Adding Sane Users

7/27/2019 Adding Sane Users

1/23


2/23

You can use the Sametime Administration Tool to create a group document. Each user that you addto a group document must have a Person document that contains information in the "Last name,""User name," and "Internet password" fields in the Domino Directory on the Sametime server.

Note: Groups larger than 400 members might not display correctly in Sametime presence lists. If youare creating a group that Sametime Connect users will add to Sametime Connect contact lists, do notinclude more than 400 names in the group. For more information on how Sametime uses groups, seeGroup documents.

1. From the Sametime server home page, click the "Administer the Server" link to open theSametime Administration Tool. (For Sametime Limited Use, type http:///servlet/auth/admin into the browser's URL window.)

2. Choose Domino Directory - Domino.

3. Choose Manage Groups.

4. Click Add Group.

5. Enter a name for the group in the "Group name" field (for example, Administrators or Meeting

Creators).

6. Select a group type (Multipurpose, Access Control List, Deny List, Mail Only, and ServersOnly). Select Multipurpose if you are creating a Public Group that users will add to theSametime Connect client presence list or a group that will serve more than one purpose.

Note You can also select the Mail Only group type when creating Public Groups that userswill add to the Sametime Connect client presence list. Select Access Control List if thepurpose of the group is to allow or deny access to databases on the Sametime server. Do notselect the Access Control List, Deny List, or Servers Only group types when creating PublicGroups for Sametime Connect users. The Sametime Connect client does not display thecontents of groups that have a group type of Access Control List, Deny List, or Servers Only.Deny List groups are usually used only when you have integrated Sametime into a Dominoenvironment.

7. Optional: Enter a description of the group in the Description field.

8. List the members of the group in the Members field. Make sure to enter a name exactly as it isentered in the top line of the "User name" field of the user's Person document.

For example, assume a person's name is listed in the "User name" field of the Persondocument as:

Tom Smith/West/AcmeTom Smith

When adding the person's name to the Members field of the Group document, you shouldenter the name as Tom Smith/West/Acme because this name appears in the top line in the"User name" field of the Person document. If the name entered in the Members field of theGroup document is not identical to the name in the top line in the "User name" field of thePerson document, the user will always appear to be off line when the Group document isopened in a Sametime client presence list. For example, the user will always appear off line inthe group if you enter Tom Smith instead of Tom Smith/West/Acme.

9. Select the Administration link at the top of the Group document.
http://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_dom_set_groupdoc_t.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_dom_set_groupdoc_t.html


3/23

10. Enter the names of the group owners in the Owners field. Generally, the group owner is theadministrator creating the group.

11. Click "Save and Close."

Person documents

The Domino Directory maintains a Person document for each user in the Sametime community (orDomino domain). Each member of the Sametime community must have a Person document in theDirectory to log into the Sametime Connect client or authenticate with the Sametime server.

A Person document includes many different fields that contain descriptive information about a user.Most of the fields are optional for Sametime users. The four most important fields on a Persondocument for a Sametime user are the "Last name," "User name," "Internet password," and "Sametimeserver" fields.

The "Last name," "User name," and "Internet password" fields in the Basics section of a Persondocument are required for authentication. For more information about how these fields are used by theauthentication process, see Person document, User names, and Internet passwordsin the Security

section of this documentation.

"Sametime server" field (home Sametime server)

The "Sametime server" field in the Administration tab of a user's Person document specifies a user's"home" Sametime server. You must enter the name of a Sametime server in this field for everySametime user when multiple Sametime servers are installed and integrated into a single community.

The home Sametime server stores a user's Community Services preferences and other data. When aSametime server is specified in the "Sametime server" field of a user's Person document, Sametimeensures that the user always logs in to that Sametime server to receive the Community Servicespresence and chat functionality. For more information, see Connecting to the Home Sametime server

Community Services connectivity and the home Sametimeserver

The "home" server plays an important part in client connectivity to the IBM Lotus SametimeCommunity Services.

Sametime includes the concept of a "home" Sametime server. If your environment includes multipleSametime servers or you have deployed other applications enabled with Sametime technology on IBMLotus Domino servers, it is mandatory that every user be assigned to a "home" Sametime server. Toassign a user to a home Sametime server, you must enter the name of the Sametime server in theSametime serverfield of the user's Person document in the Domino Directory. For more information,seeAssigning users to a home Sametime server.

Note: Sametime 7.5 supports Community Services server clustering that enables users to receiveCommunity Services functionality from any of a group of clustered Sametime servers. In this scenario,each user can be assigned to a home Sametime server cluster instead of a home Sametime server.For more information, seeCreating Community Services server clusters.

The concept of the home Sametime server is important to Community Services connectivity for thefollowing reasons:
http://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_userrequire_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_userrequire_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_commsvc_homesvr_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_commsvc_homesvr_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_commsvc_homesvr_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.ems.doc/st_adm_ems_cluster_create_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.ems.doc/st_adm_ems_cluster_create_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_userrequire_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_commsvc_homesvr_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_commsvc_homesvr_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.ems.doc/st_adm_ems_cluster_create_c.html


4/23

Users need a single place to store their Community Services preferences - The homeserver is the Sametime server to which each user logs in to appear in a presence list in aSametime client or a database enabled with Sametime technology. The home Sametimeserver stores a user's Community Services preferences settings, contact lists, privacyinformation, and information about the availability of audio/video hardware on the user'scomputer. This information is stored in the Notes database vpuserinfo.nsf on the user's homeSametime server. The client must retrieve this information each time the user logs in to theCommunity Services. In multiple server environments, this information must be stored on asingle server. If this information were stored on multiple servers and the user changed theCommunity Services preferences settings while logged in to one Sametime server, the usercould receive different Community preferences settings when logging in to a differentSametime server. For this reason, the user is always required to log in to the same homeSametime server.

Users can only log in to one Sametime server at a time - A user's presence can only beregistered to the Community Services on one Sametime server at a time. When multipleSametime servers are integrated into a single community, the Community Services will notallow a single user to simultaneously log in to the Community Services on two separateSametime servers. If a user attempts to do so, the first connection to the Community Servicesis disconnected.

The home Sametime server setting ensures that a user always connects to a single Sametimeserver to receive the Community Services functionality. For example, assume a user's homeSametime server setting on the Person document is set to Sametime server A. The userstarts the Sametime Connect client and connects to Sametime server A. The user thenattends a meeting on Sametime server B that includes presence, chat, and whiteboardfunctionality. The Meeting Room client launches on the user's machine and receives thewhiteboard data from Sametime server B but is directed to Sametime server A for presenceand chat functionality. The home Sametime server setting ensures that the user is alwaysdirected to Sametime server A for the Community Services functionality regardless of howmany different Sametime clients they are using. If no home Sametime server is specified for auser and the user attempts to connect to the Community Services on two different Sametimeservers, all connections to the Community Services are disconnected.

Note: Another characteristic of the Community Services is that a user's presence can

originate from only one machine (or IP address) at a time. A user who has two machines canonly log in to the Community Services from one of the machines. If the user attempts to log into the Community Services from Sametime clients on two separate machines, the client thatlogged in to the Community Services first is disconnected. Although the home Sametimeserver concept does not solve this issue, the administrator should be aware of this CommunityServices characteristic if the user population includes many users with multiple machines.

Sametime Connect and the home Sametime server

The Sametime Connect client includes settings that enable any user to specify the Sametime server towhich the Sametime Connect client will connect. The user specifies a particular Sametime server fromthe Options > Preferences > Sametime Connectivity settings on the Sametime Connect client.

IBM recommends that the Sametime Connectivity settings of the Sametime Connect client and theSametime serversetting on a user's Person document specify the same home Sametime server.

If these settings specify different home Sametime servers, the client connects to the server specified inthe Sametime Connectivity settings of the client, but the connection is then redirected to the serverspecified in the Sametime serverfield of the Person document, rendering connectivity slightly lessefficient than if the redirect is avoided. Logging in to Community Services occurs on the Sametimeserver specified in the user's Person document.

For more information on Community Services connection processes, see:


5/23

Sametime Connect client connection process

Meeting Room client connection process using JVM 1.4.2 (Community Services and MeetingServices)

Assigning users to a home Sametime server

To assign a user to a home Sametime server, enter the Sametime server name in the Sametimeserverfield in the Administration section of a user's Person document in the Domino Directory.

You can enter the name of the Sametime server in the Domino hierarchical name format (for example,sametime/west/acme), and the field automatically converts the name to the full canonical name format.For example, if you enter sametime/west/acme/, the name is stored ascn=sametime/ou=west/o=acme. You can also use the full hierarchical name format when entering theserver name.

Note: Community Services reads the server name from the Servers view ($Servers) of the DominoDirectory, so the name entered in the Sametime serverfield on the Person document must match it. Ifyou are using an agent to populate the Sametime serverfield for several different users, ensure thatthe agent specifies the full canonical name of the server.

For information about assigning users to a home Sametime server when Sametime is configured toaccess an LDAP directory, seeSetting the Home Sametime Server setting for LDAP.

Home Sametime servers and self-registration

If you are allowing self-registration, the Sametime serverfield on the Person document isautomatically populated when the user self-registers, using the name of the Sametime server on whichthe user self-registered. For more information about self-registration, see Using Sametime self-registration.

Home Sametime servers and instant meetings

When a user starts an instant meeting, the instant meeting is created on the user's home Sametimeserver. If a user starts an "n-way chat" (a chat involving more than two people), the chat meeting isalso created on the user's home Sametime server.

Related concepts

User requirements for basic password authentication

When accessing the Sametime server with a Web browser, a user must enter a user name andInternet password to access any protected database on the Sametime server. A protected database isa database that has its Access Control List (ACL) set to require basic password authentication. If the

ACL settings of a database allow anonymous access, the user is not authenticated (prompted for auser name and Internet password) when accessing the database.

Note: It is important for a user to enter a name when accessing a Sametime database so that theuser's name can be displayed in any presence list within the database. If the ACL settings of adatabase allow anonymous access, a user is not prompted for a name unless the "Users of Sametimeapplications can specify a display name so that they do not appear online as anonymous" setting isselected in the Configuration-Community Services-Anonymous Access settings of the Sametime

Administration Tool. When this option is selected, it forces a name entry prompt to appear when ananonymous user attends a scheduled meeting. From this name entry prompt, the user can enter aname for display purposes in a presence list. The server accepts any name entered by the user at the
http://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_client_connx_proc_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_meetrm_jvm_mscs_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_meetrm_jvm_mscs_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_ldap_homeserver_t.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_ldap_homeserver_t.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_dom_selfreg_using_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_dom_selfreg_using_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_basicpwdauth_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_anonacl_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_anonacl_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_client_connx_proc_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_meetrm_jvm_mscs_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_port_meetrm_jvm_mscs_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_ldap_homeserver_t.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_dom_selfreg_using_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_dom_selfreg_using_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_basicpwdauth_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_anonacl_c.html


6/23

name entry prompt; the user is not authenticated. For more information, see Users of Sametimeapplications can specify a display name.

A Sametime Connect user must also be authenticated each time the user starts the SametimeConnect client and connects to the Community Services on the Sametime server. Sametime Connectusers must enter the user name and Internet password from the Person document in the DominoDirectory when logging on to Sametime Connect.

Note: If you have configured Sametime to operate with an LDAP directory, Sametime authenticatesusers based on the user names and passwords stored in the person entries of the LDAP directory.

Person document, User names, and Internet passwords in the DominoDirectory

This section discusses the requirements for basic password authentication when Sametime is installedto operate with a Domino Directory. You must choose either the Domino Directory or an LDAPdirectory during the Sametime installation.

Each member of the Sametime community must have a Person document in the Domino Directory to

authenticate with the Sametime server. The names and password that a user can enter whenaccessing a Sametime server are maintained in the Basics tab of a Person document in the DominoDirectory.

To access a Person document, open the Sametime Administration Tool and select Domino Directory-Domino-Manage People. Double-click a person's name to open that user's Person document.

The table below shows a sample entry in the Basics section of a user's Person document. The textthat follows the table explains how these entries are used in the Web browser and Sametime Connectclient password authentication processes.

Sample settings in the Basics section of a Person document

Field Entry Comment

First name Gary This field isoptional.

Middle initial

This field isoptional.

Last name Ollerman This field isrequired.

User name

Gary Ollerman/Community

GOllerman

Note: The Community (or domain) name is appendedto the first entry in the user name field by default.

This field isrequired.
http://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_comm_anon_display_name_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_comm_anon_display_name_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_comm_anon_display_name_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_comm_anon_display_name_c.html


7/23

Field Entry Comment

Alternate name


Shortname/UserID


Generationalqualifier


Internetpassword

(FCF5F3960B0A289D3) This field isrequired.

The following fields on the Person document are used by the authentication process:

First name - This field is optional.

Web browser- If an entry exists in the "First name" field in the Basics tab of the Persondocument, the user can enter just this name at the User Name prompt that appears whenaccessing a protected database on the Sametime server with a Web browser. The user mustalso enter the Internet password to access the database. (A protected database is a databasethat has its ACL set to require basic password authentication.)

Sametime Connect- The first name is not a valid entry at the User Name prompt that appearswhen logging on to the Sametime Connect client.

Last name - This field is required. An entry must exist in the "Last name" field of the Basicstab of a Person document.

The last name can be entered in the User Name prompt that appears when accessing aprotected database on the Sametime server with a Web browser. The last name can also beused when logging on from the Sametime Connect client. A user must also enter the Internetpassword to complete the authentication process.

Note: If both the "First name" and "Last name" fields contain entries, the user can enter thefirst and last names at the User Name prompt that appears when accessing the Sametimeserver.

User name - This field is required. An entry must exist in the "User name" field in the Basics

tab of a Person document.

Generally, it is good practice to use a user's first and last name in the "User name" field. The"User name" field can contain multiple entries. In our example, the User name field containsboth Gary Ollerman/Community and GOllerman. (Each entry must be separated by asemicolon or a carriage return in the "User name" field of the Person document.)

A user can enter any name that appears in the "User name" field of the Person documentwhen logging on to the Sametime server from the Sametime Connect client or a Webbrowser. For example, the user could enter Gary Ollerman/Community or GOllerman at a
http://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_basicpwdauth_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_basicpwdauth_c.html


8/23

Sametime Connect or Web browser User Name prompt. The name entered by the user isresolved to the topmost name (Gary Ollerman/Community in the example) in the "User name"field. The topmost name in the "User name" field is the name that is displayed in the presencelists of all Sametime clients.

Note: If you want a user's e-mail address to display in presence lists, enter the user's e-mailaddress as the topmost name in the "User name" field of the Person document. If the e-mailaddress is included in the User name field, the user can also enter the e-mail address at the"User name" prompt when logging in from a Sametime Connect client or Web browser.

Sametime uses the topmost name in the "User name" field to validate a user in a databaseACL. If you require basic password authenticationfor a database and you enter the names ofindividual users in the ACL of a database, enter the topmost name that appears in the "Username" field of the Person document in the database ACL. Although the user can enter"GOllerman" when logging on, Sametime uses "Gary Ollerman/Community" to validate theuser in the database ACL. Therefore, "Gary Ollerman/Community" must be the name thatappears for this user in database ACLs.

Internet password - This field is required. Users must enter the Internet password to

authenticate with the Sametime server using a Web browser or the Sametime Connect client.

In the example, the Internet password is "sametime." The password displays as a series ofrandom characters because Internet passwords are encrypted on the Person document.

Self-registration

If you are using the self-registration feature of the Sametime server, a Person document containing alast name, user name, and Internet password is automatically created for a user in the DominoDirectory on the Sametime server at the time the user self-registers. Agents in the Self-Registrationdatabase (streg.nsf) access the Domino Directory to create these Person documents. The signers ofthese agents must have the proper access levels and permissions in the Domino Directory for self-registration to work properly. If you allow self registration, you might need to add these signers to theDomino Directory ACL. For more information, see Using Sametime self-registration in a Dominoenvironment

The Sametime self-registration feature cannot be used if you have configured the Sametime server tooperate with an LDAP directory on a third-party server (such as a Microsoft Exchange or NetscapeDirectory Server).

LDAP

If you have configured the Sametime server to operate with an LDAP directory on a third-party server,the authentication process uses the user names and passwords stored in the LDAP directory. It is notnecessary to create Person documents containing separate user names and passwords in the DominoDirectory on the Sametime server.

For more information, seeUsing LDAP with the Sametime server.

Related concepts

Managing users in buddy lists and privacy lists

If you make changes to user names or group names in the Domino directory, you must run the NameConversion Utility to ensure these same name changes are made in the buddy lists and privacy liststhat display in the Sametime Connect client. The buddy list and privacy list names are stored in aDomino database (vpuserinfo.nsf) and must be managed separately from the names in the directory.For more information on name conversion services, see the chapter "Name Conversion Services."
http://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_basicpwdauth_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_basicpwdauth_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_selfregister_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_selfregister_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_selfregister_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_ldap_useldapsame_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_ldap_useldapsame_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_basicpwdauth_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_selfregister_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_security_selfregister_c.htmlhttp://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_ldap_useldapsame_c.html


9/23

Restart Chart

Below is a set of situations of an administrative server functions, their subfunctions, details andapplicable switches referenced to whether the server requires restarting for the settings to take effect.

MainFunction inAdmin

Sub - Function Details -Setting

Switches Requiredrestart

Comments

Logging Settings General Enable logging to aDomino database.(STLog.nsf)

No

Remove history after(days).

Yes

General

Enable logging to atext file.

Path to log text file

No

SametimeStatistics

Write statistics to thelog every 60 minutes.This includesCommunity Serviceslogging of people andchats, and Meeting

Services logging ofmeeting, duration,and participants

Yes

CommunityServer Eventsto Log

Successful logins

Failed logins

Community serverevents and activities

Yes

Meeting ServerEvents to Log

Failed meetingauthentications

Meeting ClientConnections

Connections to othermeeting servers inthis community

Yes


10/23




Comments

Meeting Events

Meeting server eventsand activities

CapacityWarnings -Sharing inInstantMeetings

Number of activescreensharing/whiteboardmeetings exceeds

Number of people inall screen

sharing/whiteboardmeetings exceeds

Number of people inone active screensharing/whiteboardmeeting exceeds

No

Logging Settings CapacityWarnings -Sharing inScheduledMeetings

Number of activescreensharing/whiteboardmeetings exceeds

Number of people in

all screensharing/whiteboardmeetings exceeds

Number of people inone active screensharing/whiteboardmeeting exceeds

No

Directory

Domino/LDAP UserRegistration

Allow people toregister themselves inthe Domino Directory

No

Config. Connectivity HTTP Services It belongs toDominofeature

Communityservices

Address for serverconnections Yes


11/23




Comments

network Host name (if empty,service will bind to allhost names onserver)

Port number

Address for clientconnections

Host name (if empty,service will bind to all

host names onserver)

Port number (default1533)

Address for HTTPStunneled clientconnections

Host name (if empty,service will bind to allhost names on

server)

Port number

Enable the MeetingRoom client to tryHTTP tunneling to theCommunity Serverafter trying otheroptions

Yes

Address for HTTPtunneled client

connections

Host name (if empty,service will bind to allhost names onserver)

Port number (default8082 or 80)

Yes


12/23




Comments

MeetingServicesnetwork

Address for serverconnections


Port number

Address for clientconnections



Address for HTTPStunneled clientconnections

Host name (if empty,

service will bind to allhost names onserver)

Port number

(default 8081)

Yes

Enable the MeetingRoom client to tryHTTP tunneling to theCommunity Server

after trying otheroptions

Yes

Address for HTTPtunneled clientconnections

Host name (if empty,service will bind to allhost names on

Yes


13/23




Comments

server)

Port number (default8081 or 80)

Event server port(default 9092)

Yes

Token server port(default 9094)

Yes

BroadcastServicesNetwork

InteractiveAudio/VideoNetwork

TCP tunnelingaddress for clientconnections



Yes

Multimedia Processor(MMP) UDP portnumbers start at :49252

Multimedia Processor(MMP) UDP portnumbers end at :65535

Yes

Multimedia controladdress


Yes


14/23




Comments


Reverse ProxySupport

Enable ReverseProxy Discovery onthe client

Server Alias (this iswhat the ReverseProxy is using toforward HTTP(S)messages to thisserver)

Yes

Connectivity ConnectingMeetingServers

Connecting MeetingServers

To allow meetingparticipants to attenda meeting on morethan one server, youmust create aconnection recordfrom each sourceserver to eachdestination server.Once you do that, thedestination serversare automaticallyincluded in a meetingwhen end usersschedule a meetingand click theappropriate checkboxes on the Locationtab.

Yes

Communityservices

General

Number of entries oneach page in dialogboxes that shownames in theDirectory :(100)

How often to poll fornew names added tothe SametimeCommunity Directory(minutes) : (60)

Yes .


15/23




Comments

How often to poll fornew servers added tothe SametimeCommunity (minutes):(60)

Maximum user andserver connections tothe Communityserver: (20000)

Allow users toauthenticate usingeither LTPA orSametime Token(stauths.nsf andstautht.nsf). Theserver uses LTPA ifthis item isunchecked. (The itemis checked bydefault.)

Yes

General Display the "Launch

Sametime Connectfor the desktop" linkon the SametimeHome page.

No

Allow users to transferfiles to each other.

Maximum file sizeallowed (KB):1000

Yes

ServerFeatures

Allow users to sendannouncements

(unencrypted one-waymessages).

Yes

SametimeConnect forBrowsers

Allow Connect usersto save their username, password, andproxy information(automatic login).

No


16/23




Comments

Display the "LaunchSametime Connectfor browsers" link onthe Sametime Homepage (stcenter.nsf).

No

Display NameSettings for

AnonymousAccess toMeetings orother VirtualPlaces

Anonymous users canparticipate inmeetings or entervirtual places. Theirname appears asuser1, user2, and soon.

Users of Sametimeapplications(databases such asstconf.nsf or Websites) can specify adisplay name so thatthey do not appearonline as"anonymous." Thisdoes not authenticateusers. (Databasesmust also allowanonymous access inthe ACL.)

Default domain foranonymoususers:Guest

Default name: User

Yes

CommunityServices

DirectorySearching andBrowsing

Users cannot browseor search theDirectory.

Users can type

names (resolve usersand groups) to addthem to an awarenesslist.

Users can browse thedirectory (see a list ofnames) or typenames (resolve users

No


17/23


18/23




Comments

meetings

Allow people to savewhiteboardannotations asattachments to themeeting.

Allow people toenable the "SendWeb Page" tool inmeetings

No

Allow people tochoose the Pollingtool in meetings

No

Allow people to recordmeetings for laterplayback (scheduledmeetings only).

Save recordedmeetings in thefollowing location

Stop recording whenthis much disk spaceis left (MBytes) (anerror is written to thelog.):300

No

When PeopleStart an InstantMeeting orSchedule aMeeting

Allow people toschedule RecordedMeeting Broadcastmeetings.

No

Security Encrypt all Sametimemeetings

No It does workin Meetingcenter, butdoesn't affectthe instantmeeting.


19/23


20/23




Comments

Usage Limitsand DeniedEntry forInstantMeetings

Set a maximumnumber of interactivevideo connections forall instant meetingson this server. Eachvideo connectionrequires an audioconnection. Ensurethat there are at leastas many audioconnections allowedas video.:100

Yes

Set a maximumnumber of interactiveaudio connections forall instant meetingson this server.:100

Yes

Usage Limitsand DeniedEntry forScheduledMeetings

Set a maximumnumber of interactivevideo connections forall instant meetingson this server. Eachvideo connectionrequires an audioconnection. Ensurethat there are at leastas many audioconnections allowedas video.:100

Yes

Audio/Video Usage Limitsand DeniedEntry forRecordedBroadcast

Meetings

Additional Documentation |Trademarks| Help Feedback | Product Feedback

Domino log

An administrator can view additional information about the Sametime server in the Domino logdatabase (log.nsf). The Domino log database records server activity information related to the Dominoserver and Domino databases, including databases used by the Sametime server (such as the
http://www.ibm.com/developerworks/lotus/documentation/http://www.ibm.com/legal/copytrade.shtmlhttp://www.ibm.com/legal/copytrade.shtmlhttp://www.ibm.com/legal/copytrade.shtmlhttp://www.lotus.com/ldd/doc/cct/nextgen.nsf/feedback?OpenForm&Context=st_adm_restartserver_chart_r+stadmin+7.5.1http://www.lotus.com/ldd/doc/cct/nextgen.nsf/usability_feedback?OpenForm&Context=st_adm_restartserver_chart_r+stadmin+7.5.1http://www.ibm.com/developerworks/lotus/documentation/http://www.ibm.com/legal/copytrade.shtmlhttp://www.lotus.com/ldd/doc/cct/nextgen.nsf/feedback?OpenForm&Context=st_adm_restartserver_chart_r+stadmin+7.5.1http://www.lotus.com/ldd/doc/cct/nextgen.nsf/usability_feedback?OpenForm&Context=st_adm_restartserver_chart_r+stadmin+7.5.1


21/23

Sametime Meeting Center). During setup, the Domino log database is automatically created and theserver is assigned Manager access in the database's Access Control List (ACL). The default accessfor all other users is Reader.

The Domino log database records information about all server activities, such as database size andusage, server events, calls made to and from the server, and billing for server services. Check theDomino log to monitor:

Available server disk space

Available server memory

Server load

Server performance

Databases that need maintenanceNote: The Domino log is only available from the Sametime Administration Tool. If you recordSametime log information in a text file, the text file does not include information about the Domino log.

Content of the Domino log

The administrator cannot use the Sametime log settings or the Sametime Administration Tool options

to determine what appears in the Domino log. The Domino log records information about the activitiesof the Domino server on which Sametime is installed. Generally, the default settings should provide anadequate record of server activity. However, you can record additional information in this log file byaltering settings in the Notes.ini file. Recording this additional information might be necessary totroubleshoot a specific system problem.

For more information, see the Maintenance section of the Domino R5 Administration documentation.

Views in the Domino log

The Domino log includes many views that do not apply to Sametime. Use the table below to determinewhich views are relevant for Sametime.

View Description

Database-Sizes

Lists the size of the database, the percentage of the database's disk spacein use, and the weekly usage for all databases on the server.

Use this view to check unused views, database size, and unused space ina database.

Note: The stconf.nsf database grows in size depending on the number ofmeetings that have been created. You can archive this database frequentlyto prevent it from growing too large.

Database-Usage

Lists the date and time the database was accessed, the type of access,and the name of the user accessing the database for all databases on theserver.

Use this view to check unused views and unused space in a database.

Mail Routing Not used by the Sametime server.


22/23

View Description

Events

MiscellaneousEvents

Shows Sametime events and error messages not contained in other views.Messages are sorted in order of occurrence.

Use this view to check for Sametime error messages, server crashes, andcorrupted databases.

NNTP Events Not used by the Sametime server.

Object StoreUsage

Not used by the Sametime server.

PassthruConnections


Phone Calls-By Date


Phone Calls-By User


ReplicationEvents


Sample Billing

Shows the same information provided in the Usage views, but theinformation is not categorized. The information in this view can be easilyexported to a spreadsheet.

Use this view for billing purposes, such as Meeting Center usage, networkusage, and database usage.

Usage-By Date

Shows Sametime user transactions sorted by date. Transactions areoperations such as starting meetings, attending meetings, openingdocuments, and updating documents. Each record lists the date and timeof the transaction, the user name, the minutes of usage, the number ofread operations, the number of write operations, the size of the database,and the total number of transactions.

Use this view to check database use on a specific date and users'transactions with the server.

Usage-By User

Shows Sametime user transactions by user name. Transactions areoperations such as starting meetings, attending meetings, openingdocuments, and updating a document. Each record lists the user name,the date and time of the transaction, the minutes of usage, the number of


23/23

View Description

read operations, the number of write operations, the size of the database,and the total number of transactions.

Use this view to check a particular user's transactions on a database.

To access the Domino log, choose Logging - Domino Log in the Sametime Administration Tool, andthen click the link that appears on the right. The Domino log launches in a new browser window.

Related referenceUsing the Sametime logging features

Additional Documentation |Trademarks| Help Feedback | Product Feedback
http://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_log_viewlog_t.htmlhttp://www.ibm.com/developerworks/lotus/documentation/http://www.ibm.com/legal/copytrade.shtmlhttp://www.ibm.com/legal/copytrade.shtmlhttp://www.ibm.com/legal/copytrade.shtmlhttp://www.lotus.com/ldd/doc/cct/nextgen.nsf/feedback?OpenForm&Context=st_adm_log_dominolog_r+stadmin+7.5.1http://www.lotus.com/ldd/doc/cct/nextgen.nsf/usability_feedback?OpenForm&Context=st_adm_log_dominolog_r+stadmin+7.5.1http://publib.boulder.ibm.com/infocenter/sametime/v7r5m1/topic/com.ibm.help.sametime.imlu.doc/st_adm_log_viewlog_t.htmlhttp://www.ibm.com/developerworks/lotus/documentation/http://www.ibm.com/legal/copytrade.shtmlhttp://www.lotus.com/ldd/doc/cct/nextgen.nsf/feedback?OpenForm&Context=st_adm_log_dominolog_r+stadmin+7.5.1http://www.lotus.com/ldd/doc/cct/nextgen.nsf/usability_feedback?OpenForm&Context=st_adm_log_dominolog_r+stadmin+7.5.1

Adding Sane Users

Documents

Transcript of Adding Sane Users