IBM Rational Demo hosts iSeriesD and ZServeros now require SSL

For anyone who has taken a HATS class (including those offered by our company), you may find problems accessing the demo servers if you run back through your lab exercises.

The reason is that IBM now requires SSL on these connections. I found this on the main site:

28 Jul 2010: If you are using a Terminal Emulator to connect to the system,SSL is now required. SSL Setup instructions for IBM Personal Communications

Follow the instructions in the HATS online help to enable SSL. If you already have the certificate from the telnet host, here is a summary of what you do next (from the HATS help system):

To create a keystore file to use with HATS that includes the certificate file you extracted from the Telnet server's keystore file, take the following steps:

1. Copy the certificate extracted from the Telnet server's keystore file to your HATS development system.
2. Click Start > All Programs > IBM Rational® SDP profile > IBM Rational HATS 7.5 > Certificate Management (where IBM Rational SDP profile is the Rational SDP product profile you have installed.
3. Click Key Database File and select New....
4. For the Key database type, select PKCS12. Give the file a name with an extension of .p12 and a location, and click OK.
5. Type in a password, confirm it, and click OK.
6. Under Key database content, select Signer Certificates from the drop-down list and click Add....
7. For Data type select Binary DER data. If the certificate is in ASCII format, select Base64-encoded ASCII data.
8. Browse to find and select the certificate you extracted from the Telnet server's keystore file and click OK.
9. Enter a label for the certificate and click OK.
10. Exit the Certificate Management tool.

Redirecting your IHS root context to your WebSphere app Server app

When you install WAS,  you'll probably also be installing IBM HTTP Server (you should if you use web apps). However, you may want that HTTP server to automagically navigate to your preferred WAS java app. Otherwise, if your users navigate to the default hostname (http://www.myhostname.com), they'll see the ugly IBM HTTP Server welcome page with links to nothing else.

Let's say you want them to instead go to http://www.myhostname.com/MyApp, but don't really want to have to give them the URL with the root context. First, make sure the application is up and running on WAS. Also, make sure you've mapped the web module to the IHS server in the admin console.

Now, go to the htdocs directory under your HTTP server install root (c:\IBM\HTTPServer\htdocs). Create a file called .htaccess (yes a period before the name). Add the following to the file:

Redirect 301 / http://www.myhostname.com/MyApp


You can also type the following on a Windows command line to do it all in one shot:

C:\IBM\HTTPServer\htdocs> echo "Redirect 301 / http://www.myhostname.com/MyApp" > .htaccsss


Next, open your httpd.conf file located in the 'conf' directory under IHS. Edit the 'AllowOverride' line from 'None' to 'All'. This assumes that you are only using IHS to front end your WAS server. If IHS is hosting more that just WAS apps, you'll need to do some more homework on this.


#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All


This is called a permanent redirection, and any web crawlers will automatically update their search engines. It is faster than embedding an http redirect in the index.html, and more reliable. 

Now, restart IHS, and voila! Your default host name now refers you directly to your installed WAS app.

If you find you need to do more with IHS than that, here's a few links to help you out:

• http://www.stevenhargrove.com/redirect-web-pages/
• http://corz.org/serv/tricks/htaccess2.php
• http://codex.wordpress.org/Using_Permalinks

DB2 CommonStore - Some sage advice for eDiscovery and email archving

I have a customer who is archiving data using IBM DB2 CommonStore for Lotus Domino, and have recently upgraded their environment. There are some things to know as you may not easily be able to glean advice from the IBM support portal.

Analysis and Planning

Setting up a corporate email archiving solution can be a much larger undertaking then you think. There are storage, legal, regulatory, communal, and of course cost concerns. All of these will factor into the total price. Before you commit to setting up an archive system of ANY kind, sit back and ask yourself the following questions:

• What is the maximum time I'm willing to keep emails?
• What is the minimum time I'm required to keep emails? (think regulatory compliance)
• Can I depend on my users to abide by our archiving standards? (hint: no, you cannot)
• What is the risk of not being able to find key emails if we are sued?
• What is the legal risk of keeping email?
• What is the cost of keeping email for 1 year, 3 years, 7 years? (think storage costs)
• How can I keep a user from deleting email younger than our retention period?

If you only want to reduce your storage costs, then most likely the email platform you are using already has archiving features available to you. Lotus Domino has a decent archiving system that lets you centralize a policy and offload archived emails to local desktops or to remote desktop servers. Exchange and GroupWise have similar features. Google Apps has a very rudimentary system of archiving. If you don't forsee your organization ever having to perform what is called an 'eDiscovery' for a litigation, then this may be the most economical solution. However, many industries are required to retain any communication with customers for a specified amount of time (SEC in particular). SOX only requires you to define a time period and stick with it. HIPPA has privacy and security concerns you need to address, as well as long term retention demands. Bottom line, you need to define a policy first. This should be both an archiving policy and an email acceptable usage policy. Consider also archiving of instant messaging data as well. That too is admissible as evidence, and I promise you your employees are using instant messaging whether you "allow" it in your organization or not! Its best to allow it so you can collect it. Collecting it means controlling it.

 DB2 CommonStore & InfoSphere Content Collector
Both of these products are considered high end email collection tools. CommonStore has been around for a few years and is the elder brother of the two. InfoSphere was acquired by IBM along with a whole portfolio of products. CommonStore has three flavors: one for Domino, one for Exchange, and one for SAP. InfoSphere has one flavor.
If you have a choice between CommonStore, and InfoSphere, go with InfoSphere. The price is the same, but its easier to configure, and there are less tentacles into the Domino server. The largest inconvenience I see with CSLD is that it requires custom updates to the Notes mail templates, which need to be upgraded with each CSLD patch, and also must be reconciled with new mail templates with each Domino release. PITA. InfoSphere Content Collector however, can crawl both Domino and Exchange systems, which is ideal if you have a mixed environment. ICC is definitely the more flexible of the two. Both however require a content mangement backend. Namely, you need either DB2 Content Manager (CommonStore only) or Filenet P8 (both products). CommonStore can also crawl a Tivoli Storage Manager archive, and Content Manger onDemand, but (pardon the pun), demand for the latter two archiving styles is waning.

eMail Search vs. eDiscovery Manager

First off, if you have purchased eMail Search, you should have found that this has been discontinued, and you have been upgraded to using the InfoSphere eDiscovery Manager in your Passport Advantage center. You will want to rip out eMail search as soon as you can and get running on eDM. eDM is a very slick Web2.0 type interface that is MUCH easier to use than eMail Search. The online help is superb, and it is much easier to configure. The product runs on top of WebSphere App Server. You will want to run this on a separate server. Avoid the tempation to just stack it on top of CommonStore which in turn is on top of Content Manager, which also is on top of WebSphere App Server and DB2 Enterprise. The tool can crawl both CommonStore and InfoSphere Content Collector stores for several email back ends.

CommonStore Setup

Follow the documentation to the letter and read it carefully without distractions. There is a lot to configure. One thing I will add to the documentation, is that when you are setting up your item types in Content Manager, set up attributes for the CC and BCC fields. If you take the default route, you'll find out later that these were not part of the defaults. Also take care to patch the system to the latest releases of DB2, WebSphere App Server, Content Manager, and CSLD. There are several interim fixes for CSLD. If installing new, install DB2 9.5, CM 8.4.2 with the latest fixpack. Install WebSphere App Server 7.0.0.11 (the latest build as of this blog post).

If you are using Commonstore, you will not find any InfoCenter on it. You'll have to use the published PDFs. I've included both of those below for convenience as well as a few links to get you going. 

•  CSLD Admin & Programmer's guide
• Fast Text Indexer documentation 
• Fast Text Indexer troubleshooting document
• RSS feed for Commonstore technotes from IBM
• IBM Support Portal site for CSLD
• Email Archiving and Compliance solutions by my company

There is not much of a community or forum for Commonstore like there is for many other products, but feel free to post questions here and we'll see what we can do to answer them. You may find posts in the Lotus forums on IBM developerworks, but I've found them riddled with innaccurcies or the posts were terribly old.

Blogging is akin to asynchronous mentorship

What sparked this blog entry was a couple of blog entries by Ivar Jacobson. For those who do not know, he is one of the three amigos that founded Rational Software, along with Jim Rumbaugh and Grady Booch. He had a couple of posts on Rational Unified Process and how it came about, and what he thinks about his intellectual offspring today. I was interested, intrigued, and was educated by his post. In today's oft disconnected world, it becomes more challenging to create and maintain relationships, particularly those that are mentoring relationships. Rarely do we go out searching for mentors. Yet, we need mentors no matter what our age or expertise. There is always something to be learned, and always someone who knows more than  you about something. Today I discovered the concept that one can be a mentor without knowing it. I spent many years in volunteer organizations being a mentor, and being mentored. I always new my mentor, and always those that I mentor and still know them all. Ivar has become a mentor to me. He knows me not. I didn't ask for it,  I just took his advice. He offered it freely on the web. I would (safely) doubt that he has never read my blog, and certainly does not know me from Adam. Yet, I learned from him two things. First, his thoughts about templates and how they detract from the core of Objectory (now RUP), and the fact that blogging is and could be equivalent to asynchronous mentorship.

So, my advice (a.k.a. my mentorship) to you is to filter the blogs you read to only those you feel add value to you. Whether that be in the form of adding technical skills, financial acumen, hobby expertise, or just all around life skills - read only those that are worth reading. If you blog yourself, take the time to write something of value, something that will improve someone's productivity, lifestyle, recreational enjoyment, etc. If you use  your blog to vent about troubles in your life, remember that there are enough complaints in the world to spare. Not many people will care so much to read your negativity, and will most likely not return to read another.

I will leave this post with a list of blogs that I think you will either enjoy and/or learn from. These encompass technologies, hobbies, and art. Its by no means a complete list, but one of many that I find valuable and listed in no particular order:

• http://www.thesimpledollar.com/
• http://www.lifehacker.com/
• http://www.inhabitat.com/
• http://davehay.f2s.com/
• http://scorecardstreet.spaces.live.com/
• http://lumberjocks.com/blogs
• http://blogs.discovermagazine.com/cosmicvariance/
• http://www.oculart.com/
• http://blog.ivarjacobson.com/author/ivarjacobson/
• http://www.vegetablegardener.com/

Enjoy :)

Hangup installing Rational HOD on Microsoft IIS - missing MIME types

I was installing the latest round of Host On Demand (HOD), and could not for the life of me figure out why the emulators would not load. I'm installing it for a customer and while, it works perfect on Linux with Apache, it craps out on Windows with IIS. Turns out that IF you use Microsoft IIS, you have set up the MIME types manually.

Right click on the server  in the ISS Admin panel. Go to the HTTP Header tab and at the bottom click on MIME types. You'll find that M$ has conveniently omitted any. You need to add the following mime types (file extensions) for Host On-Demand:

.style - application/octet-stream

.props - application/octet-stream

.properties - application/octet-stream

.cf - application/octet-stream

.obj - application/octet-stream

.df - application/octet-stream

.ndx - application/octet-stream

.hodpdt - application/octet-stream

.mac - application/octet-stream

.pfb - application/octet-stream

.ttf - application/octet-stream

.inx - application/octet-stream

.gtt - application/octet-stream

.p12 - application/octet-stream

.fnt - application/octet-stream

.jnlp - application/octet-stream

All of this also documented on the IBM Support Portal.  By the way, you can save yourself (or your company) a couple of grand by simply installing this stack on Linux. You'll be surprised how easy it is. 

IBM Rational HATS with Dojo: How to spice up your green screens

Some have contacted me that they have been unable to find my presentation on the conference web site. I would have sworn I posted it (more than once), but the conference organizer website was considerably different than last year, and not necessarily better.

That said, for those who would like to view all the ooey gooey goodness of Dojo and HATS, here it is in all its glory. If you find it helpful, or have suggestions for improvement be sure and leave a comment.

IBM Innovate 2010 - POWER-1068A

View more presentations from Strongback Consulting.