Random thoughts from an unusual company

Sametime 8.5.2 - Install Cheat Sheet and Forget-Me-Nots

Gabriella Davis  June 7 2011 11:21:47 AM
If you're building a Sametime 8.5.2 environment you may be confused where to start and where to stop.  Don't try and wing it without reading any documentation, you won't lose geek points for at least skimming this entry.  There is a lot of good information in the Sametime Wiki, although don't try going there and choosing "Installation" - that's a blank page.  Go into the Sametime Administration documentation for 8.5.2 here .  Even if you try to follow the documentation many people don't religiously read every page and there are some things you may miss in your hurry to get started.  

Here then is a - very top level summary - list of tasks for building a ST 8.5.2 environment.  It's obviously not comprehensive but hopefully gives you a bit of a checklist to work against.  I'm assuming you want EVERYTHING - IM, Meetings, browse client, audio / video through the clients and through the web.
  • Do yourself a favour if you can and disable IPV6 before starting
  • Install DB2
  • Create System Console database
    • you do this by using the CreateDB script found in the databasescripts folder in the SSC install files)
    • remember to sign in to the server using the db2 admin credentials you just created to create the database, then sign out and back with your admin credentials to carry on
  • Install the Sametime System Console (SSC)
  • Log into the SSC and setup your LDAP server under guided activities
    • Now is the time to sort out your LDAP credentials and import the SSL key if you are using SSL (636) instead of LDAP (389)
    • If you can't connect to your LDAP server use a tool such as Softerra's LDAPBrowser to verify the details you are attempting to use
    • Make sure the hostname of the LDAP server is resolvable from the SSC server as well as from your client where you are configuring
    • Under "Environment" in the SSC choose "Users" and try searching your directory for names to confirm your LDAP configuration is returning what you expect
  • Install Domino as a base for your Community Server and create an admin ID that can manage stconfig.nsf
  • Create a deployment plan for the Community Server and use the admin id that you just created when asked for an "administration id"
    • HTTP needs to be running on the Domino server during deployment plan creation because the SSC will attempt to log into Domino using the credentials you just gave it
  • Install the Community Server (shut down Domino first) using the deployment plan drawn from the SSC

Once the Community Server Is Installed You Can Continue.  You Need To Have A Community Server In Place In The SSC Before You Can Install Other Components There.
  • Create the Meeting server database
    • you do this by using the CreateMeetingDB script found in the databasescripts folder in the Meeting Server install files)
    • remember to sign in to the server using the db2 admin credentials to create the database, then sign out and back with your admin credentials to carry on
  • Create the Meeting Server deployment plan
  • Install the Meeting Server
    • Create a cluster for the Meeting Server if you want one
    • Create a proxy for the meeting server (under "Websphere Proxy Servers) so it's accessible on ports 80 / 443
    • Test logging in to the Meeting server via a browser on http://[hostname]/stmeetings
  • Create the Media server deployment plan
  • Install the Media Server
  • Create the Proxy server deployment plan
    • don't forget the proxy server must have a different hostname than the Meeting Server and that hostname must be resolvable. If you're going to open your servers to the public network all hostnames must also be in public DNS
  • Install the Proxy Server
    • Add the ip address of the proxy server to the Community Server's list of trusted ips (you will probably want to restart the Community Server to force it to take effect quickly or you can wait an hour)
  • Try opening the Proxy server on http://[hostname]:9081/stwebclient/index.jsp , I've also seen it on 9082 and 9084.  
    • If in doubt go into the Proxy Server under Websphere Application Servers and choose "Ports" to see which port it has installed on
  • In the Meeting Server configuration enter the URL and port for the Proxy server under meetingroomcenter.stProxyAddress
For NAT Traversal
  • find the TURN_Server folder in the Media Server install files and copy the contents to any location
  • Modify the run.bat or run.sh files found in that folder so that the line beginning java.exe will have a path in front of it pointing to the IBM jvm.
    • The IBM jvm is available in a Notes install or a WAS install.  On a standard WAS install it will be found at
  • Modify the stavconfig.xml file found in the directory path under the cell profile the Media Server is installed into and set NATTraversalEnabled to "True"  
  • Edit the Media Manager configuration and enter the hostname of the TURN server on either UDP or TCP.  I have been using TCP as a more reliable method through firewalls but YMMV.
  • Make sure all the ports are open as per the documentation.  

For Web Audio / Video
  • Under the Media Server installers find the file sametimewebav.zip and extract its contents into the proxy server directory folder eg
  • Or put all the files on a webserver and add the URL to the files in the proxy server configuration within the SSC
If in doubt at any point that something isn't working. Restart EVERYTHING.  Websphere does like a good restart.

During the install on Windows you will notice that ST installs services for each server.  If you install everything in one cell on the same box you will have services for the SSC deployment manager, the SSC node agent, the SSC itself and then the Meeting Server, Media Manager and Proxy Server.  The last 3 services will not work and will start and then stop again.  
  • I remove the services the installer puts in using wasservice -remove (WASService is found in the bin directory under Appserver)
  • I then add the services I want including node agents for each server using WASService -add -serverName -profilePath and -logRoot

I'm sure I've forgotten something since this was all from memory but I'll edit / update it if I come across more.

Good luck!