |

Creating a Microsoft SQL Server database for an object store: Create a Microsoft SQL Server database for an object store. If you want to add a workflow system to an object store that does not already have one, the workflow system can use the file groups that are used by the object store. Alternatively, you can create new file groups for the workflow system, according to the rules on file group names and minimum sizes that are documented here.

| | | | |

1. Use your Database tools to create a database for an object store. In Microsoft SQL Server, the PRIMARY file group holds the database system objects. Create an extra file group and designate it as the default file group to hold the FileNet P8 tables. Table 13. File group names and minimum sizes File group Name

Minimum Size (MB)

Description

data

400

The default name of the data file group that is used byContent Platform Engine.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, use the Autofilter down arrow in Column F, Property or Parameter (in interface), to select Data tablespace name.

78


Table 13. File group names and minimum sizes (continued) File group Name

Minimum Size (MB)

Description

index (optional)

300

The default name of the optional default index file group that is used by Content Platform Engine. If you do not create an index file group, the data file group is used for indexes.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, use the Autofilter down arrow in Column F, Property or Parameter (in interface), to select Index tablespace name. lob (optional)

300

The default name of the optional default LOB file group that is used by Content Platform Engine. If you do not create a LOB file group, the data file group is used for LOB data.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, use the Autofilter down arrow in Column F, Property or Parameter (in interface), to select LOB tablespace name. temp

160

The default temporary file group, which is required for Content Platform Engine use.

2. READ_COMMITTED_SNAPSHOT must be enabled for the object store database. Run the following command: ALTER DATABASE mydbname SET READ_COMMITTED_SNAPSHOT ON

Important: The who runs the command must be the only who is connected to the database when this command is run. For more information, see the Microsoft SQL Server documentation that was provided with your database.

| | | | 3.

Record the values for the database name, the database port number, and the file group names in your customized Installation and Upgrade Worksheet. To Planning and preparing for FileNet P8 installation

79

find these properties, set the Autofilter for Column E Installation or Configuration Program for CM: Configure Object Store JDBC Data Sources (object store 1). Then, set the Autofilter for Column DISV Component Vendor to SQL Server. If your customized worksheet shows more than one object store, create and provide values for all of them. Enabling XA transactions: Configure the Windows server to enable XA transactions. Perform these steps on every Microsoft SQL Server that will contain a Content Platform Engine database. 1. the Microsoft SQL Server JDBC Driver that is referenced in IBM FileNet P8 system requirements for Content Platform Engine SQL Server databases. Tip: Installation procedures for JDBC settings can vary by release. See the Microsoft website for full details. 2. Copy the sqljdbc_xa.dll from the JDBC installation directory to the binn folder of the instance, although a pre-2.0 version of the driver also functions correctly from the tools\binn folder. For the 32-bit version of Microsoft SQL Server , use the sqljdbc_xa.dll file in the x86 folder. For the 64-bit version of Microsoft SQL Server, use the sqljdbc_xa.dll file in the x64 folder. 3. Log on as the sa or as a with equivalent permissions and execute the database script xa_install.sql on the master database on every SQL Server instance that will participate in distributed transactions. Important: Use SQL Server database credentials, not Windows credentials, to log on. Windows Integrated Logon to SQL Server is not ed with IBM FileNet P8. This script installs sqljdbc_xa.dll as an extended stored procedure and creates the SqlJDBCXA role in the Master database. 4. Add each database (e_db_) that Content Platform Engine uses to access SQL Server to the SqlJDBCXA role. This action grants permissions to those s to participate in distributed transactions with the JDBC driver. 5. From Control , open istrative Tools, and then open Component Services. 6. Expand Component Services, right-click My Computer, and then select Properties. 7. Expand Distributed Transaction Coordinator and right-click Local DTC. 8. Click the MSDTC tab, and then click Security Configuration. 9. Select the Enable XA Transactions check box, and then click OK to restart the Microsoft DTC service. 10. Click OK again to close the Properties dialog box, and then close Component Services. 11. Stop and then restart the Microsoft SQL Server.

80


Reducing deadlock errors in Microsoft SQL Server: High Microsoft SQL Server concurrency causes transaction deadlock errors because writers block access, by readers, to database resources. You can reduce the likelihood of deadlock by setting the READ_COMMITTED_SNAPSHOT ON option for your database. To reduce deadlock errors in a Microsoft SQL Server database: 1. Shut down all the servers and clients that can connect to your database (dbName), and make sure that there are no other connections to Microsoft SQL Server. 2. Connect to Microsoft SQL Server and issue the following SQL command to determine whether snapshot isolation is enabled for dbName: SELECT name, is_read_committed_snapshot_on FROM sys.databases where name=’dbName’

If snapshot isolation is enabled for dbName, skip the remainder of this procedure. 3. Issue the following command to enable snapshot isolation for dbName: ALTER DATABASE dbName SET READ_COMMITTED_SNAPSHOT ON

4. Restart Microsoft SQL Server and issue the following SQL command to confirm that the Snapshot Isolation setting is in effect for dbName: SELECT name, is_read_committed_snapshot_on FROM sys.databases where name=’dbName’

Preparing Oracle server Plan the Oracle installation and configuration, install the software, and configure database components for FileNet P8 components after reviewing the requirements. “Oracle database planning” Determine whether Oracle database components will be dedicated to individual FileNet P8 components or shared and review other Oracle database requirements. “ing that Oracle server is installed for FileNet P8” on page 82 To prepare your database before installing FileNet P8, you must install the Oracle software and configure the database components for your installation. Oracle database planning: Determine whether Oracle database components will be dedicated to individual FileNet P8 components or shared and review other Oracle database requirements. In a shared configuration, multiple FileNet P8 components can store their data in a single database. Most components allow for data to be collocated. However, the best practice is to keep some in dedicated table spaces: v The global configuration database: it is best practice to not share this table space. v Object stores and their workflow system data although those part of a single application family can be collocated given the factors listed below. If you configure object stores in separate databases, you have more flexibility and control with security access, backup scheduling and execution, updates, and scheduled outages. v Rendition Engine data


81

v IBM Content Navigator configuration data: Using the same table space for the IBM Content Navigator configuration data and the global configuration database (GCD) is not ed. When you make the decision about whether to share a database for multiple components, consider the following factors: v Database backup/recovery requirements should allow for the data that resides in a single database to be backed up and recovered together. v Database security should allow for collocation of data. v Sharing of a database might allow for more efficient usage of database resources like database connections. For an Oracle database to be used by Rendition Engine, see the IBM FileNet Rendition Engine Installation and Upgrade Guide. Make sure the machine hosting the database satisfies all preinstallation requirements specified in the Oracle installation documentation. Refer toIBM FileNet P8 system requirements for required operating system and database patch sets, and service packs. The Oracle patches are available at the Oracle website. The Oracle patch installation procedure might be less complicated if you do it before you create any databases. Content Platform Engine s the Oracle Advanced Security functionality of secure data transfer across network protocol boundaries. Plan to use locally managed table spaces. For performance reasons, IBM recommends that you create locally managed, rather than dictionary managed, table spaces. (The table spaces you create via Oracle Database assistant (dbca) are locally managed by default.) There are no requirements to install Oracle client software on the Content Platform Engine if the database is remote. ing that Oracle server is installed for FileNet P8: To prepare your database before installing FileNet P8, you must install the Oracle software and configure the database components for your installation. “Installing an Oracle database engine and creating databases” on page 83 Install the Oracle software and configure the database server. Create one or more databases, depending on whether one or more FileNet P8 components will share the database. “Creating an Oracle table space for the Content Platform Engine GCD” on page 84 Create a table space for the Content Platform Engine global configuration database on Oracle. “Creating Oracle table spaces for a Content Platform Engine object store” on page 84 Create Oracle table spaces for a Content Platform Engine object store. “Configuring automatic transaction recovery” on page 86 In a distributed database environment, Oracle MTS Recovery Service (automatically installed with Oracle Services for Microsoft Transaction Server) can resolve in-doubt transactions on the computer that started the failed transaction.

82


Installing an Oracle database engine and creating databases: Install the Oracle software and configure the database server. Create one or more databases, depending on whether one or more FileNet P8 components will share the database. The following procedure shows the minimal choices (specific to the needs of Content Platform Engine) for installing a database engine. Consult Oracle installation documentation for complete preinstallation requirements and instructions. To install an Oracle database engine: 1. Choose the following from the list of available product components: v Oracle Server v Oracle Net Services – Oracle Net Listener v Oracle Development Kit – Oracle Call Interface (OCI) v Oracle Documentation (recommended) 2. Transaction Processing (also known as OLTP) is the required configuration type. 3. Start the listener and the Oracle database service/processes if they have not started automatically. 4. Create one or more databases, depending on whether one or more FileNet P8 components will share the database. FileNet P8 requires the following settings for Oracle databases: Database configuration type Transaction Processing (also known as OLTP) is the required configuration type. Server process type Dedicated Server Mode Database character set Set the regular character set to AL32UTF8. It is not required to set the national character set (NLS_NCHAR_CHARACTERSET) to a specific value. You can take the default. Collating sequence for ORDER BY queries Set the collating sequence for ORDER BY queries (NLS_SORT) to BINARY. Collation behavior of the database session Set the collation behavior of the database session (NLS_COMP) to BINARY.

Record the values for the Database server name, Database name, and the Database port number in your customized Installation and Upgrade Worksheet. To find these properties, set the Autofilter for Column E Installation or Configuration Program for CM: Configure GCD JDBC Data Sources. Then set the Autofilter for Column D ISV Component Vendor to Oracle. In addition, set the Database server name, Database name, and the Database port number for the CM: Configure Object Store JDBC Data Sources. Planning and preparing for FileNet P8 installation

83

Creating an Oracle table space for the Content Platform Engine GCD: Create a table space for the Content Platform Engine global configuration database on Oracle. At least two Oracle table spaces must be created for the Content Platform Engine. One table space is needed for the global configuration database and one for a single object store . Do not share the database for the GCD with the object store database or with the IBM Content Navigator. 1. Create a (e_db_), , and default table space in the Oracle database for the global configuration database (GCD). See Creating Content Platform Engine database s for information about the and required permissions. 2. Table space names must contain only alphanumeric and underscore characters. Names must start with an alphabetic character and must be at most 30 characters long. For performance reasons, specify locally managed, instead of dictionary managed, table spaces. (The table spaces you create with Oracle Enterprise Manager are locally managed by default.) The following table shows the recommended minimum sizes of the permanent and temporary table spaces for the GCD. (The table space names shown in the table are arbitrary.) Table 14. Recommended table sizes for the GCD table spaces Table space Name

Table space Type

Minimum Size

Description

gcd

Permanent

100 MB

Permanent table space for the GCD

tempgcd

Temporary

2 GB

Temporary table space for the GCD

3.

Record the values for the Database name, the Database , and the table space names in your customized Installation and Upgrade Worksheet. To find these properties, set the Autofilter for Column E Installation or Configuration Program for CM: Configure GCD JDBC Data Sources. Then set the Autofilter for Column D ISV Component Vendor to “Oracle”. Creating Oracle table spaces for a Content Platform Engine object store: Create Oracle table spaces for a Content Platform Engine object store. Use your database tools to create table spaces for an object store. Do not share the database for the GCD with the object store database . If you want to add a workflow system to an object store that does not already have one, the workflow system can use the table spaces that are used by the object store. Alternatively, you can create new table spaces for the workflow system, according to the rules on table space types and minimum sizes that are documented here.

| | | | |

1. Create a (e_db_), , and default table space in the Oracle database for an object store that Content Platform Engine will access. See Creating Content Platform Engine database s for information about the and required permissions.

84


2. Create the required and any optional table spaces for a Content Platform Engine object store. Note that the index and LOB table spaces are optional. Table space names used by Content Platform Engine must contain only alphanumeric and underscore characters. Names must start with an alphabetic character and must be at most 30 characters long. For performance reasons, specify locally managed, instead of dictionary managed, table spaces. (The table spaces you create via Oracle Enterprise Manager are locally managed by default.) The following table shows the recommended table space names, types, and minimum sizes: Table 15. Recommended table space names, types, and minimum sizes Table space Name

Table space Type

Minimum Size (MB)

Description

data_ts

Permanent

400

This is the default name of the data table space used by Content Platform Engine.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, use the Autofilter drop-down arrow in Column F, Property or Parameter (in interface), to select Data table space name. index_ts (optional)

Permanent

300

This is the default name of the optional default index table space used by Content Platform Engine. If you do not create an index table space, the data table space will be used for indexes.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, use the Autofilter drop-down arrow in Column F, Property or Parameter (in interface), to select Index table space name.


85

Table 15. Recommended table space names, types, and minimum sizes (continued) Table space Name

Table space Type

Minimum Size (MB)

Description

lob_ts (optional)

Permanent

300

This is the default name of the optional default LOB table space used by Content Platform Engine. If you do not create a LOB table space, the data table space will be used for LOB data.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, use the Autofilter drop-down arrow in Column F, Property or Parameter (in interface), to select LOB table space name. temp_ts

Temporary

2 GB

This is the default temporary table space, required for Content Platform Engine use.

3.

Record the values for the Database name, the Database , and the table space names in your customized Installation and Upgrade Worksheet. To find these properties, set the Autofilter for Column E Installation or Configuration Program for CM: Configure Object Store JDBC Data Sources (object store 1). Then set the Autofilter for Column D ISV Component Vendor to “Oracle ”. If your customized worksheet shows more than one object store, create and provide values for all of them. Configuring automatic transaction recovery: In a distributed database environment, Oracle MTS Recovery Service (automatically installed with Oracle Services for Microsoft Transaction Server) can resolve in-doubt transactions on the computer that started the failed transaction. v Enable automatic transaction recovery by performing the tasks shown in the section on Scheduling Automatic Microsoft Transaction Server Recovery in the Oracle Services for Microsoft Transaction Server Developer's Guide (Oracle Part Number A95496-01).

86


v If you are using an Oracle Fail Safe configuration, perform the procedure shown in the section on Modifying Registry Values for Oracle Fail Safe Configurations in the Oracle Services for Microsoft Transaction Server Developer's Guide (Oracle Part Number A95496-01).

Preparing DB2 for z/OS servers Plan the DB2 for z/OS installation and configuration, install the software, and configure database components.

DB2 for z/OS planning considerations In a shared configuration, multiple FileNet P8 components can store their data in a single database. Most components allow for data to be collocated. However, the best practice is to keep some in dedicated databases: v The global configuration database (GCD): it is best practice to not share this database. v Object stores and their workflow system data although those part of a single application family can be collocated given the factors listed below. If you configure object stores in separate databases, you have more flexibility and control with security access, backup scheduling and execution, updates, and scheduled outages. v IBM Content Navigator configuration data: sharing the IBM Content Navigator database with the global configuration database is not ed. When you make the decision about whether to share a database for multiple components, consider the following factors: v Database backup/recovery requirements should allow for the data that resides in a single database to be backed up and recovered together. v Database security should allow for collocation of data. v Sharing of a database might allow for more efficient usage of database resources like database connections. v Because schema names have global visibility within a DB2 for z/OS server, make sure to use a separate schema name for every object store that is created on your server. This is necessary even when the schemas reside in different databases within a shared DB2 for z/OS server. The database must be remote. The DB2 for z/OS database must be remote from Content Platform Engine. Use System Managed Storage (SMS). Configure system managed storage for Content Platform Engine databases. Use UTF-8 collation Use UTF-8 collation settings by configuring CCSID UNICODE. Add SDSNLOD2 into the LNKLST. The SDSNLOD2 library must be added into the LNKLST. Use T/IP as the default protocol. Set T/IP as the default network protocol. Determine the maximum size of the content elements your s store. Determine the maximum size of the content elements your s store. The size affects setting up database storage areas or file storage areas. When you create an object store, a database storage area is provided by default, allowing you to store content as database BLOBs. You can also create one or more file storage areas to store content on local or remote file systems. If Planning and preparing for FileNet P8 installation

87

your s store large individual documents or other content elements, use only file storage areas. Otherwise, s can encounter memory-related errors when retrieving or indexing the large content. Important: Controlled tests with limited concurrency exhibited errors when run with files that were 300 MB or larger. Factors affecting this file-size limitation include driver and application server memory demands, other activity such as concurrent retrieval or indexing of large content, and JVM memory allocations. Set CACHE DYNAMIC SQL for Content Platform Engine The CACHEDYN subsystem parameter on the DSNTIP8 controls whether prepared, dynamic SQL statements are to be cached. Content Platform Engine requires that this parameter be set to YES for proper metadata authoring to occur. Set performance and optimization parameters for Content Platform Engine Set both of the following parameters, also on the DSNTIP8 , to YES: SKIP UNCOMMITTED INSERTS (SKIPUNCI) and EVALUATE UNCOMMITTED (EVALUNC). Features not ed. In this regard: v There is no for partitioned databases or databases created with the RESTRICTIVE clause (or, from the Control Center, with Restrict access to system catalogs selected in the Create Database Wizard). v Parallelism is not ed. Set CDSSRDEF=1 to disable it. “ing that DB2 for z/OS server is installed for FileNet P8” Plan the DB2 for z/OS installation and configuration. Some rules apply to sharing of instances and databases. ing that DB2 for z/OS server is installed for FileNet P8: Plan the DB2 for z/OS installation and configuration. Some rules apply to sharing of instances and databases. Record the values for the following settings as you work through the database installation. This information must be entered during subsequent installation and configuration of Content Platform Engine. Be aware that DB2 for z/OS allows only alphanumeric characters. v DB2 Server name. Record both the T/IP address and the fully qualified domain name. v Content Platform Engine dedicated database names v DB2 instance name v DB2 instance port numbers v IDs and s for Content Platform Engine DB2 s (operating system s who have been granted permissions on the database) “Creating and updating the DB2 for z/OS databases for Content Platform Engine” on page 89 At least two DB2 for z/OS databases are required to install Content Platform Engine. “Installing the DB2 for z/OS license and modifying the classpath for Content Platform Engine” on page 89 Install the DB2 for z/OS license file on the Content Platform Engine server and add it to the classpath.

88


Creating and updating the DB2 for z/OS databases for Content Platform Engine: At least two DB2 for z/OS databases are required to install Content Platform Engine. | | | |

If you want to add a workflow system to an object store that does not already have one, the workflow system can use the database that is used by the object store. Alternatively, you can create a new database for the workflow system, according to the rules on page size that are documented here. 1. Use your database tools to create two DB2 for z/OS databases: one for the Content Platform Engine GCD, one for a single Content Platform Engine object store. All must have 32 KB page sizes. 2.

Record the values for the Content Platform Engine GCD database in your customized Installation and Upgrade Worksheet. To find these properties, set the Autofilter for Column E Installation or Configuration Program for “CM: Configure GCD JDBC Data Sources”. Then set the Autofilter for Column D ISV Component Vendor to “DB2 for z/OS”.

3.

Record the values for the Content Platform Engine object store database in your customized Installation and Upgrade Worksheet. To find these properties, set the Autofilter for Column E Installation or Configuration Program for “CM: Configure Object Store JDBC Data Sources (object store 1)”. The Autofilter for Column D ISV Component Vendor should still be set to “DB2 for z/OS”. If it is not, then set it to that value.

Installing the DB2 for z/OS license and modifying the classpath for Content Platform Engine: Install the DB2 for z/OS license file on the Content Platform Engine server and add it to the classpath. Install the license jar in the same location as the JDBC driver jar (db2jcc_license_cisuz.jar). Install the license file and modify the environment classpath.

Preparing the DB2 for Linux, UNIX and Windows server Plan and prepare your IBM DB2 for Linux, UNIX and Windows server for FileNet P8 installation. “DB2 for Linux, UNIX and Windows database planning” Determine whether IBM DB2 for Linux, UNIX and Windows database components will be dedicated to individual FileNet P8 components or shared and review other IBM DB2 for Linux, UNIX and Windows database requirements. “ing that DB2 for Linux, UNIX and Windows is installed for FileNet P8” on page 91 To prepare your DB2 for Linux, UNIX and Windows databases before installing FileNet P8, you must install the DB2 for Linux, UNIX and Windows software and configure the database components for your installation. DB2 for Linux, UNIX and Windows database planning: Determine whether IBM DB2 for Linux, UNIX and Windows database components will be dedicated to individual FileNet P8 components or shared and review other IBM DB2 for Linux, UNIX and Windows database requirements. Planning and preparing for FileNet P8 installation

89

In a shared configuration, multiple FileNet P8 components can store their data in a single database. Most components allow for data to be collocated. However, the best practice is to keep some in dedicated databases: v The global configuration database: it is best practice to not share this database. v Object stores and their workflow system data although those part of a single application family can be collocated given the factors listed below. If you configure object stores in separate databases, you have more flexibility and control with security access, backup scheduling and execution, updates, and scheduled outages. v Rendition Engine data v IBM Content Navigator configuration data: sharing the IBM Content Navigator database with the global configuration database is not ed. When you make the decision about whether to share a database for multiple components, consider the following factors: v Database backup/recovery requirements should allow for the data that resides in a single database to be backed up and recovered together. v Database security should allow for collocation of data. v Sharing of a database might allow for more efficient usage of database resources like database connections. DB2 for Linux, UNIX and Windows version 9.7 is required for workflow system data to GB18030 character sets. IBM FileNet P8 does not partitioned DB2 databases or databases created with the RESTRICTIVE clause (or, from the Control Center, with Restrict access to system catalogs selected in the Create Database Wizard). Plan to use automatic storage for table spaces. For performance reasons, IBM recommends that you create table spaces using automatic storage, rather than database managed or system managed table spaces. Plan to use SERVER authentication. Set the DB2 codeset to UTF-8. Set the page size to 32 KB. Determine the maximum size of the content elements your s store. The size affects setting up database storage areas or file storage areas. When you create an object store, a database storage area is provided by default, allowing you to store content as database BLOBs. You can also create one or more file storage areas to store content on local or remote file systems. If your s store large individual documents or other content elements, use only file storage areas. Otherwise, s can encounter memory-related errors when retrieving or indexing the large content. Important: Controlled tests with limited concurrency exhibited errors when run with files that were 300 MB or larger. Factors affecting this file-size limitation include driver and application server memory demands, other activity such as concurrent retrieval or indexing of large content, and JVM memory allocations.

90


ing that DB2 for Linux, UNIX and Windows is installed for FileNet P8: To prepare your DB2 for Linux, UNIX and Windows databases before installing FileNet P8, you must install the DB2 for Linux, UNIX and Windows software and configure the database components for your installation. “Installing DB2 for Linux, UNIX and Windows and creating DB2 instances” Create DB2 for Linux, UNIX and Windows instances for Content Platform Engine. “Creating the DB2 database and table space for the Content Platform Engine GCD” on page 92 Create a database and table space for the Content Platform Engine global configuration database on DB2 for Linux, UNIX and Windows. “Creating the DB2 database and table spaces for a Content Platform Engine object store” on page 92 Create a database and table spaces for a Content Platform Engine object store on DB2 for Linux, UNIX and Windows. Each additional object store will require an additional table space and a unique table space . Installing DB2 for Linux, UNIX and Windows and creating DB2 instances: Create DB2 for Linux, UNIX and Windows instances for Content Platform Engine. To install DB2 for Linux, UNIX and Windows and create DB2 instances: 1. Install the IBM DB2 for Linux, UNIX and Windows software. Make note of the T/IP port number assigned to the instance or instances. The port number assigned can be found in the /etc/services file, associated with the DB2 instance(s) just created. After a successful installation, the DB2 instance should be up and running. 2. Refer to the IBM FileNet P8 system requirements for required operating-system and database patch sets, and service packs. 3. Set T/IP as the default protocol. 4. Set or the following parameter settings by entering the following command in the DB2 command-line processor: DB2 for Linux, UNIX and Windows version 9.7 db2set DB2_WORKLOAD=FILENET_CM db2set DB2_MINIMIZE_LISTPREFETCH=ON db2set DB2_OPTPROFILE=ON

DB2 for Linux, UNIX and Windows version 9.7 Fix Pack 8 or later: db2set DB2_WORKLOAD=FILENET_CM

DB2 for Linux, UNIX and Windows version 9.8 db2set DB2_WORKLOAD=FILENET_CM db2set DB2_MINIMIZE_LISTPREFETCH=ON db2set DB2_OPTPROFILE=ON

DB2 for Linux, UNIX and Windows version 10.1 db2set DB2_WORKLOAD=FILENET_CM db2set DB2_MINIMIZE_LISTPREFETCH=ON db2set DB2_OPTPROFILE=ON

DB2 for Linux, UNIX and Windows version 10.1 Fix Pack 2 or later: db2set DB2_WORKLOAD=FILENET_CM Set CUR_COMMIT=ON

|

DB2 for Linux, UNIX and Windows version 10.5 or later:


91

| |

db2set DB2_WORKLOAD=FILENET_CM Set CUR_COMMIT=ON

5. Connect to your object store databases by entering the following command: db2 connect to db_name _name using

where v db_name is the name of your object store database v _name is the ID used to access the object store database v is the for the ID used to to access the object store database Issue the following command: db2 update db cfg using cur_commit ON

6. After making these changes, stop and restart the database using db2stop and db2start.

| |

Creating the DB2 database and table space for the Content Platform Engine GCD: Create a database and table space for the Content Platform Engine global configuration database on DB2 for Linux, UNIX and Windows. v Do not share the database used for the GCD with object stores or IBM Content Navigator configuration data. v The database name needs to be unique and from 1 to 8 characters long. The table space name must be at most 18 characters long. v Drop the default [regular] table space - SPACE1 after creating the database. v Update the following configuration parameter. Set the value, minimally, to the value indicated here: APPLHEAPSZ 2560

1. Create the table space for the GCD. The following table shows the recommended minimum size for the table space for the GCD. Content Platform Engine table space

Minimum Size (MB)

Minimum Page Size (KB)

GCD_ts

256

32 (required)

Configure as LARGE type and automatic storage.

2.

Record the values for the Database name and the Database in your customized Installation and Upgrade Worksheet. To find these properties, set the Autofilter for Column E Installation or Configuration Program for CM: Configure GCD JDBC Data Sources. Then set the Autofilter for Column D ISV Component Vendor to “Oracle”. Creating the DB2 database and table spaces for a Content Platform Engine object store: Create a database and table spaces for a Content Platform Engine object store on DB2 for Linux, UNIX and Windows. Each additional object store will require an additional table space and a unique table space .

92


v Do not share the database used for the GCD with object stores or IBM Content Navigator configuration data. v The database name needs to be unique and from 1 to 8 characters long. The table space name must be at most 18 characters long. v Drop the default [regular] table space - SPACE1 after creating the database. v Update the following configuration parameter. Set the value, minimally, to the value indicated here: APPLHEAPSZ 2560

| | | | |

If you want to add a workflow system to an object store that does not already have one, the workflow system can use the table spaces that are used by the object store. Alternatively, you can create new table spaces for the workflow system, according to the rules on table space types and minimum sizes that are documented here. If you are creating a table space for a new object store on an existing system, define the new table space with the same table space type and storage method used for existing object store table spaces. The following table shows the recommended table space names, types, and minimum sizes: Table 16. Recommended table space names, types, and minimum sizes table spaces

Minimum Size (MB)


data_ts

768

32 (required)

Configure as LARGE type and automatic storage.

Description This is the default name of the data table space used by Content Platform Engine.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, use the Autofilter drop-down arrow in Column F, Property or Parameter (in interface), to select Data table space name.


93

Table 16. Recommended table space names, types, and minimum sizes (continued) table spaces

Minimum Size (MB)


index_ts

512

32 (required)

(optional) Configure as LARGE type and automatic storage.

Description This is the default name of the optional default index table space used by Content Platform Engine. If you do not create an index table space, the data table space will be used for indexes.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, use the Autofilter drop-down arrow in Column F, Property or Parameter (in interface), to select Index table space name.

94


Table 16. Recommended table space names, types, and minimum sizes (continued) table spaces

Minimum Size (MB)


lob_ts

512

32 (required)

(optional ) Configure as LARGE type and automatic storage.

Description This is the default name of the optional default LOB table space used by Content Platform Engine. If you do not create a LOB table space, the data table space will be used for LOB data.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, use the Autofilter drop-down arrow in Column F, Property or Parameter (in interface), to select LOB table space name. temporary ts

80

32 (required)

This is the default temporary table space, required for Content Platform Engine use.

system temporary ts

80

32 (required)

This is the default system temporary table space, required for Content Platform Engine use.

Application Server installation tasks The Application Server must prepare the application servers for FileNet P8, including planning deployment, creating istrative s, and configuring JDBC drivers for Content Platform Engine. Content Platform Engine, IBM FileNet Workplace XT, and Application Engine are Java EE application server-based applications. You must install these applications in a homogeneous Java EE environment in which all of your application servers and their version numbers are identical. Planning and preparing for FileNet P8 installation

95

If a application is required for your system and you have not built or customized one using the FileNet P8 API toolkits, you can install one of the following general interfaces: v Workplace XT v Application Engine / Workplace v IBM Content Navigator Even if you have your own customized application, it is a best practice to install one of these applications for testing and purposes. The applications must use Enterprise Java Bean (EJB) transport. If the application server where you are deploying Content Platform Engine is running on most 64-bit JVMs, it is a best practice to create no more than 150 object stores. However, if sufficient system and database resources are available, IBM WebSphere Application Server 7.0 or higher with the 64-bit IBM JVM and WebSphere Compressed Reference Technology s up to 500 object stores. Content Platform Engine is a resource-intensive enterprise application. Running Content Platform Engine and other Java EE applications on the same machine is possible but not a best practice. Other Java EE applications will compete with Content Platform Engine for the same U, memory, and disk I/O resources, and increase the complexity of the installation and the risk of the deployment, because configurations will not match what has been qualified by FileNet P8 Engineering. Although you might need to host Content Platform Engine and other applications on the same machine, it is preferable to host Content Platform Engine on its own machine or logical partition. If an architecture requires Content Platform Engine and a non-P8 Java EE application to be on the same machine, be sure to thoroughly test the configuration in your integration environment before deploying them into production. If you are installing in a non-English environment, review the considerations and procedures in Appendix A, “Preparing non-English environments for installing FileNet P8,” on page 163 before you begin your preparation tasks. Review all rows assigned to the Application Server (ASA) in the Installation and Upgrade Worksheet. While you complete the following preparation tasks, provide values for the rows that are appropriate to your installation. Tip: With the Data > Filter > AutoFilter command enabled, as it is by default in the worksheet file (p8_worksheet.xls), perform the following actions to quickly see only the properties that are assigned to a particular Role: v Click the AutoFilter drop-down arrow in the Role column header and select ASA. v Further filter the result set by clicking the AutoFilter drop-down arrow in any of the other columns and selecting a value or clear a filter by selecting (All). “Creating application server s” on page 97 Create new or designate existing application server s. “Configuring WebSphere for Content Platform Engine” on page 99 You must prepare IBM WebSphere Application Server before you install Content Platform Engine. You must create a WebSphere profile for the Content Platform Engine application and set the environment variables for the database connection.

96


“Configuring WebLogic Server for Content Platform Engine” on page 104 You need to configure WebLogic Server after installing it on the machine where you are going to install and deploy Content Platform Engine. “Configuring JBoss Application Server for Content Platform Engine” on page 108 JBoss Application Server requires some configurations before you install Content Platform Engine. “Configuring application servers (high availability environments)” on page 111 You must configure application servers for high availability. “Configuring WebSphere Application Server for IBM Content Navigator” on page 112 You must install WebSphere Application Server on the machine where you are going to install and deploy IBM Content Navigator. “Configuring WebLogic Server for IBM Content Navigator” on page 112 You must install WebLogic Server on the machine where you are going to install and deploy IBM Content Navigator. “Configuring WebSphere Application Server for Application Engine or Workplace XT” on page 112 You must install WebSphere Application Server on the machine where you are going to install and deploy Application Engine or Workplace XT. “Configuring WebLogic Server for Application Engine or Workplace XT” on page 113 You must install Oracle WebLogic Server on the machine where you are going to install and deploy Application Engine or Workplace XT. “Configuring JBoss Application Server for Application Engine or Workplace XT” on page 114 You must install JBoss Application Server on the machine where you are going to install and deploy Application Engine or Workplace XT. “Starting or stopping an application server instance” on page 114 You need to be able to start or stop an application server instance when working with Content Platform Engine. “Resolving the names of existing data sources” on page 114 You must create data sources for the global configuration database and your object store databases. Configuration Manager does not create a new data source with the same name as that of an existing data source. If you want to reuse a data source name, you must resolve data source naming conflicts before using Configuration Manager to configure the JDBC data sources. “Application Engine/Workplace XT in a highly available environment” on page 115 You can install and configure Application Engine/Workplace XT in a highly available FileNet P8 environment to provide access to the FileNet P8 content on the corresponding Application Engine/Workplace XT Web application. “Accessing the documentation” on page 117 The base documentation URL identifies the server where the IBM FileNet P8 documentation is located. You must decide whether you want to access the online documentation in IBM Knowledge Center or a locally installed information center.

Creating application server s Create new or designate existing application server s. s are referred to in documentation in the following ways:


97

v


v


If you see a reference to an that you do not understand, search the documentation for that reference. “Creating the application server ” An application server used while configuring Content Platform Engine. Creating the application server : An application server used while configuring Content Platform Engine. 1. Create the following application server : Application server Unique identifier appserver_ Description WebSphere Application Server In Configuration Manager, when you run the Set Properties for WebSphere Application Server task, enter the credentials of the appserver_ in the field labeled Application server name. Configuration Manager uses the appserver_ to run configuration tasks. WebSphere istrative security is enabled You have two options for creating the appserver_ . You can use the local file-based usually defined while creating the WebSphere profile. Or, you can use WebSphere tools to grant istrative rights to an LDAP and optionally remove the file-based created earlier. The appserver_ must have WebSphere permissions throughout the Content Platform Engine installation process. Afterwards, you can reduce the to a lesser role, such as Configurator. WebSphere istrative security is not enabled If you decide not to enable WebSphere istrative security during profile creation, then no special credentials are required to to the WebSphere istrative console. You can enter any string into the Configuration

98


Manager field labeled Application server name. However, that to run Content Platform Engine, WebSphere istrative security must be enabled. When you do enable it and the WebSphere istrative console requests an to use as the istrative , enter the appserver_. Oracle WebLogic Server In Configuration Manager, when you run the Set Properties for Oracle WebLogic Server task, enter the credentials of the appserver_ in the field labeled Application server name. Configuration Manager uses the appserver_ to run configuration tasks. This is defined when you create a new WebLogic domain. The WebLogic Configuration wizard requires you to enter the name and . This is created as an internal WebLogic application, file-based . (It is not an LDAP or operating system .) Use the appserver_ to to the Oracle WebLogic Server istration console. JBoss

2.

Content Platform Engine does not require a JBoss istrative .

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of appserver_.

Configuring WebSphere for Content Platform Engine You must prepare IBM WebSphere Application Server before you install Content Platform Engine. You must create a WebSphere profile for the Content Platform Engine application and set the environment variables for the database connection. Content Platform Engine is an enterprise application running on a Java application server and should be made highly available in a high availability environment. In this configuration, an istrative server manages a number of application server instances. Applications and configuration changes are implemented by using an istrative server/interface and sent to each cluster node. In this type of configuration the application server software provides the components to build and deploy the highly available enterprise application. Important: You must use Configuration Manager, rather than a manual method, to create the data sources that Content Platform Engine uses to connect to a database. A data source that you create manually (by interacting directly with an application server interface) can include, by default, many unnecessary and potentially harmful custom properties. Also, for some combinations of database type and application server type, Configuration Manager adds some special custom properties to the data source it creates, which you might fail to include if you create the data source manually. Without these added custom properties, runtime errors can occur when Content Platform Engine tries to connect to a database. 1. “Creating the WebSphere profile for Content Platform Engine” on page 100 You must create an IBM WebSphere Application Server profile for Content Platform Engine if you do not already have a profile. Planning and preparing for FileNet P8 installation

99

2. “Specifying the WebSphere environment variables” on page 101 You must specify the IBM WebSphere Application Server environment variables so that Content Platform Engine can access its databases. 3. “Setting the primary istrative name” on page 103 If you are using IBM WebSphere Application Server federated repositories for LDAP authentication, you must ensure that the name you entered for the WebSphere Application Server primary istrative name is unique across all realms. 4. “Setting host aliases for deployment on multiple servers” on page 103 If you are deploying Content Platform Engine to multiple IBM WebSphere Application Server servers on the same WebSphere node, you must define the host alias and port numbers. 5. “Setting permissions for the Configuration Manager ” on page 103 Configuration Manager must be run by an operating system that has been granted certain directory permissions. 6. “Configuring the load-balancer or proxy server” on page 104 You can configure the load-balancer or proxy server to manage requests over multiple application servers. 7. “Preparing for database failover ” on page 104 You need to compare the default parameter values for database failover and determine whether to retain them. Creating the WebSphere profile for Content Platform Engine: You must create an IBM WebSphere Application Server profile for Content Platform Engine if you do not already have a profile. To create the WebSphere profile for Content Platform Engine: 1. Run the command script at one of the following (default) locations to create a new profile. Option

Description

AIX

/usr/IBM/WebSphere/AppServer/bin/ manageprofiles.sh

HPUX, HPUXi, Linux, Linux for System z, Solaris

/opt/IBM/WebSphere/AppServer/bin/ manageprofiles.sh

Windows

C:\Program Files\IBM\WebSphere\AppServer\ bin\manageprofiles.bat

2.

Record application server values in your customized Installation and Upgrade Worksheet. To find these properties, use the Autofilter drop-down arrow in Column E, Installation or Configuration Program, to select CM: Create New Installation Profile. Then use the Autofilter drop-down arrow in Column D, ISV Component Vendor, to select “WebSphere”. 3. Grant write permission to the group e_appserver_install_group (the who runs Configuration Manager belongs to this group) on the following files in the logs directory of the WebSphere profile for Content Platform Engine: v ws.traceout v ws.valout

100


You can find these files in one of the following locations: Option

Description

AIX

/usr/IBM/WebSphere/AppServer/profiles/ profile_name/logs

HPUX, HPUXi, Linux, Linux for System z, Solaris

/opt/IBM/WebSphere/AppServer/profiles/ profile_name/logs

Windows

C:\Program Files\IBM\WebSphere\AppServer\ profiles\profile_name\logs

where profile_name is the name of the WebSphere profile (for example, AppServer01). Specifying the WebSphere environment variables: You must specify the IBM WebSphere Application Server environment variables so that Content Platform Engine can access its databases. See IBM FileNet P8 system requirements for information on the JDBC driver file for the database type that you need for the global configuration database (GCD) or for an object store or Case Analyzer store you create later. The version of the JDBC driver file must match the version of the JDK on the system where WebSphere Application Server is installed. To specify the WebSphere environment variables: 1. Install JDBC drivers on each WebSphere Application Server node where you will deploy Content Platform Engine. a. Obtain the JDBC drivers for your database type. DB2

Access the IBM website and find the version of the Redistributable DB2 JDBC Driver that matches the version of the JDK on the system where WebSphere Application Server is installed.

Microsoft SQL Server Access the Microsoft website and find the version of the SQL Server JDBC Driver that matches the version of the JDK on the system where WebSphere Application Server is installed. Oracle To obtain the JDBC driver file, browse to the web page that pertains to the Oracle Database version that you are using: v Oracle Database 11g Release 2 JDBC Drivers: http://www.oracle.com/technetwork/database/enterpriseedition/jdbc-112010-090769.html v Oracle Database 12.1.0.1 JDBC Driver & U s: http://www.oracle.com/technetwork/database/features/jdbc/ jdbc-drivers-12c--1958347.html b. Extract and copy the JDBC driver file to the following suggested location: AIX, HPUX, HPUXi, Linux, Solaris /opt/jars Do not copy the file to ...WebSphere/AppServer/lib/ext. Windows C:\jars Do not copy the file to ...WebSphere\AppServer\lib\ext.


101

2. Start the WebSphere Application Server istrative console and log on to your Content Platform Engine profile as appserver_console_, the Console and complete the following substeps to configure the Content Platform Engine nodes or cluster (if applicable). a. Navigate to Environment > WebSphere Variables. b. Select Cell scope from the All scopes list. c. Set the value of the variable to the JDBC driver path that you specified when you installed the JDBC drivers on the IBM WebSphere Application Server machine. (If the variable does not exist, create it and then set its value.) d. Select Node scope from the All scopes list. In a cluster configuration, select Node scope for all the nodes in the Content Platform Engine cluster. e. In the table of substitution variables, click the item name in the Name column that corresponds to the JDBC environment variable for your database type in the Database environment variables table below. Table 17. Database environment variables Database

JDBC Environment Variable

SQL Server

MICROSOFT_JDBC_DRIVER_PATH

Oracle

ORACLE_JDBC_DRIVER_PATH

DB2

(JDBC 4.0) DB2_JCC_DRIVER_PATH

f. Set the value of the name_JDBC_DRIVER_PATH item to the JDBC driver path you specified (/opt/jars or C:\jars). g. Optional: Select Server scope from the All scopes list. This step is not required unless you defined the JDBC_DRIVER_PATH variable at the server scope level. h. In the table of substitution variables, click the item name in the Name column that corresponds to the JDBC environment variable for your database type in the Database environment variables table. i. Set the value of the name_JDBC_DRIVER_PATH item to the JDBC driver path you specified (/opt/jars or C:\jars). j. Save your changes to the master configuration. 3. Navigate to Servers > Application servers > server1 > Java and Process Management > Process Definition > Java Virtual Machine, and set the initial and maximum heap sizes, where server1 is the name of the server where you will deploy Content Platform Engine. a. Set the values for the initial and maximum heap sizes: Table 18. Values for initial and maximum heap size Parameter

Value (in MB)

Initial Heap Size

At least 512

Maximum Heap Size

1024 or a size consistent with available RAM on the machine where WebSphere Application Server is installed

b. Set the following JVM parameters: v -D.language=en v -D.region=US v -D.country=US

102


c. Save your changes to the master configuration. 4. Optional: Increase the maximum transaction timeout to prevent istrative processes from failing: a. Navigate to the screen containing the Maximum transaction timeout parameter: v Click Servers > Server Types > WebSphere application servers > server1 > [Container Settings] Container Services > Transaction Service. b. Click the Configuration tab, and set the Maximum transaction timeout parameter value to at least 600 (seconds), and increase the Total transaction lifetime timeout as well. Important: If the timeout value is not large enough, some istrative processes (such as adding an expansion product) might fail. c. Click Apply and then click Save. 5. Repeat this procedure as needed for any object store that uses a different database type. Setting the primary istrative name: If you are using IBM WebSphere Application Server federated repositories for LDAP authentication, you must ensure that the name you entered for the WebSphere Application Server primary istrative name is unique across all realms. Setting host aliases for deployment on multiple servers: If you are deploying Content Platform Engine to multiple IBM WebSphere Application Server servers on the same WebSphere node, you must define the host alias and port numbers. To set the host alias: 1. to the WebSphere istrative console. 2. Navigate to Environment > Virtual Hosts > default host > Host Aliases. 3. If you are using SSL, add an alias for the SSL port number, such as port 9081. 4. Add an alias for the non-SSL port number, such as port 9444. 5. Click Apply. Setting permissions for the Configuration Manager : Configuration Manager must be run by an operating system that has been granted certain directory permissions. 1. Set permissions for the Configuration Manager (config_mgr_) on the WebSphere Application Server profile directory and all its subdirectories where Content Platform Engine will be deployed: Option

Description

AIX, HPUX, HPUXi, Linux, Solaris

Read, write, and execute permissions

Windows

Read & Execute, and Write permission

2. Set write permission for the Configuration Manager on the WebSphere lib directory, for example /opt/IBM/WebSphere/AppServer/lib.


103

Configuring the load-balancer or proxy server: You can configure the load-balancer or proxy server to manage requests over multiple application servers. Load-balancers and proxy-servers are typically used to direct s to different instances throughout a highly available application server configuration. When one server goes down the system automatically redirects the to another running server instance. If you use a load-balancer or proxy server in this configuration you must use the virtual name when performing installation steps that require a server name for a Content Platform Engine server, with the exception of IBM istration Console for Content Platform Engine and other istrative applications. Session affinity is required for Application Engine and Workplace XT only. Preparing for database failover : You need to compare the default parameter values for database failover and determine whether to retain them. If you enable it to do so, Configuration Manager automatically assigns default values to the database failover parameter values when it runs the tasks to configure JDBC data sources for the global configuration database and object stores. The following table shows the default values that Configuration Manager assigns to the database failover parameters. Table 19. Retries for new connections Parameter

Value

Number of retries for new connections

100

Retry interval for new connections

3 seconds

Retry interval for existing connections

0 seconds

To determine whether to let Configuration Manager set these values, you need to compare these default values with the values that are optimized for your database cluster. If you enableConfiguration Manager to assign default values, you can still change them before you deploy Content Platform Engine.

Configuring WebLogic Server for Content Platform Engine You need to configure WebLogic Server after installing it on the machine where you are going to install and deploy Content Platform Engine. Before you install and deploy Content Platform Engine on a WebLogic Server machine, you must create a WebLogic Server domain and install JDBC drivers. (The drivers must be installed on the WebLogic Server machine whether your database is collocated or not). Content Platform Engine is an enterprise application running on a Java application server and can be configured in a high availability environment. In this configuration, an istrative server manages a number of application server instances. Applications and configuration changes are implemented by using an

104


istrative server/interface and sent to each cluster node. In this type of configuration, the application server software provides the components to build and deploy the highly available enterprise application. Important: You must use Configuration Manager, rather than a manual method, to create the data sources that Content Platform Engine uses to connect to a database. A data source that you create manually (by interacting directly with an application server interface) can include, by default, many unnecessary and potentially harmful custom properties. Also, for some combinations of database type and application server type, Configuration Manager adds some special custom properties to the data source it creates, which you might fail to include if you create the data source manually. Without these added custom properties, runtime errors can occur when Content Platform Engine tries to connect to a database. To configure WebLogic Server: 1. Use the WebLogic Configuration wizard to create a WebLogic Server domain for Content Platform Engine. In the following steps, use the domain name FNCEDomain. Keep in mind the following as you configure the domain: a. Set the server start mode to Production mode. b. Select the appropriate Java Development Kit (JDK) for your environment, as specified in the IBM FileNet P8 system requirements at IBM FileNet P8 system requirements at . 2. Use the WebLogic istration Console to configure the following settings: a. Optional: Create a WebLogic Server authentication provider. You can use the Content Platform Engine Configuration Manager tool to create a WebLogic Server authentication provider later on, or you can create the provider now by using the WebLogic Console. Important: In some situations (for example, if you have a single-sign-on provider, such as Netegrity SiteMinder), Configuration Manager cannot configure a WebLogic authentication provider. b. For performance reasons set the parameters that control searches within the authentication provider, as shown in the following table: Table 20. Authentication provider search parameters Parameter

Value

Description

Group hip Searching unlimited

Group searches are unlimited in depth

Max Group hip Search Level

Only direct group are found

0

If you encounter performance problems, change the Group hip Searching parameter value to limited. c. If you do not use Configuration Manager to configure your LDAP settings, set the Control Flag value. Set the Control Flag to REQUIRED to allow logons to FNCEDomain by LDAP-authenticated s in the Default Authenticator who are not in the active security realm of FNCEDomain. The Configuration Manager tool sets this flag when you run the Configure LDAP task. d. If you are using multiple authentication providers in an Active Directory environment of multi-forest domains, reorder (as needed) the list of providers so that the most frequently used provider is first in the list, and


105

the least frequently used is last. Reordering is necessary to prevent logon failures when FileNet P8 Workplace is being accessed by many s simultaneously. e. Specify the following heap sizes for the JVM: Initial Java heap size (-Xms): 512 MB Maximum Java heap size (-Xmx): 1024 MB f. Set the following JVM parameters: v -D.language=en v -D.region=US v -D.country=US 3. See IBM FileNet P8 system requirements at IBM FileNet P8 system requirements at for information about the JDBC driver file for the database type that you need for the GCD or for an object store that you create later. 4. Depending on your database, use one of the following procedures to install the JDBC drivers. DB2 a. Obtain the latest version of the Redistributable DB2 JDBC Driver from the IBM web site that matches the version of the JDK on your WebLogic Server machine. b. Add the db2jcc.jar and db2jcc_license_cu.jar files to the WebLogic Server classpath. by editing the file startWebLogic.cmd or startWebLogic.sh for the WebLogic Server domain you created. For example: set CLASSPATH=%CLASSPATH%;c:\db2\jdbc\db2jcc.jar;c:\db2\ jdbc\db2jcc_license_cu.jar

Microsoft SQL Server a. and unzip the version of SQL Server JDBC Driver from Microsoft that matches the version of the JDK on your WebLogic Server machine. Place the JDBC driver file in a directory jdbc_path on your application server machine, such as: AIX, HPUX, HPUXi, Linux, Solaris /opt/jars Windows C:\jars b. Perform the following step, depending on your operating system type. AIX, HPUX, HPUXi, Linux, Solaris Edit the file startWebLogic.sh by inserting the following two lines immediately after the first occurrence of the line CLASSPATH=... JDBC_PATH="jdbc_path/sqljdbc20/enu/sqljdbc4.jar" CLASSPATH="$JDBC_PATH:$CLASSPATH"

Windows Edit the file startWebLogic.cmd (by default, in the directory C:\WL_HOME\_projects\domains\bin\FNCEDomain ) for

106


the WebLogic domain you created. Insert the following two lines immediately after the first occurrence of the line CLASSPATH=... set JDBC_PATH=jdbc_path\sqljdbc_1.0\enu\sqljdbc.jar set CLASSPATH=%JDBC_PATH%;%CLASSPATH%

Oracle a. Check to see if the Oracle JDBC Driver file is already on your WebLogic machine by searching for ojdbc##.jar in the wls_install_path/server/lib directory, where wls_install_path is the WebLogic Server installation path. b. If no Oracle JDBC Driver file is present, the file (the one that matches the version of the JDK on your WebLogic Server machine) from the Oracle JDBC Driver s web site to a directory on the WebLogic machine. Restriction: If you intend to install add-ons (extensions to IBM FileNet P8 core components), and your Content Platform Engine database is Oracle, your Oracle JDBC Driver file requirements might be more restrictive. For the required version and patch number, see the IBM FileNet P8 system requirements. c. From the Oracle web site, apply the patch Oracle Patch Ojdbc##.jar. d. For the WebLogic Server domain that you created, apply the following changes: Windows In the file startWebLogic.cmd, insert the following two lines immediately after the first set CLASSPATH line: set JDBC_PATH=jdbc_path\ojdbc##.jar set CLASSPATH=%JDBC_PATH%;%CLASSPATH%

AIX, HPUX, HPUXi, Linux, Solaris In the file startWebLogic.sh, insert the following two lines immediately after the first CLASSPATH line: JDBC_PATH="jdbc_path/ojdbc##.jar" CLASSPATH="$JDBC_PATH:$CLASSPATH"

5. If your application server uses the IBM JVM, edit the JAVA_OPTIONS variable to improve performance. AIX

(WebLogic version 9.2 with IBM Java 5 SR2 JDK only) Add the following line to the setDomainEnv.sh file file. Do not type any line breaks. JAVA_OPTIONS="$JAVA_OPTIONS -Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0"

HPUX, HPUXi, Linux, Solaris Immediately before the SAVE_JAVA_OPTIONS=$JAVA_OPTIONS line in the startWebLogic.sh file, insert the following line. Do not type any line breaks. JAVA_OPTIONS="$JAVA_OPTIONS -Dprogram.name=$PROGNAME -Dfilenet.pe.peorb.pool.min=2 -Dfilenet.pe.peorb.pool.max=5"

Windows Immediately before the set SAVE_JAVA_OPTIONS=%JAVA_OPTIONS% line in the startWebLogic.cmd file, insert this line. Do not type any line breaks. set JAVA_OPTIONS=%JAVA_OPTIONS% -Dprogram.name=%PROGNAME% -Dfilenet.pe.peorb.pool.min=2 -Dfilenet.pe.peorb.pool.max=5 Planning and preparing for FileNet P8 installation

107

6. Stop and then start WebLogic Server. 7. Give the Configuration Manager , config_mgr_, the following permissions: a. Read, write, and execute permission on the domain directory ../s_projects/domains/your_domain. b. Read and execute permission on the ../common/bin directory. 8.

Record application server values in your customized Installation and Upgrade Worksheet. To find these properties, use the Autofilter drop-down arrow in Column E, Installation or Configuration Program, to select CM: Create New Installation Profile. Then, use the Autofilter drop-down arrow in Column D, ISV Component Vendor, to select WebLogic.

Configuring JBoss Application Server for Content Platform Engine JBoss Application Server requires some configurations before you install Content Platform Engine. Ensure that JBoss Application Server is installed on the machine where you intend to deploy Content Platform Engine. Note: JBoss Application Server clusters do not use a separate istrative server, and configuration changes are implemented on each cluster node separately in a highly available environment. Important: You must use Configuration Manager, rather than a manual method, to create the data sources that Content Platform Engine uses to connect to a database. A data source that you create manually (by interacting directly with an application server interface) can include, by default, many unnecessary and potentially harmful custom properties. Also, for some combinations of database type and application server type, Configuration Manager adds some special custom properties to the data source it creates, which you might fail to include if you create the data source manually. Without these added custom properties, runtime errors can occur when Content Platform Engine tries to connect to a database. “Configuring JBoss Application Server for Content Platform Engine” JBoss Application Server requires some configurations before you install Content Platform Engine. “Strengthening Content Platform Engine server security under JBoss Application Server” on page 111 In FileNet P8 environments the Content Platform Engine server assumes that a 's short name ed to it by means of an IIOP request from Application Engine, Workplace XT, or an associated custom application has been properly authenticated and can be trusted. “Configuring JBoss Application Server clusters” on page 111 JBoss Application Server servers can be grouped together into a cluster for performance or to provide high availability. This guide provides only minimal instructions for setting up a JBoss Application Server cluster. Configuring JBoss Application Server for Content Platform Engine: JBoss Application Server requires some configurations before you install Content Platform Engine.

108


Ensure that JBoss Application Server is installed on the machine where you intend to deploy Content Platform Engine. Note: JBoss Application Server clusters do not use a separate istrative server, and configuration changes are implemented on each cluster node separately in a highly available environment. Important: You must use Configuration Manager, rather than a manual method, to create the data sources that Content Platform Engine uses to connect to a database. A data source that you create manually (by interacting directly with an application server interface) can include, by default, many unnecessary and potentially harmful custom properties. Also, for some combinations of database type and application server type, Configuration Manager adds some special custom properties to the data source it creates, which you might fail to include if you create the data source manually. Without these added custom properties, runtime errors can occur when Content Platform Engine tries to connect to a database. To configure JBoss Application Server for Content Platform Engine: 1. Navigate to the configuration file set directory. Option

Description

Standard deployment

jboss_install_dir/server

Cluster deployment (required for high availability)

jboss_install_dir/all

2. Create a new configuration file set by copying the configuration file set to a new directory. For JBoss Application Server 5.0.0 and higher, the configuration file set is the standard subdirectory. For JBoss Application Server versions less than 5.0.0, the configuration file set is the default directory. Option

Description

Standard deployment

Copy the configuration file set to a new directory within the /server directory. For example, copy the files to jboss_install_dir/server/server1.

Cluster deployment

Copy the configuration file set to a new directory within the /all directory. For example, copy the files to jboss_install_dir/all/server1.

jboss_install_dir is the directory where JBoss is installed. 3.

Record application server values in your customized Installation and Upgrade Worksheet. To find these properties, use the Autofilter drop-down arrow in Column E, Installation or Configuration Program, to select CM: Create New Installation Profile. Then use the Autofilter drop-down arrow in Column D, ISV Component Vendor, to select JBoss. 4. In the jboss_install_dir/bin directory, edit the configuration file run.conf (AIX, HPUX, and Linux), run.bat (Windows and JBoss 5.0), or run.conf.bat (Windows and JBoss 5.1):


109

a. Add a line to specify the path to the JAVA Development Kit (JDK) on the machine where JBoss Application Server is installed, as shown in the following example: JAVA_HOME="path_to_Java_JDK"

b. In the JAVA_OPTS line, change the -Xms and -Xmx values from -Xms128m -Xmx512m to -Xms512m -Xmx1024m. c. Set the following JVM parameters: v -D.language=en v -D.region=US v -D.country=US d. Save your edits. 5. Refer to theIBM FileNet P8 system requirements for information on the JDBC driver file for the database type that you need for the GCD or for an object store you will be creating later. 6. Install JDBC drivers on the JBoss Application Server machine, as follows: a. Obtain the JDBC drivers, depending on your database type. DB2

Find the latest version of the Redistributable DB2 JDBC Driver 4.0 driver from the IBM website by searching for JDBC 4.0.

Microsoft SQL Server Find the version of Microsoft JDBC Driver at Microsoft that matches the version of the JDK on the JBoss Application Server machine. Oracle Access the Oracle JDBC Driver s website and find the JDBC driver file that matches the version of the JDK on the JBoss Application Server machine. b. Place the file JDBC driver file in the CLASSPATH. Standard deployment Copy the JDBC driver file to the jboss_install_dir/server/ server1/lib directory. Cluster deployment Copy the JDBC driver file to the jboss_install_dir/all/server1/ lib directory. 7. If you are deploying multiple instances of Content Platform Engine on the same server, do the following for each additional instance: a. Copy the configuration file set that you just created and modified from the jboss_install_dir/server/server1 directory to a new directory. Use a separate directory for each instance. For example, copy the jboss_install_dir/server/server1 directory to jboss_install_dir/server/ server2 and jboss_install_dir/server/server3. b. Assign unique port numbers to each instance. Refer to your JBoss Application Server documentation for details. 8. If it is not already running, start the web application server as follows, and leave the command window open:

110

Option

Description

AIX, HPUX, Linux, Solaris, and JBoss 5.0 and 5.1

./run.sh -c server1 -b 0.0.0.0

Windows and JBoss 5.0

run.bat -c server1 -b 0.0.0.0

Windows and JBoss 5.1

run.conf.bat -c server -b 0.0.0.0


Strengthening Content Platform Engine server security under JBoss Application Server: In FileNet P8 environments the Content Platform Engine server assumes that a 's short name ed to it by means of an IIOP request from Application Engine, Workplace XT, or an associated custom application has been properly authenticated and can be trusted. WebSphere Application Server and Oracle WebLogic Suite have mechanisms such as Lightweight Third-Party Authentication (LTPA) keys to secure IIOP communications, which establishes this sort of trust relationship between Java Virtual Machines (JVMs). However, because JBoss Application Server has no such feature to prevent unauthenticated access, a security risk is exposed between the Content Platform Engine JVM and the calling application's JVM. To mitigate the risk of ing unauthenticated short names to Content Platform Engine server under JBoss Application Server, place a firewall on the Content Platform Engine server to allow only trusted JVMs associated with Application Engine, Workplace XT, or custom applications to connect to the Content Platform Engine JVM IIOP port. Configuring JBoss Application Server clusters: JBoss Application Server servers can be grouped together into a cluster for performance or to provide high availability. This guide provides only minimal instructions for setting up a JBoss Application Server cluster. Because JBoss Application Server clusters do not have an istrative server, you will choose a single JBoss Application Server on which to install and configure the first instance of Content Platform Engine, then copy the necessary files to the rest of the nodes in the cluster. In a highly available JBoss cluster environment Application Engine and Content Platform Engine must reside in separate JBoss clusters. Unless given a unique name, all JBoss nodes will be part of the cluster "Default." | | |

To effectively run load balancing tasks, all instances of the Content Platform Engine must reside in a single JBoss cluster. EJB load balancing cannot span multiple JBoss clusters. For each Application Engine node, uniquely name the cluster something other than default. Update the JBoss startup file on both Application Engine cluster nodes from: JBOSSSH=${JBOSSSH:-"$JBOSS_HOME/bin/run.sh -c $JBOSS_CONF -b $JBOSS_HOST"}

to JBOSSSH=${JBOSSSH:-"$JBOSS_HOME/bin/run.sh -c $JBOSS_CONF -b $JBOSS_HOST"} -Djboss.partition.name=JBossP8AE

Configuring application servers (high availability environments) You must configure application servers for high availability. Configure the application server on each node with the following modification: Planning and preparing for FileNet P8 installation

111

v WebSphere Application Server: Follow the instructions for configuring WebSphere Application Server for Content Platform Engine, but set the JDBC parameters for the nodes by using the istrative console, not the individual servers. v WebLogic Server: Follow the instructions Guide for configuring WebLogic Server for Content Platform Engine. v JBoss Application Server: Follow the instructions for configuring JBoss Application Server for Content Platform Engine, but use JBOSS_DIST/all as the base configuration file set instead of JBOSS_DIST/server. | | | |

Configuring WebSphere Application Server for IBM Content Navigator

| |

Review the information that is provided in Planning for your web application server to prepare for the IBM WebSphere Application Server configuration.

| | |

For instructions on configuring WebSphere Application Server for IBM Content Navigator, see the topics in Preparing WebSphere Application Server for IBM Content Navigator components.

| | |

Configuring WebLogic Server for IBM Content Navigator

| |

Review the information that is provided in Planning for your web application server to prepare for the Oracle WebLogic Server configuration.

| | |

For instructions on configuring WebLogic Server for IBM Content Navigator, see the topics in Preparing Oracle WebLogic Server for IBM Content Navigator components.

You must install WebSphere Application Server on the machine where you are going to install and deploy IBM Content Navigator.

You must install WebLogic Server on the machine where you are going to install and deploy IBM Content Navigator.

Configuring WebSphere Application Server for Application Engine or Workplace XT You must install WebSphere Application Server on the machine where you are going to install and deploy Application Engine or Workplace XT. Application Engine or Workplace XT can be collocated with Content Platform Engine as long as the server is appropriately sized. However, each instance of the Application Engine or Workplace XT and each instance of the Content Platform Engine must run in its own JVM. For assistance in sizing your system, access the IBM FileNet P8 Platform site. To configure WebSphere Application Server: 1. that the application server is set to use JSESSIONID as the default cookie name. To avoid forcing end s to individually to applets such as Process Designer, Search Designer, and Process Simulator, configure the application server to use JSESSIONID as cookie name, and not use application-unique cookie names. Using JSESSIONID is typically the default setting for the ed application servers. Both Application Engine and Workplace XT use cookie names to session information between Application Engine or Workplace XT and the client browser.

112


2. Determine the Initial and Maximum Heap Size. Refer to your application server vendor's recommendation for Initial and Maximum heap size values. You will use this information when you configure WebSphere Application Server after you install Application Engine or Workplace XT. 3. When WebSphere is running as a service and a UNC path is specified in web.xml for configuration, , and directories, the that is specified to run the WebSphere service must have permissions to the share of the UNC path.

Configuring WebLogic Server for Application Engine or Workplace XT You must install Oracle WebLogic Server on the machine where you are going to install and deploy Application Engine or Workplace XT. Application Engine or Workplace XT can be collocated with Content Platform Engine as long as the server is appropriately sized. However, each instance of Application Engine or Workplace XT and each instance of the Content Platform Engine must run in its own JVM. For assistance in sizing your system, access the IBM FileNet P8 Platform site. To configure WebLogic Server: 1. that the application server is set to use JSESSIONID as the default cookie name. To avoid forcing end s to individually to applets such as Process Designer, Search Designer, and Process Simulator, configure the application server to use JSESSIONID as cookie name, and not use application-unique cookie names. Using JSESSIONID is typically the default setting for the ed application servers. Both Application Engine and Workplace XT use cookie names for ing session information between Application Engine or Workplace XT and the client browser. 2. Create a WebLogic Server domain before installing and deploying Application Engine or Workplace XT. Refer to your WebLogic Server documentation for detailed instructions. Important: You will perform further configuration on Workplace XT after you perform the installation. 3. Enable trust between the Content Platform Engine WebLogic domain and the Application Engine or Workplace XT WebLogic domain. If you have already configured a trust on the Content Platform Engine, perform these steps only on the Application Engine or Workplace XT server. a. Prepare the WebLogic istration Console for editing. b. In the advanced security settings for your domain, enter the same for both the Content Platform Engine domain and the Application Engine or Workplace XT domain. c. Save and activate your changes. d. Restart the server if needed. e. Repeat this procedure in each domain for which you want to enable trust. Important: If you are enabling this feature in a managed server environment, you must stop the istration server and all the Managed Servers in both domains and then restart them. If this step is not performed, servers that were not rebooted will not trust the servers that were rebooted. Refer to your WebLogic Server documentation for more information.


113

Configuring JBoss Application Server for Application Engine or Workplace XT You must install JBoss Application Server on the machine where you are going to install and deploy Application Engine or Workplace XT. Application Engine and Workplace XT can be collocated with Content Platform Engine as long as the server is appropriately sized. However, each instance of Application Engine or Workplace XT and each instance of the Content Platform Engine must run in its own JVM. For assistance in sizing your system, access the FileNet P8 site. To configure JBoss Application Server: 1. In a high availability clustered server environment, that the Content Platform Engine and Application Engine/Workplace XT clusters have different names. See “Configuring JBoss Application Server clusters” on page 111 2. that the application server is set to use JSESSIONID as the default cookie name. To avoid forcing end s to individually to applets such as Process Designer, Search Designer, and Process Simulator, configure the application server to use JSESSIONID as cookie name, and not use application-unique cookie names. Using JSESSIONID is typically the default setting for the ed application servers. Both Application Engine and Workplace XT use cookie names for ing session information between Application Engine or Workplace XT and the client browser. Important: You will perform further configuration on JBoss Application Server after you perform the installation.

Starting or stopping an application server instance You need to be able to start or stop an application server instance when working with Content Platform Engine. To start or stop an application server instance: Depending on your application server type, run one of the following commands to start or stop an application server instance: Table 21. How to start or stop an application server instance Command to start an application server instance

Command to stop an application server instance

WebSphere Application Server

startServer

stopServer

JBoss Application Server

run

stop

Oracle WebLogic Server

startWebLogic

stopWebLogic

Application server type

In a high availability environment, when instructed to start or stop an application server instance, start or stop the nodes unless otherwise specified.

Resolving the names of existing data sources You must create data sources for the global configuration database and your object store databases. Configuration Manager does not create a new data source with the same name as that of an existing data source. If you want to reuse a data source name, you must resolve data source naming conflicts before using Configuration Manager to configure the JDBC data sources.

114


Complete this procedure only if you already created data source names by using your application server istration tools, and you want to use Configuration Manager to create data sources with the same names. To resolve the names of existing data sources: 1. Use your application server istration tools to determine if the data source names that you selected already exist. 2. If you have a duplicate data source name that you want to use, manually delete the existing data source from your application server. See your application server documentation for more information.

Application Engine/Workplace XT in a highly available environment You can install and configure Application Engine/Workplace XT in a highly available FileNet P8 environment to provide access to the FileNet P8 content on the corresponding Application Engine/Workplace XT Web application. Complete these additional Application Server planning and preparation tasks for Application Engine/Workplace XT in a highly available environment. “Configuring the application server for Application Engine/Workplace XT in a highly available environment” You can create clusters of ed application servers. “Configuring load-balancer or proxy server” on page 116 Before installing and configuring Application Engine or Workplace XT in a highly available environment, that your load balancer or proxy server has been set up correctly. “Planning for Workplace/Workplace XT shared settings” on page 116 You can store Workplace/Workplace XT settings in a shared configuration directory for high availability environments. This directory can reside on a shared device as needed. Configuring the application server for Application Engine/Workplace XT in a highly available environment: You can create clusters of ed application servers. Application Engine/Workplace XT is an enterprise application running on a Java application server and should be made highly available by using either of the following configurations: Application Server clusters v (WebSphere, WebLogic) Managed Application Server Clusters An istrative server manages a number of application server instances. Applications and configuration changes are implemented by using an istrative server/interface and sent to each cluster node. In this type of configuration the application server software provides the components to build and deploy the highly available enterprise application. v (JBoss) Application Server Clusters JBoss application server clusters do not use a separate istrative server, and configuration changes are implemented on each cluster node separately.


115

Farm of independent Application Server instances. A number of separate server instances run independently behind a load-balancer or proxy device. No central istration server is used. You must install and deploy on each farm node. Configuring load-balancer or proxy server: Before installing and configuring Application Engine or Workplace XT in a highly available environment, that your load balancer or proxy server has been set up correctly. v A load balancing or proxy device will typically direct s to different instances throughout the group of highly available servers. When one server goes down a is automatically directed to an already running instance. v The load-balancing device can be a hardware or software implementation of a proxy or load-balancer. See the application server software's hardware and software requirements to determine the ed load-balancing or proxy device ed for you configuration. v Application Engine and Workplace XT do not directory security when using IIS as a proxy in front of WebSphere Application Server. Identify the Base URL for the load balancer or proxy server When installing any components that request the URL of a deployed Workplace or Workplace XT instance in a highly available configuration, you must use the URL that directs s to your load-balancing or proxy device. Tip: Do not specifying a single Application Engine/Workplace XT server. This will introduce a single point of failure in the environment. If you are using load-balancer or proxy device in your configuration you must use the load-balancer or proxy device to log on to Workplace or Workplace XT for the first time. Doing this ensures that the Base URL setting, which must be set to the load-balancer or proxy URL, is correctly set. If the application is deployed to a farm of application servers, and a load-balancer is configured for this farm, then a URL could be: Application Engine: http://loadbalancer URL:loadbalancer port/Workplace Workplace XT: http://loadbalancer URL:loadbalancer port/WorkplaceXT Use this URL when completing the installation steps. Planning for Workplace/Workplace XT shared settings: You can store Workplace/Workplace XT settings in a shared configuration directory for high availability environments. This directory can reside on a shared device as needed. v If you deploy your Workplace/Workplace XT Web application as a Windows service on WebSphere, do not use mapped drives to reference shared configuration folders. Instead, use a UNC share. Note that UNC shares cannot be Windows istrative shares such as \\host\c$. v If the share is mountable the mount must be online when Workplace/Workplace XT is started and accessed. v If the shared configuration directory is not accessible an error page is returned when a tries to access the Workplace/Workplace XT page. v Aside from the shared configuration directory no other Application Engine/Workplace XT software has to reside on shared storage.

116


v Overwriting of configuration files on subsequent installations. – If you are performing an installation by using a shared configuration directory be aware that all installations of Application Engine/Workplace XT will replace any files that exist in the shared configuration directory. – If an installation has been completed and settings such as the bootstrap information have already been set then any subsequent installations by using the same shared configuration directory will result in the files being overwritten, losing any settings that have been made. To preserve the settings in the shared configuration directory you should back up the files in the shared configuration directory and restore them when you have completed the installation. : This is not an issue for configurations where all Application Engine/Workplace XT installations are performed at the same time, but for cases where the installer must be run again (to add a node to the configuration for example).

Accessing the documentation The base documentation URL identifies the server where the IBM FileNet P8 documentation is located. You must decide whether you want to access the online documentation in IBM Knowledge Center or a locally installed information center. The simplest way to access documentation is by using the IBM FileNet P8 online documentation at http://www.ibm.com//knowledgecenter/SSNW2F_5.2.1. However, if this is not possible, for example because your application is in an environment where internet access is not available, you can install documentation on a local application server and deploy the help as a web application. The following table compares the options. Table 22. Comparing IBM Knowledge Center online documentation and the local information center Online documentation

Local information center

Requires internet access

Yes

No

Requires local application server

No

Yes

s mixed versions of IBM FileNet P8 components

No

Yes

Is customizable

No

Yes

If you install the information center locally, you can use an application server that is uniquely dedicated for that purpose, or you can use one that is prepared for Content Platform Engine, Application Engine, or Workplace XT. To determine the value for the base documentation URL for your documentation: 1. Determine the base documentation URL as follows, depending on which documentation option you have chosen to use: Option

Description

Online documentation in IBM Knowledge Center

http://www.ibm.com// knowledgecenter/SSNW2F_5.2.1/


117

Option

Description

Locally installed information center

http://server-name:port/applicationname/topic/ server-name The name of the server where the IBM FileNet P8 local information center will be installed. port The optional port number. application-name The name of the deployed IBM FileNet P8 documentation application. The application name is typically p8docs. For a server-name of myserver, a port of 8080, and an application-name of p8docs, the base documentation URL is http://myserver:8080/p8docs/topic/.

2.

Record the base documentation URL in your customized Installation and Upgrade Worksheet for each instance of that property for each component that requires it. To find this property, search the worksheet for instances of Documentation server URL or Documentation URL in Column F, Property or Parameter (in interface).

118

Option

Description

Workplace XT

Append com.ibm.p8.xt..doc/ to the initial portion of the base documentation URL. For example, the base documentation URL for Workplace XT would be http://www.ibm.com// knowledgecenter/SSNW2F_5.2.1/ com.ibm.p8.xt..doc/.

Workplace

Append com.ibm.p8.doc/ to the initial portion of the base documentation URL. For example, the base documentation URL for Workplace would be http://www.ibm.com/ /knowledgecenter/SSNW2F_5.2.1/ com.ibm.p8.doc/.

All other components

Enter only the initial portion of the base documentation URL, for example, http://www.ibm.com// knowledgecenter/SSNW2F_5.2.1/.


Planning and preparing for FileNet P8 prepare to upgrade your FileNet P8 installation, you must review the upgrade planning information to determine what kind of upgrade you will carry out. You must also complete the prerequisite tasks assigned to the various Roles. “Planning the upgrade” Carefully review the information provided to plan your FileNet P8 system upgrade. “Performing the required upgrade preparation tasks” on page 130 To efficiently carry out the required upgrade preparation tasks, assign a member of your staff to carry out the tasks assigned to each role.

Planning the upgrade Carefully review the information provided to plan your FileNet P8 system upgrade. In version 5.2, the Content Engine, Process Engine, and Case Analyzer were combined and now run as a single deployed application. This is the Content Platform Engine. This content and workflow management software runs on every application server instance where it is deployed. It is recommended that you your IBM representative to review capacity planning and load balancing before you upgrade. All data in the existing global configuration database, object stores, and workflow system are automatically upgraded when you deploy the upgraded Content Platform Engine EAR file. “Upgrade scenarios” Upgrade planning depends on the details of your existing installation. The starting version and platform choices all influence the upgrade path of your existing components. “Upgrade planning considerations” on page 124 Review all upgrade planning information related to requirements for upgrading an FileNet P8 system and expansion products, as well as other vendor products associated with the FileNet P8. “Definition of upgrade roles” on page 127 Your organization may have different roles, and some of the responsibilities of listed roles will vary from those assigned by default. “Using the installation and upgrade worksheet” on page 128 The Installation and Upgrade Worksheet is a Microsoft Excel spreadsheet (p8_worksheet.xls). The worksheet describes the properties and parameters required to complete FileNet P8 installation, upgrade, and configuration programs, and provides a way to record the values you assign to these properties and parameters.

Upgrade scenarios Upgrade planning depends on the details of your existing installation. The starting version and platform choices all influence the upgrade path of your existing components.

© Copyright IBM Corp. 2001, 2016

119

Starting with version 5.2, Content Engine, Process Engine, and Case Analyzer are combined into the Content Platform Engine. The Content Platform Engine server is installed from a single installation program, and configured and deployed as a single application server instance. Table 23. Versions of components that can be upgraded.

Component

Versions of components that can be upgraded to FileNet P8 5.2.1


5.2.0

Content Engine

4.5.1, 5.0.0, or 5.1.0

Process Engine

4.5.1, 5.0.0, or 5.1.0

Application Engine

Application Engine software is not being updated in the 5.2.1 FileNet P8 software release. (For upgrades from 5.2.0): The only requirement is to update Content Platform Engine client files on all Application Engine servers. (For upgrades from 4.5.1, 5.0.0, 5.1.0) Follow the appropriate version of the Application Engine upgrade instructions.

Workplace XT

Workplace XT software is not being updated in the 5.2.1 FileNet P8 software release. (For upgrades from 5.2.0): The only requirement is to update Content Platform Engine client files on all Workplace XT servers. (For upgrades from 4.5.1, 5.0.0, 5.1.0) Follow Workplace XT upgrade instructions. See Installing the latest Content Engine Client files on Workplace XT servers.

IBM Content Navigator

IBM Content Navigator software is not being updated in the 5.2.1 FileNet P8 software release. The only requirement is to update Content Platform Engine client files on all IBM Content Navigator servers.

120

IBM Content Search Services

5.0, 5.1, or 5.2

IBM Legacy Content Search Engine

If you are running IBM Legacy Content Search Engine and you want your system to retain the ability to do content-based searches after the upgrade of the system is complete, you cannot upgrade directly from version 4.5.1 to version 5.2.1 software. You must first upgrade FileNet P8 to version 5.1 and complete the migration from IBM Legacy Content Search Engine to IBM Content Search Services. You can then upgrade from version 5.1 to 5.2.1.


Important: If the system you are upgrading is running WebSphere Application Server version 6.1, you must do an upgrade with a migration. The new application server instance must be deployed on at least version 7 of WebSphere Application Server. (For upgrades from versions 4.5.1, 5.0.0 and 5.1.0) Content Engine, Process Engine, and the following associated components must be upgraded together: v Application Engine and depending on which version of Application Engine you are upgrading from, the upgrade could be only the installation of a fix pack. v IBM FileNet Workplace XT v IBM Content Search Services v Rendition Engine v IBM FileNet Content Federation Services v Case Analyzer and IBM FileNet Process Simulator can be upgraded at the same time if you need full access to all case and simulation data after the upgrade. However, you could upgrade these components later, such as the following weekend. All backlogged data will be processed after those upgrades are complete. See the Case Analyzer and IBM FileNet Process Simulator documentation for information on upgrading those components. (For upgrades from versions 5.2.0) Content Platform Engine and the following associated components must be upgraded together: v Application Engine client files v IBM FileNet Workplace XT client files v IBM Content Navigator client files v IBM Content Search Services v Rendition Engine v IBM FileNet Content Federation Services v Case Analyzer and IBM FileNet Process Simulator can be upgraded at the same time if you need full access to all case and simulation data after the upgrade. However, you could upgrade these components later, such as the following weekend. All backlogged data will be processed after those upgrades are complete. See the Case Analyzer and IBM FileNet Process Simulator documentation for information on upgrading those components. See the FileNet P8 Fix Pack Compatibility Matrices for a list of product-component versions from which you can start an upgrade. . “Upgrade on an existing server instance” You can complete an upgrade on an existing server instance. “Upgrade with migration to a new server instance” on page 122 An upgrade can be accomplished while also migrating from one server instance to another. The new server instance could be on new hardware, or could be on existing hardware. Making such a change is often part of the motivation for doing the upgrade and it is important to have a well-understood process.

Upgrade on an existing server instance You can complete an upgrade on an existing server instance. (For upgrades from 5.2.0) This upgrade scenario assumes you are upgrading Content Platform Engine on the application server where it is currently deployed and making configuration changes to that deployment.

Planning and preparing for FileNet P8 upgrade

121

(For upgrades from 4.5.1, 5.0.0, or 5.1.0) This upgrade scenario assumes you are upgrading Content Engine on the application server where it is currently deployed and making configuration changes to that deployment to include Process Engine information. A server that was formerly a Process Engine server could also be used to install Content Platform Engine and Case Analyzer. This requires an installation of the same application server software that is installed on the other Content Platform Engine servers. Handle the configuration of this server like an upgrade with migration to a new server instance. Then add the new server as another node in the Content Platform Engine application server cluster.

| | | | | |

Upgrade with migration to a new server instance An upgrade can be accomplished while also migrating from one server instance to another. The new server instance could be on new hardware, or could be on existing hardware. Making such a change is often part of the motivation for doing the upgrade and it is important to have a well-understood process. “Migration upgrade overview and roap” The goal of an upgrade that involves a migration to a new server instance is to minimize the unavailability of the production system. Migration upgrade overview and roap: The goal of an upgrade that involves a migration to a new server instance is to minimize the unavailability of the production system. Upgrading large FileNet P8 systems involves significant work. The upgrade can be particularly challenging if you are changing the underlying platform of major system components, such as Content Platform Engine. Using this approach, you might install and configure a new server instance, such as for the application server or database server. The initial installation and configuration work can be done without impacting the production system. At a high level, complete the upgrade migration procedures by using the following steps. Some steps are repeated for each major FileNet P8 component: v Determine a time when you can run the upgrade, which must be done when nobody is altering the production system data. The copy of the production data (replica) must reflect the production system. Otherwise the upgrade is not on current data. v Set up a second system that contains a copy of production data. With this approach, you can revert to the original system if you encounter problems during the upgrade. You can also do some of the initial installation and configuration without impact to the production system. This second system lets you move to different server instances, replacing or updating hardware for application servers or database servers. Try to reuse as many of the configuration settings as possible from the original system on the second system to reduce any configuration issues that might arise in the upgrade.

| | | | | | | |

v On the second system, run all upgrade tasks that might alter data in a production system. v Typically, the file stores are also relocated to the new platform. If you do not relocate your file stores, you must take extra steps to ensure that the file stores can be accessed from the new system. v Conduct various validation tests that use the production applications on the upgraded replica system.

122


Migration roap The migration roap lists the major steps that are required to upgrade FileNet P8 onto a different set of servers. Use this roap as a template for your own plan. Table 24. Steps required to complete a migration upgrade. Migration task.

Where to go for instructions.

h Learn about upgrading FileNet P8.

“Upgrade planning considerations” on page 124

h Create a replica of your FileNet P8 environment. This scenario involves installing a new environment with the same servers and same version of FileNet P8 as your production system.

v Version 4.5.1: http://www.ibm.com// knowledgecenter/SSNW2F_4.5.1/welcome.html v Version 5.0.0: http://www.ibm.com// knowledgecenter/SSNW2F_5.0.0/ com.ibm.p8toc.doc/ic-homepage.html

v The GCD, object store, and Process Engine databases in the replica must be backups of the databases that are v Version 5.1.0: http://www.ibm.com// used on the production system. If the database s knowledgecenter/SSNW2F_5.1.0/ required by FileNet P8 are not included in the backup, com.ibm.p8toc.doc/ic-homepage.html create new instances of the s and use the same ID v Version 5.2.0: http://www.ibm.com// and as on your production system. knowledgecenter/SSNW2F_5.2.0/ v The replica must use the same LDAP provider, LDAP com.ibm.p8toc.doc/ configuration settings, and LDAP-based security s filenetcontentmanager_5.2.0.htm as the production system. v The replica application server can start with a new Configuration Manager profile or a copy of the production Configuration Manager profile. The installation instructions have sections for both these possibilities. v On the new Content Platform Engine computer, complete the installation preparation tasks for the Application Server except for the tasks that are related to Application Engine or Workplace XT, as these components are not being upgraded now. v As part of an upgrade or if you are moving Workplace XT from 1.1.4 to 1.1.5, you might apply fix packs to Application Engine or Workplace XT because the older version is ed by older FileNet P8 releases. v If you still have a copy of the installation and upgrade worksheet for your production system, use it to help you install the replica system. Do not use this older version of the worksheet for upgrades. h the 5.2.1 installation and upgrade worksheet. Run the customization macro and select Upgrade for the Procedure Type option. Use the customized worksheet to enter values that are required for an upgrade.

“Using the installation and upgrade worksheet” on page 128

h Prepare the replica for upgrade. Follow the steps in the upgrade preparation instructions.

“Performing the required upgrade preparation tasks” on page 130

Depending on your replica system, not all upgrade preparation instructions apply to migration upgrades. h Upgrade the replica. Follow the steps in the 5.2.1 upgrade instructions. Upgrade instructions have separate sections for whether you are working with a new configuration profile in the replica or copied your former configuration profile into the replica. h When the replica system is tested and is ready for production, disconnect the former system and make the replica your new production system. Planning and preparing for FileNet P8 upgrade

123

Tip: Because large-system upgrades involve interacting with many system components, a common approach is to go through a test upgrade run first. In this scenario, you complete the upgrade on a test system, and then discard the test system after you the integrity of the upgrade. You preserve the original production system in case the upgrade fails and to minimize outages to the production system. Running a test upgrade first takes more time than doing the upgrade immediately, but it can minimize risk. The test upgrade approach involves extra steps to completely replicate the production data. Replication is needed to simulate production activities by using a duplicated system. You can practice the upgrade of your production environment by using either of these two methods: v Upgrade the lower environments first by running practice upgrades in the following order: – Upgrade the development environment – Upgrade the various test environments – Upgrade the production environment This method tests the process and validate that your applications are functioning correctly at each environment level before you move production to the next level. v Practice the upgrade of the production environment by using the new production environment. – Early in the project cycle, copy the existing production databases and file storage areas into the new environment – Each time that you practice the upgrade, you apply only the updates that were made to the data since the last practice run. This method reduces the time that is needed to complete the final upgrade in the required maintenance window. All of the required FileNet P8 and custom application software is already installed in the new environment. You run only incremental changes to the replicas of databases and file storage areas.

Upgrade planning considerations Review all upgrade planning information related to requirements for upgrading an FileNet P8 system and expansion products, as well as other vendor products associated with the FileNet P8. “Upgrade system requirements for FileNet P8” on page 125 Before you upgrade FileNet P8, that all components are at the minimum ed versions, including fix pack levels. “Upgrade system requirements for FileNet P8 expansion products” on page 125 To upgrade the FileNet P8 Platform expansion products, in addition to the tasks described in those products' own Installation and Upgrade Guides, you must carry out certain tasks regarding Content Platform Engine. “Upgrading or migrating the underlying vendor software ed by Content Platform Engine” on page 126 To remain in a ed configuration, some upgrade scenarios might require that you also upgrade or migrate the underlying vendor software, such as the application server or database server software. “Planning Process Engine upgrades (versions 4.5.1, 5.0.0, 5.1.0)” on page 126 Upgrades of versions 4.5.1, 5.0.0, and 5.1.0 require the use of a Process Engine upgrade wizard.

124


Upgrade system requirements for FileNet P8 Before you upgrade FileNet P8, that all components are at the minimum ed versions, including fix pack levels. Apply the required minimum level FileNet P8 software updates for the release you are currently running before you upgrade. Applying a fix pack for one component might require fix packs for other components. Prior to applying any fix pack, review the FileNet P8 Fix Pack Compatibility Matrices to ensure compatibility between all installed components.

Upgrade system requirements for FileNet P8 expansion products To upgrade the FileNet P8 Platform expansion products, in addition to the tasks described in those products' own Installation and Upgrade Guides, you must carry out certain tasks regarding Content Platform Engine. “FileNet P8 eForms” If FileNet P8 eForms is installed, undeploy it before upgrading Application Engine. You can redeploy after the Application Engine upgrade is completed. “Content Federation Services” IBM FileNet Content Federation Services must be at the same version level as Content Platform Engine. “IBM Enterprise Records” Depending upon which version of the records management product you are using, there are tasks you must perform before you upgrade your Content Platform Engine software. You must use different ols depending on the version of records management software you are running. FileNet P8 eForms: If FileNet P8 eForms is installed, undeploy it before upgrading Application Engine. You can redeploy after the Application Engine upgrade is completed. For more information, see the appropriate topics for upgrading in the IBM FileNet P8 eForms Installation and Upgrade Guide. Content Federation Services: IBM FileNet Content Federation Services must be at the same version level as Content Platform Engine. If IBM FileNet Content Federation Services is not at the same version level as Content Platform Engine, shut it down and upgrade it to the same version level after Content Engine has been upgraded. For more information, see ree file that accompanied the latest IBM FileNet Content Federation Services fix pack. IBM Enterprise Records: Depending upon which version of the records management product you are using, there are tasks you must perform before you upgrade your Content Platform Engine software. You must use different ols depending on the version of records management software you are running.


125

For more information, see the appropriate topic for upgrading your object stores in the IBM Enterprise Records Installation and Upgrade Guide.

Upgrading or migrating the underlying vendor software ed by Content Platform Engine To remain in a ed configuration, some upgrade scenarios might require that you also upgrade or migrate the underlying vendor software, such as the application server or database server software.

Upgrading the underlying vendor software For specifics on how to upgrade the underlying vendor software, see the appropriate vendor documentation. Complete these vendor software upgrades before you begin the upgrade but as part of the entire upgrade process.

Migrating the underlying vendor software As an alternative to upgrading the existing instances of the underlying software, you can choose to use a migration process. Migration involves creating a new instance of the underlying software and then moving data and configuration settings. Some steps in the upgrade procedures show where you must complete different actions when you use a new application server or database server instance. Important: If the system you are upgrading is running WebSphere Application Server, you must upgrade WebSphere Application Server with a migration. The new application server instance must be deployed on a later version of WebSphere Application Server. For more information, see IBM FileNet P8 system requirements.

| | | |

Any new databases into which you migrate data must be populated by using the database vendor’s appropriate database tools, such as backup and restore tools or export and import tools. Perform database migration tasks only after you shut down existing Content Platform Engine software and back up the databases. These shutdown and backup actions help to ensure that all data that was in production is moved to the new upgraded system.

Planning Process Engine upgrades (versions 4.5.1, 5.0.0, 5.1.0) Upgrades of versions 4.5.1, 5.0.0, and 5.1.0 require the use of a Process Engine upgrade wizard. Upgrading Process Engine 4.5.1, 5.0.0, or 5.1.0 requires the following steps, which are explained in the upgrade instructions: v Install the Content Platform Engine and IBM Case Foundation 5.2.1 software on an existing Content Engine application server or on a new application server. v Define data sources for any Process Engine database that is not already shared with an object store. v Deploy the combined Content Platform Engine on the application server. v Run the pre-upgrade wizard to gather configuration information for Process Engine. Upon completion of the wizard, the upgrade of the Process Engine database and isolated regions starts. After the upgrade, the Process Engine is no longer a separate component. There is a single deployment of both the Process Engine and Content Engine components in the new Content Platform Engine. Each existing Process Engine database becomes

126


a legacy workflow system in the Content Platform Engine. You ister legacy workflow systems, as well as new workflow systems, with the istration Console for Content Platform Engine. | | | |

To move a legacy workflow system to the 5.2 style collocation model, you use the Region Move tool that is provided under Tools in the installation package. For detailed information on how to run the Region Move tool, see http://www-01.ibm.com//docview.wss?uid=swg27036552. There are no longer any dependencies on the IBM FileNet Image Services software and no IBM FileNet Image Services software is installed. You can remove the older versions of Process Engine and IBM FileNet Image Services after successfully installing the Content Platform Engine software and upgrading the database. The Database and FileNet P8 upgrade tasks provide more details.

Definition of upgrade roles Your organization may have different roles, and some of the responsibilities of listed roles will vary from those assigned by default. The tasks in this guide as well as the rows in the Installation and Upgrade Worksheet are organized by istrative roles, listed below. |

Installation

|

v

| |

v

Runs the FileNet Configuration Manager tool, followed by launching IBM istration Console for Content Platform Engine.

| |

v

Abbreviated as IA. Responsible for coordinating the information described in this worksheet. The information itself will require the input from the other roles.

|

The role of IA is usually filled by a FileNet P8 Certified Professional (F).

Runs the FileNet P8 component installers and upgrade programs.

Information technology v v v

Responsible for the networking and operating systems settings required by the FileNet P8 components. Responsible for performing certain security configurations. Abbreviated as ITA. Responsible for providing the information in the rows in the Installation and Upgrade Worksheet with a value of ITA in the Role column.

For tasks assigned to the ITA, see “IT upgrade tasks” on page 131.

Security v v v

Responsible for configuring the directory servers required by FileNet P8 components. Creates and maintains directory server and group s. Abbreviated as SA. Responsible for providing the information in the rows in the Installation and Upgrade Worksheet with a value of SA in the Role column.

For tasks assigned to the SA, see “Security upgrade tasks” on page 141.


127

Database Creates, configures, maintains database installations and databases or table spaces. v Responsible for creating database s needed by FileNet P8 Platform components. v Performs database backups. v For purposes of this documentation, the database is expected to have responsibilities regarding the Java Database Connectivity (JDBC) data sources. v

v

Abbreviated as DBA. Responsible for providing the information in the rows in the Installation and Upgrade Worksheet with a value of DBA in the Role column.

For tasks assigned to the DBA, see “Database upgrade tasks” on page 143.

Application server v

Responsible for providing the application servers required by FileNet P8 Platform components. Responsible for application server istrative s.

v v

Abbreviated as ASA. Responsible for providing the information in the rows in the Installation and Upgrade Worksheet with a value of ASA in the Role column.

For tasks assigned to the ASA, see “Application Server upgrade tasks” on page 151.

FileNet P8 v

This role designation actually refers to the or s who perform regular maintenance of Content Platform Engine and any client applications.

v

The who logs on to IBM istration Console for Content Platform Engine using the gcd_ or an object_store_ is considered an FileNet P8 .

v

Abbreviated as P8A. Responsible for providing the information in the rows of the Installation and Upgrade Worksheet with a value of P8A in the Role column.

For tasks assigned to the P8A, see “FileNet P8 upgrade tasks” on page 154.

Using the installation and upgrade worksheet The Installation and Upgrade Worksheet is a Microsoft Excel spreadsheet (p8_worksheet.xls). The worksheet describes the properties and parameters required to complete FileNet P8 installation, upgrade, and configuration programs, and provides a way to record the values you assign to these properties and parameters. s who are preparing the environment for installation or upgrade of FileNet P8 components must use the worksheet during their preparation tasks to record the appropriate values and provide them to the Installation who runs the installation or upgrade programs. Some of the features of the Installation and Upgrade Worksheet are:

128


v Instructions: describes the worksheet and includes a button that runs the Customize Worksheet macro. v The two highlighted columns, Property or Parameter and ENTER YOUR VALUE HERE, provide the simplest view of the requirement. The others add identifying information and help you sort and filter the rows usefully. v The Role column assigns each row to an and uses the following acronyms: – IA: Installation – ITA: Information Technology – ASA: Application Server – DBA: Database – SA: Security – P8A: FileNet P8 v Property definitions are contained in the column titled Description. v Some rows, though not all, contain a hyperlink in the IC help link column. Click this hyperlink to run a query against the online documentation, which opens with the Search Results pane showing the topics that contain the words in the query phrase. Browse the search results until you have enough information to be able to enter a value in the Worksheet row. “Running the Customize Worksheet macro” The Customize Worksheet macro lets you extract only those rows that describe your environment. “Autofiltering and sorting the Worksheet” on page 130 There are several ways to organize the Worksheet to make finding properties and entering values easier.

Running the Customize Worksheet macro The Customize Worksheet macro lets you extract only those rows that describe your environment. Important: For of the full range of built-in filter and macro features, use Microsoft Excel to view the Installation and Upgrade Worksheet file. You can use other spreadsheet programs to view the file; however, filter and macro can vary. For example, in Calc from OpenOffice.Org, the column filters work as expected, but the Customize Worksheet button does not. To run the Customize Worksheet macro: 1. Open the Installation and Upgrade Worksheet (p8_worksheet.xls) and click the Instructions worksheet (also called a tab). 2. Scroll down until you see the button representing the Customize Worksheet macro. Click the button. 3. Select the components and options that describe the environment you are preparing for FileNet P8. v Installation or Upgrade v FileNet P8 Components v Application Server type v Operating system v Database type v Directory Server type v Number of object stores (adds new sets of rows for creating additional data sources) Planning and preparing for FileNet P8 upgrade

129

v Name of customized sheet 4. Click OK. The macro copies the rows that fulfill your selection criteria into a new worksheet with the name you entered. Enter the values for your environment into this new worksheet. 5. Click the name of the new worksheet at the bottom of the Excel window. Add your preparation values into this new worksheet. 6. Notice that the new worksheet has buttons at the top titled Show Installer View and Show Full View, depending on its state. The Show Installer View displays only those columns that you need while running installation or configuration programs.

Autofiltering and sorting the Worksheet There are several ways to organize the Worksheet to make finding properties and entering values easier. AutoFiltering is a quick way to display only those rows that meet a certain criterion. To use AutoFilter: 1. Make sure AutoFiltering is enabled. (Select the entire row with the column headers, then click Data > Filter > Autofilter.) AutoFilter arrows will appear to the right of the column labels. 2. Click the AutoFilter arrow in the Installation or Configuration Program column header and select the program you are interested in (for example, E installer). 3. For a custom AutoFilter, click the AutoFilter arrow in any column header, select Custom, and use the dialog box to define a filter that will show rows that meet your criteria. 4. To turn off AutoFiltering in a column, click the column AutoFilter arrow and select (All). 5. To reorder rows alphabetically, do a Sort: a. Click anywhere in a column, for example, Column A Role. The only possible values in the Role column are ASA, SA, DBA, ITA, and P8A. Sorting on Role therefore groups the rows by this attribute, in alphabetic order. Several other columns also have a limited number of possible values which means they can be usefully sorted. b. Click the Sort Ascending icon in the Excel toolbar, or use the Data > Sort menu command. The rows sort on Role. Sorting the Worksheet reassigns row numbers. If you refer to rows by number, be aware that row numbers change if you change the sort order.

Performing the required upgrade preparation tasks To efficiently carry out the required upgrade preparation tasks, assign a member of your staff to carry out the tasks assigned to each role. To prepare the FileNet P8 environment, complete the tasks assigned to each role. Some tasks require input that results from other preparation tasks performed by other roles. For information about asg and defining these roles, see “Definition of upgrade roles” on page 127. While performing the tasks, record the results in the Installation and Upgrade Worksheet where indicated.

130


“IT upgrade tasks” The Information Technology must prepare the network and operating systems, and carry out certain security configurations to prepare your environment for FileNet P8 upgrade. “Security upgrade tasks” on page 141 The Security must prepare the security environment for FileNet P8 upgrade, including planning the security environment, and creating s. “Database upgrade tasks” on page 143 The Database prepares the databases required for FileNet P8 upgrade. “Application Server upgrade tasks” on page 151 The Application Server must prepare the application servers for FileNet P8 upgrade. “FileNet P8 upgrade tasks” on page 154 The FileNet P8 must carry out several tasks to prepare your environment for your FileNet P8 upgrade.

IT upgrade tasks The Information Technology must prepare the network and operating systems, and carry out certain security configurations to prepare your environment for FileNet P8 upgrade. v

Review all rows assigned to the IT for Upgrade in the Installation and Upgrade Worksheet. Provide values for any rows appropriate to your installation that you have not yet completed. Tip: With the Data > Filter > AutoFilter command enabled, as it is by default in the shipping worksheet file (p8_worksheet.xls), perform the following actions to quickly see only the properties assigned to a particular role: –

Click the AutoFilter drop-down arrow in the Role column header and select ITA. – Further filter the result set by clicking the AutoFilter drop-down arrow in any of the other columns and selecting a value or clear a filter by selecting All. v Configure the operating systems to prepare for component upgrade. “Creating operating system s for upgrades” on page 132 Operating system s are required during the upgrade process. “Configuring AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris” on page 136 Prepare your AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris-based server for FileNet P8. “Configuring Microsoft Windows” on page 138 that the following Windows server configuration changes have been made in preparation for upgrading FileNet P8 software. “Configuring operating system elements” on page 140 Configure the network to prepare for your FileNet P8 upgrade. You must ensure proper network communications and access rights. “Using IBM data collection tools” on page 140 The IBM data collection tools can help you troubleshoot problems with your installed IBM FileNet P8 products by collecting and analyzing problem-related diagnostic data.


131

Creating operating system s for upgrades Operating system s are required during the upgrade process. s are referred to in documentation in the following ways: v


v


If you see a reference to an that you do not understand, search the documentation for that reference. “Creating the Content Platform Engine installer ” An operating system you use to install Content Platform Engine. “Creating the Process Engine upgrade (upgrades from versions 4.5.1, 5.0.0, 5.1.0)” on page 133 An operating system you use to run the Process Engine upgrade wizard. “Creating Configuration Manager ” on page 134 An operating system you use to run Configuration Manager. “Creating the Content Platform Engine application server installation ” on page 135 Create a new or designate an existing application server to be used while upgrading Content Platform Engine. “Creating the Content Platform Engine application server installation group” on page 135 An operating system group to which several Content Platform Engine s must belong. Creating the Content Platform Engine installer : An operating system you use to install Content Platform Engine. If you are upgrading on the same machine where Content Platform Engine (or Content Engine) was previously installed, use the same installer that you originally used to install that software. The installation program requires this to detect that it is an upgrade and to use the same installation path. If you are upgrading on a new machine, where Content Platform Engine has never been installed, create the e_install_ as explained here. If your operating system is AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris and you do not know the that was used to install Content Platform Engine (or Content Engine), skip this procedure and see the procedure Asg directory permissions to a new installer on AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris. 1. If installing Content Platform Engine on Windows, create the following operating system : Content Platform Engine installer (Windows)

132


Unique identifier e_install_ Description An operating system used to run the Content Platform Engine installation program. Minimum required permissions Use Windows istrative tools to add e_install_ to the Local s group and to the e_appserver_install_group. 2. If installing Content Platform Engine on AIX, HPUX, Linux, Solaris, create the following operating system : Content Platform Engine installer (AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris) Unique identifier e_install_ Description An operating system used to run the Content Platform Engine installation program. Minimum required permissions Use your istrative tools to grant e_install_ at least the following permissions: v Read, write, and execute permissions to the device or location where: – Content Platform Engine is to be installed. – The application server instance/domain/profile has been installed. v Write permission to the directories where you create file storage areas, index areas, and content caches. v Write permission on the /tmp directory. v hip in the e_appserver_install_group. 3.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_install_.

Creating the Process Engine upgrade (upgrades from versions 4.5.1, 5.0.0, 5.1.0): An operating system you use to run the Process Engine upgrade wizard. 1. Create the following operating system : Process Engine upgrade Unique identifier pe_upgrade_ Description v A directory server that has Full Control access rights to the FileNet P8 domain, and has also been granted rights through its hip in the workflow_system__group. v Content Platform Engine permissions can be granted by a gcd_ who uses IBM istration Console for Content Planning and preparing for FileNet P8 upgrade

133

Platform Engine to add the pe_upgrade_ to the ACL of the FileNet P8 domain and grant it Full Control. v Use your directory server tools to add the pe_upgrade_ to the workflow_system__group. The workflow_system__group in the current release is the same as the pe__group that you created in the previous release. Minimum required permissions v Full Control access rights on the FileNet P8 domain. v hip in the workflow_system__group. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of pe_upgrade_.

Creating Configuration Manager : An operating system you use to run Configuration Manager. If you are upgrading on the same machine where Content Platform Engine (or Content Engine) was previously installed, use the same Configuration Manager that you originally used during installation. The program requires this to detect that it is an upgrade and to use the same installation values. If you are upgrading on a new machine, where Content Platform Engine (or Content Engine) has never been installed, create config_mgr_, as explained here. 1. Create the following operating system : Configuration Manager Unique identifier config_mgr_ Description An operating system you will use to run Configuration Manager. Minimum required permissions config_mgr_ must belong to the e_appserver_install_group. (Windows only) Using Active Directory tools, add config_mgr_ to either the Power s group or the Local s group. At several points in the installation process you will be instructed to grant additional permissions to config_mgr_, including the following permissions: v Execute permission to the Configuration Manager executable file, configmgr.exe (Windows) or configmgr.sh (AIX, HPUX, HPUXi, Linux, Linux for System z, Solaris). v Read and write permission to the directory where Configuration Manager will create the configuration XML files. For example: – the directory you specify using the optional -path parameter when you run Configuration Manager. – the default directory, ce_install_path/tools/configure/ profiles, if you do not specify a path parameter.

134


2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of config_mgr_.

Creating the Content Platform Engine application server installation : Create a new or designate an existing application server to be used while upgrading Content Platform Engine. Create this if it does not already exist. The upgrade instructions tell you when to use it. In earlier releases, this was identified as ce_appserver_install_. 1. Create the following operating system : Content Platform Engine application server installation Unique identifier e_appserver_install_ Description The e_appserver_install_ is needed during the installation process to perform the following tasks: v Create and configure the application server for Content Platform Engine. v Start or stop the application server when needed. v Modify the application server files or directories as needed for deploying Content Platform Engine using the Configuration Manager tool. v Provide create, read and write permissions for directories on devices or drives that are used for external Content Platform Engine file storage. e_appserver_install_ must belong to the e_appserver_install_group. Minimum required permissions Use your local machine's istrative tools to grant e_appserver_install_ at least the following permissions: v For Windows, e_appserver_install_ must be a member of the Local s Group. v For UNIX, e_appserver_install_ must have read, write, and execute permissions to the Content Platform Engine installation directory. 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_appserver_install_.

Creating the Content Platform Engine application server installation group: An operating system group to which several Content Platform Engine s must belong. Create this if it does not already exist. The upgrade instructions tell you when to use it. In earlier releases, this was identified as ce_appserver_install_group. 1. Create the following operating system : Planning and preparing for FileNet P8 upgrade

135

Content Platform Engine application server installation group Unique identifier e_appserver_install_group Description An operating system group . You will be instructed to grant certain permissions to this group during Content Platform Engine installation and configuration. The s in e_appserver_install_group will perform the following tasks: v Give operating system privileges to the directories used for Content Platform Engine installation and for the application server's instance/domain/profile. v Configure and deploy the Content Platform Engine EAR files which require access to the application server's instance/domain/profile directories. v Have permissions on devices/drives to read and write that are designated for external Content Platform Engine file storage. Minimum required permissions Use your local machine's istrative tools to add the following s to this group: v e_appserver_install_ v e_install_ v config_mgr_ 2.

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_appserver_install_group.

Configuring AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris Prepare your AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris-based server for FileNet P8. “Configuring AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris FileNet P8 servers (all components)” on page 137 To ensure hosts file contents, the /etc/hosts file must have the Internet Protocol (IP) address of the servers to be used. “Configuring Content Platform Engine servers (AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris)” on page 137 The system checks for the default file-creation permissions for the who will upgrade Content Platform Engine. “Asg directory permissions to a new installer on AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris” on page 137 Upgrades of the Content Platform Engine (or Content Engine) software are normally done by the same who originally installed the software. If this is cannot be used for some reason, designate a new and assign certain directory permissions to it.

136


Configuring AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris FileNet P8 servers (all components): To ensure hosts file contents, the /etc/hosts file must have the Internet Protocol (IP) address of the servers to be used. 1. Ensure hosts file contents. On each AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris-based FileNet P8 server that does not use DNS (Domain Name Service) or NIS (Network Information Service), the /etc/hosts file must contain the name and IP address of all servers it will communicate with, including the remote database server, if applicable. 2. Consult with the application server, database, and FileNet P8 s to determine port requirements for all the servers in your environment. For details, see Appendix B, “FileNet P8 ports,” on page 171. Configuring Content Platform Engine servers (AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris): | |

The system checks for the default file-creation permissions for the who will upgrade Content Platform Engine. Content Platform Engine running on an AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris-based application server Use the umask utility program to set the default file-creation permissions mask for the Java Virtual Machine (JVM) instance that hosts Content Platform Engine so that the owner (the running JVM) and the of the owners group have read/write/execute access permissions, and all others have no access: umask u=rwx,g=rwx,o=

This mask setting ensures that the access permissions on files and directories created by Content Platform Engine are identical to those you must specify when creating file storage areas on AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris file servers. Tip: This umask setting is required for the (e_install_) who runs the Content Platform Engine installer program, but does not need to be in the .profile file of the . Asg directory permissions to a new installer on AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris: Upgrades of the Content Platform Engine (or Content Engine) software are normally done by the same who originally installed the software. If this is cannot be used for some reason, designate a new and assign certain directory permissions to it. If the old e_install_ , the one you used to install Content Platform Engine (or Content Engine) is not available, use the following procedure to assign the necessary directory permissions to a new and different e_install_ which you will use to upgrade Content Platform Engine: 1. Make sure you know the old e_install_ . If you do not know, log on to the application server as any and run the ls -l command from a shell prompt to determine the ownership of the Content Platform Engine (or Content Engine) installation directory and the files it contains. The default installation directory is one of the following locations: Planning and preparing for FileNet P8 upgrade

137

v Default path on version 4.5: /opt/FileNet/ContentEngine v Default path on version 5: /opt/IBM/FileNet/ContentEngine Important: If the old e_install_ no longer exists, IBM Software for assistance. 2. Designate an operating system that will become the new e_install_. 3. Log on to the application server as the old e_install_, navigate to the ContentEngine directory, and recursively give ownership of this directory and all its files and subdirectories to the new e_install_ . For example, if Content Platform Engine (or Content Engine) is installed at /opt/FileNet/ContentEngine, run the following command to give ownership to the new e_install_: chown -R e_install_ /opt/FileNet/ContentEngine

4. Log on to the application server as the appserver_ who initially installed the application server and created the application server instance. 5. Navigate to the application server instance directory and give group rights to the e_appserver_install_group (whose are the e_install_ and e_appserver_install_). For example: chgrp -R e_appserver_install_group /opt/IBM/Websphere/Appserver /profiles/Appsvr01

6. Give e_appserver_install_group read/write permissions. For example: chmod -R 775 /opt/IBM/Websphere/Appserver/profiles/Appsvr01

7. Log off the application server and log back on as the new e_install_. 8. Grant read, write, and execute permissions on the Content Platform Engine directories to the new e_install_, as follows: chmod -R +rwx /opt/FileNet/ContentEngine

9. Copy the Install Shield directory from the $HOME directory of the old e_install_ to the $HOME of the new e_install_, and grant read, write, and execute permissions to the new e_install_. 10.

Record the value of the new e_install_ in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of e_install_.

Configuring Microsoft Windows that the following Windows server configuration changes have been made in preparation for upgrading FileNet P8 software. “Configuring Windows for FileNet P8 servers” on page 139 Make sure your Windows servers comply with the requirements for the upgraded version of FileNet P8. “Configuring Windows for .NET and COM compatibility clients” on page 139 Microsoft .NET Framework is a prerequisite for installing .NET API Clients and COM Compatibility clients. Some clients might also require the installation of Microsoft Web Services Enhancements (WSE). “Configuring Windows for Active Directory” on page 139 If you are using Windows Active Directory for your directory service, set the primary DNS. “Adding inbound rules to Windows 2008 and 2012 firewalls” on page 139 Configure inbound rules in the Windows firewall to allow the following ports access.

138


Configuring Windows for FileNet P8 servers: Make sure your Windows servers comply with the requirements for the upgraded version of FileNet P8. v See the IBM FileNet P8 system requirements for details on required Windows Service Packs and patches. v Consult with the application server, database, and FileNet P8 s to determine port requirements for all the servers in your installation environment. For details, see Appendix B, “FileNet P8 ports,” on page 171. Configuring Windows for .NET and COM compatibility clients: Microsoft .NET Framework is a prerequisite for installing .NET API Clients and COM Compatibility clients. Some clients might also require the installation of Microsoft Web Services Enhancements (WSE). To configure Windows for .NET and COM compatibility clients: 1. If you have client programs that use Windows Communication Foundation (WCF) to access Content Platform Engine, ensure that .NET 3.x is installed. WCF is embedded with .NET 3.x or later. Applications which were developed to use the Content Engine .Net API from release 5.0 or later can operate with either WSE or WCF, automatically adapting to whichever is installed (which may be both). However, unlike WSE, WCF requires an SSL secured network connection to the Content Platform Engine. 2. Backward compatibility is provided for client programs that use Web Services Enhancements (WSE) to access Content Platform Engine. These clients require the installation of .NET 2.x and WSE 3.0. Applications which were developed to use the Content Engine .Net API for release 4.5.1 or earlier require that WSE be installed. Configuring Windows for Active Directory: If you are using Windows Active Directory for your directory service, set the primary DNS. If Windows Active Directory is your directory service, set the primary DNS server IP address on your Content Platform Engine application server to the IP address of the machine where DNS is installed. Adding inbound rules to Windows 2008 and 2012 firewalls: Configure inbound rules in the Windows firewall to allow the following ports access. Port

Protocol

Used for

32771

T

RMI

32775

T

The primary IBM System Dashboard for Enterprise Content Management listener port.

Internal port number

HTTP

In a cluster configuration, set the internal port number to a nonzero value in istration Console for Content Platform Engine. Use that port number here to open it in the Windows firewall.


139

Configuring operating system elements Configure the network to prepare for your FileNet P8 upgrade. You must ensure proper network communications and access rights. “Configuring network communications” Ensure that your T/IP settings are configured so that your servers and clients can communicate with one another. “Synchronizing machine clocks” FileNet P8 processes require that you synchronize the clocks on all of the machines that are running FileNet P8 servers and FileNet P8 clients. Configuring network communications: Ensure that your T/IP settings are configured so that your servers and clients can communicate with one another. Complete the following prerequisite tasks in any order: v Ensure T/IP settings. the T/IP settings on the UNIX and Windows servers and IBM istration Console for Content Platform Engine clients that are configured for FileNet P8 enable the servers and clients to communicate with one another. v Ensure NetBIOS over T/IP is enabled on Windows. v Ensure availability of required port numbers. Several port numbers are required by the various FileNet P8 components. Appendix B, “FileNet P8 ports,” on page 171 Synchronizing machine clocks: FileNet P8 processes require that you synchronize the clocks on all of the machines that are running FileNet P8 servers and FileNet P8 clients. 1. Make sure that the machine clocks on all FileNet P8 servers, including Content Platform Engine, Application Engine, as well as all database servers and those of FileNet P8 client applications including Workplace XT, Rendition Engine, IBM Case Manager, and so on, are synchronized. Errors that might arise if they are not synchronized include those of authentication, cooperative locking, communication between servers, and others. 2. You can run a clock synchronization utility to synchronize all of the clocks on your Java virtual machines with a reliable time source. If the clocks get out of sync by 60 seconds or more, you can configure a scheduler in the clock synchronization utility to periodically synchronize the time of the clocks.

| | | |

Using IBM data collection tools The IBM data collection tools can help you troubleshoot problems with your installed IBM FileNet P8 products by collecting and analyzing problem-related diagnostic data. IBM data collection tools automate the gathering and sending of appropriate diagnostic data to IBM for investigation and resolution of installation, upgrade, or runtime problems in IBM FileNet P8 products. Typically you would run an IBM data collection tool after installing or upgrading the product, or when the IBM FileNet P8 system is in production. To use an IBM data collection tool, your IBM FileNet P8 product must be ed by the tool and must have Internet access to the IBM back-end servers where the collected data is analyzed. If your product does not meet these

140


requirements, IBM can assist you in determining the most effective manual method to collect and deliver the diagnostic data for analysis. Two IBM Assistant data collection tools are available, at the IBM Assistant Data Collectors website: v IBM Assistant Data Collector is a web-based tool that can be used at any time; there is nothing to install. v IBM Assistant Lite Data Collector must be installed on the servers where you installed or upgraded your IBM FileNet P8 products before it can be used. By installing the tool before your IBM FileNet P8 system goes into production, you avoid the possibility of not being able to install it after a runtime problem occurs. To determine which IBM data collection tool s your IBM FileNet P8 product: 1. Browse to the IBM Assistant Data Collectors website. 2. Find an IBM data collection tool that s your product: v To determine whether IBM Assistant Data Collector s your product, complete the following substeps: a. Click the Data Collectors tab on the IBM Assistant Data Collectors home page, and then click Launch. b. Expand the I need to collect data for drop-down list. If your product is listed, then you can use IBM Assistant Data Collector. v To determine whether IBM Assistant Lite Data Collector s your product, complete the following substeps: a. Click the Data Collectors tab on the IBM Assistant Data Collectors home page. b. Choose Enterprise Content Management in the Select a brand to begin the process drop-down list. c. Expand the Select a product to access the page drop-down list. If your product is listed, then you can use IBM Assistant Lite Data Collector. 3. Follow the instructions on the web page for the tool that s your product to use the tool directly or to install it, as needed.

Security upgrade tasks The Security must prepare the security environment for FileNet P8 upgrade, including planning the security environment, and creating s. v Review all rows assigned to the Security (SA) for upgrades in the Installation and Upgrade Worksheet. Provide values for any rows appropriate to your installation that you have not yet completed. Tip: With the Data > Filter > AutoFilter command enabled, as it is by default in the worksheet file (p8_worksheet.xls), perform the following actions to quickly see only the properties assigned to a particular role: –

Click the AutoFilter drop-down arrow in the Role column header and select SA.

–

Further filter the result set by clicking the AutoFilter drop-down arrow in any of the other columns and selecting a value or clear a filter by selecting All.


141

“Security upgrade planning considerations” Review the security requirements for systems being upgraded. “Creating Content Platform Engine directory server s for upgrades” Create new or designate existing directory server installation s for Content Platform Engine.

Security upgrade planning considerations Review the security requirements for systems being upgraded. v It is a best practice not to change realms (your authenticated s and groups), during an upgrade. v If the new Content Platform Engine version does not the directory server (LDAP) version you are already using, migrate the LDAP directory before upgrading. v your IBM FileNet representative if you intend to change directory servers.

Creating Content Platform Engine directory server s for upgrades Create new or designate existing directory server installation s for Content Platform Engine. s are referred to in documentation in the following ways: v


v


If you see a reference to an that you do not understand, search the documentation for that reference. “Creating the application server istrative console (WebSphere Application Server)” An LDAP to which you have granted the WebSphere Application Server istrative role. Creating the application server istrative console (WebSphere Application Server): An LDAP to which you have granted the WebSphere Application Server istrative role. Create this if it does not already exist. The upgrade instructions tell you when to use it. 1. Create the following directory service : WebSphere istrative console Unique identifier appserver_console_ Description The appserver_console_ is an LDAP to which

142


you have granted the WebSphere Application Server istrative role so that it can to the WebSphere istrative console. v If your WebSphere repository type is Stand-alone LDAP registry, when you run the Configuration Manager Configure LDAP task, enter the credentials of a valid LDAP to be the appserver_console_ for the entry labeled istrative console name. Configuration Manager grants this WebSphere istrative console istrative rights. Alternatively, you can enter an LDAP that you have already configured as a console . v If your WebSphere Application Server LDAP repository type is Federated repositories, you can use the same defined as your appserver_. However, if you specify a for the istrative console name that is different from appserver_, it must be unique across all federated realms including the WebSphere Application Server local file-based repository. Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of appserver_console_.

2.

Database upgrade tasks The Database prepares the databases required for FileNet P8 upgrade. v Review all rows assigned to the Database Server in the Installation and Upgrade Worksheet. While you complete the following preparation tasks, provide values for the rows that are appropriate to your installation. Tip: With the Data > Filter > AutoFilter command enabled, as it is by default in the worksheet file (p8_worksheet.xls), perform the following actions to quickly see only the properties assigned to a particular role: –

Click the AutoFilter drop-down arrow in the Role column header and select DBA.

–

Further filter the result set by clicking the AutoFilter drop-down arrow in any of the other columns and selecting a value or clear a filter by selecting All.

v Upgrade your database to a version that is ed by FileNet P8 prior to upgrading the FileNet P8 software. See FileNet P8 Hardware and Software Requirements for version information. “Database planning” To prepare for an upgrade, review database requirements and complete other planning tasks. “Planning the IBM Content Search Services upgrade” on page 151 Empty the IBM Content Search Services index request table before you upgrade Content Platform Engine.

Database planning To prepare for an upgrade, review database requirements and complete other planning tasks. Planning and preparing for FileNet P8 upgrade

143

You must the appropriate database versions and patches before you upgrade FileNet P8 components. For minimum database software version and fix pack requirements, see IBM FileNet P8 system requirements. Rather than upgrading your existing database, it is a best practice to create a new database instance on a version of the database that is ed by the new FileNet P8 components. Import data for, or restore backups of, your existing Content Platform Engine (or your Content Engine and Process Engine) data into the new database. Then retarget your JDBC Content Engine data sources to the new database. This approach allows you to leave the existing production system in place while you do the prerequisite steps for the new database.

FileNet P8 systems with IBM Case Manager (for upgrades from versions 5.0.0, or 5.1.0) Before upgrading FileNet P8 to version 5.2.1, Process Engine isolated regions that are used in an IBM Case Manager configuration must be located in the corresponding Content Engine object store database or table space. For version 5.0 and 5.1 FileNet P8 systems, new installations configured with IBM Case Manager were required to have common Oracle or DB2 for Linux, UNIX and Windows table spaces for the Process Engine isolated region and Content Engine object store. For Microsoft SQL Server, new installations configured with IBM Case Manager were required to have a common database for the Content Engine object store and the Process Engine isolated region. For systems that were upgraded to version 5.0 or 5.1, where IBM Case Manager was then added, there was no requirement for Process Engine and Content Engine databases to be common. Important: For version 5.0 or 5.1 systems not in compliance with the common database or table space requirement, you must move any Process Engine isolated regions into the appropriate Content Engine object stores before you upgrade. A tool has been provided on the Content Platform Engine installation media for that purpose. See the techdoc documenting the tool for moving isolated regions.

Process Engine (for upgrades from versions 5.0.0, or 5.1.0) Starting with the 5.2 version of FileNet P8, the Content Engine and Process Engine are deployed together as a single application server instance. In addition, the database is handled as a single entity. New workflow systems and isolated regions are created in object stores, and all database connections require data sources. Existing Process Engine systems become legacy workflow systems and the databases are separate from any new workflow systems. As a part of the upgrade you will create data sources for any existing Process Engine databases. If you are upgrading from version 5.0 of Process Engine and had multiple virtual servers, each virtual server had a unique database and each of those databases will require a data source and those data sources will also be targeted to the new database. Upgrade the Content Engine, Process Engine, and Case Analyzer software and complete all upgrade procedures before you allow s to access information in the new database. To upgrade the Process Engine database, identify the existing database name and . In versions of Process Engine older than 5.0, the default was the f_sw . Record this database name and in the Installation and Upgrade Worksheet as the pe_db_ and .

144


“Planning for DB2 for Linux, UNIX and Windows database upgrades” Review upgrade requirements for DB2 for Linux, UNIX and Windows databases. “Planning for DB2 for z/OS database upgrades” on page 147 Review upgrade requirements for DB2 for z/OS databases. “Planning for Oracle database upgrades” on page 147 Review upgrade requirements for Oracle databases. “Planning for SQL Server database upgrades” on page 148 Review upgrade requirements for Microsoft SQL Server databases. Planning for DB2 for Linux, UNIX and Windows database upgrades: Review upgrade requirements for DB2 for Linux, UNIX and Windows databases. For minimum version and fix pack requirements, see IBM FileNet P8 system requirements. In some cases, it is possible to exceed the maximum rowsize of 32 KB for the Content Platform Engine database during the upgrade. See the technote Adding properties to a class with the IBM FileNet Content Engine on DB2 receives error stating that the length exceeds the capacity of the database (Technote 21384306) for information about diagnosing and resolving the problem for a Content Engine database. Use the diagnosis steps from the technote before you determine how close the database is to exceeding the row size, and the resolution steps to reduce the amount of row size space being used before you upgrade. Databases that are used for Content Platform Engine must be configured with a minimum of 32 KB page sizes and a UTF-8 code page. Versions of Process Engine before version 5.0 ed smaller page sizes. Older versions of Process Engine also ed additional code pages. Use the procedures in the techdoc How to determine if your Process Engine DB2 database has the correct tablespace pagesize and/or code page for upgrading to Process Engine 5.0 (Techdoc 7020392) to determine whether page size or code page changes are required before you version 5.2.1. To install DB2 for Linux, UNIX and Windows and create DB2 instances: 1. Set or the following instance and database settings. Settings and values vary depending on database versions. DB2 for Linux, UNIX and Windows versions 9.7, 9.8, 10.1: db2set DB2_WORKLOAD=FILENET_CM db2set DB2_MINIMIZE_LISTPREFETCH=ON db2set DB2_OPTPROFILE=ON

DB2 for Linux, UNIX and Windows version 10.1 Fix Pack 2 or later: db2set DB2_WORKLOAD=FILENET_CM

2. Connect to your object store databases by entering the following command: db2 connect to db_name _name using

where v db_name is the name of your object store database v _name is the ID used to access the object store database v is the for the ID used to to access the object store database Issue the following command:


145

db2 update db cfg using cur_commit ON

3. After making these changes, stop and restart the database using db2stop and db2start. DB2 for Linux, UNIX and Windows 10.5 (or later) s an extended row size by default. This means that you can create properties without exceeding the record length limit for the page size, because column allocation sizes are no longer counted against the limit during column creation. If an updated or inserted value causes the sum of the bytes across all columns to exceed the physical record length limit of the page size, DB2 for Linux, UNIX and Windows stores a descriptor (24 bytes) in the column. The descriptor points to an off-row location. For databases that you upgraded to DB2 for Linux, UNIX and Windows 10.5 (or later) from a release prior to DB2 for Linux, UNIX and Windows 10.5, issue this command to enable extended row size : UPDATE DATABASE CONFIGURATION FOR dbName USING EXTENDED_ROW_SZ ENABLE

When you add a new property to a class, Content Platform Engine determines whether extended row size is enabled for the DB2 for Linux, UNIX and Windows 10.5 (or later) database. Making this determination requires having the SELECT privilege (granted by default) on a view: SELECT ON SYSIBM.DBCFG

If extended row size is enabled for a DB2 for Linux, UNIX and Windows database, even if table overflow is enabled on an object store, Content Platform Engine does not overflow tables when you add a property to a class. That is, all columns are added to the original table. If extended row size is not enabled for a DB2 for Linux, UNIX and Windows database, or if you revoked the view permission, rows are limited to 32 KB (at column allocation time), and Content Platform Engine overflows tables if overflow is enabled on an object store. If your system has existing overflow tables and you upgraded to DB2 for Linux, UNIX and Windows 10.5 (or later), and you enabled extended-row-size , DB2 for Linux, UNIX and Windows adds new columns to the original table, not the overflow table. Content Platform Engine associates new properties with the overflow table only if it determines that a property can reuse an existing column that is no longer used. “Planning for Process Engine DB2 for Linux, UNIX and Windows database upgrades (upgrades from versions 4.5.1, 5.0.0, 5.1.0)” For versions 4.5.1, 5.0.0, and 5.1.0, there are some additional requirements for upgrading Process Engine. Planning for Process Engine DB2 for Linux, UNIX and Windows database upgrades (upgrades from versions 4.5.1, 5.0.0, 5.1.0): For versions 4.5.1, 5.0.0, and 5.1.0, there are some additional requirements for upgrading Process Engine. The following requirements are in addition to those discussed in Database planning. The recommended upgrade scenario is to make a test copy of the Process Engine database. Ensure the copy of the database is at least DB2 Version 9.7 for Linux,

146


UNIX and Windows with 32K page sizes configured. Complete the upgrade on that copy. Doing the upgrade with a database copy will also let you determine how long the upgrades will take. Changes to string fields Process Engine string fields are modified for all Process Engine tables by increasing the length by an expansion factor. This expansion value is to allow for the additional space requirements for character-based string fields. String fields are modified by increasing the length by the defined factor. Record the value to indicate your choice to expand string fields by a size factor in your customized Installation and Upgrade Worksheet. Set the value between three and six. To find this property, filter on peupgrade and search the worksheet for instances of the Database Column Size Factor parameter. |

DB2 additional database changes

|

After the upgrade, use the pedbconvert tool to make the following changes:

|

v Enable date fields exceeding the 2038 date.

|

v of character strings:

| |

– Enable for GB18030 characters. GB18030 character also requires DB2 Version 9.7 for Linux, UNIX and Windows or higher.

| |

– Enable properly truncated strings with multi-byte characters, where a partial character is not left at the end of a string.

|

– Number of bytes (expansion factor) for character sets no longer required.

| |

– Provide better performance when using indexes that have one or more string keys.

| | | | | | |

Use of the pedbconvert tool is recommended for workflow systems that multi-byte characters in an international global environment. Customers who do not have multi-byte systems should also run the pedbconvert tool, but it can be run after the upgrade. See techdoc 7036559 for information. The technote is applicable to all upgrades from 4.5.1 and also to 5.0 systems that have upgraded previously from earlier releases but have not run the 5.0 advanced ol, techdoc 7019393. Planning for DB2 for z/OS database upgrades: Review upgrade requirements for DB2 for z/OS databases. For minimum version and fix pack requirements, see IBM FileNet P8 system requirements. No additional actions are required to prepare the DB2 for z/OS database for a FileNet P8 upgrade. For information on for DB2 for z/OS in earlier releases of FileNet P8, see the techdoc DB2 for zOS is ed with Content Manager 5.2.0 starting in 5.2.0 FP2 (Techdoc 7038918). Planning for Oracle database upgrades: Review upgrade requirements for Oracle databases.


147

Update to the appropriate database versions and patches before you upgrade FileNet P8 components. For minimum patch requirements, see IBM FileNet P8 system requirements. Content Platform Engine databases must be configured with AL32UTF8 character sets. It is not required to set the national character set (NLS_NCHAR_CHARACTERSET) to a specific value; you can take the default. If you change the character set for an existing database, the workflow system or legacy workflow system locale must not change when the database character set is converted to AL32UTF8. Any Oracle database s must have the following permission for the upgrade: SELECT on _INDEXES

Planning for Content Platform Engine (or Content Engine) Oracle database upgrades If you have set the oracle.jdbc.V8Compatible flag to true for your Content Platform Engine (or Content Engine) database, as documented in the Enabling Oracle Data Index Use in the FileNet Content Engine technical notice (see http://www.ibm.com//docview.wss?uid=swg21397282), you need to set the flag to false. The flag is not ed in Oracle 11g and is not needed in version 5.2.1 Content Platform Engine databases. For object stores upgraded from version 4.5.1, as part of the auto-upgrade of Oracle-based Content Engine data, table columns defined by the DATE property are automatically converted to the TIMESTAMP property, even if there is an index on the DATE property. However, auto-upgrade will not be able to perform this conversion on function-based indexes, such as the descending (DESC) keyword, that involve the DATE property. Because it is not feasible to resolve this conversion failure within the auto-upgrade framework, plan to manually convert DATE columns with function-based indexes to TIMESTAMP columns by dropping these indexes, altering the property and recreating the index. Upgrade procedures direct you to complete this procedure after the auto-upgrade finishes. Planning for Process Engine Oracle database upgrades The following database changes are automatically made for system and data during the database upgrade: v Process Engine date and time fields are changed from 32-bit to 64-bit to enable date fields exceeding the 2038 date. v Process Engine string fields are converted from byte-based to character-based strings. Planning for SQL Server database upgrades: Review upgrade requirements for Microsoft SQL Server databases. For minimum version and fix pack requirements, see IBM FileNet P8 system requirements. “Planning for Process Engine SQL Server database upgrades (upgrades from version 5.0.0)” on page 149 For version 5.0.0, plan the Process Engine SQL Server database upgrade. Plan carefully to determine whether there are prerequisites for doing the Process Engine upgrade.

148


“Enabling XA transactions” on page 150 Configure the Windows server to enable XA transactions. “Reducing deadlock errors in Microsoft SQL Server” on page 151 High Microsoft SQL Server concurrency causes transaction deadlock errors because writers block access, by readers, to database resources. You can reduce the likelihood of deadlock by setting the READ_COMMITTED_SNAPSHOT ON option for your database. Planning for Process Engine SQL Server database upgrades (upgrades from version 5.0.0): For version 5.0.0, plan the Process Engine SQL Server database upgrade. Plan carefully to determine whether there are prerequisites for doing the Process Engine upgrade. The following requirements are in addition to the requirements discussed in Database planning . The recommended upgrade scenario is to make a test copy of the Process Engine database. Complete the upgrade on that copy. Doing the upgrade with a database copy also lets you to determine how long the upgrades take. | | | | |

READ_COMMITTED_SNAPSHOT must be enabled for the SQL Server database where the Process Engine schema is installed. You can enable READ_COMMITTED_SNAPSHOT before or after you upgrade the database. To enable READ_COMMITTED_SNAPSHOT for the object store, see the instructions in Creating a Microsoft SQL Server database for an object store. Changes to string fields Process Engine string fields are modified for all Process Engine tables by increasing the length by an expansion factor. This expansion value is to allow for the additional space requirements for character-based string fields. String fields are modified by increasing the length by the defined factor. Record the value to indicate your choice to expand string fields by a size factor in your customized Installation and Upgrade Worksheet. Set the value between three and six. To find this property, filter on peupgrade and search the worksheet for instances of the Database Column Size Factor parameter.

|

SQL Server additional database changes

|

After the upgrade, use the pedconvert tool to make the following changes:

|

v Enable date fields that exceed the 2038 date.

|

v of character strings:

| |

– Enable for GB18030 characters by using nvarchar instead of varchar in the Process Engine database schema.

| |

– Enable properly truncated strings with multi-byte characters, where a partial character is not left at the end of a string.

| |

– Provides better performance when it uses indexes that have one or more string keys.

|

– Number of bytes (expansion factor) for character sets no longer required.


149

Use of the pedconvert tool is recommended for workflow systems that multi-byte characters in an international global environment. Customers who do not have multi-byte systems also run the pedconvert tool, but it can be run after the upgrade. See techdoc 7036559 for information. The technote is applicable to all upgrades from 4.5.1 and also to 5.0 systems that previously upgraded from earlier releases but have not run the 5.0 advanced ol, techdoc 7019393.

| | | | | |

Enabling XA transactions: Configure the Windows server to enable XA transactions. Perform these steps on every Microsoft SQL Server that will contain a Content Platform Engine database. 1. the Microsoft SQL Server JDBC Driver that is referenced in the IBM FileNet P8 system requirements document for Content Platform Engine SQL Server databases. Tip: Installation procedures for JDBC settings can vary by release. See the Microsoft website for full details. 2. Copy the sqljdbc_xa.dll from the JDBC installation directory to the binn folder of the instance, although a pre-2.0 version of the driver also functions correctly from the tools\binn folder. For the 32-bit version of Microsoft SQL Server , use the sqljdbc_xa.dll file in the x86 folder. For the 64-bit version of Microsoft SQL Server, use the sqljdbc_xa.dll file in the x64 folder. 3. Log on as the sa or as a with equivalent permissions and execute the database script xa_install.sql on the master database on every SQL Server instance that will participate in distributed transactions. Important: Use SQL Server database credentials, not Windows credentials, to log on. Windows Integrated Logon to SQL Server is not ed with IBM FileNet P8. This script installs sqljdbc_xa.dll as an extended stored procedure and creates the SqlJDBCXA role in the Master database. 4. Add each database (e_db_) that Content Platform Engine uses to access SQL Server to the SqlJDBCXA role. This action grants permissions to those s to participate in distributed transactions with the JDBC driver. 5. From Control , open istrative Tools, and then open Component Services. 6. Expand Component Services, right-click My Computer, and then select Properties. 7. Expand Distributed Transaction Coordinator and right-click Local DTC. 8. Click the MSDTC tab, and then click Security Configuration. 9. Select the Enable XA Transactions check box, and then click OK to restart the Microsoft DTC service. 10. Click OK again to close the Properties dialog box, and then close Component Services. 11. Stop and then restart the Microsoft SQL Server.

150


Reducing deadlock errors in Microsoft SQL Server: High Microsoft SQL Server concurrency causes transaction deadlock errors because writers block access, by readers, to database resources. You can reduce the likelihood of deadlock by setting the READ_COMMITTED_SNAPSHOT ON option for your database. To reduce deadlock errors in a Microsoft SQL Server database: 1. Shut down all the servers and clients that can connect to your database (dbName), and make sure that there are no other connections to Microsoft SQL Server. 2. Connect to Microsoft SQL Server and issue the following SQL command to determine whether snapshot isolation is enabled for dbName: SELECT name, is_read_committed_snapshot_on FROM sys.databases where name=’dbName’

If snapshot isolation is enabled for dbName, skip the remainder of this procedure. 3. Issue the following command to enable snapshot isolation for dbName: ALTER DATABASE dbName SET READ_COMMITTED_SNAPSHOT ON

4. Restart Microsoft SQL Server and issue the following SQL command to confirm that the Snapshot Isolation setting is in effect for dbName: SELECT name, is_read_committed_snapshot_on FROM sys.databases where name=’dbName’

Planning the IBM Content Search Services upgrade Empty the IBM Content Search Services index request table before you upgrade Content Platform Engine. For systems configured with IBM Content Search Services, plan to flush as many index requests as possible before starting the upgrade. Part of the automatic upgrade of the Content Platform Engine (or Content Engine) database includes a change to the index request table. If there are more than 500,000 records in that table when the automatic upgrade runs, a new required index will not be created. A message will be logged and the database must manually build the new index before upgrading the IBM Content Search Services software. This index must exist before the Content Platform Engine and IBM Content Search Services software is used for production. To determine the size of the index request table: 1. Run the following SQL query on the database table associated with the index requests using your native database tools: SELECT COUNT (*) FROM IndexRequests

2. If the SQL query result shows one or more entries, let IBM Content Search Services process the entries before you initiate the upgrade.

Application Server upgrade tasks The Application Server must prepare the application servers for FileNet P8 upgrade. v Review all rows assigned to the Application Server (ASA) in the Installation and Upgrade Worksheet. While you complete the preparation tasks, provide values for the rows that are appropriate to your installation.


151

Tip: With the Data > Filter > AutoFilter command enabled, as it is by default in the worksheet file (p8_worksheet.xls), perform the following actions to quickly see only the properties assigned to a particular role: – Click the AutoFilter drop-down arrow in the Role column header and select ASA. – Further filter the result set by clicking the AutoFilter drop-down arrow in any of the other columns and selecting a value or clear a filter by selecting All. “Creating the application server ” An application server used while configuring Content Platform Engine. “Starting or stopping an application server instance” on page 153 You need to be able to start or stop an application server instance when working with Content Platform Engine. “Configuring the application server for Content Platform Engine” on page 154 You can deploy Content Platform Engine only on certain versions of application servers. Therefore, you must determine if and when to upgrade the application server where the current version of Content Platform Engine (or Content Engine) is deployed before upgrading to a new version.

Creating the application server An application server used while configuring Content Platform Engine. Create this if it does not already exist. The upgrade instructions tell you when to use it. 1. Create the following application server : Application server Unique identifier appserver_ Description WebSphere Application Server In Configuration Manager, when you run the Set Properties for WebSphere Application Server task, enter the credentials of the appserver_ in the field labeled Application server name. Configuration Manager uses the appserver_ to run configuration tasks. WebSphere istrative security is enabled You have two options for creating the appserver_ . You can use the local file-based usually defined while creating the WebSphere profile. Or, you can use WebSphere tools to grant istrative rights to an LDAP and optionally remove the file-based created earlier. The appserver_ must have WebSphere permissions throughout the Content Platform Engine

152


installation process. Afterwards, you can reduce the to a lesser role, such as Configurator. WebSphere istrative security is not enabled If you decide not to enable WebSphere istrative security during profile creation, then no special credentials are required to to the WebSphere istrative console. You can enter any string into the Configuration Manager field labeled Application server name. However, that to run Content Platform Engine, WebSphere istrative security must be enabled. When you do enable it and the WebSphere istrative console requests an to use as the istrative , enter the appserver_. Oracle WebLogic Server In Configuration Manager, when you run the Set Properties for Oracle WebLogic Server task, enter the credentials of the appserver_ in the field labeled Application server name. Configuration Manager uses the appserver_ to run configuration tasks. This is defined when you create a new WebLogic domain. The WebLogic Configuration wizard requires you to enter the name and . This is created as an internal WebLogic application, file-based . (It is not an LDAP or operating system .) Use the appserver_ to to the Oracle WebLogic Server istration console. JBoss

2.

Content Platform Engine does not require a JBoss istrative .

Record this value in your customized Installation and Upgrade Worksheet. To find this property, search the worksheet for instances of appserver_.

Starting or stopping an application server instance You need to be able to start or stop an application server instance when working with Content Platform Engine. To start or stop an application server instance: Depending on your application server type, run one of the following commands to start or stop an application server instance: Table 25. How to start or stop an application server instance Command to start an application server instance


WebSphere Application Server

startServer

stopServer

JBoss Application Server

run

stop

Application server type


153

Table 25. How to start or stop an application server instance (continued) Application server type

Command to start an application server instance


Oracle WebLogic Server

startWebLogic

stopWebLogic

In a high availability environment, when instructed to start or stop an application server instance, start or stop the nodes unless otherwise specified.

Configuring the application server for Content Platform Engine You can deploy Content Platform Engine only on certain versions of application servers. Therefore, you must determine if and when to upgrade the application server where the current version of Content Platform Engine (or Content Engine) is deployed before upgrading to a new version. To determine the order of upgrading Content Platform Engine and the application server on which it is deployed: 1. Consult the IBM FileNet P8 system requirements documentation for both the existing version of software and the new version. Determine if a version of your application server is ed by both your existing version of Content Platform Engine (or Content Engine) and the new version of Content Platform Engine. 2. Upgrade your application server and Content Platform Engine (or Content Engine) according to the criteria in the following table: Option

Description

If you deployed your current version of Content Platform Engine (or Content Engine) on an application server version that is ed by the new version of Content Platform Engine

1. Upgrade the Content Platform Engine software. It is not necessary to upgrade your application server.

If you deployed your current version of Content Platform Engine (or Content Engine) on an application server version that is not ed by the new version of Content Platform Engine

1. an application server version that both the current version of Content Platform Engine (or Content Engine) and the new version of Content Platform Engine .

2. (optional) Upgrade the application server to a newer version that is ed by the new version of Content Platform Engine

2. Upgrade Content Platform Engine to the new version. If you deployed your current version of Content Platform Engine (or Content Engine) on an application server version that is not ed by the new Content Platform Engine and an application server version that is ed by both your existing Content Platform Engine (or Content Engine) and the new Content Platform Engine version does not exist

1. Perform a migration upgrade by creating a new instance of the application server using a version that is ed by the new Content Platform Engine. 2. Upgrade Content Platform Engine working through the topics on configuring Content Platform Engine into a new application server instance using an existing Configuration Manager profile.

FileNet P8 upgrade tasks The FileNet P8 must carry out several tasks to prepare your environment for your FileNet P8 upgrade.

154


Review all rows assigned to the FileNet P8 (P8A) in the Installation and Upgrade Worksheet. While you complete the following preparation tasks, provide values for the rows that are appropriate to your installation. Tip: With the Data > Filter > AutoFilter command enabled, as it is by default in the worksheet file (p8_worksheet.xls), perform the following actions to quickly see only the properties assigned to a particular role: v Click the AutoFilter drop-down arrow in the Role column header and select P8A. v

Further filter the result set by clicking the AutoFilter drop-down arrow in any of the other columns and selecting a value or clear a filter by selecting All. “Enabling the Asynchronous Processing dispatcher” You must enable the Asynchronous Processing dispatcher to ensure that the object stores progress to a completed or ready state as part of an upgrade. “Preparing Process Engine for upgrade (upgrades from versions 4.5.1, 5.0.0, 5.1.0)” on page 156 Repair any inconsistencies between Process Engine queues and rosters in the Process Engine database, reconcile security information and prepare Case Analyzer data for upgrade. “Collecting settings for peupgrade wizard (upgrades from versions 4.5.1, 5.0.0, 5.1.0)” on page 156 Collect the values for all settings in the peupgrade wizard. The values are needed for Process Engine upgrades from versions 4.5.1, 5.0.0, and 5.1.0. “Collecting configuration information for Process Engine DbExecute connections (upgrades from 4.5.1)” on page 159 DbExecute connection information must be provided to the peol for Process Engine upgrades from Version 4.5.1. Collect the current configuration information for all of your existing DbExecute aliases before you upgrade. “Saving Component Manager custom settings for CE_Operations (upgrades from V5.1 or earlier)” on page 160 Save Component Manager custom settings for CE_Operations in each isolated region before you upgrade. You need to restore the settings after the upgrade is complete.

Enabling the Asynchronous Processing dispatcher You must enable the Asynchronous Processing dispatcher to ensure that the object stores progress to a completed or ready state as part of an upgrade. For each object store to be upgraded, you must enable the Asynchronous Processing dispatcher on at least one Content Platform Engine (or Content Engine) server in the site where the object store is located. (For upgrades from 5.2.0 to 5.2.1) To enable the Asynchronous Processing dispatcher for one Content Platform Engine server: 1. Start the FileNet P8 istration tool. a. (For upgrades from 5.2.0 to 5.2.1) Start istration Console for Content Platform Engine. b. (For upgrades from 4.5.1, 5.0.0 or 5.1.0) Start Enterprise Manager. 2. (For upgrades from 5.2.0 to 5.2.1) Click the domain root node and then click the Asynchronous Processing Subsystem tab. Select Enable Dispatcher. 3. (For upgrades from 4.5.1, 5.0.0 or 5.1.0) Right-click the domain root node or the node of the object store to be upgraded and click Properties. Click the Asynchronous Processing tab and select Enable Dispatcher. Planning and preparing for FileNet P8 upgrade

155

Preparing Process Engine for upgrade (upgrades from versions 4.5.1, 5.0.0, 5.1.0) Repair any inconsistencies between Process Engine queues and rosters in the Process Engine database, reconcile security information and prepare Case Analyzer data for upgrade. v (upgrades from 4.5.1) Use the vw program to repair any inconsistencies between Process Engine queues and rosters in the Process Engine database. v (upgrades from 5.0 or later) Use the PE program to repair any inconsistencies between Process Engine queues and rosters in the Process Engine database. See Techdoc 7022275 for information. v If there are unused isolated regions with no connection point, remove those regions before the upgrade.

Collecting settings for peupgrade wizard (upgrades from versions 4.5.1, 5.0.0, 5.1.0) Collect the values for all settings in the peupgrade wizard. The values are needed for Process Engine upgrades from versions 4.5.1, 5.0.0, and 5.1.0. During the upgrade of Process Engine, you run peupgrade. After you provide information to the program, you run it to upgrade the Process Engine database. The values can be provided to peupgrade in a wizard or in a property file that is an input file to the program. The information that you must gather varies depending on whether you are upgrading from Version 5.0 or 5.1, or from Version 4.5.1. Record these values in your customized Installation and Upgrade Worksheet. To find these properties, search the worksheet for instances of peupgrade. The following table shows the information that is required and where to collect it on the source Process Engine system. Several values are not on the source system but are needed for the upgrade. For each property name, record the value in your Installation and Upgrade worksheet. Property names in this table reflect the name in the peupgrade wizard interface. Table 26. peupgrade upgrade values 4.5.1 property name and location

5.0 or 5.1 property name and location

Server DNS name

Server or load balancer name in FileNet Enterprise Manager, Isolated Region properties.

Server or load balancer name in FileNet Enterprise Manager, Isolated Region properties.

Naming service port

Process Engine Communication Port (IOR port) in the Process Task Manager on the Process Engine server. In Enterprise Manager, this port is called the Communication Port.

Naming service port in the Process Task Manager on the Process Engine server. In Enterprise Manager, this port is called the Communication Port.

The default value is 32776. On V5.0, every virtual server has a different port.

Operating system character set (AIX, HPUX, HPUXi, Linux, Linux on System Z, Solaris)

From the command line, enter locale charmap

From the command line, enter locale charmap

This property is the character set on the original server.

Property name

156


Comments

Table 26. peupgrade upgrade values (continued) 4.5.1 property name and location


Operating system character set (Windows)

For information about identifying the locale in Windows, see the Microsoft documentation.

For information about identifying the locale in Windows, see the Microsoft documentation.

istration group

This property is the Group, on the Process Engine server, in Process Task Manager, on the Security tab.

This property is the Group, on the Process Engine server, in Process Task Manager, on the Security tab.

Configuration group

This property is the Configuration Group, on the Process Engine server, in Process Task Manager, on the Security tab.

This property is the Configuration Group, on the Process Engine server, in Process Task Manager, on the Security tab.

Database schema name

By default, f_sw. Database Might still be f_sw if this must provide. system was originally installed on a version earlier than 5.0 and then upgraded to 5.0. Database must provide.

Property name

Comments This property is the character set on the original server.

This property is for the Process Engine database. It is the schema where the workflow tables reside on the target system.

XSL/XSD file location (AIX, By default, on the source By default, on the source HPUX, HPUXi, Linux, system: /fnsw/local/sd/xsl system: Linux on System Z, Solaris) and /fnsw/local/sd/xsd install_path/data/ pesvr.virtual_servername/ xsl and install_path/data/ pesvr.virtual_servername/ xsd

These directories and their contents need to be on a drive that is available at the time of the upgrade for the peupgrade program. They must also be for available for the Content Platform Engine after the upgrade. This property might be a shared drive or you might copy them to a local drive on the new server in the case of a migration upgrade.

XSL/XSD file location (Windows)

These directories and their contents need to be on a drive that is available at the time of the upgrade for the peupgrade program. They must also be for available for the Content Platform Engine after the upgrade. This property might be a shared drive or you might copy them to a local drive on the new server in the case of a migration upgrade.

By default, on the source system: \fnsw_loc\sd\xsl and \fnsw_loc\sd\xsd

By default, on the source system: install_path\data\ pesvr.virtual_servername\ xsl and install_path\data\ pesvr.virtual_servername\ xsd


157

Table 26. peupgrade upgrade values (continued) Property name

4.5.1 property name and location


Comments

Database column size factor Choose the expansion (DB2 for Linux, UNIX and factor. Windows

Not applicable

This expansion value is to allow for the additional space requirements for character-based string fields. String fields are modified by increasing the length by the defined factor.

Database column size factor Choose the expansion (SQL Server) factor.

Not applicable

This expansion value is to allow for the additional space requirements for character-based string fields. String fields are modified by increasing the length by the defined factor.

Database connection name (existing)

Choose from the dropdown Choose from the dropdown Every region that you list. list. upgrade needs a connection point. IBM Case Manager with shared databases for Process Engine and Content Engine has existing connection points. If for any other reason Content Engine and Process Engine are sharing a database, there is also an existing connection point.

Database connection name (define a new connection)

If Process Engine and Content Engine are not in the same database, you need to define a new connection name.

Data source name

If the 5.0 or 5.1 Process Engine database is being shared with an object store, this property is the data source name of the object store.

The name that is entered for peupgrade must match the data source name that is defined in Configuration Manager.

XA data source name

If the 5.0 or 5.1 Process Engine database is being shared with an object store, this property is the XA data source name of the object store.

The name that is entered for peupgrade must match the XA data source name that is defined in Configuration Manager.

DbExecute connection

| | | |

See Collecting configuration Not applicable information for Process Engine DbExecute connections.

If you need a custom URL, you cannot do the upgrade silently and must use the GUI. Collect the database type information for all of the existing DBExecute connections.

158


Collecting configuration information for Process Engine DbExecute connections (upgrades from 4.5.1) DbExecute connection information must be provided to the peol for Process Engine upgrades from Version 4.5.1. Collect the current configuration information for all of your existing DbExecute aliases before you upgrade. Collect DbExecute connection information and record it in your Installation and Upgrade worksheet. The DbExecute connection information must be provided to the peol. You run the peol during the upgrade of Process Engine to Content Platform Engine Version 5.2.1. To collect DbExecute alias configuration information for Process Engine, log on to the Process Engine v4.5.1 server and locate existing information. 1. Change your working directory to the following: Option

Description

AIX, HPUX, HPUXi, Solaris

/fnsw/local/sd

Windows

\fnsw_loc\sd

2. Each connection has a file associated with the following naming scheme .alias.bin

Note the names for all aliases. 3. Collect the connection information for each alias by running vwtool with the listdbconfig option as follow: a. Start vwtool at a command prompt as follows: vwtool -Y pe_service_name+pe_service_name_

b. Enter the following command at the prompt: listdbconfig alias

c. For each database type, the information returned is as follows: Oracle global database name SQL Server SQL Server name database name DB2

database alias

4. Using the information for every existing connection, collect the following information. Record the values in your Installation and Upgrade worksheet. v Database type v Database name v Database host name v Database port v Database name v Database As an alternative to the database host name and port, use a connection URL string. Your URL can vary, depending on your configuration, but default URLs that can be configured are as follows: v jdbc:sqlserver://DBhost:DBport;DatabaseName=DBName v jdbc:db2://DBhost:DBport/DBName v jdbc:oracle:thin:@DBhost:DBport:DBName Planning and preparing for FileNet P8 upgrade

159

| | | | |

Saving Component Manager custom settings for CE_Operations (upgrades from V5.1 or earlier)

| | | | | |

Before you upgrade FileNet P8 from version 5.1 or earlier, you must make note of the logon and for the adapter. If you extended the CE_Operations queue with exposed fields or database indexes, you must also save these custom settings before you upgrade. You must manually restore these settings and values after the upgrades of the Content Platform Engine software and the Process Engine database are complete.

| | | | |

Important: Other customizations or extensions to the CE_Operations component queue are not ed. These customizations might cause the Process Engine database fail. IBM for assistance before you proceed with the upgrade if the CE_Operations queue has customizations other than exposed fields or database indexes.

| | | | |

You can use istration Console for Content Platform Engine if it is available or the Process Configuration Console in Workplace or Workplace XT to save the CE_Operations settings. The console that you select is used to configure the queue, but that does not imply that the component queue runs in Content Platform Engine or Workplace.

|

To save the Component Manager custom settings for CE_Operations:

|

1. Start Process Configuration Console by using Workplace or Workplace XT:

|

Table 27. Starting Process Configuration Console

|

Option

Select

| |

Workplace

Select > Process Configuration Console.

| | | |

Workplace XT

Select Tools > istration > Process Configuration Console

2. Save the custom settings for the CE_Operations queue in each isolated region:

| |

a. Go to an isolated region node and choose Export to XML from the Action menu.

| |

b. In the Export window, click Browse and specify a file name and location on your local drive or network for the exported data.

Save Component Manager custom settings for CE_Operations in each isolated region before you upgrade. You need to restore the settings after the upgrade is complete.

Tip: Use the XML file extension for the file name.

| | |

c. Choose the export type Export selected components and select the CE_Operations queue from the Component Queues. Then click Next.

| |

d. On the Summary page, confirm that the export contains only the CE_Operations queue, and then click Finish to complete the export.

|

e. Repeat the preceding substeps for the other isolated regions. 3. Save the adapter settings for the CE_Operations queue in each isolated region:

| | |

a. Go in Process Configuration Console for an isolated region to the isolated region node > Component Queues > CE_Operations.

| |

b. Right-click the CE_Operations node and choose Properties to view its properties.

160


| | |

c. Open the Adapter tab and make note of the JAAS Credentials settings; you need it later in the upgrade process. d. Repeat the preceding substeps for the other isolated regions.


161

162


Appendix A. Preparing non-English environments for installing FileNet P8 To run FileNet P8 components in a non-English environment, certain conditions must be met. Review the following considerations and tasks, organized by role, if you plan to run FileNet P8 in a non-English environment. By default, Content Platform Engine uses Oracle Outside In Search Export for text extraction on PDF documents. For right-to-left language PDF documents, you can optionally use Apache PDFBox technology for text extraction. To use PDFBox, you set a JVM property on Content Platform Engine. For more information, see the topics in istering FileNet P8 > istering Content Platform Engine. For information on how IBM Content Search Services extracts text from documents that are sent to it by IBM Content Collector, see istering FileNet P8 > istering Content Platform Engine > Retrieving documents > Finding objects with content-based retrieval > Making object text searchable > Indexable document types and text extraction. “IT ” Depending on the operating system, the IT installs either a localized version of the operating system, or the operating system language pack. “Security ” on page 165 The FileNet P8 security installation role includes configuring and maintaining directory servers. “Database ” on page 166 The FileNet P8 database installation role includes configuring database installations and table spaces, and creating database s. “Application Server ” on page 167 To Unicode UTF-8 characters, all FileNet P8 domain application servers must be properly configured and must have all fix packs installed. “FileNet P8 ” on page 168 The FileNet P8 configures Process Task Manager for Application Engine and Workplace XT. “Limitations on installing in a non-English environment” on page 168 There are certain limitations on installing FileNet P8 in non-English environments.

IT Depending on the operating system, the IT installs either a localized version of the operating system, or the operating system language pack. “Operating system considerations” on page 164 In addition to any operating system platforms, the IT must consider the FileNet P8 components that will be installed in a non-English environment. “Microsoft Windows” on page 165 Use the localized Microsoft Windows version when available. If the localized version is not available, use the English version with the appropriate regional setting. © Copyright IBM Corp. 2001, 2016

163

“Configuring locale and for other languages in an AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris system” on page 165 Add language fonts for your AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris operating system if you need to display an X Window desktop in a specific-language interface. Follow your operating system istration guide to install other language fonts.

Operating system considerations In addition to any operating system platforms, the IT must consider the FileNet P8 components that will be installed in a non-English environment.

Application Engine or Workplace XT Application Engine and Workplace XT can be installed: v In any locale on any of the ed AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris platforms v On any localized version of Windows or in any region on the English version of Windows : The Application Engine and Workplace XT setting must match the Content Platform Engine setting. Otherwise, workflows can experience unexpected problems such as errors related to the way characters display.

Content Platform Engine Content Platform Engine can be installed: v In any locale on any of the ed AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris platforms v On any localized version of Windows or in any region on the English version of Windows If you intend to install Content Platform Engine in a path that contains non-English characters, you must specify each such character in the path by its escaped Unicode representation (for example, \u4EF6).

IBM Content Search Services IBM Content Search Services can be installed: v In any locale on any of the ed AIX, Linux, Linux on System z, and Solaris platforms v On any localized version of Windows or in any region on the English version of Windows When you run the installation program for IBM Content Search Services, you specify a configuration data directory and an installation directory. If any component of either of these directory names contains non-English characters, the installation program appears to complete normally; but the program creates an installation directory whose name contains random characters instead of the name that you specified. This installation failure occurs whether you install the first instance or an additional instance of IBM Content Search Services. To prevent the failure, use only English characters in the name of each component of the configuration data directory and the installation directory.

164


Microsoft Windows Use the localized Microsoft Windows version when available. If the localized version is not available, use the English version with the appropriate regional setting. Use the Regional Options Control to change the regional setting. For more information, see the Windows help system. If you intend to install IBM Content Search Services to a path that contains non-English characters, ensure that your version of Windows s the locale of the non-English characters. If the native Windows command shell displays the non-English characters correctly, the locale is ed. Attention: The IBM Content Search Services temporary directory cannot contain non-English characters. If you install to a non-English path, change the location of the temporary directory to a path that contains English characters only. Use the command-line configuration tool (configTool) to set the tempDirPath parameter.

Configuring locale and for other languages in an AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris system Add language fonts for your AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris operating system if you need to display an X Window desktop in a specific-language interface. Follow your operating system istration guide to install other language fonts. Configure your X-session manager application to use the fonts for your operating system. See your X-session manager application istration guide for details about adding fonts or accessing them on the server. Make sure to add a locale for the language that is used and also to add the UTF-8 locale. Set the server locale to the UTF-8 locale. For information about right-to-left languages, see the Oracle document Enabling Outside In Technology for Bidirectional Arabic and Hebrew Text.

Security The FileNet P8 security installation role includes configuring and maintaining directory servers. “Extended characters and names” Note the following considerations for localized FileNet P8 s.

Extended characters and names Note the following considerations for localized FileNet P8 s. v With Microsoft Active Directory, Content Platform Engine s extended characters in names and s for all Latin1, Latin2, Arabic, and double-byte languages v Content Platform Engine does not extended (double-byte) characters in LDAP attributes for authentication purposes. These attributes include, but are not limited to, such items as cn (common name), ou (organizational unit), or dc (domain component). ASCII characters are required for these attributes. v The Content Platform Engine locale must match directory server locale to manage non-ASCII names correctly.

Appendix A. Preparing non-English environments for installing FileNet P8

165

v AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris systems can Latin1, Latin2, Arabic, and double-byte names simultaneously.

Database The FileNet P8 database installation role includes configuring database installations and table spaces, and creating database s. “Installing Microsoft SQL Server” During installation, the Microsoft SQL Server installer program detects the Windows regional setting and sets the Microsoft SQL Server language setting accordingly. Use the regional setting selected by the installation program throughout the entire Microsoft SQL Server installation. “Installing Oracle server” Create the database using the AL32UTF8 database character set. “Installing the DB2 for Linux, UNIX and Windows server” Use the UTF-8 codeset for the DB2 for Linux, UNIX and Windows database server. “Installing the DB2 for z/OS server” on page 167 When you install the DB2 for z/OS database server in a non-English environment, use UTF-8 collation settings by configuring CCSID UNICODE.

|

Installing Microsoft SQL Server During installation, the Microsoft SQL Server installer program detects the Windows regional setting and sets the Microsoft SQL Server language setting accordingly. Use the regional setting selected by the installation program throughout the entire Microsoft SQL Server installation. Microsoft does not recommend changing the selected regional setting unless you have to match the regional setting to the collation of another instance of Microsoft SQL Server or to the Windows regional setting of another computer. Localized versions of Microsoft SQL Server are available in French, German, Spanish, Italian, Japanese, Korean, and Simplified and Traditional Chinese. The collation settings must match the language settings on the system. Searching for other languages that do not match the database collation setting will result in invalid search and sort results.

Installing Oracle server Create the database using the AL32UTF8 database character set. The collation settings must match the language settings on the system. Searching for other languages that do not match the database collation setting will result in invalid search and sort results. Set the regular character set to AL32UTF8. It is not required to set the national character set (NLS_NCHAR_CHARACTERSET) to a specific value. You can take the default. The national character set applies to the data types NCHAR / NVARCHAR2 / NCLOB which the Content Platform Engine does not use.

Installing the DB2 for Linux, UNIX and Windows server Use the UTF-8 codeset for the DB2 for Linux, UNIX and Windows database server.

166


The collation settings must match the language settings on the system. Searching for other languages that do not match the database collation setting will result in invalid search and sort results. |

Installing the DB2 for z/OS server

| |

When you install the DB2 for z/OS database server in a non-English environment, use UTF-8 collation settings by configuring CCSID UNICODE.

| | |

The collation settings must match the language settings on the system. Searching for other languages that do not match the database collation setting will result in invalid search and sort results.

Application Server To Unicode UTF-8 characters, all FileNet P8 domain application servers must be properly configured and must have all fix packs installed. |

“Configuring character encoding on WebSphere Application Server” FileNet P8 requires two WebSphere settings: com.ibm.CORBA.ORBCharEncoding, to specify the native encoding set of character data that Object Request Broker uses, and com.ibm.websphere.security.BasicAuthEncoding, to match the encoding used by Basic Authentication for Web Services so that client applications can access web services. “Configuring character encoding on JBoss Application Server” on page 168 Set the appropriate codesets to UTF-8. “Configuring character coding on WebLogic Server” on page 168 Set the appropriate codesets to UTF-8.

| |

Configuring character encoding on WebSphere Application Server

| | | | |

FileNet P8 requires two WebSphere settings: com.ibm.CORBA.ORBCharEncoding, to specify the native encoding set of character data that Object Request Broker uses, and com.ibm.websphere.security.BasicAuthEncoding, to match the encoding used by Basic Authentication for Web Services so that client applications can access web services.

|

To set character encoding parameters on WebSphere Application Server:

|

1. Log on to the WebSphere istrative console.

| | |

2. In the navigation pane, click Servers > Server Types > WebSphere application servers > server_name, where server_name is the name of one of your application servers.

| |

3. In the Container services section, click ORB service > Custom properties > New.

| |

4. In the Name field, enter com.ibm.CORBA.ORBCharEncoding, set the value to UTF8, and save your changes.

| |

5. In the Server Infrastructure section, click Java and process management > Process definition > Java virtual machine > Custom properties > New.

| |

6. In the Name field, enter com.ibm.websphere.security.BasicAuthEncoding, set the value to UTF8, and save your changes.

|

7. Restart the application server.

|

8. Repeat steps 2 through 7 for your other application servers.


167

Configuring character encoding on JBoss Application Server Set the appropriate codesets to UTF-8. To configure the correct character encoding: 1. Open the file JBOSS_HOME//server/(default)/deploy/jboss-web.sar/ server.xml for editing and set the following value:

2. Open the file JBOSS_HOME/bin/run.bat or JBOSS_HOME/bin/run.sh for editing and set the following value: JAVA_OPTS=JAVA_OPTS -Dfile.encoding=utf-8

Configuring character coding on WebLogic Server Set the appropriate codesets to UTF-8. To configure the correct character encoding, set the following Interop-Orb-Protocol (IIOP) attributes: v Default Char Codeset to "UTF-8" v Default Wide Char Codeset to "UTF-8"

FileNet P8 The FileNet P8 configures Process Task Manager for Application Engine and Workplace XT. “Configuring Process Task Manager for Application Engine and Workplace XT” In AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris environments, that the LC_TIME and LC_MESSAGES environment variables are set to “C” before you run Process Task Manager in Application Engine or Workplace XT. Failure to set these variables can result in an error in a non-English locale.

Configuring Process Task Manager for Application Engine and Workplace XT In AIX, HPUX, HPUXi, Linux, Linux on System z, or Solaris environments, that the LC_TIME and LC_MESSAGES environment variables are set to “C” before you run Process Task Manager in Application Engine or Workplace XT. Failure to set these variables can result in an error in a non-English locale.

Limitations on installing in a non-English environment There are certain limitations on installing FileNet P8 in non-English environments. Important: For additional limitations, see the release notes.

Process Task Manager If Application Engine, Workplace XT, or Content Platform Engine is installed on any operating system other than Windows, Process Task Manager (vwtaskman) takes too long to launch when it is run under a UTF-8 locale using remote CDE shells such as X Window, Exceed, Xmanager, etc). that the X Window application can handle Unicode fonts to fix this problem. Also, that any independent software vendor applications are configured correctly. The command-line interface functionality is not affected.

168


Process Designer To import a -defined XSD file that contains non-English characters in Process Designer, run the following command to convert characters to the Unicode encoding format to match an operating system other than Windows Content Platform Engine in a UTF-8 locale, and then import the XSD file into Process Designer. Java - pe.jar filenet.vw.toolkit.utils.FileConverter /in filename /out outfilename

Composite Platform Installation Tool The Composite Platform Installation Tool, which installs a single-server FileNet P8 environment, is not ed on Simplified Chinese Microsoft Windows 2008 R2.

IBM Case Manager IBM Case Manager requires language on the Content Platform Engine server to authored language solution templates. Important: Case Manager Builder displays unreadable characters in Step Editor for double-byte (east Asian) characters. To resolve the problem, install the correct language pack on the Case Manager Builder Server.

IBM FileNet Image Services In IBM FileNet Image Services, navigate to fn_edit > System Attributes > Client Character Set, enter MS932, and restart the IBM FileNet Image Services service. This configuration setting ensures that Japanese characters in property values are synchronized in both directions between IBM FileNet Image Services and Content Platform Engine.

Rendition Engine Rendition Engine s only English and Japanese operating system languages. You can install and run Rendition Engine on any language version of Windows, provided that you set the Windows Region/Language configuration to either English or Japanese. With one exception, IBM FileNet Rendition Engine s only the English versions of authoring applications. The exception is that Rendition Engine s the Japanese versions of Microsoft Office, Microsoft Project, and Microsoft Visio. For more information, see Microsoft Windows operating system help for further information about adding additional language .


169

170


Appendix B. FileNet P8 ports Port numbers that are used by FileNet P8 components are listed along with information such as communication protocols, the source and target components, whether load balancers are ed, and other information specific to the component ports. The following conditions apply to the ports that are used by the FileNet P8 components: v The port numbers are default values, but can be changed to other unique port numbers. v The default port number and communication protocol must be open on the target server. v Replies and responses to the requestor are made unless specified otherwise. v No long-lived connections are established between FileNet P8 components unless specified for the port. The connection is closed after the initiator opens a connection with the recipient and the recipient responds. “Content Platform Engine ports” on page 172 The Content Platform Engine ports information is presented in multiple tables that list the port names, port numbers, communication protocols, and descriptions. “Application Engine and Workplace XT ports” on page 176 The Application Engine and Workplace XT servers ports table lists the port names, port numbers, communication protocols, and description for its use. “Process Simulator ports” on page 176 The Process Simulator ports information, which is segmented into multiple tables, lists the port names, port numbers, communication protocols, and description for its use. “Content Search Services ports” on page 177 The Content Search Services ports information, which is segmented into multiple tables, lists the port names, port numbers, communication protocols, and description for its use. “Rendition Engine and Content Platform Engine ports for LIQUENT” on page 178 The following tables list the Rendition Engine and Content Platform Engine ports information for LIQUENT. “Database ports” on page 180 The database ports information, which is segmented into multiple tables, lists the port names, port numbers, communication protocols, and description for its use. “IBM System Dashboard for Enterprise Content Management ports” on page 181 The IBM System Dashboard for Enterprise Content Management ports information, which is segmented into multiple tables, lists the port names, port numbers , communication protocols, and description for it use. “Content Services for FileNet Image Services ports” on page 182 The following tables list the port numbers used by IBM FileNet Content Services for FileNet Image Services.

© Copyright IBM Corp. 2001, 2016

171

Content Platform Engine ports The Content Platform Engine ports information is presented in multiple tables that list the port names, port numbers, communication protocols, and descriptions. Table 28. Content Platform Engine ports Port name

Application level protocol

Transport level protocol

Default port number

LDAP

LDAP

T

LDAP (SSL )

LDAP

LDAP Global Catalog

From

To

389

Content Platform Engine server

Directory server

T

636


Directory server

LDAP

T

3268


Global Catalog server

LDAP Global Catalog (SSL) LDAP

T

3269


Active Directory Global Catalog server

WebSphere WSI

HTTP

T

9080

Content Platform Engine client


WebSphere WSI (SSL)

HTTPS

T

9443

Content Platform Engine, istration Console for Content Platform Engine, Component Manager (Workplace XT), or a custom application


WebSphere EJB

IIOP

T

2809



WebLogic EJB / WSI

HTTP, T3, and IIOP

T

7001



WebLogic EJB / WSI (SSL)

HTTPS, T3S, and T IIOP

7002



JBoss EJB

JNP

T

1099



JBoss WSI

HTTP

T

8080



JBoss WSI (SSL)

HTTPS

T

8443



172


Table 28. Content Platform Engine ports (continued) Port name



Default port number

JBoss IIOP

IIOP

T

JBoss IIOP (SSL)

IIOP

Kerberos

RFC 1510

From

To

3528



T

3529



T or UDP

88


Active Directory KDC

Table 29. Content Platform Engine ports - continued Port name

s SSL?

LDAP

No

LDAP (SSL )

Yes

LDAP Global Catalog

No

LDAP Global Catalog (SSL)

Yes

WebSphere WSI

No

WebSphere WSI (SSL)

Yes

WebSphere EJB

Yes

WebLogic EJB / WSI

No


Yes

JBoss EJB

Yes

JBoss WSI

No

JBoss WSI (SSL)

Yes

JBoss IIOP

Yes

JBoss IIOP (SSL)

Yes

Kerberos

No


Notes

LDAP

The port is on the directory server and specified on the Content Platform Engine server for authentication.

LDAP (SSL )

The port is on the directory server and specified on the Content Platform Engine for authentication through SSL.

LDAP Global Catalog

The port is used for the Active Directory only.

LDAP Global Catalog (SSL)

The port is used for the Active Directory only.

WebSphere WSI

The port is on the WebSphere Application Server for Content Platform Engine. The port is used for communication with Content Platform Engine by clients through WSI.

WebSphere WSI (SSL)

HTTPS over SSL or TLS. (Port 9080 is the non-SSL HTTP port.) Content Platform Engine and custom applications use WSI. Port 9443 is on the WebSphere Application Server for Content Platform Engine. The port is used for communication with Content Platform Engine by clients through WSI.

Appendix B. FileNet P8 ports

173

Table 30. Content Platform Engine ports - continued (continued) Port name

Notes

WebSphere EJB

The port is on the WebSphere Application Server for Content Platform Engine. The port is used for communication with Content Platform Engine by clients through EJB and for request forwarding between Content Platform Engine servers.

WebLogic EJB / WSI

The port is on the WebLogic Server for Content Platform Engine s both EJB and WSI. The port is used for communication with Content Platform Engine by clients and for request forwarding between Content Platform Engine servers.


The port is on the WebLogic Server for Content Platform Engine s both EJB and WSI. The port is used for communication with Content Platform Engine by clients using SSL and for request forwarding between Content Platform Engine servers.

JBoss EJB

The port is on the JBoss Application Server for Content Platform Engine. The port is used for communication with Content Platform Engine by clients through EJB and for request forwarding between Content Platform Engine servers.

JBoss WSI

The port is on the JBoss Application Server for Content Platform Engine. The port is used for communication with Content Platform Engine by clients through WSI.

JBoss WSI (SSL)

The port is on the JBoss Application Server for Content Platform Engine. The port is used for communication with Content Platform Engine by clients through WSI using SSL.

JBoss IIOP

The port is on the JBoss Application Server for Content Platform Engine. The port is used for communication with Content Platform Engine by clients through IIOP.

JBoss IIOP (SSL)

The port is on the JBoss Application Server for Content Platform Engine. The port is used for communication with Content Platform Engine by clients through IIOP.

Kerberos

The port is used for Kerberos authentication only.

Table 31. Content Platform Engine ports Port name



Default port number

SMTP (Email Notification)

SMTP

T

Process Task Manager / Component Manager version 1 communications port

RMI

From

To

25


Email server

T

32771 (for version 1 of Component Manager)

Process Task Manager on the Application Engine server

Component Manager / Process Task Manager communication

Component Manager Event RMI Port

T

32773 (for Content backward Platform compatibility Engine server with version 1 of Component Manager)

Component Manager version 1 on the Application Engine server

Rules Listener

RMI

T

32774 (for Rules Engine using Rules Connectivity Framework)


Rules Listener

Content Platform Engine server to server communication port

HTTP (only for clusters)

T

0 (randomly assigned port number)



174


Table 32. Content Platform Engine ports–continued

Port name

Reply or Response to requestor?

Long lived sessions?

Load Balancer?

s SSL and TLS?


No

No

No

Yes


Yes

Yes

No

No

Component Manager Event Port

Yes

Yes

No

No

Rules Listener

Yes

Yes

No

No


Yes

Yes

No

No


Notes


The port is on the SMTP server and is configured for Content Platform Engine email notification in istration Console for Content Platform Engine. Communication on this port is one-way, from the Content Platform Engine server to the email server.


This port is on the Application Engine server for Process Task Manager to communicate with the Component Managers.

Component Manager Event Port The port is on the Application Engine server, configured through the Process Task Manager. This port number must match the port used for the Component Manager Event Port on the Application Engine. Communication on this port is one-way from the Content Platform Engine server to the Component Manager. Rules Listener

The port is on the Content Platform Engine server. Communication on this port is bidirectional from the Content Platform Engine server to the Rules Listener


For a cluster configuration only. If there is a firewall between the Content Platform Engine server instances of a cluster, this value should be set to a specific assigned port number and that port value should be allowed in the firewall configuration. The port is set for the workflow system. The port number is the internal port number, which is the field name for this in the istration Console for Content Platform Engine. In a cluster configuration, this port needs to be set in istration Console for Content Platform Engine and it needs to be opened in the firewall. Communication on this port is bidirectional between Content Platform Engine servers in a cluster.


175

Application Engine and Workplace XT ports The Application Engine and Workplace XT servers ports table lists the port names, port numbers, communication protocols, and description for its use. Table 34. Application Engine and Workplace XT server ports Port name

Default port number

WebSphere

9080

The port is on the WebSphere Application Server for clients to connect to Workplace and Workplace XT.

WebSphere SSL

9443

The port is on the WebSphere Application Server for clients to connect to Workplace and Workplace XT through SSL.

WebLogic

7001

The port is on the WebLogic Server for clients to connect to Workplace and Workplace XT.

WebLogic SSL

7002

The port is on the WebLogic Server for clients to connect to Workplace and Workplace XT through SSL.

JBoss

8080

The port is on the JBoss Application Server for clients to connect to Workplace and Workplace XT.

JBoss SSL

8443

The port is on the JBoss Application Server for clients to connect to Workplace and Workplace XT through SSL.

BPM Web Services Reliable messaging client port

32767

The port is configured and used on the Application Engine server, for a Component Manager instance.

Content Platform Engine (RMI)

32771

The port is on the Windows Content Platform Engine server for Process Task Manager to communicate with the Windows Content Platform Engine Services Manager. Specify this port number in the jpemgr.properties file, in the jpemgr.port parameter on the Content Platform Engine.

Notes®

This port is on the Application Engine server for Process Task Manager to communicate with the Component Managers and the Windows Process Workplace (or Workplace XT) Services Manager. Set the port in Process Task Manager on the Application Engine as the Registry Port. Component Manager (Event Port)

32773

The port is on the Application Engine server, and is used when the Component Manager (running on the Application Engine Server) is configured to be triggered by events, instead of polling. This port number must match the port used for the Component Manager Event Port on the Content Platform Engine.

Process Simulator ports The Process Simulator ports information, which is segmented into multiple tables, lists the port names, port numbers, communication protocols, and description for its use. Table 35. Process Simulator ports Port name



Default port number

Registry port

RMI

T

Return

RMI

T

176


From

To

32771

Process Task Manager

Process Simulator

0

Application Engine

Process Simulator

Table 36. Process Simulator ports–continued

Port name



Load Balancer?

s SSL?

Registry port

Yes

No

No

No

Return

Yes

No

No

No

Table 37. Process Simulator ports–continued Port name

Notes

Registry port

The port is on the Process Simulator server. The Process Task Manager application on the Process Simulator server communicates with the Process Simulator server process on this port. The Application Engine also communicates with the Process Simulator server process on this port.

Return

The port is on the Process Simulator server and is used to communicate with the Application Engine server. By default an anonymous port number is used. However, if the Process Simulator server resides behind a firewall it will be necessary to specify an explicit port by entering a value other than 0.

Content Search Services ports The Content Search Services ports information, which is segmented into multiple tables, lists the port names, port numbers, communication protocols, and description for its use. Table 38. Content Search Services ports Port name Content Search Services server



Default port number

proprietary

T

8191

From

To

Content Engine Content Search Services

Table 39. Content Search Services ports–continued

Port name



Load Balancer?

s SSL?

Content Search Services server

Yes

No

No

Yes (for P8 version 5.1)

Table 40. Content Search Services ports–continued Port name

Notes

Content Search Services server

The port is located on the Content Search Services server and is used for communication between the Content Search Services server and the Content Engine.


177

Rendition Engine and Content Platform Engine ports for LIQUENT The following tables list the Rendition Engine and Content Platform Engine ports information for LIQUENT. Table 41. Rendition Engine and Content Platform Engine ports for LIQUENT Port name


Default port number

LIQUENT input port

T/IP

LIQUENT notify port

From

To

2867 (COM Repository only)

Content Platform Engine and Rendition Engine

Rendition Engine

T/IP

2868

Rendition Engine


LIQUENT event port

T/IP

2869


Rendition Engine

LIQUENT port

T/IP

2870


Rendition Engine

LIQUENT file transfer port

T/IP

2871



LIQUENT job queue port

T/IP

2872

Rendition Engine

Rendition Engine

Table 42. Rendition Engine and Content Platform Engine ports for LIQUENT - continued

Port name



Load Balancer?

s SSL?

LIQUENT input port

Yes

No

No

No

LIQUENT notify port

Yes

No

No

No

LIQUENT event port

Yes

No

No

No

LIQUENT port

Yes

No

No

No


Yes

No

No

No


Yes

No

No

No

Table 43. Rendition Engine and Content Platform Engine ports for LIQUENT–continued Port name

Notes

LIQUENT input port

The port allows for distributed processing of jobs on the Rendition Engine servers when there are more than one Rendition Engine server. A Rendition Engine server or Rendition Engine client (Content Platform Engine Publishing server) on which a job is submitted makes the load balancing decision on where to run the job. If the job is sent to another Rendition Engine server for execution then it uses the other Rendition Engine server's input port to do so.

178


Table 43. Rendition Engine and Content Platform Engine ports for LIQUENT–continued (continued) Port name

Notes

LIQUENT notify port

The port is also related to the distributed processing of jobs on the Rendition Engine servers. When a job is sent to another Rendition Engine server, then the originating Rendition Engine server or Rendition Engine client (Content Platform Engine Publishing server) is notified on this port by the other Rendition Engine server when the other Rendition Engine server has finished processing the job. One case of this is when the Rendition Engine server is notifying the Rendition Engine client (Content Platform Engine Publishing server) that a conversion job has completed.

LIQUENT event port

The port is used by each Rendition Engine server to send or receive events. These events are used by the Rendition Engine server to keep each other informed of current activities. The LIQUENT Domain Manager on the Rendition Engine server uses these events for the job status display.

LIQUENT port

The port is used by each Rendition Engine server for internal istrative functions. The primary use is for each Rendition Engine server to publish its current activity statistics (for example, how busy the business services are) for use by other Rendition Engine servers to make load balancing decisions.


This port is used for transferring source, temporary, and result files between Rendition Engine servers as well as between Rendition Engine servers and Rendition Engine clients (Content Platform Engine Publishing servers).


This port is for job queuing by the render business service on all Rendition Engine servers.

Tip: If the LIQUENT port number assigned to the Rendition Engine/LIQUENT software conflicts with the port number required by another application or service that runs on the Rendition Engine server or the Content Platform Engine Publishing server, then the default values can be changed in the LIQUENT Domain Manager on the Rendition Engine server. The above port numbers are the default values set by the Rendition Engine installer for the COM Repository in the LIQUENT Vista domain, which represents the Rendition Engine server itself. When a Content Platform Engine Publishing server is configured to point to the Rendition Engine server, one must create a "Java Repository" in the LIQUENT Vista domain that represents the Content Platform Engine Publishing server as a Java client to the Rendition Engine server, and this repository will also have the same default port number values. The database port number is not specified directly by the Rendition Engine server’s LIQUENT software, but it is specified for the Rendition Engine client in the Content Platform Engine Publishing server's Rendition Engine Connection object (for the JDBC connection from the Rendition Engine client module to the Rendition Engine database server).


179

Database ports The database ports information, which is segmented into multiple tables, lists the port names, port numbers, communication protocols, and description for its use. Table 44. Database ports Application level protocol


Default port number

DB2 for Linux, UNIX, and Windows

JDBC or CLI

T

DB2 for z/OS

JDBC or CLI

Oracle

Microsoft SQL Server

Port name

From

To

50000

Content Platform Engine, Case Analyzer and IBM Content Navigator

DB2

T

446

Content Platform Engine, Case Analyzer and IBM Content Navigator

DB2

JDBC or OCI

T

1521

Content Oracle Platform Engine, IBM Content Navigator, Case Analyzer, and Rendition Engine

JDBC or TDS

T

1433

Content Microsoft SQL Platform Server Engine, IBM Content Navigator, Case Analyzer, and Rendition Engine

Table 45. Database ports - continued Port name


Long lived sessions? Load Balancer?


Yes

No

Yes

DB2 for z/OS

Yes

No

Yes

Oracle

Yes

No

Yes


Yes

No

Yes

Table 46. Database ports - continued

180

Port name

Notes


DB2 for Linux, UNIX, and Windows default port. Port 50000 or higher can be used.

DB2 for z/OS

The default port for DB2 for z/OS is typically changed. Refer to your database for the port numbers in use.

Oracle

Oracle DB default listener. Alternative port is 2483 (TTC) or 2484 (TTC SSL).


Table 46. Database ports - continued (continued) Port name

Notes


The port is the default port for SQL Server.

IBM System Dashboard for Enterprise Content Management ports The IBM System Dashboard for Enterprise Content Management ports information, which is segmented into multiple tables, lists the port names, port numbers , communication protocols, and description for it use. Table 47. IBM System Dashboard for Enterprise Content Management ports Port name



Default port number

Listener (first)

T/IP

T

Listener (subsequent)

T/IP

T

From

To

32775

IBM System Dashboard for Enterprise Content Management client (such as, System Dashboard / FSM)

IBM System Dashboard for Enterprise Content Management Listener (running on Content Platform Engine, Application Engine, FileNet Image Services, and other servers)

OS defined

IBM System Dashboard for Enterprise Content Management client (such as, IBM System Dashboard for Enterprise Content Management / FSM)

IBM System Dashboard for Enterprise Content Management Listener (running on Content Platform Engine, Application Engine, FileNet Image Services, and other servers)

Table 48. IBM System Dashboard for Enterprise Content Management ports–continued

Port name



Load Balancer?

s SSL?

Listener (first)

Yes

Yes

No

No


Yes

Yes

No

No


181

Table 49. IBM System Dashboard for Enterprise Content Management ports–continued Port name

Notes

Listener (first)

This is the primary "pilot port" for connection to the IBM System Dashboard for Enterprise Content Management server. This port also s the secondary allocated ports and communicates those numbers to the Dashboard. If needed, an can use the PchConfig.properties file to override the OS-defined property and define a specific range of ports to use.


If the first listener port is allocated, the OS will allocate additional ports for managers to connect to listeners on the IBM System Dashboard for Enterprise Content Management server. If needed, an can use the PchConfig.properties file to override the OS-defined property and define a specific range of ports to use.

Content Services for FileNet Image Services ports The following tables list the port numbers used by IBM FileNet Content Services for FileNet Image Services. Table 50. Content Services for FileNet Image Services ports Port name



Default port number

From

To

tms

Custom

T

32768

FileNet Image Services server

cor

Custom

T

32769

FileNet Image Services, FileNet Image Services Toolkit, or Content Engine server


nch

Custom

UDP

32770

Content Engine server


fn_snmpd

SNMP

UDP

161

SNMP Mgmt

FileNet Image Services

snmp trap

SNMP

UDP

162

SNMP Mgmt

SNMP Mgmt

fn_trapd

SNMP

UDP

35225


SNMP Mgmt

Native default SNMP port (HP only)

SNMP

UDP

8000

SNMP Mgmt

HP-UX OS

IBM FileNet P8 specific SNMP port (HP and Solaris only)

SNMP

UDP

8001

SNMP Mgmt

fn_snmp (HP and Sun)

tpi

Custom

UDP

anonymous

FileNet Image Services Toolkit or FileNet Image Services


182


Table 51. Content Services for FileNet Image Services ports–continued

Port name



Load Balancer?

s SSL?

tms

Yes

No

No

No

cor

Yes

Caller is responsible for closing the connection

No

No

nch

Yes

No

No

No

fn_snmpd

Yes

No

No

No

snmp trap

No

No

No

No

fn_trapd

No

No

No

No


Yes

No

No

No

FileNet P8 specific SNMP port (HP and Solaris only)

Yes

No

No

No

tpi

Yes

No

No

No

Table 52. Content Services for FileNet Image Services ports–continued Port name

Notes

tms

tms is the Task Manager service. TM_daemon listens for requests from initfnsw running on the same or a different system analogous to COR_Listen listening for RPCs.

cor

cor is the Courier service. COR_Listen listens on this port for incoming RPC requests.

nch

nch is the NCH daemon. NCH_daemon listens on this port. Pre-4.1.2 listened for broadcasts, and so on, Post 4.1.2, listens only for old print servers to that NCH is up.

fn_snmpd

fn_snmpd is the FileNet Image Services Simple Network Management Protocol daemon. It listens for SNMP requests from the native OS SNMP daemon. The native SNMP daemon listens on this port and communicates with fn_snmpd through other local port. fn_snmpd does not listen on this port.

snmp trap

This port is a well-known OS trap daemon port for listening to trap messages. All FileNet Image Services trap messages received by fn_trapd daemon are eventually routed to this port.

fn_trapd

fn_trapd is the FileNet Image Services trap daemon, which listens for notifications of the end of FileNet Image Services background processes running on the server and sys logs information.


All non-FileNet Image Services based SNMP requests are routed to this port for native SNMP processing.

FileNet P8 specific SNMP port (HP and Solaris only)

All FileNet Image Services based SNMP requests are routed to this port for fn_snmpd daemon processing.

tpi

Used for migration notification. The requester gets the anonymous UDP socket and waits on completion. When the migration is complete, the ds_notify and pri_notify processes send TPI notifications to signal completion of a task.

Important: On AIX, HPUX, HUPUXi, Linux, Linux on System z, and Solaris platforms, FileNet Image Services port assignments are made in the /etc/services file. Appendix B. FileNet P8 ports

183

184


Notices This information was developed for products and services offered in the US. This material may be available from IBM in other languages. However, you may be required to own a copy of the product or product version in that language in order to access it. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the 's responsibility to evaluate and the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not grant you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing IBM Corporation North Castle Drive, MD-NC119 Armonk, NY 10504-1785 US For license inquiries regarding double-byte (DBCS) information, the IBM Intellectual Property Department in your country or send inquiries, in writing, to: Intellectual Property Licensing Legal and Intellectual Property Law IBM Japan Ltd. 19-21, Nihonbashi-Hakozakicho, Chuo-ku Tokyo 103-8510, Japan INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. © Copyright IBM Corp. 2001, 2016

185

IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should : IBM Director of Licensing IBM Corporation North Castle Drive, MD-NC119 Armonk, NY 10504-1785 US Such information may be available, subject to appropriate and conditions, including in some cases, payment of a fee. The licensed program described in this document and all licensed material available for it are provided by IBM under of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us. The performance data discussed herein is presented as derived under specific operating conditions. Actual results may vary. The client examples cited are presented for illustrative purposes only. Actual performance results may vary depending on specific configurations and operating conditions. The performance data and client examples cited are presented for illustrative purposes only. Actual performance results may vary depending on specific configurations and operating conditions. Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. Statements regarding IBM's future direction or intent are subject to change or withdrawal without notice, and represent goals and objectives only. This information is for planning purposes only. The information herein is subject to change before the products described become available. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. COPYRIGHT LICENSE: This information contains sample application programs in source language, which illustrate programming techniques on various operating platforms. You may copy,

186


modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. The sample programs are provided "AS IS", without warranty of any kind. IBM shall not be liable for any damages arising out of your use of the sample programs. Each copy or any portion of these sample programs or any derivative work, must include a copyright notice as follows: © Copyright IBM Corp. 2016 Portions of this code are derived from IBM Corp. Sample Programs. “ considerations” on page 188

Trademarks IBM, the IBM logo, and ibm.com are trademarks or ed trademarks of International Business Machines Corp., ed in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at http://www.ibm.com/legal/copytrade.shtml Adobe, the Adobe logo, PostScript, and the PostScript logo are either ed trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. Linux is a ed trademark of Linus Torvalds in the United States, other countries, or both. Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. Java and all Java-based trademarks and logos are trademarks or ed trademarks of Oracle and/or its s. UNIX is a ed trademark of The Open Group in the United States and other countries. Other company, product, and service names may be trademarks or service marks of others.

and conditions for product documentation Permissions for the use of these publications are granted subject to the following and conditions. Applicability http://www.ibm.com/legal/us/en/copytrade.shtml Personal use

Notices

187

You may reproduce these publications for your personal, noncommercial use provided that all proprietary notices are preserved. You may not distribute, display or make derivative work of these publications, or any portion thereof, without the express consent of IBM. Commercial use You may reproduce, distribute and display these publications solely within your enterprise provided that all proprietary notices are preserved. You may not make derivative works of these publications, or reproduce, distribute or display these publications or any portion thereof outside your enterprise, without the express consent of IBM. Rights Except as expressly granted in this permission, no other permissions, licenses or rights are granted, either express or implied, to the publications or any information, data, software or other intellectual property contained therein. IBM reserves the right to withdraw the permissions granted herein whenever, in its discretion, the use of the publications is detrimental to its interest or, as determined by IBM, the above instructions are not being properly followed. You may not , export or re-export this information except in full compliance with all applicable laws and regulations, including all United States export laws and regulations. IBM MAKES NO GUARANTEE ABOUT THE CONTENT OF THESE PUBLICATIONS. THE PUBLICATIONS ARE PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE.

considerations IBM Software products, including software as a service solutions, (“Software Offerings”) may use cookies or other technologies to collect product usage information, to help improve the end experience, to tailor interactions with the end or for other purposes. In many cases no personally identifiable information is collected by the Software Offerings. Some of our Software Offerings can help enable you to collect personally identifiable information. If this Software Offering uses cookies to collect personally identifiable information, specific information about this offering’s use of cookies is set forth below. This Software Offering does not use cookies or other technologies to collect personally identifiable information. If the configurations deployed for this Software Offering provide you as customer the ability to collect personally identifiable information from end s via cookies and other technologies, you should seek your own legal advice about any laws applicable to such data collection, including any requirements for notice and consent. For more information about the use of various technologies, including cookies, for these purposes, See IBM’s at http://www.ibm.com/privacy and IBM’s Online Privacy Statement at http://www.ibm.com/privacy/details the

188


section entitled “Cookies, Web Beacons and Other Technologies” and the “IBM Software Products and Software-as-a-Service Privacy Statement” at http://www.ibm.com/software/info/product-privacy.

Notices

189

190


Index Special characters .NET configuring Windows

33, 139

A s 97 Application Engine 22, 70 Content Platform Engine 58 Content Platform Engine upgrade 132, 142 IBM Content Search Services 26, 27 workflow 69 Advance storage areas replication models 37 Advanced storage area advantages 36 Advanced storage areas preparing 39 AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris 137 Application Engine configuring Linux 33 configuring Solaris 32 creating shared directories 35 pre-installation tasks 115 Application Engine and Workplace XT ports 176 Application Engine operating system 25, 70 Application Engine operating system database 23, 152 application server configuration 115 LDAP 57, 142 server cluster 115 server farm 115 98 application server installation group 135 application server instance starting or stopping 114, 153 ASA installation tasks 95 upgrade tasks 151 asynchronous processing dispatcher enabling before upgrade 155 authentication CA Directory 57 IBM Tivoli Directory Server 52 IBM virtual member manager 52 Novell eDirectory 51 Oracle Directory Server Enterprise Edition 50 Oracle Internet Directory 51 virtual member manager custom repository 56 virtual member manager file repository 55 virtual member manager LDAP repository 53 © Copyright IBM Corp. 2001, 2016

authentication (continued) Windows Active Directory 49 Windows AD LDS 49

B Bootstrap

59

C CA Directory 57 CE_Operations custom settings 160 CFS database 143 CIFS configuring a Windows-based file server for a Windows client 42 COM compatibility clients configuring Windows 33, 139 config_mgr_ 20 Configuration Manager setting permissions for 103 configurations sample 1 Configure Windows servers 33 configuring a file server 42 configuring settings on file servers 41 configuring Active Directory 139 configuring application servers in high availability environments 111 configuring Content Platform Engine 109 configuring FileNet P8 components 137 configuring the application server forContent Platform Engine 154 configuring the network 34 Configuring Windows Active Directory 139 Content Federation Services 125 Content Platform Engine 89 configuring AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris 137 configuring JBoss Application Server 109 configuring remote access protocol 43 configuring the application server 154 configuring Windows 34 deployment on multiple servers 103 primary istrative name 103 remote file access protocols 41 setting host aliases 103 WebSphere 100 WebSphere environment variables 101 Content Platform Engine application server installation 135

Content Platform Engine application server installation group 135 Content Platform Engine installation 19 Content Platform Engine operating system database 21 Content Platform Engine operating system instance s 22 Content Platform Engine operating system 19, 134 Content Platform Engine ports 172 Content Platform Engine ports for LIQUENT 178 Content Platform Engine servers configuring on AIX, Linux, Solaris Content Platform Engine system Content Platform Engine DB2 for Linux, UNIX and Windows Content Search Services ports 177 e_db_ 72

29 59 for 21

D data collection tools IBM Assistant Data Collector 44, 140 IBM Assistant Lite Data Collector 44, 140 data sources resolving names of 115 database configuring automatic transaction processing (Oracle) 86 creating 89 GCD (Oracle) 84, 92 GCD (SQL Server) 77 installing and configuring (SQL Server) 77 object store (Oracle) 84 object store (SQL Server) 78 storage area 40 database failover preparing 104 database ports 180 database 72 DB2 install for FileNet P8 platform 91 installing 91 JDBC drivers 104, 108 planning for upgrades 145, 147 WebLogic 104 WebSphere 108 DB2 for Linux UNIX and Windows plan for FileNet P8 platform 90 preparing for FileNet P8 89 DB2 for Linux, Unix and Windows 72 DB2 for z/OS install for Content Platform Engine 87 install for FileNet P8 platform 88 installing license 89

191

DB2 for z/OS database 73 DBA installation tasks 70 upgrade tasks 143 DBexecute alias 159 deployment planning 2 directory servers CA Directory 57 IBM Tivoli Directory Server 52 IBM virtual member manager 52 Novell eDirectory 51 Oracle Directory Server Enterprise Edition 50 Oracle Internet Directory 51 virtual member manager custom repository 56 virtual member manager file 55 virtual member manager LDAP repository 53 Windows Active Directory 49 Windows AD LDS 49 directory service bind 63, 64, 65, 66, 67, 68 DNS forwarder 49 documentation server installing 117 domain 113

IBM (continued) IBM Assistant Lite Data Collector 44, 140 IBM System Dashboard for Enterprise Content Management ports 181 IBM Tivoli Directory Server 52 IBM virtual member manager 52 install Content Platform Engine 19 Install Oracle 83 installation ASA tasks 95 DBA tasks 70 ITA tasks 15 planning 1 planning and preparing 1 SA tasks 45 installation and upgrade worksheet 128 Installation and Upgrade Worksheet 13 installation scenarios IBM Content Search Services 8 installing localized version of operating system 163 installing operating system language pack 163 ITA installation tasks 15 upgrade tasks 131

J

E encrypted NTFS devices 40 Encryption products for storage

JBoss configure for Content Platform Engine 108 configuring clusters 111 JBoss Application Server 109 configuring for Application Engine 114 configuring for Workplace XT 114 JDBC drivers 108 install for DB2 104, 108 install for SQL Server 104 WebLogic 104 install for Oracle 104 WebSphere 108

40

F file servers configuring settings 41 file storage area configuring 40 defined 40 FileNet Image Services ports 182 FileNet P8 eForms 125 Filenet P8 ports 171 Fix Packs and Test Fixes minimum level required 125 fixed storage area 40

K Kerberos 46

G

L

GCD (SQL Server) database creating 77 GCD 61

load balancer configuring 116 load balancing configuring 104 IBM Content Search Services locale and for other languages 165

I IBM Content Search Services installation scenarios 8 standby index area policy 28 IBM Content Search Services servers configuring on AIX, Linux, Solaris IBM data collection tools 44, 140 IBM Assistant Data Collector 44, 140

192


27

maximum file size maximum number of open files per process setting to unlimited 29, 30 setting to unlimited 29, 30 Microsoft SQL Server reducing deadlock errors 81, 151 migration upgrade migrating the Windows platform to UNIX goal overview 122 multi-instance deployment Application Engine 9

N network configuring for FileNet P8 components 140 prerequisites to configuring 34 new server instance changing application server hardware 122 changing database server hardware 122 NFS configuring a Windows-based file server for a non-Windows client non-managed deployment Application Engine 9 Content Platform Engine 8 Novell eDirectory 51

O object store DB2 database 93 object store (SQL Server ) database creating 78 object store 62 operating system considerations 164 Oracle 81 create databases 83 install for FileNet P8 platform 82 JDBC drivers WebLogic 104 plan for FileNet P8 platform 81 planning for upgrades 148 Oracle database 74 Oracle Directory Server Enterprise Edition setting resource limits for s 51 Oracle Directory Server Enterprise Edition (v 5.2) setting resource limits for directory server 50 Oracle Internet Directory 51

P 30

M managed deployment Application Engine 9 Content Platform Engine

8

P8A upgrade tasks 155 ports 171, 172, 176, 177, 178, 180, 181, 182 pre-installation tasks Application Engine 115

43

preparing for database failover 104 preparing for FileNet P8 81 Process Engine preparing for upgrades 156 Process Simulator ports 176 profile 100 proxy server configuring 104, 116

R realm 46 Reducing deadlock errors Microsoft SQL Server 81, 151 remote file access protocols 41 Rendition Engine ports 178 Replication models 37 resolving names of data sources 115 roles definition of installation 11 definition of upgrade 127

S SA installation tasks 45 upgrade tasks 141 scenarios distributed 8 multiple domain 10 standard distributed 9 security install considerations 46 upgrade considerations 142 server cluster application server 115 server farm application server 115 Single Sign-On 46 SQL Server install for FileNet P8 platform 76 JDBC drivers 104 plan for FileNet P8 platform 76 planning for upgrades 148 preparing for FileNet P8 75 WebLogic 104 SQL Server database 75 SSO Kerberos 46 planning considerations 46 requirements 46 stand-alone deployment Application Engine 9 Content Platform Engine 8 standby index area policy choosing 28 IBM Content Search Services 28 Storage areas 40 Storage plan creating 35 Creating a storage plan 35 synchronizing time and date 35

U UNIX configuring for FileNet P8 components 29 upgrade 122 ASA tasks 151 DBA tasks 143 ITA tasks 131 on existing server instance 121 planning 119 planning and preparing 119 planning considerations 124 SA tasks 141 upgrade application server strengthening Content Engine for JBoss security 111 upgrade expansion products 125 Content Federation Services 125 FileNet P8 eForms 125 Records Manager 126 upgrade tasks P8A 155 upgrading Content Engine upgrading the underlying vendor software 126 upgrading FileNet P8 configuring AIX, HPUX, HPUXi, Linux, Linux on System z, and Solaris 136 Upgrading Process Engine background information 126 using localized version of Microsoft Windows 165

Windows AD LDS 49 Windows inbound rules 139 Windows-based file server configuring for a non-Windows client using NFS 43 configuring for a Windows client using CIFS 42 workflow system 69 Workplace avoid logon failures in multi-forest domains 104 shared settings 116 Workplace XT creating shared directories 35 Workplace XT operating system 25, 70 worksheet 13 autofiltering and sorting 14, 130 running the customize macro 13, 129 using the installation and upgrade worksheet 128

X XA transactions enabling 80, 150

V virtual member manager custom repository 56 virtual member manager file repository 55 virtual member manager LDAP repository 53

W WebLogic configure for Content Engine 104 WebLogic Server configuring for Application Engine 113 configuring for Workplace XT 113 WebSphere configure for Content Platform Engine 99 configuring for Application Engine 112 configuring for Workplace XT 112 primary istrative name 103 WebSphere profile for Content Platform Engine 100 Windows configuring for FileNet P8 components 138, 139 Windows 2008 inbound rules 34 Windows Active Directory 49 Index

193

194


IBM®

Product Number: 5724-R76 5724-R81

GC19-3955-04

Plan And Prepare Your Environment For Filenet P8 47371v

Overview 5o1f4z

More details 6z3438

Related Documents c2h70

Plan And Prepare Your Environment For Filenet P8 47371v

Filenet P8 Architecture Complete 4f405c

Filenet P8 Platform Installation Guide 1p452x

Developing Applications With Ibm Filenet P8 Apis 5s5lo

Filenet P8 System Overview_ Architectural Diagrams 6mp13

E48 And P8 Manual 48do

More Documents from "Vanja Haleš" 6z73b

Semiologija 5i5166

Aesthetic Reasoning 2886p

Coseram Presentation 335v4h

230995100-surya-namaskar-swami-satyananda-saraswati.pdf 1e4u34

Kristofer Vilis Gortner - Ispovesti Katarine Medici 513es

Pat Martino - Catch 124h69