Configuring trust for the Sametime Contact List portlet

To use the Sametime Contact List portlet, you configure the IBM® Lotus® Sametime® server so that it will trust the Lotus Sametime server application running on your IBM WebSphere® Portal server, as well as trust any additional Domino and Extended Product servers within your site.
Note: If your portal environment does not use the LTPA token (UseLTPAToken is set to false in your CSEnvironment.properties file), WebSphere Portal requires this trust configuration in order to build the credentials for people awareness.

Your portal does not use the LTPA token if the Lotus Sametime server is set to authenticate with a native Lotus Domino Directory; instead, the Lotus Sametime server uses a Sametime token.

You can configure trust in one of two ways, depending on the maturity of your portal environment. In a test or development environment, you can set the Lotus Sametime server to accept the IP addresses of all other servers as trusted. Later, when you increase security, you may want to configure a restricted list of trusted server IP addresses.

Perform the following steps:

1. Determine whether you want to trust all servers, or set up a list of servers to which trust is restricted.
2. To trust all servers (appropriate in a test environment):
1. Open a text editor on the Sametime server.
2. Open the Sametime.ini file.
3. Add the following line to the Debug section:

[Debug]
VPS_BYPASS_TRUSTED_IPS=1

4. Save and close the Sametime.ini file.
5. Restart the Sametime server.
3. To set up a list of restricted servers (appropriate in a production environment):
1. Determine the IP addresses of all servers in your portal environment that will connect to the Lotus Sametime server, beginning with the primary portal server, and including any other portal or Lotus Sametime servers.
Restriction: You must use actual IP addresses, not server hostnames.
2. On the primary Lotus Sametime server, use a Lotus Notes client to open the STconfig.nsf database.
3. Open the By form view.
4. Edit the Community Connectivity document.
5. In the Community Trusted IPS field, enter all trusted IP addresses, separated by either a comma (,) or semicolon (;).
6. Save the document, and restart the primary Lotus Sametime server.

For more information on the token setting in the CSEnvironment.properties file, see Setting Lotus Sametime to use a Lotus Sametime token for user login.

No comments: