Sun Java Enterprise System 2005Q1 Technical Note

Sun Java™ Enterprise System Technical Note: Deploying Java Enterprise System on a Single Host for Evaluation

2005Q1

Part Number 819-2201-10

The Sun Java Enterprise System 2005Q1 Technical Note: Deploying Java Enterprise System on a Single Host for Evaluation describes how to install Java™ Enterprise System on one computer for a functioning deployment suited for the evaluation and testing of Sun Java™ System Communications Services 6 2005Q1 and Sun Java™ System Portal Server 6 2005Q1, including Sun Java™ System Portal Server Mobile Access 6 2005Q1.

Caution

This evaluation has been verified in many different environments. However, every deployment is unique, so you may not experience a completely trouble-free installation.

This technical note contain the following sections:

Technical Note Revision History

Table 1  Revision History 

Date

Description of Changes

October 5, 2005

Tenth revision. Added information on patch information for enabling Sun Java System Communications Express AddressBook channel. Added patch information for Sun Java System Instant Messaging.

September 1, 2005

Ninth revision. Removed patches 118454-01 and 118458-04 from patch list.

May 9, 2005

Eighth revision. Changed “To Check DNS” procedure so that files are checked first.

April 13, 2005

Seventh revision. Minor text changes.

April 5, 2005

Sixth revision. Added patch instructions.

March 29, 2005

Fifth revision. Minor text changes.

March 28, 2005

Fourth revision. Minor changes to procedures.

March 15, 2005

Third revision. Minor text changes.

March 4, 2005

Second revision.

February 28, 2005

First revision.

February 25, 2005

Initial release of this technical note.

Scenario Overview

This section provides an overview of this deployment scenario, the hardware and software used, and the procedures you follow to install, configure, and use this deployment.

This section contains the following topics:

Installation Overview

This scenario results in a functioning deployment suited for the evaluation and testing of Communications Services 6 2005Q1 and Portal Server 6 2005Q1 products. These instructions are not intended to act as a replacement for the individual component documentation, but to merely guide the evaluator through an initial installation.

If you want to include Mobile Access 6 2005Q1 in this evaluation, note that it supports the use of the following software:

What Components Are Installed?

This example guides you through installing the following Java Enterprise System components:

The example installation in this document uses the following example data that you change according to your installation:

This example installs all of the software on a single system. Adjust host names accordingly if you install the components on multiple systems.

Note

Installing the back-end messaging, calendar, and address book servers on the same system as Mobile Access is not the optimal configuration, nor does it provide the best performance. This example deployment is not intended for production purposes. Use this configuration for evaluation and for training purposes only. Performance is better if you install a separate Mobile Access machine from the back-end machine where Messaging Server and Calendar Server are installed.

Recommended Ports

For convenience, this example uses a set of recommended ports. If you use different ports, make sure that your port numbers map to those provided below. For example, this document uses port 390 for the Access Manager admin port. If you decide to use port 3333 for this port, make sure that you change 390 to 3333 everywhere the example references the Access Manager admin port.

Note

Unless otherwise indicated, all of the examples and instructions in this document assume you are logged in as root.

Installation Steps

Installing this example involves the following high-level steps:

  1. Preparing the system for Java Enterprise System
  2. Running the Java ES installer and selecting the necessary components
  3. Installing Messaging Server, Calendar Server, Instant Messaging, Web Server, Directory Server, Access Manager, Portal Server, and Mobile Access
  4. Patching the system
  5. Configuring Messaging Server
  6. Configuring Delegated Administrator
  7. Configuring Instant Messaging
  8. Configuring Calendar Server
  9. Configuring Communications Express
  10. Configuring Single Sign-on
    1. Communications Single Sign-on
    2. Portal Single Sign-on
  11. Configuring a Portal User

System Requirements

This section describes the hardware and software requirements for this example.

Table 2  Evaluation Host Hardware and Software Requirements 

Component

Platform Requirement

CPU

SPARC

RAM

2 Gbytes or more

Disk space

2 Gbytes or more free disk space for installed software. 2 Gbytes additional disk space may be needed for temporary storage of Java Enterprise System zip file.

Software

Solaris 9 Operating System recommended

Messaging Server 6 2005Q1 (Sun ONE Messaging Server 5.2 and 6.0 also work but configuration procedures are different)

Calendar Server 6 2005Q1 (Sun ONE Calendar Server 5.1.1 and 6.0 also work but configuration procedures are different.)

Users

  • Provisioned with test users
  • ipsecurity disabled

Table 3  Client Software Requirements 

Component

Platform Requirement

Browser

Netscape 7.x or later, or IE 5.x or later

Installation Time Estimates

The following table provides time estimates for installing this example.

Table 4  Installation Time Estimates

Phase

Number of Hours

Solaris 9 OS with Language Support

2

Software installation

2

Software configuration

3

Total

7 hours (average)

As part of the configuration, you will need to add data to Messaging Server and Calendar Server.

Note

Mobile Access is supported on Solaris 8, 9, and 10. Java Enterprise System software is also supported on Solaris 8, 9, and 10. These installation instructions are based on Solaris 9. If you use Solaris 8, several patches are required.

Installation Notes and Recommendations

  1. With Solaris 9, ftp might not work for certain accounts.

    2. These accounts are listed in /etc/ftpd/ftpusers. Just remove the account from this list (for example, root) and you will be able to ftp as that user.

  2. Use gzip -d or gunzip to decompress the *gz files.
  3. Choose a “good” password (minimum eight characters) and use it throughout the installation, unless, of course, you are very good at remembering different passwords for different products.

Expected User Input

During installation, your are prompted for various input. User input is indicated by text of the form <user-input>. Table 5 helps you plan for the types of information you must provide during installation.

Table 5  Information Input During Installation

User Input

User Input Action

<enter>

Just hit enter, but verify that the default value shown makes sense.

<sample-password>

Any password, minimum of 8 characters in length, suitable for evaluation purposes. These instructions assume that anywhere <sample-password> is specified, you will enter the same value each time.

<amldapuser-password>

Same criteria as <sample-password>, but must be different from <sample-password>.

<fully-qualified-hostname>

For example, assuming that the host name is abc, and the domain name is demo.xyz.com, then this value would be abc.demo.xyz.com.

<full-cookie-domainname>

For example, assuming that the full domain name is demo.xyz.com, then this value would be .demo.xyz.com (note the inclusion of the leading “.”).

Configuration Information Used in the Example

The example installation is performed on a single system with the following network identity:

The following table lists the installation options, directories, and port numbers used to configure the servers in the example installation.

Table 6  Server Configuration Information 

Install Notes

Server Root

Port

Port Number

Directory Server 5 2005Q1

Installed with Java ES

/opt/DSServers

Directory Server Port

389

 

 

LDAP port

389

 

 

Admin Port

390

Messaging Server 6 2005Q1

Additional configuration required

/opt/SUNWmsgsr

Messaging Server Port

2080

 

 

Admin Port

390

 

 

Webmail port (HTTP)

2080

 

 

SMTP port

25

 

 

POP port

110

 

 

IMAP port

143

Web Server 6 2005Q1

Installed with JES

/opt/SUNWwbsvr

Web Port

80

 

 

Admin Port

8888

Calendar Server 6 2005Q1

Additional configuration required

/opt/SUNWics5

Calendar Server Port

3080

 

 

LDAP Port

389

Instant Messaging 7 2005Q1

Additional configuration required

/opt/SUNWiim

Server Port

45222

 

 

Multiplexor Port

5222

Installing the Example

This section describes how to install the components on a single machine for evaluation purposes. The other components are configured after installation, using component configuration tools.

This section contains the following topics:

Checking Installation Requirements

Before you install components, use the steps in this section to make sure the computer on which you are installing is ready.

  To Check System Requirements

The computer should meet the following requirements:

  To Check DNS

Verify that DNS is running and configured properly:

  1. Make sure that the /etc/resolv.conf file has name server entries with the IP addresses of valid name servers. For example:

    2. nameserver 192.168.100.22

    nameserver 192.168.100.23

    nameserver 192.168.100.24

    nameserver 192.168.100.25

  2. Make sure that the /etc/hosts file has an entry for the fully qualified host name of the server. This fully qualified host name should be listed before the non fully qualified host name. For example:

    3. 10.1.82.52 wireless.map.beta.com wireless loghost

  3. Make sure that the /etc/nsswitch.conf file is configured to use files first to resolve host names. The hosts line in the nsswitch.conf file should list files first in its entry:

    4. hosts: files dns nis [NOTFOUND=return]

    # OR (if NIS is not used)

    hosts: files dns

  To Unzip the Java Enterprise System Zip File

  1. Create a /tmp/JES3 directory.
  2. Unzip the Java Enterprise System Zip file in this directory. Then run the Java ES installer as described in the next section.

Installing the Components

You install Java Enterprise System components by running the Java Enterprise System installer.

  To Start the Installer

  1. Log in as root to the machine on which you are installing Java Enterprise System.
  2. Change to the /tmp/JES3 directory where you stored and unzipped the Java ES zip file.
  3. Change to the Solaris_sparc platform directory.
  4. Start the Java Enterprise System installer in graphical mode.

    5. ./installer &

  5. Accept the license and select language(s). English is installed by default.
  6. Select the following products.
    • Sun Java System Messaging Server 6 2005Q1
    • Sun Java System Calendar Server 6 2005Q1
    • Sun Java System Instant Messaging 7 2005Q1
    • Sun Java System Portal Server 6 2005Q1 (includes Mobile Access)
    • Sun Java System Communications Express 6 2005Q1
    • Sun Java System Web Server 6.1 SP4 2005Q1
    • Sun Java System Access Manager 6 2005Q1 and all supporting software
    • Sun Java System Directory Server 5 2005Q1
    • Sun Java System Administration Server 5 2005Q1
  7. Click Next to continue.
  8. Click Next to upgrade shared components.

    9. Locations:

    • Directory Server root: /opt/DSServers (changed from /var/opt/mps/serverroot)
    • Directory Preparation Tool: /opt/SUNWcomds
    • Access Manager: /opt (will create /opt/SUNWam)
    • Web Server: /opt/SUNWwbsvr
    • Instant Messaging: /opt (will create /opt/SUNWiim)
    • Calendar Server: /opt (will create /opt/SUNWics5)
    • Messaging Server: /opt/SUNWmsgsr
    • Communications Express: /opt/SUNWuwc
    • Portal Server: /opt (will create /opt/SUNWps)
  9. The system performs a check. When done, click Next.

    10. If you are installing on Solaris 9, you might need to install the following patches: 112785-35, 113096-03. Install 113096-03 first. After installing all patches using the patchadd command, reboot the system.

  10. Choose Configure Now then click Next.
  11. The following components must be configured after installation:
    • Sun Java System Directory Preparation Tool
    • Sun Java System Instant Messaging 7 2005Q1
    • Sun Java System Calendar Server 6 2005Q1
    • Sun Java System Messaging Server 6 2005Q1
    • Sun Java System Communications Express 2005Q1
  12. Click Next to configure the remaining components.

  To Select Common and Web Server Settings

This installation assumes the use of Sun Java System Web Server. You may choose an alternate web container but that is beyond the scope of this document.

  To Select Directory Server Settings

  To Select Administration Server Settings

  To Select Access Manager Settings

  To Select Portal Server Settings

  To Complete the Installation

  1. Click Next when you are satisfied with the Ready to Install list.

    2. The shared components are upgraded. This takes some time.

  2. When the installer finishes upgrading shared components, it displays the Product Registration page. Deselect Open Registration Window.
  3. Click Install to install the Java Enterprise System components.
  4. When installation is complete, the Installation Complete page is displayed. Click Close to exit the installer.

  To Verify the Installation

Once the installation has completed, start LDAP and Portal Server and verify that they work.

  1. Change to the /opt/DSServers directory.
  2. Change to the slapd-wireless directory.
  3. Start LDAP:

    4. ./start-slapd

  4. Change to the /etc/init.d directory.
  5. Start Access Manager:

    6. ./amserver start

  6. Change to the /opt/SUNWwbsvr/https-wireless.map.beta.com directory.
  7. Start Web Server:

    8. ./start

  8. Verify that you can log in to the Access Manager console as amadmin. The URL for the Access Manager console is:

    9. http://fully-qualified-hostname:portal-server-port/amconsole

    In this example, type:

    http://wireless.map.beta.com/amconsole

    Use amadmin and adminpass as the user ID and password.

  9. Proceed to Configuring Components for instructions on how to configure Java Enterprise System.

Uninstalling the Components

After you complete your evaluation, you can use the Java Enterprise System uninstaller to remove the components that you installed. See Chapter 12, “Uninstalling Components,” in the Sun Java Enterprise System 2005Q1 Installation Guide:

Patching the Example

After completing the installation portion of this example deployment, you need to apply the following patches before configuring components:

  To Install Patches

  1. Obtain patches from the Sunsolve site: http://sunsolve.sun.com
  2. Click Patch Portal.
  3. Type the patch number in the PatchFinder text box, and click Find Patch.

    4. For example, enter patch number 117784 to find the latest release of this patch, rather than 117784-10, which will only find that specific release of the patch.

  4. Download the zip file for the patch.
  5. Expand the zip file.

    6. For example:

    unzip 117784-10.zip

    A directory is created for the patch files.

  6. Apply the patch.

    7. For example:

    patchadd 117784-10

    Note

    The following is a list of patches with revision numbers used in this example:

    • Calendar Server: 116577-17 and 117010-17
    • Communications Express: 118540-10
    • Delegated Administrator: 118210-21
    • Instant Messaging: 118786-5 and 118789-5
    • Messaging Server: 117784-09 and 118207-27

As patches are updated over time, the patches you download will likely be of a different revision than those used in this example. Be sure to use the most current version of the patches.

Configuring Components

This section describes how to configure and start the components that you use in this evaluation deployment.

This section contains the following topics:

Before You Begin

Before you configure the Messaging Server software, you need to create the mailsrv user and disable the sendmail process.

  To Create the mailsrv User

  To Disable sendmail

Preparing the Directory and Configuring Messaging Server

This section explains how to prepare the Directory Server LDAP schema and configure Messaging Server.

  To Apply Schema 2 to Your Directory Tree

  1. Change to the /opt/SUNWcomds/sbin directory, where the comm_dssetup script is located.
  2. Run the comm_dssetup.pl script:

    3. /opt/DSServers/bin/slapd/admin/bin/perl comm_dssetup.pl

    The perl script prompts for a series of options. The following table shows how to respond to the prompts.

    Table 12  Values for comm_dssetup.pl Script  

    Option

    [Default Value]

    Enter:

    Directory server root

    [/var/opt/mps/serverroot]

    /opt/DSServers

    Directory server instance

    slapd-wireless

    accept default

    Directory Manager DN 

    [cn=Directory Manager]

    accept default

    Directory Manager Password 

    --

    adminpass

    Use directory server for users/groups

    [Yes]

    accept default

    Users/Groups base suffix

    [o=isp]

    accept default

    Schema type?

    [2]

    accept default

    Update the schema files?

    [yes]

    accept default

    Configure new indexes?

    [yes]

    accept default

    Reindex new indexes?

    [yes]

    accept default

  3. Confirm your choices. The comm_dssetup script proceeds.
  4. When prompted, choose to continue with script.

    5. Continue with the next step after the comm_dssetup script finishes and displays its “successful completion” message.

  5. Change to the /opt/SUNWmsgsr/sbin directory, where the Messaging Server configure script is located.
  6. Run the Messaging Server configure script:

    7. ./configure

    The Configuration Wizard appears. Read the introductory information and proceed by clicking Next.

  7. Verify the following:
    1. Fully qualified host name of Messaging Server, FQHN: [wireless.map.beta.com]
    2. Directory to store config/data files: [/var/opt/SUNWmsgsr]
    3. Install MTA, MS store, and Messenger Express. There is no need to install the Multiplexor for this deployment.
    4. Name of the mail server Unix user: Unix username [mailsrv]
    5. Unix group: [mail]
  8. The installation script prompts for a series of options. Use the following table to respond to the configuration options:

    9. Table 13  Values for Messaging Server configure Script  

    Option

    [Default Value]

    Enter:

    URL of Directory Server

    [ldap://wireless.map.beta.com:389]

    accept default

    Bind As

    [cn=Directory Manager]

    accept default

    Password

    --

    adminpass

    User/Group Server LDAP

    [ldap://wireless.map.beta.com:389]

    accept default

    Bind As

    [cn=Directory Manager]

    accept default

    Password

    --

    adminpass

    Postmaster email address

    --

    foo@wireless.map.beta.com

    Password for Messaging Server accounts

    --

    adminpass

    Default email Domain

    [map.beta.com]

    accept default

    Organization DN

    [o=map.beta.com,o=isp]

    accept default

  9. Click Next, then click Configure Now.

    10. You receive an error about the Webmail port being in use. Click Next to continue. The following step corrects this problem.

  10. When the configuration is finished, click Next to continue, then click Close to exit.
  11. Configure the Webmail port:

    12. /opt/SUNWmsgsr/sbin/configutil -o service.http.port -v 2080

  12. Start Messaging Server:

    13. /opt/SUNWmsgsr/sbin/stop-msg

    /opt/SUNWmsgsr/sbin/start-msg

Configuring Delegated Administrator and Communications CLI

This section describes configuring Delegated Administrator console and utility, which are used for user management.

  To Configure Delegated Administrator

  1. Change to the directory where the configuration script was installed:

    2. cd /opt/SUNWcomm/sbin

  2. Run the configurator script:

    3. ./config-commda

  3. Accept the default for the Directory to store User Mgmt data files: [/var/opt/SUNWcomm]
  4. Install Delegated Administrator Utility, Console, and Server.

    5. The installation script prompts for a series of options. Use the following table to respond to the configuration options:

    Table 14  Values for config-commda Script  

    Option

    [Default Value]

    Enter:

    AM Hostname

    [wireless.map.beta.com]

    accept default

    AM Port

    [8080]

    80

    Default Domain

    [map.beta.com]

    accept default

    Default SSL Port

    [443]

    accept default

    Web Container

    [Web Server]

    accept default

    Web Server Root Directory

    [/opt/SUNWwbsvr]

    accept default

    Web Server Instance Identifier

    [wireless.map.beta.com]

    accept default

    Web Virtual Server Identifier

    [https-wireless.map.beta.com]

    accept default

    Web Server HTTP Port

    [80]

    80 (default)

    Default Domain Separator

    [@]

    accept default

    Access Manager Base Directory

    [/opt/SUNWam]

    accept default

    Web Server Root Directory

    [/opt/SUNWwbsvr]

    accept default

    Web Server Instance Identifier

    [wireless.map.beta.com]

    accept default

    Web Virtual Server Identifier

    [https-wireless.map.beta.com]

    accept default

    Web Server HTTP Port

    [80]

    80 (default)

    URL of Directory Server

    [ldap://wireless.map.beta.com:389/]

    accept default

    Bind As

    [cn=Directory Manager]

    accept default

    Password

    --

    adminpass

    AM Top level admin

    [amadmin]

    accept default

    AM admin password

    --

    adminpass

    Access Manager Internal LDAP Auth Username

    amldapuser

    accept default

    AM Internal LDAP Auth Password for amldapuser

    --

    nonadminpass

    Organization DN

    [o=map.beta.com,o=isp]

    accept default

    Top Level Admin for Default Organization

    [admin]

    accept default

    Password

    --

    adminpass

    Load Sample Service Packages

    --

    Yes (Checked)

    Load Sample Organizations

    --

    Yes (Checked)

    Preferred Mailhost for Sample

    [wireless.map.beta.com]

    accept default

  5. Select Configure Now.
  6. Click Next to continue.

    7. Two warnings appear: one is remind you to restart Web Server; the other is to remind you to enable the mail and calendar domains. The next steps correct these problems.

  7. When the configuration is finished, click Close to exit.
  8. Restart Web Server:

    9. cd /opt/SUNWwbsvr/https-wireless.map.beta.com

    ./stop

    ./start

  9. Modify the mail and calendar domains, and create users by using the commadmin utility:

    10. /opt/SUNWcomm/bin/commadmin domain modify -D admin -w adminpass -X wireless.map.beta.com -n map.beta.com -p 80 -d map.beta.com -S mail,cal -H wireless.map.beta.com

    /opt/SUNWcomm/bin/commadmin user create -D admin -F John -l jdoe -L Doe -n map.beta.com -p 80 -w adminpass -W demo -X wireless.map.beta.com -S mail,cal -E jdoe@map.beta.com -H wireless.map.beta.com -k legacy

    /opt/SUNWcomm/bin/commadmin user create -D admin -F Calendar -l calmaster -L Master -n map.beta.com -p 80 -w adminpass -W adminpass -X wireless.map.beta.com -S mail,cal -E calmaster@map.beta.com -H wireless.map.beta.com -k legacy

    Create as many users as you need. The Instant Messaging configuration steps in the next section show how to add Presence and Instant Messaging services to those users.

Configuring Instant Messaging

Configuring Instant Messaging is important for the completeness of the demo but is not necessary for Mobile Access.

  1. Change to the directory where the Instant Messaging configuration script is located:

    2. cd /opt/SUNWiim

  2. Run the Instant Messaging configurator script:

    3. ./configure

  3. Install all services and verify the following:
    • Hostname: wireless
    • DNS domain name: map.beta.com
  4. Check both Access Manager (Identity Server) options for SSO and Policy.
  5. Verify locations and ports:
    • Instant Messaging runtime files directory: /var/opt/SUNWiim
    • Instant Messaging Server Domain Name: map.beta.com
    • Instant Messaging Server port: 45222
    • Multiplexor port: 5222
    • Leave Disable Server (enable only multiplexor) unchecked
  6. Verify LDAP configuration:
    • LDAP Host Name: wireless.map.beta.com
    • LDAP Port: 389
    • Base DN: o=map.beta.com,o=isp
    • Bind DN: cn=Directory Manager
    • Bind Password: adminpass
  7. Set the SMTP Server to wireless.map.beta.com.
  8. Set codebase to http://wireless.map.beta.com:80/im.
  9. Assign Instant Messaging to existing users.
  10. Start Instant Messaging after successful configuration and on system startup.

    11. After clicking Next, wait a few minutes for Instant Messaging to be configured.

  11. At the Configuration Summary screen, click Close to exit.
  12. Create a link to Instant Messaging in the /opt/SUNWwbsvr/docs directory:

    13. cd /opt/SUNWwbsvr/docs

    ln -s /opt/SUNWiim/html im

  13. Edit the Instant Messaging portlet in the Portal Server Desktop to include the proper ports and parameters.

    14. Note

    You might have to execute these steps after you have added the mail and calendar services to Access Manager, because you might not be able to access the Portal Desktop until that service has been registered.

    1. In your web browser, open a URL for the Access Manager console and log in as amadmin (password is adminpass.) The URL for the Access Manager console is:

      2. http://fully-qualified-hostname:portal-server-port/amconsole

      In this example, type:

      http://wireless.map.beta.com/amconsole

    2. Choose Services from the View menu in the left pane.
    3. Click the properties icon for Portal Desktop Service.

      4. The properties appear in the right pane.

    4. Click the Manage Channels and Containers link in the right pane.
    5. Scroll to the bottom of the right pane where the Channels are listed. You will see a channel labeled IMChannel. Click the Edit Properties link to the right of the channel name and type the following attributes:
      • mux: wireless.map.beta.com
      • muxport: 5222
      • clientRunMode: jnlp (changed from plugin)
      • codebase: im
      • authMethod: idsvr
    6. When done, click Save.

Configuring Calendar Server

This section shows you how to run the Calendar Server configuration script.

  1. Change to the directory where the configuration script is located:

    2. cd /opt/SUNWics5/cal/sbin

  2. Run the Calendar Server configurator script:

    3. ./csconfigurator.sh

  3. Verify the correct Administration and LDAP information.
    • LDAP Server Host Name: wireless.map.beta.com
    • LDAP Server Port: 389
    • Verify the Directory Manager DN as cn=Directory Manager. Type the password as adminpass.
    • The Base DN should be o=map.beta.com,o=isp (you might need to edit this value.)
    • Administrator User ID: calmaster
    • Type the Administrator password as adminpass.
  4. After verifying and typing or modifying the required information, click Next to continue.
  5. Verify Email information:
    • Email alarms should be enabled.
    • The administrator email address is root@wireless.map.beta.com.
    • The SMTP Host Name is wireless.map.beta.com.
  6. After verifying and entering or modifying the required information, click Next to continue.
  7. Verify the correct Runtime configuration:
    • The Service Port should be set to 3080.
    • Maximum sessions and threads can be left at default values, 5000 and 20 respectively.
    • The Number of Server processes can be left at the default value, which is generally the number of CPUs in a system.
    • Accept the default Runtime User ID and Runtime Group ID. The default User ID is icsuser and the default Group ID is icsgroup. If this group does not exist, you will be prompted to create the group and the user later.
    • Enable automatic starting of Calendar server on reboot only, not after configuration. (Deselect “Start after successful configuration.”)
  8. After verifying and typing or modifying the required information, click Next to continue.
  9. Verify the locations to store configuration and data files:
    • Accept default Config Directory: /etc/opt/SUNWics5/config
    • Accept default Database Directory: /var/opt/SUNWics5/csdb
    • Accept default Logs directory: /var/opt/SUNWics5/logs
    • Accept default Temporary Files directory: /var/opt/SUNWics5/tmp
  10. After verifying the required information, click Next to continue.
  11. You are prompted to create the new directories if they do not exist. Create them.
  12. Enable Archive and Hot Backup. Accept the defaults:
    • Accept default Archive directory: /var/opt/SUNWics5/csdb/archive
    • Accept default Hot Backup directory: /var/opt/SUNWics5/csdb/hotbackup
    • Accept default Minimum & Maximum archive lengths: 3 days and 6 days respectively
    • Accept default Minimum & Maximum hot backup lengths: 3 days and 6 days respectively
    • Hot backup checkbox should be checked “Same as archive”
  13. You are prompted to create the new directories if they do not exist. Create them.
  14. Click the Configure Now button to configure Calendar Server.

    15. The Configuration begins. Configuration takes less than one minute. Click the Details button to verify that all packages configured correctly. Click the Close button to exit the configurator.

  15. Start the Calendar Server daemons:

    16. cd /opt/SUNWics5/cal/sbin

    ./stop-cal

    ./start-cal

  16. To log in to Calendar Server, open a browser and type the name of the system in the URL. In this example, type:

    17. http://wireless.map.beta.com:3080

    You are prompted for a user name and password. If you created a user according to the previous steps in this section, type jdoe for the user name, and demo for the password.

  17. Verify that you can log in with one of the users you previously created by using the Access Manager console.

Configuring Communications Express

This section shows you how to run the Communications Express configuration script.

  1. Change to the directory where the configuration script is located:

    2. cd /opt/SUNWuwc/sbin

  2. Run the Communications Express configurator script:

    3. ./config-uwc

  3. Accept the default for Directory to store configuration and data files: [/var/opt/SUNWuwc]
  4. Install the Mail and Calendar Components.

    5. The installation script prompts for a series of options. Use Table 15 to respond to the configuration options:

    Table 15  Values for config-uwc Script  

    Option

    [Default Value]

    Enter:

    Hostname

    [wireless]

    accept default

    DNS Domain

    [map.beta.com]

    accept default

    Web Container

    [Web Server]

    accept default

    Web Server root Directory

    [/opt/SUNWwbsvr]

    accept default

    Web Server Instance Identifier

    [wireless.map.beta.com]

    accept default

    Virtual Server Identifier

    [https-wireless.map.beta.com]

    accept default

    HTTP Port

    [80]

    accept default

    Web Container User ID

    [webservd]

    root

    Web Container Group IP

    [webservd]

    other

    URI Path

    [/uwc]

    accept default

    Hosted Domain Support

    [No]

    accept default

    URL of Directory Server

    [ldap://wireless.map.beta.com:389/]

    accept default

    Bind DN

    [cn=Directory Manager]

    accept default

    Password

    --

    adminpass

    DC Tree suffix

    [o=isp]

    accept default

    Default Domain

    [map.beta.com]

    accept default

    IS Login URL

    [http://wireless.map.beta.com:80/amserver/UI/Login]

    accept default

    IS Administrator DN

    --

    uid=amadmin,ou=people,o=isp

    IS Administrator Password

    --

    adminpass

    Messenger Express Port

    [80]

    2080

    Calendar Server Hostname

    [wireless.map.beta.com]

    accept default

    Calendar Server Port

    [9004]

    3080

    Calendar Admin user ID

    [calmaster]

    accept default

    Calendar Administrator User Password

    --

    adminpass

    URL of PAB Directory Server

    [ldap://wireless.map.beta.com:389]

    accept default

    Bind As

    [cn=Directory Manager]

    accept default

    Password

    --

    adminpass

  5. Click the Configure Now button to configure Communications Express.
  6. After the configuration is finished, click Next, then click Close.
  7. Restart Web Server:

    8. cd /opt/SUNWwbsvr/https-wireless.map.beta.com

    ./stop

    ./start

Configuring Single Sign-on (SSO) for Communications Products

To set up SSO for Communications Express and for Access Manager/Portal Server, you edit the uwcauth.properties file in the /var/opt/SUNWuwc/WEB-INF/config/ directory. You also need to run the configutil utility for Messaging Server properties, and edit the ics.conf file for Calendar Server.

  To Configure Communications Express for SSO

  1. Verify the following settings in the /var/opt/SUNWuwc/WEB-INF/config/uwcauth.properties file:

    2. uwcauth.identity.enabled=true

    uwcauth.identity.login.url=http://wireless.map.beta.com:80/amserver/UI/Login

    uwcauth.identity.binddn=uid=amadmin,ou=people,o=isp

    uwcauth.identity.bindcred=adminpass

    uwcauth.identity.cookiename=iPlanetDirectoryPro

    uwcauth.http.port=80

    uwcauth.https.port=443

  2. Restart Web Server if you change any of the above settings.

  To Configure Messaging Server for SSO

  To Configure Calendar Server for SSO

  1. Stop Calendar Server:

    2. cd /opt/SUNWics5/cal/sbin

    ./stop-cal

  2. Edit the /opt/SUNWics5/cal/config/ics.conf file (in a text editor such as vi) and make the following changes:

    3. service.http.allowadminproxy = "yes"

    local.calendar.sso.amnamingurl = "http://wireless.map.beta.com:80/amserver/namingservice"

    local.calendar.sso.singlesignoff = "yes"

    local.calendar.sso.amcookiename = "iPlanetDirectoryPro"

    local.calendar.sso.logname = "am_sso.log"

    service.calendarsearch.ldap = "no"

    service.http.ipsecurity = "no"

  To Configure Instant Messaging Calendar Notifications

  1. Edit the /opt/SUNWics5/cal/config/ics.conf file (in a text editor such as vi) and make the following changes:

    2. caldb.serveralarms = "1"

    caldb.serveralarms.dispatch = "yes"

    caldb.serveralarms.url = "enp:///ics/customalarm"

    caldb.serveralarms.contenttype = "text/calendar"

    caldb.serveralarms.dispatchtype = "ens"

  2. Restart Calendar Server:

    3. cd /opt/SUNWics5/cal/sbin

    ./start-cal

Verifying Single Sign-on (SSO) Configuration

This section describes how to verify the SSO configuration for Communications Express client, Delegated Administrator, and Instant Messenger. You simply verify that you can log in to the various services. After you are satisfied that you can log in, log out.

  1. In your web browser, open the following URL for the Communications Express client:

    2. http://wireless.map.beta.com/uwc

  2. Log in as one of the users created earlier.

    3. If you created a user according to the previous steps, type jdoe for the user name, and demo for the password.

  3. In your web browser, open the following URL for Delegated Administrator:

    4. http://wireless.map.beta.com/da/DA/Login

  4. Log in as user admin.

    5. The password is adminpass.

  5. In your web browser, open the following URL for Instant Messenger:

    6. http://wireless.map.beta.com/im/en/im.jnlp

    Note

    If you cannot log into Instant Messaging as a user, you might need to manually add the Instant Messaging and Presence Services to the user. See To Add Services to the Lower Level Organization for more information.

Configuring Portal Server

The following procedures enable Portal Server services to permit a portal user to gain access to Communications Channel and Mobile Access functionality.

  To Log In to Access Manager

  1. In your web browser, open a URL for the Access Manager console and log in as amadmin. The URL for the Access Manager console is:

    2. http://fully-qualified-hostname:portal-server-port/amconsole

    In this example, type:

    http://wireless.map.beta.com/amconsole

  2. Log in as amadmin.

    3. The password is adminpass.

  To Add Services to the Lower Level Organization

If you set your Organization DN to o=map.beta.com,o=isp, you need to add Portal Server services to the map.beta.com organization. Once these services have been added to the suborganization, you add the necessary services to each user in this suborganization.

Note

Previously, you created a set of users with the commcli command. These users exist in the map.beta.com organization. At this point, there are no Services defined for these users. You need to register the services with these users for them to be able to log in to Portal Server.

  1. Upon logging into the Access Manager console, you are presented with a view of all your organizations. The map.beta.com organization is listed. Click the link to map.beta.com.
  2. Choose Services from the View menu in the left pane.
  3. Click the Add button.
  4. Either click the individual services to add to this organization, or click on the box at the top of the list that shows two checkboxes. This selects all the services. Upon selecting all the services, click the OK button to add all the services to the suborganization.
  5. Within this same suborganization, click the properties icon next to the name of all the services.

    6. You see that a template does not exist for these services. You might want to create a template.

    Note

    Creating new templates in suborganizations is useful if the values in the suborganization will be different from those in the top level organization. When you create a new template, values for the attributes might automatically change to default values, not the values that you thought were assigned. Hence, it is best not to create a separate template unless absolutely necessary.

    One of the values that changes is Portal Desktop Type in the Portal Desktop service. You need to change the value from default to sampleportal.

    If you do not create service templates, then the service parameters are inherited from the higher level organization.

  6. Click the Yes button when prompted to create a template.

    7. It is not necessary to create a template. If one does not exist, the properties of the service will be inherited from the top level organization.

  7. Choose Users from the View menu.

    8. A list of users is presented. You need to add the services you just registered in this suborganization to each user.

  8. Click the property icon beside a user.
  9. In the right pane, open the View drop-down menu and choose Services.

    10. No services are listed.

  10. Click the Add button.

    11. A list of services appears.

  11. Click the double-checked box at the top of the list of services to add all services. Then click the OK button.

Configuring Address Book SSO Adapter Template

Note

This section is applicable only to the Messenger Express personal address book Portal Server channel. Skip this section if you are using the Communications Express Address Book Channel.

The following steps enable use of the Personal Address Book (PAB). Perform these steps very carefully to help insure the correct operation of address book related features.

  To Configure the Address Book SSO Adapter Template

  1. From the previous section, you should still be logged in to the Access Manager console.
  2. Click the Service Configuration tab.
  3. In the left pane, click the property arrow for SSO Adapter.

    4. The SSO Adapter Templates list appears in the right hand panel. There should be an entry labeled [SUN-ONE-ADDRESS-BOOK].

  4. Click the New button to create a template without brackets in the name.

    5. Type in the name SUN-ONE-ADDRESS-BOOK.

  5. Choose the Existing Template [SUN-ONE-ADDRESS-BOOK].
  6. Click the Create button.

    7. A list of editable properties should appear with their corresponding values.

  7. The SSOAdapter Template takes the form of a very long URL. Within the default value of this URL, several values appear for which substitutions must be provided. These values are indicated as hyphen-separated, all uppercase names, contained within square brackets. Edit the values appearing in the editable text boxes, and perform the following substitutions:
    • [SERVER-NAME:PORT]: Specifies the name of the LDAP server providing the PAB service, that is, wireless.map.beta.com:389.
    • [PAB-SEARCH-BASE]: Specifies the LDAP search base of the PAB. Assuming that a default Messaging Server installation was done, a value of o=pab should suffice.
    • [USER-SEARCH-BASE]: Specifies the LDAP search base for users. Using our Messaging Server installation example, a value of o=map.beta.com,o=isp should suffice.
    • [ADMIN-ID]: Specifies the DN of the PAB admin. This can be determined by logging in to the back-end machine as root and performing the following steps:

      • # cd /opt/SUNWmsgsr/sbin

      # ./getconf | grep local.service.pab.ldapbinddn

      For example: uid=msg-admin-wireless.map.beta.com-20030729221841, ou=People, o=sun, o=isp

    • [ADMIN-PASSWORD]: Specifies the password for the PAB admin. This can be determined by logging into the back-end machine as root and performing the following steps:

      • # cd /opt/SUNWmsgsr/sbin

      # ./getconf | grep local.service.pab.ldappasswd

      For example: 7]GV89[1}f

    • [IMAP-HOST]: Should specify the name of the IMAP server that is used for authenticating PAB users. Typically, this is the same server name value used when defining [SERVER-NAME:PORT], that is, wireless.map.beta.com.
    • [IMAP-PORT]: Should specify the port of the IMAP server that is used for authenticating PAB users. Typically, this is set to 143.
    • [CLIENT-PORT]: Should specify the port that provides web application service for PAB. This is typically the port on which Messenger Express service is available. Our example uses client port 2080.
  8. After making all the substitutions to the SSOAdapter Template string, click the Save button beneath the SSO Adapter Templates list.
  9. Click Finished.

    10. You should see the new SSOAdapter Template appear in the list.

  10. Select the check box beside the original template and click Remove.

    11. Note

    Removing the original template is optional. As long as the original configName is enclosed in brackets, it does not need to be removed.

  11. Go to the top of the SSO Adapter panel and click Save.

Configuring Portal and Back-end Servers for Proxy Authentication

You can enable administrator proxy authentication for the Address Book, Calendar, and Mail channels. By enabling administrator proxy authentication, users do not need to edit a channel’s properties (through the channel’s edit page) to input their authentication credentials. Instead, an administrator’s credentials are used and are stored in the SSO Adapter template. To configure administrator proxy authentication, you must perform the following steps. If you do this, you can then skip Configuring a Portal Server User.

  To Configure the Portal Mail Channel for the SSO Adapter Service

  1. At the top level organization where you modified the SSO Template for Address Book, find the Global SSO IMAP Adapter for SUN-ONE-MAIL.
  2. Click the Edit Properties link.

    3. Move the following attributes from the Merge column to the Default column. You do this by clicking the Change Type button and then moving the attributes from Merge to Default.

    • host
    • port
    • smtpServer
    • clientPort
    • smtpPort
    • domain

      • The only attributes remaining in the Merge column will be password and uid.

  3. When done moving the attributes, click the Save button.
  4. Insert values for these default variables.

    5. The keyword merge essentially means that the attribute value is derived from user input. The keyword default means the attribute values are provided in the SSO template. Provide these values:

    • enableProxyAuth

      • The default value is false. Change to true.

    • proxyAdminUid

      • Specifies the name of the Messaging Server admin user. The default value is [PROXY-ADMIN-UID]. In this example, the value is admin.

    • proxyAdminPassword

      • Specifies the password of the admin user. The default value is [PROXY-ADMIN_PASSWORD]. In this example, the value is adminpass.

    • host

      • The value takes the form of fully qualified host. Thus, in this example, the value is wireless.map.beta.com.

    • port

      • This is the value of the IMAP port. In this example, the value is 143.

    • smtpServer

      • This is the value of the SMTP server, which for this example is the same name as the mail host, wireless.map.beta.com.

    • clientPort

      • This is the value of the Messaging Client port, which in this example is 2080.

    • smtpPort

      • This is the value of the SMTP port. In this example, the value is 25.

    • Leave the domain field empty.
    • serverSSOEnabled

      • Setting this variable enables the link to launch the application from the channel. The default value is false. Change to true.

  5. Click Save to save the configuration.

  To Configure the Communications Express Mail Channel for SSO Template Configuration

  1. At the top level organization where you modified the SSO Template for Address Book, find the Global SSO IMAP Adapter for SUN-UWC-MAIL.
  2. Click the Edit Properties link.

    3. Move the following attributes from the Merge column to the Default column. You do this by clicking the Change Type button and then moving the attributes from Merge to Default.

    • host
    • port
    • smtpServer
    • clientPort
    • smtpPort
    • domain

      • The only attributes remaining in the Merge column will be password and uid.

  3. When done moving the attributes, click the Save button.
  4. Insert values for these default variables.

    5. The keyword merge essentially means that the attribute value is derived from user input. The keyword default means the attribute values are provided in the SSO template. Provide these values:

    • enableProxyAuth

      • The default value is false. Change to true.

    • proxyAdminUid

      • Specifies the name of the Messaging Server admin user. The default value is [PROXY-ADMIN-UID]. In this example, the value is admin.

    • proxyAdminPassword

      • Specifies the password of the admin user. The default value is [PROXY-ADMIN_PASSWORD]. In this example, the value is adminpass.

    • host

      • The value takes the form of fully qualified host. Thus, in this example, the value is wireless.map.beta.com.

    • port

      • This is the value of the IMAP port. In this example, the value is 143.

    • smtpServer

      • This is the value of the SMTP server, which for this example is the same name as the mail host, wireless.map.beta.com.

    • clientPort

      • This is the value of the Messaging Client port, which in this example is 2080.

    • smtpPort

      • This is the value of the SMTP port. In this example, the value is 25.

    • Leave the domain field empty.
    • serverSSOEnabled

      • Should be true. Setting this variable enables the link to launch the application from the channel.

  5. Click Save to save the configuration.

  To Configure the Calendar Channel for SSO Template Configuration

  1. At the top level organization where you modified the SSO Template for Address Book, find the Global SSO http Adapter for SUN-ONE-CALENDAR.
  2. Click the Edit Properties link.

    3. Move the following attributes from the Merge column to the Default column. You do this by clicking the Change Type button and then moving the attributes from Merge to Default.

    • host
    • port
    • clientPort
  3. When done moving the attributes, click the Save button.
  4. Insert values for these default variables.

    5. The keyword merge essentially means that the attribute value is derived from user input. The keyword default means the attribute values are provided in the SSO template. Provide these values:

    • enableProxyAuth

      • The default value is false. Change to true.

    • proxyAdminUid

      • Specifies the name of the Calendar Server admin user. The default value is [PROXY-ADMIN-UID]. In this example, the value is calmaster.

    • proxyAdminPassword

      • Specifies the password of the calmaster user. The default value is [PROXY-ADMIN_PASSWORD]. In this example, the value is adminpass.

    • host

      • The value takes the form of fully qualified host. Thus, in this example, the value is wireless.map.beta.com.

    • port

      • You could use a different port number, but in this example the port is 3080.

    • clientPort

      • This is the value of the Calendar Client port, which in this example is 3080.

    • serverSSOEnabled

      • The default value is false. Do not change this value. Setting this variable enables the link to launch the application from the channel.

  5. Click Save to save the configuration.

  To Configure the Communications Express Calendar Channel for SSO Template Configuration

  1. At the top level organization where you modified the SSO Template for Address Book, find the Global SSO http Adapter for SUN-UWC-CALENDAR.
  2. Click the Edit Properties link.

    3. Move the following attributes from the Merge column to the Default column. You do this by clicking the Change Type button and then moving the attributes from Merge to Default.

    • host
    • port
    • clientHost
    • clientPort
  3. When done moving the attributes, click the Save button.
  4. Insert values for these default variables.

    5. The keyword merge essentially means that the attribute value is derived from user input. The keyword default means the attribute values are provided in the SSO template. Provide these values:

    • enableProxyAuth

      • The default value is false. Change to true.

    • proxyAdminUid

      • Specifies the name of the Calendar Server admin user. The default value is [PROXY-ADMIN-UID]. In this example, the value is calmaster.

    • proxyAdminPassword

      • Specifies the password of the calmaster user. The default value is [PROXY-ADMIN_PASSWORD]. In this example, the value is adminpass.

    • serverSSOEnabled

      • The default is true. Do not change this value. Setting this variable enables the link to launch the application from the channel.

    • host

      • The value takes the form of fully qualified host. Thus, in this example, the value is wireless.map.beta.com.

    • port

      • You could use a different port number, but in this example the port is 3080.

    • clientHost

      • Use wireless.map.beta.com as the value.

      clientPort

      Use 80 as the value.

  5. Click Save to save the configuration.

  To Configure the Address Book Channel for SSO Template Configuration

  1. Select the Global SSO LDAP adapter for SUN-ONE-ADDRESS-BOOK and make the following substitutions:
    • enableProxyAuth

      • The default value is false. Change to true.

    • proxyAdminUid

      • Specifies the name of the Messaging Server admin user. The default value is [PROXY-ADMIN-UID]. In this example, the value is admin.

    • proxyAdminPassword

      • Specifies the password of the admin user. The default value is [PROXY-ADMIN_PASSWORD]. In this example, the value is adminpass.

    • serverSSOEnabled

      • The default value is false. Change to true. Setting this variable enables the link to launch the application from the channel.

  2. Click Save to save the configuration.

  To Set up Admin Proxy Auth for Messaging Server and Calendar Server

You need to enable the capability to allow proxy authentication on Messaging Server and Calendar Server. These steps should have already been performed in the previous sections, but you verify that they have been set.

  1. On the Messaging Server host, perform the following:

    2. wireless# cd /opt/SUNWmsgsr/sbin

    wireless# ./configutil -o service.http.allowadminproxy -v yes

    wireless# ./stop-msg

    wireless# ./start-msg

  2. To enable http.allowadminproxy on the Calendar Server host, perform the following:
    1. Stop Calendar Server:

      2. ./stop-cal

    2. Open the /opt/SUNWics5/cal/config/ics.conf file in an editor (such as vi).
    3. Type: service.http.allowadminproxy = "yes"
    4. Restart Calendar Server:

      5. cd /opt/SUNWics5/cal/sbin

      ./start-cal

Configuring New Communications Express Channels in the Portal Desktop

By default, the communications channels that are displayed in the Portal Desktop are the “old” channels. If you want to display the “new” Communications Express channels in the Portal Desktop, you need to add them to the Desktop container.

Note

The Mobile Access channels should use the “old” channels, since the Communications Express channels are not currently supported by Mobile Access

  To Obtain Necessary Portal Server Patch

To enable the Communications Express AddressBook channel, you need to first download and install patch 118950 for Portal Server. This patch corrects problems with the AddressBook channel failing and with proxy authentication.

  1. Obtain the patch from the Sunsolve site: http://sunsolve.sun.com
  2. Click PatchFinder.
  3. Type the patch ID 118950 in the PatchFinder text box, and click Find Patch.
  4. Download the zip file for the patch.
  5. Expand the zip file.

    6. For example:

    unzip 118950-12.zip

    A directory is created for the patch files.

  6. Apply the patch.

    7. For example:

    patchadd 118950-12

    Note

    Please consult the release notes for this patch (rel_notes.html) to complete the manual post-installation procedures.

  To Configure New Communications Express Channels

  1. In your web browser, open a URL for the Access Manager console and log in as amadmin. The URL for the Access Manager console is:

    2. http://fully-qualified-hostname:portal-server-port/amconsole

    In this example, type:

    http://wireless.map.beta.com/amconsole

  2. Log in as amadmin.

    3. The password is adminpass.

  3. Click the Identity Management tab.
  4. Go to the top level organization, or, if you created service templates, navigate to the lower level organization.
  5. Choose Services from the View menu in the left pane.
  6. Click the property arrow for Portal Desktop.
  7. In the right pane, the Portal Desktop settings appear. Click the Manage Channels and Containers link.
  8. Click the MyFrontPageTabPanelContainer link.
  9. Scroll down until the Ready For Use list appears.
  10. Select the UWCMail, UWCCalendar, and UWCAddressbook channels.
  11. Click the Add button to move them to the Available box. Select them again and click the Add button to move them to the Visible on the Portal Desktop box.
  12. Select AddressBook, Calendar, and Mail (the “old” channels) and move them from the Visible box back up to the Ready For Use box.

    13. This effectively removes them from the Desktop.

  13. Click Save (under Channel Management).

Configuring Users

This section describes how to use the Access Manager console to add services to user accounts, the Delegated Administrator utility to create additional users, as well as additional Portal Server configuration steps.

This section contains the following topics:

Configuring User Services

The following steps are required to add mobile services to each of the users that you previously created. If you create additional users, you need to perform these steps as well. The steps enable users to modify their mobile mail or addressbook preferences.

  To Add Services to User Accounts

  1. In a web browser, open the URL for the Access Manager console and log in as amadmin. The URL for the Access Manager console is:

    2. http://fully-qualified-hostname:portal-server-port/amconsole

    In this example, type:

    http://wireless.map.beta.com/amconsole

  2. Click the Identity Management tab.
  3. You will be presented with a view of all your organizations including map.beta.com. Click the map.beta.com link.
  4. Choose Users from the View menu.
  5. For each user created, click the property icon to the right of the user’s name.
  6. In the right pane, Choose Services from the View menu.
  7. Click the Add button to add new services.
  8. Select Mobile Address Book, Mobile Calendar, and Mobile Mail checkboxes, as well as any other available services, then click the OK button.

    9. Tip

    A shortcut is to click the double-checked box at the top of the list of services to add all services.

  9. Repeat these steps for other users as needed.

Creating Additional User Accounts and Groups

This section describes how to create additional users accounts and groups. Users and groups created in this fashion work with both Communications Services products and Portal Server.

  To Create End User Accounts and Groups

  1. The following example shows how to create users using the Delegated Administrator command-line utility and also how to create a group consisting of the users created.

    2. # /opt/SUNWcomm/bin/commadmin user create -D admin -F Demo -l demo1 -L One -n map.beta.com -p 80 -w adminpass -W demo -X wireless.map.beta.com -S mail,cal -E demo1@map.beta.com -H wireless.map.beta.com -k legacy

    # /opt/SUNWcomm/bin/commadmin user create -D admin -F Demo -l demo2 -L One -n map.beta.com -p 80 -w adminpass -W demo -X wireless.map.beta.com -S mail,cal -E demo2@map.beta.com -H wireless.map.beta.com -k legacy

    # /opt/SUNWcomm/bin/commadmin group create -D admin -G Demostaff -n map.beta.com -p 80 -w adminpass -X wireless.map.beta.com -S mail -E Demostaff@map.beta.com -H wireless.map.beta.com -o calmaster -m demo1 -m demo2

  2. If you are using suborganizations, you need to configure the users for Portal services. See To Add Services to the Lower Level Organization for more information.

    3. Note

    Creating groups using the Delegated Administrator command-line interface will guarantee that these groups will be recognized by Access Manager as LDAP groups that can be searched on using Instant Messenger. They can also be used to send email to the entire group.

  To Create User Accounts by Using Delegated Administrator Console

An alternative to using the Delegated Administrator command-line utility to create users is to use the Delegated Administrator console. The high-level steps to create users with Delegated Administrator console are the following:

However, the first time you use Delegated Administrator console, you must add service packs to the organization that contains your users.

To add a user account with Delegated Administrator console:

  1. In a web browser, open the URL for the Delegated Administrator console and log in as amadmin (password is adminpass):

    2. http://wireless.map.beta.com/da/DA/Login

  2. Click the check box next to the map.beta.com organization, then click the Allocate Service Package button.
  3. Select the desired service packages.

    4. Choose from among bronze, silver, and topaz because they have IMAP service enabled. Each service package has a different mail quota.

  4. Click Next to continue.
  5. Now select the quantity of each service pack desired.

    6. A quantity of 100 is adequate for demo purposes.

  6. Click Finish.
  7. Once the service packs have been allocated for the domain, you can now add users to the domain. Click the domain link, map.beta.com.
  8. Click the New button to create a new user account within this domain.
  9. Type a First Name (such as Demo), Last Name (such as Five), Display Name (such as Demo Five), then click Next.
  10. There is no need to type postal information, so click Next.
  11. Select a service pack for this user, for example, gold, then click Next.
  12. Type the email address, for example, demo5@map.beta.com. Mail Delivery Option should be Local Inbox. Mail Service Status should be Active.
  13. Click Next.
  14. Type Login ID and Password. In this example, Login ID is demo5 and password is demo.
  15. Click Next to continue.
  16. Verify the user information then click Finish to create the user account.
  17. Log in to Access Manager as amadmin and assign services to those users as described previously in To Add Services to the Lower Level Organization or in To Add Services to User Accounts.

Configuring a Portal Server User

If you already configured Portal Server for proxy authentication, you do not need to perform steps in this section. Instead, skip to Logging in From a Mobile Device.

The Communication Services channel providers and the Mobile Access wireless applications are intended to give a portal user, through either an HTML or wireless Desktop, access to various services such as Mail, Calendar, and Addressbook. In the default Communication Services channel and Mobile Access installation, individual users must configure their channels with the information needed to gain access to a particular messaging service. The information provided by the user applies to both the HTML and wireless desktops.

Note

This section is only applicable to the “old” communications channels. There might be slight deviations with the “new” Communications Express channels.

  To Configure the Mail, Calendar, and Addressbook channels

Each end user must perform the following steps:

  1. In a web browser, open the following URL:

    2. http://wireless.map.beta.com/portal/dt

  2. Using the LoginProvider channel, enter the user name and password of a previously defined user (see To Create User Accounts by Using Delegated Administrator Console.
  3. Click Login.
  4. Once the Desktop appears, proceed with the following steps.

  To Configure a Portal User’s Mail Channel

  1. Look for the channel named Mail.

    2. The name of the channel is on the left side of the channel’s menu bar.

  2. On the right side of the channel’s menu bar, click the pencil icon (Edit Mail).
  3. Under the Account Information category, fill in the following fields:
    • Server Name: Type the name of the server that provides IMAP service for this user. In this example, use wireless.map.beta.com.
    • IMAP Server Port: If the IMAP server is configured in a standard fashion, skip this field. Otherwise, type the port number of the IMAP service. In this example, use 143.
    • SMTP Server Name: If the SMTP server is the same as the IMAP server, skip this field. Otherwise, type the name of the SMTP server that this user should use. In this example, use wireless.map.beta.com.
    • Client Port: Type the port number of the IMAP server that provides Messenger Express service. In this example, use 2080.
    • User Name: Type the user’s IMAP username.
    • User Password: Type the user’s IMAP password.
  4. When done entering information, click the Finished button.

    5. The Desktop should reappear, but this time the Mail channel should contain a summary of the user’s IMAP inbox.

  To Configure a Portal User’s Addressbook Channel

  1. Look for the channel named Addressbook.

    2. The name of the channel is on the left side of the channel’s menu bar.

  2. On the right side of the channel’s menu bar, click the pencil icon (Edit Addressbook).
  3. Under the Account Information category, fill in the following fields:
    • IMAP User Id: Type the user’s IMAP username.
    • IMAP Password: Type the user’s IMAP password.
  4. Click the Finished button.

    5. The Desktop should reappear, but this time the Addressbook channel should contain a summary of the user’s address book.

  To Configure a Portal User’s Calendar Channel

  1. Look for the channel named Calendar.

    2. The name of the channel is on the left side of the channel’s menu bar.

  2. On the right side of the channel's menu bar, click the pencil icon (Edit Calendar.)
  3. Under the Account Information category, fill in the following fields:
    • Server Name: Type the name of the server that provides calendar service for this user. This is assumed to be Calendar Server host. In this example, use wireless.map.beta.com.
    • Server Port: Type the port number on which Calendar Server services are found. In this example, use 3080.
    • User Name: Type the user’s Calendar Server user name.
  4. Click the Finished button.

    5. The Desktop should reappear, but this time the Calendar channel should contain a summary of the user’s calendar.

Logging in From a Mobile Device

This section describes how to log in to Mobile Access.

  To Log In to Mobile Access

  1. In your web browser, log in to Mobile Access. Open the following URL:

    2. http://wireless.map.beta.com/amserver/UI/Login

    You will then be presented with the mobile authentication page.

  2. Type your user ID and password

Logging in from the Portal Server Desktop is similar. All channels should be readily viewable.

Known Issues and Limitations

See the Java Enterprise System Release Notes Collection at the following URL to find out about known problems:

How to Report Problems and Provide Feedback

If you have problems with Sun Java Enterprise System, contact Sun customer support using one of the following mechanisms:

So that we can best assist you in resolving problems, please have the following information available when you contact support:

Sun Welcomes Your Comments

Sun is interested in improving its documentation and welcomes your comments and suggestions.

To share your comments, go to http://docs.sun.com and click Send Comments. In the online form, provide the document title and part number. The part number is a seven-digit or nine-digit number that can be found on the title page of the book or at the top of the document. For example, the title of this book is Sun Java Enterprise System 2005Q1 Technical Note: Deploying Java Enterprise System on a Single Host for Evaluation, and the part number is 819-2201-10.

Additional Sun Resources

Useful Sun Java System information can be found at the following Internet locations:

Copyright � 2005 Sun Microsystems, Inc. All rights reserved.

Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries.

SUN PROPRIETARY/CONFIDENTIAL.

U.S. Government Rights - Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements.

Use is subject to license terms.

This distribution may include materials developed by third parties.

Portions may be derived from Berkeley BSD systems, licensed from U. of CA.

Sun, Sun Microsystems, the Sun logo, Java and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries.

Copyright � 2005 Sun Microsystems, Inc. Tous droits r�serv�s.

Sun Microsystems, Inc. d�tient les droits de propri�t� intellectuels relatifs � la technologie incorpor�e dans le produit qui est d�crit dans ce document. En particulier, et ce sans limitation, ces droits de propri�t� intellectuelle peuvent inclure un ou plusieurs des brevets am�ricains list�s � l'adresse http://www.sun.com/patents et un ou des brevets suppl�mentaires ou des applications de brevet en attente aux Etats - Unis et dans les autres pays.

Propri�t� de SUN/CONFIDENTIEL.

L'utilisation est soumise aux termes du contrat de licence.

Cette distribution peut comprendre des composants d�velopp�s par des tierces parties.

Des parties de ce produit pourront �tre d�riv�es des syst�mes Berkeley BSD licenci�s par l'Universit� de Californie.

Sun, Sun Microsystems, le logo Sun, Java et Solaris sont des marques de fabrique ou des marques d�pos�es de Sun Microsystems, Inc. aux Etats-Unis et dans d'autres pays.

Toutes les marques SPARC sont utilis�es sous licence et sont des marques de fabrique ou des marques d�pos�es de SPARC International, Inc. aux Etats-Unis et dans d'autres pays.