Pasodoff

This is only theoretical and might work as a starting point for others. I have not attempted this approach from end to end. One major downside is that the versioning of documents is lost during the procedure.

Revised WCM 6.0 migration via ‘Import’
———————————————————
1. Import WCM 6.0 library(s) via normal import tasks
– If you have multiple libraries, export them all the same directory, then run the import task once against the entire directory
2. Ensure that WasPassword and PortalAdminPwd are specified in ,.

\ConfigEngine\properties\wkplc.properties

3. Run the following tasks in order:

     \ConfigEngine\ConfigEngine.sh action-pre-apply-wcm-6.0-7.0-migration
     \ConfigEngine\ConfigEngine.sh run-wcm-admin-task-update-security -DallLibraries=true -DremoveVirtualUserPerms=true -DpreserveDates=true -DlibSecurity=true
     \ConfigEngine\ConfigEngine.sh run-wcm-admin-task-schedule-actions -DallLibraries=true -DpreserveDates=true
     \ConfigEngine\ConfigEngine.sh action-wcm-6.0-7.0-migration 

4. Restart the server

Give it a go… and report back?

I recently swapped out a home ESXi server for a physical low power ITX FileServer/NAS. The idea was to provide a large network attached storage device without a beefy server. I pulled the old ESXi server disks out of the large tower prior to moving overseas. The old virtualisation machine had a Windows FileServer which housed my media collection. In order to preserver the backups, I mounted the VMFS (Virtual Machine File System) under the new lean ubuntu server (v11.4), then mounted the individual vmdk (Virtual Machine Disk) files for the windows file server. Here are the steps I took:

Download vmfs-tools:

sudo apt-get install vmfs-tools

Find the HDD device.

sudo fdisk -l

In my case the device boot was:

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1      121601   976759968+  fb  VMware VMFS

Then I mounted the vmfs file system at /dev/sda1

vmfs-fuse /dev/sda1 /mnt/vmfs

The vmdk files were visible within the mounted vmfs:

root@nas-H55N-USB3:/mnt/vmfs/Windows XP - File Server# ls -l
total 0
-rw------- 1 root root 966367641600 2011-02-20 12:51 Windows XP - File Server_1-flat.vmdk
-rw------- 1 root root          423 2011-02-08 11:31 Windows XP - File Server_1.vmdk

Copy the vmdk out of the vmfs (I was not able to mount them from within the vmfs! bugger!).
Mount the vmdk

/usr/bin/vmware-mount -p /mnt/windowsFileServer/Windows\ XP\ -\ File\ Server_1.vmdk
Nr      Start       Size Type Id Sytem
-- ---------- ---------- ---- -- ------------------------
 1         63  524281212 BIOS  7 HPFS/NTFS
 2  524281275 1363147380 BIOS  7 HPFS/NTFS

Copy the files out!

UPDATE:
There is now a WebSphere Portal Family Wiki article here

After numerous attempts and a long running PMR with IBM, I have been able to pin down the exact procedure to migrate only WCM content between a Portal 6.0.1.x server and Portal 7.0.  This type of procedure was documented in earlier versions, however is not in the Portal 7.0 info centre nor wiki. is somewhat documented in the info centre and wiki

These are the high level command line steps I took to migrate the JCR database from Portal 6.0.1.7 to 7.0 on RHEL. I used the same security configuration (Active Directory) and database backend (Oracle).

1. Ensure content authors have removed all draft items prior to migration. Log into Portal > Web Content Management and check each library’s All Items > Drafts areas for any remaining drafts and delete them (NOTE: This step may not be necessary however corruptions in our JCR database cause the migration to fail on draft items.  Removing all drafts resolved this issue).
2. Copy the source 6.0.x JCR database to the destination Portal 7.0 database instance. Ensure you have backed up the 7.0 JCR database prior to restoring the 6.0.1.7 over the top.
3. Ensure the database properties in the wkplc_dbdomain.properties file within

   /opt/IBM/WebSphere/wp_profile/ConfigEngine/properties/

   are correct and point to the source Portal 6.0 JCR database in the Portal 7.0 DB instance

4. Validate that you can successfully connect to the new portal databases by running the following from the ConfigEngine directory on the destination Portal environment:

./ConfigEngine.sh validate-database -TransferDomainList=release,community,customization,likeminds,feedback

5. If you receive a BUILD SUCCESSFUL message move onto the next task. If not, review the wkplc_dbdomain.properties file configuration in and repeat the command.
6. Validate the JCR database connection:

   ./ConfigEngine.sh validate-database -DTransferDomainList=jcr

7. Connect to the JCR schema for migration

   ./ConfigEngine.sh connect-database-jcr-migration

8. Upgrade the JCR schema from 6.0.1.x to 6.1.0.0

   ./ConfigEngine.sh upgrade-jcr-datastore-601x-to-6100-jcr

9. Migrate the data from Portal 6.1.0.0 schema to 7.0 schema

   ./ConfigEngine.sh wcm-post-migration-data-update -DPortalAdminPwd=password -DWasPassword=password -DPreviousPortalVersion=6.1.0.0 -DTransferDomainList=jcr

10. After the wcm-post-migration-data-update task builds successfully, the JCR migration breaks the Portal new Page Builder theme. In order to resolve the issue run:

    ./ConfigEngine configure-common-component-resources -DWasPassword=password -DPortalAdminPwd=password

11. Once the Page Builder theme has been redeployed into portal, confirm that the WCM libraries are available from the Authoring Portlet. Log into Portal. The libraries should have been successfully migrated to the Portal 7.0 instance.
12. Run the member fixer tool over each library to resolve any LDAP user mapping changes on content items between environments.
13. Run the security update to migrate from 6.0 ->7.0, the Update Security task will apply inherited access permissions and remove existing item access permissions. This task will remove existing item access permissions and apply inherited access permissions to Content in the a libraries, whilst preserving the last modified dates of the items (updated 12/10/2011: Thanks Troy.):

     ./ConfigEngine.sh run-wcm-admin-task-update-security -DWasPassword=password -DallLibraries=true  -DremoveExistingPerms=true -DinheritPerms=apply -DrestrictOn=Content -DpreserveDates=true -libSecurity=true

Here are the APN settings for Android phones on the swiss Orange network.  It took me a too long to work this out on my HTC Legend

Name: Orange Internet

APN: click

Proxy: <not set>

Port: <not set>

Username: <not set>

Password: <not set>

Server: <not set>

MMSC: <not set>

MMS proxy: <not set>

MMS port: <not set>

MCC: 228

MNC: 03

Authentication type: none

APN type: default

Update on 27-02-2011: Working procedure here

After performing a WCM only 6.0 to 7.0 Portal migration I received the following error when loading the Authoring Portlet:

 00000042 ItemSession   W   TODO: message code. Unable to load FAVORITE_LOCATIONS. Please check your JPA configuration
                                  org.apache.openjpa.persistence.PersistenceException: ORA-00942: table or view does not exist
 {prepstmnt 824455460 SELECT t0.ID, t0.CONTROLLABLE_ID, t0.CONTROLLABLE_TYPE, t0.SCOPE, t0.LAST_ACCESSED_DATE, t0.MEMENTO_ID, t0.MEMENTO_JSON, t0.USER_ID FROM icmadmin.WCM_SCOPED_ITEM t0 WHERE (t0.SCOPE = ? AND t0.USER_ID = ?) [params=(String) FAVORITE_LOCATIONS, (String) Z9eAeP9OI3Q4CGHO63QO62BE8MSG6O1EC6RG6N9O4JROCPPD6MILCMHC0]} [code=942, state=42000]

I found the "TODO: message code" quite amusing. It is caused by

org.apache.openjpa.persistence.PersistenceException: ORA-00942: table or view does not exist

In particular the WCM_SCOPED_ITEM table. Connecting to the database directly confirmed that the table was missing.

Note I am not performing a full portal migration. I only want to migrate the WCM content. I performed the following high level tasks prior to receiving the error:

• Copied and restored the oracle JCR DB from the source portal environment into the destination environment
• Ran:

  ./ConfigEngine.sh connect-database-jcr-migration

• Ran:

  ./ConfigEngine.sh create-wcm-persistence-tables

• Ran:

  ./ConfigEngine.sh update-wcm-nodetypes -DWasUserId=wpsadmin -DWasPassword=password -DPreviousPortalVersion=6.0.1.7 -Dinitial.wcm.nodetype.version=3 -DPortalAdminId=wpsadmin -DPortalAdminPwd=password

• I ran the following tasks because after the JCR migration the Page Builder theme was broken: I followed this IBM TechNote

  ./ConfigEngine.sh action-create-ear-wp.mashup.cc.theme -DWasPassword=password -DPortalAdminPwd=password

  and

  ./ConfigEngine.sh configure-common-component-resources -DWasPassword=password -DPortalAdminPwd=password

This was an undocumented approach to migrating only WCM data which worked successfully in a Portal 6.0.1.7 to Portal 6.1.5 migration.  No joy in portal 7.0. PMR OPEN...

To set up your Outlook Express client to work with Google Apps on Brindleys.net:

1. Open Outlook or Outlook Express.
2. Click the Tools menu, and select Accounts…
3. Click Add, and then click Mail…

4. Enter your name in the Display name: field, and click Next.
5. Enter your full brindleys.net email address (username@brindleys.net) in the Email address: field, and click Next.

6. Enter pop.gmail.com in the Incoming mail (POP3) server: field. Enter smtp.gmail.com in the Outgoing mail (SMTP) server: field. Google Apps users, enter the server names provided; don’t add your domain name in this step.

7. Click Next.
8. Enter your full email address (including ‘@brindleys.net’) in the Account name: field. Enter your email password in the Password: field, and click Next.

10. Click Finish.
11. Highlight pop.gmail.com under Account, and click Properties.

12. Click the Advanced tab.
13. Fill in the following information:*

• Check the box next to This server requires a secure connection (SSL) under Outgoing Mail (SMTP).
• Enter 465 in the Outgoing mail (SMTP): field.
• Under Outgoing Mail (SMTP), check the box next to This server requires a secure connection (SSL).
• Under Incoming mail (POP3), check the box next to This server requires a secure connection (SSL). The port will change to 995.

*The order of Outgoing and Incoming mail server fields varies by version. Make sure you enter the correct information in each field.

14. Return to the Servers tab, and check the box next to My server requires authentication.

15. Click OK.
Congratulations! You’re done configuring your client to send and retrieve Brindleys.net messages.

If you experience problems using POP with Outlook SEND ME AN EMAIL.

NOTE:

Once you have setup the new brindleys.net Google Apps settings you should Remove the old account.

I plan on riding the Flight Centre Epic again this year. It will be my third year running. I’ve decided I’ll web log my progress. The first two were very rewarding experiences. Tiring but rewarding none the less.   In 2008 it took me 7hour 15mins.  In 2009, after some minor technical ahem fitness issues, I scrapped in at 8hours 5mins.  Now quite familiar with the trail I hope to beat my initial 7:15 best this year.

Quick blurb about the Epic:

(100km is a lie! don’t believe it!)

To do so, I’m starting the training a little earlier this year. 14 weeks earlier this time.   I have a fairly decent standing fitness but I’ve let it slip over the last couple of months.   Rob (a colleage) and I will be following a “moderate” experience training regime.

We plan to follow a combination of these resources:

http://www.mtb-marathon.co.uk/training/training.php

http://home.hia.no/~stephens/mtbplan.htm

Week 1, D-day, starts April 12th with the following:

WEEK 1 EXAMPLE (Start week)

From the table, it appears the time commitment will be quite large.

NOTE: Before beginning,  configure the two load balancers (LB) exactly the same in order to allow failover and continued service.

From the Primary Load Balancer gui (Start > Program Files > IBM WebSphere > Edge Components > Load Balancer for IPv6 > Load Balancer for IPv6 ):

1. Right click on the Dispatcher and click Connect to host…
2. Connect to the :10099
3. Right click on the High Availability icon and select Add Heartbeat…
4. Leave the local machine’s IP addres in the first textbox and enter the secondary LB’s IP address in the second and click OK.
5. Right click on the High Availability icon and select Add High Availability Backup….
6. Set the role as Primary, the IP of the secondary server and the port number 10099.
7. Repeat the same process for the secondary LB except select Backup for the servers role.
8. Once complete click the refresh statistics button and confirm the state changes to: Synchronized .
9. Once the process is complete it is important to edit the goActive and goStandby scripts.
   1. These files can be found in the <edge_home>/lb/servers/samples directory.
   2. Follow the instructions within each script file, editing the set CLUSTER,INTERFACE and NETMASK values.
   3. Copy both scripts into the lb bin directory at: <edge_home>/lb/servers/bin/
   4. ensure that you remove the .sample after the filename so they read goActive.bat and goStandby.bat

If you wish to test your configuration. Disable the network addapter on the primary LB and watch the secondary change into active state. Did your service remain available?

Dispatcher provides the ability to spray requests between multiple servers. In the WebSphere Stack it allows load balancing between multiple webservers which in turn can relay requests to multiple application servers. They provide high availability and scalability. These instructions dictate how to setup a configuration similar to the following image:

From the follow article in the WebSphere Infocenter http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.edge.doc/welcome.html

To set up a simple IP spraying with WebSphere Edge Components Dispatcher 6.1 on Windows 2003 Server, follow these instructions:

1. Install the Dispatcher from the WebSphere Edge Components CD or archive file  (From experience: don’t install the first release 6.1.0.0. IBM is up to release 6.1.042 at time of writing. NOTE: You will need the .lic. licence, file from the original install)
2. Once installed (simple point and next scenario) open the Start > IBM WebSphere > Edge Components > Load Balancer > Load Balancer.
3. Expand the Load Balancer in the tree hierarchy.
4. Right click on the Dispatcher and select Start Configuration Wizard.
5. Click Next on the Dispatcher Configuration Wizard welcome screen.
6. Click Next again on the What to expect… page
7. Read the What Must I Do Before I Begin List and confirm access from the Load Balancer to the webservers on the desired ports (IE. https (443) / http (80) to hostname:port)
8. Click Create Configuration.
9. Select the host you wish to configure (the default is the local machine’s hostname on port 10099) and click Update configuration and Continue
10. Enter the desired domain to balance and Click Update configuration and Continue.
11. The wizard will confirm the cluster has been added, click next.
12. Enter the desired port number (IE: 443 for https 80 for http)
13. The wizard will confirm the port has been added, click next.
14. Add the IP address of the desired servers to be load balanced (your webservers).
15. Once all the servers in the cluster have been added click next
16. Leave the default of Yes for the advisor creation and add a name (IE: HTTPS)
17. Open the loop back instructions for Windows 2000/2003
18. On each of the webservers being balanced (NOT the load balancer itself!) follow these instructions:
    1. Open the control panel and click Add Hardware Wizard
    2. Click next on the Welcome screen
    3. Let the wizard search for new hardware
    4. On the Is the hardware connected? screen select the Yes radio button.
    5. At the bottom of the installed hardware list select Add a new hardware device and click next
    6. Select Install the hardware that i manually select from a list.
    7. Select Netword adapters
    8. Select Microsoft and the Microsoft Loopback Adapter
    9. Click next to install the adapter.
    10. click finish when complete.
    11. Open Network Connections and right click on the new Microsoft Loopback Adapter and select properties
    12. Select Internet Protocol (TCP/IP) and click Properties
    13. Select Use the following IP address and enter the IP address for the cluster, the proper subnet mask for the server and leave the default gateway empty.
    14. Enter the loop back address for the Preferred DNS server (IE: 127.0.0.1) and leave the alternate empty.
    15. Click OK and OK again.
    16. Repeat on all web servers in the cluster.
19. Click Exit at the end of the Wizard
20. Save the configuration (no spaces in the name) and restart the IBM Dispatcher service. (run > services.msc)

Want an highly available load balancer? Configuring high availability for IBM Load Balancer

WebSphere Self-sign certificates

WebSphere v6.1 automatically replaces expiring self-signed certificates by default. If dates are put forward on a server for testing purposes the certificates will be regenerated and expiring certificates and signers will be deleted. This can be turned off by going to: Sercurity > SSL certificate and key management > Manage certificate expiration and un-ticking the appropriate options.

If the certificates become invalid you may receive one of the following exceptions:

CWPKI0311E: The certificate with subject {0} has a start date {1} which is valid after the current date/time.  This will can happen if the client's clock is set earlier than the server's clock.   Please verify the clocks are in sync between this client and server and retry the request.

or

Exception stack trace: javax.naming.NamingException: Error during resolve [Root exception is org.omg.CORBA.COMM_FAILURE: CAUGHT_EXCEPTION_WHILE_CONFIGURING_SSL_CLIENT_SOCKET: JSSL0080E: javax.net.ssl.SSLHandshakeException - The client and server could not negotiate the desired level of security.  Reason: com.ibm.jsse2.util.h: No trusted certificate found  vmcid: 0x49421000  minor code: 70  completed: No]

In order to increase the lifetime of the certificates and resolve the issue the following steps were taken:

1. locate the key.p12 and trust.p12 files under the dmgr profile ie:

   <profile_root>\config\cells\<cellname>\key.p12

2. Open the key.p12 file with the IKEYMAN tool (\bin\ikeyman.bat). You must select PKCS12 from the key database type drop down in order to open the file.
3. The defualt password for websphere application server certificate stores is: WebAS^?
4. Select Personal Certificates from the key database content area drop down
5. Delete the existing default certificate
6. Create a new self signed certificate with the following details:

      Key Label: default
      Version X509 V3
      Key Size: 1024
      Common Name: <fullyQualifiedHostname>
      Organization: IBM
      Country or region:US
      ValidityPeriod: 3650 (We selected 10 years for the length of the certificate)

7. Extract the certificate you just created with the following settings:

      Data Type: Base64-encoded ASCII data
      Certificate file name: newDefault.arm
      Location: D:\temp\

8. Open the \config\cells\\trust.p12 file
9. Again the password is WebAS^?
10. In the Key Database Content area select signer certificates from the large drop down.
11. Delete any existing default or default_x certificates
12. Click Add and browse to the extracted certificate from the key.p12 file, D:\temp\newDefault.arm
13. Enter a label of default
14. close the IBM Key Management tool
15. Copy the Key.p12 and trust.p12 file to the following locations:

       Deployment Manager:
       <profilehome_dmgr>\config\cells\<cellname>\nodes\<nodename>

    All nodes:

       <profilehome_nodex>\config\cells\<cellname>
       <profilehome_dmgr>\config\cells\<cellname>\nodes\<nodename>

16. Restart the DMGR all nodeagents and servers