FileNet 安装 列表(Filenet install list)

Environment
AD, CE, PE on Windows (LDAP/CE/PE Server)
Mashup, WPXT, ACM on Red Hat (WPXT/ACM Server)

Install Sequence
LDAP/CE/PE Server XT/ACM Server
(NTP Server)
Install WAS
Install Active Directory
Install DB2
Install .NET 2.0
Install WSE 3.0
(snapshot)
Install CE
Config CE
Install PE
Install CEClient
Config PE
(snapshot) (NTP Client)
Install DB2
(snapshot)
Install Mashup
Config Mashup DB2
(snapshot)
Install WPXT



Install CEClient
Install PEClient
Deploy WPXT
Config Mashup WAS
Config WPXT / PE
(snapshot)
Install ACM
Deploy ACM
( ) means optional



Installation Steps
Mashup
install
logon MM page to verify it works http://server:9080/mum/enabler
switch to use DB2 (required for ACM) : http://publib.boulder.ibm.com/infocenter/mashhelp/v3/topic/com.ibm.help.mashups.admin.doc/mash_admin_db2_local.htm
stop mashup WAS
vi /opt/IBM/MashupCenter/3.0/Config/database_db2.properties and fill in the values
/opt/IBM/MashupCenter/3.0/Config/config.sh action-create-db-mashup-db2
su - db2inst1
cd /opt/IBM/MashupCenter/3.0/mm_profile/dbscripts/LotusMashups/lsc347Node01_server1/DB2v9/MASHUPS/
db2 -tvsf createDatabase.sql
db2 connect to MASHUPS
db2 -tvsf createSchema.sql
db2 -tvsf createTablespace.sql
db2 -tvsf createTable.sql
exit (return to root)
/opt/IBM/MashupCenter/3.0/Config/config.sh enable-import-themes (not documented in Info Center, but recent builds in 2010/12/10 requires run this after DB2 scripts to make Mashup works)
start Mashup WAS
logon MM, if you can login Mashup, it means DB2 worked
configure MM WAS for XT authentication to CE LDAP (need if you have separated CE WAS) (ACM's CMAC can do this too)
export CE WAS's LTPA
logon CE WAS
Security->Global Security->LTPA
Input a password (e..g tvt2test) in Password and Confirm Password
Input a file in Fully qualified file name, e.g. C:\lsc923_0930.key
Click Export
Click Import (to confirm the exported key works)
Click Save
Copy out the exported key in CE server's C:\lsc923_0930.key to MM's machine,e.g. /root/lsc923_0930.key
add CE LDAP to MM WAS
logon MM WAS
Security->Global Security->User account repository->make sure Federated repositories is selected->Configure..
Add Base entry to Realm..
Add Repository...
Create a new repository reference as following
Repository identifier: any name, e.g. lsc923_AD
Directory type: Microsoft Windows Active Directory
Primary host name: lsc923 (your AD server)
Port: leave default 389
Bind distinguished name : cn=Administrator,cn=Users,dc=acm628,dc=tw,dc=ibm,dc=com
Bind password: tvt2test
click Apply
if you entered anything wrong, you'll see the following
if you didnt see error msg then the settings is corrcet, click Save, you'll return to Repository reference page
Distinguished name of a base entry that uniquely bla bla bla..: cn=Users,dc=acm923,dc=tw,dc=ibm,dc=com
Distinguished name of a base entry in this repo: cn=Users,dc=acm923,dc=tw,dc=ibm,dc=com
click OK
click Save, you'll return to Federated repositories page
click OK
click Save
Verify federated repositories settings is correct
restart WAS
User and Groups->Administrative user roles->Add...->Search->Verify AD users can be searched
User and Groups->Administrative group roles->Add...->Search->Verify AD groups can be searched(if you have already set "Trust all realms", you will not be able to search groups, this is WAS7's known issue, but you can still search users)
import CE WAS's LTPA
login MM WAS
Security->Global security->LTPA
Input password which you entered when export CE WAS LTPA (e..g tvt2test) in Password and Confirm Password
Input path to exported key (you should have copied it from CE machine to MM machine in prev steps ), e.g. /root/lsc923_0930.key
click Import Keys
click Save
enable trust realm
security->global security->Authentication->RMI/IIOP security->CSIv2 inbound communication->Trusted authentication realms - inbound
select "Trust all realms (including those external to this cell)"
click Apply
click Save
security->global security->Authentication->RMI/IIOP security->CSIv2 outbound communication->Trusted authentication realms - outbound
select "Trust all realms (including those external to this cell)"
click Apply
click Save



P8
Create CE DB
Install CE
set JDBC path in WAS
configure CE
deploy CE
enable WAS admin security and application security, disable Java security (if this was not already done)
restart WAS (to update security) -> logon EM
initial config for EM
Create PE DB
Install PE
Install PE Client
run PE Task Manager

Directory service bind user name: CN=Administrator,CN=Users,DC=acmauto,DC=tw,DC=ibm,DC=com
User base distinguished name: CN=Users,DC=acmauto,DC=tw,DC=ibm,DC=com
Console user nane: Administrator
SSL: disabled






PE

install CEClient
modify FileNet\ProcessEngine\data\jdbcinit.bat, change JDBC_JAR_PATH to path of JDBC Jars

Data Tablespace = PEDATA_TS

create a region in CE




WPXT
install sequence: WPXT -> CECl -> PECl (remember to install REST service) -> deploy WPXT
if CE and XT is on different WAS, then need to export LTPA from CE WAS to WPXT WAS --> http://publib.boulder.ibm.com/infocenter/p8docs/v4r5m1/index.jsp?topic=/com.ibm.p8.install.doc/p8pin205.htm
in WAS, set security to exactly the same as CE WAS
deploy WPXT
in WAS, manage modules -> load local class first (parent last)
in WAS, WPXT -> load local class first (parent last)
in WAS -> Application Servers -> server1 -> Process definition -> Java Virtual MachineGeneric JVM arguments: -Djava.security.auth.logon.config=/opt/IBM/FileNet/WebClient/CE_API/config/jaas.conf.WebSphere
in WAS, set WorkplaceXT Application's Security role user/group mapping
after you can logon WPXT, go to Site Preferences ->General -> Tasks -> Process Engine Connection Point , set conn point
starrt component manager from cmd line : routercmd -autostart




ACM
In WPXT PCC, specify objectstore for CMTOS
install ACM
run CMAC