Installatie handleiding
OpenIMS installation kit (build )
For Windows an installation kit is available from OpenSesame ICT.
The Linux requirements (needed packages) can be found here.
Introduction
In general it should be possible to install OpenIMS in any Apache / PHP compatible environment (e.g. Linux and Windows). Please see Linux packages for a full list of required software. OpenIMS needs a dedicated server. For multipurpose servers (which is not recommended) multiple instances of Apache might be required.
Please note that not all environments can use all versions of all involved products. E.g. when an OpenIMS environment is migrated from one server to another server it might require exactly the same versions as on the original server.
An internet connection is required during and after the installation of OpenIMS.
Preparations for Windows:
- My Computer > Right click on each partition and choose "Properties": Make sure indexing for fast file search is disabled.
- Check if any antivirus software is installed on the server, and if so, make sure that "on access" scanning is disabled. Or, at the very least, disable on access scanning for C:\Windows\Temp; the backups, dfc, tmp and logs-subdirectories of the OpenIMS root directory; the \Tmp-directory that you create outside the OpenIMS root; the mysql\data-directory; and the sphinx\data-directory.
How to configure Apache
Add the following to the proper httpd.conf (e.g. /etc/httpd/conf/httpd.conf) sections and/or files:
LoadModule status_module modules/mod_status.so
AddModule mod_status.c
ExtendedStatus On
<Location /server-status>
SetHandler server-status
</Location>
- Set DocumentRoot to the OpenIMS root directory.
- Add "AllowOverride all" to the proper <Directory ...> entry (OpenIMS root, seems to be the default setting with Ensim).
- Make sure to restart Apache to load the latest httpd.conf
- For Linux: make sure that Apache is automatically started
- Test Apache using e.g. http://localhost/server-status
How to conigure MySQL/MariaDB:
The following configuration can be added.altered in /etc/my.cnf:
[mysqld]
skip-locking
key_buffer = 16M
max_allowed_packet = 15000000
table_cache = 64
sort_buffer_size = 512K
net_buffer_length = 8K
myisam_sort_buffer_size = 8M
Install OpenIMS
· Download openims.zip (part of the installation kit)
· Copy openims.zip to the "openims root directory"
· Unzip openims.zip (e.g. "unzip openims.zip" or "\cygwin\bin\unzip openims.zip") in the "openims root directory"
· Create "tmp" and "tmp/locks" subdirectories in the openims root directory
· Make sure the latest OpenIMS agent is installed on your client
· (Mac OS X, Linux:) don't forget to set the correct owner of the openims root directory (usually the apache process owner)
Configure OpenIMS
More information on (re)configuring OpenIMS (machine and site configurations) can be found on the Internet: http://doc.openims.com/
· Create a .htaccess in the OpenIMS root directory containing:
<Files .htaccess>
order allow,deny
deny from all
</Files>
IndexIgnore *
Options -Indexes
ErrorDocument 404 /index.php
ErrorDocument 403 /index.php
· Highly recommended: Ensure that the Apache module mod_expires is available and enabled, and add the following to .htaccess:
ExpiresActive On
ExpiresByType image/gif A2592000
ExpiresByType image/jpg A2592000
ExpiresByType image/jpeg A2592000
ExpiresByType image/png A2592000
· Please note a valid machine name, digital certificate, rsa public key and rsa keypair have to be obtained first (e.g. from OpenSesame ICT)
· Edit myconfig.php (OpenIMS root directory) to enter the basic machine configuration (allowing OpenIMS to start).
Use at least the following lines (configuration is for windows, for linux, change the windows/linux settings and set localsendmail to yes):
$myconfig["defaultlanguage"] = "nl"; // user interface language
$myconfig["windows"] = "yes";
$myconfig["linux"] = "no";
$myconfig["hasgzlib"] = "no"; // use gzip which is build into PHP
$myconfig["hasgzcompress"] = "no"; // gzcompress and gzuncompress functions
$myconfig["gzipcommand"] = "c:\\cygwin\\bin\\gzip"; // path to gzip executable
$myconfig["gunzipcommand"] = "c:\\cygwin\\bin\\gunzip"; // path to gunzip executable
$myconfig["tarcommand"] = "c:\\cygwin\\bin\\tar"; // path to tar executable
//default master.osict.com is used for the heartbeat which is used to locate servers, this can be replaced with a local server
// $myconfig["master"] = "<<<address>>>";
$myconfig["localsendmail"] = "no"; // use local sendmail or relay to other server
$myconfig["usetosendmail"] = "rack132"; // relay server if localsendmail is "no"
$myconfig["antiword"] = "c:\\antiword\\antiword.exe"; // path to antiword executable
$myconfig["pdftotext"] = "c:\\xpdf\\pdftotext.exe"; // path to pdftotext executable
$myconfig["ppthtml"] = "c:\\xlhtml\\ppthtml.exe"; // path to ppthtml executable
$myconfig["xlhtml"] = "c:\\xlhtml\\xlhtml.exe"; // path to xlhtml executable
$myconfig["diff"] = "c:\\cygwin\\bin\\diff.exe"; // path to diff executable
$myconfig["unzip"] = "c:\\cygwin\\bin\\unzip.exe"; // path to unzip executable
$myconfig["chmod"] = 0777; // for all OpenIMS related files (suexec can be used to make it 0755, a dedicated server is recomended)
$myconfig["tmp"] = "e:\\tmp\\openims\\"; // path for temporary files
$myconfig["allowarraysinrequest"] = "no";
Mac OS X and Fink: In myconfig.php use /sw/bin/antiword, /sw/bin/pfdtptext and /sw/bin/pptphtml
If, after copying gzip.exe to gunzip.exe (step 1), the selftest still reports that gunzip doesn't work, add the -d flag:
$myconfig["gunzipcommand"] = "c:\\cygwin\\bin\\gunzip -d";
· Log in as ultravisor (see above) and use http://<<<propername>>>/openims/openims.php?mode=admin&submode=maint to enter the full machine and site configuration
· Use http://<<<propername>>>/openims/openims.php?mode=internal to create sitecollections (customers), sites and to connect those sites to domains.
Please take notice: names of sitecollections must end with “_sites”, names of sites must end with “_com" or “_nl”.
· If your are going to use MYSQL as xmlengine, use the Admin section > Maintenance > Backup to dump the current system. After backing up add the following to myconfig.php:
$myconfig["xmlmysql"]["host"] = "localhost";
$myconfig["xmlmysql"]["user"] = "root";
$myconfig["xmlmysql"]["password"] = "...";
$myconfig["xmlmysql"]["database"] = "openimsxml";
$myconfig["xmlengine"] = "MYSQL";
//$myconfig["ftengine"] = "MYSQL";
//$myconfig["sdexengine"] = "MYSQL";
//$myconfig["dfcengine"] = "MYSQL";
After succesfully changing the myconfig.php file use the Admin section > Maintenance > Backup to restore the backup you just made. After restoring the backup you can remove the // in front of the ftengine, sdexengine and dfcengine lines.
Don’t forget to use the Admin section > Maintenance > (Re)generate XML indexes to regenerate the indexes.
· REMOVE FROM MYCONFIG THE LINES CONTAINING $myconfig["backdoorrandom"]="…" AND $myconfig["backdoormd5"]="…"
Configure batch processing
Windows:
· Make sure the clock and the timezone are correct, preferably use an automatically synchronized clock
· Copy the contents of /kit/win/batchkit (openims root directory) to c:\batchkit
· > C:
· > cd \batchkit
· If a different directory or a non English version of windows is used change install.bat using e.g. notepad
· Execute install.bat
· Execute on.bat to enable OpenIMS batch processing (off.bat can be used to disable OpenIMS batch processing)
· Check if batch processing is running in the task scheduler (result 0x1) (the tasks should be run under the 'system' account)
· If the tasks don't run and result in error 0x80, check Microsoft Knowledge Base Article - 812400
Linux:
· Set timezone (to Europe/Amsterdam) and ntp-server.
· Else: Edit crontab to enable nightly clock synchronisations (user root using crontab -e):
0 0 * * * rdate -s time.nist.gov > /dev/null 2> /dev/null
1 0 * * * /sbin/hwclock --systohc > /dev/null 2> /dev/null
· (All platforms:) Edit crontab (e.g. user root, crontab -e):
* * * * * wget --timeout=1 --tries=1 http://<<<IP ADDRESS>>>/nkit/callmeoften.php > /dev/null 2> /dev/null
* * * * * rm -f /root/callmeoften* > /dev/null 2> /dev/null
Met –spider wordt de callmeoften.php niet meer aangemaakt:
* * * * * /usr/local/bin/wget --spider --timeout=1 --tries=1 http://<<IP_ADRRESS>>/nkit/callmeoften.php > /dev/null 2>&1
· Check in /etc/crontab if night processing (e.g. Apache log rotation) is at 4:00 am (OpenIMS batch is at 2:00 am)
Check the OpenIMS configuration
· Use http://<<<propername>>>/openims/openims.php?mode=admin&submode=maint&action=checkup to check the OpenIMS configuration
· Check the appropriate OpenIMS functionality (CMS, DMS, EMS etc.)
· Check the ability to send mail using N_Sendmail (use internal & external mail addresses), check for relaying errors.
example: N_Sendmail(“sender@company.com”,”receiver@company.com”,”test 1”,”test 1”)
Implement AutoCAD, Microsoft Word and Microsoft Excel integration (DMS Only)
Please follow these instructions: http://doc.openims.com/beheer/ondertekende_macro
Disable atime (Linux only)
Optionally, the "atime" feature of the file system can be disabled. This can improve file performance. (Add the noatime option to the options in the correct fstab entry.)
Test EVERYTHING!
All functionality, configuration, and especially backup and restore facilities
Troubleshooting tips
· Read the installation manual carefully for steps you may have missed.
· Go to http://<<<hostname>>>/nkit/phpinfo.php to make sure that apache and php are working properly, and that the php settings are correct.
· Check the apache logs (i.e. /var/log/httpd/error.log) for errors.
· If images and short url's (a short url would be http://<<<hostname>>>/adm instead of the full url http://<<<hostname>>>/openims/openims.php?mode=admin) are not working, this usually means that .htaccess is not present / has a syntax error / is not being read by apache (check your AllowOverride-settings is httpd.conf).
· To view OpenIMS errors (including many errors related to the configuration of php), go to http://<<<hostname>>>/showerrors, enable the "Show Errors" option, and then reload (Ctrl+F5) the page you were trying to view.
· If (with /showerrors) you get the php error "headers already sent", check that you do not have any whitespace before <? or after ?> in myconfig.php or in your site configuration.
· Go the the OpenIMS-directory and do “php -f myconfig.php” on the command line (on Windows, you may need to specify the full path to php.exe), to verify that there are no syntax errors in myconfig.php.
· If at http://<<<hostname>>> you get a blank page, and at http://<<<hostname>>>/adm you get a login popup but are unable to login with any accounts you created (and if this is not normal at this point in the installation):
· Enable the temporary backdoor in myconfig.php so that you can log in using the account "ultravisor".
· Go to http://<<<hostname>>>/openims/openims.php?mode=internal.
· If you seeno sitecollections with mode=internal, you have an empty database and/or your database connection is broken.
· If youdo see sitecollections with mode=internal, make sure that the domain you are using (in your URL) to log in to OpenIMS corresponds exactly to one of the domains listed with mode=internal.
Appendix A: Using OpenSSL (Windows)
Apache and SSL can be used with Windows. A good manual can be found here: http://tud.at/programm/apache-ssl-win32-howto.php3. See also below.
Some notes:
Some files must be downloaded: a modified Apache executable and OpenSSL.
- Modified Apache executable: Take care of your Apache version! Look for files named like "Apache_1.3.31-Mod_SSL_2.8.18-Openssl_0.9.7d-Win32.zip" in http://tor.ath.cx/~hunter/apache/
- OpenSSL: Look in http://tor.ath.cx/~hunter/apache/ for files like "Openssl-0.9.7d-Win32.zip".
(Steps to be taken: stop Apache, copy original Apache directory to a backup directory. Copy the .exe and .so files from modified Apache executable archive to the Apache directory but don’t overwrite the de conf files! Don't forget to copy the two dll's to win32. Modify conf files, install OpenSSL (in C:\openssl), create keys, copy keys. Restart Apache).
The Apache + SSL on Windows HOWTO
Zie: https://raibledesigns.com/wiki/Wiki.jsp?page=ApacheSSL
Appendix B: Enabling LDAP (Windows)
· In php.ini: enable extension=php_ldap.dll.
(Note: php.ini usually resides in c:\windows, after installing Zend, it probably resides in c:\program
files\zend\winenabler\etc)
· When not using Zend, don’t forget to copy c:\php\dlls\*.dll to c:\windows\system32, these dll’s are used by the ldap module.
· restart Apache