Sunday, November 27, 2011

IQMV4 - Enable Rich Text Feature in a conversation between Seeker and Expert

IQMV4 - Enable rich text feature

To enable rich text feature in Lotus Sametime Connect Chat Window we will need to update “InterviewContext_script.xml”

This file is located at following location:

<<Apache Tomcat Install Folder>>\Tomcat 6.0\webapps\ITFramework\WEB-INF

In the file we need to set the value for “ITRichText” to “true” (as in following screenshot)

After the settings have been updated Apache Tomcat Server will need to be restarted.

IQMV4 - Enable file transfer feature

To enable send file feature we will need to update “InterviewContext_script.xml”

This file is located at following location:

<<Apache Tomcat Install Folder>>\Tomcat 6.0\webapps\ITFramework\WEB-INF

In the file we need to set the value for “ITFileTransfer” to “true” (as in following screenshot)


Make sure that the path specified for storing files temporarily on server is valid.

After the settings have been updated Apache Tomcat Server will need to be restarted.

Thursday, November 17, 2011

Searching IMtegrity Chat Logs Database

How To Search Sametime Chats between 2 users in an Instant IMtegrity Chat Logs Database

Recently, a customer requested information on chats between 2 users using Instant IMtegrity.
The following example shows how an Lotus Notes advanced search on IMTegrity chat logs database may be used to in order to perform a custom search and retrieve the desired results.
Before proceeding to perform a search we need to make sure that IMtegrity Chat Logs database is Full text indexed.
Open the IMtegrity chat logs database using Lotus Notes. Click on 'View' --> 'Search This View' which will enable search bar above the currently opened view

The green icon on the search bar indicates that the database is full text indexed. If not click on action 'Create Index' to index the database
After confirming that the database is full text indexed, click on 'More' to the right of search bar to open advance search options
For example here we will search chats between Vivek and Prashanth.
To perform this search type the text 'vivek and prashanth' in the 'Search for' text box and on click of 'Search' will retrieve the results between Vivek and Prashanth

The search performed can also be saved for future references by clicking on 'Save Search'

If the search results needs to be refined further based on date then click on 'Date' in 'Conditions' section.
Here we will refine the search results between dates '11/01/2011' and '11/16/2011'
Select the dates in the dialog box presented and click on 'Add'

After adding the date criteria click on 'Search' again to refine the search results
To take the print out of the search results, select the required documents or select all by clicking 'Edit' --> 'Select All'

After selecting the documents, click on 'File' --> 'Print' 

In the Print dialog, select PDF creatorand make sure you select 'Selected documents' under 'What to Print'
Click on 'OK' to generate the PDF out of search results

The following is a preview of the PDF generated out of the search results

Please find youtube video of the above through the link
Instant IMtegrity is flexible and can supply quick results based on your criteria.  This can be a valuable time saving technique, with the right adjustment.  Instant IMtegrity, combined with the native search and discovery tools provided by Lotus Notes, creates a powerful application to capture, search, and discover IBM Lotus Sametime based chat conversations.

Thursday, November 10, 2011

Securing Administration Section of Archive Viewer 4.0

There is a known bug with the access control of the Administration section of Archive Viewer 4.0.80.

If a user authenticates into the Administration section, and then another user, who should not have access, according to the groups allowed in the "AdminSecurity" key of the web.config, attempts to access, the credentials of the first user are used, rather than those provided by the second user.  This only appears to happen if the two logins occur within one minute of each other.

The root of this problem is that page caching is enabled on the landing page of the Admin section.  This will be addressed in our next iteration, but for now, we provide the following work-around.

This fix involves modifying the NTFS file permissions of the Admin folder of the InstantAV4 website.
  1. Log in to the server hosting InstantAV4 using an account which you will grant Admin access.
  2. Open IIS Manager, and navigate to the Admin folder of the InstantAV4 website in the side panel.  Right-click and select Edit Permissions...
  3. Click the Advanced button.  On the Advanced Settings dialog, click Change Permissions...
  4. Uncheck Include inheritable permissions from this object's parent.  When prompted with the small dialog, select Add.
  5. Add permissions for the users you want to have access to the Admin section.  Be sure to select Full Control, as this gives those users all the permissions necessary.  Be sure to give permissions to the account that you are logged into the server under!
  6. Remove permissions for other users.  Safe entries to remove include Domain Users, Administrators, Local Administrators, Local Users, etc.  
  7. Restart the webpage.
Now, when you access the Admin portal, if you provide the credentials of one of the users provisioned, you should have normal access.  Using any other account, you will be prompted for credentials, and eventually shown a HTTP 401 - Unauthorized: error page.

Monday, November 7, 2011

Archive Viewer 4 vs Built-in Lync Server Achive Viewing Capabilities

With Lync Server 2010, Microsoft has added the ability to do basic examination of archived instant messages. One might ask, then, why an extension tool like Instant Archive Viewer is still necessary.

For a tutorial on how to use Lync's built-in scripts to export conversation data, check here.

While this is a functional method of accessing chat logs, it has a number of limitations:

  • Requires use of command-line interface, running on the Lync Server machine.
  • Little ability to fine-tune results - Only able to return all conversations in a date range, or all conversations for a single user.
  • Can only export conversations as Outlook .eml files, one file per conversation, and these files have unintuitive names, increasing the difficulty of finding the desired conversation.
In comparison, Instant Archive Viewer is a much more powerful application.  In addition to the basic functionality that Lync Server provides, Archive Viewer features:
  • Graphical Web interface that is accessible from anywhere.
  • Many options to narrow your searches of your IM logs
    • Ability to search for conversations including arbitrary lists of users
    • Ability to search conversations between specific users
    • Ability to search for conversations featuring specific message text.
    • Ability to search for conversations within a specified timespan, down to the minute, rather than just by date.
    • Ability to filter search by conversation length
    • Ability to specify maximum number of results.
  • Results are are viewable in-browser, and can be printed or saved in PDF and plain text formats.  
  • Queries can be saved, and even scheduled to run on a recurring basis, with results sent by email.
  • Customizable access levels.  It is desirable to limit access to the full database for privacy reasons, but also useful, for example, for a user to view their own chat history, or for a supervisor to have access to his subordinates.  Archive Viewer provides this flexibility through customizable Access Control Lists.
So, in summary, while Lync 2010 provides some limited ability to search chat history out-of-the-box, Archive Viewer gives you more powerful searches, a more convenient interface, and more options for exporting your data.

Friday, November 4, 2011

Instant OCS RealTime MessageSending Service Dies Unexpectedly on Servers with FIPSAlgorithmPolicy Enabled

When deploying Instant OCS RealTime recently for a customer, we encountered an interesting bug.  Installation progressed smoothly, aside from some AD/SQL Server configuration issues.  However, when we attempted to start the services, while the MessageCapture service worked fine, the MessageSending service would silently die after a few seconds.  Examining the log files provided no insight, as there were no logged exceptions.  At the time, there was no global exception handler when the service is run as a service,

However, when running in TEST mode, we do have a global uncaught exception handler registered.  Running the service via the Debug UI enabled us to see the exception which was killing the service, both in our logs and in a MessageBox.
System.TypeInitializationException: The type initializer for 'Microsoft.Rtc.Collaboration.Presence.PresenceCategory' threw an exception. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
   at System.Security.Cryptography.MD5CryptoServiceProvider..ctor()
   --- End of inner exception stack trace ---
   at System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   at System.Security.Cryptography.CryptoConfig.CreateFromName(String name, Object[] args)
   at System.Security.Cryptography.MD5.Create()
   at Microsoft.Rtc.Collaboration.Presence.PresenceCategory..cctor()
   --- End of inner exception stack trace ---
   at Microsoft.Rtc.Collaboration.Presence.PresenceCategory..ctor(String name)
   at Microsoft.Rtc.Collaboration.Presence.CustomPresenceCategory..ctor(String categoryName, String dataXml)
   at Microsoft.Rtc.Collaboration.Presence.PresenceCategoryWithMetaData.InitializeMetaDataProperties(CategoryType category)
   at Microsoft.Rtc.Collaboration.Presence.PresenceCategoryWithMetaData.ParseCategoriesXml(XmlReader reader, String& uri)
   at Microsoft.Rtc.Collaboration.Presence.PresenceBatchSubscription.ParseNotificationData(Byte[] buffer, Int32 offset, Int32 count, SourceNetwork messageSource)
   at Microsoft.Rtc.Collaboration.Presence.PresenceBatchSubscription.ProcessNotification(SipMessageData message)
   at Microsoft.Rtc.Collaboration.Presence.PublishSubscribeSession.SipSubscriptionProcessor.ProcessNotification(SipMessageData message)
   at Microsoft.Rtc.Signaling.SipSubscription.InvokeProcessNotification(SipMessageData messageData)
   at Microsoft.Rtc.Signaling.ISubscriptionProcesorWorkitem`1.Microsoft.Rtc.Signaling.IWorkitem.Process()
   at Microsoft.Rtc.Signaling.WorkitemQueue.ProcessItems()
   at Microsoft.Rtc.Signaling.SerializationQueue`1.ResumeProcessing()
   at Microsoft.Rtc.Signaling.SerializationQueue`1.ResumeProcessingCallback(Object state)
   at Microsoft.Rtc.Signaling.QueueWorkItemState.ExecuteWrappedMethod(WaitCallback method, Object state)
   at System.Threading.ExecutionContext.runTryCode(Object userData)
   at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallbackInternal(_ThreadPoolWaitCallback tpWaitCallBack)
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback(Object state)
After some searching, we discovered that this is usually the result of having FIPS compliance checking enabled on the server.  See here.  And indeed, when we enabled FIPS checking in our test environment, we experienced the same behavior.

Fortunately, our customer was  not required to have FIPS checking enabled, so it was a simple matter to disable it.

  1. Open regedit on the machine RealTime is installed to.
  2. Navigate to HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Lsa/FipsAlgorithmPolicy
  3. Edit the Enabled key, and set it to 0.
  4. Close regedit
After disabling FIPS checking, the MessageSending service executed as expected.

Unfortunately, we do not yet have a solution to this problem if FIPS must be enabled.  We are investigating the option of using an updated version of the Unified Communications SDK, in the hopes that Microsoft has addressed this issue.