1. Installing and Configuring Oracle WebCenter Content
  2. Additional Configuration Steps

D Additional Configuration Steps

See the following topics for additional Oracle WebCenter Content configuration steps.

Converting Vector Graphics and Spreadsheet Text in UNIX

Dynamic Converter requires access to a running X-Server in UNIX in order to convert vector graphics and to properly measure text that spans multiple columns in spreadsheets.

Access to a running X-server is required only if the OIT internal rendering engine is not used because of either of the following reasons:

  • The Use X-Windows for Rasterization option is checked on the Dynamic Converter configuration page.

  • The OIT internal rendering engine isn't supported on the platform being used.

The internal OIT rendering engine is supported in Linux, Solaris Sparc, AIX, and HP-UX RISC.

Setting up Fonts on a UNIX System

On a UNIX operating system, you need to make sure TrueType fonts are set up for Imaging, Inbound Refinery, and WebCenter Content Dynamic Converter. If you are using a language other than English, you also need to set up fonts for national language support.

Setting Up TrueType Fonts on a UNIX System

For Imaging and WebCenter Content Dynamic Converter to work best on a UNIX operating system, you can set up TrueType fonts on the machine where Imaging, Inbound Refinery, or the Dynamic Converter is running. If these fonts are not available on your system, you need to install them. Inbound Refinery and Content Server default to the TrueType fonts in the JRE, at JAVA_HOME/lib/fonts.

Some standard font locations on different UNIX platforms follow:

  • Solaris SPARC: /usr/openwin/lib/X11/fonts/TrueType

  • Solaris X64: /usr/openwin/lib/X11/fonts/TrueType

  • AIX: /usr/lpp/X11/lib/X11/fonts/TrueType

  • HP-UX Itanium: /usr/lib/X11/fonts/TrueType

  • HP-UX PARISC64: /usr/lib/X11/fonts/TrueType

  • Linux: /usr/lib/X11/fonts/TrueType

To set the path to the font directory in Inbound Refinery::
  1. Sign in to Inbound Refinery.
  2. Select Conversion Settings, then Third-Party Application Settings, and then General OutsideIn Filter Options.
  3. Click Options
  4. Enter the path to the TrueType fonts in the Path to fonts field. For example, /usr/share/x11/fonts/FTP
  5. Click Update.

Installing Fonts for National Language Support on a UNIX System

For languages other than English, the following installation steps need to be done on a UNIX operating system before you start a Managed Server:

  • Copy MW_HOME/oracle_common/jdk/jre/lib/fonts to the /jre/lib/fonts directory in the Sun JDK installation directory for the Middleware home

  • Copy MW_HOME/oracle_common/jdk/jre/lib/fonts to the /jre/lib/fonts directory in the Oracle JRockit JDK directory for the Middleware home.

Reassociating the Identity Store with an External LDAP Authentication Provider

In a production system, Oracle WebCenter Content applications need to use an external Lightweight Directory Application Protocol (LDAP) authentication provider rather than the Oracle WebLogic Server embedded LDAP server, which is part of the default configuration. You need to reassociate the identity store for your application with one of the following external LDAP authentication providers before you complete the configuration of a Managed Server, before you connect a Managed Server to a repository, and before the first user logs in to the application:

  • Oracle Internet Directory

  • Oracle Virtual Directory

  • Oracle Unified Directory

  • Third-party LDAP server

For an Imaging application, the user who logs in first to an Imaging Managed Server is provisioned with full security throughout the server. It is easier to reassociate the identity store for Imaging with an external LDAP authentication provider before the first user logs in, completes the configuration of the Imaging Managed Server, and connects it to the Oracle WebCenter Content repository.

For a production installation, Oracle Internet Directory (OID) or Oracle Database 11g is required for using Oracle WebCenter Enterprise Capture because Capture uses Oracle Platform Security Services (OPSS), which works only with Oracle Database for its schema.

For an AXF for BPM application, before you can access the AXF Solution Administration page, you need to set up an axfadmin group in the external LDAP authentication provider and assign the AXF users you want to the group.

Reassociating the Identity Store with Oracle Internet Directory

You can reassociate the identity store for an Oracle WebLogic Server domain with Oracle Internet Directory and migrate users from the embedded LDAP directory to Oracle Internet Directory. The following procedure describes how to reassociate the identity store with Oracle Internet Directory.

You can use a similar procedure to reassociate the identity store with other LDAP authentication providers. Each provider has a specific authenticator type, and only that type should be configured.

LDAP Authentication Provider Authentication Type

Microsoft AD

ActiveDirectoryAuthenticator

SunOne LDAP

IPlanetAuthenticator

Directory Server Enterprise Edition (DSEE)

IPlanetAuthenticator

Oracle Internet Directory

OracleInternetDirectoryAuthenticator

Oracle Virtual Directory

OracleVirtualDirectoryAuthenticator

Oracle Unified Directory

IPlanetAuthenticator

EDIRECTORY

NovellAuthenticator

OpenLDAP

OpenLDAPAuthenticator

EmbeddedLDAP

DefaultAuthenticator
To reassociate the identity store with Oracle Internet Directory:
  1. Ensure that there is no user in Oracle Internet Directory with the same name as the administrator of the Oracle WebLogic Server domain, which is weblogic by default.
  2. Set the embedded LDAP provider to SUFFICIENT.
  3. Configure the Oracle Internet Directory authentication provider:
    1. Start the Administration Server for your Oracle WebLogic Server domain.
    2. Sign in to the Oracle WebLogic Server Administration Console as the domain administrator user, at this URL: http://adminServerHost:adminServerPort/console
    3. Under Domain Structure on the left, select Security Realms.
    4. In the Realms table on the Summary of Security Realms page, click myrealm in the Name column to open the Settings for myrealm page.
    5. Click the Providers tab, and then click New under the Authentication Providers table on the Authentication tab.
    6. In the Create a new Authentication Provider dialog box, enter a provider name in the Name field, change the type to OracleInternetDirectoryAuthenticator, and then click OK.
    7. In the Authentication Providers table, click Reorder, move the provider you just created to the top of the list, and then click OK
    8. Click DefaultAuthenticator, change the Control Flag value to OPTIONAL, and then click Save
    9. Click Providers in the breadcrumb trail along the top of the page to navigate back to the Providers tab.
    10. Click the name of the authentication provider you just created to navigate to the Configuration tab for the provider. On the Common tab, change the Control Flag value to SUFFICIENT, and then click Save.
      SUFFICIENT means that if a user can be authenticated against Oracle Internet Directory, no further authentication is processed.
      REQUIRED means that the authentication provider must succeed even if another provider already authenticated the user. If the embedded LDAP has been set to OPTIONAL and Oracle Internet Directory has been set to REQUIRED, the embedded LDAP user is no longer valid.
    11. Click the Provider Specific tab. Set Provider Specific values in the following fields, and leave default values in the other fields:
      - Host: The host name or IP address of the LDAP server.
      - Port: The Oracle Internet Directory Port, 389 by default.
      - Principal: The Distinguished Name (DN) of the LDAP user that Oracle WebLogic Server should use to connect to the LDAP server; for example cn=orcladmin
      - Credential: The credential used to connect to the LDAP server (usually a password)
      - Confirm Credential: The same value as for the Credential field.
      - User Base DN: The base distinguished name (DN) of the tree in the LDAP directory that contains users; for example cn=users,dc=example,dc=com. In Oracle Internet Directory, this is the value of the User Search Base attribute, which you can look up in the OIDDAS administration dialog.
      - Use Retrieved User Name as Principal: Specifies whether or not the user name retrieved from the LDAP server should be used as the Principal value.
      — Group Base DN: The base distinguished name (DN) of the tree in the LDAP directory that contains groups; for example: cn=groups,dc=example,dc=com. In Oracle Internet Directory, this is the value of the Group Search Base attribute, which you can look up in the OIDDAS administration dialog.
      Note: Use an exact DN rather than a top-level DN. Using a top-level DN would provide access to all the default users and groups under the DN, giving access to more users than required by the application.
      - Propagate Cause For Login Exception: Propagates exceptions thrown by Oracle Internet Directory, like password expired exceptions, to Oracle WebLogic Server so they show in the console and the logs.
    12. Click Save.
  4. Restart the Administration Server.
    Note: Authentication providers in an Oracle WebLogic Server domain are chained. This means that user authentication needs to run successfully through all authentication providers. With the Control Flag value set to OPTIONAL for the default provider, it is allowed to fail without a server startup or user authentication failure.
  5. After the server is up again, sign in to the Administration Console again, and click Security Realms under Domain Structure.
  6. In the Realms table on the Summary of Security Realms page, click myrealm in the Name column to open the Settings for myrealm page.
  7. Click the Users and Groups tab to see a list of users contained in the configured authentication providers, on the Users subtab, and then click the Groups subtab to see a list of groups. You should see user names from the Oracle Internet Directory configuration, which implicitly verifies that the configuration is working
  8. Check that you have switched the security provider successfully.

Configuring OracleTextSearch for Content Server

If you have a license to use OracleTextSearch (with Oracle Database 11g), then you can configure it to use Oracle Text 11g as the primary full-text search engine for WebCenter Content. Oracle Text 11g offers state-of-the-art indexing capabilities and provides the underlying search capabilities for Oracle Secure Enterprise Search (Oracle SES). To search auxiliary metadata in Oracle WebCenter Content: Records with Oracle Text 11g, you must configure it to use OracleTextSearch as the search engine.

If you have a license to use Oracle SES, you can configure it for use with OracleTextSearch on WebCenter Content and configure Content Server to use Oracle SES as its back-end search engine.

OracleTextSearch enables administrators to specify certain metadata fields to be optimized for the search index as well as to customize additional fields. OracleTextSearch also enables a fast index rebuild and index optimization.

You can set OracleTextSearch on the WebCenter Content postinstallation configuration page.

To configure OracleTextSearch for Content Server on the postinstallation configuration page:
  1. Select Internal or External in the FullText Search Option field.
  2. If you selected the External option, provide the name of the external data source in the External DataSource field.
If you have Oracle Database 11g, and you specify Internal for Fulltext Search Option, you do not need to run the Repository Creation Utility (RCU) to create a search schema.
You might want to use an external data source so you can put the search engine on another system or in another database. Before you can use an external data source with OracleTextSearch, you need to create a search schema in a database other than the system database and configure the data source.

Creating a Search Schema and Configuring an External Data Source

You might want to use an external data source so you can put the search engine on another system or in another database. Before you can use an external data source with OracleTextSearch, you need to create a search schema in a database other than the system database and configure the data source.

To create a search schema and configure an external data source:
  1. Run RCU to create a search schema (prefix_OCSSEARCH in the database where you want the search engine,
  2. Create a JDBC data source that points to the search schema. You can use the Administration Console, WebLogic Scripting Tool Command, or Fusion Middleware Control to create a data source.
  3. Use the Administration Console to target the data source to the WebCenter Content Managed Server (UCM_server1 by default).
If you did not configure OracleTextSearch on the configuration page for Content Server or you want to change the configuration, you can configure this search option in the DomainHome/ucm/cs/config/config.cfg configuration file for the Content Server instance. After changing the search option, you need to restart Content Server and rebuild the search index.

Note:

If you plan to use the WebCenter Content user interface), you may want to optimize the dOriginalName field for the search index. The WebCenter Content user interface leverages the file name as its primary identifier presented in the interface. You can sort presentations by file name, which is the value of the dOriginalName field in Content Server.

By default, Content Server configures only the document title (dDocTitle) as a field available for searching and sorting. The WebCenter Content user interface, by default, does not use document titles in its displays.

The process of enabling dOriginalName as a new search or sort field requires a full rebuild of the fulltext index.

Configuring OracleTextSearch for Content Server in a Configuration File

If you did not configure OracleTextSearch on the configuration page for Content Server or you want to change the configuration, you can configure this search option in the DomainHome/ucm/cs/config/config.cfg configuration file for the Content Server instance.

To configure OracleTextSearch for Content Server in the configuration file:
  1. Open the DomainHome/ucm/cs/config/config.cfg file for the Content Server instance in a text editor.
  2. Set the following values:
    SearchIndexerEngineName=OracleTextSearch

IndexerDatabaseProviderName=SystemDatabase

    Note:

    • You can specify a separate Oracle Database as the value of IndexerDatabaseProviderName, instead of SystemDatabase. The driver jar ojdbc6.jar is provided by Oracle in the MW_HOME/wlserver_10.3/server/lib directory. Before Oracle Text Search can function properly with the separate Oracle Database, however, you need to manually copy the ojdbc6.jar file from the MW_HOME/wlserver_10.3/server/lib directory to the DomainHome/lib directory.

    • OracleTextSearch requires a JDBC driver version of 10.2.0.4 or higher. The component will not work with older JDBC driver versions.

  3. Save the file.
  4. Restart Content Server.
  5. Rebuild the search index using the Indexer tab of the Repository Manager, located under Administration, in Admin Applets.

Extracting and Running the Installation File for Desktop Client Software

After Oracle WebCenter Content is installed, you can use the desktop_content_setup.exe command with the /export parameter to extract the Desktop installer files: 

desktop_content_setup.exe /export [path]/existing_extraction_directory/

You can specify an existing directory to extract the files into. If you omit the directory from the command, it extracts the files into the current directory.

Note:

If you have an earlier version of Desktop installed, uninstall it before you proceed with the installation.

The desktop_content_setup.exe command extracts three files:

  • package.ini

  • contentdesktop.msi

  • contentdesktop_x64.msi

To install Desktop on a client system, use only one of the MSI files in the Desktop installer command. The Desktop client software installers support a number of custom installation options that can help system administrators roll out the software:

Using Command-Line Parameters for Automation

You can use several command-line parameters to automate part of the installation process. If you need to pass any public property to MSI through desktop_content_setup.exe, you can do that with the following command:

desktop_content_setup.exe /msi ONE_PUBLIC_PROPERTY=public_property_value

Disabling Integrations

The Desktop installer provides a number of command-line options to disable specific software integrations. If the installer detects that an integration can be applied to existing software on the computer (Microsoft Word, PowerPoint, Excel, and so on), it usually will automatically attempt to install an integration. To prevent an integration from being installed for a specific software product, you can disable that integration using one of these command-line switches:

  • EXPLORER=0

  • WORD=0

  • POWERPOINT=0

  • EXCEL=0

  • OUTLOOK=0

  • NOTES=0

Use capital letters for the switch names.
These switches are only for disabling software integrations. They are not necessary to enable software integrations for applications found on client computers.

Performing Silent Roll-Outs

The Desktop installer enables an administrator to roll out the Desktop client software to multiple client machines with the help of third-party tools such as SMS or netOctopus, which are capable of executing one executable on many machines. The installer for the Desktop client software supports a silent installation option that you can configure with SMS.

For silent install, you can use the following command to control the level of user interface displayed.
desktop_content_setup.exe /s UI=user_interface_level

In the command, user_interface_level can be 1, 2, 3, or 4:.

  • 1: No user interface during install.

  • 2: Displays only a progress bar during install.

  • 3: Presents an install screen with different dialog boxes but doesn’t require user input to run.

  • 4: Runs a fully interactive installer requiring user input.

For example, to silently and selectively disable installing Outlook, PowerPoint, and Lotus Notes, the command would be as follows:

desktop_content_setup.exe /s UI=1 /msi OUTLOOK=0 POWERPOINT=0 NOTES=0

You will also need to add the REBOOT=ReallySuppress and MSIRESTARTMANAGERCONTROL=Disable properties to prevent reboots and to prevent any dialogs asking to shut down applications. For example: 

desktop_content_setup.exe /s UI=2 /msi OUTLOOK=0 
POWERPOINT=0 NOTES=0 REBOOT=ReallySuppress MSIRESTARTMANAGERCONTROL=Disable
The properties after the /msi switch can also be used with the 
msiexec
with the MSI files. For example:
start /wait msiexec /i contentdesktop_x64.msi OUTLOOK=0 WORD=0 EXCEL=0 
POWERPOINT=0 NOTES=0 REBOOT=ReallySuppress MSIRESTARTMANAGERCONTROL=Disable /l*v DISUpgrade_x64.log /qn

Configuring Content Server Connections Through the Registry on a Windows System

You can add Content Server connections by creating a registry file on a Windows system. The file is not included as part of the standard installation files; you must create it.

Adding servers in a registry file automates the setup process by saving your users from setting up connections on their computers. When you add a server connection in this manner, the user cannot delete the server connection from their desktop (Windows Explorer, the email client, or any desktop application).

Sample Registry File Entries

The following sample registry file entries are examples for Content Servers instances, WebDAV servers, and Content DB servers, with comments below the code lines. The sample file registry entries are under HKEY_LOCAL_MACHINE. If you would like the user to run the installer, use HKEY_CURRENT_USER instead of HKEY_LOCAL_MACHINE.

Using HKEY_LOCAL_MACHINE means that users cannot change the ServerAuth or RememberMetaData values because they will not have permission to change HKEY_LOCAL_MACHINE entries (unless a Windows policy is set to allow this, or the user is an administrator). 

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Oracle\WebCenter Desktop\Content\WebDAV\Servers\Corporate]
"ServerType"="ucm"
"ServerURL"="http://corporate/cs/idcplg/webdav"

(In this registry entry, the server is a Content Server instance, the display name of the server is Corporate, and the server WebDAV URL is http://corporate/cs/idcplg/webdav.)

[HKEY_LOCAL_MACHINE\Software\ORACLE\WebCenter Desktop\Content\Shared\Config\Corporate]
"HostCgiUrl"="http://corporate/cs/idcplg"
"ServerAuth"=REG_DWORD:0x00000000 (0) 
"RememberMetaData"=REG_DWORD:0x00000000 (0)

In this registry entry, the server is a Content Server instance, the name of the server is Corporate, the CGI URL is http://corporate/cs/idcplg, and the user interface URL is http://corporate/wcc/faces. Content DB servers and WebDAV servers do not use these registry entries.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Oracle\WebCenter Desktop\Content\WebDAV\Servers\Department]
"ServerType"="dav"
"ServerURL"="http://corporate/content/app/explorerPage.jspx"
"Single Sign-On Url"="http://section/content/app/explorerPage.jspx"
"Use Single Sign-On"=REG_DWORD:0x00000001 (1)

(In this registry entry, the server is a WebDAV server, the display name of the server is Department, the server WebDAV URL is http://corporate/content/app/explorerPage.jspx, a single sign-on page has been identified, and single sign-on has been implemented.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Oracle\WebCenter Desktop\Content\WebDAV\Servers\Section]
"ServerType"="cdb"
"ServerURL"="http://section/content/dav"
"Single Sign-On Url"="http://section/content/app/explorerPage.jspx"
"Use Single Sign-On"=REG_DWORD:0x00000001 (1)

(In this registry entry, the server is a Content DB server, the display name of the server is Section, the server WebDAV URL is http://section/content/dav, a single sign-on page has been identified, and single sign-on has been implemented.)

Creating a Hash Partition to Improve Database Performance

Use a hash partition of the EBATCTITEMS table to minimize the database wait event enq: HW– contention, which prevents the database from scaling.

This event occurs when many threads are trying to update and add new BLOB items to ECBATCHTITEMS, as follows:

table   - "UPDATE ECBATCHITEMS SET ECITEMDATA=:1 WHERE ECITEMID=:2"
Creating a hash partition minimizes this contention because different items will be in eight different partitions.
To create a hash partition:
  1. Get the definition of the table:
    SELECT dbms_metadata.get_ddl('OBJECT TYPE','OBJECT NAME', OWNER') FROM DUAL;
  2. Append partitioning syntax to the table definition. The following table definition creates a hash partition for the ECBATCHITEMS table:
    SQL> create table "CAPCLIENT_CAPTURE"."ECBATCHITEMS2"
  2     (    "ECTENNANTID" VARCHAR2(36 CHAR),
        "ECITEMID" VARCHAR2(36) NOT NULL ENABLE,
  3    4          "ECORIGINALITEMID" VARCHAR2(36),
  5          "ECORIGINALITEMINDEX" NUMBER(10,0),
  6          "ECBARCODES" BLOB,
  7          "ECBARCODECOUNT" NUMBER(10,0),
  8          "ECSTATUS" VARCHAR2(255),
  9          "ECSOURCEFORMAT" VARCHAR2(255),
        "ECANNOTATION" VARCHAR2(255),
10   11          "ECFILELENGTH" NUMBER(19,0),
12          "ECDOCUMENTLINKCOUNT" NUMBER(10,0),
13          "ECPATCHCODE" NUMBER(10,0),
14          "ECENDORSEMENT" VARCHAR2(255),
15          "ECSOURCEFILENAME" VARCHAR2(255),
16          "ECBATCHID" NUMBER(19,0),
17          "ECLASTMODIFIED" NUMBER(19,0),
18          "ECITEMDATA" BLOB,
         PRIMARY KEY ("ECITEMID")) partition by hash(ECITEMID) partitions 8  
;