IBM Connections CCM upgrade to CR2 and special characters in passwords

I was updating a Connections install to CR2 with CCM; when it came to update the FNCE server I ran the command
C:\IBM\Connections\FileNet.update\scripts>update-ce.bat -was.dm.path=c:\IBM\WebSphere\AppServer\profiles\Dmgr01 -was.admin.user=localadmin -was.admin.password=password -conn.home.location=c:\IBM\Connections -ce.fp.installer.location=C:\Downloads\ic55cr2\filenet\5.2.1.4-P8CPE-WIN-FP004.EXE
The update-ce command runs wsadmin to connect to the DM as a first thing.

I got an error, the Deployment Manager is inaccessible.

If I tried to run wsadmin manually I could connect to the Deployment Manager, so I was puzzled.
I decided to ask the community for help and I picked the excellent Ben William‘s brain.After chatting for a while it came out that the user I was using to run wsadmin had a password with a special character in it, a ! Ben suspected it could be the cause so I created another user in WAS, with a password without special characters, gave it admin roles and run again the update-ce command.
Everything worked this time 🙂

So my advice is: choose your admin passwords carefully, otherwise sometimes you can run into problems. I usually mix letters and numbers, caps and no caps, but I try to avoid special characters.


A kind request to conference organizers

In those last two years I spoke at several conferences, from IBM Connect to various user group meetings. I have a request for the conference organizers; if you give to the attendees a sheet for the sessions evaluations, please share the results of the evaluations with us speakers. This does not always happen. It would be beneficial for me as a speaker to know how good or bad I performed. If something is wrong I can work towards correcting it, is not just a matter of ego, though everyone likes a good rating.


IBM Verse on Premises 1.0.0.1 integration with Connections Files. How to make it work – Updated

 

I installed Verse on Premises 1.0.0.1 in my environment but when I tried to add a link to a file in Connections when composing an email I got an error “Sorry we cannot retrieve your files at the moment”.

After a chat with my excellent friend and IBM Champion Christoph Stoettner, he found the problem and the solution.
The official documentation about integrating VoP with Connections says to add a few lines at the end of the httpd.conf file:

 

  • Make a backup copy of httpd.conf.
  • Remove any comment symbols (#) from the following lines:
    LoadModule headers_module modules/mod_headers.so
    LoadModule rewrite_module modules/mod_rewrite.so
  • Find the following two lines:
    LoadModule was_ap22_module /opt/IBM/WebSphere/Plugins/bin/64bits/mod_was_ap22_http.so
    WebSpherePluginConfig /opt/IBM/WebSphere/Plugins/config/webserver1/plugin-cfg.xml

    Copy the following lines and paste them directly after the two lines:

    RewriteEngine on
    
    # Minor change to adjust for Cloud vs On-Premises API variation of parameter name
    RewriteCond %{REQUEST_METHOD} PUT
    RewriteCond %{QUERY_STRING} ^(.*)uid=(.*)
    RewriteRule ^/profiles/photo.do /profiles/photo.do?%1userid=%2 [L]
    
    # Added necessary CORS headers when Origin header present
    Header unset Access-Control-Allow-Origin
    SetEnvIf Origin "^https://(vop_server_hostname\.)?(domain_name)$" origin_is=$0
    Header always set Access-Control-Allow-Origin %{origin_is}e env=origin_is
    Header always set Access-Control-Allow-Credentials "true" env=origin_is
    Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, slug" env=origin_is
    Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT" env=origin_is
    
    Header always set Access-Control-Max-Age "1000" env=origin_is
    Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT" env=origin_is
    # Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding, slug" env=origin_is
    Header always set Access-Control-Allow-Headers "X-Requested-With, Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, slug, X-Update-Nonce" env=origin_is
    Header always set Access-Control-Expose-Headers "Content-Disposition, Content-Encoding, Content-Length, Date, Transfer-Encoding, Vary, ETag, Set-Cookie, Location, Connection, X-UA-Compatible, X-LConn-Auth, X-LConn-UserId" env=origin_is
    
    # Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
    RewriteCond %{REQUEST_METHOD} OPTIONS
    RewriteRule .* - [R=200,L]
    
    # Remove the Origin header if it exists for other requests (POST, GET, DELETE, PUT). Causes problems with Connections returning 403 response.
    RequestHeader unset Origin env=origin_is

     You have to change this line

    SetEnvIf Origin "^https://(vop_server_hostname\.)?(domain_name)$" origin_is=$0

    putting your server name and domain name.
    Examples
    vop_server_hostname = mail01
    domain_name = company.com

    `SetEnvIf Origin “^https://(mail01\.)?(company\.com)$” origin_is=$0`

This is not enough.
Since in the httpd.conf I use a virtual host, as is common in Connections, you need to add those lines also in the virtual host definition, so I copied them after the line

SSLProtocolDisable SSLv2 SSLv3

in the virtual host definition.

Restarted the http server and now the integration works.

UPDATE

The excellent Tim Clark, a good friend of mine and an IBM Champion, made a couple of interesting and useful suggestions in his comment to this post. I will put them here because not everyone read the comments

  1. It is possible to make the https optional with the following RegEx, http(s)?
    So it all looks like this in the end.
    `SetEnvIf Origin “^http(s)?://(mail01\.)?(company.com)$” origin_is=$0`
  2. you can put all the lines to copy and paste in a separate file so that you don’t have to have it listed twice in your httpd.conf file and then use an include to insret it (**twice**) where you need it.`Include “X:\IBM\HTTPServer\conf\vop.conf”`