HCL Sametime 11 – WebClient stuck on Loading

If you experience the issue with HCL Sametime 11 Proxy, where the WebClient just loads endlesly after a user logs in, and the following error is present in “catalina.out” log file (of the Sametime Proxy component):

CLFRX0049E: Failed to query the user info: <username>, reason 80000005

Check the “UserInfoConfig.xml” file, on the Sametime Community Server, for Syntax Errors. In my case the “Username” variable, inside the “<storageDetails>” tag, needed to be moved in front of the “Password” variable (this formatting is default in Sametime 11 FP1 version). Afterwards the “<storageDetails>” tag should reassemble something like the following:

<StorageDetails BaseDN=”DC=test,DC=com” HostName=”dc.test.com” UserName=”CN=SVC_Test,OU=Service Accounts,OU=test,DC=test,DC=com” Password=”xxxxxxx” Port=”389″ Scope=”2″ SearchFilter=”(&amp;(objectclass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(|(pager=%s)(mail=%s*)(samAccountName=%s*)(sn=%s*)(displayName=%s*)(distinguishedName=%s)(objectguid=%s)))” SslEnabled=”false” SslPort=”636″ /> 

HCL Sametime 11 – SSO between ST WebClient and iNotes/Verse on-Premises

You can integrate HCL iNotes and/or HCL Verse on-Premises, with Sametime 11 via ST Proxy server, the same way the integration was done with Sametime Version 9.0.1.

But before you can integrate the products mentioned above, you have to configure Single-Sign-On between Sametime WeClient and iNotes/VoP.

With Sametime version 9.0.1, you would export the LTPA Token from Websphere Application Server and import it in the Domino “Web SSO Configuration” document of the iNotes/VoP server and Sametime Community Server. Thus making sure that all components involved are using the same LTPA Token.

But in the Sametime Version 11, we do not have any WebSphere components. So, you just have to make sure that the Sametime Community and iNotes/VoP servers are using the same LTPA Token. Either export the LTPA Token from the old Sametime environment or any other existing WebSphere server and import it in the relevant Domino “Web SSO Configuration” documents. After restarting all components involved, the SSO should be working and you can proceed with integrating Sametime with iNotes and/or Verse on-Premises.

HCL Sametime 11 – Limited Use vs. Standard License

I found that there is a lot of confusion going around which Sametime features are covered in Limited Use License, although I could not find a document or a matrix chart covering this in detail, the following article provides some important insights:

Excerpt of the article:

HCL Sametime 11 Limited Use prohibits the use of the following components:

- File transfer
- Screen capture - Multiple communities - External user - Built-in audio / video function - Integration with external meetings - To ensure compliance with the Limited Use terms, these features must be disabled in policy settings.

Before deploying Sametime 11 Limited Use, make sure that the features important for you are covered in the license. And if one or another function is not working, check with support if it is covered in the Limited Use license in the first place, it might save you some time spent troubleshooting.

UPDATE

My friend, Roberto Boccadoro found the official licensing agreement, thank you very much! You can Access it via the following URL:

Excerpt of the document:

Notwithstanding any provision in the Agreement, Licensee is not authorized to use any of the following components or functions of the Program:

  • Access to File Transfer (of HCL Sametime)
  • Screen Capture (of HCL Sametime)
  • Multiple Communities (of HCL Sametime)
  • External users (of HCL Sametime)
  • Embedded Audio/Video features (of HCL Sametime)
  • External conferencing integration (of HCL Sametime)

HCL Sametime 11 – ST Proxy Server & DNS

Obviously, when deploying any application, DNS is important and the needed DNS entries need to be set.

Before deploying the HCL Sametime 11 Proxy Server you need to make sure that the MongoDB and the Sametime Community Servers are reachable via FQDNs and hostnames.

If you have to work with a “host” file, in DMZ for example, make sure to create separate entries for hostnames and FQDNs mentioned. If you are using a separate DNS Alias to access the Sametime Community server, other than the “real” FQDN and Hostname, make sure to create the entries for the “real” FQDN and Hostname of the Community server, even if you have not used them during the ST Proxy installation. During one deployment I ran into this issue. After enabling the debugging on the ST Proxy Server, I got the following errors:

FINE [White Rabbit (Timer). 2] com.ibm.rtc.stproxy.cluster.ServerLogin.connect Connecting to ST server: Server name: CN=domino-server-name/O=domino-organization, Cluster name: CN=domino-server-name/O=domino-organization, Server URL: domino-community-server.domain.local, serverID: null, Sametime session: null

WARNING [Chuck the postman’s dispatching thread.4] com.ibm.rtc.stproxy.cluster.ServerLogin.loggedOut CLFRX0011W: Unable to log in to the Sametime community server CN=domino-server-name/O=domino-organization. Error message is 80000207

After editing the host file of the ST Proxy server, on which the error was produced, the Sametime Webclient was working as desired and there were no errors in the log file.