Urs-o-Log – Page 18 – by Michael Urspringer

Replacement for Google Reader

As Google Reader will disappear starting July 1st, I was looking for an alternative as I am still reading many RSS feeds on a regular basis. I looked at Feedly first, which looks quite ok especially if they really will rebuild the Google API and will be independent from Google Reader bevor Google stops the service.

However there are two reasons why I will not use it:

1. It is already overcrowded because of the many people currently switching to Feedly from Google and sometimes no longer reachable.

2. It is again a solution which might be ended sometime in the future and then you need to look for a replacement again

So I bought a licence of Fever (30 US-$) and installed it on my own hosting environment. So I have my online feed reader under my own control and this will hopefully prevent it from disappearing in the future ;-). So far it looks fine. There is a also special iPhone theme available which can be used to read the feeds while mobile.

I am also using Reeder for iPhone which has built in support for Fever as well so it is a full replacement of my former Feedler/Google Reader combination. I am just missing an iPad version of Reeder (the currently available version seems not to support Fever yet).

Let us see how this new tools will work in if used daily …

IBM Connections 4.0: Follow a community by default

*** MANIPULATING DATA DIRECTLY WITHIN THE DATABASE MAY LEAD TO DATA LOSS AND DATA CORRUPTION. THIS IS NOT SOMETHING WHICH IS OFFICIALLY SUPPRTED SO USE IT ON YOUR OWN RISK AND DO NOT BLAME IBM FOR ANY DAMAGE ***

We just had the customer request that every user who will be added to a community should automatically follow the community as well. As this is by default only done for users who created the community or are added as owner to a community we needed to find a solution for normal users as well.

If a user follows a community there is a row in the table SNCOMM.FOLLOWING which contains the COMMUNITY_UUID (from SNCOMM.COMMUNITY) for the commnity beeing followed and the MEMBER_UUID (from SNCOMM.MEMBER).

So you can define a database trigger which automatically adds a row to SNCOMM.FOLLOWING as soon as a new member row will be created in SNCOMM.MEMBER. The SQL code for this trigger will be:

[codesyntax lang=”sql”]

CREATE TRIGGER SNCOMM.auto_follow_community
AFTER INSERT ON SNCOMM.MEMBER
REFERENCING NEW AS NEW_MEMBER
FOR EACH ROW 
WHEN ( ROLE = 0 AND ( NOT EXISTS (SELECT * FROM SNCOMM.FOLLOWING WHERE NEW_MEMBER.MEMBER_UUID = SNCOMM.FOLLOWING.MEMBER_UUID AND NEW_MEMBER.COMMUNITY_UUID = SNCOMM.FOLLOWING.COMMUNITY_UUID)))
INSERT INTO SNCOMM.FOLLOWING (COMMUNITY_UUID, MEMBER_UUID, CREATED_BY, CREATED) 
VALUES (NEW_MEMBER.COMMUNITY_UUID, NEW_MEMBER.MEMBER_UUID, NEW_MEMBER.MEMBER_UUID, NEW_MEMBER.CREATED)

[/codesyntax]

The trigger fires only for “ROLE=0” which means only normal members and not owners (which would be “ROLE=1”). This is because Connections by itself does already add such a row to the table SNCOMM.FOLLOWING or all owners.

This trigger was tested with DB 2 but should be working as well with the other supported databases.

Caution: Be sure to drop the DB trigger before upgrading or changing Db schemas. You can re-apply it afterwards.

Comment Function Restored

It seems that the comment plugin of WordPress Jetpack is broken. At least no comments were possible on this site since yesterday (timeout in browser after submitting the comment). Although I not yet have an idea how to fix it, I have restored the comment function by disabling the plugin until I find some time to look at it..

Uninstall of Sametime Gateway Not Possible

Note to myself:

If you ever try to uninstall IBM Lotus Sametime Gateway and the uninstaller always tells you that there are still running processes / servers and therefore no uninstall is possible even if you have made sure that all services, processes etc. are stopped:

Have a look in your Websphere profile log directories (<WAS_install\profiles\<profile name>\logs) and delete all *.pid files which still might exist there. Afterwards the uninstall should be possible without problems 😉

WordPress: Paste Pictures From Clipboard

I really missed the feature of just pasting an image (e.g. made with a screenshot tool) into the WordPress editor. I know found a small tool which almost does that. It is called PicturePaste. And it just adds one additional small step between the normal copy / paste operation.

I am using the Home Host version of the tool which allows me to configure my own FTP server to upload the images (so they are just automatically saved into my WordPress media folder).

So from now on I will more often use screenshots in my blog entries, which I did avoid in the past because of the additional effort of first saving them to disk, uploading them to the media gallery and then pasting the link into the editor.

Great tool!

Sametime 8.5.2: Suppress Meeting Reports

A customer wanted to suppress the meeting room report function of a Sametime Meeting Room (because of a request of the Working Council). Although there is no direct setting for it, there is a possibility to do this. You need to distinguish between the Meeting Rich Client and the Web Browser.

Meeting Rich Client

You will need to use a Sametime 8.5.2 IFR1 client version newer than March 2012 (I have tested it with the Notes Embedded CLient Version 20121204-0645). Since this release two managed settings have been added with which you can control the behaviour of the Meeting Report function:

com.ibm.rtc.meetings.summaries/hideMeetingReport

If set to true, hides the Create Meeting Report Action. No user is able to create meeting reports in rich client.
Default is false.

com.ibm.rtc.meetings.summaries/onlyDisplayCurrentSessionForParticipants

If set to true, participants can only see the meeting report for the current session. Room owner and manager can see the history of meeting reports in addition.
If set to false (default), all users (participants, room owners, managers) can see all meeting reports.

So as an example for the first preference you can add the following section to your Sametime managed settings file:

[codesyntax lang=”xml” container=”pre” title=”Sample”]

<settingGroup name="com.ibm.rtc.meetings.summaries">
     <setting name="hideMeetingReport" value="true" isLocked="true" overwriteUnlocked="true"/>
</settingGroup>

[/codesyntax]

Web Browser

If you open a meeting room in a web browser instead of the rich client you also have a link within the Room Tools to create a Meeting Report. To disable the functionality of a Meeting Report you could change the meeting room application (room.jsp) itself but in this case you will need to do that again every time you apply a fix pack or a new version.

So the better solution would be to redirect the original link to the Meeting Report to another web site which explains the user that this function has been disabled.

You can define such a redirection in the Websphere Proxy for the Meeting Server. Here are the steps to do this:

(more…)

IBM Connections 4: How to hide link to “Metrics” in Communities

If you do not have yet installed a Cognos server or if you do not want to allow all users to access to Metrics within Communities you might want to hide the “Metrics” link which is visible to every user by default.

To do this open the Websphere Integrated Solution Console and click to

Applications -> Websphere Enterprise Applications -> Communities -> Security role to user/group mapping

Select the role “community-metrics-run” which is set to “All Authenticated in Application’s Realm” by default and set it to “None” (or whatever user or group you like).

Synchronize all nodes and restart the Community application.

Now the link should no longer be visible to every user.

Update iKeyman to support CMS

During an installation of IBM Tivoli Directory Server (TDS) I needed to use the iKeyman tool which was delivered with TDS. Unfortunately this version of the tool does not include the capability to support CMS keystores. In order to correct this you need to do the following steps:

Edit the file /opt/IBM/ldap/V6.3/java/jre/lib/security/java.security
Find the list of security providers in the file (lines starting with “security.provider.x=”)
Add a new line “security.provider.x=com.ibm.security.cmskeystore.CMSProvider “
- (if the last line is security.provider.9=……. you need to specifiy “security.provider.10=…. etc.)
Save the file and restart iKeyman

You now should be able to see “CMS” as the keystore type.

Java cannot access network if IPV6 present

Recently I had the problem that some Java based applications (e.g. Apache Directory Studio and JXplorer) were not able to connect to other servers on my Windows 7 machine. After some investigation I realized that the reason for that was the fact that Java tries to connect via IPv6 if IPv6 is supported by the OS. Unfortunately, even if no connect is possible Java seems to not retry via IPv4 in this case.

So you either need to disable IPv6 on your machine or you need to add the parameter “java.net.preferIPv4Stack=true” to the settings.

For Apache Directory Studio you add that parameter to the file <program dir>\configuration\config.ini. For JXplorer you add the parameter “-Djava.net.preferIPv4Stack=true” (make sure you include the “-D”!) to the command line in the “jxplorer.bat” file.

IBM Connections 4: Connect TDI to Secure LDAP server via SSL

If you want Tivoli Directory Integrator (TDI ) to connect to a secure LDAP server (LDAPS) via SSL you need to import the SSL root certificate of the LDAP server into your TDI configuration. This article describes the basics how to do that.

For the TDI configuration included in IBM Connections the steps are as described below:

First, get the root certificate of your LDAP server. This can most easily be done with OpenSSL:

openssl s_client -connect <hostname of ldap server>:636 | sed -ne ‘/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p’ > <filename for certificate>.cer

If you do not have “sed” available you can just manually extract all lines from “—BEGIN CERTIFICATE—” to “—END CERTIFICATE—” with a text editor and save this section.

Now you need to import this certificate into the TDI JKS keystore.

You can either do that via the IBM IKEYMAN utility or, faster, via the command line (start the command from the “…\TDISOL\serverapi” directory):

<TDI program directory>/jvm/jre/bin/keytool -import -trustcacerts -alias <alias name for certificate> -file <filename of the certificate>.cer -keystore testadmin.jks -storepass administrator

E.g.:

/opt/IBM/TDI/V7.1/jvm/jre/bin/keytool -import -trustcacerts -alias LDAP-Certificate -file ldaproot.cer -keystore testadmin.jks -storepass administrato

You need to confirm with “yes” that you trust this certificate.

If you still get SSL errors in the IBMDI.LOG (like “Keystore was tampered with, or password was incorrect”) open the file “<TDI program directory>/etc/global.properties” with a text editor.

Find the sections “## server authentication” and “## client authentication” and replace the line “#{protect}-javax.net.ssl.trustStorePassword={encr}……..” with the line “{protect}-javax.net.ssl.trustStorePassword=administrator” in both sections.

Now your TDI should be able to successfully connect to your secure LDAP server.

Update:

Please make sure that you use the “testadmin.jks” in the “serverapi” directory of your TDI solutions directory (e.g. “TDISOL/serverapi”)!