DCTM 16.4 Docker+Oracle installation guide

Since v16.4, Opentext doesn’t provide a “preconfigured” Docker image for Documentum running on Oracle. If you want to use a docker image running PostgreSQL you can use the same procedure as described for Full docker CS7.3 PostgreSQL + D2 4.7 installation guide or DCTM 7.3 PostgreSQL with Docker install guide, and you should not have too many issues 😀

This guide will help you setup a VM running CentOS 7 where we will install Oracle (Express) and docker, and will be building a Documentum image. We will split the build in several images to avoid having to do a full rebuild if something goes wrong 😀


Windows 10 x64 8GB RAM
VMware Workstation Player 12

CentOS 7 x64 25GB HD 4GB RAM 2 cores
Docker 1.13.1

VM Creation

Mount the CentOS 7 DVD image, boot the machine and follow the steps. You can choose to let EasyInstall do the work for you. I used minimal package install to save resources, named the machine vm-dctmdocker, configure the network and set the root password.

Oracle XE setup

  • I copied every installer in $DOCUMENTUM/installers, so:

[dmadmin@vm-dctmdocker opt]$ sudo mkdir documentum
[dmadmin@vm-dctmdocker opt]$ sudo chown dmadmin.dmadmin documentum
[dmadmin@vm-dctmdocker documentum]$ mkdir installers
[dmadmin@dctmdocker installers]$ cp /mnt/hgfs/dctm72/oracle-xe-11.2.0-1.0.x86_64.rpm/Disk1/oracle-xe-11.2.0-1.0.x86_64.rpm .

  • Install needed libraries, run installer, run configuration tool (remember to change the default 8080 port to something else to avoid conflicts with tomcat if you want to use an application server):

[dmadmin@vm-dctmdocker installers]$ sudo yum install libaio bc
[dmadmin@vm-dctmdocker installers]$ sudo rpm -ivh oracle-xe-11.2.0-1.0.x86_64.rpm
[dmadmin@vm-dctmdocker installers]$ sudo /etc/init.d/oracle-xe configure

  • Launch sqlplus to enable remote access and remove the password expiration:

[dmadmin@vm-dctmdocker installers]$ . /u01/app/oracle/product/11.2.0/xe/bin/oracle_env.sh

[dmadmin@vm-dctmdocker installers]$ /u01/app/oracle/product/11.2.0/xe/bin/sqlplus system

Docker setup

We’ll just install docker, adding dmadmin user to the docker group so we don’t need to use sudo every time we want to run the “docker” command

[dmadmin@vm-dctmdocker installers]$ sudo yum install docker
[dmadmin@vm-dctmdocker installers]$ sudo usermod -a -G docker dmadmin
[dmadmin@vm-dctmdocker installers]$ systemctl restart docker.service

Centos docker image setup

This base image will just add required packages and minor configurations:

[dmadmin@vm-dctmdocker installers]$ docker pull centos
[dmadmin@vm-dctmdocker installers]$ docker build –no-cache -f ./customCentosDockerfile -t custom_centos .


FROM centos


RUN echo root:root | chpasswd

RUN yum install -y rng-tools.x86_64 unzip libaio sudo tail vi openssh-server; \
yum clean all; \
sed -i ‘s/PermitRootLogin without-password/PermitRootLogin yes/’ /etc/ssh/sshd_config; \
sed ‘s@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g’ -i /etc/pam.d/sshd

RUN /sbin/rngd -b -r /dev/urandom -p /dev/random

Documentum base image setup

This image will install Documentum binaries and Oracle client:

[dmadmin@vm-dctmdocker installers]$ docker build –no-cache -f ./dctmcentosDockerfile -t centos_dctm .


FROM custom_centos


RUN echo root:root | chpasswd

ADD db/install/oracle-instantclient11.2-sqlplus- /tmp/oracle-instantclient11.2-sqlplus-
ADD db/install/oracle-instantclient11.2-basic- /tmp/oracle-instantclient11.2-basic-

RUN rpm -ivh /tmp/oracle-instantclient11.2-sqlplus- /tmp/oracle-instantclient11.2-basic-; \
rm /tmp/oracle-instantclient11.2-sqlplus-; \
rm /tmp/oracle-instantclient11.2-basic-

## create dmadmin user
RUN useradd dmadmin; \
passwd -f -u dmadmin; \
mkdir -p /home/dmadmin/.ssh; chown dmadmin /home/dmadmin/.ssh; chmod 700 /home/dmadmin/.ssh; \
echo “dmadmin ALL=(ALL) ALL” >> /etc/sudoers.d/dmadmin; \
sed -i -e ‘s/Defaults requiretty.*/ #Defaults requiretty/g’ /etc/sudoers

# Create folder structure
RUN mkdir /opt/documentum; \
mkdir /opt/documentum/product; \
mkdir /opt/documentum/product/16.4; \
mkdir /opt/documentum/install; \
mkdir /opt/documentum/db; \
chown -R dmadmin:dmadmin /opt/documentum

ADD cs/install/* /opt/documentum/install/
ADD cs/config/installProperties.properties /opt/documentum/install/
ADD cs/config/configProperties.properties /opt/documentum/install/
ADD cs/config/configPropertiesDoc.properties /opt/documentum/install/

ADD db/config/tnsnames.ora /opt/documentum/db/
ADD db/config/fix_tnsnames.sh /opt/documentum/
RUN chown dmadmin.dmadmin /opt/documentum/fix_tnsnames.sh; \
chown dmadmin.dmadmin /opt/documentum/db/tnsnames.ora; \
chmod u+x /opt/documentum/fix_tnsnames.sh; \
chmod u+g /opt/documentum/db/tnsnames.ora

RUN echo “#dctm services” >> /etc/services ; \
echo “dctm164 49001/tcp # 16.4 Repository native connection” >> /etc/services ; \
echo “dctm164_s 49002/tcp # 16.4 Repository secure connection” >> /etc/services ; \
ln /usr/lib64/libsasl2.so.3 /usr/lib64/libsasl2.so.2; \
ln -s /usr/lib/oracle/11.2/client64/lib/libclntsh.so.11.1 /usr/lib/oracle/11.2/client64/lib/libclntsh.so; \
ln -s /usr/lib/oracle/11.2/client64/lib/libocci.so.11.1 /usr/lib/oracle/11.2/client64/lib/libocci.so; \
chown -R dmadmin:dmadmin /opt/documentum/install; \
chmod u+x /opt/documentum/install/serverSetup.bin

USER dmadmin

ENV DOCUMENTUM /opt/documentum
ENV JAVA_HOME /opt/documentum/java64/1.8.0_152
ENV ORACLE_HOME /usr/lib/oracle/11.2/client64
ENV LD_LIBRARY_PATH=/usr/lib/oracle/11.2/client64/lib:$DM_HOME/bin/FIPS/:$JAVA_HOME/jre/lib/amd64/server:$DM_HOME/bin:$LD_LIBRARY_PATH
ENV PATH=/usr/lib/oracle/11.2/client64/bin:$PATH
ENV TNS_ADMIN=/opt/documentum/db

RUN $DOCUMENTUM/install/serverSetup.bin -f installProperties.properties


RUN /opt/documentum/fix_tnsnames.sh; \
mv $DM_HOME/bin/dmdbtest $DM_HOME/bin/dmdbtest.bak; \
echo “exit 0” >> $DM_HOME/bin/dmdbtest; \
chmod u+x $DM_HOME/bin/dmdbtest


Documentum repository:

This image will run the repository configuration:

[dmadmin@vm-dctmdocker installers]$ docker build –no-cache -t dctm164 .


FROM centos_dctm


USER dmadmin


RUN sed -i “/SERVER.PROJECTED_DOCBROKER_HOST/cSERVER.PROJECTED_DOCBROKER_HOST=$HOSTNAME” /opt/documentum/install/configProperties.properties; \
sed -i “/SERVER.SMTP_SERVER_NAME/cSERVER.SMTP_SERVER_NAME=$HOSTNAME” /opt/documentum/install/configProperties.properties; \
sed -i “/SERVER.FQDN/cSERVER.FQDN=$HOSTNAME” /opt/documentum/install/configProperties.properties; \
/opt/documentum/product/16.4/install/dm_launch_server_config_program.sh -f /opt/documentum/install/configProperties.properties

RUN sed -i “/dfc.session.secure_connect_default/cdfc.session.secure_connect_default=try_native_first” /opt/documentum/config/dfc.properties

EXPOSE 22 1489 1492 49001 49002

ADD cs/config/startup-dctm.sh /opt/documentum/startup-dctm.sh

USER root
RUN chown dmadmin.dmadmin /opt/documentum/startup-dctm.sh; \
chmod u+x /opt/documentum/startup-dctm.sh

USER dmadmin
CMD /opt/documentum/fix_tnsnames.sh; /opt/documentum/startup-dctm.sh ; bash

Additional information

Custom scripts created for the install:

  • startup-dctm.sh: updates hostname, dfc.properties, runs dm_crypto_boot and starts the repository services.
  • fix_tnsnames.sh: updates tnsnames with Oracle server public IP (which in this example is hardcoded)
  • configProperties.properties: Standard silent install script

If something goes wrong at some point, remember you’ll need to:

  • Delete docker dangling containers
  • Delete user created on database by the installer
  • Delete tablespaces created on database by the installer



Multiple environments with Composer

Similar to the previous posts about configuring dqMan/DQLTester (Multiple environments with dqMan/DQLTester) and tomcat (Multiple environments with Tomcat/DA), Composer can be launched the same way:

Folder structure:

  • composer.bat
  • properties
    • env1
      • dev
        • dfc.properties
      • prod
        • dfc.properties
    • env2
      • dev
        • dfc.properties
      • prod
        • dfc.properties
  • etc.


@Echo off

SET composerfolder=path to composer folder<span id="mce_SELREST_start" style="overflow:hidden;line-height:0;">&#65279;</span>
SET folderbase=dfcproperties
SET parambase=-Ddfc.properties.file=

echo ****************
echo 1. env1 dev
echo 2. env2 prod
echo ****************

SET /p var= ^&gt; Choose option:

if "%var%"=="1" goto op1
if "%var%"=="2" goto op2

SET JAVA_TOOL_OPTIONS=%parambase%%cd%\%folderbase%\env1\dev\dfc.properties
goto finish

SET JAVA_TOOL_OPTIONS=%parambase%%cd%\%folderbase%\env1\prod\dfc.properties
goto finish


start "" /D %composerfolder% /B %composerfolder%\composer.exe

Custom labels for column values in D2 queries

Problem: We have a query that is using aliases (r_object_type as cod) that shows documents on D2’s objectlist. We want to use a custom dictionary for those values, but the dictionary values are not applied.

Solution: This mappings are stored in d2_attribute_mapping_config, this table contains a list of repeating attributes that store those mappings:

  • type_name: type with the attribute to map
  • attr_name: name of the attribute that contains the values to map
  • dictionary_name: name of the dictionary with the values to show
  • alias_locale_name: auto/language of the values to show

So, this table stores in the repeating attributes the values of the type, attribute and dictionary. This means that you can only map columns that have attribute names.

Solution? Workaround? Append new values to those attributes, indicating the alias you are using, the type used in the “from” clause of the query and the dictionary, and you’re good to go.

Of course, this is completely unsupported by Opentext 🙂

D2 16.5 released

D2 16.5 is available to download (in fact, I think it’s the only Documentum product available in 16.5, not even CS is yet available) including the new UI for D2.

The current version of D2 Smart View Client is ideally suited for users with a content consumer role where searching for and viewing documents is the primary focus. To access more advanced features such as Content Creation, Advanced and Query form searches, Workflow Processing, and Virtual Document creation, users should switch to the D2 Classic Client

D2-Config without ActiveX

If somehow you find yourself working for a customer with very strict security policies that don’t allow ActiveX components, you can still work with D2-Config even if you cannot install the activex component.

You can access /D2-Config/ConnectDialog.html, ignore the popups and login as usual, then you’ll be redirected to /D2-Config/interface.html?interfaceId=null# which is the page with D2-Config matrix.

Every time you click somewhere you’ll get a popup stating the C6 ActiveX is not loaded but you can simply ignore it, as most of the application will work.

If you need to perform a full import of a configuration, you can do so with the following code (note that this will reset D2-Config configurations):


D2Config config=new D2Config(session);

config.importZip(new File("full path to Zip file with configuration"),
true, null, null, true, true, null);

Map arguments = new HashMap();
arguments.put("-callerUrl", "http://server/D2/");
arguments.put("-all", Boolean.TRUE);
D2Method.start(session, D2RefreshCacheMethod.class, arguments);


You’ll need to add to your project d2-api.jar and c6-common.jar, mark as approved the dfc instance used by the program’s dfc, and set the java.security parameter as explained in D2 4.7/16.4 configuration in eclipse

D2 4.7/16.4 configuration in eclipse

This post is quite similar to the Debugging D2 4.5/4.6 previously posted, explaining how to set up D2 without lockbox, but much more simple due to the missing lockbox.

Extract all files from D2/D2-Config to a local folder in your computer, configure a new (tomcat) server in Eclipse, and configure the following parameters:

  • JVM arguments:
    • -Djava.io.tmpdir=”<absolute path to some temp folder>\d2″ (make sure this folder exists)
    • -Djava.security.policy=file:///<absolute path to java.policy file> (the documentation states to change java.policy in your JRE, but I rather use this cleaner solution: create a local java.policy file with a single line:

      grant { permission com.documentum.fc.client.impl.bof.security.RolePermission “*”, “propagate”;}; and reference it with the java.security.policy parameter)

    • Additional memory/custom parameters

Now, start the server, take note of the dfc.keystore id, mark it as approved privilege client in DA and you are good to go.