The IBM TRIRIGA Workplace Reservation Manager application is designed to be a fully functional stand- alone product and does not require any other application to function. IBM TRIRIGA Workplace
Reservation Manager is intended for customers who require advanced reservation management including room setup and breakdown, food services, and utilization of existing IBM TRIRIGA Portfolio Data Manager resources including locations (e.g., spaces, meeting rooms), assets (e.g., projectors) and people.
Microsoft Exchange Integration
Many customers have deployed Microsoft Exchange and the Microsoft Outlook client for email and calendaring. In order to facilitate the use of these products together the following integration has been provided:
Users can access their Microsoft Exchange/Outlook address book as an alternate method for selecting meeting attendees.
On submit of an IBM TRIRIGA Workplace Reservation Manager appointment a corresponding Microsoft Exchange/Outlook appointment is created, populated with meeting attendees, and sent through the Exchange Server.
On revise/resubmit of an IBM TRIRIGA Workplace Reservation Manager appointment the corresponding Microsoft Exchange/Outlook appointment is revised.
On cancel of an IBM TRIRIGA Workplace Reservation Manager appointment the corresponding Microsoft Exchange/Outlook appointment is cancelled.
IBM TRIRIGA Workplace Reservation Manager appointments will be displayed when viewing your Microsoft Exchange/Outlook calendar.
Microsoft Exchange/Outlook appointments will display when viewing your IBM TRIRIGA Workplace Reservation Manager calendar.
IBM TRIRIGA Reservation notifications will be sent to Microsoft Exchange/Outlook email if an external email address has been provided for that person. This notification will be sent on any create/edit/delete action.
IBM TRIRIGA Reservations that have resources will have the corresponding Exchange mailboxes auto-accept the meeting.
The Microsoft Exchange/Outlook application also contains Tasks and Contacts, which are not integrated with IBM TRIRIGA Workplace Reservation Manager. Presently there are no plans to integrate these into the IBM TRIRIGA Enterprise Workplace Management System.
Viewing IBM TRIRIGA Appointments in Microsoft Outlook
When using the Microsoft Exchange/Outlook integration users will be able to view their IBM TRIRIGA appointments directly from their Outlook interface.
A hyperlink is appended to the Outlook appointment that, when selected, will open the corresponding IBM TRIRIGA reservation. All modifications to the appointment should be done through the IBM TRIRIGA reservation.
Viewing Microsoft Outlook Appointments in IBM TRIRIGA
When using the Microsoft Exchange/Outlook integration users will be able to view their IBM TRIRIGA appointments and their non-IBM TRIRIGA appointments (appointments that are on the users’ Microsoft Exchange/Outlook calendar but are not IBM TRIRIGA reservations). These non-IBM TRIRIGA managed appointments are included so a user can see all calendar commitments (both IBM TRIRIGA and Microsoft Exchange/Outlook) when creating a new reservation.
Non-IBM TRIRIGA managed appointments are displayed in a ‘blue’ color on the users My Calendar interface. Non-IBM TRIRIGA managed Exchange appointments may also be created from the IBM TRIRIGA calendar.
Microsoft Exchange Integration
This section provides a more in-depth view of the communication and level of integration with Microsoft Exchange Server. It is targeted at a technical audience having sufficient experience with MS Exchange, MS IIS and Java.
The IBM TRIRIGA Workplace Reservation Manager product has the added optional functionality of integrating with Microsoft Exchange or Lotus Notes server.
The Reserve application if integrated will create appointments and/or reservations within Microsoft Exchange on behalf of the user, asset and/or location.
Furthermore the IBM TRIRIGA Workplace Reservation Manager application will show the already existing meetings within the ‘My Calendar’ object, so that double booking can be avoided. The system adheres to Microsoft’s guidelines and uses WebDAV to communicate with Microsoft
Exchange.
For example, if an appointment is marked private by a user, the appointment subject is replaced with ‘Private Meeting’ however the time is ‘blocked off’ from the calendar. This is similar in functionality to the Microsoft Outlook client.
WebDAV Information
Items in the Exchange store are being accessed remotely using the WebDAV protocol, defined in RFC 2518. This protocol extends the HTTP 1.1 protocol, defined by RFC 2616, to provide additional methods and capabilities. It provides a means to access both the contents of an item and an extensible set of associated properties.
Security Criteria
Criteria HTTP/Web Distributed Authoring and Versioning (WebDAV)
Design-Time Permissions No special developer permissions are required for using WebDAV with an Exchange server. The Exchange server must be configured to allow WebDAV access, and the developer must have permissions to access the data the application will use.
Setup Permissions Because applications that use WebDAV run on either the client- or middle-tier, there are typically no special Exchange server
permissions needed for setup. If the Setup program makes changes in the Exchange store, the user running Setup must have the necessary permissions to make those changes.
Run-Time Permissions The run-time permissions needed by applications that use WebDAV depend entirely upon the authentication/authorization methods used between the client and the WebDAV virtual server. When the
application tier that uses WebDAV to the Exchange server is a small number of computers, often the virtual server is configured to allow connections from only those middle-tier computers.
Built-in Security Features WebDAV virtual servers by default use Basic or NTLM authentication, and anonymous access is disabled. Because WebDAV transmits data in plaintext across the network, Exchange WebDAV virtual servers that transmit sensitive data should use SSL/TLS.
Security Monitoring Features WebDAV
IBM TRIRIGA Calls Using WebDAV
The following information describes the transactions that the IBM TRIRIGA Workplace Reservation Manager product makes with external mail servers such as Microsoft Exchange or Lotus Notes. These transactions are made via WebDAV.
Create Meetings – Create calendar meetings, which include attendees and resources. The meeting can also be a recurring meeting as well as exceptions.
Update Meetings – Meetings can be updated. Appointment information can be changed, as well as the start and end times. Attendees and resources can be added and deleted.
Submit Meetings – Meetings that have been created, updated, or deleted optionally can be submitted, which sends the requests out to the invitees.
Query Information – Querying the Exchange server for appointment information such as appointment start/end times, recurrence patterns, attendees, resources, free/busy status…etc.
Resource Mailbox auto acceptance – An optional agent will be available, which will auto- accept appointments for resources such as conference rooms, projectors…etc.
Security Credentials Needed
The IBM TRIRIGA Workplace Reservation Manager application only accesses the Calendar folder of the mailboxes of the users. Hence the ‘Privileged’ User the application would require the ability to schedule on behalf of these users. The administration of this more privileged user is done in Microsoft Exchange.
Within the IBM TRIRIGA Workplace Reservation Manager application a user can have the delegation permissions to another user, if security allows. This will be a setup routine as preferences by the user. The user profile within the IBM TRIRIGA application will solely carry the user’s mailbox id.
Authentication to Microsoft Exchange
The authentication to Microsoft Exchange is initiated from the IBM TRIRIGA Application Server, hence usually within the network and within the firewall. The authentication is done via WebDAV, using the credentials stored in a properties file on the IBM TRIRIGA Application Server.
This properties file resides within the installation directory of the IBM TRIRIGA IBS installation and is secured by standard file access permissions.
Although, if configured, the authentication occurs via standard http, use SSL so authentication will occur via https.
The call for authentication is made from the IBM TRIRIGA Application Server to Microsoft Exchange. In order for this to occur, the security certificate identifying the server as trusted (or the certification authority) needs to be recognized and added to the trusted certifications. In order to do so, this certificate needs to be imported into the keystore from Java. The
keystore is a secure repository for security certifications maintained by Java where the keys are stored in the standard encrypted formats.
Once the IBM TRIRIGA Application Server tries to authenticate to the Exchange Server, this certificate, along with the provided credentials allows communication to occur.
Below is a diagram of a typical high availability, secure infrastructure with the typical ports of communication.
Authentication to Microsoft Exchange
Setup
The setup of the integration with Microsoft Exchange server is done through business objects (records) within the IBM TRIRIGA application, stored in the database. No sensitive data such as credentials are stored within the database for this purpose.
Here is an example of External Mail Server Properties settings:
Enable External Mail:
External Mail Server: YourMailServer.com
External Mail Domain: YourMailServer.dom
External Mail Time Zone: (GMT -8) Pacific Time (US, Canada); Tijuana [US/Pacific]
External Mail Search Objects: YourMailUsers
TRIRIGA Web Server: YourWebServer.com
Note – The user credentials for the Exchange User are stored within a properties file in theconfig directory of the IBM TRIRIGA installation.
Importing the security certificate
Obtain the security certificate of the Exchange Web Server.
Go to your JAVA_HOME\jre\lib\security directory and use following command: \JAVA_HOME\bin\keytool -import -file devcert.cer -trustcacerts - storetype jks -keystore cacerts
When prompted for the password use changeit.
Select yes when prompted to accept.
Note – It is important to specify the 'cacerts' keystore. If SSL is disabled then security isdisabled and all communication between IBM TRIRIGA and the Exchange server is sent as clear text.
© Copyright IBM Corporation 2011.
INDEX
Agenda, 39 Asset Reservation, 68, 69 Attachments, 39 Calendar Templates, 6Creating a Location (Hoteling) Reservation Record, 34, 45, 69, 74, 77, 80
Credit Card, 67, 69 Integration
Microsoft Exchange, 96
Location (Hoteling) Reservation Record, 34 Location Reservation, 34, 36, 44, 45, 69, 74, 77 Microsoft Exchange
Set Up, 98 Setting Up, 97
Microsoft Exchange Integration, 96
Microsoft Outlook Viewing Appointments, 97 Payment, 67, 68 Private Reservations, 12, 39 Purchase Order, 69 Recurring reservations, 37, 47, 55, 75 Reservation Management Overview, 2
Reserve Work Task, 69 Room layout, 68, 69 Vehicle Reservation, 68, 77 Viewing Appointments In IBM TRIRIGA, 97 Microsoft Outlook, 97 Welcome Package, 39
Notices
This information was developed for products and services offered in the U.S.A.
IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not grant you any license to these patents. You can send license inquiries, in writing, to:
IBM Director of Licensing IBM Corporation
North Castle Drive Armonk, NY 10504-1785 U.S.A.
For license inquiries regarding double-byte character set (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to:
Intellectual Property Licensing Legal and Intellectual Property Law IBM Japan, Ltd.
1623-14, Shimotsuruma, Yamato-shi Kanagawa 242-8502 Japan
The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law:
INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you.
This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM
Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.
IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.
Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact:
IBM Corporation 2Z4A/101
11400 Burnet Road Austin, TX 78758 U.S.A.
Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee.
The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us.
Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.
All statements regarding IBM's future direction or intent are subject to change or withdrawal without notice, and represent goals and objectives only.
This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental.
Trademarks
IBM, the IBM logo, ibm.com, and TRIRIGA are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide.
Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.
Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.
Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at