Home

 

Create a superuser

For Sametime integration, create a superuser who has access to all communities, public and private.

With additional configuration on the Lotus Connections server, it is possible to create a superuser who can see all communities, public and private. For Sametime integration, create a user of this type, and add their login and password credentials to the Sametime Advanced server so that you can connect on their behalf to list all of the communities.

1. To determine the user realm for the new administrative user, do the following:

   1. In the administrative console (assuming federated repositories), select Security > Secure admin... > Federated Repositories.

   2. Click Configure.

   3. On the main Federated repositories page, note the value for the realm name for your application server.

2. Open a command window and start the wsadmin command line tool as described in the topic, Starting the wsadmin client.

3. Access the Communities configuration files:

   • Stand-alone deployment:

     execfile("communitiesAdmin.py")
     

4. Network deployment:

   execfile("WAS_HOME/profiles/Dmgr01/config/bin_lc_admin/communitiesAdmin.py")
   

5. Check out the Communities policy configuration file...

   CommunitiesConfigService.checkOutPolicyConfig("<working_directory>", "cell_name")
   

   where:

   • <working_directory> is the temporary working directory to which the configuration XML and XSD files are copied. The files are kept in this working while you make changes to them.

   • cell_name is the name of the WebSphere Application Server cell hosting the Lotus Connections feature. This argument is required even in stand-alone deployments. This argument is also case-sensitive, so type it with care.

   For example:

   CommunitiesConfigService.checkOutPolicyConfig("/temp", "foo01Cell01")
   

6. From the temporary to which you just checked out the Lotus Connections configuration files, open the communities-policy.xml file in a text editor.

7. To add an administrative user with rights to access all Lotus Connections communities, add the following grant statement to the file:

   grant Principal com.ibm.ws.security.common.auth.WSPrincipalImpl
    "<YOUR_REALM_NAME>/<YOUR_LOGIN_ID>"
   
      permission com.ibm.tango.auth.permission.CommunityManagementPermission "*";
      permission com.ibm.tango.auth.permission.CommunityMembershipPermission "*";
      permission com.ibm.tango.auth.permission.CommunityAccessPermission "*";
      permission com.ibm.tango.auth.permission.CommunityReferencePermission "*";
   };
   

   where:

   • <YOUR_REALM_NAME> is the realm name you identified in step 1.

   • <YOUR_LOGIN_ID> is the login ID of the user you which to setup as the administrator for communities.

8. Save your changes to the communities-policy.xml file.

9. Check in the updated file using the following wsadmin client command:

   CommunitiesConfigService.checkInPolicyConfig("<working_directory>", "cell_name")
   

10. To exit the wsadmin client, type

    exit

    at the prompt.

11. Stop and restart the server hosting the Communities feature.

 

Results

When the user specified in the policy file logs in to Communities, they should now be able to view and edit all communities and community resources.

Configure the Sametime Advanced server

 

Related tasks

Start the wsadmin client

---

+

Search Tips   |   Advanced Search