Preparing to migrate Quickr for Domino places to Connections Content Manager

You need to perform several tasks to get ready to migrate IBM® Lotus® Quickr® for Domino® places to IBM Connections Content Manager.

About this task

Procedure

In your notes.ini file, perform the following steps:

Modify the jar file path for new reliant jar files as follows:

JavaUserClassesExt=QPJC1,QPJC2,QPJC3,QPJC4,QPJC5,QPJC6,QPJC7,QPJC8,QPJC9,QPJC10,QPJC11,QPJC12,QPJC13,QPJC14,QPJC15,QPJC16,QPJC17,QPJC18,QPJC19,QPJC20,QPJC21,QPJC22,QPJC23,QPJC24,QPJC25
QPJC1=D:\DEVQD853\DOMINO\quickplace.jar
QPJC3=D:\DEVQD853\DOMINO\xsp\proxy\WEB-INF\lib\commons-httpclient-3.0.1.jar
QPJC4=D:\DEVQD853\DOMINO\xsp\proxy\WEB-INF\lib\commons-codec-1.3-minus-mp.jar
QPJC5=D:\DEVQD853\DOMINO\xsp\shared\lib\commons-logging.jar
QPJC6=D:\DEVQD853\DOMINO\abdera-core-0.4.0-incubating.jar
QPJC7=D:\DEVQD853\DOMINO\abdera-i18n-0.4.0-incubating.jar
QPJC8=D:\DEVQD853\DOMINO\abdera-parser-0.4.0-incubating.jar
QPJC9=D:\DEVQD853\DOMINO\axiom-impl-1.2.5.jar
QPJC10=D:\DEVQD853\DOMINO\axiom-api-1.2.5.jar
QPJC11=D:\DEVQD853\DOMINO\jaxen-1.1.1.jar
QPJC12=D:\DEVQD853\DOMINO\poi-3.6.jar
QPJC13=D:\DEVQD853\DOMINO\commons-io-1.4.jar
QPJC14=D:\DEVQD853\DOMINO\commons-fileupload-1.2.jar
QPJC15=D:\DEVQD853\DOMINO\odfdom.jar
QPJC16=D:\DEVQD853\DOMINO\poi-ooml-3.6-20091214.jar
QPJC17=D:\DEVQD853\DOMINO\poi-ooml-schemas-3.6-20091214.jar
QPJC18=D:\DEVQD853\DOMINO\xmlbeans-2.3.0.jar
QPJC19=D:\DEVQD853\DOMINO\dom4j-1.6.1.jar

Add the following configuration parameters for communicating with FileNet® and Connections. The setting for the Connections url should be ConnectionsServerURL and must utilize https.
```
ConnectionsServerURL=https://icserver.example.com:9444
FilenetURL=http://fnserver.example.com:9081
```

In the qpconfig.xml file, add the migration configuration item as the child element of <server_setting> item as follows:

<migration>
	<person_mapping_file></person_mapping_file>
	<group_mapping_file></group_mapping_file>
	<person_ldap_dump_file>D:\LDAP_dump\collect_AD213_All_User.dns</person_ldap_dump_file>
	<group_ldap_dump_file>D:\LDAP_dump\collect_AD213_All_Groups.dns</group_ldap_dump_file>
	<expand_external_groups enabled="true" max_depth="3" number_limit="10"/>
	<special_char_encoding_mode>underline</special_char_encoding_mode>
</migration>

The following elements in the qpconfig.xml are configurable:

<person_mapping_file> This element is an optional configuration parameter that indicates the location of the person mapping file, which contains text lines of the form A;B, where A is the user dn value in the Quickr for Domino LDAP server, B is the mapped user dn value in the CCM LDAP server, ";" is the separator. This setting covers the case where Quickr for Domino connects to Domino LDAP/Native as the directory, and CCM connects to non-Domino LDAP as directory. For example, the following snippet of the person mapping file contains the person mapping relationship from Domino LDAP to Active Directory LDAP:
```
CN=Domino Testuser25,o=Salesforce,c=US;CN=John Smith25,OU=Users,OU=Westerly,OU=MyCompany,O=Sales Group,DC=examplecompany,DC=salesforce,DC=mycm,DC=com
CN=Domino Testuser26,o=Salesforce,c=US;CN=John Smith26,OU=Users,OU=Westerly,OU=MyCompany,O=Sales Group,DC=examplecompany,DC=salesforce,DC=mycm,DC=com
```
Note: The person_mapping_file needs to be saved in UTF-8 encoding.
<group_mapping_file> This element is an optional configuration parameter that indicates the location of the group mapping file, which contains text lines of the form A;B, where A is the original group dn value in QD LDAP server, B is the mapped group dn value in CCM LDAP server, ";" is the separator. This setting covers the case where Quickr for Domino connects to Domino LDAP/Native as directory and the CCM connects to non-Domino LDAP as directory. For example, the following snippet of the group mapping file contains the group mapping relationship from Domino LDAP to Active Directory LDAP:
```
CN=Group-C-1;CN=Group-C-1,OU=Groups,OU=Westerly,OU=MyCompany,O=Sales Group,DC=examplecompany,DC=salesforce,DC=mycm,DC=com
CN=Group-C-2;CN=Group-C-2,OU=Groups,OU=Westerly,OU=MyCompany,O=Sales Group,DC=examplecompany,DC=salesforce,DC=mycm,DC=com
```
Note: The group_mapping_file needs to be saved in UTF-8 encoding.
<person_ldap_dump_file> This element is a required configuration parameter that indicates the location of the person LDAP dumping file, which contains text lines of the form A;B, where A is the user dn value, B is the user uid required by CCM ACL Rest API, ";" is the separator. For example, the following snippet of the person ldap dump file contains the user dn-->user uid mapping relation for Domino LDAP:
```
CN=Domino Testuser101,o=SalesGroup,c=US;111EDD84-D82F-7300-4825-7887002CA75D
CN=Domino Testuser102,o=SalesGroup,c=US;837EF755-86DD-52C5-4825-7887002CA767
```
Note: The person_ldap_dump_file needs to be saved in UTF-8 encoding.
<group_ldap_dump_file> This element is a required configuration parameter that indicates the location of the group LDAP dumping file, which contains text lines of the form A;B, where A is the group dn value, B is the group uid required by CCM ACL Rest API, ";" is the separator. For example, the following snippet of the group ldap dump file contains the group dn-->group uid mapping relation for Domino LDAP:
```
CN=Group-A-6;742DCEB2-FC1E-FDC7-4825-78870035D0A3
CN=Group-A-7;42D3E14B-CEF7-6F1C-4825-78870035D0AC
```
Note: The group_ldap_dump_file needs to be saved in UTF-8 encoding.
<expand_external_groups> This element specifies if the owner group should be expanded as individual person owner. If there existed group owner in a Quickr for Domino place, but this configuration option is not enabled, then an exception will be thrown and this place will be skipped and not migrated. The max_depth attribute specifies how many levelsa nested group can be processed during the group expansion. The number_limit attribute specifies how many members should be returned from the group including the nested group.

<special_char_encoding_mode> This element specifies how to encode the special characters in a file name. Only two encoding mechanism are supported, urlencoding and underline. All other encoding mechanism will be ignored, and any file containing special characters in the file name will not be migrated. The special characters \ / : * ? " < > | [ ] will be substituted in accordance with the specified encoding mechanism. If urlencoding is specified, the special characters are encoded using url encoding, as follows:

Table 1. Special characters This table shows how special characters that appear in a file name will be changed according to the specified encoding mechanism.
The first column displays the special characters; the second column shows the equivalent substitution values for the special characters.
Special characters	Substitution values
\	%5c
/	%2f
:	%3a
*	%2a
?	%3f
"	%22
<	%3c
>	%3e
\|	%7c
[	%5b
]	%5d

Note: If underline is specified, then the special characters will be substituted with "_".

<combination_document_name> After migration, the attachment name will be used as title in Connections Content Manager for a document created by an upload, an import, or a Microsoft™ Office-based form in Quickr to make sure the download function work well. If you want to preserve the original document title in Quickr, you could set <combination_document_name enabled="true"/> in the <migration> section in qpconfig.xml. With this attribute enabled, the Quickr for Domino migration tool combines the document title and attachment name, then moves it to Connections Content Manager.
<domino_native enabled="true"/> If the directory of Quickr for Domino is Domino Native, enable this attribute.
<hide_restricted_document_name enabled="false"/> This parameter is used only when running the getrestrictedresourcelist command. If this parameter is enabled (that is, set to "true"), the document name will not display in the generated list to avoid leaking confidential information contained in the document name.

Modify the java.policy file as follows:

This file is located in the <Domino installation dir>\jvm\lib\security directory.

The following entry needs to be appended to the end of the file:

grant codeBase "file:${notes.binary}/lib/Jace.jar" {
		permission java.security.AllPermission;
};

grant codeBase "file:${notes.binary}/lib/quickplace.jar" {
		permission java.security.AllPermission;
};

In order to be able to modify the created time and owner property of the new created document, the superuser specified when running qptool migration command needs to be granted all permission access rights. You can modify Filenet Object Store properties as follows:
1. Log into ACCE (Administration Console for Content Platform Engine).
2. On the navigation panel that displays, expand Object Stores and select the object store you will work with.
3. Click the Security tab and highlight the user specified when running the qptool migration command in the Available Users and Groups pane.
4. Click Edit to prompt the Edit Permissions dialog box.
5. Ensure that Permission Type value is Allow, the Apply to value is This object and all children, and that the Level value is Custom.
6. Select All system properties in the Rights list.
7. Click OK to complete the update.
Generate mapping between DN to Connections unique ID.
Before performing this task, you should know how to populate the Profiles database and where your Connections unique ID comes from. You can get the wizard (Wizards\TDIPopulation) for populating Profiles databases from the Connections installation package. All Tivoli® Directory Integrator (TDI) related files are in the Wizards\TDIPopulation directory.
- The Unique ID could be directly from a LDAP attribute, no conversion needed, for example from ibm-entryUuid for Tivoli LDAP by default.
- The Unique ID also could be converted from a LDAP attribute by calling existing TDI JavaScript™ functions. You could copy them from Wizards\TDIPopulation\win\TDI\profiles_functions.js, for example, call function_map_from_objectGUID to convert from objectGUID for AD LDAP by default, call function_map_from_dominoUNID to convert from dominoUNID for Domino LDAP by default.
The following procedure uses an Active Directory LDAP as an example. If you are using Tivoli LDAP, add ibm-entryUuid instead of objectGUID in step e, and then choose CSV Parser instead of Script Parser in step f. If you do not use the default LDAP attribute as the Connections unique ID, you should refer these steps and change them to suit your Connections implementation. You should generate two files for user and group respectively. You can specify the LDAP search filter for user and group respectively in step g.
1. Set up your TDI development environment as described in Setting up your development environment.
2. Import the Connections TDI project to the TDI configuration editor. The configuration file is WizardsCopy\TDIPopulation\win\TDI\profiles_tdi.xml. You can make a copy of the Wizards directory and work on this copy.
3. Create collect_dns_uid_For_AD and collect_dns_uid_flow_For_AD by copying and pasting the existing collect_dns and collect_dns_flow in the [project name --> AssemblyLines] view in the Navigator.
4. Change collect_dns_uid_For_AD to call collect_dns_uid_flow_For_AD as follows:
  1. Open collect_dns_uid_For_AD Assemblyline.
  2. Expand the Data Flow folder.
  3. Click the Call_collectFlow of that Assemblyline.
  4. Open the Connection tab.
  5. Click Query for the AssemblyLine field and then select collect_dns_uid_flow_For_AD.
5. In collect_dns_uid_flow_For_AD, add a new mapping by clicking Add then entering objectGUID as name.
6. On the Parser tab:
  1. Select Script Parser, click Edit Script, and then copy the function function_map_from_objectGUID from profiles_functions.js.
  2. Change work.getAttribute("objectGUID") to entry.getAttribute("objectGUID").
  3. Change the function writeEntry() as follows:
    function writeEntry () { out.write (entry.getString("$dn")); out.write (";"); out.write (function_map_from_objectGUID()); out.newLine(); }
7. Click Advanced and set Character Encoding to UTF8. If the directory is Domino Native, and IBM Connections also connects to the same directory, then the writeEntry function should be similar to the following to convert "," to "/" for person dn and trim "CN=" from group dn. Also add an attribute in Output Map named "objectclass".
```
function writeEntry ()
{
var type = entry.getString("objectclass");
if(type == "dominoPerson")
{
var person_dn = entry.getString("$dn");
var index = person_dn.indexOf(",");
if(index != -1)
{
person_dn = person_dn.replace(/,/g, "/");
}
out.write (person_dn);
out.write (";");
out.write (function_map_from_dominoUNID());
out.newLine();
}
if(type == "dominoGroup")
{
var group_dn = entry.getString("$dn");
var index = group_dn.indexOf("CN=");
if(index == 0)
{
group_dn = group_dn.substring(3);
}
out.write (group_dn);
out.write (";");
out.write (function_map_from_dominoUNID());
out.newLine();
}
}
```
8. Configure Wzards\TDIPopulation\win\TDI\profiles_tdi.properties with the LDAP server information, such as source_ldap_url, source_ldap_user_login, source_ldap_user_password, source_ldap_search_base, source_ldap_search_filter.
9. Create Wzards\TDIPopulation\win\TDI\collect_dns_uid_For_AD.bat by copying from Wzards\TDIPopulation\win\TDI\collect_dns.bat, and then change it to call the new assembly line collect_dns_uid_For_AD.
10. Run collect_dns_uid_For_AD.bat in the command console. Then the generated collect.dn includes the mapping from DN to uniqueID as the following example shows. You can rename it as you want.
```
CN=John Smith1,OU=Users,OU=region,OU=examplecompany,O=Sales Group,DC=company,DC=sales,DC=companyname,DC=com;05A7B8F2-1E24-4F0D-B02F-BDB223613EE5
CN=John Smith1,OU=Users,OU=region,OU=examplecompany,O=Sales Group,DC=company,DC=sales,DC=companyname,DC=com;CEABB8F9-D2A0-4754-B9FD-E2DA162D705B
......
```
11. Add "DN;UniqueID" at the beginning of the mapping file.