CHAPTER 2 The SIMS Administration Console Overview

The Admin Console provides a browser-based GUI interface for common SIMS administrative tasks, namely SIMS configuration, and populating the system with users and groups. Note that only one administrator can be logged on to the Admin Console at a time. The first screen of the Admin Console is shown below.

FIGURE 2-1 Admin Console Home Page

TABLE 2-1 SIMS Admin Console Home Page (see FIGURE 2-1 on page 13)
Components/Task
Description
Page

1) Stopping SIMS, Logging Out, and Version Information

Self Explanatory

21

2) User/Group Management

Provides instructions for adding, deleting, or modifying user, group or organizational units entries in the directory.

23

3) Message Store Administration

Monitor and customize the SIMS message storage and access character-istics by modifying the parameters of this component. The Message Store chapter provides instructions for monitoring message store paths, space usage and user space quotas; configuring user quotas, mail server client type, maximum connections, disk space threshold, /var/mail support, message store size increase, and message purge schedule.

155

4) Internet Message Transport Agent (IMTA) Administration

The IMTA receives, routes, and sends incoming messages to their destination. SIMS message transport can be customized by modifying the IMTA attributes. This chapter provides instructions for viewing and changing the message transport characteristics of SIMS, including configuring/monitoring channels, directory cache update, anti-spam features, IMTA location relative to the Internet, and routability scope.

81

5) Message Access Protocol Connections

View and monitor all user connections to SIMS, as well as start and stop client access to the message store.

176

6) Sun Directory Services Administration

The Directory Service contains the routing information for SIMS. Pressing this icon brings up the Sun Directory Service log on screen. If the Netscape Directory Server is installed, this icon will not appear. For complete information refer to the Sun Directory Service or Netscape Directory Service documentation.

179

7) Help

Online help for SIMS.

8) Home

Return to Home Page.

9) SIMS Component Status

Display the current state of each component.

17

**TABLE 2-1** SIMS Admin Console Home Page (see FIGURE 2-1 on page 13)
Components/Task	Description	Page
1) Stopping SIMS, Logging Out, and Version Information	Self Explanatory	21
2) User/Group Management	Provides instructions for adding, deleting, or modifying user, group or organizational units entries in the directory.	23
3) Message Store Administration	Monitor and customize the SIMS message storage and access character-istics by modifying the parameters of this component. The Message Store chapter provides instructions for monitoring message store paths, space usage and user space quotas; configuring user quotas, mail server client type, maximum connections, disk space threshold, /var/mail support, message store size increase, and message purge schedule.	155
4) Internet Message Transport Agent (IMTA) Administration	The IMTA receives, routes, and sends incoming messages to their destination. SIMS message transport can be customized by modifying the IMTA attributes. This chapter provides instructions for viewing and changing the message transport characteristics of SIMS, including configuring/monitoring channels, directory cache update, anti-spam features, IMTA location relative to the Internet, and routability scope.	81
5) Message Access Protocol Connections	View and monitor all user connections to SIMS, as well as start and stop client access to the message store.	176
6) Sun Directory Services Administration	The Directory Service contains the routing information for SIMS. Pressing this icon brings up the Sun Directory Service log on screen. If the Netscape Directory Server is installed, this icon will not appear. For complete information refer to the Sun Directory Service or Netscape Directory Service documentation.	179
7) Help	Online help for SIMS.
8) Home	Return to Home Page.
9) SIMS Component Status	Display the current state of each component.	17

Admin Console Tips and Information

Not all tasks can be done on the Admin Console. Some tasks require editing SIMS configuration files, others require running UNIX commands, and still others require using the directory service interface. Wherever possible, we try to state which these permissions, accounts, or interface is needed to perform a specific SIMS task.

Most Admin Console tasks can be accomplished by using one or more other methods. These methods include:

Modifying a configuration file.

Executing a SIMS utility or command.

Modifying the LDAP directory.

When a command can perform the same task as the Admin Console, that command is listed under the title of a task section. (Note that multi-word commands are listed with hyphens between them for example
imadmin-add-user. The actual command requires spaces in place of the hyphens, however, to bring up the man page you need to include the hyphens.) See the man page for more details. Information on SIMS configuration files can be found in the SIMS Reference Manual or in a man page.

Generally using the Admin Console is not as fast as using the command line interfaces or modifying the LDAP directory directly. However it's usually easier and provides a bit of protection by asking for confirmations, as well as not modifying restricted lines or parameters.

When you set a configuration in the Admin Console, press the Apply button to save your settings. If you don't do this, you may lose your settings if you exit the page on which you specified your configurations.

The same login and password required to log on to the Admin Console can be used to execute the imadmin provisioning utilities. See the imadmin man page for details.

To Start the SIMS Admin Console

You must use the Netscape 4.05 browser and above for the Admin Console to work properly. If you are using the Netscape browser, you MUST add the following line in.netscape/preferences.js (Solaris Operating Environment) or in
user/<username>/pref.js (Windows NT) for the Admin Console to run correctly:
user_pref("signed.applets.codebase_principal_support",true);

Failure to set this arguments could cause deleterious effects on your system.

To bring up the Admin Console, start the browser and go to
http://<machine-name>/sims/. Enter the SIMS administrator's login (default: siteadmin), the domain to which the administrator belongs, (specified at installation) and the password.

Note - If you are running on the Netscape browser, you need to run the browser as a regular user on the Solaris and Windows NT desktop. Running as a super user on the desktop does not have the setup to run Java applets.

Admin Console Topics and Tasks

TABLE 2-2 Admin Console Topics and Tasks
Topic/Task
Description
Page

Admin Console Buttons

Describes buttons that appear in the Admin Console

16

SIMS Component Status

Describes component status flags on Admin Console Home page

17

Creating and Removing SIMS Administrators

How to create, remove, modify SIMS administrator privileges and passwords.

18

Stopping SIMS, Logging Out, and Version Information

Starting/stopping SIMS components, logging out of the SIMS Admin Console, accessing SIMS versioning information.

21

**TABLE 2-2** Admin Console Topics and Tasks
Topic/Task	Description	Page
Admin Console Buttons	Describes buttons that appear in the Admin Console	16
SIMS Component Status	Describes component status flags on Admin Console Home page	17
Creating and Removing SIMS Administrators	How to create, remove, modify SIMS administrator privileges and passwords.	18
Stopping SIMS, Logging Out, and Version Information	Starting/stopping SIMS components, logging out of the SIMS Admin Console, accessing SIMS versioning information.	21

Admin Console Buttons

TABLE 2-3 describes the most common buttons that appear in the Admin Console or dialog boxes.

TABLE 2-3 Buttons and Associated Actions
Button
Explanation

Apply

Submits the changes made to the configuration file associated with the current page. If the changes made require a restart of the associated component, a dialog box prompts you to restart the component. The current page remains displayed.

Cancel

Discards the changes made to the configuration file associated with the current page. The previous page displays.

Help icon or button

Displays documentation specific to the Admin Console page or dialog that you are attempting to configure.

OK

Submits the changes made to the configuration file associated with the current page. If the changes made require a restart of the associated component, a dialog box prompts you to restart the component. The previous page displays.

Reset

Discards the changes made to the configuration file associated with the current page and sets the values of the changed attributes to their last saved value. The current page remains displayed.

When you set a configuration, you must press the Apply button to save your settings. If you do not do this, you may lose your settings. You are not always warned about losing the settings when you exit a page.

**TABLE 2-3** Buttons and Associated Actions
Button	Explanation
Apply	Submits the changes made to the configuration file associated with the current page. If the changes made require a restart of the associated component, a dialog box prompts you to restart the component. The current page remains displayed.
Cancel	Discards the changes made to the configuration file associated with the current page. The previous page displays.
Help icon or button	Displays documentation specific to the Admin Console page or dialog that you are attempting to configure.
OK	Submits the changes made to the configuration file associated with the current page. If the changes made require a restart of the associated component, a dialog box prompts you to restart the component. The previous page displays.
Reset	Discards the changes made to the configuration file associated with the current page and sets the values of the changed attributes to their last saved value. The current page remains displayed.

SIMS Component Status

SIMS polls each component (except the directory service) periodically to determine its current state. The System Components on the Admin Console home page (FIGURE 2-2) displays the current state of each component. TABLE 2-4 outlines the possible SIMS component states.

FIGURE 2-2 Monitoring Current Component State

TABLE 2-4 SIMS Component States
Component State
Icon Representation
Explanation

Up

Component icon.

Component is functioning normally.

Alert

Component icon with exclamation point overlaid.

Component has a nonfatal problem and is still functioning.

Down

Component icon with cross-bars overlaid.

Component has a fatal problem and is not functioning.

If a System Component graphic indicates that a component is in either an alert or down state, you can access more information from the System Status section on the Admin Console home page. Each entry indicates the time at which the component was polled, the component status, and more detailed information about if the component is in either an alert or down state.

If the Internet Message Transfer Agent (IMTA) is in an alert or down state, you should also check the status of each IMTA channel. For more information, refer to "Monitoring Channel Status" on page 85.

For more problem resolving information see Chapter 13, "SIMS Troubleshooting."

**TABLE 2-4** SIMS Component States
Component State	Icon Representation	Explanation
Up	Component icon.	Component is functioning normally.
Alert	Component icon with exclamation point overlaid.	Component has a nonfatal problem and is still functioning.
Down	Component icon with cross-bars overlaid.	Component has a fatal problem and is not functioning.

Note - The Stop all function on the home page does not stop the Directory Service so the Directory Services icon will not have a red X over it if you execute this procedure (see "To Stop SIMS Components" on page 21).

Creating and Removing SIMS Administrators

SIMS requires a variety of different permissions and accounts to access and service all the SIMS administrative capabilities. For example:

To log on to the SIMS Admin Console, and to be able to execute the imadmin commands (example: imadmin-add-user) requires a SIMS administrator login and password.

To execute IMTA and message store configuration commands, as well as message store maintenance functions, the inetmail UNIX account is required.

To modify the Sun Directory Services configuration and to create replicas, the Sun Directory Services or NetScape Directory Services login and password are required. which are different from their SIMS login and password.

A default SIMS administrator is created at installation called siteadmin. In this document, a SIMS administrator refers to a user who has the ability to log on to the SIMS Admin Console and to execute the imadmin commands.

Wherever possible, we try to state these permissions and accounts needed to perform a specific task.

Creating SIMS Administrators

Utilities: imadmin-add-admin, imadmin-search-admin,
imadmin-remove-admin

SIMS administrators can log on to the SIMS Admin Console and can also execute the imadmin commands. A SIMS administrator is different from a delegated administrator who can only add, modify, delete, and search for group or user entries at a specified hosted domain. A SIMS administrator can modify any entries in any part of the directory and can configure any part of the entire SIMS system.

A SIMS administrator is created by another SIMS administrator using the utility imadmin-add-admin and by setting the appropriate ACLs for the entry. These ACLs are write permission for the userPassword attribute for all users, and write permission for the sub-tree beneath o=internet. For example, in the Sun Directory Service you might add the following to
/etc/opt/SUNWconn/ldap/current/dsserv.acl.conf

access to attrs=mailAutoReplyStartDate,mailAutoReplyExpirationDate,mailAutoReplyTimeout,mailAutoReplySubject,mailAutoReplyText,mailAutoReplyTextInternal,mailDeliveryOption,mailForwardingAddress,mailProgramDeliveryInfo,userDefinedAttribute1,userDefinedAttribute2,userDefinedAttribute3,userDefinedAttribute4,mail,rfc822MailAlias,description,seeAlso,telephoneNumber,facsimileTelephoneNumber,l,ou,physicalDeliveryOfficeName,postOfficeBox,postalAddress,postalCode,preferredDeliveryMethod,registeredAddress,st,street,telephoneNumber,title,carLicense,givenName,homePhone,homePostalAddress,initials,jpegPhoto,labeledURI,mobile,pager,roomNumber by self write by dn="cn=<Admin>,ou=People,dc=bridge,dc=net,o=internet" write access to attrs=userPassword by self write by dn="cn=<Admin>,ou=People,dc=bridge,dc=net,o=internet" write by * compare

access to dn=".*o=internet" by dn="cn=<Admin>,ou=People,dc=bridge,dc=net,o=internet" write

If the Netscape Directory Service is installed and configured by SIMS during the installation process, imadmin-add-admin will complete the admin creation process. If the Netscape Directory Service is installed, but not configured by SIMS during installation, then you must set the appropriate permissions for the new administrator entry. This involves setting the appropriate access control items (ACIs). See the Netscape Directory Service documentation for further information.

Note - imadmin-add-admin allows you to create both delegated administrators and SIMS administrators. To create a SIMS administrator, do not specify a domain in the argument list or you will create a delegated administrator. delegated administrators have fewer administrative capabilities. See "Creating, Viewing and Removing Delegated Administrators and Postmasters" on page 71.

Changing the SIMS Administrator Password

Use the imadmin-modify-user utility to modify the userPassword attribute of a SIMS Administrator. Note that you cannot change the password of the SIMS "super" Administrator through the Admin Console or Delegated Management Console (the SIMS administrator as defined by the adminBindDN attribute in the /etc/opt/SUNWmail/sims.cnf file). If you forget the SIMS "super" Administrator password, contact your Sun Microsystems support person.

Viewing SIMS Administrators

A list of users who have SIMS administrator or delegated administrator privileges for a particular domain can be generated with the utility imadmin-search-admin

Removing SIMS Administrator Privileges

SIMS administrator privileges can be removed by a SIMS administrator using the utility imadmin-remove-admin.

Stopping SIMS, Logging Out, and Version Information

This section describes tasks that affect the Admin Console. They are:

"To Stop SIMS Components" on page 21

"To Log Out of the Administration Console" on page 21

"To Access SIMS Version Information" on page 22

To Stop SIMS Components

Utility: /etc/init.d/im.server stop

To stop the SIMS components (IMTA, Sun Message Store, and message access protocols), go to the Admin Console Home Page, click on the SIMS Console menu and select Stop all.

To Start SIMS Components

Utility: /etc/init.d/im.server start

To start the SIMS components (IMTA, Sun Message Store, and message access protocols), if they are not already started, go to the Admin Console Home Page, click on the SIMS Console pull-down menu and select Start all. This is only available if a component is stopped.

To Log Out of the Administration Console

After you are finished with the Admin Console you may log out by going to Admin Console Home Page, clicking the SIMS Console menu, and selecting Logout.

Note - For security reasons, we recommend logging out of the SIMS Admin Console after a task is complete. Also, since only one administrator at a time can be logged on, remaining logged on locks other administrators out of the system.

To Access SIMS Version Information

Access the SIMS Version for all SIMS components by going to the Admin Console Home Page, clicking the SIMS Console menu, and selecting About SIMS.