Deployment Example: Sun Java Communications Suite 6 Update 1 on a Single Host
----------------------------------------------------------------------------------------------------------- - Java Enterprise System components: Sun Java System Messaging Server !" Update 1 Sun Java System Calendar Server 6!#!1 Sun Java System $nstant Messaging % Sun Java System Directory Server 6!# Sun Java System &ccess Manager !1 Sun Java System &pplication Server '!1 Update ( )it* H&D+ support Sun Java System ,e- Server !" Sun Java System Delegated &dministrator 6!. /1 Sun Java System Communications Express 6!# Sun Convergence 1.0 All Shared Components : Domain name: concorindia!com Host name: pop1 (running Solaris OS 10) 0ully 1uali2ied 3external4 *ost name:pop1!concorindia!com /ass)ord: adminpass used 2or all pass)ords except t*e amldapuser pass)ord Table 3 Server Coniguration !normation Component !nstall "otes !nstall #ocation $atabase #ocation %ort "umber Application Server &.1 !nstalled separatel'. (e)uired or Convergence *opt*S+",appserver "ot Applicable -0 .-.- -1-1 $irector' Server /.3 !nstalled separatel'. This version is not included 0ith !dentit' 1anagement Suite. *opt*S+",dsee *var*opt*S+",dsee 3-& 1essaging Server 2.0 +pdate 1 !nstalled b' using Communication s !nstaller. Additional coniguration re)uired. * opt*sun*comms*messagin g/. * var*opt*sun*comms*mess aging/. 30-0 34 110 1.3 ,eb Server 2.0 !nstalled 0ith 5ava 6S 4 +pdate 1 or !dentit' 1anagement Suite. (e)uired or Access 1anager and $elegated Administrator *opt*S+",0bsvr2 *var*opt*S+",0bsvr2 -0-0 --00 -&-& Calendar Server /.3 !nstalled using Communication s !nstaller. Additional coniguration re)uired. *opt*sun*comms*calendar*opt*sun*comms*calendar30-0 3-& !nstant 1essaging - !nstalled b' using Communication s !nstaller. Additional coniguration re)uired. *opt*sun*comms*im *var*opt*S+",iim 4333 .4333 -&-& Communications 67press /.3 !nstalled b' using Communication s !nstaller. Additional coniguration re)uired. *opt*sun*comms*ce *var*opt*sun*comms*ce -0-0 As part o the coniguration8 'ou 0ill use $elegated Administrator to add data to 1essaging Server and Calendar Server. !nstallation "otes and (ecommendations ,ith Solaris OS & and 108 tp might not 0or9 or certain accounts. These accounts are listed in *etc*tpd*tpusers. 5ust remove the account rom this list (or e7ample8 root) and 'ou 0ill be able to tp as that user. +se g:ip ;d or gun:ip to decompress the <g: iles. 67pected +ser !nput $uring installation8 'our are prompted or various input. +ser input is indicated b' te7t o the orm <<. The ollo0ing table helps 'ou plan or the t'pes o inormation 'ou must provide during installation. Table 4 !normation !nput $uring !nstallation +ser !nput +ser !nput Action =enter> 5ust hit enter8 but veri' that the deault value sho0n ma9es sense. =sample; pass0ord> An' pass0ord8 minimum o - characters in length8 suitable or evaluation purposes. These instructions assume that an'0here =sample;pass0ord> is speciied8 'ou 0ill enter the same value each time. =amldapuser; pass0ord> Same criteria as =sample;pass0ord>8 but must be dierent rom =sample;pass0ord>. =ull';)ualiied; hostname> ?or e7ample8 assuming that the host name is abc8 and the domain name is demo.7':.com8 then this value 0ould be abc.demo.7':.com. =ull;coo9ie; domainname> ?or e7ample8 assuming that the ull domain name is demo.7':.com8 then this value 0ould be .demo.7':.com (note the inclusion o the leading @.@). Summar' o !nstallation and Coniguration !nstalling and coniguring this e7ample involves the ollo0ing high;level steps: %reparing the s'stem or Sun 5ava Communications Suite !nstalling and coniguring Application Server &.1 !nstalling and coniguring $irector' Server /.3 (unning the !dentit' Suite installer and selecting the necessar' components re)uired b' the 5ava Communications Suite (,eb Server and Access 1anager) (unning the Communications Suite !nstaller to install 1essaging Server8 Calendar Server8 !nstant 1essaging8 Communications 67press8 and $elegated Administrator Coniguring $elegated Administrator and Communications C#! Coniguring 1essaging Server Coniguring Calendar Server Coniguring !nstant 1essaging !nstalling and Coniguring Convergence Coniguring Communications 67press Coniguring a user These installation steps result in a suitable deplo'ment to evaluate and test Communications Suite / +pdate 1. These instructions are not intended to act as a replacement or the individual component documentation8 but to merel' guide the evaluator through an initial installation. !nstalling the 67ample This section describes ho0 to install and conigure components on a single machine or evaluation purposes. Some components are conigured ater installation8 using component coniguration tools. "ote +nless other0ise indicated8 all o the e7amples and instructions in this document assume that 'ou are logged in as root. This section contains the ollo0ing topics: Chec9ing !nstallation (e)uirements Aetting the "ecessar' Sot0are $nstalling and Con2iguring &pplication Server5 Directory Server5 &ccess Manager5 and ,e- Server +ninstalling the Components Chec9ing !nstallation (e)uirements Beore 'ou install components8 use the steps in this section to ma9e sure the computer on 0hich 'ou are installing is read'. To Chec9 S'stem (e)uirements The computer should meet the ollo0ing re)uirements: These instructions assume all actions are perormed b' the root user. The computer must have 3.1 AB ree dis9 space or the :ip iles and :ip image. (ecommendation: Cave the image alread' un:ipped. 6o C*ec7 D8S 9eri2y t*at D8S is running and con2igured properly: Ma7e sure t*at t*e :etc:resolv!con2 2ile *as name server entries )it* t*e $/ addresses o2 valid name servers! 0or example: domain comms!-eta!com nameserver 1'(!16%!1""!(( nameserver 1'(!16%!1""!(# nameserver 1'(!16%!1""!(. nameserver 1'(!16%!1""!(; Ma7e sure t*at t*e :etc:*osts ile has an entr' or the ull' )ualiied host name o the server. This ull' )ualiied host name should be listed beore the non ull' )ualiied host name. ?or e7ample: 1"!1!1!#( pop1!concorindia!com pop1 log*ost 1a9e sure that the *etc*nss0itch.con ile is conigured to use iles irst to resolve host names. The hosts line in the nss0itch.con ile should list iles irst in its entr': hosts: iles dns nis D"OT?O+"$EreturnF G O( (i "!S is not used) hosts: iles dns Aetting the "ecessar' Sot0are To Aet the Sot0are Aet the Communications Suite8 Application Server8 and !dentit' Suite sot0are. !nstalling and Coniguring Application Server8 $irector' Server8 Access 1anager8 and ,eb Server Sun 5ava S'stem Application Server &.1 +pdate 3 is the primar' 0eb container used b' Convergence. At the time this document 0as initiall' 0ritten8 Application Server did not support Access 1anager8 so the recommendation 0as to install a separate ,eb Server to support Access 1anager. Things have changed since then. ! 'ou 0ant to install Convergence and Access 1anager in the same 0eb container8 'ou must install the Application Server 0ith CA$B support (even though 'ou do not need to enable CA$B). Convergence and Access 1anager do not need to be installed in the same 0eb container8 but i 'ou 0ant SSO to e7ist bet0een Convergence and another application8 'ou must install either Access 1anager or the Access 1anager S$H in the same 0eb container as Convergence. This installation e7ample has no need to provide SSO bet0een Convergence and another application. Cence8 it uses separate 0eb containers or Access 1anager and Convergence. %rior to installing Application Server &.1 +pdate 38 chec9 the 5ava version on the s'stem. Application Server re)uires at least 5ava 1.4.0. Solaris 10 +pdate / ships 0ith version 1.4.0I1/8 0hich is ine or Convergence. To chec9 'our version t'pe the ollo0ing command: < =ava -version The shell returns results that loo9 similar to the ollo0ing: Java version @1.4.0I1/@ 5ava(T1) 3 (untime 6nvironment8 Standard 6dition (build 1.4.0I1/;b03) 5ava CotSpot(T1) Client K1 (build 1.4.0I1/;b038 mi7ed mode8 sharing) Create the *tmp*A%%SK(&1+3 director'8 cop' the Application Server &.1 +pdate 3 bits to this director'8 then launch the installer. G cd *tmp*A%%SK(&1+3 G chmod L7 < G .*sJsasIee;&I1I03;solaris;sparc.bin ;console ,hen prompted8 press 6nter to continue. Accept the #icense Agreement b' t'ping 'es 0hen prompted. The installation script prompts or a series o options. The ollo0ing table sho0s ho0 to respond to the coniguration options: Table / Application Server Settings Option D$eault KalueF 6nter: !nstallation $irector' D*opt*S+",appserverF accept deault Create $irector' or Choose "e0 Create $irector' accept deault !nstall "ode Agent D'esF no !nstall Cigh Availabilit' $atabase Server DnoF accept deault !nstall #oad Balancing %lugin DnoF accept deault !nstall $omain Administration D'esF accept deault Server !nstall Sample Applications D'esF accept deault !nstall or reuse 5ava 3 S$H D!nstallF (euse (as long as correct version) %ath to 5ava 3 S$H 4.0 or greater D*usr*Jd9*instances*Jd91.4.0F accept deault Admin +ser DadminF accept deault Admin +serMs %ass0ord N adminpass 1aster %ass0ord or SS# Certiicate O adminpass Admin %ort D.-.-F accept deault CTT% %ort D-0-0F -0 CTT%S %ort D-1-1F accept deault 6nable +pdatecenter client D'esF accept deault +pgrade rom previous AS version DnoF accept deault Start the Application Server: G *opt*S+",appserver*bin*asadmin start;domain domain1 Starting $omain domain18 please 0ait. #og redirected to *opt*S+",appserver*domains*domain1*logs*server.log. %lease enter the admin user name>admin %lease enter the admin pass0ord>adminpass %lease enter the master pass0ord>adminpass Directory Server 6!# $nstallation Create t*e :tmp:DS directory and copy t*e Directory Server 6!#. G m9dir *tmp*$S G cp $S66./.3.Solaris;Sparc;ull.tar.g: *tmp*$S G cd *tmp*$S G g:ip ;dc $S66./.3.Solaris;Sparc;ull.tar.g: P tar 7v ; G cd $S66IQ!%I$istribution G .*dseeIdeplo' install ;i *opt*S+",dsee %ress 6nter to Continue 0hen prompted. Accept the #icense Agreement b' t'ping 'es 0hen prompted. The installation proceeds and installs the $irector' Server bits in the speciied location :opt:SU8,dsee! Create 'our $irector' Server instance. G m9dir *var*opt*S+",dsee G cd *opt*S+",dsee*ds/*bin G .*dsadm create ;p 3-& ;% /3/ *var*opt*S+",dsee*dsins1 Choose the $irector' 1anager pass0ord: adminpass Conirm the $irector' 1anager pass0ord: adminpass Start 'our $irector' Server instance. G .*dsadm start *var*opt*S+",dsee*dsins1 Create the root sui7 oEisp b' using the dscon command: .*dscon create;sui7 ;h hostname ;p 3-& oEisp !n this e7ample8 t'pe: G .*dscon create;sui7 ;h 0ireless ;p 3-& oEisp Certiicate @C"E0ireless8 C"E/3/8 C"E$irector' Server8 OESun 1icros'stems@ presented b' the server is not trusted. Accept the Certiicate and t'pe adminpass as the cnE$irector' 1anager pass0ord. T'pe @R@ to accept8 @'@ to accept Just once8 @n@ to reuse8 @d@ or more : R 6nter @cnE$irector' 1anager@ pass0ord: adminpass Create the *tmp*5!S4 director' and un:ip !dentit' Suite bits in this director'. Then run the 5ava 6S installer. "ote This e7ample uses !dentit' Suite 4 +pdate 1 to install onl' Access 1anager and a ,eb Container8 0hich are re)uired components or Communications Suite. $o0nload !dentit' Suite instead o the entire 5ava 6nterprise S'stem Suite to save on si:e. Co0ever8 i 'ou alread' have 5ava 6nterprise S'stem 4 +pdate 18 'ou can use that as 0ell. The steps ma' dier slightl' rom those provided belo0. G cd JavaIes;4u1;identsuite G cd SolarisIsparc G .*installer S Clic9 "e7t at the ,elcome page. Accept the license. "ote 6arlier Solaris OS 10 versions install an earlier version o 1essage Tueue (and possibl' other sot0are). Rou might need to upgrade this product prior to installing !dentit' Suite sot0are. ! the 5ava 6S installer detects that 'our s'stem has an earlier version o a product8 it might displa' an option to +pgrade 67isting Sot0are. ! 'ou are presented 0ith this option8 continue 0ith step 1- belo0. ! 'ou are not presented 0ith this option8 s9ip to step 3&. ! 'ou are presented 0ith the upgrade option8 select the item to be upgraded and run the 5ava 6S installer to upgrade the component. Ater the installer upgrades the component (or components)8 'ou can )uit the installer then restart it to install the remaining !dentit' Suite components. Then repeat the the applicable previous steps. ! 'ou happen to be installing !dentit' Suite on Solaris OS &8 'ou can s9ip steps 1-;3- and immediatel' proceed to step 3&. Clic9 the +pgrade e7isting sot0are radio button and clic9 "e7t to continue. Select the ollo0ing products8 then clic9 "e7t. Sun 5ava S'stem 1essage Tueue 3.2 +(1 All Shared Components "ote: Also select the chec9bo7 or multilingual pac9ages i desired. Clic9 "e7t to upgrade shared components. The installer veriies s'stem re)uirements. ,hen done8 clic9 "e7t. At the @(ead' to +pgrade@ 0indo08 clic9 "e7t. $eselect the registration chec9bo78 then clic9 !nstall. The upgrade proceeds. ,hen the installation is complete8 the !nstallation Complete page is displa'ed. Clic9 Close to e7it the installer. (estart the 5ava 6S installer to install the remaining !dentit' Suite components. G .*installer S Clic9 "e7t at the ,elcome page. Accept the license. !n the @Choose to +pgrade or !nstall@ 0indo08 select the @!nstall ne0 sot0are@ radio button8 then clic9 "e7t to continue. Select the ollo0ing products8 then clic9 "e7t. ,eb Server 2.0 +pdate 1 Access 1anager 2.1 (Choose onl' the re)uired sot0are. Rou do not need the Client S$H8 $istributed Auth +!8 or Session ?ailover client.) All Shared Components "ote: $irector' Server might be selected b' deault. Rou must deselect this product since $irector' Server /.3 has alread' been installed. As a result8 $irector' %reparation Tool /.. is automaticall' deselected as 0ell. "ote: Select the chec9bo7 or multilingual pac9ages i desired. !n the dependenc' chec9ing phase8 it is noted that Access 1anager re)uires $irector' Server. Rou 0ill be prompted to install $irector' Server 6nterprise 6dition /.3 locall' or use $irector' Server 6nterprise 6dition /.3 installed on a remote machine. Rou must choose the (emote option since 'ou do not 0ant to over0rite 'our e7isting version o $irector' Server. Some versions o Solaris re)uire that the 5ava S6 S$H be upgraded prior to installation. ! 'ou are prompted to upgrade the 5ava S6 S$H8 choose the deault selection to automaticall' upgrade the S$H to the version included 0ith the installer. Then clic9 "e7t to continue. ! 'ou s9ipped several previous steps because 'ou installed Solaris OS & or a component upgrade 0as not re)uired on Solaris OS 108 'ou are re)uired to upgrade the shared components no0 and 'ou can clic9 "e7t. ! 'ou installed Solaris OS 10 and 'ou alread' upgraded the shared components 0hen 'ou upgraded the 1essage Tueue component8 'ou should have alread' completed this step and 'ou can proceed to the ne7t step. Speci' !nstallation $irectories. #ocations: Access 1anager: *opt (creates *opt*S+",am) ,eb Server: *opt (creates *opt*S+",0bsvr2) ,eb Server !nstance: *var*opt*S+",0bsvr2 Accept the target directories or each product and clic9 "e7t. The installer veriies s'stem re)uirements. ,hen done8 clic9 "e7t. Choose Conigure "o08 then clic9 "e7t. Continue 0ith the ne7t procedure to choose Common and ,eb Server settings. To Select Common and ,eb Server Settings This installation assumes the use o Sun 5ava S'stem ,eb Server. Rou can choose an alternate 0eb container but that is be'ond the scope o this document. !n the Account %reerences %anel8 'ou are as9ed 0hether or not 'ou 0ant to use 'our +ser!$ and %ass0ord inormation or all administrator accounts8 or i 'ou 0ant to provide administrator account inormation or each component. Choose the All Administrator Accounts option and t'pe admin or the Administrator +ser !$ and adminpass or the Administrator %ass0ord then clic9 "e7t. The installation script prompts or a series o options. The ollo0ing table sho0s ho0 to respond to the Common and ,eb Server coniguration options. Table 2 Common and ,eb Server Settings Option D$eault KalueF 6nter: Common Server Settings
T'pe o coniguration DConigure Administration !nstance as ServerF accept deault Start servers ater s'stem startup unchec9ed accept deault Server Cost Dpop1.concorindia.comF accept deault Admin Server SS# port D-&-&F accept deault Admin Server CTT% port D--00F accept deault Admin runtime user id DrootF accept deault ,eb Server "ame Dpop1.concorindia.comF accept deault CTT% %ort D-1F -0-0 ,eb server runtime +"!U +ser !$ D0ebservdF root (See "ote belo0) $ocument root director' D*var*opt*S+",0bsvr2*https; pop1.concorindia.com*docsF accept deault "ote To ta9e advantage o !nstant 1essaging 0ith Access 1anager8 !nstant 1essaging must be run as root. ! 'ou 0ant to ma9e use o the ne0 !1%S eature and the httpbind gate0a' in !nstant 1essaging8 ,eb Server must have access to the !nstant 1essaging coniguration iles and log director'. Rou could either run ,eb Server as a separate user and then manuall' change the permissions in the !nstant 1essaging directories or 'ou could run ,eb Server as the same user as the !nstant 1essaging user8 0hich in this case is root. !n the uture8 the !nstant 1essaging conigurator should perorm all the necessar' permission changes so that 'ou donMt need to run ,eb Server as root. To Select Access 1anager Settings The ollo0ing table sho0s ho0 to respond to the Access 1anager coniguration options. Table & Access 1anager Settings Option D$eault KalueF 6nter: !nstall t'pe D#egac' 1odeF(version /.7 st'le) accept deault Admin +ser !$ DamadminF accept deault Administrator %ass0ord N adminpass #$A% +ser !$ DamldapuserF accept deault #$A% %ass0ord N nonadminpass %ass0ord 6ncr'ption He' D-2dJ9aueJ9dadad...F accept deault Access 1anager $eplo'ment Container Options DSun 5ava S'stem ,eb ServerF Choose Sun 5ava S'stem ,eb Server Cost "ame Dpop1.concorindia.comF Dpop1.concorindia.comF Services $eplo'ment +(! DamserverF accept deault Common $omain $eplo'ment +(! DamcommonF accept deault Coo9ie $omain D.beta.comF .comms.beta.com %ass0ord $eplo'ment +(! Dampass0ordF accept deault Console %rotocol DCTT%F accept deault Access 1anager Console D$eplo' ne0 consoleF accept deault Console $eplo'ment +(! DamconsoleF accept deault Console Cost "ame Dpop1.concorindia.comF accept deault Console %ort D-0-0F accept deault $irector' Server Cost N 0ireless.comms.beta.com $irector' Server %ort D3-&F accept deault $irector' (oot Sui7 DdcEpop18dcEconcorindia8dcEcomF oEisp $irector' 1anager $" DcnE$irector' 1anagerF accept deault $irector' 1anager %ass0ord N adminpass $irector' Server provisioned 0ith user dataV D"oF accept deault To !nstall the !dentit' Suite Sot0are Clic9 !nstall 0hen 'ou are satisied 0ith the (ead' to !nstall list. Because o the number o components selected8 the installation process can be length'. ,hen installation is complete8 the !nstallation Complete page is displa'ed. Clic9 Close to e7it the installer. To Keri' the !nstallation Start ,e- Server: cd :var:opt:SU8,)-svr:admin-server:-in !:stopserv !:startserv cd :var:opt:SU8,)-svr:*ttps-)ireless!comms!-eta!com:-in !:stopserv !:startserv The ,eb Server can ta9e a 0hile to start. Keri' that 'ou can log in to the Access 1anager console as amadmin. The +(# or the Access 1anager console is: *ttp:::2ully-1uali2ied-*ostname:)e--server-port:amconsole !n this e7ample8 t'pe: http:**0ireless.comms.beta.com:-0-0*amconsole Use amadmin and adminpass as t*e user $D and pass)ord! Ater veri'ing that 'ou can log in to the Access 1anager console8 log out. Keri' the Application Server b' t'ping the ollo0ing +(#: http:**ull';)ualiied;hostname !n this e7ample8 t'pe: http:**0ireless.comms.beta.com %roceed to !nstalling Communications Suite Components or instructions on ho0 to install and conigure Communications Suite components. +ninstalling the Components Ater 'ou complete 'our evaluation8 'ou can to remove the components that 'ou installed: 6o uninstall Communications Suite 6 Update 1 components: !:commp7g uninstall To uninstall !dentit' Suite: cd *var*sadm*prod*S+",ident;ents's4u1i*bin .*uninstall !nstalling Communications Suite Components $eplo'ing Communications Suite components is a t0o;step process. Rou irst install the sot0are then 'ou conigure the individual servers. This section contains the ollo0ing topics: $nstalling Communications Suite 6 Update 1 So2t)are Beore 'ou conigure the Communications Suite sot0are8 'ou need to create the mailsrv user and disable the sendmail process. The mailsrv user is used to conigure 1essaging Server. 1essaging Server re)uires a mail server user8 0hich must e7ist beore 'ou can inish the installation. Rou can s9ip this step8 because the group and user are created during the coniguration time. Co0ever8 'ou might 0ant to create the mailsrv user 'oursel as sho0n belo0. ?or this installation8 use the useradd command to create a user 0ith username mailsrv and group mail. Rou use this !$ in Step 3 in the Coniguring 1essaging Server section. T'pe the ollo0ing commands to create the user mailsrv 0ith a user !$ o 2/338 a group !$ o mail8 and a user home director' o *e7port*home*mailsrv. (These commands assume that the *e7port*home director' alread' e7ists.) groupadd mail useradd -u 6## -g mail -d :export:*ome:mailsrv -m mailsrv "ote: i the mailsrv user is alread' in use8 this could be an indication that mailsrv is not a local user as re)uired b' the 1essaging Server. 1essaging Server re)uires a local user and group and not one deined in a naming service such as "!S. Rou should create a dierent user such as mailsrv3 but be sure to change the reerence to that user 0hen prompted or the mail server username. ?or e7ample8 < useradd -u 6## -g mail -d :export:*ome:mailsrv( -m mailsrv( To $isable sendmail %rior to coniguring 1essaging Server8 use the ollo0ing procedures to 9ill the sendmail process and prevent it rom starting during bootup. 0or Solaris >S 1": svcadm disa-le sendmail 0or Solaris >S % and ': ps -e2 ? grep sendmail 7ill -' sendmail@pid cd :etc:rc(!d mv S%%sendmail save!S%%sendmail $nstalling Communications Suite 6 Update 1 So2t)are This section describes ho0 to install the Communications Suite sot0are on 'our host. To !nstall the Communications Suite Sot0are Create a *tmp*5CS/ director'8 un:ip the Communications Suite / +pdate 1 sot0are :ip ile in this director'8 then run the Communications Suite / +pdate 1 !nstaller. < cd :tmp:JCS6 < !:commp7g install %ress (6T+(" to continue 0hen prompted (evie0 the license and t'pe c to continue 0hen prompted. Rou can also t'pe s to s9ip the license displa'. Accept the #icense Agreement b' t'ping 'es 0hen prompted. &ccept t*e de2ault $nstall location: :opt:sun:comms Select the components 'ou 0ish to install. Select the ollo0ing products: Messaging Server 36.-it4 u1 3!"-#!"14 Comms DSsetup 6!. 36!.-#!"14 Comms Delegated &dministrator 6!. 36!.-#!"14 Calendar Server 6!# 36!#-11!"14 $nstant Messaging % 3%!"-""!"64 Communications Express 6!# 36!#-11!"14 Convergence 1 31!"-.!"14 This corresponds to selections 38 38 .8 48 /8 28 and 11. The installation script prompts or a series o options. Rou might not be prompted or all options8 depending on 'our s'stem. The ollo0ing table sho0s ho0 to respond to the coniguration options: Table 10 Kalues or "SS8 5ava Celp (untime8 1essage Tueue8 and Service Tags Options Option D$eault KalueF 6nter: Change p9g versions or "SS*"S%(*5SS DnF ' Change p9g versions or Service Tags DnF ' Change p9g versions or 1essage Tueue DnF ' %ress (6T+(" 0hen prompted to continue. !nstallation %roceeds. %ress (6T+(" 0hen prompted to continue. Coniguring Components This section describes ho0 to run the individual component coniguration utilities to perorm initial sot0are coniguration. This section contains the ollo0ing topics: %reparing the $irector' Coniguring $elegated Administrator and Communications C#! Coniguring 1essaging Server Coniguring Calendar Server Coniguring !nstant 1essaging Coniguring Access 1anager %reparing the $irector' This section e7plains ho0 to prepare the $irector' Server #$A% schema. To Appl' Schema 3 to Rour $irector' Tree Chance the director' 0here the commIdssetup script is located and run the script8 or e7ample: cd :opt:sun:comms:dssetup:s-in :usr:-in:perl comm@dssetup!pl 6ype y to continue! The perl script prompts or a series o options. The ollo0ing table sho0s ho0 to respond to the prompts. Table 11 Kalues or commIdssetup.pl Script Option D$eault KalueF 6nter: $irector' server root D*var*opt*S+",dsee*dsins1F accept deault $irector' 1anager $" DcnE$irector' 1anagerF accept deault $irector' 1anager %ass0ord N adminpass +se director' server or users*groups DResF accept deault +sers*Aroups base sui7 DoEispF accept deault Schema t'peV D3F accept deault +pdate the schema ilesV D'esF accept deault Conigure ne0 inde7esV D'esF accept deault (einde7 ne0 inde7esV D'esF accept deault Conirm 'our choices and t'pe ' to continue. The commIdssetup proceeds. ,hen prompted8 t'pe ' to continue 0ith the script. Continue 0ith the ne7t step ater commIdssetup completes and the Successul Completion message is displa'ed. Coniguring $elegated Administrator and Communications C#! This section describes coniguring $elegated Administrator console and utilit'8 0hich provide user management. 6o Con2igure Delegated &dministrator Change to the director' 0here the coniguration script 0as installed and run the script8 or e7ample: cd *opt*sun*comms*da*sbin .*conig;commda Clic9 "e7t in the ,elcome 0indo0. Accept the deault or the $irector' to store Coniguration and $ata ?iles: *var*opt*sun*comms*da ! the director' does not e7ist8 clic9 Create $irector' to create the director'. !nstall $elegated Administrator +tilit'8 Console8 and Server. The installation script prompts or a series o options. The ollo0ing table sho0s ho0 to respond to the coniguration options: Table 13 Kalues or conig;commda Script Option D$eault KalueF 6nter: A1 Costname D0ireless.comms.beta.comF accept deault A1 %ort D-0-0F -0-0 $eault $omain Dcomms.beta.comF accept deault $eault SS# %ort D..3F accept deault ,eb Container D,eb Server /.7F ,eb Server 2.7 !nstall (oot $irector' (or $A Console) D*opt*S+",0bsvr2F accept deault !nstance (oot D*var*opt*S+",0bsvr2F accept deault $irector' Server !nstance !dentiier D0ireless.comms.beta.comF accept deault Kirtual Server !dentiier D0ireless.comms.beta.comF accept deault ,eb Server CTT% %ort D-0F -0-0 Administration Server %ort D--00F accept deault Administrator +ser !$ DadminF accept deault Administrator %ass0ord N adminpass Secure Administration Server !nstanceV Dunchec9edF accept deault $eault $omain Separator DWF accept deault Access 1anager Base $irector' D*opt*S+",amF accept deault !nstall (oot $irector' (or $A Server) D*opt*S+",0bsvr2F accept deault !nstance (oot $irector' D*var*opt*S+",0bsvr2F accept deault Server !nstance !dentiier D0ireless.comms.beta.comF accept deault Kirtual Server !dentiier D0ireless.comms.beta.comF accept deault ,eb Server CTT% %ort D-0F -0-0 Administration Server %ort D--00F accept deault Administrator +ser !$ DadminF accept deault Administrator %ass0ord N adminpass Secure Administration Server !nstanceV Dunchec9edF accept deault +(# o $irector' Server Dldap:**0ireless.comms.beta.com:3-&F accept deault Bind As DcnE$irector' 1anagerF accept deault %ass0ord N adminpass A1 Top level admin DamadminF accept deault A1 admin pass0d N adminpass Access 1anager !nternal #$A% Auth +sername DamldapuserF accept deault A1 !nternal #$A% Auth %ass0d or amldapuser N nonadminpass Organi:ation $" DoEcomms.beta.com8oEispF oEcomms.beta.com8oEisp Top #evel Admin or $eault Organi:ation DadminF accept deault %ass0ord N adminpass #oad Sample Service %ac9ages N Res (Chec9ed) #oad Sample Organi:ations N Res (Chec9ed) %reerred 1ailhost or Sample D0ireless.comms.beta.comF accept deault Clic9 Conigure "o0. The script begins to run. ,hen the panel displa's @All Tas9s %assed8@ clic9 "e7t to continue. T0o 0arnings appear: one reminds 'ou to restart the ,eb ServerX the other reminds 'ou to enable the mail and calendar services in the domain. The ne7t steps complete these steps. Clic9 Close to e7it the $elegated Administrator Coniguration 0i:ard. (estart the ,eb Server. cd *var*opt*S+",0bsvr2*https;0ireless.comms.beta.com*bin .*stopserv .*startserv 1odi' the mail and calendar domains8 and create users b' using the commadmin utilit': *opt*sun*comms*da*bin*commadmin domain modi' ;$ admin ;0 adminpass ;U 0ireless.comms.beta.com ;n comms.beta.com ;p -0-0 ;d comms.beta.com ;S mail8cal ;C 0ireless.comms.beta.com *opt*sun*comms*da*bin*commadmin user create ;$ admin ;? 5ohn ;l Jdoe ;# $oe ;n comms.beta.com ;p -0-0 ;0 adminpass ;, demo ;U 0ireless.comms.beta.com ;S mail8cal ;6 JdoeWcomms.beta.com ;C 0ireless.comms.beta.com *opt*sun*comms*da*bin*commadmin user create ;$ admin ;? Calendar ;l calmaster ;# 1aster ;n comms.beta.com ;p -0-0 ;0 adminpass ;, adminpass ;U 0ireless.comms.beta.com ;S mail8cal ;6 calmasterWcomms.beta.com ;C 0ireless.comms.beta.com Rou can create as man' users as 'ou li9e at this point. Steps later in this document sho0 ho0 to add %resence and !nstant 1essaging services to those users. To #og in to $elegated Administrator !n 'our 0eb bro0ser8 open a +(# or $elegated Administrator. The +(# or $elegated Administrator is: *ttp:::2ully-1uali2ied-*ostname:)e--server-port:da:D&:Aogin !n this e7ample8 t'pe: *ttp:::)ireless!comms!-eta!com:%"%":da:D&:Aogin #og in using admin and adminpass as the user !$ and pass0ord. Ater veri'ing that 'ou can access $elegated Administrator8 log out. Continue 0ith the ne7t section. Coniguring 1essaging Server This section describes coniguring 1essaging Server. To Conigure 1essaging Server Change to the director' 0here the 1essaging Server conigure script is stored8 then run the script8 or e7ample: cd *opt*sun*comms*messaging/.*sbin .*conigure The Coniguration ,i:ard appears. (ead the introductor' inormation and proceed b' clic9ing "e7t. Keri' the ollo0ing: ?ull' )ualiied host name o messaging server8 ?TC": D0ireless.comms.beta.comF $irector' to store conig*data iles: D*var*opt*sun*comms*messaging/.F !nstall 1TA8 1essage Store8 and ,ebmail Server: "o need to install multiple7or. "ame o the mail server +ni7 user: username DmailsrvF Rou might need to change to mailsrv3 i this 0as the actual user created previousl'. "ame o +ni7 group: group DmailF The installation script prompts or a series o options. The ollo0ing table sho0s ho0 to respond to the coniguration options: Table 13 Kalues or 1essaging Server conigure Script Option D$eault KalueF 6nter: +ser*Aroup Server #dap Dldap:**0ireless.comms.beta.com:3-&F accept deault Bind As DcnE$irector' 1anagerF accept deault %ass0ord N adminpass %ostmaster email address N ooW0ireless.comms.beta.com %ass0ord or 1essaging Server accounts N adminpass $eault email $omain Dcomms.beta.comF accept deault Organi:ation $" DoEcomms.beta.com8oEispF accept deault Clic9 "e7t8 then clic9 Conigure "o0. Rou might receive an error about the ,ebmail port being in use. Clic9 OH to ac9no0ledge this message. The coniguration begins. ,hen coniguration is inished8 clic9 "e7t to continue8 then clic9 Close to e7it "ote Rou might observe a ailure such that not all the messaging coniguration tas9s have passed. ! this is the case8 rerun the 1essaging Server coniguration script b' repeating all the previous steps in the To Conigure 1essaging Server section. ,hen prompted or the director' in 0hich to store coniguration or data iles8 use the same director' as beore. A popup 0indo0 0ill state that this director' alread' e7ists. Clic9 Accept An'0a' to veri' that the same director' 0ill be used. Conigure the 0ebmail port. *opt*sun*comms*messaging/.*bin*conigutil ;o service.http.port ;v 30-0 Start 1essaging Server: *opt*sun*comms*messaging/.*bin*stop;msg *opt*sun*comms*messaging/.*bin*start;msg Continue 0ith the ne7t section to conigure Calendar Server. Coniguring Calendar Server This section sho0s 'ou ho0 to run the Calendar Server coniguration script and ho0 to veri' the Calendar Server coniguration. Change to the director' 0here the coniguration script 0as installed then run the coniguration script8 or e7ample: cd *opt*sun*comms*calendar*S+",ics4*cal*sbin .*csconigurator.sh Clic9 "e7t at the ,elcome page. The coniguration 0i:ard prompts or a series o options. The ollo0ing table sho0s ho0 to respond to the coniguration options: Table 1. Kalues or Calendar Server csconigure Script Option D$eault KalueF 6nter: #$A% Server Cost "ame D0ireless.comms.beta.comF accept deault #$A% Server %ort D3-&F accept deault $irector' 1anager $" DcnE$irector' 1anagerF accept deault $irector' 1anager %ass0ord N adminpass 6nable Kirtual $omains support chec9ed accept deault Kirtual $omains settings: $eault domain Dcomms.beta.comF accept deault Calendar Administrator +sername DcalmasterF accept deault Calendar Administrator %ass0ord N adminpass Calendar Administrator 6mail address DcalmasterWcomms.beta.comF accept deault Site administrator DResF accept deault Setup a ?ront 6nd*Bac9 6nd deplo'ment unchec9ed accept deault 6mail Alarms D6nabledF accept deault Administrator 6mail Address DcalmasterWcomms.beta.comF accept deault S1T% Cost "ame D0ireless.comms.beta.comF accept deault Service %ort D-0F 30-0 1a7imum Sessions D4000F accept deault 1a7imum Threads D30F accept deault "umber o server processes D1F accept deault (untime +ser !$ DicsuserF accept deault (untime Aroup !$ DicsgroupF accept deault Start Calendar Server ater successul coniguration unchec9ed accept deault Start Calendar Server on s'stem startup chec9ed +nchec9 Conig $irector' D*etc*opt*sun*comms*calendar*S+",ics4*conigF accept deault $atabase $irector' D*var*opt*sun*comms*calendar*S+",ics4*csdbF accept deault Attachment Store $irector' D*var*opt*sun*comms*calendar*S+",ics4*astoreF accept deault #ogs $irector' D*var*opt*sun*comms*calendar*S+",ics4*logsF accept deault Temporar' ?iles $irector' D*var*opt*sun*comms*calendar*S+",ics4*tmpF accept deault 6nable Archive Chec9ed accept deault Archive D*var*opt*sun*comms*calendar*S+",ics4*csdb*archiveF accept $irector' deault 6nable Cot Bac9up Chec9ed accept deault Cot Bac9up $irector' D*var*opt*sun*comms*calendar*S+",ics4*csdb*hotbac9upF accept deault Heep archives or (in da's) D1inium: 38 1a7imum: /F accept deault Heep hot bac9ups or (in da's) D1inium: 38 1a7imum: /F accept deault Same as archive chec9bo7 Chec9ed accept deault Clic9 Conigure "o0 to conigure Calendar Server. Clic9 "e7t 0hen the coniguration is complete. Clic9 $etails to veri' that all pac9ages conigured correctl'. Clic9 Close to e7it the conigurator. 6dit the ics.con ile to set calendar alarms and other deault preerences. cd *etc*opt*sun*comms*calendar*S+",ics4*conig cp ics.con ics.con.orig vi ics.con (emove the comments rom the ollo0ing values to enable Calendar Server alarms: caldb.serveralarms.url E @enp:***ics*customalarm@ caldb.serveralarms.contentt'pe E @te7t*7ml@ Consider changing the ollo0ing values: calstore.deault.time:one!$ E @America*#osIAngeles@ service.calendarsearch.ldap E @no@ service.http.ui.enable E @'@ service.http.renderhtml E @'es@ Change the Calendar AC#: ?rom calstore.calendar.deault.acl E @WWoYaYrYgXWWoYcY0deicYgXWYaYsYgXWYcYYgXWYpYrYg@ to calstore.calendar.deault.acl E @WWoYaYrYgXWWoYcY0deicYgXWYaYrsYgXWYcYYgXWYpYrYg@ (Optional) ! 'ou changed the calstore.deault.time:one!$ in the ics.con ile8 ma9e the ollo0ing edit to the *opt*sun*comms*calendar*S+",ics4*cal*html*en*deaultIuserIpres.7ml ile: =userpre nameE@icsTimeQone@ deaultIvalueE@America*#osIAngeles@ *> (Optional) To change the deault time :one in $elegated Admininstrator8 edit the $omainCalendarService.7ml and +serCalendarService.7ml iles in the *opt*sun*comms*da*lib*services director'. These iles control usersM deault time :ones created b' using $elegated Administrator. !n these iles8 change the value o the time :one: America*$enver to America*#osIAngeles (or 'our preerred time :one). (un the ollo0ing commands to delete and reload the service schemas. *opt*S+",am*bin*amadmin ;u amadmin ;0 adminpass ;r $omainCalendarService *opt*S+",am*bin*amadmin ;u amadmin ;0 adminpass ;s *opt*sun*comms*da*lib*services*$omainCalendarService.7ml *opt*S+",am*bin*amadmin ;u amadmin ;0 adminpass ;r +serCalendarService *opt*S+",am*bin*amadmin ;u amadmin ;0 adminpass ;s *opt*sun*comms*da*lib*services*+serCalendarService.7ml Start the Calendar Server daemons8 or e7ample: cd *opt*sun*comms*calendar*S+",ics4*cal*sbin .*stop;cal .*start;cal (estart 'our ,eb container8 or e7ample: cd *var*opt*S+",0bsvr2*https;0ireless.comms.beta.com*bin .*stopserv .*startserv Continue 0ith the ne7t section to conigure !nstant 1essaging. Con2iguring $nstant Messaging This section sho0s 'ou ho0 to run the !nstant 1essaging conigurator script. To Conigure !nstant 1essaging Change to the director' 0here the coniguration script 0as installed then run the conigurator script. ?or e7ample: cd *opt*sun*comms*im*sbin .*conigure The Components Selection page appears. Keri' that both Server components and Client components are selected or coniguration8 then clic9 (eturn to continue. The coniguration 0i:ard prompts or a series o options. (espond to the series o options as ollo0s. Ater each )uestion8 'ou are prompted i 'ou 0ant to go bac9 to previous panel. Al0a's accept the deault ans0er o no unless 'ou need to ma9e a change to a previous ans0er. The ollo0ing table sho0s ho0 to respond to the coniguration options: Table 14 Kalues or !nstant 1essaging conigure Script Option D$eault KalueF 6nter: +se A1 or Single;Sign; On no 'es (untime +ser !$ DinetuserF See "ote. root (untime Aroup !$ DinetgroupF See "ote. root (untime $irector' D*var*opt*S+",iimF accept deault Create (untime $irector' DChoose "e0F Create $irector' $omain "ame Dcomms.beta.comF accept deault U1%% %ort D4333F accept deault 1ultiple7ed U1%% %ort D.4333F accept deault U1%% Server %ort D43/&F accept deault $isable Server (enable onl' multiple7or) DnoF accept deault #$A% Cost "ame D0ireless.comms.beta.comF accept deault #$A% %ort "umber D3-&F accept deault Base $" DdcEcomms8dcEbeta8dcEcomF oEisp Bind $" ;; cnE$irector' 1anager Bind %ass0ord ;; adminpass 6nable 6mail !ntegration D'esF accept deault S1T% Server D0ireless.comms.beta.comF accept deault 6nable 6mail Archiving D'esF accept deault $eplo' 1essenger (esources D'esF accept deault Codebase Dhttp:**0ireless.comms.beta.com:-0*imF Dhttp:**0ireless.comms.beta.com:-0-0*imF 6nable Audio DnoF 'es ,ebcontainer ;; *opt*S+",0bsvr2 %ath ,eb Administration +(# ;; Dhttps:**0ireless.comms.beta.com:-&-&*F ,eb Administrator +ser !d DadminF accept deault ,eb Administrator %ass0ord ;; adminpass $eplo' !1 CTT% Aate0a' D'esF no $eplo' !1 !1%S Aate0a' D'esF accept deault Conte7t (oot Dhttp:**0ireless.comms.beta.com:-0-0*impsF Dhttp:**0ireless.comms.beta.com:-0-0*impsF ,ebcontainer %ath *opt*S+",0bsvr2 *opt*S+",0bsvr2 ,eb Administration +(# Dhttps:**0ireless.comms.beta.com:-&-&*F accept deault ,eb Administrator +ser !d DadminF accept deault ,eb Administrator %ass0ord ;; adminpass 6nable Calendar Agent DnoF 'es 6nable local component DnoF 'es U1%% server Costname D0ireless.comms.beta.comF accept deault U1%% server port D43/&F accept deault "otiication Server Costname ;; 0ireless.comms.beta.com "otiication Server %ort D42&&2F accept deault Calendar alarm +(# Denp:***ics*customalarmF accept deault 6nable S1S Aate0a' DnoF accept deault 6nable local component DnoF accept deault 6nable 1S" Aate0a' DnoF accept deault 6nable local component DnoF accept deault 6nable A!1 Aate0a' DnoF accept deault 6nable local component DnoF accept deault Start Services Ater Successul Coniguration D'esF no Start Services ,hen S'stem starts D'esF no "ote Access 1anager re)uires that 'ou install and run !nstant 1essaging services as root. Rou 0ill see a pop;up that running as root is not recommended. ?or this evaluation8 accept the super;user setting. The !nstant 1essaging coniguration begins. !t could ta9e a 0hile to complete the coniguration. ,hen the coniguration is complete8 continue to the ne7t step. 6dit the iim.con ile to prepare or the ne0 Communications Client. G cd *etc*opt*S+",iim*deault*conig G cp iim.con iim.con.orig G vi iim.con Rou 0ill add the ne0 httpbind and avatar component 5!$s to this ile b' ma9ing the ollo0ing changes*additions: iimIserver.components E @agent; calendar8httpbind8smppbind8msnIgate0a'8aimIgate0a'8avatar@ iimIagent.enable E @true@ Z httpbind component (CTT%*U1%% Aate0a') Z EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE iimIagent.httpbind.enable E @true@ httpbind.Jid E @0ireless.httpbind.comms.beta.com@ httpbind.pass0ord E @adminpass@ Z avatar component Z EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE iimIagent.avatar.enable E @true@ avatar.Jid E @0ireless.avatar.comms.beta.com@ avatar.pass0ord E @adminpass@ Start the !nstant 1essaging server. ?or e7ample: G *opt*sun*comms*im*sbin*imadmin start ! 'ou choose to monitor the S1? logs8 the' are located in the *var*svc*log director'. The log name is application;sunim:deault.log. Continue 0ith the ne7t section. To #og in to !nstant 1essaging !n 'our 0eb bro0ser8 open a +(# or !nstant 1essaging. The +(# or !nstant 1essaging is: http:**ull';)ualiied;hostname:port*im*en*im.Jnlp !n this e7ample8 t'pe: http:**0ireless.comms.beta.com:-0-0*im*en*im.Jnlp "ote ! 'ou cannot log in to !nstant 1essaging as a user8 'ou might need to manuall' add the !nstant 1essaging and %resence Services to the user. See To Add Services to the #o0er #evel Organi:ation or more inormation. Coniguring Access 1anager The ollo0ing procedures enable Access 1anager authentication 0ith !nstant 1essaging8 and enable the !nstant 1essaging services or all users. To #og !n to Access 1anager !n 'our 0eb bro0ser8 open a +(# or the Access 1anager console and log in as amadmin. The +(# or the Access 1anager console is: http:**ull';)ualiied;hostname:port*amconsole !n this e7ample8 t'pe: http:**0ireless.comms.beta.com:-0-0*amconsole #og in as amadmin. The pass0ord is adminpass. To Add Services to the #o0er #evel Organi:ation ! 'ou set 'our Organi:ation $" to oEcomms.beta.com8oEisp 'ou 0ill need to add !1 and %resence services to the comms.beta.com organi:ation. Once these services have been added to the suborg8 'ou must add the necessar' services to each user in this suborg. "ote %reviousl'8 'ou created a set o users 0ith the commadmin command. These users e7ist in the comms.beta.com organi:ation. At this point8 there are no Services deined or these users. Rou need to register the services 0ith these users or them to be able to log in to !nstant 1essaging. +pon logging into the Access 1anager Console8 'ou see a vie0 o all 'our organi:ations8 including the comms.beta.com organi:ation. Clic9 the lin9 to comms.beta.com. !n the right pane8 'ou see a list o Aeneral %roperties. One o these properties is $omain "ame. Keri' the !nstant 1essaging domain name that 'ou speciied during the !nstant 1essaging coniguration. !n this e7ample8 the domain name is comms.beta.com. ! the ield is blan98 t'pe the domain name then clic9 the Save button. Choose Services rom the Kie0 menu in the let pane. Clic9 the Add button. 6ither clic9 the individual services to add to this organi:ation8 or clic9 the bo7 at the top o the list that sho0s t0o chec9bo7es. This selects all the services. +pon selecting all the services8 clic9 the OH button to add all the services to the suborgani:ation. ,ithin this same suborgani:ation8 clic9 the properties icon ne7t to the name o Authentication Coniguration. "ormall'8 the service instance @ldapService@ 0ill e7ist. ! a service instance (such as ldapService@) does not e7ist8 'ou 0ill need to create one. To do so8 perorm the ollo0ing steps. "ote that i the ldapService instance alread' e7ists 'ou ma' s9ip these steps: Clic9 the "e0 button to deine a ne0 service instance. T'pe the !nstance "ame ldap18 then clic9 the Submit button. The ldap1 service instance is created. Clic9 the ldap1 lin9. Clic9 6dit besides Authentication Coniguration. A ne0 0indo0 appears. Clic9 the Add button to add the #$A% module o this ne0 ldap1 instance and select the #$A% 1odule "ame rom the pulldo0n menu. The 6norcement Criteria should be (6T+!(6$. Clic9 OH to add the module8 then clic9 OH again to save the module properties. Then clic9 Cancel to close the 0indo0. "ote ! the #$A% module name is missing in the pulldo0n menu8 complete the ne7t step (o assigning ldap1 to the Core service). Then e7it the Access 1anager console and restart ,eb Server. Ater logging into the Access 1anager Console8 tr' again to add the #$A% module and #$A% should appear. Clic9 the properties icon ne7t to Core8 Just belo0 Authentication 1odules. Rou need to select the e7isting ldap service instance ldapService or the ne0l' created ldap1 service or both Administrator Authentication Coniguration and Organi:ation Authentication Coniguration. Clic9 Save. Choose +sers rom the Kie0 menu in the let pane. A list o users is presented. Rou need to add the services 'ou Just registered in this suborgani:ation to each user. Clic9 the propert' icon beside a user. !n the right pane8 open the Kie0 drop;do0n menu and choose Services. "o services are listed. Clic9 the Add button. A list o services appears. Clic9 the double;chec9ed bo7 at the top o the list o services to add all services. Then clic9 the OH button. "ote The minimum services that 'ou need to add to each user are the !1 and %resence services. The Authentication Coniguration service does not need to be added to each user but must be conigured in each subdomain. To Conigure +ser Services +se this procedure i 'ou 0ant Access 1anager services to automaticall' be added upon user creation. This is useul i 'ou 0ant the !nstant 1essaging8 %resence8 and %ortal services to be automaticall' created or each user 'ou create through $elegated Administrator (either the command;line utilit' or console). Caution Tr' this on a test s'stem irst to veri' that 'ou donMt have subse)uent perormance issues. !n the Access 1anager console8 rom 0ithin the comms.beta.com organi:ation8 select the Service Coniguration tab. Clic9 the properties icon beside Administration service. !n the right pane8 scroll do0n until 'ou see (e)uired Services. Add the ollo0ing services b' t'ping the name o the service in the entr' bo7 and clic9ing Add. Sun!1 Sun%resence Add an' other services 'ou choose. Clic9 Save. To Conigure +ser Services or All +sers in a Aiven $omain Rou can also conigure the !1 and %resence services or all users in a given domain at once b' using the imadmin assignIservices command8 instead o manuall' adding the services in the Access 1anager console or automaticall' adding the services upon user creation. (un the ollo0ing commands to add !1 and %resence services or all users in a given domain: cd *opt*sun*comms*im*sbin .*imadmin assignIservices %lease enter base $": oEcomms.beta.com8oEisp Assigning !1 and %resence services to users under base$": oEcomms.beta.com8oEisp ... $one. (estart the 0eb container. cd *var*opt*S+",0bsvr2*https;0ireless.comms.beta.com*bin .*stopserv .*startserv Coniguring Sun Convergence This section describes ho0 to conigure Sun Convergence b' using the init;conig command. (un the Convergence coniguration script. cd *opt*sun*comms*i0c*sbin .*init;conig (ead the Sot0are (e)uirements and clic9 "e7t to continue. $irector' to store Coniguration and $ata ?iles D*var*opt*sun*comms*i0cF The Components Selection page appears. Keri' that 1ail Service8 Calendar Service8 and !nstant 1essaging Service are selected or coniguration8 then clic9 "e7t to continue. The coniguration 0i:ard prompts or a series o options. The ollo0ing table sho0s ho0 to respond to the coniguration options: Table 1/ Kalues or Convergence conigure Script Option D$eault KalueF 6nter: Cost "ame D0irelessF accept deault $"S $omain "ame Dcomms.beta.comF accept deault Application Server !nstall $irector' D*opt*S+",appserverF accept deault $omain $irector' D*opt*S+",appserver*domains*domain1F accept deault $ocument (oot $irector' D*opt*S+",appserver*domains*domain1*docrootF accept deault Server Target "ame DserverF accept deault Kirtual Server !dentiier DserverF accept deault Server !nstance CTT% %ort D-0-0F -0 Administration D.-.-F accept deault Server %ort Administrator +ser !$ DadminF accept deault Administrator %ass0ord N adminpass Secure Administration Server !nstance Chec9ed Chec9ed +(! %ath Di0cF accept deault 6nable Costed $omain Support chec9ed accept deault $irector' Server #$A% +(# Dldap:**0ireless.comms.beta.com:3-&*F accept deault Bind $" DcnE$irector' 1anagerF accept deault Bind %ass0ord N adminpass $C Tree sui7 DoEispF accept deault $eault $omain "ame Dcomms.beta.comF accept deault ,ebmail Server Cost "ame D0ireless.comms.beta.comF accept deault ,ebmail Server %ort "umber D-&&0F 30-0 Access in SS# mode unchec9ed accept deault ("ot secure) ,ebmail Admin +ser !$ DadminF accept deault Admin %ass0ord N adminpass Calendar Server Cost "ame D0ireless.comms.beta.comF accept deault Calendar Server %ort D-0F 30-0 Access in SS# mode unchec9ed accept deault ("ot secure) Administrator +ser !$ DcalmasterF accept deault Administrator +ser %ass0ord N adminpass !nstant 1essaging Server $omain "ame Dcomms.beta.comF accept deault !nstant 1essaging Server Cost "ame D0ireless.comms.beta.comF accept deault Server %ort D43/&F accept deault httpbind Component 5!$ D0ireless.httpbind.comms.beta.comF accept deault %ass0ord N adminpass Avatar Component 5!$ D0ireless.avatar.comms.beta.comF accept deault %ass0ord N adminpass Convergence Administrator +sername DadminF accept deault %ass0ord N adminpass Clic9 Conigure "o0 to conigure Sun Convergence. Clic9 "e7t 0hen the coniguration is complete. The s'stem displa's a message to restart the Application Server !nstance. Clic9 OH to dismiss the message. Clic9 "e7t to continue. Clic9 Close to )uit the Sun Convergence coniguration 0i:ard. (estart Application Server. *opt*S+",appserver*bin*asadmin stop;domain domain1 *opt*S+",appserver*bin*asadmin start;domain domain1 !n 'our 0eb bro0ser8 open a +(# or Sun Convergence and log in as a test user. The +(# or Sun Convergence is: http:**ull';)ualiied;hostname*i0c !n this e7ample8 t'pe: http:**0ireless.comms.beta.com*i0c Coniguring Communications 67press (Optional) Ao to the director' 0here the coniguration script 0as installed. cd *opt*sun*comms*ce*sbin (un the Communications 67press conigurator script: .*conig;u0c Clic9 "e7t at the ,elcome page. Accept the director' to store coniguration and data iles: D*var*opt*sun*comms*ceF !nstall 1ail and Calendar Components. The installation script prompts or a series o options. The ollo0ing table sho0s ho0 to respond to the coniguration options: Table 12 Kalues or the Communications 67press conig;u0c Script Option D$eault KalueF 6nter: Cost "ame D0irelessF accept deault $"S $omain "ame Dcomms.beta.comF accept deault ,eb Container D,eb ServerF accept deault Server (oot $irector' D*opt*S+",0bsvr2F accept deault Conig (oot $irector' D*var*opt*S+",0bsvr2F accept deault Server !nstance !dentiier D0ireless.comms.beta.comF accept deault Kirtual Server !dentiier D0ireless.comms.beta.comF accept deault CTT% %ort D-0F -0-0 Administration Server %ort D--00F accept deault Administrator +ser !$ DadminF accept deault Administrator %ass0ord N adminpass Secure Administration Server !nstance D+nchec9edF accept deault ,eb Container +ser !$ DrootF accept deault ,eb Container Aroup !% DrootF accept deault +(! %ath D*u0cF accept deault 6nable Costed $omain Support DChec9edF Chec9ed (Res) $irector' Server #$A% +(# Dldap:**0ireless.comms.beta.com:3-&*F accept deault Bind $" DcnE$irector' 1anagerF accept deault Bind %ass0ord N adminpass $C Tree sui7 DoEispF accept deault $eault $omain "ame Dcomms.beta.comF accept deault 6nable Access 1anager or Single Sign;On D+nchec9edF accept deault ("ot enabled) ,ebmail Server Cost "ame D0ireless.comms.beta.comF accept deault ,ebmail Server %ort "umber N 30-0 (See "ote 1) 6nable login in secure mode D+nchec9edF accept deault ("ot secure) ,ebmail Server SS# %ort "umber N #eave blan9 ,ebmail Admin +ser!$ N admin Admin %ass0ord N adminpass Calendar Server Costname D0ireless.comms.beta.comF accept deault Calendar Server %ort D&00.F 30-0 Calendar Administrator +ser !$ DcalmasterF accept deault Calendar Administrator +ser %ass0ord N adminpass +(# o %AB $irector' Server Dldap:**0ireless.comms.beta.com:3-&F accept deault Bind As DcnE$irector' 1anagerF accept deault Bind %ass0ord N adminpass "ote 1: Ater selecting a ,ebmail %ort "umber8 a popup might occur stating that it is unable to connect to hostname:30-0. Accept this port an'0a'. !n other cases a popup ma' occur reminding 'ou to enable Communications 67press ,ebmail. Clic9 OH to dismiss an' popup that might occur. Clic9 Conigure "o0 to conigure Communications 67press. Ater the coniguration is complete8 clic9 "e7t to continue. The s'stem displa's a message to restart the ,eb Server !nstance. Clic9 OH to dismiss the message. Clic9 "e7t to continue. Clic9 Close to )uit the Communications 67press conigurator. 6nable +,C ,ebmail. cd *opt*sun*comms*messaging/.*sbin .*conigutil ;o local.0ebmail.sso.u0cenabled ;v 1 .*stop;msg .*start;msg (estart ,eb Server. cd *var*opt*S+",0bsvr2*https;0ireless.comms.beta.com*bin .*stopserv .*startserv !n 'our 0eb bro0ser8 open a +(# or Communications 67press and log in as a test user. The +(# or Communications 67press is: http:**ull';)ualiied;hostname:-0-0*u0c !n this e7ample8 t'pe: http:**0ireless.comms.beta.com:-0-0*u0c Creating Additional +ser Accounts and Aroups This section describes ho0 to create additional users accounts and groups. +sers and groups created in this ashion 0or9 0ith both Communications Services products and %ortal Server (i 'ou add %ortal Server to this deplo'ment at a later date). To Create +sers and Aroups The ollo0ing e7ample sho0s ho0 to create users using the $elegated Administrator command;line utilit' and also ho0 to create a group consisting o the users created. *opt*sun*comms*da*bin*commadmin user create ;$ admin ;? $emo ;l demo1 ;# One ;n comms.beta.com ;p -0-0 ;0 adminpass ;, demo ;U 0ireless.comms.beta.com ;S mail8cal ;6 demo1Wcomms.beta.com ;C 0ireless.comms.beta.com *opt*sun*comms*da*bin*commadmin user create ;$ admin ;? $emo ;l demo3 ;# T0o ;n comms.beta.com ;p -0-0 ;0 adminpass ;, demo ;U 0ireless.comms.beta.com ;S mail8cal ;6 demo3Wcomms.beta.com ;C 0ireless.comms.beta.com *opt*sun*comms*da*bin*commadmin group create ;$ admin ;A $emosta ;n comms.beta.com ;p -0-0 ;0 adminpass ;U 0ireless.comms.beta.com ;S mail ;6 $emostaWcomms.beta.com ;C 0ireless.comms.beta.com ;o calmaster ;m demo1 ;m demo3 "ote Creating groups using the $elegated Administrator command;line interace 0ill guarantee that these groups 0ill be recogni:ed b' Access 1anager as #$A% groups that can be searched on using !nstant 1essenger. The' can also be used to send email to the entire group. To +se $elegated Administrator to Create +sers An alternative to using the $elegated Administrator command;line utilit' to create users is to use the $elegated Administrator console. The high;level steps to create users 0ith $elegated Administrator console are the ollo0ing: Creating the user +sing Access 1anager to add Services to those user accounts (i necessar') %rior to using $elegated Administrator8 chec9 the resource.properties ile to ma9e sure users 0ill be created using options consistent 0ith 'our usage. Because this e7ample uses a hosted domain scenario8 'ou do not need to edit this ile to ma9e changes. ! 'ou do 0ant to ma9e changes8 perorm the ollo0ing steps. Change to the *var*opt*sun*comms*da*,6B;!"?*classes*sun*comm*cli*server*servlet director' and edit the resource.properties ile.G< The deault settings or servicepac9age reresh rates are: servicepac9age;ttlhoursE4 servicepac9age;ttlminutesE0 These parameters establish the time bet0een service pac9ages rereshes. !n this demo scenario8 service pac9ages do not change ver' oten so there is no need to reresh them ever' ive minutes. !nstead8 change the rate to reresh service pac9ages ever' ive hours. 1a9ing this change improves $elegated Administrator perormance. ! 'ou later decide to change the reresh rate to 30 hours8 set servicepac9age;ttlhours to 308 that is8 servicepac9age;ttlhoursE4. The deault setting or calender !$ t'pe is set using the s0itch;calt'pe variable as ollo0s: s0itch;calt'peEhosted The calt'pe can be either hosted or legac'. ,hen calt'pe is set to hosted8 users that are created through $elegated Administrator are created as uidWdomain rather than uid. ! 'ou ma9e an' changes to the resource.properties ile8 restart the ,eb Server. The irst time 'ou use $elegated Administrator8 'ou must add service pac9s to the organi:ation that contains 'our users: !n 'our 0eb bro0ser8 open the +(# or $elegated Administrator. !n this e7ample8 t'pe: http:**0ireless.comms.beta.com:-0-0*da*$A*#ogin #og in as amadmin. The pass0ord is adminpass. Clic9 the chec9 bo7 ne7t to comms.beta.com organi:ation8 then clic9 the Allocate Service %ac9age button. The Allocate Service %ac9age 0indo0 appears 0ith a list o service pac9ages organi:ed 0ithin a set o three pages. "ear the top o this list is a Compare button. To the right o this button is a button that maps the three pages into a single vie0. Clic9 the Single %age button. Select the desired service pac9ages then clic9 "e7t. The earth8 mars8 mercur'8 and venus choices are appropriate or this e7ample8 since the' have mail and calendar services enabled. 6ach service pac9age has a dierent mail )uota. Accept the 1ail Service deaults8 then clic9 "e7t. ! 'ou chose a service pac9age that contains Calendar8 t'pe the Calendar Cost 0ireless.comms.beta.com and Res or Anon'mous #ogin. Then clic9 "e7t. Select the )uantit' o each service pac9 desired then clic9 "e7t. A )uantit' o 100 is appropriate or this e7ample. (evie0 'our choices and clic9 ?inish to create the service pac9ages. Once the service pac9s have been allocated or the domain8 'ou can add users to the domain. Clic9 the domain lin9. That is8 clic9 comms.beta.com. Clic9 the "e0 button to create a ne0 user 0ithin this domain. T'pe a ?irst "ame (such as $emo)8 a #ast "ame (such as ?ive)8 a $ispla' "ame (such as $emo ?ive)8 then clic9 "e7t. Rou do not need to t'pe postal inormation. Clic9 "e7t again. Select a service pac9 or this user8 or e7ample8 earth8 then clic9 "e7t. T'pe the email address8 or e7ample8 demo4Wcomms.beta.com. The 1ail $eliver' Option should be #ocal !nbo7. #eave the remaining ields blan9 then clic9 "e7t. Choose 'our calendar preerences8 select 'our preerred time:one8 then clic9 "e7t. T'pe the #ogin !$ and %ass0ord then clic9 "e7t. !n this e7ample8 #ogin !$ is demo4 and pass0ord is demo. Keri' the user inormation then clic9 ?inish to create the user. #og in to Access 1anager as amadmin and veri' that the !1 and %resence services have been added to the ne0l' created user. ! not8 'ou 0ill need to assign services to those users as e7plained in To Add Services to the #o0er #evel Organi:ation. Coniguring !nstant 1essaging or Cigh Availabilit' on the Solaris %latorm Coniguring !nstant 1essaging or high availabilit' (CA) provides monitoring and recover' rom sot0are and hard0are ailures. The high availabilit' eature is implemented as a ailover data service and not as a scalable service. This eature is supported onl' on the Solaris operating s'stem. This chapter describes ho0 to conigure !nstant 1essaging or CA b' using the Sun Cluster sot0are. Beore 'ou begin8 'ou should be amiliar 0ith the general CA concepts and the Sun Cluster sot0are. ?or more inormation8 see CA (elated $ocumentation. This chapter includes the ollo0ing sections: !nstant 1essaging CA Overvie0 Setting +p CA or !nstant 1essaging Starting and Stopping the !nstant 1essaging CA Service (emoving CA or !nstant 1essaging CA (elated $ocumentation !nstant 1essaging CA Overvie0 +se Sun Cluster 0ith !nstant 1essaging to create a highl';available deplo'ment. This section provides inormation about CA re)uirements8 the terms used in e7amples in this chapter8 and the permissions that 'ou need to conigure CA. CA Coniguration Sot0are (e)uirements The !nstant 1essaging CA coniguration re)uires the sot0are as sho0n in the ollo0ing table. Sot0are and Kersion "otes and %atches Solaris 10 OS All versions o Solaris 10 OS are supported. Solaris 10 OS re)uires at least Sun Cluster 3.0 +pdate 3. Solaris 10 OS includes Solaris #ogical Kolume 1anager (#K1). Solaris & OS Starting 0ith Solaris & 1aintenance +pdate 2 (1+2) OS and the re)uired patches. Sun Cluster 3.1 or 3.3 Sun Cluster sot0are must be installed and conigured on all the nodes in the cluster. To install Sun Cluster 3.1 or 3.38 use the Sun 5ava 6nterprise S'stem installer b' ollo0ing the installation process in the Sun 5ava 6nterprise S'stem 4 +pdate 1 !nstallation Auide or +"!U. Ater 'ou install the Sun Cluster sot0are8 'ou must conigure the cluster. ?or more inormation8 see the Sun Cluster S'stem Administration Auide or Solaris OS. ?or related documentation8 see CA (elated $ocumentation. Sun Cluster %atches ; ?or Solaris & and 10 OS8 'ou can do0nload patches rom http:**sunsolve.sun.com. Solaris Kolume 1anager Solaris & and Solaris 10. Keritas Kolume 1anager (K7K1) Solaris & OS re)uires at least version 3.4 and the re)uired patches. Solaris 10 OS re)uires at at least version 3.4 and the re)uired patches. Keritas ?ile S'stem (K7?S) Solaris & OS re)uires at least version 3.4 and the re)uired patches. Solaris 10 OS re)uires at least version 3.4 and the re)uired patches. CA Coniguration %ermission (e)uirements To install and conigure an !nstant 1essaging CA coniguration8 log in or become superuser root and speci' a console or 0indo0 or vie0ing messages that e7ist in the *dev*console director'. CA Coniguration Terms and Chec9list The ollo0ing table describes the variables used in the e7amples in this chapter or coniguration e7amples. !n addition8 'ou 0ill need to gather the inormation beore 'ou conigure CA or !nstant 1essaging. Rou 0ill be prompted or this inormation during coniguration. +se this chec9list along 0ith the coniguration chec9list described in Coniguring !nstant 1essaging Ater !nstallation. "ame in 67ample $escription *global*im Alobal ile s'stem or cluster ile s'stem mount point. *local*im ?ailover ile s'stem mount point or the shared dis9. #OAICOSTI(S #ogical host name resource. !1I"O$61 "ode1 o the cluster. !1I"O$63 "ode3 o the cluster. !1I(A !nstant 1essaging resource group. !1ICAS%I(S !nstant 1essaging storage resource. !1ISK(I(S !nstant 1essaging resource. !1I(+"T!16I$!( 6ither global or ailover ile s'stem mount point. The value is *global*im or *local*im. !1ISK(IBAS6 !nstant 1essaging base installation director'. The deault value is *opt*sun*comms*im. !1ISCCAIBAS6 !nstant 1essaging CA agent base installation director'. The deault value is *opt*sun*comms*imIscha. !1I(+"T!16ICO"?! A #ocation o the !nstant 1essaging runtime conig director' *!1I(+"T!16I$!(*deault*conig. !"STA##;(OOT!11 !nstallation director' or instance 1 in a s'mmetric setup. ?or e7ample *opt*node1. !"STA##;(OOT!13 !nstallation director' or instance 3 in a s'mmetric setup. ?or e7ample *opt*node3. Setting +p CA or !nstant 1essaging This section describes the steps necessar' to set up high availabilit' or !nstant 1essaging. This section contains the ollo0ing topic: Choosing a Cigh Availabilit' 1odel or Rour !nstant 1essaging - $eplo'ment Choosing a Cigh Availabilit' 1odel or Rour !nstant 1essaging - $eplo'ment This section lists the high availabilit' models8 and describes the procedure to install and conigure the as'mmetric and s'mmetric models or deplo'ment. This section contains the ollo0ing topics: Cigh;#evel Tas9 #ist or an As'mmetric CA $eplo'ment Cigh;#evel Tas9 #ist or a S'mmetric CA $eplo'ment !nstalling and Coniguring in an As'mmetric CA 6nvironment !nstalling and Coniguring in a S'mmetric CA 6nvironment The ollo0ing table summari:es the advantages and disadvantages o each high availabilit' model. +se this inormation to decide the appropriate model or 'our deplo'ment. 1odel Advantages $isadvantages (ecommended +sers As'mmetric Simple Coniguration Bac9up node is 100[ reserved. (olling upgrade 0ith negligible do0ntime 1achine resources are not ull' utili:ed. A small service provider 0ith plans to e7pand in the uture. S'mmetric 6icient use o s'stem resources Cigher availabilit' (esource contention on the bac9up node. CA re)uires ull' redundant dis9s. A small corporate deplo'ment that can accept perormance penalties in the event o a single server ailure. "L1 #oad distribution 6as' e7pansion 1anagement and coniguration comple7it'. A large service provider 0ho re)uires distribution 0ith no resource constraints. Cigh;#evel Tas9 #ist or an As'mmetric CA $eplo'ment The ollo0ing is a list o the tas9s necessar' to install and conigure !nstant 1essaging or as'mmetric high availabilit': %repare the nodes. !nstall the Solaris operating s'stem on all the nodes o the cluster. !nstall Sun Cluster sot0are on all the nodes o the cluster. !nstall the !nstant 1essaging CA Agents pac9age8 S+",iimsc8 on all the nodes o the cluster b' using the Communication Suite / +pdate 1 installer. Create a ile s'stem on the shared dis9. !nstall !nstant 1essaging on all the nodes o the cluster b' using the Communications Suite / +pdate 1 installer. Create a s'mbolic lin9 rom the !nstant 1essaging *etc*opt*S+",iim director' to the shared dis9 !1I(+"T!16I$!( director' on all the nodes o the cluster. Coniguring the irst or the primar' node. +sing the Sun Cluster command;line interace8 set up CA on the primar' node. (un the !nstant 1essaging conigure utilit' on the primar' node. +sing the Sun Cluster command;line interace8 create and enable a resource group or !nstant 1essaging. ?or step;b';step instructions8 see !nstalling and Coniguring in an As'mmetric CA 6nvironment. Cigh;#evel Tas9 #ist or a S'mmetric CA $eplo'ment The ollo0ing is a list o the tas9s necessar' to install and conigure !nstant 1essaging or S'mmetric Cigh Availabilit': %repare the nodes. !nstall the Solaris operating s'stem sot0are on all the nodes o the cluster. !nstall the Sun Cluster sot0are on all the nodes o the cluster. Create our ile s'stems. Rou can create a cluster ile s'stems or global ile s'stems or ailover ile s'stems or local ile s'stems. Create the necessar' directories. !nstall the !nstant 1essaging CA Agents pac9age8 S+",iimsc8 on all nodes o the cluster b' using the Communications Suit / installer. !nstall and conigure the irst instance o !nstant 1essaging CA. +sing the Communications Suite / installer8 install !nstant 1essaging on the irst node o the cluster. +sing the Sun Cluster command;line interace8 conigure CA on the irst node. Create a s'mbolic lin9 rom the !nstant 1essaging *etc*opt*S+",iim director' to the shared dis9 !1I(+"T!16I$!( director' on the irst node. (un the !nstant 1essaging conigure utilit' on the irst node. +sing the Sun Cluster command;line interace8 create and enable a resource group or !nstant 1essaging on the irst node. +sing the Sun Cluster command;line interace to test the successul creation o the resource group8 perorm a ailover to the second node. !nstall and conigure the second instance o !nstant 1essaging CA. +sing the Communications Suite / installer8 install !nstant 1essaging on the second node o the cluster. +sing the Sun Cluster command;line interace8 conigure CA on the second node. Create a s'mbolic lin9 rom the !nstant 1essaging *etc*opt*S+",iim director' to the shared dis9 !1I(+"T!16I$!( director' on the secondar' node. (un the !nstant 1essaging conigure utilit' on the second node. +sing the Sun Cluster command;line interace8 create and enable a resource group or !nstant 1essaging on the second node. +sing the Sun Cluster command;line interace to test the successul creation o the resource group8 perorm a ailover to the irst node. ?or step;b';step instructions8 see !nstalling and Coniguring in a S'mmetric CA 6nvironment. !nstalling and Coniguring in an As'mmetric CA 6nvironment This section contains instructions or coniguring an as'mmetric high availabilit' !nstant 1essaging cluster. This sections contains the ollo0ing topics: Creating the ?ile S'stems or Rour CA $eplo'ment Creating the !nstant 1essaging $irector' on All Shared $is9s o the Cluster in Rour CA $eplo'ment !nstalling and Coniguring CA or !nstant 1essaging - Creating ?ile S'stems or CA $eplo'ment Create a ile s'stem on the shared dis9. The *etc*vstab director' should be identical on all the nodes o the cluster. ?or the cluster ile s'stem (C?S)8 the director' should be similar to the ollo0ing e7ample. GG Cluster ?ile S'stem*Alobal ?ile S'stem GG *dev*md*penguin*ds9*d.00 *dev*md*penguin*rds9*d.00 *global*im us 3 'es global8logging ?or the ailover ile s'stem (??S)8 the director' should be similar to the ollo0ing e7ample. GG ?ail Over ?ile S'stem*#ocal ?ile S'stem GG *dev*md*penguin*ds9*d.00 *dev*md*penguin*rds9*d.00 *local*im us 3 no logging "ote The ields in these commands are separated b' tabs and not spaces. Creating the !nstant 1essaging $irector' on all the Shared $is9s o the Cluster in the CA $eplo'ment ?or all the nodes o the cluster8 create a director'8 !1I(+"T!16I$!(8 to store the coniguration details and data. ?or e7ample8 to create an !nstant 1essaging director' on a shared dis98 t'pe either one o the ollo0ing: m9dir ;p *local*im or m9dir ;p *global*im !nstalling and Coniguring CA or !nstant 1essaging - Sot0are This section contains instructions or the tas9s involved in installing and coniguring CA or !nstant 1essaging. %erorm the ollo0ing tas9s to complete the coniguration: %reparing 6ach "ode o the Cluster Setting +p the %rimar' "ode !nvo9ing the conigure +tilit' on the %rimar' "ode %reparing 6ach "ode o the Cluster ?or each node in the cluster8 create the !nstant 1essaging runtime user and group under to run the components. The user !$ (+!$) and group !$ (A!$) numbers must be the same on all the nodes in the cluster. (untime +ser !$: +ser name using 0hich the !nstant 1essaging server runs. The deault value is inetuser. (untime Aroup !$: Aroup using 0hich the !nstant 1essaging server runs. The deault value is inetgroup. Although the conigure utilit' creates the !$s8 'ou can create the !$s beore 'ou invo9e the conigure utilit' as part o the preparation o each node. Create the runtime user and group !$ on a node 0here 'ou 0ill not invo9e the conigure utilit'8 0hich is usuall' secondar' node. 1a9e sure that the username8 group name and the corresponding user !$ and group !$ are same in the ollo0ing iles on all nodes: inetuser or the name that 'ou select in the *etc*pass0d director' on all the nodes in the cluster inetgroup or the name that 'ou select in the *etc*group director' on all the nodes in the cluster (eer to 'our operating s'stem documentation or detailed inormation about users and groups. !nstalling !nstant 1essaging Selecting the !nstallation $irector' !1ISK(IBAS6 ?or !nstant 1essaging and !nstant 1essaging Sun Cluster agent !1ISCCA8 the Communications Suite / installer uses the *opt*sun*comms director' on the Solaris operating s'stem as the deault installation director'. The value o the !1ISK(IBAS6 variable is *opt*sun*comms*im. Co0ever8 i 'ou are using a shared dis9 or binaries8 'ou must speci' a cluster ile s'stem (C?S) or a ailover ile s'stem (??S) installation director'. ?or e7ample8 i *global*im* is the installation director'8 then the value o !1ISK(IBAS6 is *global*im*im. ! 'ou are using a local dis98 'ou should install the !nstant 1essaging in the same director' on each machine in the node. "ote Coniguration iles and runtime iles reside on a C?S or on a highl';available ??S. Binaries are installed on local ile s'stems on each node at the same location. 6nables rolling upgrade o the !nstant 1essaging sot0are. Binaries8 coniguration iles and runtime iles either reside on a C?S or on a highl';available ??S. The !nstant 1essaging installation is re)uired onl' on one node as the binaries are shared across all the nodes. !nstant 1essaging upgrade needs a server do0n time. !nstalling !nstant 1essaging %roducts and %ac9ages !nstall products and pac9ages b' using the Communications Suite / +pdate 1 installer program. ?or more inormation about the installer8 reer to the Sun 5ava Communications Suite / +pdate 1 !nstallation Auide. The ollo0ing table lists the products or pac9ages re)uired or a multiple node cluster coniguration. %roduct or %ac9age "ode 1 "ode n Sun Cluster Sot0are Res Res !nstant 1essaging - 300- Server Res Res8 i 'ou use a local dis9 or coniguration iles and binaries. "o8 i 'ou use a shared dis9 or coniguration iles and binaries. Sun Cluster Agent or !nstant 1essaging S+",iimsc Res Res8 i 'ou use a local dis9 or coniguration iles and binaries. "o8 i 'ou use a shared dis9 or coniguration iles and binaries. Shared components Res Res !nstant 1essaging CA Agent !nstallation To install the !nstant 1essaging Sun Cluster CA agent8 perorm the ollo0ing steps: T'pe the Communications Suite installer command in the global :one. G commp9g install "ote !n case o Solaris 10 :ones8 run the above command rom global and non;global :ones. Select the !nstant 1essaging Sun Cluster CA Agent sot0are 0hen prompted. T'pe the Sun Cluster CA Agent preconiguration command. G !1ISCCAIBAS6*bin*init;conig "ote !n case o Solaris 10 :ones8 run the above command onl' rom the global :one. Setting +p the %rimar' "ode +se the Sun Cluster command line interace to set up CA on the irst node. (egister the !nstant 1essaging and CAStorage%lus resource. .*scrgadm ;a ;t S+",.CAStorage%lus .*scrgadm ;a ;t S+",.iim Create a ailover !nstant 1essaging resource group. ?or e7ample8 or a t0o node as'mmetric cluster setup8 the ollo0ing command creates the !nstant messaging resource group !1;(A 0ith the primar' node as "O$61 and the secondar'8 or ailover8 node as "O$63. .*scrgadm ;a ;g !1;(A ;h !1I"O$618!1I"O$63 Create a logical hostname resource in the !nstant 1essaging resource group and change the resource group state to online. ?or e7ample8 the ollo0ing instructions create the logical hostname resource #OAICOSTI(S and bring the resource group !1;(A to online state. .*scrgadm ;a ;# ;g !1;(A ;l #OAICOSTI(S .*scrgadm ;c ;J #OAICOSTI(S ;' \ (IdescriptionE@#ogicalCostname resource or #OAICOSTI(S@ .*scs0itch ;Q ;g !1;(A Create and enable the CAStorage%lus resource. ?or e7ample8 the ollo0ing commands create and enable the CAStorage%lus resource !1ICAS%I(S. scrgadm ;a ;J !1ICAS%I(S ;g !1;(A ;t S+",.CAStorage%lus:. ;7 ?iles'stem1ount%ointsE*!1I(+"T!16I$!( scrgadm ;c ;J !1ICAS%I(S ;' (IdescriptionE@?ailover data service resource or S+",.CAStorage%lus:.@ scs0itch ;e ;J !1ICAS%I(S Create a s'mbolic lin9 rom the !nstant 1essaging *etc*opt*S+",iim director' to the shared dis9 !1I(+"T!16I$!( director' on all the nodes o the cluster. ?or e7ample8 t'pe the ollo0ing commands on all the nodes o the cluster: G p0d *etc*opt* G ln ;s *!1I(+"T!16I$!( S+",iim !nvo9ing the conigure +tilit' on the %rimar' "ode !nvo9e the conigure utilit'. ?or e7ample8 rom the *!1ISK(IBAS6 director' t'pe the ollo0ing command: G p0d *!1ISK(IBAS6 G .*conigure ?or urther inormation about the conigure utilit'8 see Coniguring !nstant 1essaging Ater !nstallation. ,hen prompted or the !nstant 1essaging Server runtime iles director' !1I(+"T!16I$!(8 t'pe either o the ollo0ing commands: a. ! 'ou are using ailover ile s'stem or the runtime iles8 t'pe *local*im*. b. ! 'ou are using a cluster ile s'stem or the runtime iles8 t'pe *global*im*. ! prompted or the !nstant 1essaging host name8 t'pe the logical host. Choose to accept the logical host even i the conigure utilit' is unable to connect to the speciied host. The logical host resource might be oline at the time 0hen 'ou invo9e the conigure utilit'. $o not start !nstant 1essaging ater coniguration or on s'stem startup. Change the value o the iimI0d.period parameter to @/0@ and the iimI0d.ma7(etries parameter to @3@ in the ]] *!1I(+"T!16ICO"?!A*iim.con^^ ile. Create and enable the !nstant 1essaging resource. !n this e7ample8 the resource group name is !1ISK(I(S. %rovide the logical host resource name and the CAStorage%lus resource name. ?or e7ample8 .*scrgadm ;a ;J !1ISK(I(S ;g !1;(A ;t S+",.iim ;7 ServerIrootE*!1ISK(IBAS6 ;7 CondirIlistE*!1I(+"T!16ICO"?!A (e7: *local*im*deault*conig ) ;' (esourceIdependenciesE!1ICAS%I(S8#OAICOSTI(S .*scrgadm ;e ;J !1ISK(I(S Test the successul creation o the !nstant messaging resource group b' perorming a ailover. .* scs0itch ;: ;g !1;(A ;h !1I"O$63 "ote Rou do not need to conigure the second node as the coniguration is shared bet0een all the nodes b' sot lin9s pointing to the shared location. !nstalling and Coniguring in a S'mmetric CA 6nvironment This section contains instructions or coniguring a s'mmetric high availabilit' !nstant 1essaging s'stem. To conigure a s'mmetric high availabilit' !nstant 1essaging s'stem8 perorm the steps described in the ollo0ing sections: !nitial Tas9s !nstalling and Coniguring the ?irst !nstance o !nstant 1essaging !nstalling and Coniguring the Second !nstance o !nstant 1essaging !nitial Tas9s Rou must complete the ollo0ing preparator' tas9s beore installing !nstant 1essaging on the nodes. The preparator' tas9s are: !. Creating ?ile S'stems !!. !nstalling the !nstant 1essaging CA %ac9age !!!. %reparing 6ach "ode o the Cluster !. Creating ?ile S'stems !nstant 1essaging binaries8 coniguration iles8 and runtime iles reside on the C?S or on the highl' available ??S. ?or each !nstant 1essaging instance8 installation is needed on onl' one node as the binaries are shared across all the nodes. To create ile s'stems8 perorm the ollo0ing steps: Create our ile s'stems b' using C?S or ??S. To create a s'stem b' using C?S8 or e7ample8 the contents o the *etc*vstab ile should appear as ollo0s. G Cluster ?ile S'stem*Alobal ?ile S'stem GG *dev*md*penguin*ds9*d400 *dev*md*penguin*rds9*d400 *!"STA##;(OOT!11 us 3 'es logging8global *dev*md*penguin*ds9*d.00 *dev*md*penguin*rds9*d.00 *share;dis9;dir!11 us 3 'es logging8global *dev*md*polarbear*ds9*d300 *dev*md*polarbear*rds9*d300 *!"STA##;(OOT!13 us 3 'es logging8global *dev*md*polarbear*ds9*d300 *dev*md*polarbear*rds9*d300 *share;dis9;dir!13 us 3 'es logging8global "ote The ields must be separated b' tabs. To create a s'stem b' using ??S8 or e7ample8 the contents o the *etc*vstab ile should appear as ollo0s. G ?ailover ?ile S'stem*#ocal ?ile S'stem GG *dev*md*penguin*ds9*d400 *dev*md*penguin*rds9*d400 *!"STA##;(OOT!11 us 3 'es logging *dev*md*penguin*ds9*d.00 *dev*md*penguin*rds9*d.00 *share;dis9;dir!11 us 3 'es logging *dev*md*polarbear*ds9*d300 *dev*md*polarbear*rds9*d300 *!"STA##;(OOT!13 us 3 'es logging *dev*md*polarbear*ds9*d300 *dev*md*polarbear*rds9*d300 *share;dis9;dir!13 us 3 'es logging "ote The ields must be separated b' tabs. Create the ollo0ing mandator' directories on all the nodes o the cluster. G m9dir ;p *!"STA##;(OOT!11 share;dis9;dir!11 !"STA##;(OOT!13 share;dis9;dir!13 !!. !nstalling the !nstant 1essaging CA %ac9age !nstall the !nstant 1essaging Sun Cluster CA pac9age in t0o nodes. Rou can use the Communication Suite / +pdate 1 installer to install the CA pac9age. To install the !nstant 1essaging Sun Cluster CA agent8 perorm the ollo0ing steps: (un the Communications Suite / installation command. G commp9g install "ote !n case o Solaris 10 :one8 run the above command rom the global and non; global :ones. ,hen prompted8 select the !nstant 1essaging Sun Cluster CA Agent sot0are. T'pe the Sun Cluster CA Agent pre;coniguration command. G =!1ISCCAIBAS6>*bin*init;conig "ote !n case o Solaris 10 :one8 run the above command onl' rom the global :one. !!!. %reparing 6ach "ode o the Cluster ?or each node in the cluster8 create the !nstant 1essaging runtime user and group under 0hich the components 0ill run. The user !$ (+!$) and group !$ (A!$) numbers must be the same on all nodes in the cluster. (untime +ser !$: +ser name using 0hich the !nstant 1essaging server runs. The deault value is inetuser. (untime Aroup !$: Aroup using 0hich the !nstant 1essaging server runs. The deault value is inetgroup. Although the conigure utilit' creates these !$s8 'ou can create the !$s beore 'ou invo9e the conigure utilit' as part o the preparation o each node. Create the runtime user and group !$ on a node 0here 'ou might not invo9e the conigure utilit'8 0hich is usuall' secondar' node. 1a9e sure that the username8 group name and the corresponding user !$ and group !$ are same in the ollo0ing iles on all nodes: inetuser or the name that 'ou select in the *etc*pass0d director' on all the nodes in the cluster inetgroup or the name that 'ou select in the *etc*group director' on all the nodes in the cluster (eer to 'our operating s'stem documentation or detailed inormation about users and groups. !nstalling and Coniguring the ?irst !nstance o !nstant 1essaging To install the irst instance o !nstant 1essaging8 perorm the ollo0ing steps: Keri' 0hether the iles are mounted. On the primar' node "ode18 t'pe the ollo0ing command: d ;9 The ollo0ing message sho0s a sample output: *dev*md*penguin*ds9*d400 34030423 3.23- 3./34/3& 1[ *!"STA##;(OOT!11 *dev*md*penguin*ds9*d.00 34030423 3.23- 3./34/3& 1[ *share;dis9;dir!11 +sing the Communications Suite / installer8 install !nstant 1essaging on the primar' node. T'pe the Communications Suite installer command. G commp9g install "ote !n case o Solaris 10 :ones8 reer to the Sun 5ava Communications Suite / !nstallation Auide. At the Speci' !nstallation $irectories prompt8 t'pe the installation root !"STA##; (OOT!11. Create a s'mbolic lin9 rom the !nstant 1essaging the *etc*opt*S+",iim director' to the shared dis9 !1I(+"T!16I$!( director' on all the nodes o the cluster. ?or e7ample8 t'pe the ollo0ing commands on a cluster node: G p0d *etc*opt* G ln ;s *share;dis9;dir!11 S+",iim To conigure Sun Cluster on the irst node b' using the Sun Cluster command;line interace8 perorm the ollo0ing steps: (egister the ollo0ing resource t'pes. .*scrgadm ;a ;t S+",.CAStorage%lus .*scrgadm ;a ;t S+",.iim Create a ailover resource group. !n the ollo0ing e7ample8 the resource group is !1;(A18 !1I"O$61 is the primar' node and !1I"O$63 is the ailover node. .*scrgadm ;a ;g !1;(A1 ;h !1I"O$618!1I"O$63 Create a logical hostname resource or the node. Add the logical host name #OAICOSTI(S to the resource group. !nstant 1essaging listens on this hostname. The ollo0ing e7ample uses #OA;COST;!1;(S1. (eplace this value 0ith the actual hostname. .*scrgadm ;a ;# ;g !1;(A1 ;l #OA;COST;!1;(S1 .*scrgadm ;c ;J #OA;COST;!1;(S1 ;' (IdescriptionE @#ogicalCostname resource or #OA;COST;!1;(S1@ Bring the resource group online. scs0itch ;Q ;g !1;(A1 Create a CAStorage%lus resource and add it to the ailover resource group. !n this e7ample8 the resource is called !1ICAS%I(S1. (eplace the resource 0ith 'our o0n resource name. "ote The e7ample is split or displa' purpose in this document. .*scrgadm ;a ;J !1;CAS%;(S1 ;g !1;(A1 ;t S+",.CAStorage%lus:. ;7 ?iles'stem1ount%ointsE*!"STA##;(OOT!118 *share;dis9;dir!11 .*scrgadm ;c ;J !1;CAS%;(S1 ;' (IdescriptionE@?ailover data service resource or S+",.CAStorage%lus:.@ 6nable the CAStorage%lus resource. .*scs0itch ;e ;J !1;CAS%;(S1 To conigure the irst instance o !nstant 1essaging8 perorm the ollo0ing steps: (un the conigure utilit' on the primar' node. G cd *!"STA##;(OOT!11*im G .*conigure ?or more inormation about the conigure utilit'8 see conigure +tilit'. ,hen prompted or the !nstant 1essaging Server (untime ?iles $irector'8 t'pe *share; dis9;dir!11 i 'ou are using CAStorage%lus or the runtime iles. ,hen prompted or the !nstant 1essaging host name8 t'pe the logical host. Choose to accept the logical host even i the conigure utilit' cannot connect to the speciied host. The logical host resource might be oline at the time 0hen 'ou invo9e the conigure utilit'. $o not start !nstant 1essaging ater coniguration or on s'stem startup. Change the value o the iimI0d.period parameter to @/0@ and the iimI0d.ma7(etries parameter to @3@ in the ]] *!1I(+"T!16ICO"?!A*iim.con^^ ile. Create and enable the !nstant 1essaging resource. !n this e7ample8 the resource group name is !1ISK(I(S1.%rovide the logical host resource name and the CAStorage%lus resource name. .*scrgadm ;a ;J !1ISK(I(S1 ;g !1;(A1 ;t S+",.iim ;7 ServerIrootE*!"STA##;(OOT!11*im ;7 CondirIlistE*share;dis9;dir!11*deault*conig ;' (esourceIdependenciesE!1;CAS%;(S18#OA;COST;!1;(S1 .*scrgadm ;e ;J !1ISK(I(S1 Test the successul creation o the !nstant 1essaging resource group b' perorming a ailover. .* scs0itch ;: ;g !1;(A1 ;h !1I"O$63 "ote Rou do not have to conigure the second node as coniguration is shared bet0een all the nodes b' sot lin9s pointing to shared location. !nstalling and Coniguring the Second !nstance o !nstant 1essaging To install the second instance o !nstant 1essaging8 perorm the ollo0ing steps: Keri' 0hether the iles are mounted. On the primar' node !1I"O$638 t'pe: d ;9 The ollo0ing output is displa'ed: *dev*md*polarbear*ds9*d300 34030423 3.23- 3./34/3& 1[ *share;dis9;dir!13 *dev*md*polarbear*ds9*d300 34030423 3.23- 3./34/3& 1[ *!"STA##;(OOT!13 +sing the Communications Suite / installer8 install !nstant 1essaging on the primar' node. T'pe the Communications Suite installation command. G commp9g install "ote !n case o Solaris 10 :ones8 reer to the Sun 5ava Communications Suite / !nstallation Auide. At the Speci' !nstallation $irectories prompt8 speci' the installation root !"STA##; (OOT!13. Create a s'mbolic lin9 rom the !nstant 1essaging *etc*opt*S+",iim director' to the shared dis9 !1I(+"T!16I$!( director' on this cluster node. ?or e7ample8 t'pe the ollo0ing commands on all the nodes o the cluster: G p0d *etc*opt* G ln ;s *share;dis9;dir!13 S+",iim Coniguring Sun Cluster on the Second "ode To conigure Sun Cluster on the second node b' using the Sun Cluster command;line interace8 perorm the ollo0ing steps: Create a ailover resource group. !n the ollo0ing e7ample8 the resource group is !1;(A38 !1I"O$63 is the primar' node and !1I"O$61 is the ailover node. .*scrgadm ;a ;g !1;(A3 ;h !1I"O$638!1I"O$61 Create a logical hostname resource or this node. Add the logical host name #OAICOSTI(S to the resource group. !nstant 1essaging 0ill listen on this host name. The ollo0ing e7ample uses #OA;COST;!1;(S3 in the place 0here 'ou 0ill substitute in the actual hostname. .*scrgadm ;a ;# ;g !1;(A3 ;l #OA;COST;!1;(S3 .*scrgadm ;c ;J #OA;COST;!1;(S3 ;' (IdescriptionE @#ogicalCostname resource or #OA;COST;!1;(S3@ Bring the resource group online. scs0itch ;Q ;g !1;(A3 Create a CAStorage%lus resource and add it to the ailover resource group. !n this e7ample8 the resource is called !1;CAS%;(S3. (eplace it b' 'our o0n resource name. "ote that the lines are divided and sho0 as t0o lines in the e7ample or displa' purposes in this document. .*scrgadm ;a ;J !1;CAS%;(S3 ;g !1;(A3 ;t S+",.CAStorage%lus:. ;7 ?iles'stem1ount%ointsE*!"STA##;(OOT!138 *share;dis9;dir!13 .*scrgadm ;c ;J !1;CAS%;(S3 ;' (IdescriptionE@?ailover data service resource or S+",.CAStorage%lus:.@ 6nable the CAStorage%lus resource. .*scs0itch ;e ;J !1;CAS%;(S3 To conigure the second instance o !nstant 1essaging8 perorm the ollo0ing steps: (un the conigure utilit' on the primar' node. G cd *!"STA##;(OOT!13*im G .*conigure ?or more inormation about the conigure utilit'8 see conigure +tilit'. ,hen prompted or the !nstant 1essaging Server (untime ?iles $irector'8 t'pe one o the ollo0ing: ! 'ou are using an CAStorage%lus or the runtime iles8 t'pe *share;dis9;dir!13 ,hen prompted or the !nstant 1essaging host name8 t'pe the logical host. ?or e7ample8 accept the logical host even i the conigure utilit' cannot connect to the speciied host. The logical host resource might be oline 0hen 'ou invo9e the conigure utilit'. $o not start !nstant 1essaging ater coniguration or on s'stem startup. !n an CA coniguration8 the !nstant 1essaging service re)uires the logical host to be online or !nstant 1essaging to 0or9 correctl'. Change the value o the iimI0d.period parameter to @/0@ and the iimI0d.ma7(etries parameter to @3@ in the ]] *!1I(+"T!16ICO"?!A*iim.con^^ ile. Create the !nstant 1essaging resource and enable the resource. !n this e7ample8 the resource group name is !1ISK(I(S3.%rovide the logical host resource name8 the CAStorage%lus resource name8 and the port number. B' deault8 !nstant 1essaging uses ports 43/&84333 and .4333. ! the irst instance uses these port numbers8 use dierent port numbers or the second instance. .*scrgadm ;a ;J !1ISK(I(S3 ;g !1;(A3 ;t S+",.iim ;7 ServerIrootE*!"STA##;(OOT!13*im ;7 CondirIlistE*share;dis9;dir!13*deault*conig ;' (esourceIdependenciesE!1;CAS%;(S38#OA;COST;!1;(S3 ;7 portIlistE@4320*tcp@8@4333*tcp@8@.4333*tcp@ Test the successul creation o the !nstant messaging resource group b' perorming a ailover. .* scs0itch ;: ;g !1;(A3 ;h !1I"O$61 "ote Rou do not have to conigure the second node as coniguration is shared bet0een all the nodes b' sot lin9s pointing to shared location. Starting and Stopping the !nstant 1essaging CA Service To start and stop the !nstant 1essaging CA service8 use the Sun Cluster scs0itch command. Caution $o not use the imadmin start8 imadmin stop8 or imadmin reresh commands in a CA environment 0ith Sun Cluster. !nstead8 use the Sun Cluster administrative utilities. ?or more inormation about the Sun Cluster scs0itch command8 reer to the Sun Cluster (eerence 1anual or Solaris OS. To start the !nstant 1essaging CA service8 t'pe the ollo0ing command: G scs0itch ;e ;J !1ISK(I(S To stop the !nstant 1essaging CA service8 t'pe the ollo0ing command: G scs0itch ;n ;J !1ISK(I(S To restart the !nstant 1essaging CA Service8 t'pe the ollo0ing command: G scs0itch ;( ;J !1ISK(I(S Troubleshooting the !nstant 1essaging CA Coniguration To help troubleshooting error messages are stored in the error log. The logs are controlled b' the s'slog acilit'. ?or inormation about using the logging acilit'8 see the CA (elated $ocumentation and the s'slog.con man page. (emoving CA or !nstant 1essaging To remove !nstant 1essaging rom an CA environment8 remove the !nstant 1essaging cluster agent S+",iimsc. ,hen 'ou remove the S+",iimsc pac9age as described in this procedure8 an' customi:ation 'ou made to the (T( ile S+",.iim is lost. ! 'ou 0ant to restore them at a later time8 'ou need to create a bac9up cop' o S+",.iim beore removing S+",iimsc. To remove CA or !nstant 1essaging8 perorm the ollo0ing steps: Stop the !nstant 1essaging data service. scs0itch ;? ;g !1I(A $isable all resources in the !nstant 1essaging resource group !1I(A. G scs0itch ;n ;J !1ISK(I(S G scs0itch ;n ;J #OAICOSTI(S G scs0itch ;n ;J !1;CAS%;(S (emove the resources rom the !nstant 1essaging resource group. G scrgadm ;r ;J !1ISK(I(S G scrgadm ;r ;J #OAICOSTI(S G scrgadm ;r ;J !1;CAS%;(S (emove the !nstant 1essaging resource group. G scrgadm ;r ;g !1I(A (emove the !nstant 1essaging resource t'pe. G scrgadm ;r ;t S+",.iim (emove the S+",iimsc pac9age b' using the Sun 5ava 6nterprise S'stem installer or t'pe the p9grm S+",iimsc command. ,hen 'ou remove the pac9age8 an' customi:ation that 'ou ma9e to the (T( ile is lost. (emove an' lin9s that 'ou have created during the CA coniguration8 i 'ou are using a shared director' or coniguration iles and binaries. rm *etc*opt*S+",iim CA (elated $ocumentation A list o high availabilit' documentation is as ollo0s: Sun 5ava 6nterprise S'stem 4 +pdate 1 Technical Overvie0 Sun 5ava 6nterprise S'stem 4 +pdate 1 !nstallation Auide or +"!U describes the 5ava 6nterprise S'stem installer8 uninstaller8 and the supported installation scenarios. Sun 5ava 6nterprise S'stem 4 +pdate 1 (elease "otes provide current inormation about the Sun 5ava 6nterprise S'stem product. Sun Cluster Concepts Auide or Solaris OS provides a general bac9ground about the Sun Cluster sot0are8 data services8 terminolog' resource t'pes8 resources8 and resource groups. Sun Cluster $ata Services %lanning and Administration Auide or Solaris OS provides general inormation about planning and administration o data services. Sun Cluster S'stem Administration Auide or Solaris OS provides sot0are procedures or administering a Sun Cluster coniguration. Sun Cluster (eerence 1anual or Solaris OS describes commands and utilities e7isting 0ith the Sun Cluster sot0are8 including commands ound onl' in the S+",scman and S+",ccon pac9ages. Sun 5ava S'stem Communications Services / 3004T. $eplo'ment %lanning Auide provides urther inormation about ho0 CA is implemented in !nstant 1essaging. #abels parameters EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE Migrating Mailboxes to a New System Sometimes you must move mailboxes from one Messaging Server system to a another. This commonly occurs when migrating from a non-Sun Messaging Server to the Sun Java System Messaging Server, or moving mailboxes from one physical server to a different physical server. Messaging Server provides several ways to to do this. Each method has its advantages and disadvantages, which are described in the sections below. These methods are described in following sections: 1oving 1ailbo7es to Another 1essaging Server ,hile Online To 1ove 1ailbo7es +sing an !1A% client To 1ove 1ailbo7es +sing the MoveUser Command To 1ove 1ailbo7es +sing the imsimport Command See also: (educing 1essage Store Si:e $ue to $uplicate Storage 1oving 1essaging Server +sers ?rom One 1ailhost to Another moveuser Top Moving Mailboxes to Another Messaging Server While Online You can migrate the message store from an older version of Messaging Server to a newer version, or to move mailboxes from one Sun Messaging Server message store to another, while remaining on-line. This works for iPlanet Messaging Server 5.0 and later. It cannot be used to move messages from earlier versions of Messaging Server or a non-Sun Microsystems message store. Moving mailboxes while on-line have the following advantages and disadvantages: Advantages: System administrators move the mailboxes from the old source system to the new destination system without user involvement. This process is faster than any of the other processes. Re-linking is not required if you are moving an entire partition. Both Messaging Server systems remain active and online. You can migrate all the mailboxes on a messages store or a subset of those messages. This procedure allows for incremental migrations. Disadvantages: This method does not work with non-Sun messaging servers. The users being migrated will not have access to their mailboxes until the migration of their own mailbox is complete. This method can be complex and time consuming. Top Incremental Mailbox Migration While On-line Incremental migration provides numerous advantages for safely and effectively moving your message store to a different system or upgrading to a new system, incremental migration allows you to build a new back-end message store system alongside the old back-end message store. You can then test the new system, migrate a few friendly users, then test the new system again. Once you are comfortable with the new system and configuration, and you are comfortable with the migration procedure, you can start migrating real commercial users. These users can be split into discrete backup groups so that during migration, only members of this group are offline, and only for a short time. Another advantage of on-line incremental migration is that you do not have to plan for a system- wide back out in case your upgrade fails. A back out is a procedure for reverting changes you have made to a system to return the system to the original working state. When doing a migration, you have to plan for failure, which means that for every step in the migration requires a plan to return your system back to its previous operational state. The problem with offline migrations is that you can't be sure your migration is successful until you've completed all the migration steps and switched the service back on. If the system doesn't work and cannot be quickly fixed, you'll need a back out procedure for all the steps performed. This can be stressful and take some time, during which your users will remain offline. With an on-line incremental migration you perform the following basic steps: 1. Build the new system alongside the old one so that both can operate independently. 2. Configure the old system for the coexistence with the new. 3. Migrate a group of friendly users and test the new system and its coexistence with the old system. 4. Divide the users on the old system into groups and migrate group by group to the new one as desired. 5. Disassemble the old system. Because both systems will co-exist, you will have time to test and get comfortable with the new system before migrating to it. If you do have to perform a back out procedure--you only have to plan for steps 2 and 4. Step 2 is easy to revert since you don't ever touch user's data. In step 4, the back out is to revert the user's state back to active and their mailhost attribute back to the old host. No system-wide back out is required. Top On-line Migration Overview Migrating mailboxes while remaining online is a straightforward process. Complications arise when you try to ensure that messages in transit to the mailbox (sitting in an MTA channel queue waiting for delivery) are not lost in the migration process. One solution is to hold messages sent during the migration process in a held state and wait for the messages in the various channel queues to be delivered. However, messages can get stuck in queues because of system problems or because a particular user is over quota. In this case, you must address this situation before migrating the mailboxes. You can take various measures to reduce the likelihood of lost messages and to verify that messages are not stuck in a channel queue, but at a cost of increased complexity of the procedure. The order and necessity of steps in the procedure vary depending upon your deployment and whether every message addressed to every mailbox must not be lost. This section describes the theory and concepts behind the steps. It is incumbent on you to understand each step and decide which to take and in which order, given your specific deployment. Following is an overview of the process of moving mailboxes. This process might vary depending upon your deployment. 1. Block user access to the mailboxes being moved. 2. Temporarily hold messages addressed to the mailbox being moved. 3. Verify that messages are not stuck in the channel queues. 4. Change the user's mailhost attribute to the new mailbox location. 5. Move the mailboxes to the new location. 6. Release held mail to be delivered to the new mailbox and enable incoming messages to be delivered to the migrated mailboxes. 7. Examine the old message store to see if any messages were delivered after the migration. 8. Unblock user access to mailbox. To Migrate User Mailboxes from One Messaging Server to Another While Online The requirements for this type of migration are as follows: stored should be running on both the source (old) and destination (new) messaging servers. The source system and destination system must be able to route messages to each other if both systems will operate in co-existence. This is needed, for instance, so that delivery status notification messages can be generated on the destination system and get delivered to the source system. Note Some steps apply only if you are upgrading the messaging server from an earlier version to a later version. These steps might not apply if you are only migrating mailboxes from one message store to another. The steps that apply to migrating entire systems are noted. 1. On the source system, split your user entries to be moved into equal backup groups using the backup-groups.conf file. This step is in preparation for the mailbox migration, Step -, that occurs later in this procedure. See To Create Bac9up Aroups for detailed instructions. You can also place the user names into files and use the -u option in the imsbackup command. 3. Notify users to be moved that they will not have access to their mailboxes until the move is completed. Ensure that users to be moved are logged out of their mail systems before the data move occurs. (See 1onitoring +ser Access to the 1essage Store.) 3. Set the authentication cache timeout to 0 on the back-end message store and MMP systems, and {{ALIAS_ENTRY_CACHE_TIMEOUT}}option to 0 on the MTAs. a. On the back end message stores containing the mailboxes to be moved, set the authentication cache timeout to 0. b. configutil -o service.authcachettl -v 0 This step and Step 2 (changing mailUserStatus to hold) immediately prevents users from accessing their mailboxes during migration. c. On all MMPs, set the LDAP and authentication cache timeout to 0. In ImapProxyService.cfg and PopProxyService.cfg set both !dap"ache##!$$and %%uth"ache##! to 0. d. On any Messaging Server that hosts an MTA that inserts messages into mailboxes that are to be migrated, set the !IS&'(#)*&""+'&#IM',U# option to 0. Messaging Servers hosting an MTA that inserts messages into the migrating mailboxes will typically be the back end message store. However, if the system is using LMTP, then that system will be the inbound MTAs. Check your configuration to make sure. Resetting !IS&'(#)*&""+'&#IM',U# in /msg_svr_base -config-option.dat forces the MTA to bypass the cache and look directly at the LDAP entry so that intermediate channel queues (for example, the conversion or reprocess channels) see the new mailUserStatus (hold) of the users being moved rather then the out-of-date cached information. !IS&'(#)*&""+'&#IM',U# is in option.dat. e. Restart the systems on which the caches were reset. You must restart the system for these changes to take place. See Starting and Stopping Services for instructions. 4. Ensure that both your source Messaging Server and destination Messaging Server are up and running. The source Messaging Server must be able to route incoming messages to the new destination server. 4. Change the LDAP attribute mailUserStatus on all user entries whose mailboxes will be moved from active to hold. Changing the attribute holds incoming messages in the hold queue and prevents access to the mailboxes over IMAP, POP, and HTTP. Typically, users will be moved in groups of users. If you are moving all the mailboxes of a single domain, you can use the mail.omainStatus attribute. For more information on mailUserStatus, see the mail+serStatus attribute . /. Make sure that messages addressed to mailboxes being migrated are not stuck in the ims-ms or tcp&lmtp/ channel queues (if LMTP has been deployed). Use the following commands to see if messages exist in the channel queue directory tree and in the held state (to see .+'!. files) addressed to a user to be migrated: 0. imsimta 1m directory -to23user&address&to&be&migrated4 -directory&tree 5. imsimta 1m directory -to23user&address&to&be&migrated4 -held -directory&tree If there are messages in the queue, run these same commands later to see if the MTA has dequeued them. If there are messages that are not being dequeued, then you must address this problem before migrating. This should be a rare occurrence, but possible causes are recipient mailboxes being over quota, mailboxes being locked perhaps because users are logged in and moving messages, the LMTP backend server is not responding, network or name server problems, and so on). &. Change the LDAP attribute mail+ost in the user entries to be moved as well as in any mail group entries*. Use the ldapmodify command to change the entries to the new mail server. Use the ldapmodify that comes with Messaging or Directory Server. Do NOT use the Solaris OS ldapmodify command. * You only need to change the mail+ost attribute in the mail group entry if the old mail host is being shut down. You can either change this attribute to the new mail host name or just eliminate the attribute altogether. It is optional for mail groups to have a mail+ost. Having a mail+ost means that only that host can do the group expansion; omitting a mail+ost (which is the more common case) means all MTAs can do the group expansion. Note that mail group entries do not have mailboxes to be migrated and typically do not even have the mailhost attribute. For more information on mailhost, see mailCost attribute. 10. Move the mailbox data from the source Messaging Server message store to the destination Messaging Server message store and record the time when started. Back up the mailboxes with the imsbackup utility and restore them to the new Messaging Server with the imsrestore utility. For example, to migrate mailboxes from a Messaging Server 5.2 system called oldmail.siroe.com to ne6mail.siroe.com, run the following command on oldmail.siroe.com: 77. -server-root-bin-msg-store-bin-imsbackup -f- - 78. instance-group 9 7:. ; rsh ne6mail.siroe.com -opt-SU(<msgsr-lib-msg-imsrestore.sh 9 7=. -f- -c y -v 7 You can run multiple concurrent imsbackup and imsrestore sessions (one per group) to maximize the transfer rate into the new message store. See also Bac9ing +p and (estoring the 1essage Store. Note When imsrestore or any processing intensive operation takes significantly more system resources than normal, and continues doing so longer than the msprobe interval, there may be a temporary backlog of DB transaction log files to be cleared. If there are more files than specified in local.store.maxlog, then msprobe may erroneously restart all the processes during a restore. To prevent this from happening, disable msprobe during the imsrestore. Note Record the timestamp of when imsbackup is run for later delivery validation. 14. (Conditional Step for System Upgrades) If your mailbox migration is part of the process of upgrading from an earlier version of Messaging Server to the current version, set this current version of Messaging Server to be the new default Messaging Server for the system. Change the DNS record of oldmail.siroe.com to point to ne6mail.siroe.com (the server responsible for domain(s) previously hosted on oldmail.siroe.com). 1/. Enable user access to the new message store. Set the LDAP attribute mailUserStatus or mail.omainStatus, if applicable, to whatever value it had been before it was changed to hold (for example,active). 17. Release the messages in the held state on all source Messaging Servers. Any system that may be holding incoming messages needs to run the following command to release all the user messages: 75. imsimta 1m release -channel2hold -scope where scope can be all, which releases all messages; user, which is the user ID; or domain which is the domain where the user resides. 1&. Reset the authentication cache timeout and the !IS&'(#)*&""+'&#IM',U# option to the default or desired values and restart the system. At this point, you've migrated all the user mailboxes that need to be migrated. Before proceeding, make sure that no new entries in LDAP have been created with the old system as the mailhost, and if some have, migrate them. Also, make sure that no such entries can be created by modifying the provisioning systems. You will also want to change the preferredmailhost attribute to the name of the new mail host. For back-end messages stores, set authentication cache timeout as follows: 80. configutil -o service.authcachettl -v >00 For the MMPs, in ImapProxyService.cfg and PopProxyService.cfg set the !dap"ache##! and uth"ache##! options to 900. For MTAs, set the !IS&'(#)*&""+'&#IM',U# option to 600. !IS&'(#)*&""+'&#IM',U# is in option.dat. You must restart the system for these changes to take place. See Starting and Stopping Services for instructions. 31. Ensure that the user clients are pointing to the new mail server. After the upgrade finishes, have the users point to the new server through their mail client program (in this example, users would point to ne6mail.siroe.com from oldmail.siroe.com). An alternative is to use a messaging multiplexor (MMP) which obviates the need to have users point their clients directly to the new mail server. The MMP gets that information from the mail+ost attribute which is stored in the LDAP user entries and automatically redirects the client to the new server. 33. After everything works, verify that no messages were delivered to the old message store after the migration. Go to the old message store and run mboxutil -l to list the mailboxes. Check the last message delivery timestamp. If a message was delivered after the migration timestamp (the date stamp when you ran the imsbackup command), then migrate those messages with a backup and restore command. Because of the preparatory steps provided, it would be exceedingly rare to see a message delivered after migration. Theoretically, a message could be stuck in a queue for the number of days or hours specified by the notices channel keywords (see To Set "otiication 1essage $eliver' !ntervals ). 33. Remove duplicate messages on the new message store, run the relinker command. This command might free disk space on the new message store. See (educing 1essage Store Si:e $ue to $uplicate Storage. 3.. Remove the old messages from the store you migrated from and delete users from the database on the old store. Run the mboxutil -d command. (See the mbo7util page). To Move Mailboxes Using an IMAP client This procedure can be used anytime messages need to be migrated from one messaging server to a different messaging server. Consider the advantages and disadvantages before moving mailboxes using this method. Advantages This method can be used to migrate from a non-Sun Messaging Server to the Sun Java System Messaging Server. It can also be used to move mailboxes from one physical server to a different physical server. After system administrators set up the new mail server or message store, responsibility for moving mailboxes to the new system is left to users. The process for moving mailboxes is relatively simple. User access to mailboxes does not have to be disabled. Disadvantages Requires that both the old and new systems be simultaneously running and accessible to users. Cumulatively, this method takes longer to move mailboxes than other methods. Responsibility for moving mailboxes to the new system is left to users. The size of the new message store will be significantly larger than the old message store until the re-linking operation is performed. 1. Install and configure the new Messaging Server. 3. Set local.store.relinker.enabled to yes. This will reduce the message store size on the new system caused by duplicate storage of identical messages. See (educing 1essage Store Si:e $ue to $uplicate Storage for more information. 3. Provision users on the new Messaging Server. You can use Delegated Administrator to do this. As soon as users are provisioned on the new system, newly arriving mail will be delivered to the new INBOX. 4. Have users configure their mail client to view both new and old Messaging Server mailboxes. This may involve setting up a new email account on the client. See mail client documentation for details. 5. Instruct users to drag folders from their old Messaging Server to their new Messaging Server. 6. Verify with users that all mailboxes are migrated to the new system, then shut down the user account on the old system. To Move Mailboxes Using the MoveUser Command This procedure can be used anytime messages need to be migrated from one messaging server to a different messaging server. It is useful for migrating IMAP mailboxes from a non-Sun Messaging Server to the Sun Java System Messaging Server. Consider the advantages and disadvantages before moving mailboxes using this method. Advantages System administrators have complete responsibility for moving mailboxes from the old system to the new system. Users do not have to do anything. Works with any IMAP servers. Disadvantages Requires that both the old and new systems be simultaneously running and accessible to users. This method takes longer to move mailboxes than the other non-IMAP methods. Users access to mailboxes must be disabled while mailboxes are being moved. The size of the new message store will be significantly larger than the old message store until the re-linking operation is performed. 1. Install and configure the new Messaging Server. 3. Set local.store.relinker.enabled to yes. This will reduce the message store size on the new system caused by duplicate storage of identical messages. See (educing 1essage Store Si:e $ue to $uplicate Storage o !dentical 1essages for more information. 3. Halt incoming mail to the messaging servers. Set the user attribute mailUserStatus to hold . .. Provision users on the new Messaging Server if needed. If you are migrating from a previous version of messaging server, you can use the same LDAP directory and server. MoveUser changes the mailhost attribute in each user entry. 4. Run the MoveUser command. To move all users from host7 to host8, based on account information in the Directory Server siroe.com: ?. MoveUser -l 9 0. @ldapA--siroe.comA:5>-o2siroe.comBBBCmailhost2host7.domain.comD@ 9 5. -. @cn2.irectory Manager@ -6 pass6ord -s host7 -x admin 9 >. -p pass6ord -d host8 -a admin -v pass6ord See the 1ove+ser in Sun Java System Messaging Server 6.3 Administration Reference for details on the MoveUser command. 10. Enable user access to the new messaging store. Set the mailUserStatus LDAP attribute to active. 11. Shut down the old system. To Move Mailboxes Using the imsimport Command This procedure is specifically used to move mailboxes from UNIX -var-mail format folders into a Sun Java System Messaging Server message store. However, if the messaging server from which you are migrating can convert the IMAP message stores to UNIX -var-mail format, then you can use the imsimport command to migrate messages to the Sun Java System Messaging Server. Consider the advantages and disadvantages before moving mailboxes using this method. Advantages System administrators have complete responsibility for moving mailboxes from the old system to the new system. Users do not have to do anything. Disadvantages This method takes longer to move mailboxes than the other non-IMAP methods. Users access to mailboxes must be disabled while mailboxes are being moved. The size of the new message store will be significantly larger than the old message store until the re-linking operation is performed. 1. Install and configure the new Messaging Server. 3. Set local.store.relinker.enabled to yes. This will reduce the message store size on the new system caused by duplicate storage of identical messages. See 30.11.2 (educing 1essage Store Si:e $ue to $uplicate Storage o !dentical 1essages for more information. 3. Provision users on the new Messaging Server if needed. You can use Delegated Administrator to do this. Do not switch over to the new system yet. .. Disable user access to both the new and old messaging store. Set the mailUserStatus LDAP attribute to hold. Users mail is sent to the hold queue and access to the mailbox over IMAP, POP, and HTTP is disallowed. MTA and Message Access Servers on the store server must comply with this requirement. This setting overrides any other mail.elivery,ption settings. 4. If the mail store from the existing mail server is not already in the -var-mail format, convert the mail store to -var-mail files. Refer to the third-party mail server documentation. /. Run the imsimport command. For example: 0. imsimport -s -var-mail-Eoe -d I(F,G -u Eoe See the imsimport in Sun Java System Messaging Server 6.3 Administration Reference for details on the imsimport command. -. Enable user access to the message store. Set the mailUserStatus LDAP attribute to active. 9. Enable user access to the new messaging store. 10. Shut down the old system. Labels parameters Labels