Sun Java Communications Suite 5 Release Notes

Purging Users with iPlanet Delegated Administrator and Messaging Server 6.3

If you are using iPlanet Delegated Administrator and you upgrade to Messaging Server 6.3, you cannot use the imadmin user purge command to remove users from the directory as you did with earlier versions of Messaging Server (6486836). Instead, follow the steps shown below to purge users.

This compatibility issue occurs because the Administration Console and Administration Server have been removed in Messaging Server 6.3. With earlier versions of Messaging Server, you can continue to use imadmin user purge as before.


Note –

iPlanet Delegated Administrator, originally used with Messaging Server 5.x, is a deprecated utility. It is not the same tool as Communications Suite Delegated Administrator, introduced with Messaging Server 6.x. Communications Suite Delegated Administrator supports Schema 2. iPlanet Delegated Administrator supports Schema 1. (Some administrators who have upgraded Messaging Server to 6.x, but remain in Schema 1, have continued to use iPlanet Delegated Administrator to provision users.)


ProcedureTo purge Messaging Server 6.3 users with iPlanet Delegated Administrator

  1. Apply iPlanet Delegated Administrator patch 1.2p3.

    You can download this patch at the following site:

    http://www.sun.com/download/index.jsp?cat=Collaboration%20%26%20Communication&tab=3

    Go to the Delegated Administrator 1.2 Patch 3 for Messaging. This patch enables the imadmin user purge command to operate in a way compatible with Messaging Server 6.3. Follow the remaining steps in this procedure to enable the new behavior.

  2. Modify the MsgSvrN-adminurl property in the iPlanet Delegated Administrator resource.properties file.

    The MsgSvrN-adminurl property sets the url of the Administration Server. When this property is set to an actual url, the imadmin user purge command will attempt to locate the Administration Server, which will not respond. The imadmin user purge command will return an error.

    You must set MsgSvrN-adminurl to this value: NO_ADMIN_SERVER.

    The resource.properties file is located by default in the following path:

    iDA_Install_Directory /nda/classes/netscape/nda/servlet/resource.properties


    Note –

    Multiple Message Stores Upgraded to Messaging Server 6.3:

    The value N in MsgSvrN-adminurl is a variable that must be replaced with a specific value, such as 0, that identifies the message store system that has been upgraded to Messaging Server 6.3. If you have deployed multiple back-end message stores in Messaging Server 6.3, you must change this value for each instance of the MsgSvrN-adminurl property.

    For example, if you have three back-end message stores, you must change this property in the resource.properties files for all three stores. You would change, for example, the MsgSvr0-adminurl , MsgSvr1-adminurl, and MsgSvr2-adminurl properties.

    Multiple Message Stores Using Different Versions of Messaging Server:

    Suppose you have deployed multiple message stores and have upgraded only some stores to Messaging Server 6.3, while others remain in previous versions of Messaging Server. In this case, change the MsgSvrN-adminurl property only for the stores upgraded to Messaging Server 6.3.

    When you run the imadmin user purge command on a store for which you changed the MsgSvrN-adminurl property to NO_ADMIN_SERVER, the command will operate in the new way described in Step 5, below.

    When you run the imadmin user purge command on a store where the MsgSvrN-adminurl property is unchanged (still pointing to an Administration Server url), the command will operate as it has in the past.


  3. Restart the Web Server to which you have deployed iPlanet Delegated Administrator.

    The Web Server on which iPlanet Delegated Administrator is running must be restarted to enable the changes in the resource.properties file to take effect.

  4. Use the imadmin user delete command to mark the user as deleted.

    imadmin user delete sets the inetUserStatus attribute to “deleted”. To delete multiple users, use the -i option. For example:

    imadmin user delete -D chris -L user1 -n siroe.com -w bolton

  5. Use the msuserpurge command to remove the user's mailbox.

    msuserpurge finds all user entries where inetUserStatus or mailUserStatus are set to deleted, purges those user mailboxes from the message store, and sets mailUserStatus to removed. For example:

    msuserpurge -d domain

    You must run msuserpurge before you perform the next step (removing the user entry from the directory), or the user's mailbox will be orphaned.

    You can schedule the msuserpurge command with the configutil parameter local.schedule.userpurge. For example:


    configutil -o local.schedule.userpurge 
    -v "30 2 * * 0 /opt/SUNWmsgsr/lib/msuserpurge -g 20"

    In the preceding example, msuserpurge will run on Sundays at 2:30 a.m. It will remove the mailbox of every user marked for deletion longer than 20 days.

  6. Use the imadmin user purge command to remove the user entry from the directory.

    In earlier releases, this command performed the following actions:

    1. Searches the directory for users marked as deleted.

    2. Deletes each user's Personal Address Book from the directory.

    3. Deletes each user's mailbox from the message store.

    4. If the user's inetUserStatus attribute is set to deleted, the user entry is removed. If the user's mailUserStatus is set to deleted, the mail attributes are removed from the entry.

    Now, because you modified the MsgSvr0-adminurl property, the Administration Server is not called. A message informs you that the Administration Server is not invoked. Step c, above, is not performed. The mailbox was already removed by msuserpurge in Step 3.

    In Messaging Server 6.3, if the user's mailuserstatus has been set to removed (by msuserpurge) and no other services are present in the user entry, the imadmin user purge command removes the user entry from the directory.

    If the attributes of another service such as calendar service are present in the user entry, the entry is not removed.