iPlanet Messaging Server 5.2 Migration Guide: Chapter 3 Scenarios and Procedures for Migrating a Single-Server System to the iPlanet Messaging Server

Previous Contents Index Next

iPlanet Messaging Server 5.2 Migration Guide

Chapter 3 Scenarios and Procedures for Migrating a Single-Server System to the iPlanet Messaging Server

This chapter describes the procedures for migrating from a SIMS 4.0 or Netscape Messaging Server 4.x single-server system¹ to an iPlanet Messaging Server system.The four scenarios in this chapter to cover many SIMS 4.0 and Netscape Messaging Server 4.x deployments. Note, however, that each deployment is unique, and your particular situation may require some modification of these procedures.

Note Please read this entire book to become familiar with all aspects of your particular migration issues. Once you feel comfortable with the process, back up all directory and message store data, and practice migration on a small number of users before attempting to migrate the whole system.

The sections in this chapter are:

"Upgrading from a Single-Server SIMS System Using the Offline Message Store Migration Method"

"Upgrading from a Single-Server SIMS System Using the On-line Message Store Migration Method"

"Upgrading from a Single-Server SIMS System Using the Incremental Message Store Migration Method"

"Migrating from a Single-Server Netscape Messaging Server System"

Upgrading from a Single-Server SIMS System Using the Offline Message Store Migration Method

Scenario Assumptions:

iPlanet Messaging Server to replace SIMS 4.0 on the same host

Mail service will be unavailable (offline) while message store is being migrated.

System uses the Netscape Directory Server 4.12 (directory server can be on the same host or a different host)

SIMS user/group Directory Suffix: o=internet
SIMS/iPlanet Messaging Server Mail server name: mail.siroe.com
Master Directory Server: mail.siroe.com
Directory Server Bind password: secret
SIMS Default Organization DN: dc=siroe,dc=com,o=internet
User/group entries are contained in the DC Tree (one DIT)
Migration Procedures:

Backup the directory server database.

The command is DirServer_instance_root/bin/db2ldif. Refer to the Netscape Directory Server documentation for complete instructions: http://docs.iplanet.com/docs/manuals/directory.html#dirserver41

Enable multi-schema support (SIMS/Netscape Messaging Server/iPlanet Messaging Server).

Add the merged schema files (merged.oc.conf and merged.at.conf) to the directory server. This directory server will be used by the iPlanet Messaging Server as the user/group server. Refer to "Supporting a Multiple Schemas".

Ensure that all the messages in the SMTP server queues server are processed and that the queues are empty.

One way to do this is to stop dispatcher:

/opt/SUNWmail/sbin/imta stop dispatcher

At this point the SMTP server is shut down, however the job controller continues to process messages in the queue. You can verify that the queues are empty by entering the following command:

/opt/SUNWmail/sbin/imta qm counters

Stop SIMS.

Use: /opt/SUNWmail/sbin/im.server stop.

Make sure all SIMS processes are stopped. Do not stop the LDAP server, slapd. During this time mail cannot be sent or received.

(Skip this step if you have enough system disk space to hold two and a half times the size of the message store.) Backup the SIMS message store on another device (for example, a tape drive) using the SIMS imbackup command.

This SIMS message store backup copy will be moved to the iPlanet Messaging Server message store in a later step. An example of using the imbackup command to backup to tape is as follows:

imbackup -f /dev/rmt/0

If you have the extra disk space you can minimize downtime by leaving the SIMS message store in place and streaming the data from imbackup directly to imsrestore as described in Step 10.

Install and configure the iPlanet Messaging Server including the bundled directory server. Stop all iPlanet Messaging Server processes.

During installation do not specify the existing SIMS directory server as the server for storing user/group information. This will be done later, but for now a new directory server must be installed to store configuration data for the iPlanet Messaging Server. Answer No to the following install question:

Do you want to use another directory to store your data? [No]:

Use the default installation options, but do not use the same directory server network port used by the SIMS directory server. This is typically 389. You may use 390 instead. User and mailing list entries will remain on the existing directory server.

Note that the installer starts all the server processes at the end of install. You will want to stop all processes after installation. As root do the following:

instance_root/stop-msg

Change the iPlanet Messaging Server configuration to point to the user/group directory server used by SIMS. This can be run concurrently with the previous step.

Use configutil to change the following configuration parameters:

local.ugldapbasedn = o=internet (Suffix which SIMS 4.0 used to store their users)
local.ugldapbinddn = "cn=Directory Manager" (DS bind DN)
local.ugldapbindcred = secret (DS bind password)
local.ugldapdeforgdn = "dc=siroe,dc=com,o=internet" (Default organization DN)
local.ugldaphost = mail.siroe.com (The host where user/group ldap server located)
local.ugldapport = 389 (The port where the user/group LDAP server is located)

If the old SIMS server is using "+" as the login separator, change it in the iPlanet Messaging Server as well, since "@" is the default.

Use the following command:

configutil -o service.loginseparator -v +

Upgrade domain, user and group directory entries to use the iPlanet Messaging Server schema.

Upgrade domain entries using the imsdirmig command (see Appendix A "Command-Line Interface):

imsdirmig -h mail.siroe.com -b "o=internet" -M sims -D "cn=Directory Manager" -w secret -m domains

In this case all domains under o=internet are upgraded.

Upgrade user/group entries:

imsdirmig -h mail.siroe.com -b "o=internet" -M sims -D "cn=Directory Manager" -w secret -m both

In this case all user/group entries under o=internet are upgraded.

Convert the SIMS message store to the iPlanet Messaging Server message store.

This step is accomplished by backing up the SIMS message store using imsbackup and restoring the message store to the iPlanet Messaging Server using imsrestore. The procedures are described below.

Note If the LDAP directory has any user identifications (UIDs) with uppercase characters, then you MUST use imsrestore with the -u filename option to rename the user's SIMS message store—which is always lowercase—to the UID in the LDAP directory that has uppercase characters.
For example, if your LDAP directory has two UIDs with upper-case characters called Anderson and Kolander, you will have two user message stores in SIMS called anderson and kolander. You will need to use the -u filename option with imsrestore to rename those iPlanet Messaging Server message stores to Anderson and Kolander. The contents of filename would be:
anderson=Anderson
kolander=Kolander
Failure to do this, will result in user's with uppercase characters in their UIDs NEVER being able to access their migrated mail. If the LDAP directory has no UIDs with uppercase characters, then you do not need to follow these procedures.

If you backed up the SIMS message store on tape or some other device as instructed in Step 5, restore/convert it to the iPlanet Messaging Server message store using the following command. If you didn't back up the message store to some other device, skip this sub-step and go to Step b.

Note Characters in a mailbox name that are not encoded in MUTF-7 (Modified Unicode Tranformation Format, see RFC 2060) will be replaced with blank spaces by imsrestore. Users can correct folder names through their mail client. To avoid folder names being translated into the same name, use the -n option of imsrestore.

configutil -o "local.store.synclevel" -v 0
instance_root/start-msg store
imsrestore -f /dev/rmt/0 -cy -n -v1

If you have extra disk space, convert the SIMS message store directly to the iPlanet Messaging Server message store using the following commands:

configutil -o "local.store.synclevel" -v 0
instance_root/start-msg store
imbackup -f- -u user_file | server_root/bin/msg/store/bin/imsrestore -f- -cy -n -v1

where user_file is a file containing user mailbox names. Split the user entries into equal groups for each user file and run 10 to 15 concurrent backup/restore sessions for optimal restore speed.

After conversion is complete, change the sync level:

configutil -o local.store.synclevel -v -1

Stop stored.

instance_root/stop-msg store

Start the iPlanet Messaging Server.

Run the command imsimta dirsync -F on the iPlanet Messaging Server and start all other server processes using the 'start-msg' command. At this point, the iPlanet Messaging Server is fully functional.

Note The default configuration of the newly installed iPlanet Messaging Server blocks all SMTP relaying. To align default configuration to your site policy, refer to "SMTP Relay Function".

Before installing the iPlanet Delegated Administrator for Messaging, add the appropriate ACIs.

The imsdaaci command, packaged with the migration toolkit and shown below, generates an LDIF file that can be used to create a Delegated Administrator Service Administrator Group and Delegated Administrator Domain Administrator Group along with the required ACIs.

server_root/bin/msg/migrate/bin/imsdaaci

Use ldapmodify to add the LDIF file into the DIT. For an explanation of the ACIs refer to the iPlanet Messaging Server Provisioning Guide.

Upgrading from a Single-Server SIMS System Using the On-line Message Store Migration Method

The following step-by-step procedures describe how to migrate a single-server SIMS email system to a single server iPlanet Messaging Server using the on-line message store migration method.
Scenario Assumptions:

iPlanet Messaging Server will be installed on either a new host or the same as host of the current SIMS 4.0 system.

The directory server is Netscape Directory Server 4.12 and can be on the same host as SIMS or on a different host. A new directory server will be installed for iPlanet Messaging Server, but it will only contain server configuration data. The old directory, that is, the directory supporting SIMS, will support the new iPlanet Messaging Server with the same (but upgraded) user, group, and domain entries.

The SIMS message store will be migrated to the iPlanet Messaging Server message store while the server is active and on-line. Messages being migrated will be mixed in with new messages delivered before the migration process.

These assumptions are for an example of a system being installed on a new host. We will note where the procedures are different when the iPlanet Messaging Server has been installed on the same host. Assumptions:
SIMS user/group Directory Suffix: o=internet
SIMS Mail server name: oldmail.siroe.com
iPlanet Messaging Server Mail server name: newmail.siroe.com
Master Directory Server: ldap.siroe.com
Directory Server Bind password: secret
SIMS Default Organization DN: dc=siroe,dc=com,o=internet
Migration Procedures:

Backup the directory server database.

The command is DirServer_instance_root/bin/db2ldif. Refer to the Netscape Directory Server documentation for complete instructions. http://docs.iplanet.com/docs/manuals/directory.html#dirserver41

Enable multi-schema support (SIMS/Netscape Messaging Server/iPlanet Messaging Server) by adding the merged schema files (merged.oc.conf and merged.at.conf) to the directory server. Refer to "Supporting a Multiple Schemas".

Ensure that all the messages in the SMTP server queues server are processed and that the queues are empty.

One way to do this is to stop dispatcher:

/opt/SUNWmail/sbin/imta stop dispatcher

At this point the SMTP server is shut down, however the job controller continues to process messages in the queue. You can verify that the queues are empty by entering the following command:

/opt/SUNWmail/sbin/imta qm counters

If installing on the same host, stop SIMS:

/opt/SUNWmail/sbin/im.server stop.

Make sure all SIMS processes are stopped. Do not stop the LDAP server, slapd. During this time mail cannot be sent or received.

Install and configure the iPlanet Messaging Server, including the bundled directory server. Stop all iPlanet Messaging Server processes.

During installation do not specify the existing SIMS directory server as the server for storing user/group information. This will be done later, but for now a new directory server must be installed to store configuration data for the iPlanet Messaging Server. Answer No to the following install question:

Do you want to use another directory to store your data? [No]:

Use the default installation options, but if the directory server is being installed on the same host, do not use the same directory server network port used by the SIMS directory server. This is typically 389. You may use 390 instead. User and mailing list entries will remain on the existing directory server.

Note that the installer starts all the server processes at the end of install. Stop all processes after installation. As root do the following:

instance_root/stop-msg

Change the iPlanet Messaging Server configuration to make it point to the SIMS 4.0 user/group directory.

Use configutil to change the following configuration parameters:

local.ugldapbasedn = o=internet (Suffix which SIMS 4.0 used to store their users)
local.ugldapbinddn = "cn=Directory Manager" (DS bind DN)
local.ugldapbindcred = secret (DS bind password)
local.ugldapdeforgdn = "dc=siroe,dc=com,o=internet" (Default organization DN)
local.ugldaphost = ldap.siroe.com (The host where ldap server located)
local.ugldapport = 389

If the old SIMS server is using "+" as the login separator, change it to `+' in the iPlanet Messaging Server as well, since "@" is the default.

instance_root/configutil -o service.loginseparator -v +

(Do these steps only if the iPlanet Messaging Server is being installed on the same host as the old SIMS server (oldmail.siroe.com). If it is being installed on a different host, go to the next step.) Upgrade domain, user and mailing list directory entries to use iPlanet Messaging Server schema.

Upgrade domain entries using imsdirmig command (see Appendix A "Command-Line Interface):

imsdirmig -h ldap.siroe.com -b "o=internet" -M sims -D "cn=Directory Manager" -w secret -m domains

All domains under o=internet are upgraded.

Upgrade the user/group entries:

imsdirmig -h ldap.siroe.com -b "dc=com,o=internet" -M sims -D "cn=Directory Manager" -w secret -m both

All user/group entries under o=internet are upgraded.

Start the stored.

instance_root/start stored

Run the command imsimta dirsync -F on the iPlanet Messaging Server.

instance_root/imsimta dirsync -F

(Do these steps only if the iPlanet Messaging Server is being installed on a new host.) Upgrade domain, user and group directory entries to use iPlanet Messaging Server schema and set the mailhost attribute in the user/group entries to the new host (newmail.siroe.com).

Stop SIMS by using /opt/SUNWmail/sbin/im.server stop. Make sure all SIMS processes are stopped. Do not stop the LDAP server, slapd. During this time mail cannot be sent or received.

Upgrade domain entries to use the iPlanet Messaging Server schema.

Use the imsdirmig command (see Appendix A "Command-Line Interface):

imsdirmig -h ldap.siroe.com -b "o=internet" -M sims -D "cn=Directory Manager" -w secret -m domains -A mailroutinghosts:newmail.siroe.com

All domains under o=internet are upgraded.

Upgrade user/group entries:

imsdirmig -h ldap.siroe.com -b "dc=com,o=internet" -M sims -D "cn=Directory Manager" -w secret -m both -A mailhost:newmail.siroe.com

All user/group entries under o=internet are assigned a new mailhost and are upgraded to the new schema.

Ensure that the user clients are pointing to the new mail server. Notify them of possible temporary inaccessibility of old mail.

Have the migrated users change their mail client program to point to the new mail server (in this example, have it point to newmail.siroe.com from oldmail.siroe.com). This is necessary because a new mail host is replacing the existing mail host.

Notify users that until message store migration is completed, they will not have access to their old mail and that their mailboxes may temporarily appear to be empty. Furthermore, new incoming mail messages (that is, messages that come into the new iPlanet Messaging Server) might get mixed in with old messages when the message store migration occurs.

Start the stored.

instance_root/start stored

Run a full dirsync on newmail.siroe.com

instance_root/imsimta dirsync -F

Messages will now be routed to the newmail.siroe.com message store.

Set the iPlanet Messaging Server to be the new default messaging server for the system.

Change the A record of oldmail.siroe.com to point to newmail.siroe.com (the server responsible for domain(s) previously hosted on oldmail.siroe.com).

After migration, ensure that the mailhosts and preferredmailhost attributes of domains whose attribute values were set to oldmail.siroe.com are now set to newmail.siroe.com. For example, use the following ldapsearch command to find the domain mail entries where preferredmailhost needs to be modified:

ldapsearch -h ldap.siroe.com -b "o=internet" "(&(objectclass=maildomain)(preferredmailhost=oldmail.siroe.com))"

Use the following ldapsearch command to find the domain mail entries where mailhosts needs to be modified:

ldapsearch -h ldap.siroe.com -b "o=internet" "(&(objectclass=maildomain)(mailhosts=oldmail.siroe.com))"

Start the messaging server.

Old messages will not be retrievable until after the SIMS messages store is migrated to the iPlanet Messaging Server message store. In addition, when old messages are migrated from SIMS, they will be mixed in with new messages that went directly into the iPlanet Messaging Server message store. This could result in some incorrect arrival ordering of messages.

and start all other server processes:

instance_root/start-msg

At this point, the iPlanet Messaging Server is fully functional.

Note The default configuration of the newly installed iPlanet Messaging Server blocks all SMTP relaying. To align default configuration to your site policy, refer to "SMTP Relay Function".

Convert the SIMS message store to the iPlanet Messaging Server message store.

This step is accomplished by backing up the SIMS message store using imsbackup and restoring the message store to the iPlanet Messaging Server using imsrestore. The procedures are described below.

Note If the LDAP directory has any user identifications (UIDs) with uppercase characters, then you MUST use imsrestore with the -u filename option to rename the user's SIMS message store—which is always lowercase—to the UID in the LDAP directory that has uppercase characters.
For example, if your LDAP directory has two UIDs with upper-case characters called Anderson and Kolander, you will have two user message stores in SIMS called anderson and kolander. You will need to use the -u filename option with imsrestore to rename those iPlanet Messaging Server message stores to Anderson and Kolander. The contents of filename would be:
anderson=Anderson
kolander=Kolander
Failure to do this, will result in user's with uppercase characters in their UIDs NEVER being able to access their migrated mail. If the LDAP directory has no UIDs with uppercase characters, then you do not need to follow these procedures.

Note Characters in a mailbox name that are not encoded in MUTF-7 (Modified Unicode Tranformation Format, see RFC 2060) will be replaced with blank spaces by imsrestore. Users can correct folder names through their mail client. To avoid folder names being translated into the same name, use the -n option of imsrestore.

Upgrading on the same host: Run this command on oldmail.siroe.com

imbackup -f- -u user_file | server_root/bin/msg/store/bin/imsrestore -f- -cy -n -v1

Upgrading to a new host: Run this command on newmail.siroe.com

rsh ipaddress_of_oldmail.siroe.com /opt/SUNWmail/sbin/imbackup -f- -u user_file | server_root/bin/msg/store/bin/imsrestore -f- -cy -n -v1

where user_file is a file containing user mailbox names. Split the user entries into equal groups for each user file and run 10 to 15 concurrent backup and restore sessions to maximize the restore speed into the new message store.

Note Do not disable fsync using
configutil -o "local.store.synclevel" -v 0

Before installing the iPlanet Delegated Administrator for Messaging, add the appropriate ACIs.

The imsdaaci command, packaged with the migration toolkit and shown below, generates an LDIF file that can be used to create a Delegated Administrator Service Administrator Group and Delegated Administrator Domain Administrator Group along with the required ACIs.

server_root/bin/msg/migrate/bin/imsdaaci

Use ldapmodify to add the LDIF file into the DIT. For an explanation of the ACIs refer to the iPlanet Messaging Server Provisioning Guide

Upgrading from a Single-Server SIMS System Using the Incremental Message Store Migration Method

The following step-by-step procedures describe how to migrate a single-server SIMS email system to a single server iPlanet Messaging Server using the incremental message store migration method.
Scenario Assumptions:

iPlanet Messaging Server will be installed on a new host and will replace SIMS 4.0. (Requires extra hardware.)

The directory server is Netscape Directory Server 4.12 and can be on the same host as SIMS or on a different host. A new directory server will be installed for iPlanet Messaging Server, but it will only contain server configuration data. The old directory, that is, the directory supporting SIMS, will support the new iPlanet Messaging Server with the same (but upgraded) user, group, and domain entries.

User mailboxes will be migrated in batches rather than all at once.

SIMS user/group Directory Suffix: o=internet
SIMS Mail server name: oldmail.siroe.com
iPlanet Messaging Server Mail server name: newmail.siroe.com
Master Directory Server: ldap.siroe.com
Directory Server Bind password: secret
SIMS Default Organization DN: dc=siroe,dc=com,o=internet
Migration Procedures:

Backup the directory server database.

The command is DirServer_instance_root/bin/db2ldif. Refer to the Netscape Directory Server documentation for complete instructions. http://docs.iplanet.com/docs/manuals/directory.html#dirserver41

Enable multi-schema support (SIMS/Netscape Messaging Server/iPlanet Messaging Server) by adding the merged schema files (merged.oc.conf and merged.at.conf) to the SIMS directory servers (master and replicas). Refer to "Supporting a Multiple Schemas".

Install and configure the iPlanet Messaging Server, including the bundled directory server on the new system called newmail.siroe.com. Stop all iPlanet Messaging Server processes.

During installation do not specify the existing SIMS directory server as the server for storing user/group information. This will be done later, but for now a new directory server must be installed to store configuration data for the iPlanet Messaging Server. Answer No to the following install question:

Do you want to use another directory to store your data? [No]:

Note that the installer starts all the server processes at the end of install. You will want to stop all processes after installation. As root do the following:

instance_root/stop-msg

Change the iPlanet Messaging Server configuration so that it points to the SIMS 4.0 user/group directory. Use configutil to change the following configuration parameters:

local.ugldapbasedn = o=internet (Suffix which SIMS 4.0 used to store their users)
local.ugldapbinddn = "cn=Directory Manager" (DS bind DN)
local.ugldapbindcred = secret (DS bind password)
local.ugldapdeforgdn = "dc=siroe,dc=com,o=internet" (Default organization DN)
local.ugldaphost = ldap.siroe.com (The host where ldap server located)
local.ugldapport = 389

If the old SIMS server is using "+" as the login separator, change it to `+' in the iPlanet Messaging Server as well, since "@" is the default. You can use the following command:

configutil -o service.loginseparator -v +

Upgrade the SIMS domain entries. This procedure upgrades the domain entries with new attributes to support the iPlanet Messaging Server schema. The command is:

imsdirmig -h ldap.siroe.com -b "o=internet" -M sims -D "cn=Directory Manager" -w secret -m domains -A mailroutinghosts:newmail.siroe.com -P

This example only upgrades the domain entries, not the user or mailing list entries in the domain. This step will occur later.

Configure the dirsync command in the iPlanet Messaging Server (newmail.siroe.com)to support multi-schema LDAP entries.

Use configutil to set the following three parameters:

instance_root/configutil -o local.imta.schematag -v "sims40,ims50"
instance_root/configutil -o local.imta.ugfilter -v
"(|(objectClass=inetLocalMailRecipient)(|(objectClass=inetMailUser)(objectClass=inetMailGroup)))"
instance_root/configutil -o local.imta.sims_migrate -v True

Start the stored.

instance_root/start stored

Do a full dirsync on newmail.siroe.com.

instance_root/imsimta dirsync -F

Start all server processes on newmail.siroe.com

instance_root/start-msg

Note The default configuration of the newly installed iPlanet Messaging Server blocks all SMTP relaying. To align default configuration to your site policy, refer to "SMTP Relay Function".

Configure a SIMS 4.0 Proxy server on oldmail.siroe.com.

This step avoids the inconvenience of making users change their mail client configuration to point to newmail.siroe.com after they are migrated from oldmail.siroe.com. Once oldmail.siroe.com has been configured to act as an IMAP/POP proxy, incoming client connections are made to the appropriate mail server.

Edit the message store configuration file on oldmail.siroe.com /etc/opt/SUNWmail/ims/ims.cnf and make the following change:

ims-proxy: on

This allows the IMAP/POP server on oldmail.siroe.com to act as a proxy server while at the same time granting access to local mailboxes. oldmail.siroe.com will run as both a proxy server and a message store server.

Restart IMAP/POP server:

/opt/SUNWmail/sbin/mt.scheduler stop
/opt/SUNWmail/sbin/mt.scheduler start

Migrate a batch of users from oldmail.siroe.com to newmail.siroe.com

You can minimize user downtime (the amount of time users are blocked from accessing their mailboxes) by selecting a subset of users to migrate to the new system. We recommend migrating a small number of users at first to see how the process works. For each batch of users, perform the following steps.

Select a batch of users to migrate. Notify users that they will not be able to access their mail during the migration process.

Direct all incoming messages to these users into the Hold Channel instead of their mailboxes and lock the user's mailboxes so that they cannot be opened during migration. The command is:

imsdirmig -b "dc=siroe,dc=com,o=internet" -M sims -D "cn=Directory Manager" -w secret -m users -F "(uid=s*)" -A mailDeliveryOption:hold\;mailFolderMap:LOCK -O

In the above example, all the user entries in siroe.com whose uid value begins with an "s" (you can use any LDAP filter as per the RFC-1558) are updated with the new attributes values for mailDeliveryOption and mailFolderMap. Note that this command does not upgrade the entries to support the iPlanet Messaging Server schema. This step will occur later in the migration process.

After this command is run, these users cannot access their mailboxes, though they can continue to send mail. Incoming mail is saved in the Hold channel and will be delivered to the mailbox at the end of this step.

Run an incremental dirsync on both oldmail.siroe.com and newmail.siroe.com to pick up the changes instigated in the previous step.

Convert and move the batch of SIMS user message stores to the iPlanet Messaging Server message store.

This step is accomplished by backing up the SIMS message store using imsbackup and restoring the message store to the iPlanet Messaging Server using imsrestore. The procedures are described below.

Note If the LDAP directory has any user identifications (UIDs) with uppercase characters, then you MUST use imsrestore with the -u filename option to rename the user's SIMS message store—which is always lowercase—to the UID in the LDAP directory that has uppercase characters.
For example, if your LDAP directory has two UIDs with upper-case characters called Anderson and Kolander, you will have two user message stores in SIMS called anderson and kolander. You will need to use the -u filename option with imsrestore to rename those iPlanet Messaging Server message stores to Anderson and Kolander. The contents of filename would be:
anderson=Anderson
kolander=Kolander
Failure to do this, will result in user's with uppercase characters in their UIDs NEVER being able to access their migrated mail. If the LDAP directory has no UIDs with uppercase characters, then you do not need to follow these procedures.

Note Characters in a mailbox name that are not encoded in MUTF-7 (Modified Unicode Tranformation Format, see RFC 2060) will be replaced with blank spaces by imsrestore. Users can correct folder names through their mail client. To avoid folder names being translated into the same name, use the -n option of imsrestore.

Run the following on the iPlanet Messaging Server:

rsh SIMS_host /opt/SUNWmail/ims/sbin/imbackup -f- -u usernames_file | server_root/bin/msg/store/bin/imsrestore -f- -cy -n -v1

imbackup is executed on the SIMS host. usernames_file is a file containing user mailbox names. Split the user entries into equal groups for each user file and run 10 to 15 such backup and restore sessions at the same time for the optimal restore speed. imsrestore is run on the iPlanet Messaging Server host.

Change the user entries to point to the new iPlanet Messaging Server and unset the mailbox hold by setting mailDeliveryOption:mailbox, and mailhost:newmail.siroe.com in the user entries. Use imsdirmig with -O and -A options:

imsdirmig -b "dc=siroe,dc=com,o=internet" -M sims -D "cn=Directory Manager" -w secret -m users -F "(uid=s*)" -O -A mailDeliveryOption:mailbox\;mailhost:newmail.siroe.com

Migrated users can now access their mailboxes.

Run an incremental dirsync on newmail.siroe.com and oldmail.siroe.com.

Messages to the migrated users will now be routed by the oldmail.siroe.com MTA to the newmail.siroe.com message store.

Drain the hold queue on oldmail.siroe.com and newmail.siroe.com to redirect all messages that came into the system while users mailbox was being moved to the new server, newmail.siroe.com.

On oldmail.siroe.com:

/opt/SUNWmail/imta/sbin/hold_master -u uid -d domain

where -u specifies the name of the recipient, and -d specifies the domain to which the user belongs.

Repeat the previous step for the next batch of users/groups. See previous step.

For group entries, change the mailhost attribute to the fully qualified name of the new iPlanet Messaging Server host (example: newmail.siroe.com). If this is not done, mail will bounce to the old SIMS server when a local delivery is attempted.

imsdirmig -b "dc=siroe,dc=com,o=internet" -M sims -D "cn=Directory Manager" -w secret -m groups -F "(objectclass=inetmailgroup)" -O -A mailhost:newmail.siroe.com

This upgrades the LDAP entries for all groups.

Set the new iPlanet Messaging Server to be the new default messaging server for the system.

Change the DNS record of oldmail.siroe.com to be CNAME or A record pointing to newmail.siroe.com

Ensure that all the messages in the SMTP server queues server are processed and that the queues are empty.

One way to do this is to stop dispatcher:

/opt/SUNWmail/sbin/imta stop dispatcher

At this point the SMTP server is shut down, however the job controller continues to process messages in the queue. You can verify that the queues are empty by entering the following command:

/opt/SUNWmail/sbin/imta qm counters

Decommission old host.

After migrating all the users, upgrade all user/group directory entries to the iPlanet Messaging Server schema using imsdirmig. The command for imsdirmig is:

imsdirmig -b "o=internet" -M sims -D "cn=Directory Manager" -w secret -m both

Disable multi-schema support.

Once all the directory entries have been upgraded to iPlanet Messaging Server schema, multi-schema support is no longer needed. Using configutil, delete the following two parameters:

instance_root/configutil -o local.imta.schematag -v ""
instance_root/configutil -o local.imta.ugfilter -v ""

After migration, ensure that the mailhosts and preferredmailhost attributes of domains whose attribute values were set to oldmail.siroe.com are now set to newmail.siroe.com. For example, use the following ldapsearch command to find the domain mail entries where preferredmailhost needs to be modified:

ldapsearch -h ldap.siroe.com -b "o=internet" "(&(objectclass=maildomain)(preferredmailhost=oldmail.siroe.com))"

Use the following ldapsearch command to find the domain mail entries where mailhosts needs to be modified:

ldapsearch -h ldap.siroe.com -b "o=internet" "(&(objectclass=maildomain)(mailhosts=oldmail.siroe.com))"

Do an incremental dirsync on newmail.siroe.com

Before installing the iPlanet Delegated Administrator for Messaging, add the appropriate ACIs.

The imsdaaci command, packaged with the migration toolkit and shown below, generates an LDIF file that can be used to create a Delegated Administrator Service Administrator Group and Delegated Administrator Domain Administrator Group along with the required ACIs.

server_root/bin/msg/migrate/bin/imsdaaci

Use ldapmodify to add the LDIF file into the DIT. For an explanation of the ACIs refer to the iPlanet Messaging Server Provisioning Guide

SIMS Incremental Migration—Addendum

Message store configuration can be modified (as shown below) to enhance mailbox migration performance for the first batch of users. However, it is unsafe to run an active messaging server with this configuration in place. Our recommendation is to reset the configuration change once the first batch of user mailboxes have been migrated from the SIMS server to the iPlanet Messaging Server.
Steps for mailbox migration optimization:

Stop the messaging server after Step 12, Step c.

instance_root/stop-msg

Set the sync level to 0.

instance_root/configutil -o "local.store.synclevel" -v 0

Start the store daemon.

instance_root/start store

Return to Step 12, Step d.

After the first batch of mailbox migrations is complete, reset the sync level.

configutil -o "local.store.synclevel" -v -1

Restart the messaging server processes.

instance_root/start-msg

Migrating from a Single-Server Netscape Messaging Server System

The following step-by-step procedures describe how to migrate a single-server Netscape Messaging Server email system to a single server iPlanet Messaging Server without extra hardware.
Scenario Assumptions:

iPlanet Messaging Server will replace Netscape Messaging Server 4.x on the same server.

User and group UIDs are of the form LocalPart (example: ofanning, wallyc) or LocalPart@FQDN (example: wallyc@varrius.org, ofanning@siroe.com). If your UIDs are of a different form, see "Netscape Messaging Server 4.x Directory Namespace Limitations" for namespace limitations and workarounds.

Minimal user downtime.

The directory server is the Netscape Directory Server 4.12 and can be on the same host as the Netscape Messaging Server or on a different host. A new directory server will be installed for iPlanet Messaging Server, but it will only contain server configuration data. The old directory, that is, the directory supporting the Netscape Messaging Server, will also support the new iPlanet Messaging Server with the same, but upgraded, user, group, and domain entries.

iPlanet Messaging Server user/group Directory Suffix: o=siroe.com (existing user/group base suffix)
Master Directory Server: ldap.siroe.com
Directory Server Bind DN: cn=Directory Manager
Directory Server Bind password: secret
Netscape Messaging Server user/group base DN: o=siroe.com
iPlanet Messaging Server Default Organization DN: o=siroe.com
Directory server network port: 389
iPlanet Messaging Server server user: mailsrv

Netscape Messaging Server Migration Procedures for UNIX

We strongly recommend backing up the message store before attempting migration.

Ensure that all the messages in the SMTP server queues server are processed and that the queues are empty.

One way to do this is to change the SMTP port number and restart the SMTP server. This allows the server to continue processing any messages in the queue while not accepting messages on the standard SMTP port.

instance_root/configutil -o service.smtp.port -v 901
instance_root/stop-msg smtp
instance_root/start-msg smtp

You can verify that the queues are empty by entering the following command:

/usr/bin/mailq

Enable multi-schema support (SIMS/Netscape Messaging Server/iPlanet Messaging Server) by adding the merged schema files (merged.oc.conf and merged.at.conf) to the directory server. Refer to "Supporting a Multiple Schemas".

Run perl ims_dssetup.pl against the Netscape Messaging Server LDAP server, and chose NOT to update the schema.

See iPlanet Messaging Server Installation Guide for details.

Stop Netscape Messaging Server 4.x. Do not stop the directory server.

Reimplement Netscape Messaging Server vanity domains in iPlanet Messaging Server.

Refer to the iPlanet Messaging Server Provisioning Guide.

Restart the Netscape Messaging Server directory server.

instance_root/restart-slapd

Install the iPlanet Messaging Server in a new server root directory. You may use the default installation selections with the following exceptions:

Install a new directory server to hold configuration information, but point the new messaging system to the existing Netscape Messaging Server directory server for user/group data.

Enter the default (No) when you see the following install screen prompt:

Do you want to register this software with an existing netscape configuration directory server? [No]:

But when the following install question comes up, do not use the default answer, but answer Yes and enter the appropriate directory information:

Do you want to use another directory to store your data? [No]: Yes

For the following install prompt:

Default Organization DN [o=siroe.com,o=Old_Dir_Root]:

Use the default value (o=siroe.com,o=Old_Dir_Root). Note that this is not where the Netscape Messaging Server user entries reside. The entries will remain in the current namespace for now.

Stop all server processes.

instance_root/stop-msg

Map or modify the existing Netscape Messaging Server directory namespace to the iPlanet Messaging Server directory namespace.

Refer to "Using Existing Directory Information Trees in the iPlanet Messaging Server".

Set the default Organization Tree.

Use configutil to set local.ugldapdeforgdn to o=siroe.com

instance_root/configutil -o "local.ugldapdeforgdn" -v "o=siroe.com"

o=siroe.com is the DN of the Organization Tree that corresponds to the default domain.

Use configutil to set local.service.pab.migrate415 to 1

./configutil -o local.service.pab.migrate415 -v 1

Migrate the Netscape Messaging Server message store to iPlanet Messaging Server message store.

Change the primary store partition path to point at the Netscape Messaging Server 4.x message store path as follows:

Use the iPlanet Messaging Server Admin Console to change the message store configuration to point at all the Netscape Messaging Server 4.x mail store partitions. (See iPlanet Messaging Server Administrators Guide.)

Note When cleaning out the Netscape Messaging Server 4.x do not remove the message store directories as this is where the message store data resides.

Remove user subscriptions directory:

rmdir iMS_server_root/msg-instance/store/user/

Set up a symbolic link to the Netscape Messaging Server user's subscriptions folders:

ln -s NMS_Server_Root/msg-instance/store/user/
iMS_server_root/msg-instance/store/user/

Copy the mboxlist file:

cp NMS_Server_Root/msg-instance/store/mboxlist/data.db2
iMS_server_root/msg-instance/store/mboxlist/folder.db

Copy the quota files:

cp NMS_server_root/msg-instance/store/quota.db2 iMS_server_root/msg-instance/mboxlist/quota.db

Make sure files are owned by the mail server user. Example:

chown mailsrv iMS_server_root/msg-instance/store/mboxlist/*

Do not copy any other files!

Configure dirsync to support the new multi-system schema by using configutil to add the following two parameters:

instance_root/configutil -o local.imta.schematag -v "ims50,nms41"
instance_root/configutil -o local.imta.ugfilter -v
"(|(objectClass=inetLocalMailRecipient)(|(objectClass=mailRecipient)(objectclass=mailGroup)))"

Start the stored.

instance_root/start stored

Run a full dirsync to pick up the user and group entries.

instance_root/imsimta dirsync -F

Restart the iPlanet Messaging Server. You can now see the Netscape Messaging Server 4.x user mailboxes.

The mail server is now available for use. At this time iPlanet Messaging Server is working off the old directory entries in ldap.siroe.com using multi-schema support. New user and group entries will be created in the new directory nodes.

Note The default configuration of the newly installed iPlanet Messaging Server blocks all SMTP relaying. To align default configuration to your site policy, refer to "SMTP Relay Function".

Upgrade quota database to enable new features.

Run the following as mail server user:

su mailsrv
cd iMS_server_root/bin/msg/admin/bin
setenv CONFIGROOT iMS_server_root/msg-instance/config
./reconstruct -q
exit

Once the new server is up, upgrade all user and group directory entries to the iPlanet Messaging Server schema using imsdirmig:

imsdirmig -b "o=siroe.com" -M nms -D "cn=Directory Manager" -F "(!(cn=postmaster))" -w secret -m both

-F "(!(cn=postmaster))" is a filter which excludes the postmaster entry from migration processing. If such a filter is not specified, imsdirmig fails to process the entry and exits on the resulting error. (-c can also be specified to force imsdirmig to continue processing after it encounters an error.)

Disable multi-schema support.

Once all the directory entries have been upgraded to iPlanet Messaging Server schema, multi-schema support is no longer needed. Using configutil, delete the following two parameters:

instance_root/configutil -o local.imta.schematag -v ""
instance_root/configutil -o local.imta.ugfilter -v ""

Before installing the iPlanet Delegated Administrator for Messaging, add the appropriate ACIs.

The imsdaaci command, packaged with the migration toolkit and shown below, generates an LDIF file that can be used to create a Delegated Administrator Service Administrator Group and Delegated Administrator Domain Administrator Group along with the required ACIs.

server_root/bin/msg/migrate/bin/imsdaaci

Use ldapmodify to add the LDIF file into the DIT. For an explanation of the ACIs refer to the iPlanet Messaging Server Provisioning Guide

Netscape Messaging Server Migration Procedures for Windows NT

We strongly recommend backing up the message store before attempting migration.

Ensure that all messages in the SMTP server queues are processed and that the queues are empty.

One way to do this is to change the SMTP port number and restart the SMTP server. This allows the server to continue processing any messages in the queue while not accepting messages on the standard SMTP port.

instance_root\configutil -o service.smtp.port -v 901
instance_root\stop-msg smtp
instance_root\start-msg smtp

Wait for the queue to empty.

Run perl ims_dssetup.pl against the Netscape Messaging Server LDAP server; when prompted by ims_dssetup.pl to update the DS schema, chose to update the schema.

Enable multi-schema support (SIMS/Netscape Messaging Server/iPlanet Messaging Server) by adding the merged schema files (merged.oc.conf and merged.at.conf) to the directory server. Refer to "Supporting Multiple Schemas" in Appendix B of the iPlanet Messaging Server Migration Guide. Also, comment out any include directives for the following schema files added in the previous step: um50-common-schema.conf and ims50-schema.conf by adding a # before the include keyword and following the steps outlined in that step.

See the iPlanet Messaging Server Installation Guide for details.

Uninstall Netscape Messenger Server only, and choose to preserve the user mail store. Do not uninstall Directory Server.

Rename the msg-instance directory (where the user mail store is located) to another name, such as "mailstore".

Re-implement Netscape Messaging Server vanity domains in iPlanet Messaging Server.

Install iPlanet Messaging Server in the same server directory where Netscape Messaging Server is located. Choose NOT to install Directory Server. For the following install prompt, Default Organization DN [o=siroe.com,o=OldDirRoot], use the default value (o=siroe.com,o=OldDirRoot). Note that this is not where the Netscape Messaging Server user entries reside. The entries will remain in the current namespace for now.

Stop all server processes.

instance_root/stop-msg

Map or modify the existing Netscape Messaging Server directory namespace to the iPlanet Messaging Server directory namespace.

Refer to "Using Existing Directory Information Trees in the iPlanet Messaging Server" in Appendix B of the iPlanet Messaging Server Migration Guide.

Set the default Organization Tree.

Use configutil to set local.ugldapdeforgdn to o=sesta.com

instance_root/configutil -o "local.ugldapdeforgdn" -v "o=sesta.com"

o=sesta.com is the DN of the Organization Tree that corresponds to the default domain.

Migrate the Netscape Messaging Server message store to iPlanet Messaging Server message store.

Change the primary store partition path to point at the Netscape Messaging Server 4.x message store path as follows:

Use the iPlanet Messaging Server Administration Console to change the message store configuration to point to all the Netscape Messaging Server 4.x mail store partitions (mailstore is the example given in step 5).

Remove the user subscriptions directory.

Copy the Netscape Messaging Server message store:

NMS_server_root/mailstore/store/user/

to:

iMS_server_root/msg-instance/store/user/

(mailstore is the example given in step 5.)

Copy the mboxlist file:

NMS_server_root/mailstore/store/mboxlist/data.db2

to

iMS_server_root/msg-instance/store/mboxlist/folder.db

Copy the quota files:

NMS_server_root/mailstore/store/quota.db2

to

iMS_server_root/msg-instance/mboxlist/quota.db

Do not copy any other files!

Configure dirsync to support the new multi-system schema by using configutil to add the following two parameters:

instance_root/configutil -o local.imta.schematag
   -v "ims50,nms41"
instance_root/configutil -o local.imta.ugfilter
   -v (|(objectClass=inetLocalMailRecipient)
   (|(objectClass=mailRecipient) (objectclass=mailGroup)))

Start the stored.

instance_root/start stored

Run a full dirsync to pick up the user and group entries:

instance_root/imsimta dirsync -F

Restart iPlanet Messaging Server. You can now see the Netscape Messaging Server 4.x user mailboxes.

The mail server is now available for use. At this time iPlanet Messaging Server is working off the old directory entries in: ldap.sesta.com using multi-schema support. New user and group entries will be created in the new directory nodes.

Note The default configuration of the newly installed iPlanet Messaging Server blocks all SMTP relaying. To align default configuration to your site policy, refer to the iPlanet Messaging Server Migration Guide, Chapter 1, section titled "Netscape Messaging Server 4.x Regressions/Changes/Transitions," sub-section titled "SMTP Relay Function."

Upgrade the quota database to enable new features. Run the following as a mail server user:

cd iMS_server_root/bin/msg/admin/bin
reconstruct -q

Once the new server is up, upgrade all user and group directory entries to the iPlanet Messaging Server schema using imsdirmig:

imsdirmig -b "o=sesta.com" -M nms -D "cn=Directory Manager" -w secret -m both -F "(!(cn=postmaster))"

Disable multi-schema support.

Once all the directory entries have been upgraded to iPlanet Messaging Server schema, multi-schema support is no longer needed. Using configutil, delete the following two parameters:

instance_root/configutil -o local.imta.schematag -v ""
instance_root/configutil -o local.imta.ugfilter -v ""

Previous Contents Index Next
Copyright © 2002 Sun Microsystems, Inc. Allrights reserved.

Last Updated April 05, 2002