Installing CR5 for IBM Connections 6.0
Install a Cumulative Refresh (CR) for IBM® Connections 6.0.
Before you begin
Complete the following tasks before attempting to install the CR5 update:
- On the system where the Deployment Manager is installed, prepare the supporting software for the update:
- Download and extract the CR5 update installation package 6.0.0.0-IC-Multi-CR05-LO94188. For more information, see Downloading the latest Cumulative Refresh (CR) and related updates.
- Verify that you are running IBM® Installation Manager 1.8.5 64-bit or higher.
- WAS 8.5.5.15 is now supported but requires an iFix for APAR IFPH09407 which can be download from Fix Central, 8.5.5.15-WS-WASProd-IFPH09407
- Verify that you have installed WebSphere® Application
Server 8.5.5.12 - 8.5.5.14 and supplemental software, and have updated IBM® HTTP Server 8.5 and Web Server Plug-ins for IBM®
WebSphere® Application Server 8.5.Note:
- Upgrading IBM WebSphere to the latest recommended update is optional and not mandatory when deploying an IBM Connections CR. By deploying the latest WAS fixpack it prevents the occurrence of known issues in your environment, increasing stability and minimizing downtime.
- If you want to use Cognos and WebSphere Application Server 8.5.5.14 for the Metrics feature in CR3 or higher, install the JDK V7.1 as explained in the IBM technote, IBM Connections 6.0 CR3 Metrics with Cognos and WebSphere Application Server 8.5.5.14.
- (Resolved in 8.5.5.14) Before upgrading to WebSphere® Application Server 8.5.5.12 or 8.5.5.13 when using the Domino LDAP, contact IBM WebSphere Support to obtain the following iFix: PI88438: When defining a root Base DN for a federated repository, display and login problems occur. Otherwise the server will experience log-in failures.
- (Resolved in 8.5.5.14) If you use WebSphere®
Application Server 8.5.5.13, then IBM Connections 6.0 requires iFix PI94837 for APAR IJ04429 for SDK
8.0.5.6. The iFix can be downloaded from Fix Central.
Refer to the following technote for details PI94837: SHIP IBM Java SDK 8 IJ04429 AS AN IFIX FOR WAS 8.5.5 (Technote 4045004).
- In the soap.client.props file, change the SOAP Request Timeout to com.ibm.SOAP.requestTimeout=0 to ensure that no requests time out during the Cumulative Refresh installation.
- Restart the Deployment Manager and start the HTTP services: IBM® HTTP Administration for WebSphere® Application Server V8.5 and IBM® HTTP Server V8.5.
About this task
If you are updating a newly installed or migrated deployment, you only need to update with the newest Cumulative Refresh, because it contains all of the updates from previous refreshes.
As of the release of IBM Connections 6.0 CR3 or higher, Communities integrates a subset of IBM Connections Engagement Center features, collectively known as the "Highlights app." This app can be customized to retrieve community content and present it to fit the needs of your community. To make this possible, CR3 or higher installs the Highlights app on the same cluster as the Communities app. If ICEC was previously deployed on a different server, the CR3 or higher install will move it to the Communities cluster to ensure that the Highlights app functions properly.
To add widgets within the new Highlights app, users must access the server using HTTPS protocol over a secure connection. For more information on setting up an encrypted connection, see Configuring IBM HTTP Server for an encrypted connection and Forcing traffic to be sent over an encrypted connection.
If you do not want to enable TLS/SSL for your deployment, you can disable the Highlights app as explained in (Optional) Disabling the Highlights app.
Procedure
- Update databases for Connections as explained in Updating IBM Connections databases for V6.0 CR4.
-
Remove the
<loginRedirectWhitelist>
setting from the LotusConnectionConfig.xml file.- If you are updating from CR2, you will have this setting but should not remove it. Skip to step 3.
- If you are updating from V6.0, you will not have this setting. Skip to step 3.
- If you are updating from IFR1/CR1, you might have this setting and will need to remove it if so.
Check the LotusConnections-config.xml to see if it contains this setting. If
the setting exists, complete the following steps to remove it.
If you installed IFR1/CR1, then you might have added the
<loginRedirectWhitelist>
setting as instructed by the technote IBM Connections Security Refresh (CVE-2017-1748) for Connections 6.0 CR1. This setting will prevent CR3 or higher from installing correctly, so you must remove it temporarily.
-
If you use IBM Security Access Manager (ISAM), ensure that it support the new Highlights app by
configuring Security Access Manager to include host information in the HTTP header.
- Stop all clusters and node agents in your deployment but leave the Deployment Manager running.
- Start IBM® Installation Manager.
-
From the IBM® Installation Manager menu, click .
Note: Be sure that the Search service repositories during installation and updates option is deselected.
- Click .
-
Enter the full path to the Cumulative Refresh package that you downloaded and then click
OK.
For example: C:\IBM\CONNECTIONS-CR\IC-CR5\6.0.0.0-IC-Multi-CR05-LO94188\Updates\repository.config.
Verify that IBM® Installation Manager can connect to the repository. - Click OK.
- Click Update.
- Select IBM Connections 6.0 and click Next.
- Verify that the correct Cumulative Refresh version is displayed and click Next.
- Review and accept the license agreement by clicking I accept terms in the license agreements and then click Next.
-
Ensure that all the IBM® Connections applications are
selected and click Next.
Note: All of the installed applications are selected by default. If you add any of the non-selected applications, those applications will be installed. If you clear any of the selected applications, those applications will be uninstalled.
-
Enter the administrative ID and password of the Deployment Manager and click
Validate.
Note: This ID is set to the connectionsAdmin J2C authentication alias, which is mapped to the following Java™ EE roles: dsx-admin, widget-admin, and search-admin. It is also used by the service integration bus. If you plan to use security management software such as Tivoli® Access Manager or SiteMinder, the ID that you specify here must exist in the LDAP directory. For more information, see the Switching to unique administrator IDs for system level communication topic.
-
Note: When upgrading from IC6.0 CR3 or higher, Step 16 is not required and the screen will not appear. You can advance to Step 17.Enter the database information for the XCC (Highlights app) database.Note: The user name and password that you provide must match the user name and password in the script that was used to create the XCC database.
- Click .
- Close Installation Manager.
- When the installation is complete, start the node agent to deploy the updated IBM® Connections applications.
-
Note: When upgrading from IC6.0 CR3 or higher, Steps 20 and 21 are not required. You can advance to Step 22.Verify that "xcc" (the new Highlights app) is assigned to both ICCluster and Webserver:
- Open the WebSphere Integrated Solutions Console and click to view the list of modules.
- In the Clusters and servers list, select both the Connections cluster and the Webserver.
- In the table, select the xcc module.
- Click OK.
- Update the master configuration by clicking Save in the "Messages" box.
-
Generate a new plug-in (to include the new Highlights app) by completing the following
steps.
- Still in the Integrated Solutions Console, click .
- Select the Webserver, click Generate Plug-in, and wait for the plug-in to be generated.
- Select the Webserver again and click Propagate Plug-in.
- Stop the node agent so the temp directory can be cleaned out in the next step.
- Delete the contents of the cache under the App Server (for example, C:\IBM\WebSphere\AppServer\profiles\AppSrv01\temp).
-
Start the node agents, then perform a full synchronization to push the update to all
nodes.
Check the SystemOut.log of each nodeagent to ensure synchronization completed successfully.
- If you temporarily removed any settings from the LotusConnectionConfig.xml file in step 2, replace them now.
-
Note: When upgrading from IC6.0 CR3 or higher, Step 26 is not required.Review the security roles for the Highlights app; for more information, see the Connections Engagement Center topic, Mapping security roles.
Results
Your IBM® Connections deployment has been updated. To check the logs, go to the connections_root/logs directory and open the applicationUpdate.log file, where application is the name of an IBM® Connections application. If you added new applications, check the applicationInstall.log file as well.
What to do next
- (Optional) Disabling the Highlights app - If you do not want to configure TLS/SSL so that users can securely access the new Highlights app in IBM Connections, you can disable the app.
- Updating the Solr schema to support type-ahead search - If you installed Solr to support type-ahead search, update the Solr schema from solr_ssl_V1 to solr_ssl_V1.2 . There is an update to the Solr schema in CR4 (1.1 was CR3 or higher and the 1.2 update is cumulative).