Ubuntu 20.04 and HCL Domino and HCL Sametime 11.6 Community Server Installation
Unless you are using Ubuntu for internal reasons, switch to the CentOS 7.7 and HCL Sametime 11 Community Server Installation
Important Notes:
- WARNING - Ubuntu is NOT a support Linux distro for HCL Domino 11.0.1 and HCL Sametime 11.6. We run CentOS 7.7 for our Mindwatering clients running Linux. We use Ubuntu only for "internal-only" Mindwatering production servers since we prefer this distro. See the other CentOS 7 Installs and Upgrade support documents in this support app for CentOS 7.6 and CentOS 7.7.
- We started this install from a VM template that already had the OS and prerequisites already installed. So these instructions skip the prerequisite steps. We have added a second section for the Ubuntu 18.04 prerequisite steps under the main instructions below.
- We installed the same libraries needed for IBM Sametime 8.5 and Sametime 9. The installation gave us no errors, so there do not appear to be any new library prerequisites. Since the HCL documentation is not yet released, we cannot say if there is anything missed.
- If you notice any errors, just us know using the Contact link at the top menu of this site.
Ubuntu OS installation and OS prerequisite steps are included in this document below.
___________________________________
Domino 11.0.1 Upgrade
to Domino 11.0
and Sametime Installation:
___________________________________
Mongo Db Installation:
Added Mongo Community Edition to Ubuntu Repository:
HCL links to the official MongoDB.com web site. Therefore, we will use the Mongo repository:
Get key:
$ cd ~/tmp/
$ wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
Install the MongoDb 3.6.5 edition:
$ echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list
$ sudo apt-get update
Install MongoDb:
$ sudo apt-get install mongodb-org
< y to confirm install>
Check to see MongoDB is enabled and running (it wasn't). Enable and start the service:
$ systemctl status mongod.service
$ sudo systemctl enable mongod.service
$ sudo systemctl start mongod.service
$ systemctl status mongod.service
Enter the Mongo shell:
$ sudo mongo
Disable the Cloud Free Monitoring Reminder (or enable if desired):
> db.disableFreeMonitoring()
or to enable: db.enableFreeMonitoring()
<note: Nothing is returned with the disable command>
Do the Mongo.DB HCL db set-up:
(Note the password you use, you'll need it again during the Sametime installation.)
> use admin
--> returned message: switched to db admin
> db.createUser({user: "sametimeUser", pwd: "sametime", roles:[{role:"readWrite", db:"chatlogging"},{ role:"readWrite", db:"mobileOffline"},{role:"userAdminAnyDatabase", db:"admin"}]})
Still in the mongo console prompt, create the sametime database and two collections:
> use chatlogging
--> returned message: switched to db chatlogging
> db.EVENTS.insertOne({"_id" : "dummy"})
--> returned message: { "acknowledged" : true, "insertedId" : "dummy" }
> db.SESSIONS.insertOne({"_id" : "dummy"})
--> returned message: { "acknowledged" : true, "insertedId" : "dummy" }
Exit and restart the MongoDB service:
> exit
$ sudo systemctl stop mongod
$ sudo systemctl start mongod
Update the Mongo configuration /etc/mongod.conf to add replication and change the network settings.
(Note: Two spaces for indents, and no trailing spaces)
$ sudo systemctl stop mongod
$ sudo vi /etc/mongod.conf
Updated the net section to bind to both the localhost and main server IP, it should look like this:
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1,192.168.199.100
or leave just 127.0.0.1, and instead bind to all IPs with:
bindIpAll: true
Update the repliation section, currently commented out to look like this:
replication:
replSetName: rs0
Save the file, <esc>:wq <enter>
Notes:
The mongod.conf configuration file is YAML, it uses indentations to delineate what goes inside the line above it. Therefore, don't use tabs, and watch the number of spacebar hits. You may want to make one change at a time and restart the MongoDB after each change so you know which edit caused the server to fail.
The HCL MS Windows document indicates to use BindIpAll. The documentation seems to hint that this is possibly equivalent to 0.0.0.0 which would make MongoDb at risk for attack. Instead, we used a list above.
Restart the MongoDb service and check for errors
$ sudo systemctl start mongod
$ sudo systemctl status mongod
< look for active. if there is an error, the error messages can be cryptic >
Create the replica set:
$ sudo mongo
> rs.initiate()
Response:
{
"info2" : "no configuration specified. Using a default configuration for the set",
"me" : "myserver:27017",
"ok" : 1,
"$clusterTime" : {
"clusterTime" : Timestamp(1543215432, 1),
"signature" : {
"hash" : BinData(0,"ABCDABCDABCDABCDABCDABCD="),
"keyId" : NumberLong(0)
}
},
"operationTime" : Timestamp(1543215433, 1)
}
You can confirm it with:
> rs.conf()
and
> rs.status()
> exit
For production, it is recommended to enable security (lock the server down).
$ sudo systemctl stop mongod
Create a key. Locate the instructions on the mongo site:
enforce-keyfile-access-control-in-existing-replica-set
$ sudo vi /etc/mongod.conf
Updated the security section to enable it, it should look like this:
security:
authorization: enabled
Save the file, <esc>:wq <enter>
Restart the MongoDb service and check for errors
$ sudo systemctl start mongod
$ sudo systemctl status mongod
< look for active. if there is an error, the error messages can be cryptic >
(Optional) GUI Install:
Add the GUI to make the Sametime server install simpler (aka possible):
$ sudo apt-get install --no-install-recommends ubuntu-desktop
If you want to use the MongoDb Compass client, download the deb file and install it:
$ cd /home/sysadmin/tmp/
$ sudo apt install ./mongodb-compass-community_1.20.4_amd64.deb
Reboot to enter the GUI:
$ sudo reboot
Domino Installation:
Note; Linux installs are console (terminal) mode.
Copy the installation file to the Domino server:
- Domino_1101_Linux_English.tar
- Domino_1101FP3_Linux.tar
2. Started SSH Terminal to server.
$ ssh myadmin@myserver.mindwatering.com
<enter password>
3. Perform the installation.
If an existing server, stop the Domino services if running:
$ sudo systemctl stop domino.service
Install Domino 11:
$ cd /home/myadmin/tmp/dom11/
$ tar -xvf Domino_11.0_Linux_English.tar
<watched files extracted>
$ cd linux64
$ ./install
<go through the prompts>
Note:
- Major releases always have a directory upgrade. Although that has already be done on the "primary" administrative server for the Domain (names.nsf), our first boot into 12 will be manually, just-in-case.
- Important -
If you have an existing (old) ST server, create a replica of the vpuserinfo.nsf on the new Domino Sametime server using the Domino Admin client.
4 -- OPTION A - Swing Upgrade - Start the server manually
$ cd /local/notedata/
$ su notes
$ /opt/ibm/domino/bin/server
< wait for boot >
Shutdown the Domino service.
> q
4 -- OPTION B - Additional Server (No swing) - Start the server with the -autoconf setup.json
This option has a basically empty notes.ini
Using FileZilla or other SCP, copy the necessary replicas.
Note: Make sure source server is down, or use last night's backups. (Do the latter.)
- admin4.nsf
- da.nsf
- events4.nsf
- names.nsf
- statrep.nsf
- server.id
We put all these files in /local/notesdata and did the transfer as the notes user, so the ownership and permissions would be okay.
$ cd /local/notesdata/
$ su notes
$ vi setup.json (new file)
{
"serverSetup": {
"server": {
"type": "additional",
"name": "MyServer",
"domainName": "MWNet",
"IDFilePath": "/local/notesdata/server.id"
},
"network": {
"hostName": "myserver.mindwatering.com"
},
"org": {
"orgName": "MWNet"
},
"admin": {
"CN": "MW AdminID"
},
"existingServer": {
"CN": "MyFirstAdminServer"
}
}
}
Save with <esc>:wq <enter>.
Start the autoconfig "one touch" setup:
$ /opt/hcl/domino/bin/server -autoconf setup.json
 Start of log for reference:
Start of log for reference:
[060224:000002-00007F6218B66740] Loading AutoConfiguration parameters from the JSON file setup.json
[060224:000002-00007F6218B66740] Function CopyIDFile /local/notesdata/server.id returned result 'No error'
[060224:000002-00007F6218B66740] Function SetupGetDAReplica /local/notesdata/admin4.nsf returned result 'No error'
[060224:000002-00007F6218B66740] 06/09/2021 03:26:48 AM On setting preserved for Database Option: LARGE_UNKTABLE for database /local/notesdata/reports.nsf
[060224:000002-00007F6218B66740] 06/09/2021 03:26:48 AM On setting preserved for Database Option: LARGE_UNKTABLE for database /local/notesdata/cppfbws.nsf
[060224:000002-00007F6218B66740] Performing consistency check on da.nsf...
[060224:000002-00007F6218B66740] Completed consistency check on da.nsf
[060224:000002-00007F6218B66740] Application configuration completed successfully
[060224:000002-00007F6218B66740] HCL Domino (r) Server (64 Bit), Release 12.0, May 14, 2021
[060224:000002-00007F6218B66740] (C) Copyright HCL Technologies. 1987, 2021
[060224:000002-00007F6218B66740] refreshing view $Users - 06/09/2021 03:26:48 AM
[060224:000002-00007F6218B66740] finished refresh - 06/09/2021 03:26:48 AM
[060224:000002-00007F6218B66740] 06/09/2021 03:26:48 AM Begin scan of databases to be consistency checked
[060224:000002-00007F6218B66740] 06/09/2021 03:26:48 AM End scan of databases: 2 found
[060226:000002-00007FCA716D9740] 06/09/2021 03:26:48 AM Event Monitor started
[060226:000002-00007FCA716D9740] 06/09/2021 03:26:49 AM Event: Upgrading the design and data of EVENTS4.NSF...
4 -- OPTION C - Remote Setup w/ nsever -listen
Tried from Domino Administrator 12 client on Windows 10. Could not get this option to work. Tried Domino new servers running CentOS 7, CentOS 8, and even Ubuntu 20.
5. Exit being the notes user, and start the server normally.
$ exit
6. If not already done, install the Domino start-up script.
7. Once the start script is installed and the Domino server is setup, start the Domino service
$ sudo systemctl start domino.service
$ sudo systemctl status domino.service
< confirm active (running), and no errors listed>
Sametime Installation:
Transfer the Sametime installation file to the ST server:
- Sametime_11.0_CommunityServer_Linux64.tar
$ cd /home/myadmin/tmp/
$ sudo tar -xvf Sametime_11.0_CommunityServer_Linux64.tar
There are two directories produced.
The GSKit folder needed to encrypt ST communications. (See our R9 docs on that process in this repository)
$ cd Server/
$ chmod g+x install.bin
$ chmod u+x install.bin
The install only allows a console install. We typically edit the options-unix.txt, and install with:
$ sudo ./install.bin -i silent -f options-unix.txt
If you wish to be prompted, install with:
$ sudo ./install.bin
After installation, review the stsetup.log:
$ cat stsetup.log | less
- IMPORTANT -
If you did the silent install, the Sametime mongo user and password are not set, we have to do it manually, in the next section below. If install.bin was run w/o the silent options, just confirm the file was updated okay.
Before starting the Domino services, update/check the chatlogging.ini file:
# cd /local/notesdata/
# vi chatlogging.ini
Update the CL_MONGO_USER= line to the sametime username noted above.
Update the CL_MONGO_PASSWORD= line to the sametime password noted above.
Save the file w/ <esc>:wq <enter>
Mostly OPTIONAL:
If you have VPS_Allowed_Login_Types specified, we have to update the client IDs. Before starting the Domino services, update the samtime.ini file:
$ vi sametime.ini
Find the line VPS_ALLOWED_LOGIN_TYPES. If you have this line, add the client IDs 1312 and 12A2 to the existing list.
Find the line VPS_PREFERRED_LOGIN_TYPES. If you have this line, add the client IDs 1312 and 12A2 to the existing list.
Save the file.
<esc>:wq
Manually start the Domino Sametime server, look for any errors.
$ cd /local/notedata/
$ su notes
$ /opt/hcl/domino/bin/server
< wait for boot >
See issues below.
___________________________________
Ubuntu 20.04 Linux Installation
and Prerequisite Steps:
___________________________________
Linux Install:
Use the server (non-Desktop) installation. In this case we used:
ubuntu-20.04.6-server-amd64.iso
Notes:
- I don't personally prefer the live version, so we use ubuntu-20.04.6-server-amd64.iso. I prefer my servers to not be dynamic and use cloud-init.
- Do the disk partitioning to your preferences. The Mindwatering VM standard is two persistent disks. One for everything but the "/local" folder, and one to map to /local/ which holds "/local/notesdata" for the Domino data directory. Do what works best for you.
- For the package selection, we choose just the OpenSSH server to add to the Base OS.
- Ubuntu installs the OpenVM tools so we skip that step since Ubuntu 16.04.
- We set the OpenVM tools to sync time to our ESXi (vSphere) hosts, so we don't do the NTP set-up. If you are not synching to your host, complete that step.
Update OS:
Make sure all is up-to-date. Run a Terminal from the GUI if you already installed a desktop, or a remote SSH, etc.
$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo apt-get dist-upgrade
If there are packages to remove:
$ sudo apt-get autoremove
If you didn't install SSH during the base setup. We can install and enable SSH now, assuming you wish to remotely manage and transfer files.
$ sudo apt-get install openssh-server
5. If desired, and not done already, install the GUI, but w/o all the Gnome apps, but with the client networking.
$ sudo apt-get install --no-install-recommends ubuntu-desktop
<wait>
$ reboot
Install the open-vm-tools:
Note: These steps have not been needed for Ubuntu 16.04 and Ubuntu 18.04. Skip this step.
For terminal:
$ sudo apt-get install open-vm-tools
or
$ sudo apt-get install open-vm-tools-lts
(... for the specific version - typically the first one works just fine)
For terminal and desktop, if you have the GUI installed:
$ sudo apt-get install open-vm-tools open-vm-tools-desktop
(Not been needed last couple releases of Ubuntu. Already installed automatically w/ system.)
Update the Network and Set Static IP:
a. Locate the NIC / network interface card.
$ ls /etc/network/interfaces
Note the name of the interface. You'll either be editing the file named interfaces, or another with a custom name. eg. en160
b. Edit the file and switch it to a static IP address.
If NOT using netplan:
$ sudo vi /etc/network/interfaces
Make updates similar to the following:
auto ens160
iface ens160 inet static
address 10.0.118.100
netmask 255.255.255.0
network 10.0.118.0
broadcast 10.0.118.255
gateway 10.0.118.1
dns-nameservers 10.0.118.1 10.0.118.254
Save the file and exit. <esc> :wq.
If using netplan:
Locate the network:
$ cd /etc/netplan
e.g. 00-installer-config.yaml
$ vi 00-installer-config.yaml
replace the dhcp4 section with the following, adding the new entries underneath.
network:
ens160:
dhcp4: no
addresses: [10.0.118.100/24]
gateway4: 10.0.118.1
nameservers: [10.0.118.1 10.0.118.254]
...
Save the file and exit. <esc> :wq.
c. Restart/apply the network change:
If NOT using netplan, restart the network and verify it restarts okay.
$ sudo service networking restart
or
$ sudo systemctl restart networking
$ sudo systemctl status networking
< response message will show Active, and show the stopping, starting, and started comments at the bottom>
If using netplan, apply the change.
$ sudo netplan apply
Verify:
$ sudo ip addr show dev ens160
Update the hosts File
Update the /etc/hosts file with the IP address and name of the server.
$ sudo vi /etc/hosts
Make edits similar to the following under the localhost line:
Insert a comment for the 127.0.1.1 entry that recent Linux entries have been adding. It confuses app servers. (Don't touch the 127.0.0.1 entry for localhost. )
# 127.0.1.1 myserver
10.0.118.100 myserver.mindwatering.net myserver
Save the file and exit. <esc> :wq.
Update the Hostname:
If needed, update the hostname of the server, if it doesn't match what you entered during install. (Only needed if you use VM templates like we do.)
$ sudo hostnamectl set-hostname myserver
Confirm it:
$ hostname
$ hostname -f
The first command above prints myserver. The second command prints out myserver.mindwatering.net.
Increase the Display Size:
If you selected to install the desktop, increase display size from the 800x600 resolution.
From desktop, choose Settings --> Display. Adjust to desired size.
Set-up NTP if not Using VMware/OpenVM Tools to Do Sync:
(Optional. You can also use VMware Tools to sync the time by enabling it in both the VM's settings panel and the client.)
$ touch /etc/cron.daily/ntpdate
$ vi /etc/cron.daily/ntpdate
Add the following line and save: ntpdate ntp.ubuntu.com
$ sudo chmod 755 /etc/cron.daily/ntpdate
Install Domino 9/10/11 Prerequisites:
1. Increase file-handles for Domino.
Edit /etc/security/limits.conf using sudo and add or modify the lines:
$ sudo vi /etc/security/limits.conf
Add / modify the following lines:
notes soft nofile 65535
notes hard nofile 65535
(where notes is / will be the o/s username for the server. Use 65535 for 64 bit Linux for both the soft and hard limit, per HCL, as of 2019/12.)
2. Create new user & home folder.
$ sudo useradd -d /home/notes -m notes
3. Give the new notes user a password. After enter, enter your password and then notes user password twice.
$ sudo passwd notes
4. Add firewall rules for common Domino ports. Enter the following applicable commands to open your server's ports for the Domino services you are going to run:
$ sudo ufw allow proto tcp to any port 22 from 10.0.118.0/24
$ sudo ufw allow proto tcp to any port 25 from 10.0.118.0/24
$ sudo ufw allow proto tcp to any port 1352
$ sudo ufw allow proto tcp to any port 80
$ sudo ufw allow proto tcp to any port 443
If server is also an IBM Sametime server:
$ sudo ufw allow proto tcp to any port 544
$ sudo ufw allow proto tcp to any port 9092
$ sudo ufw allow proto tcp to any port 9094
$ sudo ufw allow proto tcp to any port 8088
$ sudo ufw allow proto tcp to any port 1533
$ sudo ufw allow proto tcp to any port 1516
$ sudo ufw allow proto tcp to any port 8082
$ sudo ufw allow proto tcp to any port 8081
$ sudo ufw allow proto tcp to any port 1503
$ sudo ufw allow 1:65535/udp
or
$ sudo ufw allow proto udp to any port 1:65535 from 10.0.118.0/24
Add the mongo db port for internal use by Sametime Proxy if installing:
$ sudo ufw allow proto tcp to any port 27017 from 10.0.118.0/24
Enable the firewall. Make sure you have an actual "real" terminal in-case you locked yourself out. Check for any errors.
$ sudo ufw enable
5. Install needed libraries for Domino.
Notes:
For Domino, no additional libraries were needed.
Sametime is no longer 32-bit, so we don't need to do --add-architecture i386 and we don't need the compat-x libs.
We used the Domino Directory option again for Sametime and didn't to the LDAP and port 636 secure GSKit setup.
We did not explicitly install any of the R9 dependancies below, although some were installed with the OS and the GNOME Desktop.
$ sudo apt-get install libstdc++5
$ sudo apt-get install libstdc++6
$ sudo apt-get install ttf-xfree86-nonfree
$ sudo apt-get install libxmu6
$ sudo apt-get install libxp6
$ sudo apt-get install libxp-java
$ sudo apt-get install libxtst6
$ sudo apt-get install gawk
$ sudo apt-get install libgnomeprintui2.2-0
$ sudo apt-get install bc
$ sudo apt-get install gtk2-engines
$ sudo apt-get install elfutils
$ sudo apt-get install ksh
$ sudo apt-get install libc6
$ sudo apt-get install gcc-4.8-base libgcc-4.8-dev
6. For Ubuntu, we need to update the shell, so that it uses /bin/sh, a.k.a. bash.
Note: You could update the notes user/s .profile instead. There are a few different solutions for this.
Replace / relink sh:
(The server script uses /bin/sh, we do this to ensure we are using bash, not dash. These instructions will save the old config with old in-case you wish to every put it back. )
$ sudo mv /bin/sh /bin/sh-old
$ sudo ln -s /bin/bash /bin/sh
Set up the notes user to use DOMINO_LINUX_SET_PARMS:
# vi /home/notes/.bashrc
Add to the end of the file: export DOMINO_LINUX_SET_PARMS=1
7. Make the server's data folder and give the ownership of the notesdata folder to the new notes user.
Note: We leave the /opt/hcl folder owned by root after the install.
$ sudo mkdir /local/
$ sudo mkdir /local/notesdata
$ sudo chown -R notes /local/notesdata
$ sudo chgrp -R notes /local/notesdata
$ sudo chmod g+w /local/notesdata
Install Domino Start-up Scripts:
For the Nashed start-up script, follow the instructions that come with the start-up script.
- Newer version installed into the /opt/nashcom folder:
a. Using FileZilla or another SCP program, transfer the script to the tmp working folder.
e.g. /home/myadmin/tmp/start331/start_script_331.tar
b. Extract:
$ cd /home/myadmin/tmp/start331
$ tar -xvf start_script_331.tar
< files extract>
$ cd start_script
c. Update any variables needed, as needed:
rc_domino:
If your user is not notes, update the DOMINO_USER=notes line.
rc_domino_config:
If your user is not notes, or your notesdata location is not /local/notesdata/, you'll need to update this file.
We also update the Lotus variable, like so:
$ vi rc_domino_config
... change the following line:
#Lotus=/opt/ibm/domino
to
Lotus=/opt/hcl/domino
...
Save the file with <esc>:wq <enter>.
Install the script:
$ sudo ./install_script
< watch output>
- Older version not installed into the separate /opt/nashcom folder:
For the domino.service file in /etc/systemd/system, update lines 7, 10, and 11 for your paths.
For the rc_domino_script in /opt/ibm/domino or /opt/ibm/notes, update lines 42 and 65 for the server OS ID and paths.
For the rc_domino in /etc/init.d/, update lines 31, 35, and 43, for your server OS ID and paths.
For the rc_domino.script_notes file to /etc/domino/, updates similar lines as rc_domino.script.
Update all the file permissions to 755.
$ sudo systemctl enable domino.service
Note: This server is an upgrade, not a new install. We are re-using the /local/notesdata, and we chose to keep the existing /opt/ibm/domino path. Our existing start-up script is already in/opt/ibm/domino If this is a new install, the script path will be /opt/nashed/, as Daniel Nashed now has his scripts set to be in a separate /opt/nashcom/ folder.
Troubleshooting Issues
The Sametime installation has an issue with a library:
[069280:000009-00007F398C4AF700] An error occurred when initializing the repair engine.. repair services will be unavailable Entry not found in index
/opt/hcl/domino/notes/latest/linux/staddin: error while loading shared libraries: libgsk8iccs_64.so: cannot open shared object file: No such file or directory
This file is actually one folder down, in a subfolder, sticc. We created a symlink:
$ sudo su
# cd /opt/hcl/domino/notes/latest/linux/
# ln -s sticc/libgsk8iccs_64.so ./libgsk8iccs_64.so
# exit
Afterwards, the library paths will display at/near the error point last time. Output should be like the following:
[072812:000002-00007FBF1B382200] 06/09/2021 04:43:18 AM The current OS library path is LD_LIBRARY_PATH=/opt/hcl/domino/notes/latest/linux:/opt/hcl/domino/notes/latest/linux/jvm/bin:/opt/hcl/domino/notes/latest/linux/jvm/bin/classic:/opt/hcl/domino/notes/latest/linux/jvm/lib/amd64:/opt/hcl/domino/notes/latest/linux/jvm/lib/amd64/default
[072812:000002-00007FBF1B382200] 06/09/2021 04:43:18 AM OS library path set to LD_LIBRARY_PATH=/opt/hcl/domino/notes/latest/linux/jvm/bin:/opt/hcl/domino/notes/latest/linux/jvm/bin/classic:/opt/hcl/domino/notes/latest/linux:/opt/hcl/domino/notes/latest/linux/jvm/bin:/opt/hcl/domino/notes/latest/linux/jvm/bin/classic:/opt/hcl/domino/notes/latest/linux/jvm/lib/amd64:/opt/hcl/domino/notes/latest/linux/jvm/lib/amd64/default
previous page
|