Okay, all over Lotusphere, all I heard about Workplace Services Express is “3 Discs, 30 Minute install.” Over and Over again. It was something they wanted to hammer home to you, in fact Ambuj even made it a point of pride. Well I’m here to tell you, it’s simply bullshit. Oh, they aren’t lying if you plan on firing it up out of the box. Then you MAY hit 30 minutes before you log in for the first time (accepting all defaults and not configuring anything of course.) But lets see you try to set up your Domino LDAP Directory for integration purposes. I tried for about 30 HOURS before I gave up. And no, I’m NOT exaggerating.
You see, my company is heavily invested in Domino. We use it for mail, and Notes databases, web-based customer facing databases, and Sametime. It’s pretty core to our day-to-day. So, we obviously do not want to replace it. We love it. However, we DO want the document management and portal capabilities that Workplace Services Express promises. We think it will be a perfect marriage of products that will complement each other well. But, in order for that to be feasible, we want to be able to authenticate against Domino instead of the built-in database. We don’t want a another password.
So I figure, no problem, I’ll just configure WSE to talk to Domino. They say it can be done. Then I started to look at the directions. They entail the following:
- create 3 admin accounts and one admin group in your NAB
- Customize your NAB (Domino Directory) to add a dominoUNID field to the People, Group and Server/Certifier forms
- Run an agent to populate those fields
- reload your LDAP schema
- edit four different text files to add a ton of data
- run a wizard (BAT files nonetheless) to disable security
- run that same wizard to re-enable security
- Once that’s finished you SHOULD be able to start the server
The problem here is that I cannot get the Disable Security wizard to finish. It always gets to 81% and then fails. And the kicker is, it won’t let you run it again, because it says that the security is already disabled. The end result is that if it bombs during this process, you have to uninstall and reinstall the whole damn thing. I’ve verified this with several other guys in the community that have had similiar problems. It also says that it will detail the error in the log, but I cannot see anything in the log that would indicate to me what the error was… Now on Declan’s blog, he has this post that says you have to edit another file that they forgot to put in the instructions. Well I did that to no avail as well. Even if it HAD worked for me, how the hell was I supposed to know that? I’m not fucking clairvoyant.
And what’s with having to customize your NAB? I have the necessary skills to do so, but what about the target audience for this? The audience was people who didn’t really have a huge IT staff to run the thing. Well too bad if you want any damn integration at all. Unless of course you want to pay IBM global services. Grrrrr…
Here’s how it SHOULD work. At the end of the install wizard there should be a config section. It should ask you HOW you want to authenticate. Domino Directory via LDAP, Active Directory, Built-In Database etc. Once you choose Domino Directory, it should ask you for the necessary information: Admin Name, LDAP server name, Admin password…etc. Have a test button to test connectivity, click it and if all is well, auto set up the thing.
As a Domino guy, I’ve grown accustomed to how easy and straightforward it is to install Domino. In order for me to ever recommend Workplace Services Express, they need to fix this install. If they don’t, this will be doomed in Domino shops. And I’ll help spread the word to make sure that happens. You know how much I love Lotus if you read this blog at all, so for me to take this stance shows you how serious I am.
Anyway, I did finally just set it up with an out-of-the-box config so I could play around with it and demo it. One thing that I thought was very peculiar was this prompt when I tried to enter a fairly complex password:
Allowed characters are letters,numbers, ‘.’, ‘-‘, ‘_’
ONLY letters, numbers and a period, dash or underscore??? Nothing else? THAT just SCREAMS security to me. Gawd…
Also, I haven’t even gotten to the performance. I’m running this on Win2K3 on a dual 2.7 GHz hyper-threaded Xeon box with 3GB of RAM. It’s networked via a gigabit interface running full bore. It’s slow. Quite slow. Slow enough to be noticable to non-techies. It’s the round-trips that this thing makes to the server when changing pages around that are really the bottleneck I think.
And since I never got LDAP working I didn’t even get into making this crap connect to Sametime. I’ve seen entire Redbooks devoted to the gateways needed to pull THAT one off…
The thing that frustrates me so much, is that this software shows so much promise, and the execution is downright atrocious. I’m going to a roadshow about this in Chicago in the beginning of June, and somewhere around there is when version 2.5 is supposed to be released. It had BETTER fix some of these problems. If it doesn’t, then the folks at that roadshow are going to get an ear full.
If 2.5 still isn’t ready for primetime, then I’ll be looking elsewhere. LiveLink perhaps? And heaven forbid SHAREPOINT? C’mon Lotus, do NOT disappoint me this way. Last week’s customer service was bad enough. Please don’t do it again.