6 Post-Deployment Activities

Perform the post-deployment tasks to get started using AEM forms on JEE modules and services after they are installed, configured, and deployed to your application server.

6.1 Change the default password of AEM forms on JEE Administrator

AEM forms on JEE creates one or more default users during the installation. The password for these users is in the product documentation and is publicly available. You must change this default password, depending on your security requirements.

The AEM forms on JEE administrator user password is set to “password” by default. You must change it in Administration console > Settings > User Management > Users and Groups and at the AEM Configuration Management web console.

Change the password in Administration console

  1. Log into the Administration console using administrator/password credentials.

  2. Go to Settings > User Management > Users and Groups .

  3. Search for user Administrator .

  4. Click the Administrator user.

  5. In the Login Settings section, Click Change Password .

  6. Specify a new password and click Save .

  7. Re-login using the changed password to verify.

Change the password inAEM Configuration Management Web console

  1. Log into the Configration Management console using admin/admin credentials. The default URL of console is http://[server]:[port]/lc/system/console/configMgr.

  2. Search and open Adobe Livecycle Client SDK Configuration for editing.

  3. Specify a new password and click Save .

6.2 Restarting the JBoss services

After completing the installation, restart the JBoss service to ensure that it is in a clean running state. After an install, the JBoss service will be in a high-memory-use initialization state.

Note: When you upgrade to AEM forms on JEE server or deploy a Service pack, ensure that you delete the [Jboss_root]\server\<server name>\work and [Jboss_root]\server\<server name>\tmp folders before restarting the application server.

6.3 Setting the correct date, time, and time zone

Setting the correct date, time, and time zone on all servers connected to your AEM forms on JEE environment will ensure that time-dependent modules, such as Digital Signatures and Acrobat Reader DC extensions, will function correctly. For example, if a signature appears to have been created in the future, it will not validate.

Servers that require synchronization are database servers, LDAP servers, HTTP servers, and J2EE servers.

6.4 Manually enabling SSL for JBoss

During Turnkey installation, the JBoss application server is set up with Secure Sockets Layer (SSL) disabled by default. Enable SSL for JBoss if you want to use AEM forms on JEE Document Security with Adobe Acrobat for securing documents. Enabling SSL requires a signed certificate issued by a trusted certificate authority (CA) like VeriSign. However, you can also generate and use a self-signed certificate to enable SSL.

The following broad tasks are involved in enabling SSL for JBoss on a Turnkey installation:

  1. Create a keystore using the keytool utility that ships with the Java SDK.

  2. Generate the certificate or use a certificate issued by a CA.

  3. Copy the keystore and the certificate files to the JBoss root configuration folder— [JBoss root] \standalone\configuration.

  4. Import the certificate into [Adobe_JAVA_HOME] \lib\security\cacerts.

  5. Update the JBoss lc_turnkey.xml file to uncomment the SSL configuration settings and specify reference attributes for the certificate.

  6. Restart the JBoss server to apply your changes.

6.4.1 Enable SSL for JBoss

You can configure SSL for JBoss using Configuration Manager. If you skipped this option, manually configure SSL using the instructions given below:

X.500 distinguished names are used as identifiers when you generate a keystore and a certificate. The keytool command that you use to generate a certificate supports the following subparts for the – dname option:

CN: The complete hostname of the machine for which you’re creating the certificate. For example, “machine.adobe.com”.

OU: The name of a small organizational unit, such as a department or a division. For example, “Purchase”.

O: The name of the organization. For example, “Adobe Systems”.

L: The name of a locality or city. For example, “San Jose”.

S: The name of a state or province. For example, “California”.

C: A two letter country code. For example, “US”.

6.4.1.1 Enable SSL for JBoss on a Turnkey installation

  1. Navigate to [Adobe_JAVA_HOME]/ bin and type the following command to create the keystore:

    keytool -genkey -dname "CN= Host Name , OU= Group Name , O= Company Name , L= City Name , S= State , C= Country Code " - alias "LC Cert" -keyalg rsa -keypass key_password -keystore keystorename. keystore

    Replace [Adobe_JAVA_HOME] with the name of the directory where the JDK is installed, and replace the text in bold with values that correspond to your environment. The Host Name is the fully qualified domain name of the application server.

  2. Enter the keystore_password when prompted for a password.

    Note: The keystore_password entered at this step may be the same password (key_password) that you entered in step 1, or may be different.

  3. Copy the keystorename. keystore file to the [JBoss root] \standalone\configuration directory by typing the following command: 

        copy keystorename.keystore [JBoss root]/standalone/configuration

  4. Export the certificate file by typing the following command:

    keytool -export -alias "LC Cert" -file LC_cert.cer -keystore [JBoss root]\standalone\configuration\keystorename.keystore

  5. Enter the keystore_password when prompted for a password.

  6. Copy the LC_cert.cer file to the [JBoss root] configuration directory by typing the following command:

    copy LC_cert.cer [JBoss root]\standalone\configuration

  7. View the contents of the certificate by typing the following command:

    keytool -printcert -v -file [JBoss root]\standalone\configuration\LC_cert.cer

  8. If necessary, provide write access to the cacerts file in [Adobe_JAVA_HOME]\jre\lib\security. Right-click the cacerts file, select Properties, and then deselect the Read-only attribute.

  9. Import the certificate by typing the following command:

    keytool -import -alias "LC Cert" -file LC_cert.cer -keystore [Adobe_JAVA_HOME]\jre\lib\security\cacerts

  10. Type changeit as the password. changeit is the default password for a Java installation.

  11. When prompted if you Trust this certificate? [no]:, type yes . The confirmation "Certificate was added to keystore” is displayed.

  12. In a text editor, open the file

    (Jboss 6.2 Only) [JBoss root]\standalone\configuration\lc_turnkey.xml.

  13. Uncomment the following lines in the lc_turnkey.xml file:

    <!-- SSL/TLS Connector configuration using the admin devl guide keystore <Connector port="8443" address="${jboss.bind.address}" maxThreads="100" strategy="ms" maxHttpHeaderSize="8192" emptySessionPath="true" scheme="https" secure="true" clientAuth="false" keystoreFile="${jboss.server.home.dir}/conf/keystoreFile.keystore" keystorePass="keystorePass" sslProtocol = "TLS" />

    -->

  14. For the keystoreFile attribute in lc_turnkey.xml , specify the path of the keystore file you created. Specify keystore_password for the keystorePass attribute in lc_turnkey.xml .

  15. Save the lc_turnkey.xml file.

  16. Restart the application server:

    • From the Windows Control Panel , click Administrative Tools , and then click Services .

    • Select JBoss for Adobe Experience Manager forms.

    • Select Action > Stop.

    • Wait for the status of the service to appear as stopped.

    • Select Action > Start.

6.5 Accessing administration console

administration console is the web-based portal for accessing various configuration pages, where you set run-time properties that control the way AEM forms on JEE operates. When you log in to administration console, you can access User Management, watched folder, and email client configuration, as well as administrative configuration options for other services. administration console also provides access to Applications and Services, which administrators use for managing archives and deploying services to a production environment.

The default user name and password for logging in to Administration Console is administrator and password . After you log in the first time, you can access User Management and change the password of the administrator account. (See 6.6.7 Accessing User Management .)

Before you access administration console, AEM forms on JEE must be deployed and running on your application server.

For information about using the administration web pages, see administration console Help (available from the Help menu of the administration console home page).

  1. Open a web browser and enter this URL:

    http://localhost:8080/adminui (local deployment using the default port)

  2. Log in using the default user name and password:

    User name : administrator

    Password : password

  3. Click Log in .

  4. Click Services to access the services’ pages, and click Settings to access the Core System Settings, User Management, and Trust Store Management pages.

6.6 Accessing AEM forms on JEE applications

After AEM forms is deployed, you can access the web applications that are associated with the following modules:

  • Acrobat Reader DC extensions

  • Workspace

  • PDF Generator

  • Document Security

After accessing the web applications by using the default administrator permissions to ensure that they are accessible, you can create additional users and roles so that others can log in and use the applications. (See administration help .)

6.6.1 Access the Acrobat Reader DC extensions web application

Note: You must apply a Acrobat Reader DC extensions credential and apply the user roles for a new user. (See “Configuring credentials for use with Acrobat Reader DC extensions” in administration help.)

  1. Open a web browser and enter this URL:

    http://localhost:8080/ReaderExtensions

  2. Log in using the user name and password for AEM forms on JEE.

    Note: You must have administrator or superuser privileges to log in. To allow other users to access the Reader Extensions web application, you must create the users in User Management and grant them the Acrobat Reader DC extensions Web Application role.

6.6.2 Access Workspace

  1. Open a web browser and enter this URL:

    http://localhost:8080/workspace

  2. Log in using the user name and password for AEM forms on JEE.

6.6.3 Access HTML Workspace

  1. Open a web browser and enter this URL:

    http://localhost:8080/lc/forms.html

  2. Log in using the user name and password for AEM forms on JEE.

6.6.4 Access forms manager

  1. Open a web browser and enter this URL:

    http://localhost:8080/lc/fm

  2. Log in using the user name and password for AEM forms on JEE.

6.6.5 Access PDF Generator Web Application

  1. Open a web browser and enter this URL:

    http://localhost:8080/pdfgui

  2. Log in using the user name and password for AEM forms on JEE.

6.6.6 Access Document Security

You must create a user with the Document Security End User role in User Management and log in to the Document Security administrator or end-user applications by using the login information that is associated with that user.

Note: The default administrator user cannot access the Document Security end-user web application but you can add the appropriate role to its profile. You can create a new user or modify an existing user through administration console.

Access the Document Security end-user web application

Open a web browser and enter this URL: 
http://localhost:8080/edc

Access the Document Security administration web application

  1. Open a web browser and enter this URL: 

    http://localhost:8080/adminui

  2. Click Services > Document Security .

    For information about setting up users and roles, see Administration Help.

Assign the Document Security End User role

  1. Log in to administration console.

  2. Click Settings > User Management > Users and Groups .

  3. In the Find box, type all and, in the In list, select Groups .

  4. Click Find and, for the required domains, click All Principals in the list that appears.

  5. Click the Role Assignments tab and click Find Roles .

  6. In the list of roles, select the check box next to Document Security End User .

  7. Click OK and then click Save .

6.6.7 Accessing User Management

By using User Management, administrators can maintain a database of all users and groups, synchronized with one or more third-party user directories. User Management provides authentication, authorization, and user management for AEM forms on JEE modules, including Reader Extensions, Workspace, Document Security, forms workflow , Forms Generator and PDF Generator.

  1. Log in to administration console.

  2. On the home page, click Settings > User Management .

    Note: For information about configuring users with User Management, click User Management Help in the upper-right corner of the User Management page.

6.7 Encrypting the plaintext password

To learn how to encrypt the plaintext password in the data source configuration, go to: http://wiki.jboss.org and search for EncryptingDataSourcePasswords .

6.8 Managing the MySQL database

The turnkey installation and configuration supports the transaction-safe storage engine (InnoDB) in MySQL. This means that all AEM forms on JEE must operate in the same storage engine and have consistent version support. (See MySQL InnoDB Storage Engine .)

6.9 Configuring AEM forms on JEE to access LDAP

If you did not previously configure Lightweight Directory Access Protocol (LDAP), you can use the following procedure as a guideline when configuring User Management to support authentication using LDAP.

Note: Skip these steps if you configured LDAP for previous versions. LDAP configurations are migrated during the upgrade process.

  1. Open a web browser, navigate to http:// localhost :8080/adminui, and log in. (See 6.6 Accessing AEM forms on JEE applications .)

  2. Click Settings > User Management > Domain Management , and click New Enterprise Domain .

  3. In the ID box, type a unique identifier for the domain.

  4. In the Name box, type a descriptive name for the domain.

  5. Click Add Authentication and, in the Authentication Provider list, select LDAP .

  6. Click OK and, on the page that appears, click Add Directory .

  7. In the Profile Name box, type a name, and then click Next .

  8. Specify values in the Server , Port , SSL , and Binding boxes, as required.

  9. Under Populate Page With , select a directory settings option (for example, select Default Sun ONE values ), and then click Next.

  10. Configure User Settings as required, and then click Next.

  11. Configure Group Settings as required, and then click either Test or Finish .

  12. (Optional) Test your configuration:

    • Click Test .

    • In the Test Directory pane, in the Find box, enter an object name and, in the using box, select the object’s type, such as Login ID .

    • Click Test . If successful, your object’s details are displayed. You can then click Back .

  13. Click Finish to exit the Add Directory page, and then click OK again.

6.10 Configure Author and Publish instance

Perform the following tasks to configure Author and Publish instance.

6.10.1 Configure the Author instance

The Author instance is embedded within the AEM forms on JEE server. This implies that you do not need to make any configuration updates to the Author instance. The instance inherits all the configuration settings from the AEM forms on JEE instance.

6.10.2 Configure the Publish instance

You must run separate author and publish instances.You can configure the two instances on the same or on different machines.

Note: Before configuring the publish instance, ensure that your author instance is configured and deployed. You can verify it by successfully logging in to the Author Instance.

  1. Create a new appserver profile for the publish instance on the same or on a different machine.

  2. On the author instance, navigate to the [ aem-forms root ]/configurationManager/export/ directory.

  3. Copy the adobe-livecycle-cq-publish.ear file and deploy it to the appserver profile created in step 1.

  4. Copy the [ aem-forms root ]/configurationManager/export/crx-repository directory to the file server for the publish instance.

  5. Start the publish server with -Dcom.adobe.livecycle.crx.home=< location for crx-repository > parameter, where < location for crx-repository > is the location where you copied the crx-repository directory for the publish instance.

Note: If author and publish instances are on the same machine, ensure that you start the publish instance using a different port.

Now that the publish instance is up and running, you need to configure the two instances to communicate with each other.

Important: If you are setting up a cluster, ensure that there are no spaces in your CRX repository path.

6.10.3 Communicating between the Author and Publish instances

You need to perform certain configuration changes to enable two-way communication between the Author and Publish instances.

6.10.3.1 Define Publish instance URL

  1. Go to http://< authorHost >:< authorPort >/lc/etc/replication/agents.author/publish.html.

  2. Click Edit . The Agent Settings dialog opens.

  3. Click the Transport tab and specify the URL to the publish server in the URI field.

    http://< publishHost >:< publishPort >/lc/bin/receive?sling:authRequestLogin=1
    Note: If there are multiple publish instances managed by a Load Balancer, specify the URL to the load balancer in the URI field.

  4. Click OK .

Note: For author clusters, these steps need to be performed on one author instance (preferably a master instance).

6.10.3.2 Define publish instance URL for ActivationManagerImpl

  1. Go to http://< authorHost >:< authorPort >/lc/system/console/configMgr.

  2. Find and click the Edit icon next to the com.adobe.livecycle.content.activate.impl.ActivationManagerImpl.name setting.

  3. In the ActivationManager Publish URL field, specify the URL for the corresponding publish instance.

  4. Click Save .

6.10.3.3 Configure reverse replication queue

  1. Go to http://< authorHost >:< authorPort >/lc/etc/replication/agents.author/publish_reverse.html.

  2. Click Edit . The Agent Settings dialog opens.

  3. Click the Transport tab and specify the URL to the corresponding publish server in the URI field.

    Note: If there are multiple publish instances managed by a Load Balancer, specify the URL to the load balancer in the URI field.

  4. Click OK .

6.10.3.4 Define author instance URL

  1. Go to http://< publishHost >:< publishPort >/lc/system/console/configMgr.

  2. Find and click the Edit icon next to the com.adobe.livecycle.content.activate.impl.VersionRestoreManagerImpl.name setting.

  3. In the VersionRestoreManager Author URL field, specify the URL for the corresponding author instance.

    Note: If there are multiple author instances managed by a Load Balancer, specify the URL to the load balancer in the VersionRestoreManager Author URL field.

  4. Click Save .

6.10.4 Configure IPv6 implementation

Note: Perform these steps only if the machine/server is using an IPv6 address.

To map the IPv6 address to a hostname on the server and client machines:

  1. Navigate to the C:\Windows\System32\drivers\etc directory.

  2. Open the hosts file in a text editor.

  3. Add a mapping for the IPv6 address to a host name. For example: 

    2001:1890:110b:712b:d1d:9c99:37ef:7281 <ipv6_hostname>

  4. Save and close the file.

Ensure that you use the mapped host name instead of the IPv6 address to access the machine.

6.10.5 Install Japanese fonts for Adobe Reader

If your document fragements use Japanese fonts, you must install the Japanese Language Support Package for Adobe Reader. Otherwise, your letters and forms will not render and function properly. For installing language packs, visit the downloads page for Adobe Reader.

6.11 Configuring the HTML digital signature feature

To use the HTML digital signature feature of Forms, complete the following procedure.

  1. Manually deploy the [aem-forms root]/ deploy/adobe-forms-ds.ear file to your application server.

  2. Log in to administration console and click Services > Forms .

  3. Select HTML Digital Signature Enabled and then click Save .

6.12 Configuring PDF Generator

6.12.1 Setting environment variables

If you installed PDF Generator and configured it to convert files to PDF, for some file formats, you must manually set an environment variable that contains the absolute path of the executable that is used to start the corresponding application. This table lists the native applications for which PDF Generator requires you to set up environment variables.

Application

Environment variable

Example

Adobe Acrobat DC

Acrobat_PATH

C:\Program Files (x86)Adobe\Acrobat 2015\Acrobat\Acrobat.exe

Adobe FrameMaker®

FrameMaker_PATH

C:\Program Files\Adobe\FrameMaker8.0\FrameMaker.exe

Notepad

Notepad_PATH

C:\WINDOWS\Notepad.exe

OpenOffice.org

OpenOffice_PATH

C:\Program Files\OpenOffice.org 3.3

Adobe PageMaker®

PageMaker_PATH

C:\Program Files\Adobe\PageMaker 7.0\PageMaker.exe

WordPerfect

WordPerfect_PATH

C:\Program Files\WordPerfect Office 12\Programs\wpwin12.exe

Note: The OpenOffice_PATH environment variable is set to the installation folder instead of the path to the executable.

You do not need to set up the paths for Microsoft Office applications such as Word, PowerPoint, Excel, and Project, or for AutoCAD. The Generate PDF service starts these applications automatically if they are installed on the server.

6.12.2 Configuring the application server to use an HTTP proxy server

If the computer that AEM forms on JEE is running on uses proxy settings to access external websites, the application server should be started with the following values set as Java Virtual Machine (JVM™) arguments: 
-Dhttp.proxyHost=[server host] 
-Dhttp.proxyPort=[server port]

Follow the procedure listed below to start your application server with HTTP proxy host settings.

6.12.2.1 Add the setting to JBoss

  1. Ensure that the JBoss Application Server is stopped.

  2. From command line, edit the standalone.conf.bat or standalone.conf script in the [JBoss root] /bin/ directory.

  3. Add the following text to the script file: 

    Set JAVA_OPTS=%JAVA_OPTS% 
-Dhttp.proxyHost=[server host] 
-Dhttp.proxyPort=[server port]

  4. Save and close the file.

6.12.3 Setting the Adobe PDF Printer as the default printer

Set the Adobe PDF Printer to be the default printer on the server. If the Adobe PDF Printer is not set as the default, PDF Generator cannot convert files successfully.

  1. Select Start > Printers and Faxes .

  2. In the Printers and Faxes window, right-click Adobe PDF and select Set as Default Printer .

6.12.4 Configuring Acrobat

This procedure can be completed after you run Configuration Manager and deploy AEM forms on JEE to the application server.

  1. If an earlier version (10.0 or earlier) of Acrobat is installed, uninstall it by using Add or Remove Programs in the Windows Control Panel.

  2. Do one of the following:

    • If you are using the media, insert the Acrobat Pro CD.

    • If you are using the ESD downloads, download Acrobat from your ESD location.

  3. Install Acrobat DC Pro by running the AutoPlay.exe file.

  4. Navigate to the additional\scripts folder on the AEM forms on JEE installation media.

  5. Run the following batch file: 

    Acrobat_for_PDFG_Configuration.bat [aem-forms root]/pdfg_config

  6. Open Acrobat and select Help > Check for updates > Preferences .

  7. Deselect Automatically check for Adobe updates .

6.12.4.1 Validate the Acrobat installation

  1. Navigate to a PDF file on your system and double-click it to open it in Acrobat. If the PDF file opens successfully, Acrobat is installed correctly.

  2. If the PDF file does not open correctly, uninstall Acrobat and reinstall it.

Note: Ensure that you dismiss all the Acrobat dialog boxes that are displayed after the Acrobat installation is completed and disable the automatic updates for Acrobat.

Set the Acrobat_PATH environment variable to point to Acrobat.exe (such as C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe).

6.12.4.2 Configure native application support

  1. Install and validate Acrobat as described in the previous procedure.

  2. Set Adobe PDF printer as the default printer.

6.12.4.3 Changing File Block Settings

Change Microsoft Office trust center settings to enable PDFG to convert older versions of Microsoft office documents.

  1. Click the File tab in any Office 2010 application. Under Help , click Options ; the Options dialog box appears

  2. Click Trust Center , and then click Trust Center Settings .

  3. In the Trust Center settings , click File Block Settings .

  4. In the File Type list, uncheck open for the file type that you want to be converted by PDFG.

6.12.4.4 Network Printer Client installation

PDF Generator includes the Network Printer Client installer for installation of the PDF Generator Internet printer. After the installation is completed, a PDF Generator printer is added to the list of existing printers on the clients computer. This printer can then be used to send documents for conversion to PDF. For more information about installing the Network Printer Client, see Installing and Deploying AEM forms on JEE document for your application server.

6.12.5 Installing East Asian characters in Windows Server 2008

When HTML files are converted to PDF by using PDF Generator, some East Asian languages, such as Japanese, Korean, and Chinese, and also right-to-left languages, such as Arabic, Armenian, Georgian, Hebrew, Indic, Thai, and Vietnamese, may not be displayed in the PDF file.

To ensure that these languages are displayed in Windows Server 2003, appropriate fonts must be present on the client and server.

  1. Select Start > Control Panel and open Regional and Language Options .

  2. Click the Languages tab and select Install Files for East Asian Languages .

  3. Click the Advanced tab and select all the options under Code Page Conversion Tables.

If converted PDF files are still missing fonts, verify that the Arial Unicode MS (TrueType) font (ARIALUNI.TTF) is present in the C:\WINDOWS\Fonts directory.

6.12.6 PDF Generator watched folder performance parameters

To avoid java.io.IOException error messages indicating that not enough disk space is available to perform PDF conversions using a watched folder, you can modify the settings for PDF Generator in administration console.

  1. Log in to administration console and click Services > Application and Services > Service Management , and click PDFGConfigService in the list of services.

  2. On the Configure PDFGConfigService page, set the following values:

    PDFG Cleanup Scan Seconds: 1800

    Job Expiration Seconds: 6000

    Server Conversion Timeout: 450

6.12.7 User accounts for multi-threaded file conversions

By default, PDF Generator can convert only one OpenOffice, Microsoft Word, or PowerPoint document at a time. If you enable multi-threaded conversions, PDF Generator can convert more than one of the documents concurrently by launching multiple instances of OpenOffice or PDFMaker (which is used to perform the Word and PowerPoint conversions).

Note: Only Microsoft Word 2007 and Microsoft PowerPoint 2007 are supported with multi-threaded file conversions. Microsoft Excel 2003 or 2007 versions are not supported.

If you need to enable multi-threaded file conversion, you must first perform the tasks outlined in the 3.3.5.3 Enabling multi-threaded file conversions and multiuser support for PDF Generator section.

  1. In Configuration Manager, click Services > PDF Generator > User Accounts.

  2. Click Add and enter the user name and password of a user who has administrative privileges on the AEM forms on JEE server. If you are configuring users for OpenOffice, dismiss the initial OpenOffice activation dialogs.

    Note: If you are configuring users for OpenOffice, the number of instances of OpenOffice cannot be greater than number of user accounts specified in this step.

  3. Restart the AEM forms on JEE server.

6.12.8 Adding fonts to PDF Generator

AEM forms on JEE provides a central repository of fonts which is accessible to all AEM forms on JEE modules. Make the extra fonts available to non-AEM forms on JEE applications on the server so that PDF Generator can use these fonts to create PDF documents that are created with these applications.

6.12.8.1 Non-AEM forms on JEE applications

The following list contains non-AEM forms on JEE applications that PDF Generator can use for PDF generation on the server side:

Windows-only Applications

  • Microsoft Office Word

  • Microsoft Office Excel

  • Microsoft Office PowerPoint

  • Microsoft Office Project

  • Microsoft Office Publisher

  • AutoDesk AutoCAD

  • Corel WordPerfect

  • Adobe Photoshop CS

  • Adobe FrameMaker

  • Adobe PageMaker

  • Adobe Acrobat Pro

Multiplatform applications

  • OpenOffice Writer

  • OpenOffice Calc

  • OpenOffice Draw

  • OpenOffice Impress

Note: In addition to these applications, your list may include additional applications that you added.

Of the above applications, the OpenOffice Suite (which includes Writer, Calc, Draw, and Impress) is available on Windows, Solaris™, and Linux® platforms, whereas other applications are available on Windows only.

6.12.8.2 Adding new fonts to Windows applications only

All the Windows-only applications that are mentioned above can access all the fonts that are available in the C:\Windows\Fonts (or equivalent) folder. In addition to C:\Windows\Fonts, each of these applications may have its own private fonts folders.

Therefore, if you plan to add any custom fonts to the AEM forms on JEE fonts repository, ensure that the same fonts are available to the Windows-only applications also by copying these fonts to either C:\Windows\Fonts or to an equivalent folder.

Your custom fonts must be licensed under an agreement that allows you to use them with the applications that have access to these fonts.

6.12.8.3 Adding new fonts to OpenOffice Suite

Adding custom fonts to OpenOffice Suite is explained on the OpenOffice Fonts-FAQ page at http://wiki.services.openoffice.org.

In addition, OpenOffice Suite has these resources about the fonts-related behavior:

  • OpenOffice Fonts Troubleshooting Guide at http://www.openoffice.org/FAQs/fontguide.html. Some of the text in this guide is applicable only to OpenOffice 1.x and therefore may be obsolete for OpenOffice 3.1 and above.

  • Importing Fonts into OpenOffice 2.1 at http://openoffice.blogs.com/openoffice/2007/02/font_import_wiz.html. Even though this blog mentions OpenOffice 2.1, the instructions that are mentioned should be applicable to OpenOffice 3.1 and later

6.12.8.4 Adding new fonts to other applications

If you added support for PDF creation in other applications, see the Help for these applications to add new fonts. In Windows, copying your custom fonts to the C:\Windows\Fonts (or equivalent) folder should be sufficient.

6.12.9 Configuring HTML to PDF conversions

The HTML-to-PDF conversion process is designed to use the settings from Acrobat XI that override the settings from PDF Generator.

Note: This configuration is required to enable the HTML-to-PDF conversion process, otherwise this conversion type will fail.

  1. Install and validate Acrobat as described in 6.12.4 Configuring Acrobat .

  2. Locate the pdfgen.api file in the [aem-forms root] \plugins\x86_win32 directory and copy it to [Acrobat root] \Acrobat\plug_ins directory.

6.12.9.1 Enabling support for Unicode fonts in HTML to PDF conversions

Important: The HTML-to-PDF conversion fails if a zipped input file contains HTML files with double-byte characters in filenames. To avoid this problem, do not use double-byte characters when naming HTML files.

  1. Copy the Unicode font to any of the following directories as appropriate for your system:

    • [Windows root] \Windows\fonts

    • [Windows root] \WINNT\fonts

  2. Modify the font-name mapping in the cffont.properties file located in the [aem-forms root] /adobe-generatepdf-dsc.jar file:

    • Extract this archive, and locate the cffont.properties file and open it in an editor.

    • In the comma-separated list of Java font names, add a map to your Unicode system font for each font type. In the example below, kochi mincho is the name of your Unicode system font.

      dialog=Arial, Helvetica, kochi mincho

      dialog.bold=Arial Bold, Helvetica-Bold, kochi mincho ...

    • Save and close the properties file, and then repackage and redeploy the adobe-generatepdf-dsc.jar file.

    Note: On a Japanese operating system, specify the font mapping in the cffont.properties.ja file as well, which takes precedence over the standard cffont.properties file.

  3. Ensure that the courier fonts are available at the specified location.

    Fonts in the list are searched from left to right, using the first font found. HTML-to-PDF conversion logs return a list of all the font names that are found in the system. To determine the font name you need to map, add the font to one of the directories above, restart the server, and run a conversion. You can determine from the log files the font name to use for mapping.

    To embed the font in the generated PDF files, set the embedFonts property in the cffont.properties file to true (the default is false ).

  4. On RedHat Enterprise Linux 6.x, the courier fonts are not available, download the font-ibm-type1-1.0.3.zip archive. Extract the archive at /usr/share/fonts. Note: Ensure that you read and accept the license.

    Note: Ensure that you read and accept the license.

  5. Create a symbolic link from /usr/share/X11/fonts to /usr/share/fonts.

  6. Delete all the .lst font cache files from the Html2PdfSvc/bin and /usr/share/fonts directories.

6.12.10 Installing the PDF Generator Network Printer client

PDF Generator includes an executable file to install the PDF Generator network printer on a client computer. After the installation is complete, a PDF Generator printer is added to the list of existing printers on the client computer. This printer can then be used to send documents for conversion to PDF.

Note: The Network Printer Client installation wizard available in the administration console is supported only on Windows operating system. Ensure that you use a 32-bit JVM to launch the Network Printer Client installation wizard. You will encounter an error if you use a 64-bit JVM.

If the PDFG Network Printer fails to install on Windows, use the operating system’s native Add Printer utility and configure it as described in 6.12.10.2 Configure PDF Generator Network Printer on Windows using the native Add Printer wizard .

6.12.10.1 Install the PDF Generator Network Printer Client

Note: Before installing the PDF Generator network printer client on Windows Server 2008, Ensure that you have the Internet Printing Client feature installed on your Windows Server 2008. For installing the feature, see Windows Server 2008 Help.

  1. Ensure that you successfully installed PDF Generator on your server.

  2. Do one of the following:

    • From a Windows client computer, enter the following URL in your web browser, where [host] is the name of the server where you installed PDF Generator and [port ] is the application server port used: 
      http://[host]:[port]/pdfg-ipp/install

    • In administration console, click Home > Services > PDF Generator Evaluation > PDFG Network Printer . In the PDFG Network Printer Installation section, click Click here to launch the PDFG Network Printer Installation.

  3. On the Configure Internet Port screen, select Use the specified user account and provide the credentials of a AEM forms on JEE user who has the PDFG Administrator/User role. This user must also have an email address that can be used to receive the converted files. To have this security setting applied to all users on the client computer, select Use the same security options for all users , and then click OK .
    Note: If the users’ password changes, then users will need to reinstall the PDFG Network Printer on their computers. You cannot update the password from administration console.

    Upon successful installation, a dialog box appears, indicating that “The Printer PDF Generator has been successfully installed.”

  4. Click OK . You will now have a printer named PDF Generator in your list of available printers.

6.12.10.2 Configure PDF Generator Network Printer on Windows using the native Add Printer wizard

  1. Click Start > Printers and Faxes and double-click Add Printer .

  2. Click Next , select A network printer, or a printer attached to another computer , and then click Next .

  3. Select Connect to a printer on the internet or on a home or office network and type the following URL for the PDFG printer, where [host] is the server name and [port] is the port number where the server is running: 

    http://[host]:[port]/pdfg-ipp/printer

  4. On the Configure Internet Port screen, select Use the specified user account and provide valid User Management credentials.

  5. In the Printer Driver Select box, choose any standard PostScript-based printer driver (for example, HP Color LaserJet PS).

  6. Complete the installation by choosing appropriate options (for example, setting this printer as default).

Note: The user credentials used while adding the printer must have a valid email ID configured in User Management to receive the response.

Configure the email service’s sendmail service. Provide a valid SMTP server and authentication information in the service’s configuration options.

6.12.10.3 Install and configure the PDF Generator Network Printer Client using Proxy server port forwarding

  1. Configure port forwarding on the CC Proxy server on a particular port to the AEM forms on JEE server, and disable the authentication at proxy server level (since AEM forms on JEE uses its own authentication). If a client connects to this Proxy server on the forwarded port, then all the requests will be forwarded to the AEM forms on JEE server.

  2. Install PDFG Network Printer using the following URL: 

    http://[proxy server]:[forwarded port]/pdfg-ipp/install.

  3. Provide the necessary credentials for authentication of the PDFG Network Printer.

  4. The PDFG Network Printer will be installed on the client machine which you can use for PDF conversion using the firewall protected AEM forms on JEE server.

6.12.11 Enable PDF Conversion for Microsoft Word document containing protected fields

The PDF Generator supports Microsoft Word documents containing protected fields. To enable PDF Conversion for Microsoft Word document containing protected fields, change the file type settings:

  1. In the administration console , navigate to Services > PDF Generator > File Type Settings , and open your file type settings profile.

  2. Expand the Microsoft Word option and select the Preserve document markup in Adobe PDF (for Microsoft Office 2003 or later) option.

  3. Click Save As , specify name of the file type setting, and click OK .

6.13 Configuring Connector for EMC Documentum

Note: AEM forms on JEE supports EMC Documentum, versions 6.7 SP1 and 7.0 only. Make sure your ECM is upgraded accordingly.

If you installed Connector for EMC Documentum as part of your AEM forms on JEE solution, complete the following procedure to configure the service to connect to the Documentum repository.

Configure Connector for EMC Documentum

  1. Locate the adobe-component-ext.properties file in the [JBoss root] /bin folder (if the file does not exist, create it).

  2. Add a new system property that provides the following Documentum Foundation Classes JAR files:

    • dfc.jar

    • aspectjrt.jar

    • log4j.jar

    • jaxb-api.jar

    • configservice-impl.jar

    • configservice-api.jar

    • commons-codec-1.3.jar

    • commons-lang-2.4.jar

    The new system property should take on this form: 

    [component id].ext=[JAR files and/or folders]

    For example, using default Content Server and Documentum Foundation Classes installations, add to the file one of the following system properties on a new line, with no line breaks, and end the line with a carriage return:

    • Connector for EMC Documentum 6.7 SP1 and 7.0 only: 

      com.adobe.livecycle.ConnectorforEMCDocumentum.ext= 
C:/Program Files/Documentum/Shared/dfc.jar, 
C:/ProgramFiles/Documentum/Shared/aspectjrt.jar, 
C:/Program Files/Documentum/Shared/log4j.jar, 
C:/Program Files/Documentum/Shared/jaxb-api.jar, 
C:/Program Files/Documentum/Shared/configservice-impl.jar, 
C:/Program Files/Documentum/Shared/configservice-api.jar 
C:/Program Files/Documentum/Shared/commons-codec-1.3.jar 
C:/Program Files/Documentum/Shared/commons-lang-2.4.jar
      Note: The above text contains formatting characters for line breaks. If you copyremove the formatting characters. and paste this text, you must remove the formatting characters.

  3. Open a web browser and enter this URL: 

    http://[host]:[port]/adminui

  4. Log in using the default user name and password:

    User name : administrator

    Password : password

  5. Navigate to Services > Connector for EMC Documentum > Configuration Settings and perform these tasks:

    • Type all the required Documentum repository information.

    • To use Documentum as your repository provider, under Repository Service Provider Information, select EMC Documentum Repository Provider , and then click Save . For more information, click the Help link in the upper-right corner of the page in the Administration help .

  6. (Optional) Navigate to Services > Connector for EMC Documentum > Repository Credentials Settings , click Add , specify the Docbase information, and then click Save . (For more information, click Help in the upper-right corner.)

  7. If the application server is not currently running, start the server. Otherwise, stop and then restart the server.

  8. Open a web browser and enter this URL. 

    http://[host]:[port]/adminui

  9. Log in using the default user name and password:

    User name : administrator

    Password : password

  10. Navigate to Services > Applications and Services > Service Management and select these services:

    • EMCDocumentumAuthProviderService

    • EMCDocumentumContentRepositoryConnector

    • EMCDocumentumRepositoryProvider

  11. Click Start . If any of the services do not start correctly, check the settings you completed earlier.

  12. Do one of the following tasks:

    • To use the Documentum Authorization service (EMCDocumentumAuthProviderService) to display content from a Documentum repository in the Resources view of Workbench, continue with this procedure. Using the Documentum Authorization service overrides the default AEM forms on JEE authorization and must be configured to log in to Workbench using Documentum credentials.

    • To use the AEM forms on JEE repository, log in to Workbench by using the AEM forms on JEE super administrator credentials (by default, administrator and password ).

    You have now completed the required steps for this procedure. Use the credentials provided in step 19 for accessing the default repository in this case and use the default AEM forms on JEE authorization service.

  13. Restart the application server.

  14. Log in to administration console and click Settings > User Management > Domain Management .

  15. Click New Enterprise Domain , and type a domain ID and name. The domain ID is the unique identifier for the domain. The name is a descriptive name for the domain.

    Note: Use only single-byte (ASCII) characters for the ID. (See “Adding enterprise domains” in administration help .)

  16. Add a custom authentication provider:

    • Click Add Authentication .

    • In the Authentication Provider list, select Custom .

    • Select EMCDocumentumAuthProvider and then click OK .

  17. Add an LDAP authentication provider:

    • Click Add Authentication .

    • In the Authentication Provider list, select LDAP , and then click OK .

  18. Add an LDAP directory:

    • Click Add Directory .

    • In the Profile Name box, type a unique name, and then click Next .

    • Specify values for the Server , Port , SSL , Binding , and Populate page with options. If you select User for the Binding option, you must also specify values for the Name and Password fields.

    • (Optional) Select Retrieve Base DN to retrieve base domain names, as required.

    • Click Next , configure the user settings, click Next , configure group settings, as required, and then click Next .

      For details about the settings, click User Management Help in the upper-right corner of the page.

  19. Click OK to exit the Add Directory page and then click OK again.

  20. Select the new enterprise domain and click Sync Now . Depending on the number of users and groups in your LDAP network and the speed on your connection, the synchronization process may take several minutes.

    (Optional) To verify the status of the synchronization, click Refresh and view the status in the Current Sync State column.

  21. Navigate to Settings > User Management > Users and Groups .

  22. Search for users that were synchronized from LDAP and perform these tasks:

    • Select one or more users and click Assign Role .

    • Select one or more AEM forms on JEE roles and click OK .

    • Click OK a second time to confirm the role assignment.

      Repeat this step for all users that you assign roles to. For more information, click User Management Help in the upper-right corner of the page.

  23. Start Workbench and log in by using the credentials for the Documentum repository:

    Username : [ username ]@[ repository_name ]

    Password : [ password ]

    After you log in, the Documentum repository appears in the Resources view within Workbench. If you do not log in using the username@repository_name , Workbench attempts to log in to the default repository.

  24. (Optional) To install the AEM forms on JEE Samples for Connector for EMC Documentum, create a Documentum repository named Samples, and then install the samples in that repository.

After you configure the Connector for EMC Documentum service, see administration help for information about configuring Workbench with your Documentum repository.

6.14 Configuring the Connector for IBM Content Manager

Note: See the Supported Platform Combinations document and ensure that the suppoted version of ECM is installed.

If you installed the Connector for IBM Content Manager as part of your AEM forms on JEE solution, complete the following procedure to configure the service to connect to the IBM Content Manager datastore.

Configure Connector for IBM Content Manager

  1. Locate the adobe-component-ext.properties file in the [JBoss root] /bin folder. If the file does not exist, create it.

  2. Add a new system property that provides the location of the following IBM II4C JAR files:

    • cmb81.jar

    • cmbcm81.jar

    • cmbicm81.jar

    • cmblog4j81.jar

    • cmbsdk81.jar

    • cmbutil81.jar

    • cmbutilicm81.jar

    • cmbview81.jar

    • cmbwas81.jar

    • cmbwcm81.jar

    • cmgmt

    Note: cmgmt is not a JAR file. On Windows, by default, this folder is at C:/Program Files/IBM/db2cmv8/ .

    • common.jar

    • db2jcc.jar

    • db2jcc_license_cisuz.jar

    • db2jcc_license_cu.jar

    • ecore.jar

    • ibmjgssprovider.jar

    • ibmjsseprovider2.jar

    • ibmpkcs.jar

    • icmrm81.jar

    • jcache.jar

    • log4j-1.2.8.jar

    • xerces.jar

    • xml.jar

    • xsd.jar

    The new system property looks similar to the following: 

    [component id].ext=[JAR files and/or folders]

    For example, using a default DB2 Universal Database Client and II4C installation, in the file, add the following system property on a new line, with no line breaks, and end the line with a carriage return: 

            C:/Program Files/IBM/db2cmv8/cmgmt, 
        C:/Program Files/IBM/db2cmv8/java/jre/lib/ibmjsseprovider2.jar, 
        C:/Program Files/IBM/db2cmv8/java/jre/lib/ibmjgssprovider.jar, 
        C:/Program Files/IBM/db2cmv8/java/jre/lib/ibmpkcs.jar, 
        C:/Program Files/IBM/db2cmv8/java/jre/lib/xml.jar, 
        C:/Program Files/IBM/db2cmv8/lib/cmbview81.jar, 
        C:/Program Files/IBM/db2cmv8/lib/cmb81.jar, 
        C:/Program Files/IBM/db2cmv8/lib/cmbcm81.jar, 
        C:/Program Files/IBM/db2cmv8/lib/xsd.jar, 
        C:/Program Files/IBM/db2cmv8/lib/common.jar, 
        C:/Program Files/IBM/db2cmv8/lib/ecore.jar, 
        C:/Program Files/IBM/db2cmv8/lib/cmbicm81.jar, 
        C:/Program Files/IBM/db2cmv8/lib/cmbwcm81.jar, 
        C:/Program Files/IBM/db2cmv8/lib/jcache.jar, 
        C:/Program Files/IBM/db2cmv8/lib/cmbutil81.jar, 
        C:/Program Files/IBM/db2cmv8/lib/cmbutilicm81.jar, 
        C:/Program Files/IBM/db2cmv8/lib/icmrm81.jar, 
        C:/Program Files/IBM/db2cmv8/lib/db2jcc.jar, 
        C:/Program Files/IBM/db2cmv8/lib/db2jcc_license_cu.jar, 
        C:/Program Files/IBM/db2cmv8/lib/db2jcc_license_cisuz.jar, 
        C:/Program Files/IBM/db2cmv8/lib/xerces.jar, 
        C:/Program Files/IBM/db2cmv8/lib/cmblog4j81.jar, 
        C:/Program Files/IBM/db2cmv8/lib/log4j-1.2.8.jar, 
        C:/Program Files/IBM/db2cmv8/lib/cmbsdk81.jar, 
        C:/Program Files/IBM/db2cmv8/lib/cmbwas81.jar

  3. If the application server is not currently running, start the server; otherwise, stop and then restart the server.

You can now connect to the IBM Content Manager datastore from the IBMCMConnectorService Property Sheets by using the Use User Credentials as the login mode.

You have now completed the required steps for this procedure.

(Optional) If you want to connect to IBM Content Manager datastore from IBMCMConnectorService Property Sheets by using the Use Credentials From Process Context as the login mode, complete the following procedure.

Connect using Use Credentials from process context login mode

  1. Open a web browser and enter this URL:

    http:// [host] : [port] /adminui

  2. Log in using the super administrator credentials. Default values set during installation are:

    User name: administrator

    Password: password

  3. Click Services > Connector for IBM Content Manager > Configuration Settings .

  4. Type all of the required repository information and click Save . For more information about the IBM Content Manager repository information, click the Help link in the upper-right corner of the page.

  5. Do one of these tasks:

    • To use the IBM Content Manager Authorization service (IBMCMProviderService) to use content from an IBM Content Manager datastore, in the Processes view of Workbench, continue with this procedure. Using the IBM Content Manager Authorization service overrides the default AEM forms on JEE authorization and must be configured to log in to Workbench by using IBM Content Manager credentials.

    • To use the System Credentials provided in step 4 to use content from an IBM Content Manager datastore, in the Processes view of Workbench, log in to Workbench by using the AEM forms on JEE super administrator credentials (by default, administrator and password ). You have now completed the required steps for this procedure. The System Credentials that are provided in step 4 use the default AEM forms on JEE authorization service for accessing the default repository in this case.

  6. Log in to the administration console, and click Settings > User Management > Domain Management .

  7. Click New Enterprise Domain and type a domain ID and name. The domain ID is the unique identifier for the domain. The name is a descriptive name for the domain.

    Note: Use only single-byte (ASCII) characters for the ID. (See Adding enterprise domains in administration help .)
    Note: When using MySQL for your AEM forms on JEE database, use only single-byte (ASCII) characters for the ID. (See “Adding enterprise domains” in administration help .)

  8. Add a custom authentication provider:

    • Click Add Authentication .

    • In the Authentication Provider list, select Custom , and then select IBMCMAuthProviderService and click OK .

  9. Add an LDAP authentication provider:

    • Click Add Authentication .

    • In the Authentication Provider list, select LDAP and then click OK .

  10. Add an LDAP directory:

    • Click Add Directory .

    • In the Profile Name box, type a unique name, and then click Next .

    • Specify values for the Server , Port , SSL , Binding , and Populate page with options. If you select User for the Binding option, you must also specify values for the Name and Password fields. (Optional) Select Retrieve Base DN to retrieve base domain names, as required. When finished, click Next .

    • Configure the user settings, click Next , configure group settings as required, and then click Next .

    For details about the above settings, click the Help link in the upper-right corner of the page.

  11. Click OK to exit the Add Directory page and click OK again.

  12. Select the new enterprise domain and click Sync Now . Depending on the number of users and groups in your LDAP network and the speed on your connection, the synchronization process may take several minutes.

  13. To verify the status of the synchronization, click Refresh and view the status in the Current Sync State column.

  14. Navigate to Settings > User Management > Users and Groups .

  15. Search for users that were synchronized from LDAP and do these tasks:

    • Select one or more users and click Assign Role .

    • Select one or more AEM forms on JEE roles and click OK .

    • Click OK a second time to confirm the role assignment.

    Repeat this step for all users that you want to assign roles to. For more information, click the Help link in the upper-right corner of the page.

  16. Start Workbench and log in using the following credentials for IBM Content Manager datastore:

    Username: [username]@[repository_name]

    Password: [password]

    The IBM Content Manager datastore can now be used in the Processes view within Workbench when the login mode for IBMCMConnectorService orchestrable components is selected as Use Credentials from process context.

6.15 Configuring the Connector for IBM FileNet

AEM forms supports IBM FileNet, versions 5.0 and 5.2 only. Make sure your ECM is upgraded accordingly.

Note: AEM forms supports FileNet 5.2 Content Engine; FileNet 5.2 Process Engine is not supported.

If you installed Connector for IBM FileNet as part of your AEM forms, you must configure the service to connect to the FileNet object store.

  1. Add a new system property that provides the location of these FileNet Application Engine JAR files:

    For FileNet 5.x add following JAR files

    • Jace.jar

    • javaapi.jar

    • log4j.jar

    • pe.jar

    • stax-api.jar

    • xlxpScanner.jar

    • xlxpScannerUtils.jar

    Note: Add the pe.jar file only if your deployment uses the IBMFileNetProcessEngineConnector service. The new system property should reflect this structure: 
    [component id].ext=[JAR files and/or folders]

    For example, using a default FileNet Application Engine installation on a Windows operating system, add the following system property on a new line with no line breaks and end the line with a carriage return:

    Note: The following text contains formatting characters for line breaks. If you copy this text to a location outside this document, remove the formatting characters when you paste it to the new location. 
    com.adobe.livecycle.ConnectorforIBMFileNet.ext= 
C:/Program Files/FileNet/AE/CE_API/lib2/javaapi.jar, 
C:/Program Files/FileNet/AE/CE_API/lib2/log4j-1.2.13.jar

  2. (FileNet Process Engine Connector only) Configure the connection properties for the process engine as follows:

    • Using a text editor, create a file with the following content as a single line and end the line with a carriage return:

      (FileNet 5.0 only) 

      RemoteServerUrl = cemp:http://[contentserver_IP]:[contentengine_port]/wsi/FNCEWS40DIME/

      (FileNet 5.2 only) 

      RemoteServerUrl = cemp:http://[contentserver_IP]:[contentengine_port]/wsi/FNCEWS40MTOM/

    • Save the file as WcmApiConfig.properties in a separate folder, and add the location of the folder that contains the WcmApiConfig.properties file to the adobe-component-ext.properties file.

      For example, if you save the file as c:/pe_config/WcmApiConfig.properties, add the path c:/pe_config to the adobe-component-ext.properties file.

      Note: The filename is case-sensitive.

  3. If the application server is not currently running, start the server. Otherwise, stop and then restart the server.

  4. Open a web browser and enter this URL:

    http://[host]:[port]/adminui

  5. Log in using the default user name and password:

    User name : administrator

    Password : password

  6. Click Services > Connector for IBM FileNet .

  7. Provide the Content Engine URL. For example, cemp:http://ContentEngineHostNameorIP:port/wsi/FNCEWS40MTOM?jaasConfigurationName=FileNetP8WSI

  8. Provide all of the required FileNet repository information and, under Repository Service Provider Information, select IBM FileNet Repository Provider .

    If your deployment uses the optional process engine service, under Process Engine Settings, select Use Process Engine Connector Service and specify the process engine settings. For more information, click the Help link in the upper-right corner of the page.

    Note: The credentials that you provide in this step are validated later when you start the IBM FileNet repository services. If the credentials are not valid, an error is thrown and the services will not start.

  9. Click Save and navigate to Services > Applications and Services > Service Management .

  10. Select the check box next to each of these services and then click Start :

    • IBMFileNetAuthProviderService

    • IBMFileNetContentRepositoryConnector

    • IBMFileNetRepositoryProvider

    • IBMFileNetProcessEngineConnector (if configured)

    If any of the services do not start correctly, verify the Process Engine settings.

  11. Do one of the following tasks:

    • To use the FileNet Authorization service (IBMFileNetAuthProviderService) to display content from a FileNet object store in the Resources view of Workbench, continue with this procedure. Using the FileNet Authorization service overrides the default AEM forms authorization and must be configured to log in to Workbench by using FileNet credentials.

    • To use the AEM forms repository, log in to Workbench by using the super administrator credentials (by default, administrator and password ). The credentials provided in step 16 use the default AEM forms authorization service for accessing the default repository in this case.

  12. Restart your application server.

  13. Log in to administration console and click Settings > User Management > Domain Management .

  14. Click New Enterprise Domain and then type a domain ID and name. The domain ID is the unique identifier for the domain. The name is a descriptive name for the domain.

  15. Add a custom authentication provider:

    • Click Add Authentication .

    • In the Authentication Provider list, select Custom .

    • Select IBMFileNetAuthProviderService and then click OK .

  16. Add an LDAP authentication provider:

    • Click Add Authentication .

    • In the Authentication Provider list, select LDAP and then click OK .

  17. Add an LDAP directory:

    • Click Add Directory and, in the Profile Name box, type a unique name, and then click Next .

    • Specify values for the Server , Port , SSL , Binding , and Populate page with options. If you select User for the Binding option, you must also specify values for the Name and Password fields.

    • (Optional) Select Retrieve Base DN to retrieve base domain names, as required. When finished, click Next .

    • Configure the user settings, click Next , configure group settings as required, and then click Next .

      For details about the settings, click Help link in the upper-right corner of the page.

  18. Click OK to exit the Add Directory page, and then click OK again.

  19. Select the new enterprise domain and click Sync Now . Depending on the number of users and groups in your LDAP network and the speed on your connection, the synchronization process may take several minutes.

    (Optional) To verify the status of the synchronization, click Refresh and view the status in the Current Sync State column.

  20. Navigate to Settings > User Management > Users and Groups .

  21. Search for users that were synchronized from LDAP and perform these tasks:

    • Select one or more users and click Assign Role .

    • Select one or more AEM forms roles and click OK .

    • Click OK a second time to confirm the role assignment.

    Repeat this step for all users you want to assign roles to. For more information, click the Help link in the upper-right corner of the page.

  22. Start Workbench and log in using the following credentials for the IBM FileNet repository:

    User name: [username]@[repository_name]

    Password: [password]

    The FileNet object store should now be visible in the Resources view within Workbench. If you do not log in using the username @ repository name , Workbench attempts to log in to the default repository specified in step 16.

  23. (Optional) If you intend to install the AEM forms Samples for Connector for IBM FileNet, create a FileNet object store named Samples and install the samples in that object store.

    After you configure Connector for IBM FileNet, it is recommended that you see administration help for information about configuring Workbench functions properly with your FileNet repository.

6.16 Configuring Kerberos authentication support for AEM forms on JEE Connector for Microsoft SharePoint

  1. Navigate to [aem-forms root]/jboss/standalone/configuration.

  2. Open lc_turnkey.xml file for editing.

  3. Add following text to lc_turnkey.xml file: 
    <security-domain name="LC_SP_CONNECTOR"> 
<authentication> 
<login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required"> </login-module> 
</authentication> 
</security-domain>

  4. Navigate to [aem-forms root]/jboss/bin

  5. Create a file named krb5.conf

  6. Modify following text according to your envrionment settings. Add modified text to krb5.conf file: 

    [libdefaults] 
default_realm = SP.COM 
default_checksum = rsa-md5 
[realms] 
SP.COM = { 
kdc = hostname.sp.com 
} 
[domain_realm] 
.sp.com = SP.COM

    Note: You must ensure that ,

    • SP.COM is replaced with the domain name in capital letters.

    • hostname.sp.com is replaced with fully qualified domain name of the domain controller and domain name is in small letters.

    • .sp.com with replaced with domain name in small letters prefixed with a period (.).

  7. Copy file addSpnego.mar from [ aem-forms root]/configurationManager/bin/Kerberos/modules/ to [aem-forms root]/jboss /bin/modules/ directory.
    Note: If the directory named modules does not exists, create it.

  8. Restart JBoss Server to complete the configuration.

6.17 Performing a system image backup

After AEM forms on JEE is installed and deployed into production areas and before the system is live, it is recommended that you perform a system image backup on servers to which AEM forms on JEE is configured and deployed. The AEM forms on JEE database, GDS directory, and application servers must be part of this backup. This is a complete system backup that you can use to restore the contents of your computer if your hard drive or entire computer stops working. See the “AEM forms on JEE Backup and Recovery” topic in administration help .

6.18 Uninstalling AEM forms on JEE

The AEM forms on JEE uninstaller allows you to selectively remove JBoss, MySQL or AEM forms on JEE components if you have a turnkey installation. Before removing MySQL, back up any data you want to keep.

  1. Select Start > Control Panel > Add or Remove Programs , click Adobe Experience Manager forms and click Uninstall /Change .

  2. On the Uninstall Adobe Experience Manager forms screen, click Next .

  3. On the Remove Turnkey Products screen, select JBoss and MySQL to remove these components along with the AEM forms components. Click Next .

  4. On the Stop Enterprise Suite services, click Uninstall .

  5. Follow the on-screen instructions and then click Finish .

  6. Restart your computer if prompted to do so.

Note: If you choose to retain JBoss/MySQL while uninstalling AEM forms, you can remove these applications later using the Add or Remove Programs utility in Microsoft Windows. Attempts to remove JBoss/MySQL may fail if a JDK is not installed on the server.

// Ethnio survey code removed