Configuring the Sametime Gateway exclusion list

You can prevent external users from communicating with a particular IBM® Sametime® cluster or stand-alone server in a Sametime community by creating an exclusion list. The IBM Sametime Gateway Server denies external communication requests for Sametime users hosted on all clusters or stand-alone servers specified on the list.

Before you begin

This feature requires you to define a Home Server (cluster) for all users within the targeted community, so that the Sametime Gateway Server can determine whether the user belongs to a community on the exclusion list. For information on defining a user's Home Server, see Forcing users to connect to a home server.

About this task

A Sametime community can be composed of one or more clusters and one or more stand-alone servers (one Sametime community stand-alone server can be referred as a cluster with one member). You can create a distribution deployment, which distributes the different users to different clusters and stand-alone severs, for example, according to their geographic location.

An exclusion list is a list of clusters (for a stand-alone Sametime server, the cluster name is the server name) deployed within a local Sametime community; you define the list as a Sametime Gateway custom property. Use the exclusion list to prohibit external users from communicating with users in a community hosted on one of the specified clusters. Subscribe (awareness) and chat (instant messaging) requests from all external users to the local users hosted on the clusters listed on the exclusion list are rejected by the Sametime Gateway server. You enable this feature with the custom property called "Sametime community exclusion list".

For example, suppose the Example Corporation has two distributed Sametime clusters, one in Europe and one in the United States.

On the Sametime Gateway, there is an exclusion list containing Europe cluster name- this prevents the Sametime Gateway from connecting to any servers in the Europe cluster. When an external user (outside of Example Corporation; for example, on AOL) adds a user hosted on the Europe cluster to her contact list, the subscribe request is routed to the Sametime Gateway, which denies the request because it cannot access users in that cluster. In this example, the USA cluster does not appear on the exclusion list, so the external user can access people in that cluster.

Note: Avoid creating an exclusion list consisting of one member of a Sametime community cluster and not the entire cluster. In other words, when working with a cluster, be sure to fill in the cluster name and not the member names. If an exclusion list contains only some of a cluster's members, it may create awareness issues.

Follow these steps to define an exclusion list. For details, see Adding custom properties.

Procedure

  1. Log in to the Integrated Services Console as a Sametime Gateway administrator.
  2. Click Sametime Gateway > Communities.
  3. Select the local community for which you want to define an exclusion list.
  4. In the Additional properties section, click Custom properties.
  5. Click New to create a new property.
  6. In the Name field, type Sametime community exclusion list as the name of the new property.
  7. In the Value field, type the list of excluded servers and clusters.

    Type the server names and cluster names as a list using any of these characters to separate names:

    • comma ,
    • semicolon ;
    • space

    Cluster names must appear as defined in the Cluster Document; for more information, see "Creating a cluster document in the Configuration database". Stand-alone server names must appear as they are defined in the sametime.ini file's VPS_NAME property (for example, CN=st1/O=acme).

  8. Click OK.
  9. Restart the Sametime Gateway Server so your changes can take effect. If the server was previously connected to Sametime servers that are now excluded, restart those servers as well.