Previous Contents Index Next |
iPlanet Messaging Server 5.2 Installation Guide for Windows NT |
Chapter 2 Installation Instructions
This chapter describes how to run the setup program, directory setup program, and silent installation. In addition, common installation scenarios are outlined. It is assumed that you have reviewed the previous sections in Chapter 1, "Preparing for Installation."
Installation Readiness
Transferring Messaging Server Installation Files
Running the ims_dssetup Script
Scenario One: Install Messaging and Directory Servers on the Same Machine
Post-Installation ConfigurationScenario Two: Install Messaging Server with Existing Configuration and Users and Groups Directory Servers
Scenario Three: Install Messaging Server with Existing Users and Groups Directory Server and New Configuration Directory Server
Scenario Four: Replicated Users and Groups Directory Server
Installation Readiness
At this point, you are almost ready to run the setup program and begin Messaging Server installation. You should be able to answer "yes" to the following questions before you continue:
Have you reviewed the System Requirements and verified that they have been met?
Have you reviewed the Product Hierarchy and Interaction to determine which components you will be installing and where you will be installing them?
Have you determined the Types of Installations you would like to perform, and have you gathered all of the necessary information?
Have you decided if you will use an existing Directory Server or install the one that comes with the Messaging Server? You should review Configuring an Existing Directory Server for more information on using an existing Directory Server.
Are you ready to your record your installation and configuration values in the installation checklist in Table 1-2?
Transferring Messaging Server Installation Files
To transfer and extract the product archive files, use the following steps.
From the Web
To transfer and extract the compressed installation program files from the iPlanet Web site, locate the Messaging Server archive file. Download and unzip the zipped archive of Messaging Server from:http://www.iplanet.com/downloads.
Unzip the m52DIU.zip archive.
Create a directory (such as c:\tmp\msg52) on the machine that will host Messaging Server and copy the archive files to that directory.
Locate the Messaging Server archive:
- From the product CD:
- Insert the CD into the CD-ROM drive on your installation machine and locate the archive \ntx86. Next, locate the appropriate subdirectory you want to install:
ES - iPlanet Web Server
Copy the ims_dssetup archive (on CD: \ntx86\iMS\msg) to the machine where you installed your existing Directory Server. Unzip the archive and make sure there is an ims_dssetup.pl file and a config sub-directory containing files with *.conf and *.ldif file extensions.iDA - iPlanet Delegated Administrator for Messaging
iMS - iPlanet Messaging Server
Note If you have two existing directory servers (one for users and groups and one for configuration data), you will need to run the ims_dssetup.pl on both directory servers.
Running the ims_dssetup Script
This section provides instructions on how to run the ims_dssetup.pl script to configure an existing Directory Server for Messaging Server installation. If you do not have an existing Directory Server, you do not need to read this section. The ims_dssetup.pl script is located in the msg directory where you downloaded the archive file from the Web; on the CD-ROM, it is also located in the msg directory:
Execute the ims_dssetup script with the following command:
At this point, you will see a summary of your options. It will look similar to the following:
Enter y to continue,
- perl ims_dssetup.pl
Specify the Directory Server root where the existing directory server resides.
- Welcome to the iMS Directory Server preparation tool.
- This tool prepares your directory server and for the iPlanet Messaging Server install.
- Do you want to continue [y]:
Select a Directory Server instance that you plan to use with the Messaging Server installation.
- Please enter the full path to the directory where Netscape Directory Server was installed.
- Directory server root [c:\iplanet\server5] :
Determine if the Directory Server will be used for both configuration and users and groups schema.
- Please select a directory server instance from the following list:
- [1] slapd-budgie
- Which instance do you want [1]:
Specify the base suffix for the DC tree or press Return to accept the default value. In the DC Tree, the convention is to set the root to o=internet.
- Is this server used for a users/groups directory for iMS[yes]:
Specify the base suffix under which the Users and Groups data should be set up. Press Return to accept the default value.
- Please enter the base suffix for DC Tree [o=internet]:
Answer yes or press Return to update the schema files.
- Please enter the base suffix under which the Users/Groups data should be set up [o=siroe.com] :
Answer yes or press Return to configure the new indexes.
- Do you want to update the schema files [yes]:
Specify the schema directory; this is the config subdirectory of the directory where the ims_dssetup.pl script is located:
- Do you want to configure new indexes [yes]:
Determine the directory manager who will manage the Users and Group data. Specify a directory manager or press Return to accept the default value:
- Please enter the schema directory [c:\iplanet\server5\msg\config]:
- Please enter the directory manager DN [cn=Directory Manager]:
Password:
Here is a summary of the settings that you chose:
Server Root : c:\iplanet\server5
Server Instance : slapd-budgie
Update Schema : yes
Users/Groups Directory : yes
DC Root : o=internet
User/Group Root : o=siroe.com
Add New Indexes : yes
Schema Directory : c:\iplanet\server5\msg\configAnswer yes or press Return to continue, or answer no to start over. Do you want to continue [y]:
If you answer no to Question 5, then you will not be asked Question 6, Question 7, and Question 9; additionally, these options will not be listed in the summary.
At this point, the configuration of the specified Directory Server begins.
Running the Setup Program
The installation directory where the iPlanet Messaging Server files (such as c:\temp\msg5install) reside, contains the setup.exe program.You can run the setup command as follows:
The optional parameters for the setup command are listed in Table 2-1:
To run setup, follow these steps:
Login as Administrator.
Run the setup command from the binary directories, using optional parameters (listed above) if necessary.
- You must have superuser privileges (logged in as Administrator) to run the installation program.
Silent Installation
The installation program allows you to create a silent installation cache file that can be used to quickly install additional Messaging Server instances in your enterprise. When you use the -k option during your first installation, you create the silent installation cache file. All of your responses to the installation prompts are recorded in that file.By running the silent installation, you instruct the setup program to read the silent installation cache file. The setup program uses the responses in this file rather than ask the same installation questions again for subsequent Messaging Server installations. When you use the cache file in a new installation, you are not asked any questions. Instead, all of the cache file responses are automatically applied as the new installation parameters.
The silent installation cache file is saved in the c:\server-root\setup directory. For example, if you installed the server into c:\iplanet\server5, the cache file for that installation is:
c:\iplanet\server5\setup\install.inf
To use the cache file for a fast installation of another Messaging Server instance, follow these steps:
Copy the silent installation cache file to the installation directory that you are using for the new installation.
Review and edit the silent installation cache file as necessary.
Run setup with the -s -f filename options where filename represents the full path and name of the silent installation cache file (Additional setup options are listed in Running the Setup Program.). For example:
- You will probably want to change some of the parameters and specifications in the cache file. For example, the host name for this installation may be different than the host name recorded in the cache file. Remember that the parameters listed in the cache file will be automatically applied to this installation.
- setup -s -f c:\home\foo\install.inf
Installation Scenarios
This section describes four common installation scenarios:
Note The instructions in these scenarios are geared for a Custom Installation. If you are performing an Express or Typical Installation, you will not see all of the questions listed here.
"Scenario One: Install Messaging and Directory Servers on the Same Machine." You are installing the Messaging Server and Directory Server on the same server. Typically, you will follow this installation scenario when you want to evaluate the Messaging Server product.
For some questions, you are instructed to provide a specific answer; for the others, you will need to provide your own answer. Detailed information about each question can be found in Chapter 3 "Installation Questions.".""Scenario Two: Install Messaging Server with Existing Configuration and Users and Groups Directory Servers." You are installing the Messaging Server with an existing Configuration and Users and Groups Directory Server.
"Scenario Three: Install Messaging Server with Existing Users and Groups Directory Server and New Configuration Directory Server." You are installing the Messaging Server with an existing Users and Groups Directory Server only. You may follow this installation scenario if you migrate your users and groups from the Netscape Messaging Server to iPlanet Messaging Server. Refer to the iPlanet Messaging Server Migration Guide for more information.
"Scenario Four: Replicated Users and Groups Directory Server." You are installing Messaging Server using Scenarios Two or Three, however, you are using an existing replicated Users and Groups Directory Server.
Note If you are installing the Messaging Server with an existing Directory Server, you must run the ims_dssetup script against that existing Directory Server to prepare it for the Messaging Server installation. For more information, see Configuring an Existing Directory Server and Running the ims_dssetup Script.
Tip It is important that you record your answer for each question in the Table 1-2; you may need them for another product installation (for example, iPlanet Delegated Administrator for Messaging requires answers to several of the questions specified during the Messaging Server installation. See Required Information for the iPlanet Delegated Administrator for Messaging Installation for more information.
After you have completed installing Messaging Server, the server processes will not start by default. Instead, you will need to manually start these processes. For more information on the STORED, POP, IMAP, HTTP, and MTA processes, see chapter on configuring general messaging capabilities in the iPlanet Messaging Server Administrator's Guide.
Scenario One: Install Messaging and Directory Servers on the Same Machine
Follow the installation instruction provided below if you are installing Messaging and Directory Servers on the same machine:
Go to the directory where you downloaded the installation files and click on the setup.exe program.
Run the setup program to begin installation. See Running the Setup Program for more information.
Provide answers for the following questions as described in Chapter 3, "Installation Questions."
Question 1: Welcome Screen
Question 2: License Agreement
Question 3: Select Server or Console Installation (Choose "iPlanet Servers")
Question 4: Installation Type (Choose "Custom Installation")
Question 5: Installation Location (server-root)
Question 6: iPlanet Server Products Components (select all the components on this screen.)
Question 7: LDAP URL of the Configuration Directory Server (Choose "This instance will be the configuration directory server.")
Question 8: LDAP URL of the Users and Groups Directory Server (Choose "Store data in this directory server.")
Question 9: Directory Server Settings
Question 10: Netscape Configuration and Directory Server Administrator
Question 14: Administration Domain
Question 15: Bind DN and Password of the Directory Manager
Question 16: Directory Server Replication
Question 17: Populate Directory Server with Sample Data
Question 18: Disable Schema Checking (Uncheck "Disable Schema Checking")
Question 19: Administration Server IP Address
Question 20: Administration Server Port
Question 21: Unique Identifier for this Messaging Server
Question 22: Messaging Server Host and Domain Names
Question 23: Default Domain and Organization for the Messaging Server
Question 24: Distinguished Name and Password of the Directory Manager
Question 25: Host name and Port of the iPlanet Delegated Administrator for Messaging Web Server
Question 26: Messaging Server Firewall
Question 27: Customizable Root of Domain Component Tree
Question 28: Primary Message Store Directory
Question 29: TCP/IP port numbers for POP3, IMAP, SMTP, and Messenger Express (Webmail)
Question 30: Login ID and Password for the Service Administrator
Question 31: Messaging Server Postmaster Address
Question 32: Configuration Summary
Scenario Two: Install Messaging Server with Existing Configuration and Users and Groups Directory Servers
Follow the installation instructions provided below if you are installing Messaging Server with an existing Configuration and Users and Groups Directory Servers.
Go to the directory where you downloaded the installation files and click on the setup.exe program.
Run the setup program to begin the installation. See Running the Setup Program for more information.
Provide answers for the following questions as described in Chapter 3, "Installation Questions."
Question 1: Welcome Screen
Question 2: License Agreement
Question 3: Select Server or Console Installation (Choose "iPlanet Servers")
Question 4: Installation Type (Choose "Custom Installation")
Question 5: Installation Location (server-root)
Question 6: iPlanet Server Products Components (Choose all component options except option 2 "Netscape Directory Suite")
Question 19: Administration Server IP Address
Question 20: Administration Server Port (Choose an Administration Server Port number that is different the Administration Server Port of the Directory Server. Record this port number in the Table 1-2 as you will need it for the iPlanet Delegated Administrator for Messaging installation.)
Question 11: Configuration Administrator
Question 12: Server Configuration Directory
Question 13: Administration Domain in Server Configuration Directory
Question 21: Unique Identifier for this Messaging Server
Question 22 Messaging Server Host and Domain Names
Question 23: Default Domain and Organization for the Messaging Server
Question 24: Distinguished Name and Password of the Directory Manager
Question 25: Host name and Port of the iPlanet Delegated Administrator for Messaging Web Server
Question 26: Messaging Server Firewall
Question 27: Customizable Root of Domain Component Tree
Question 28: Primary Message Store Directory
Question 29: TCP/IP port numbers for POP3, IMAP, SMTP, and Messenger Express (Webmail)
Question 30: Login ID and Password for the Service Administrator
Question 31: Messaging Server Postmaster Address
Question 32: Configuration Summary
Scenario Three: Install Messaging Server with Existing Users and Groups Directory Server and New Configuration Directory Server
Follow the installation instructions provided below if you are installing the Messaging Server with an existing Users and Groups Directory Server only:
Go to the directory where you downloaded the installation files and click on the setup.exe program.
Run the setup program to begin the installation. See Running the Setup Program for more information.
Provide answers for the following questions as described in Chapter 3, "Installation Questions."
Question 1: Welcome Screen
Question 2: License Agreement
Question 3: Select Server or Console Installation (Select "iPlanet Servers")
Question 4: Installation Type (Choose "Custom Installation")
Question 5: Installation Location (server-root)
Question 6: iPlanet Server Products Components (Choose all component options)
Question 7: LDAP URL of the Configuration Directory Server (Choose "This instance will be the configuration directory server.")
Question 8: LDAP URL of the Users and Groups Directory Server (Choose "Store data in an existing directory server.")
Question 9: Directory Server Settings (Use the configuration server settings of Configuration Directory Server.)
Question 10: Netscape Configuration and Directory Server Administrator
Question 14: Administration Domain
Question 15: Bind DN and Password of the Directory Manager
Question 16: Directory Server Replication (Click on "Do not configure as a Supplier" and "Do not configure as a Consumer.")
Question 17: Populate Directory Server with Sample Data
Question 18: Disable Schema Checking (Uncheck "Disable Schema Checking.")
Question 19: Administration Server IP Address
Question 20: Administration Server Port (Choose an Administration Server Port number that is different the Administration Server Port of the Directory Server. Record this port number in the Table 1-2 as you will need it for the iPlanet Delegated Administrator for Messaging installation.)
Question 21: Unique Identifier for this Messaging Server
Question 22: Messaging Server Host and Domain Names
Question 23: Default Domain and Organization for the Messaging Server
Question 24: Distinguished Name and Password of the Directory Manager
Question 25: Host name and Port of the iPlanet Delegated Administrator for Messaging Web Server
Question 26: Messaging Server Firewall
Question 27: Customizable Root of Domain Component Tree
Question 28: Primary Message Store Directory
Question 29: TCP/IP port numbers for POP3, IMAP, SMTP, and Messenger Express (Webmail)
Question 30: Login ID and Password for the Service Administrator
Question 31: Messaging Server Postmaster Address
Question 32: Configuration Summary
Scenario Four: Replicated Users and Groups Directory Server
If you install Messaging Server with a replicated users and group directory in Scenarios Two or Three, you must follow these additional steps before installing Messaging Server:
Run ims_dssetup.pl on the supplier and consumer Users and Groups Directory Servers (See Running the ims_dssetup Script).
Create an account (for example: uid=AManager, ou=People, o=siroe.com) for the supplier Users and Groups Directory Server. Use one of the following provisioning interfaces to do so:
Messaging Server LDAP directory (See the iPlanet Messaging Server Provisioning Guide.)
On the supplier Users and Groups Directory Server, use the ldapmodify command to give the account full access to the DC Root (such as o=internet), the Personal Address Book suffix (such as o=pab), and the Users and Groups Directory Server suffix (for example, o=siroe.com).iPlanet Delegated Administrator for Messaging console (See the iPlanet Delegated Administrator for Messaging and Collaboration Installation and Administration Guide.)
iPlanet Delegated Administrator for Messaging command-line utilities (See the chapter on Delegated Administrator command-line utilities in the iPlanet Messaging Server Reference Manual.)
iPlanet Messaging Server Administration Console (Refer to Netscape Console documentation: http://docs.iplanet.com/docs/manuals/console.html.)
Set up the SIR replication agreement for the DC Root, Personal Address Book suffix, and the Users and Groups Directory Server suffix. See the Netscape Directory Server Administration Guide for more information: http://docs.iplanet.com/docs/manuals/directory.html
- In the following example, the account is given access to the Personal Address Book suffix:
- ldapmodify -D "cn=Directory Manager" -w password < aci.ldif
- The modify entry file aci.ldif contains the following information:
- dn: o=pab
changetype: modify
add: aci
aci: (target="ldap:///o=pab")(targetattr="*")(version \
3.0; acl "Full Access to AManager"; allow (all) userdn= \
"ldap:///uid=AManager,ou=People, o=siroe.com";)
- In addition, use the ldapmodify command to give the account access to the DC Root and to the Users and Groups Directory Server suffix. Be sure to modify the aci.ldif file for each suffix.
- Refer to the iPlanet Messaging Server Provisioning Guide for more information on using the ldapmodify command when modifying access to accounts.
Click the Configuration Tab in the consumer Netscape Directory Server Console.
In the Settings Tab, enter the supplier Users and Groups Directory Server in the Referrals to: field.
Set the User Directory Host and Port to point to the consumer Users and Groups Directory Server. To do so, go to the Netscape Console window, and click the Directory button in the Users and Groups Tab.
Install Messaging Server starting as explained in the previous scenarios. See Installation Scenarios for more information.
- Be sure to install Messaging Server with the distinguished name (DN) of the replicated Users and Groups Directory Server account that you created in Step 2 of this section.
Post-Installation Configuration
The following section describes post-installation steps you should review prior to testing your messaging system.
Configuring SMTP Blocking
The Messaging Server is by default configured to block attempted SMTP relays; that is, it rejects attempted message submissions to external addresses from unauthenticated external sources (external systems are any other system than the host on which the server itself resides). This default configuration is quite aggressive in blocking SMTP relaying in that it considers all other systems to be external systems.After installation, it is important to manually modify your configuration to match the needs of your site. Specifically, your messaging server should recognize its own internal systems and subnets from which SMTP relaying should always be accepted. If you do not update this configuration, you might encounter problems when testing your MTA configuration.
IMAP and POP clients that attempt to submit messages via the Messaging Server system's SMTP server destined for external addresses, and who do not authenticate using SMTP AUTH (SASL), will find their submission attempts rejected. Which systems and subnets are recognized as internal is normally controlled by the INTERNAL_IP mapping table, which may be found in the file server-instance/imta/config/mappings.
For instance, on an Messaging Server system whose IP address is 123.45.67.89, the default INTERNAL_IP mapping table would appear as follows:
INTERNAL_IP
<blank line>
<space> $(123.45.67.89/32) $Y
<space> 127.0.0.1 $Y
<space> * $NHere the initial entry, using the $(IP-pattern/signicant-prefix-bits) syntax, is specifying that any IP address that matches all 32 bits of 123.45.67.89 should match and be considered internal. The second entry recognizes the loopback IP address 127.0.0.1 as internal. The final entry specifies that all other IP addresses should not be considered internal.
You may add additional entries by specifying additional IP addresses or subnets before the final $N entry. These entries must specify an IP address or subnet (using the $(.../...) syntax to specify a subnet) on the left side and $Y on the right side. Or you may modify the existing $(.../...) entry to accept a more general subnet.
For instance, if this same sample site has a class-C network, that is, it owns all of the 123.45.67.0 subnet, then the site would want to modify the initial entry so that the mapping table appears as follows:
INTERNAL_IP
<blank line>
<space> $(123.45.67.89/24) $Y
<space> 127.0.0.1 $Y
<space> * $NOr if the site owns only those IP addresses in the range 123.45.67.80-123.45.67.99, then the site would want to use:
Note that the server-instance/imsimta test -match utility can be useful for checking whether an IP address matches a particular $(.../...) test condition. The imsimta test -mapping utility can be more generally useful in checking that your INTERNAL_IP mapping table returns the desired results for various IP address inputs.
After modifying your INTERNAL_IP mapping table, be sure to issue the server-instance/imsimta refresh command so that the changes take effect.
Further information on the mapping file and general mapping table format, as well as information on imsimta command line utilities, can be found in the iPlanet Messaging Server Reference Manual. In addition, information on the INTERNAL_IP mapping table can be found in the iPlanet Messaging Server Administrator's Guide.
Previous Contents Index Next
Copyright © 2002 Sun Microsystems, Inc. All rights reserved.
Last Updated February 26, 2002