ShowTable of Contents
Introduction
The “classic” IBM® Sametime® Meeting Center product (that is, older versions of IBM Sametime Meetings) is Lotus Domino based product that allows scheduling of web meetings. The meeting application sends an email to Chairperson with the meeting details, meeting URL and meeting password (if any). For internal customers the existing product would suffice however adaptability of this web meeting for the external customer’s (external participants outside the organization) is a challenge. Most organization’s Information Security Teams do not allow anonymous access for external users accessing their webinar environment leading to hurdles for setting up these systems.
To allow secure and compliant meeting conference between internal and external, the below solution has devised a strategy which ensures authenticated external participants can login to the meeting utilizing valid user credentials instead of allowing anonymous guest login. The solution is designed keeping in mind the possible security concern raised while implementing web conferencing for external users within an organization.
The solution strategy
Fig 1, illustrates the web conferencing strategy for external customers from architecture perspective.
Fig 1: Meeting Server Architecture for Internal and External (Customers) Participants
As shown above, both internal and external users of the web conference login via different authentication mechanisms into the Meeting Server. An external user registry authentication is used for registry of the external participants when the Chairperson schedules a meeting with external participants. The Meeting Server uses the Domino Directory authentication to authenticate both types of end users. Once authenticate, the same meeting server URL is provided to both type of participants to join the web meeting.
Thus custom application is functioning within the IBM Sametime Meeting Server as depicted above. In the next section, explains the detailed process and components of the custom application.
The web meeting scheduling and attending process
The web meeting process leverages the existing Sametime Meeting standard databases along with certain custom designed Notes databases for external user participation.
Steps for scheduling the IBM Sametime Meeting for external customers in the custom solution
1. Chairperson (Internal User) logs into Meeting Center application on the IBM Sametime Meeting Server using their corporate meeting login credentials.
2. Clicks on "Schedule" meeting to schedule a meeting involving both internal and external participants (Customers/Partners).
3. Chairperson selects internal users from the Corporate Address Book.
4. The Schedule Meeting form is customized to allow internal user to add email addresses of external users (customers/partners) in the same meeting invite along with internal users.
5. Application sends mail to Chairperson on the scheduled meeting invite.
6. Application registers external users using customized algorithm and random password. It stores a customized web link (URL) along with original meeting link on a custom Notes Database.
7. Application sends out mail to external user with the customized URL for login to the web conference hosted by the Chairperson (internal users)
Steps for attending the IBM Sametime Meeting for external customers in the custom solution
1. Chairperson and Internal participants (Internal User) logs to Meeting Center application on the IBM Sametime Meeting Server using their corporate meeting login credentials.
2. Clicks on "Attend Meeting" option and launched the web meeting with the meeting room password shared by the Chairperson in email notification.
3. External users click on the URL shared in the email notification send by the Chairperson and directly logs into the web meeting with the meeting room password.
Note: For each external user a different URL is created and is valid only for the duration of the meeting.
The figure below depicts the overall process along with various components (databases) within the IBM Sametime Meeting Server utilized in this strategy solution.
Fig 2: The Process Flow with database components for Chair Person “Schedule Meeting” with internal and external participants
Fig 3: The Process Flow with database components for “Attend Meeting” by internal and external participants
Detailed Process Flow
ChairPerson logs in the Sametime Meeting Server homepage (stcenter.nsf) with login credentials; to schedule a meeting with internal and external participants in Stconf.nsf. A meeting mail notification is sent to ChairPerson's email address.
Even if one participant is added in the meeting invite; a meeting document is created in “Registerdb1.nsf” . The document created will have Chairperson email address , Meeting ID, Internal user’s email address, External user email address, meeting start date and time , end date and time of meeting.
Agent “MoveAgent” present in Registerdb1.nsf will look for any new document created in this database and will copy the document in Registerdb2.nsf .The agent will delete the document from Registerdb1.nsf , once it is copied to Registerdb2.nsf.
Agent “CreateUser” in Registerdb2.nsf will check for any new meeting documents created in it which has external user email address is mentioned. If found, using customized algorithm it will create for each external participant; a login ID (based on email address of external user and random algorithm), a random password and an individual customized web URL (attend meeting URL) using the external user’s login ID & password. Application would create a new document in ExternalReg.nsf & Registerdb1.nsf for each external participant with the details as external user email address, login ID of external user, external user password, Chairperson’s email address, meeting password (if any),meeting subject, start date and time, end date time, meeting ID and custom web link (URL) to be used by external participant.
Application calls “SendMail” agent to send mails to internal and external users based on document of Registerdb2.nsf. Mailer sent direct web meeting URL to internal user and for external user will send mail with individual customized web URL.
When external participants logs in using their individual customized web URL; a custom agent “LogintoMeeting” created in Domcfg.nsf of the Meeting Server authenticates external user by capturing the User ID & Meeting ID. Once authenticated, external participants will re-directed to actual web meeting URL hosted by the Chairperson.
Once meeting is ended, agent “DeleteUser” present in Registerdb2.nsf deletes documents in ExternalReg.nsf, Registerdb1.nsf for ended meetings.
The solution database component description
The various solution components are a combination of modified standard or newly created IBM Lotus Notes databases. The database structure involves the following 6 databases.
# | Databases | Description |
| 1 | Sametime Configuration DB
Stconfig.nsf (modified) | It stores the values for parameters that are available from the Sametime Administration Tool. The solution strategy requires enhancements to this database such as:
- Add search functionality for internal users & add one form for adding external users’ email address.
- Changes to agent (SametimeWebQuerySave) for capturing Meeting details, email addresses of internal & external users in Registerdb1.nsf
- Form/sub form creations/modifications:
- Forms created to provide facility for Chairperson to search for internal users and add external users’ email addresses along with hidden fields.
- Sub form used for People search for internal users.Sub form for displaying error message to external user in case of invalid authentication.
|
| 2 | Domino Web Server Configuraton DB
Domcfg.nsf(modified) | A login agent has been created that gets called when external user clicks on the link sent to him on email invitation. |
| 3 | Sametime Server
Homepage
Stcenter.nsf | It hosts an HTML page (Sametime server home page) and can only be accessed by a Web browser. It is the end-user entry point to the Sametime Meeting Server. |
| 4 | Registerdb1.nsf
(created) | This database is created to host all URL link used by external user to login. A “Move Agent” is created to copy meeting document
(which is captured by SametimeWebQuerySave agent of stconf.nsf) from this database to Registerdb2.nsf. |
| 5 | Registerdb2.nsf
(created) | This database consists of details of all meetings documents and all user management agents. This is the key database for sending mail intimations to internal & external users.
Agents created on this database are as follows:
- Create User: for creating external user
- Delete User: for deleting external user.
- Link Copy: once external user is created, application creates a copy of this link in Registerdb1.nsf.
- Send Mail: for sending mail to both external as well as internal user.
|
| 6 | ExternalReg.nsf
(created) | This database consists of registered external users and is made from address book template of IBM Domino Directory. |
The security highlights
The key advantages of this secure web meeting solution strategy are as follows:
External User registration for tracking and audit purposes on the Sametime Meeting environment.
Unique URL and login credentials for each external participant per meeting.
Deletion/purging of necessary ids and meeting documents created to avoid misuse of the access.
Better control over external user access on the Meeting Server environment.
The business benefits
The key business benefits of this solution strategy are as follows:
Improve Efficiency: Improve projects delivery timelines by holding online customer demo/project sessions
Enhance Customer Support: Provide Online Support for customers with desktop sharing function to resolve technical issues
Improve Sales by having online presentations with qualifying prospects on various products.
Reduce Cost in Corporate Trainings: Reduce Training Costs by having joint learning platform along with Customer
Improve Collaboration: Organize Customer Events online to enhance collaboration of project team with Customers, partners etc.
Resources
Sametime Meeting Services Infocenter
http://publib.boulder.ibm.com/infocenter/sametime/v8r0/index.jsp
About the Author
Kamna Puri is an IBM Social Business Consultant with 10 years of IT experience and associated with Tata Consultancy Service Ltd. Her core competencies are Product & Solution consulting, Solution architecting, Product Administration, Project & Program management, Presales and Process Consulting. She has approx 8+years extensive operational experience on various Collaboration Products ranging from IBM Lotus Notes/Domino, IBM Sametime, IBM QuickPlace, IBM DB2 and MS SharePoint 2007 and technical knowledge on IBM WebSphere Portal Server, IBM Connections; with strong technical certification background – IBM Certified Lotus Professional (CLP), Microsoft Certified Technology Specialist (MCTS) certified in Microsoft SharePoint Server (MOSS) 2007, ITIL V3.