How it Works
IBM
Loading...
DISA e-collaboration
User Manual
51 pgs2.36 Mb0
Table of contents
Loading...

IBM DISA e-collaboration User Manual

Download
DISA e-collaboration
Workstation Preparation
& New User Getting Started Guide
Version 1.8a Copyright IBM Corporation 2008
Workstation Preparation & New User Getting Started Guide
Table of Contents
................2 QUICK START - TO CONFIGURE YOUR WORKSTATION FOR E-COLLABCENTER
1.
2.
........................................................................................................4 INTRODUCTION & OVERVIEW
3.
...........................................................................5 WORKSTATION HARDWARE REQUIREMENTS
........................................................................6 ADDITIONAL CLIENT REQUIREMENTS FOR AUDIO/VIDEO
3.1
3.1.3 ..................................................................................................................................................6 Camera
........................................................7 VERIFYING THE SYSTEM AUDIO AND MICROPHONE ARE ENABLED
3.2
3.2.1 ..............................7 Steps To Verify Correct Device and Volume Controls Selections for Windows XP
...........................7 Steps to Verify Selection of the Appropriate Sound Playback and Recording Device
3.2.2
4.
..........................................................................................9 CLIENT SOFTWARE REQUIREMENTS
.................................................................................................................................9 IWS CONFLICT
4.1
4.2 ..................................................................................................................................9 LINUX CLIENTS
4.3 ............................................................................................................................9 WINDOWS CLIENTS
4.4 ..........................................................................................9 FDCC & SDC V2.0.4 WINDOWS CLIENTS
4.5 ..............................................10 DETAILS ON THE REQUIRED SUN JAVA RUNTIME ENVIRONMENT (JRE)
........................................................................................12 Enable TLS 1.0 in Java JRE 1.5.0 and later
4.5.1
..........................................................13 SUPPORTED BROWSERS AND REQUIRED BROWSER SETTINGS
4.6
4.6.2 .................................................................................................................................................18 Firefox
.................................................................................................................................................21 Mozilla
4.6.3
5.
................................................................................................22 FILE UPLOAD SIZE LIMITATIONS
6.
.........................................................................................................23 NETWORK REQUIREMENTS
7.
....................................................................................................................25 TROUBLE SHOOTING
8.
.................................................................................................................27 ADDITIONAL SUPPORT
APPENDIX A ..............................................................................................................................................29
A.1 STEPS TO TEST YOUR AUDIO/VIDEO CAPABILITIES PRIOR TO ENTERING A WEB CONFERENCE (PERFORMED
WITHIN THE
A.2 ADDITIONAL DETAILS ON MICROSOFTS BINARY AND SCRIPT BEHAVIOR..................................................31
APPENDIX B – FDCC & SDC V2.0.4 CONFIGURATION.........................................................................31
B.1 INSTALL THE LATEST SUN JRE.............................................................................................................31
B.2 MAKE SURE EQUIFAX IS A TRUSTED CERTIFICATE AUTHORITY................................................................31
B.3 RUN THE GROUP POLICY EDITOR AS AN ADMIN.....................................................................................32
B.4 EDIT INTERNET EXPLORERS JAVA SECURITY SETTINGS.........................................................................35
B.5 CHANGE JAVA PERMISSIONS................................................................................................................36
B.6 UPDATE GROUP POLICY AS AN ADMIN ..................................................................................................38
B.7 ADD E-COLLABCENTER TO TRUSTED SITES IN IE 7...............................................................................42
DOCUMENT INFORMATION AND REVISION HISTORY ........................................................................49
E-COLLABCENTER PORTAL)......................................................................................................29
Page 1 of 51
Workstation Preparation & New User Getting Started Guide

1. Quick Start - To Configure Your Workstation for E-CollabCenter

NOTICE: Our Unclassified was upgraded in August 2007 to be compliant with FIPS 140-2. The upgrade requires Sun Java release 1.5.0, update 12. If you are using the SameTime Thick Client, a compatible version is now available for download on our website (version ST 7.5.1 FIPS).
1. The E-CollabCenter solution requires Sun Java JRE release 1.5.0, update 12 or later. Compatible versions of Java may be found below:
JRE 1.5.0, Update 12
NIPRNet: http://java.sun.com/javase/downloads/index_jdk5.jsp SIPRNet: https://patches.csd.disa.smil.mil/metadata.jsp?ID=76827
JRE 1.6.0, Update 3 (Latest version as of 20 February, 2008)
NIPRNet: http://www.java.com/en/download/ SIPRNet: https://patches.csd.disa.smil.mil/metadata.jsp?ID=77506
2. For details on how to check your version, see section 4.5 Details on the required Sun Java
Runtime Environment (JRE).
3. Cookies must be enabled (this is an Internet Explorer (IE) default setting). In IE go to Tools
-> Internet Options -> Privacy and select “Medium”
4. Sun Java must be enabled in the browser and Microsoft VM disabled, here is how to check
a. Launch Internet Explorer b. Click on Tools>Internet Options c. Click on the ‘Advanced’ tab and verify that the Java (Sun) is checked. Also make sure
that all the options under ‘Microsoft VM’ are unchecked. d. If the SUN Java option is not checked, it means that the browser is not using it. e. Click on ‘OK’ on the options window for any changes to take effect and close and
restart the browser
5. TLS 1.0 must be enabled in your Browser (otherwise you will not be able to view the login page)
a. Launch Internet Explorer (for Firefox users this is enabled by default) b. Click on Tools>Internet Options c. Click on the ‘Advanced’ tab and verify that TLS 1.0 is checked (by default IE 6 has TLS
1.0 not enabled while IE 7 does)
d. If TLS 1.0 is not checked, check it and then restart IE
6. TLS 1.0 must be enabled in Java. Follow the steps below:
a. From Windows click on Start b. Highlight Settings c. Click on Control Panel d. Double click on Java e. Select the Advanced tab f. Click the “+” sign at left of Security to expand a. Once expanded the “+” changes to “-“
i. Select/Check Use TLS 1.0
ii. Click the Apply button
iii. Click the OK button
7. Binary and script behavior must be enabled in IE (does not apply to Firefox users)
a. Launch Internet Explorer b. Select Tools …. Internet Options from the IE menu bar c. then click on the Security tab,
Page 2 of 51
Workstation Preparation & New User Getting Started Guide
d. then click the Internet zone, then click on “Custom Level” e. go under the ActiveX controls and plugins section f. ensure the “Binary and Script behaviors” radio button is enabled g. Click OK
8. All ports necessary to access E-CollabCenter must be opened in your location’s firewall. See section 6 Network Requirements
9. Two easy ways to test that you have satisfied all the requirements above is to:
1. Go to our Getting Started URL, and click on the E-CollabCenter Workstation Checker tool:
NIPR - https://www.e-collabcenter.com/wps/portal/gettingstarted SIPR – https://meeting.e-collabcener.nces.dod.smil.mil/check/workChecker.jsp
2. Log into https://www.e-collabcenter.com
a. Select the Web Conferencing tab b. Click the Test Meeting link
c. After a few seconds the Test Meeting window will display. If your workstation is
configured properly to work with Sametime meetings (a.k.a. web conferences). You will see the screen similar to the one below in a new browser window that says “Sample meeting to test your environment for online meetings. If you can see this message then your environment is correctly set up for Sametime Meetings”
for more details
See Appendix A Steps to Test your Audio/Video Capabilities Prior to Entering a Web Conference
(performed within the E-CollabCenter portal)
for a screenshot of this.
Page 3 of 51
Workstation Preparation & New User Getting Started Guide

2. Introduction & Overview

This document provides instructions to optimize a user’s local workstation, ensuring optimal readiness
before logging in to E-CollabCenter. Once logged in, you will find a selection of training courses to take you from beginner to advanced proficiency in all collaborative service functions.
Now that you have IBM® Lotus® Sametime® 7.5.1 FIPS, you can use your computer to communicate with your colleagues and conduct online meetings. Meetings can be broadcast (the audience only watches and listens) or interactive (participants work together using tools like screen and microphone sharing).
Before you use Sametime, there are steps you should take to ensure that your work station meets the minimal software and hardware requirements, and is optimally configured for Sametime. The purpose of this guide is to take you through those steps.
For any issues which may go beyond the steps in this guide, please contact the DISA Help Desk:
DISA Help Desk
Commercial Phone 800-447-2457 DSN 850-3136 OCONUS to CONUS DSN 312-850-3136 NIPR Emai NCESSupportTeam@csd.disa.mil SIPR Email NCESColumbus@NOCC.disa.smil.mi
l
Page 4 of 51
Workstation Preparation & New User Getting Started Guide

3. Workstation Hardware requirements

See pages 16 & 17 in the Sametime 7.5 Critical Fix 1 (CF1) release notes on NIPRNet:
http://www.elink.ibmlink.ibm.com/publications/servlet/pbi.wss?CTY=CA&FNC=SRX&PBL=G325258501#
The workstation (also known as client) system requirements for operation with the e-collaboration center system are:
Minimum: CPU Pentium IV 1.5 GHz (or higher)
Instructions to Verify CPU Speed & Memory/RAM Size in Windows XP:
1. Go to “Start > Settings > Control Panel”.
2. Double click “System” to view the CPU Speed and Memory/RAM size.
3. See below screenshot for more information.
RAM 512MB (or more)
Page 5 of 51
Workstation Preparation & New User Getting Started Guide

3.1 Additional client requirements for audio/video

3.1.1 Sound card or chip - A full-duplex sound card is required to participate in interactive audio/video meetings. Sound cards and cameras that work with the Multimedia Services are listed below.
CrystalWare (integrated) Montego A3D Xstream SoundBlaster Live Value ALS120 Aureal Vortex A3D SQ1500 Aureal SB Audio PCI 64V ES1887 (integrated) Montego II A3D Montego II Quadzilla Rockwell WaveArtist SoundBlaster PCI 128 SoundBlaster PCI 512 SoundBlaster 32 AWE SIIG SoundWave Pro PCI Yamaha DS-XG (integrated)
3.1.2 Microphone and speakers - High-quality microphones are recommended. Avoid microphones with on and off switches unless they are of high quality. A headset that contains a boom microphone performs best and is highly recommended. If a desktop microphone is used, a unidirectional dynamic microphone that uses batteries is preferred.

3.1.3 Camera

Web cameras are optional. Users who do not have a camera can still participate in an audio/video meeting. These users see video images of other speakers display in the Sametime Meeting Room client. When a user without a camera speaks, others see the IBM Lotus Sametime logo display in place of a video image in the Meeting Room client.
Choose a web camera that does NOT utilize or combine a microphone and/or speaker
On Windows machines, the camera must support Microsoft Video for Windows.
High-quality USB or PCMCIA PC cameras
Do not use parallel port cameras
Examples of Successfully Tested Web Cams
Choose items that are simple to use and easy to install. Please note that these are NIPRNet URLs.
Video
o Logitech Quickcam Chat
http://www.logitech.com/index.cfm/products/details/US/EN,CRID=2204,CONTEN
TID=11635
o Microsoft LifeCam VX-3000 o Creative Webcam N10225 (for notebooks)
Audio
o Logitech USB Headset 250
http://www.logitech.com/index.cfm/products/details/US/EN,CRID=103,CONTENT
ID=10012
o Logitech Premium Stereo Headset
3.1.4 Video capturing software - Video for Windows.
Page 6 of 51
Workstation Preparation & New User Getting Started Guide

3.2 Verifying the System Audio and Microphone are Enabled

It is important that your local operating system has all sound devices enabled and volume levels configured properly prior to entering the E-CollabCenter portal.
Verify all sound peripherals (headsets, speakers, microphones, etc.) are securely plugged in
o Verify external mute button on the headset or microphone is off
Some headsets have volume and/or mute on/off controls on the headset or cable
Verify mute button is Off o Push the mute or on/off button securely to the sound On
position
o Test speaking into your headset microphone
o Verify all volume levels are on/high o Verify enablement of all playback and recording devices (see steps below)
You can adjust volume levels before entering the E-CollabCenter through your internal operating system controls.

3.2.1 Steps To Verify Correct Device and Volume Controls Selections for Windows XP

Open the Windows Control Panel by
1. Clicking the Start button
2. Highlight Settings
3. Click on Control Panel
4. Double click on Sounds and Audio Devices
5. Click the Audio tab
6. The Sounds and Audio Devices Properties window displays
3.2.2 Steps to Verify Selection of the Appropriate Sound Playback and Recording
Device
Perform the following steps for Sound playback and Sound recording
1. Select the Audio tab
2. Click the Volume button under the Sound Playback section
Follow steps on page 20)
3. Click the Volume button under Sound recording
Follow steps on page 20)
Page 7 of 51
Workstation Preparation & New User Getting Started Guide
When the Volume Control window displays
4. Verify the following settings:
Volume levels are high
All Mute boxes are unchecked
5. When the recording playback window displays:
Adjust all volume levels to a high level
Check the Select button for Microphone
o CD Player and Line In are user personal preferences for which E-CollabCenter has no
requirement
Page 8 of 51
Workstation Preparation & New User Getting Started Guide

4. Client Software requirements

This section describes the software requirements for the workstation that is accessing the e­collabcenter.com web site. The workstation is sometimes referred to as a client machine. Ensuring that
your workstation meets these software requirements will enable it to work optimally the E­CollabCenter environment.

4.1 IWS Conflict

Previously Sametime and IWS could both use JRE 1.4.2_14. However in order for Sametime to support FIPS 140-2 encryption, E-CollabCenter (which is based on Sametime technology) requires Java JRE 1.5 Update 12 or greater.
IWS 3.0 does not support JRE 1.5. IWS 3.0 is the version used by most of DoD. IWS Version 3.0.6 will be released soon and it is JRE independent so it would not conflict with Sametime at all (theoretically) This means that a workstation running IWS would have to install JRE 1.5 (update 12 is preferred) and most likely have to uninstall JRE 1.4.2 in order to use E-CollabCenter.

4.2 Linux clients

Library required for application sharing on Linux systems
In order to load Application Sharing native code on Linux platforms, the following library is required on the client machine: libz.so.1, which resides in /usr/lib.
The supported Linux operating systems are: RedHat Enterprise Linux 4.0, Ubuntu 8.04, CentOS 5.1 and Novell Linux Desktop 10.0 using Firefox 1.5. Limited testing has been done by the IBM E-CollabCenter project team with these Linux desktops.
1
.

4.3 Windows clients

The recommended operating system for E-CollabCenter is Windows XP with Service Pack (SP) 2. Prior versions of Windows such Windows XP SP 1 and Windows 2000 may work but have not been tested by the E-CollabCenter team. Limited testing has been done using Windows 2003 Server SP1 and SP2 as an E-CollabCenter client; they both appear to work fine.
For the Sametime Broadcast client, Sametime Connect (a.k.a. thick client) client, Sametime Meeting Room client the Microsoft Virtual Machine (VM) is not supported and must be disabled. The supported JRE for all Sametime java applet clients in the Sametime 7.5.1 release is Sun Microsystems Java JRE release 1.5.0 (update 12 is preferred).

4.4 FDCC & SDC v2.0.4 Windows clients

The Federal Desktop Core Configuration (FDCC) is an OMB-mandated security configuration. The FDCC currently exists for Microsoft Windows Vista and XP operating system software. While not addressed specifically as the “Federal Desktop Core Configuration,” the FDCC was originally called for in a March 22, 2007 memorandum from OMB to all Federal agencies and department heads and a corresponding memorandum from OMB to all Federal agency and depart Chief Information Officers (CIO).
The Windows Vista FDCC is based on DoD customization of the Microsoft Security Guides for both Windows Vista and Internet Explorer 7.0. Microsoft’s Vista Security Guide was produced through a collaborative effort with DISA, NSA, and NIST for the Windows Vista platform. The Window’s XP FDCC
1
Thanks to Tom Condon of EUCOM (condont@eucom.mil) for helping with this IWS information.
Page 9 of 51
Workstation Preparation & New User Getting Started Guide
is based on Air Force customization of the Specialized Security-Limited Functionality (SSLF) recommendations in NIST SP 800-68 and DoD customization of recommendations in Microsoft’s Security Guide for Internet Explorer 7.0. The SDC is used by the USAF as a customized version of the FDCC.
There are known java issues when using E-CollabCenter on a Vista FDCC, XP FDCC and SDC 2.0.4 machine. Appendix B highlights the administrative level adjustments needed to ensure that E­CollabCenter works seamlessly with FDCC and SDC v2.0.4. There are no known issues once the changes in Appendix B are applied to FDCC and SDC v2.0.4. For more information about FDCC please visit http://nvd.nist.gov/fdcc/index.cfm ensure that E-CollabCenter functions optimally with FDCC and SDC 2.0.4 please click here to go to
Appendix B.

4.5 Details on the required Sun Java Runtime Environment (JRE)

The E-CollabCenter solution requires Sun Java JRE release 1.5.0, update 12 or later. Links to compatible versions may be found in Section 1
Some of the common effects of not having the correct JRE:
1. Meeting hangs at testing connectivity and inability to enter a meeting.
2. Ability to enter a meeting, but only see a blue/grey screen.
3. Inability to screen share/whiteboard, no Audio/Video etc. If you check the meeting logs, the native libraries for screen sharing, audio/video will not have been downloaded, etc.
How to verify that your workstation has Sun Java JRE release 1.5.0 or later installed
1. Go to Start>Settings>Control Panel.
2. If you have Sun Java installed, you should see a ‘Java’ tea cup
3. Click to open it and click on the ‘About’ tab to check the version.
. For detailed instructions on the necessary adjustments needed to
of this document.
If your workstation does not have Sun Java build 1.5.0_12 or greater installed on the machine, you can acquire it using one of the following URLs. Please note that you must have local administrative privileges to install Java. If you do not have local administrative privileges, please contact your local Help Desk.
Page 10 of 51
Workstation Preparation & New User Getting Started Guide
JRE 1.5.0, Update 12
NIPRNet: http://java.sun.com/javase/downloads/index_jdk5.jsp SIPRNet: https://patches.csd.disa.smil.mil/metadata.jsp?ID=76827
JRE 1.6.0, Update 3 (Latest version as of 20 February, 2008)
NIPRNet: http://www.java.com/en/download/ SIPRNet: https://patches.csd.disa.smil.mil/metadata.jsp?ID=77506
Page 11 of 51
Workstation Preparation & New User Getting Started Guide

4.5.1 Enable TLS 1.0 in Java JRE 1.5.0 and later

TLS 1.0 must be enabled in the Sun Java Control Panel. There are two ways to do this:
1) Via Java tea-cup icon To do this, right-click on the Java icon (Tea cup) and select “Open Control Panel.”
Click on the Advanced Tab. Check the “Use TLS 1.0” box and hit apply. By default, Sun Java JRE 1.5.0 does not have TLS 1.0 enabled so these steps are necessary before using Sametime 7.5. Sun JRE 1.6 does have TLS 1.0 enabled by default though.
Page 12 of 51
Workstation Preparation & New User Getting Started Guide
2) Via Control Panel
1. Click on Start
2. Highlight Settings
3. Click on Control Panel
4. Double click on Java
5. Select the Advanced tab
6. Click the “+” sign at left of Security to expand o Once expanded the “+” changes to “-“
7. Select/Check Use TLS 1.0 (See screenshot above)
8. Click the Apply button
9. Click the OK button

4.6 Supported Browsers and Required Browser Settings

In all desktop configurations the browser must be configured to allow session cookies and allow pop-ups from E-CollabCenter site.
The list below shows the supported browsers (all must be configured to use Sun Java and have TLS 1.0 enabled). For Firefox and Mozilla browsers you must also enable TLS 1.0 in the Sun Java Control
Panel in addition to enabling TLS 1.0 in the browser itself.
1) Internet Explorer (IE) 7
2) Firefox 2.0.0.x
3) Firefox 1.5.0.x
4) Internet Explorer 6 SP2
5) Mozilla 1.7.12 Due to the fact that Internet Explorer 6 SP1 is outdated and has so many security vulnerabilities, it is not
supported with E-CollabCenter. Internet Explorer 6 SP2 came out in August 2004 Opera browsers will not work with E-CollabCenter because Opera does not support iFrames. Netscape
browsers are not supported.
Page 13 of 51
Workstation Preparation & New User Getting Started Guide
Internet Explorer

4.6.1.1 Cookies

You must have enabled cookies for either the www.e-collabcenter.com (NIPRNet) or the www.e-
collabcenter.nces.dod.smil.mil (SIPRNet) or if you are using an enclave have cookies enabled for
the URL to that enclave site. The following Microsoft article (found on NIPRNet) describes cookies and how to configure them
in Internet Explorer http://support.microsoft.com/kb/283185
will allow session cookies for E-CollabCenter.com. Below is a screenshot of this setting, which is found under Tools … Internet Options … Privacy
. The default IE privacy settings (medium)
Page 14 of 51
Workstation Preparation & New User Getting Started Guide

4.6.1.2 Sun Java

To verify if the Internet Explorer browser is configured to use Sun Java:
Usually IE (Internet Explorer) uses Microsoft’s Virtual Machine by default. To change this,
from an IE browser, click on Tools>Internet Options
Click on the ‘Advanced’ tab and verify that the Java (Sun) is checked. Make sure that all
the options under ‘Microsoft VM’ are unchecked.
If the SUN Java option is not checked, it means that the browser is not using it. Click on ‘OK’ on the options window for any changes to take effect and close and
restart the browser
Page 15 of 51
Workstation Preparation & New User Getting Started Guide

4.6.1.3 TLS 1.0

Now verify that Internet Explorer has TLS 1.0 Enabled (a government requirement to satisfy FIPS 140-2 encryption)
Launch Internet Explorer
click on Tools>Internet Options
Click on the ‘Advanced’ tab and verify that TLS 1.0 is checked (by default IE 6 does not have
TLS 1.0 enabled, while IE 7 does)
If TLS 1.0 is not checked, check it and then restart IE

4.6.1.4 Binary and Script Behavior

E-CollabCenter does NOT require ActiveX to run. The IBM Sametime development team removed all ActiveX dependencies from its product in version 7.0; consequently, Sametime 7.5.1 FIPS does not use ActiveX. In an effort to avoid 3rd party litigation, Microsoft added the binary and scripting behavior set to control Internet Explorer (IE) running embedded user interface controls such as Java applets. Sametime uses Java Applets for web conferencing. There are two options in Internet Explorer to allow Sametime's use of Java - either add the Sametime URLs as a trusted site or set Binary and Script Behavior to 'enable'.
Page 16 of 51
Workstation Preparation & New User Getting Started Guide
The default IE settings have “Binary and Script Behavior” enabled, here are instructions on how to enable it.
In the Internet Explorer browser under the ActiveX Security controls and plug-ins area, the “Binary and Script Behaviors” must be enabled for both meeting rooms and alerts in chat rooms to function. To accomplish this within Internet Explorer (see the screenshots below):
1. Launch Internet Explorer, then select
2. Tools …. Internet Options from the IE menu bar
3. then click on the Security tab,
4. then click the Internet zone, then click on “Custom Level”
5. go under the ActiveX controls and plugins section
6. ensure the “Binary and Script behaviors” radio button is enabled
7. Click OK
The NIPRNet links below explain the “binary and script behaviors” setting in more detail:
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2brows.mspx#EXOAC
http://technet2.microsoft.com/WindowsServer/en/library/291a929b-ea18-47da-be87-9e566698fbc51033.mspx?mfr=true
http://msdn.microsoft.com/msdnmag/issues/01/01/cutting/
Page 17 of 51
Workstation Preparation & New User Getting Started Guide

4.6.2 Firefox

4.6.2.1 Sun Java
To verify if the Firefox browser is configured to use Sun Java do the following:
1. Launch Firefox , then select…
2. Tools …. Options...
3. Then make sure “Enable Java” is checked. If not checked, check it and click OK
4. Close down and restart Firefox.
The default for Firefox is to have Java Enabled
4.6.2.2 TLS 1.0
Now verify that Firefox has TLS 1.0 Enabled (Firefox enables this by default)
1. Launch Firefox
2. Click on Tools > Options
3. Click on the ‘Advanced’ icon then click the Security tab (Firefox 1.5) or the Encryption tab in Firefox
2.0 and verify that TLS 1.0 is checked (by default Firefox 1.5.0.x and 2.0.0.x both have TLS 1.0
enabled)
4. If TLS 1.0 is not checked, check it and then restart Firefox
Below are screenshots that show these steps for Firefox 1.5 and 2.0, respectively.
Page 18 of 51
Workstation Preparation & New User Getting Started Guide
Page 19 of 51
Workstation Preparation & New User Getting Started Guide
Page 20 of 51
Workstation Preparation & New User Getting Started Guide

4.6.3 Mozilla

4.6.3.1 Sun Java
To verify if the Mozilla browser is configured to use Sun Java do the following:
1. Launch Mozilla , then select…
2. Edit …. Preferences... Advanced
3. Then make sure “Enable Java” is checked. If not checked, check it and click OK
4. Close down and restart Mozilla.
The default for Mozilla is to have Java Enabled
4.6.3.2 TLS
Now verify that Mozilla has TLS Enabled (Mozilla enables this by default)
1. Launch Mozilla
2. Click on Edit … Preferences … Privacy and Security … SSL
3. Verify that TLS is checked (by default Mozilla 1.7.12 has TLS 1 enabled)
4. If TLS 1 is not checked, check it and then restart Mozilla
Page 21 of 51
Workstation Preparation & New User Getting Started Guide

5. File Upload Size Limitations

In meetings, chat rooms, and instant message sessions, there are limits on attachment sizes.
For Web Conferences, the practical size limit is 20 MB.
Chat Rooms have a 10 MB file size limit that the users cannot exceed
Instant Messages have a 20 MB file size limit that on files that can be transferred from one
person to another via an IM session
Page 22 of 51
Workstation Preparation & New User Getting Started Guide

6. Network Requirements

The access statements (rules) for firewalls, and all packet forwarding or filtering devices,
need to be in place in order to use the E-CollabCenter service are listed below. The NIPRNET Destination IP addresses are: 216.12.152.1 through 216.12.152.127
For SIPRNet Destination IP addresses, please contact the DISA Help Desk
Source Address: The addresses for all the workstations on your network Source Ports: High ports (ports above 1024, tcp and udp) Direction: Static Ports initiated by Source only (NOT Bi-Directional), Dynamic Ports (Bi-Directional) Destination IPs: The IP Addresses for the all the e-collab servers Static Destination Ports:
Port 80 TCP – HTTP web trafic Port 443 TCP – HTTPS encrypted web traffic Port 554 TCP - needed to play back recorded meetings Port 1533 TCP – needed for samtime connect (thick client) for instant message traffic Port 8081 TCP - needed for web conferences (a.k.a. meetings) Port 8008 TCP – fallback port if port 1533 is blocked & traffic is tunnelled in http though. Port 8084 TCP – fallback for audio and video in meetings if Dynamic UDP ports are blocked Port 8080 TCP – used launch a web conference from browser Instant Messaging session Dynamic (Ephemeral) Destination Ports: Ports 49,252 through 65,535* UDP (Bi-directional firewall rules are needed for UDP, this means that connections must be allowed that are initiated by the source (workstations) to the destination (IBM servers) and also connections initiated from the destination (IBM servers) to the source (workstations)
The Dynamic ports are used for interactive audio and video using the Real-Time application streaming protocol standard (RTP RFC1889) over UDP and are selected randomly. If the selected UDP ports are blocked, the service will fall back to TCP over Port 8084. This may result in higher delay and lower quality with dropped audio syllables on occasion under certain network conditions. These ports are listed in the locations found below:
o NIPR https://www.jtfgno.mil/operations/messages/2006/index.htm o SIPR http//www.jtfgno.smil.mil/site/documents/CTO2007/CTO_07-
011_NCES_Collab_Ports.rtf
In addition to the ports above the Sametime 7.5.1 FIPS Connect client (also known as the thick client) has the capability to make desktop to desktop audio and video calls. This capability requires 4 ports (20,830 through 20,833) to be opened to the Sametime servers. These 4 ports have not been
approved by the government; please do NOT open these 4 ports to the Sametime servers. We are
only listing them below so administrators are aware of this. Since these ports are not opened to the Sametime servers, the audio and video call features are disabled in the thick client, so the end user will not see the icons on the thick client that would otherwise allow audio and video calls.
Port 20830 Port 20831 Port 20832 Port 20833
3
UDP – RTP - used for Audio by Sametime thick client
2
UDP – RTCP - used for Audio by Sametime thick client
2
UDP – RTP - used for Video by Sametime thick client
2
UDP – RTCP - used for Video by Sametime thick client
2
The old NIPRNET IP address range was 216.12.138.1 through 216.12.138.127 and was changed in April 2007
3
These 4 ports are not mentioned in the https://www.jtfgno.mil/operations/messages/2006/index.htm web site as they are new to Sametime 7.5.1 FIPS Connect client (a.k.a. thick client). The ports have not been approved by the JTF­GNO and should not be opened. They are listed merely as a reference.
2
Page 23 of 51
Workstation Preparation & New User Getting Started Guide
For an end user to determine if their workstation can communicate to the collaboration service over UDP, have the user attend a meeting or go to the Support Tab and click on the Attend a Test Meeting. Then click View …. Meeting Room Status Log from the top menu
In the browser window that is opened, if something is blocking UDP you will see the following
UDP stream for Video RTP failed
If UDP is successful you will see
UDP stream for Audio RTP succeeded
Here is a screenshot of the browser window that a successful UDP connection
Page 24 of 51
Workstation Preparation & New User Getting Started Guide

7. Trouble Shooting

If you are having problems accessing the service and you have verified you have the proper Sun JRE and you browser settings are correct please perform the following steps. If you encounter a problem that you cannot correct using the steps below, please contact the NCES Help Desk
Internet Explorer:-
1) Control Panel > Internet Options> General tab
- Delete Cookies
- Delete Files (delete all offline content.....make sure its checked)
- Clear History Firefox:-
1) Open Firefox > Tools > Options... > Privacy Section
- History tab > Clear Browsing History Now
- Download History tab > Clear Download History Now
- Cookies tab > Clear Cookies Now
- Cache tab > Clear Cache now or Open Firefox > Tools > Clear Private Data...
After performing these steps, close your browser window and open another browser session to allow the changes to take effect.
right-click on the Java icon (Tea cup) and select “Open Control Panel”
After you have completed this step, clear the Java temporary files. To do this
.
Page 25 of 51
Workstation Preparation & New User Getting Started Guide
1) Control Panel > Java > General tab > Delete Files...
2) All checkboxes must be checked, hit OK
Page 26 of 51
Workstation Preparation & New User Getting Started Guide
If problems still exist, ask the client to send the Java Console log to the NCES Help Desk
How to view the Java console log>>>
Right-click on the Java icon (Tea cup) and select ‘Open Console’ to bring up the java console log.
.
Contact List ‘Awareness’ does not work. What do you do?
Check if the JRE version is correct and if browser is configured correctly to use it. If it is, then just clear the cookies and temporary internet files. Close all browser sessions and open a new session and login back into the E-CollabCenter website.
FDCC/SDC v2.0.4 Error: Java not enabled. What do you do?
If you are using FDCC or SDC machines and are experiencing a java error similar to the screenshot below, please read “Section 4.4: FDCC & SDC v2.0.4 Windows clients

8. Additional Support

Page 27 of 51
Workstation Preparation & New User Getting Started Guide
This document is a user workstation requirements document designed to provide general software, hardware and configuration requirements for workstations for the e-collaboration solution that is based upon Sametime 7.5.1 FIPS.
For more detailed information and support regarding e-collaboration products and services, refer to the on line guide, or contact the DISA Help Desk via phone or e-mail.
DISA Help Desk
Commercial Phone 800-447-2457 DSN 850-3136 OCONUS to CONUS DSN 312-850-3136 NIPR Emai NCESSupportTeam@csd.disa.mil SIPR Email NCESColumbus@NOCC.disa.smil.mi
l
Page 28 of 51
Workstation Preparation & New User Getting Started Guide

APPENDIX A

A.1 Steps to Test your Audio/Video Capabilities Prior to Entering a Web Conference (performed within the E-CollabCenter portal)

Log into E-CollabCenter and select the Web Conferencing tab
Click the Test Meeting link
For a few second the following Test Meeting window displays
Then if your workstation is configured properly to work with Sametime meetings (a.k.a. web
conferences) you will see the screen similar to the one below in an new browser window
Page 29 of 51
Workstation Preparation & New User Getting Started Guide
5. Click File … Leave Meeting to leave the test and close this window
Please Note: The following support options are available once you have logged into E-
CollabCenter
IBM E-CollabCenter Training o Log into the portal at https://www.e-collabcenter.com
Training tab
How Do I?
Provides a set of step-by-step written guides for basic E-CollabCenter
Tutorials
Provides a set of step-by-step video tutorials for basic E-CollabCenter
Training Calendar.
Lists available and upcoming training courses.
NCES Help Desk Support
o Log into the portal at https://www.e-collabcenter.com
Scroll down the list and click on the E-CollabCenter Help Desk chat room, then click on the Enter Place(s) button at the bottom of the window to enter the Help Desk Chat Room.
functions.
functions.
, then click on the Help and
, then click on the Chat Rooms tab.
Page 30 of 51
Workstation Preparation & New User Getting Started Guide

A.2 Additional Details on Microsoft’s Binary and Script Behavior

Internet Explorer defines "interactive controls" as Java or ActiveX components which provide user interfaces. IBM Lotus Sametime does not use ActiveX controls but does use Java applets for chat rooms and web conferences. That Microsoft decided to lump Java with it's well understood sandbox isolation and the unrestricted native code of ActiveX together is unfortunate and doesn't seem logical from a security perspective. However, Internet Explorer's default setting for "Binary and Script Behavior" is enabled in the Internet Security Zone so most commercial users of Sametime never see any problem with Java controls.
To use an interactive control on a web page, the designer uses the APPLET, EMBED, or OBJECT elements to load the control. Internet Explorer makes that control "inactive" and prevents keyboard or mouse window messages from reaching the control. The control's user interface is blocked until the user activates it. To activate an interactive control, the user clicks it or uses the TAB key to set focus on it and then press the SPACEBAR or the ENTER key.
Internet Explorer can prevent activation of interactive controls through the security setting for "Binary and Script Behavior". When the value of this setting is "DISABLE", the user is prevented from activating the control. On a typical web page the user may see this as a broken function or may not see the capability at all. Unfortunately, in the case where the component is in fact an application scripted into a web page, IE's behavior is to simply fail and display a nondescript catchall "Error loading page" message. This is the behavior that users see when attempting to enter a Sametime meeting. In IBM Lotus Sametime Web Conferencing, the "Meeting Room" is a Java applet. The webpage to join a meeting contains JavaScript which configures the meeting room applet and allows participants to join and use the various meeting functions (group chat, attendance list, document and screen sharing, polling etc.) The script displays the "Preparing the Sametime meeting room" and executes the Meeting Room applet but never passes the "Checking for Java ..." test. Users report this as "Sametime stops when trying to join a meeting" because the don't see the IE error message or, if they see the message, may try several times getting the same result and eventually assume there is something wrong with the application.
Individual webpages and websites listed as "Trusted Sites" are not affected by the setting of "Binary and Script Behavior".
Also see http://en.wikipedia.org/wiki/Eolas

APPENDIX B – FDCC & SDC v2.0.4 Configuration

Login to the FDCC/SDC machine as an Admin.

B.1 Install the latest Sun JRE

Currently the latest version of Sun JRE is 1.6.0.5_b13, and that’s what we used in our test. Sun JRE can be downloaded from www.sun.com

B.2 Make sure Equifax is a trusted Certificate Authority

Equifax must be listed under Internet Explorer’s Trusted CA
Note: This is only necessary with FDCC and NOT SDC v2.0.4
Page 31 of 51
Workstation Preparation & New User Getting Started Guide

B.3 Run the Group Policy Editor as an Admin

Go to the “Start” menu
Type in “gpedit.msc” as seen below:-
Page 32 of 51
Workstation Preparation & New User Getting Started Guide
Right-click on the “gpedit” program as seen below and select “Run as administrator”
Page 33 of 51
Workstation Preparation & New User Getting Started Guide
Click “Continue” to proceed with using the Group Policy Editor as an Admin
Page 34 of 51
Workstation Preparation & New User Getting Started Guide

B.4 Edit Internet Explorer’s Java security settings

Under the Group Policy Editor go to:-
“Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone\Java Permissions”
AND “Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone\Java Permissions”
Note: You must change the Java permission for BOTH Locked-Down Trusted Sites Zone AND Trusted Sites Zone
Refer to the screenshots below on how to edit Internet Explorer Security Settings in the Group Policy Editor:-
Under the Group Policy Editor go to:-
Computer Configuration
Administrative Templates
Windows Components
Internet Explorer
Internet Control Panel
Security Page
Trusted Sites Zone & Locked-Down Trusted Sites Zone
Java Permissions
Double-click the “Java Permissions” option on the right, as shown below
Page 35 of 51
Workstation Preparation & New User Getting Started Guide

B.5 Change Java Permissions

By default under FDCC, java permissions is set to “enabled”, but the permission level is set to “disable java”. This setting disables the use of any java based application on the machine as in Sun JRE, and not just Microsoft JVM. This Internet Explorer security setting is discussed in detail
on FDCC site at:-
http://blogs.technet.com/fdcc/archive/2008/01/31/internet-explorer-security-setting-java-permissions­disable-java.aspx
In our test, we were able to use Sametime services on E-CollabCenter portal under the following
different conditions:-
1. Java Permissions set to “Disabled”
2. Java Permissions set to “Enabled: High”
3. Java Permissions set to “Enabled: Medium”
4. Java Permissions set to “Enabled: Low”
5.
Refer to the screenshots below on how to change Java Permissions:­By default, the option is set to “Enabled” and Java permissions set to “Disable Java”, as seen below
Page 36 of 51
Workstation Preparation & New User Getting Started Guide
To access and use Sametime services on E-Collabcenter portal, the above Java Permission settings must be changed to either ONE of the following options
1. Java Permissions set to “Disabled”
2. Java Permissions set to “Enabled: High” (most secure and recommend option)
3. Java Permissions set to “Enabled: Medium”
4. Java Permissions set to “Enabled: Low”
Java Permissions set to “Disabled”
OR
Page 37 of 51
Workstation Preparation & New User Getting Started Guide
Java Permissions set to Enabled, with High, Medium, or Low

B.6 Update Group Policy as an Admin

Open the command prompt as an Admin, and run the following command: “gpupdate /force” For changes to take affect, a Windows restart is recommended. Refer to the screenshots below on how to update the Group Policy as an Admin:-
Go to the “Start” menu
Page 38 of 51
Workstation Preparation & New User Getting Started Guide
Right-click on the “Command Prompt” shortcut, and select “Run as administrator”
Page 39 of 51
Workstation Preparation & New User Getting Started Guide
If the command prompt is not listed under the Start Menu, type “cmd” under “Start Search” box in the Start Menu
Click “Continue” to use the Command Prompt as an Admin
Page 40 of 51
Workstation Preparation & New User Getting Started Guide
Type in the command “gpupdate /force” and hit Enter
When the “OK to Restart?” prompt appears, type “y” and hit Enter
*Note that SDC v2.0.4 a restart was not prompted or required.
Page 41 of 51
Workstation Preparation & New User Getting Started Guide
Click “Close” or simply wait a few seconds for the Windows OS to restart
Once the FDCC/SDC machine’s Windows Vista OS has been restarted, all group policy changes will have taken effect.

B.7 Add E-CollabCenter to Trusted Sites in IE 7

Click on Start and type regedit in search and run regedit as admin
Page 42 of 51
Workstation Preparation & New User Getting Started Guide
Click on “Continue”
Page 43 of 51
Workstation Preparation & New User Getting Started Guide
Go to HKEY_Local_Machine
- Software
- Policies
- Microsoft
- Windows
- Current Version
- Internet Settings (Any of the following 3 items should be = 0)
- Security_HKLM_only
- Security_Options_Edit
- Security_Zones_Map_Edit
*Note that once you are done with this appendix you will want to come back and change these settings to their original values. Typically a restart will also cause these values to revert as well.
Page 44 of 51
Workstation Preparation & New User Getting Started Guide
Now run Internet Explorer 7 as admin and click on “Tools” then “Internet Options”
Page 45 of 51
Workstation Preparation & New User Getting Started Guide
Page 46 of 51
Workstation Preparation & New User Getting Started Guide
Click on the “Security” tab and then highlight “Trusted sites” and click on the “Sites” button
Page 47 of 51
Workstation Preparation & New User Getting Started Guide
Add “*.e-collabcenter.com” and make sure you uncheck the box at the bottom
Now you are done adding E-CollabCenter to your trusted sites zone and ready to use E-CollabCenter!
Page 48 of 51
Workstation Preparation & New User Getting Started Guide

Document Information and Revision History

Revision Date Author / Editor Nature of Change
1.0 Feb 22, 2007
1.1 Feb 28, 2007
1.2 March 14, 2007
1.3 April 3, 2007
1.4a April 4, 2007
1.5 April 5, 2007
1.6 April 9, 2007
1.6a April 9, 2007
1.7a April 11, 2007
1.7b April 12, 2007
1.7c April 13, 2007
1.7d May 11 Jim Stroud Added 1 page Quick Start Guide in front of doc
1.7e May 17 Jim Stroud Explained that network admins should not allow
1.7f June 11 Jim Stroud Added how to get IWS to work with e-collab
1.7g July 13 Ames Trebing
Jim Stroud Initial Draft Jim Stroud Corrected information on how to determine if
UDP ports are in use w/ Sametime 7.5
Jim Stroud Updated to include the need for TLS 1.0 in the
Sun 1.5 JRE and updated to include Firefox ver.
2.0.0.x instead of 2.0.0.1
Jim Stroud Updated to include that session cookies must be
enabled on the browser
Jim Stroud Updated to mention that Internet Explorer
"Binary and Script Behaviors" must be enabled
Jim Stroud Added information on supported client Operating
Systems, clarified recommended JREs, and provided more information on required ports. Merged information from “New User Getting
Started Guide” Jim Stroud Doruk Akan
Jim Stroud
Jim Stroud Made document generic for enclaves, classified
Jim Stroud Added additional information on binary and script Jim Stroud Added to include that Mozilla 1.7.13 works with
Ron Sticinski
Many grammatical corrections. Brief mention
that Java JRE 1.6.01 has undergone limited
testing and appears to work fine with e-collab.
Added screenshot for successful UDP
connectivity and updated test meeting section of
Appendix.
Added links that explain what the “Binary and
Script Behaviors” in Internet Explorer is and
explained that e-collab does not use ActiveX.
Added ports needed by Sametime Connect
“thick client” to support audio and video
messaging
and unclassified service (removed old unclass IP
addresses for the service).
behavior and added details on this in Appendix
e-collab and provided Mozilla browser setting
details. Also clarified support for JRE 1.4.2
release. Included abbreviated explanation of
ports. Clarified support on IE 6 as IE 6 SP2.
Also mentioned that some version of Netscape
(7.2, 8.0.2, 8.0.0.3, & 8.0.4) may work with e-
collab but are not supported.
4 ports related to the thick client. Also clarified
JRE versions.
Updated with client requirements for FIPS
compliance
Page 49 of 51
Workstation Preparation & New User Getting Started Guide
1.7h July 17, 2007
1.7i July 25, 2007
1.7j February 8, 2008
1.7k February 16, 2008
1.8a May 28, 2008
End of Document.
Neil Starkey Misc corrections Ames Trebing
James Stroud
James Stroud Corrected Firewall Port Info, removing several Jennifer Sackett Updated JRE versions, Help Desk contact
Mostafa Sekandari Yasir Saleem
Added notice for network changes to network systems: firewalls, packet forwarding and filtering devices. Added TLS java setting to summary. Added info that on the conflict with IWS due to JREs.
UDP port requirements information, and training and Help Desk
navigation info in Appendix A. Added FDDC & SDC procedures. Section 4.4 and Appendix B were created. Section 4.2 was also updated to reflect compatibility with Ubuntu
8.01 and CentOS 5.1. Moved revision history to the end of the document, and can now be seen in the Table of Contents. Fixed the version seen in the footer on the title page, and the page numbering in table of contents. Page numbers are no long restarting from 1 for Appendices, instead they continue onwards from previous section. Minor adjustment to the title on page 2.
Page 50 of 51
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use