You can configure IBM® Business Process Manager to work
with an existing external ECM system by using a new object store.
Before you begin
There are two ways of configuring
IBM BPM to work with an existing external ECM system.
- You can configure your IBM BPM deployment
environment to use an empty object store in an external IBM FileNet® Content Manager installation. This configuration is
useful if you set up a new IBM BPM deployment
environment. You cannot configure your IBM BPM deployment environment to use an empty object store
in an external IBM Content Manager installation immediately. You must follow the instructions in
this set of steps.
- You can configure your IBM BPM deployment
environment to reassign the IBM BPM
content store to the
domain of an existing FileNet Content
Manager
installation. This configuration is useful if you already have an IBM BPM deployment environment setup. For instructions,
see Reassigning the IBM BPM content store.
These prerequisites are necessary to configure
IBM BPM with an existing external ECM server.
- On FileNet Content
Manager, you must have a domain
already set up. There might be multiple object stores already set up. When you configure IBM BPM
with FileNet Content
Manager, there is a one-to-one
correlation between the IBM BPM server and the FileNet Content
Manager object store.
- As an application server, only WebSphere Application Server is supported. In addition, the
WebSphere Application Server used by IBM BPM and the WebSphere Application Server used by FileNet Content
Manager must have the same version.
- The same Lightweight Directory Access Protocol (LDAP) user repository must be used by both
IBM BPM and FileNet Content
Manager.
- IBM BPM can work with FileNet Content
Manager by
using Federated Repositories (also referred to as Virtual Member Manager (VMM)) or Lightweight
Directory Access Protocol (LDAP). The LDAP must be connected directly; or by using Federated
Repositories (VMM) on the FileNet Content Platform Engine on WebSphere Application Server and its
domain.
About this task
Note: You cannot reverse this configuration and return to using the IBM BPM
content store. After you configure, you must always use
the external ECM server.
Back up your system configuration and databases before you begin this configuration. This backup
means you can roll back your configuration if needed. See Backing up and restoring administrative configuration files.
Procedure
- Begin your configuration by checking there is no content such as folders and documents in the
IBM BPM
content store. Use the IBM Administrative
Console for Content Platform Engine to check there is no content.
- In the domain navigation tree, open .
- In the object store navigation tree, open Search.
- Click New Object Store Search.
- For each of the following classes, run a search: Document and Case
Folder. You can search for Case Folder instances only if the Basic Case Management license
is installed.
- If the result set is empty, there is no existing content.
See Using the IBM Administration Console for Content Platform Engine to administer the embedded content store
Note: Any content that you do not remove from the IBM content store is deleted when you complete
this configuration.
- Check the version level of the FileNet Content
Manager. It must be a supported version to work
with IBM Business Process Manager. See Planning for an external Enterprise Content Management server.
- Configure single sign-on (SSO) security for the external FileNet Content
Manager, including the configuration of the
user registry and trusted realm. To configure single sign-on security with a common user repository,
see Configuring single sign-on for an external FileNet Content Manager.
- Designate a user from the shared repository to be the administrator for the object store. IBM
BPM uses this user to do administrative operations like the creation of document class definitions.
Then, map this user to the IBM BPM EmbeddedECMTechnicalUser role.
- Check that the user defined in the Authentication Alias assigned to the
EmbeddedECMTechnicalUser role is a user from the shared repository.
- Select . Note the alias name that is used for the EmbeddedECMTechnicalUser role.
- Select . Expand the Java Authentication and Authorization Service
section and select J2C authentication data. Verify that the user assigned to
the EmbeddedECMTechnicalUser alias is a user from the shared user repository.
- If the user assigned to the EmbeddedECMTechnicalUser does not qualify, that is, the user is not
from the shared repository, do the following steps.
- Create an authentication alias with credentials from the shared user repository for the Content
Platform Engine administrator.
- In the WebSphere administrative console for the IBM BPM server, select . The Global Security page opens.
- Expand the Java Authentication and Authorization Service section and
select J2C authentication data. The JAAS - J2C Authentication
Data page opens.
- Click New and add an authentication alias with LDAP credentials for the
object store administrator.
- Change the EmbeddedECMTechnicalUser role to use the new authentication alias that you created.
This authentication alias is for FileNet Content
Manager. To change the EmbeddedECMTechnicalUser role to use the new authentication alias, in the
WebSphere administrative console, select . Select your deployment environment and continue to Authentication
Aliases. You see the EmbeddedECMTechnicalUser and can modify that alias.
- Configure FileNet Content
Manager for the
IBM BPM
content store.
- Log in to the IBM Administration Console for Content Platform on the FileNet Content Platform
Engine as a domain administrator.
- Create an object store by using the IBM Administration Console for Content Platform on the
FileNet Content Platform Engine. See Creating an object store. Use the following settings:
- Use the user from step 4 when granting
administrative access to this object store. You may also use a group that contains this user.
- Grant all users that work with IBM BPM
basic access. You might want to use the #AUTHENTICATED-USERS security identifier as grantee to allow
all users to work with the object store. The individual instance objects are automatically protected
based on the teams you create in IBM BPM.
- When you choose the add-ons, check that the Base Content Engine
Extensions are installed. This add-on is part of the default configuration.
- After the object store is created, the only access rights that you will need to add to the
administrative user is PRIVILEGED_WRITE. In IBM Administration Console for Content Platform on
FileNet Content
Manager, the check box that you must
select is Modify certain properties (in English).
After the object store is created, you can add a user with administrative permissions on the
object store. See Update object store with new users and groups. The permissions that you must
grant to the user are listed in Permissions required for the new object store.
- Running a command and then starting IBM BPM finishes the configuration. However, you must also verify that the configuration is working.
- Run the setBPMExternalECM admin command to configure IBM BPM to use an
external ECM server.
- Shut down the IBM BPM deployment environment; for example, by using the BPMConfig command.
BPMConfig
-stop. See BPMConfig command-line utility. In the case of a Network Deployment (ND)
environment, the deployment manager, and node agents can be left running. The FileNet Content
Platform Engine must be running.
- Run wsadmin. In the case of an IBM BPM Express server or if you stopped the deployment manager
of your Network Deployment (ND) environment, run wsadmin in local mode; that is, by using the
parameter -conntype
none.
- Run the setBPMExternalECM admin command. See setBPMExternalECM command.Use NEW_EXTERNAL_OBJECT_STORE as the value for
the -ecmEnvironment parameter.
- Save the configuration by invoking AdminConfig.save().
- In the case of a Network Deployment (ND) environment, synchronize the configuration of the
nodes.
- Restart the IBM BPM deployment environment by using the BPMConfig command.
BPMConfig
-start. See BPMConfig command-line utility. If you stopped the deployment manager and
node agents, you need to manually restart them.
- Check for errors in the IBM BPM logs. If you discover errors, resolve them and restart the IBM
BPM server.
- Check the CMIS component in the Component Health Center to verify that your external ECM server
is up and running. The switch to the external ECM server removes the IBM BPM
content store configuration. Therefore, you cannot check
the EmbeddedECM component anymore. Instead, check the CMIS component. The CMIS component also
reports errors for the connection to the external ECM. See Component Health Center.