Sun Java System Communications Express 6 2004Q2 Administration Guide |
Chapter 1
Installing and Configuring Communications ExpressSun Java System Communications Express consists of three client modules - Calendar, Address Book and Mail.
The Calendar and Address Book client modules are deployed as a single application on any web container and are collectively referred to as the unified web client (UWC) throughout this guide. Messenger Express is the standalone web interface mail application that uses the HTTP service of the Messaging Server. Messenger Express should be deployed on the same system as the Calendar and Address Book modules. To be able to access Messenger Express from UWC, ensure that the mail.deployed parameter in uwcconfig.properties file is set to “true “ and also set the a mail related attributes mentioned in Table 4-5.
The Messenger Express Multiplexor allows you to connect to the Messenger Express deployed on another system by accepting the authentication information and routing them appropriately. Refer to Chapter 5, Configuring and Administering Multiplexor Services, of Sun Java System Messaging Server Administration Guide, for steps on how to configure your Messenger Express Multiplexor.
For the high level architecture diagram, refer to Figure 2-1.
This chapter describes how to install and configure Communications Express.
The following topics are covered in this chapter:
Installing Communications Express from Java Enterprise System InstallerTo install Communications Express follow the steps mentioned below:
- Select Sun Java System Communications Express from the list of components displayed in Sun Java Enterprise System Install Wizard.
- The Install Directories panel is displayed. Browse to specify the name of the target installation directory for each component product.
Click Next
- After a couple of panels the Configuration Type panel is displayed.
- Decide on the configuration type you want:
- Configure Now. Allows you to configure component products that permit configuration at installation time.
- Configure Later. The installer installs the packages in the specified directory paths and proceeds without configuring them. For more details, refer to the section on Choosing a Configuration Type in Chapter 2 of the Sun Java Enterprise System Installation Guide at:
- Select a configuration type and click Next.
If you choose to Configure Later, make sure that the configuration of the following products for Communications Express is done in the order mentioned:
- The Custom Configuration panel appears.
Click Next to configure other component products (if any).
- Complete the installation process.
PrerequisitesBefore running the Communications Express configurator program make sure you perform the following:
- Run comm_dssetup.pl (version6.1 rev 0.2) to update the schema details in the User/Group Directory Server. The comm_dssetup.p1 tool can be accessed from the Messaging or Calendar Server products.
Run the comm_dssetup.pl script from the Calendar or Messaging directory.
- Run comm_dssetup.pl(version6.1 rev 0.2) to update the PAB Directory Server, when the PAB Directory Server is different from User/Group Directory Server. The comm_dssetup.p1 tool can be accessed from the Messaging or Calendar Server product.
- Ensure that you have the following entry in /etc/hosts file on your Solaris system:
<ip-of system> <FQHN> <hostname>
For Example, 129.158.230.64 bugie.siroe.varrius.com budgie
- Ensure that you have configured one or more host name aliases for your system.
To configure one or more host name aliases on UNIX systems:
- Enter the configuration details for the hosts in /etc/nsswitch.conf file. For example,
hosts: files dns nis
This configuration indicates to the name service lookup the order it should use to resolve host names and host aliases. The name service lookup order is: files, dns, and nis.
- Ensure that /etc/hosts file contains two or more host names defined against your machine’s IP address.
For example, if your system IP address is 129.158.230.64, then in /etc/hosts file, you can configure the IP address as:
129.158.230.64 bugie.siroe.varrius.com budgie
or
129.158.230.64 bugie.siroe.varrius.com budgie loghost
An example of an incorrect IP address:
129.158.230.64 budgie
Configuring Communications Express
- Login as Administrator.
- Before invoking the configuration wizard set the display settings.
- Go to <uwc-basedir>/SUNWuwc/sbin directory.
uwc-basedir is the directory in which the Communications Express package is installed. It is the directory path entered for Communications Express in the Install Directories panel of the JES installer.
- Then type
./config-uwc to invoke the configuration tool in the GUI mode.
./config-uwc - nodisplay to invoke the configuration tool in the console mode.
- The configuration wizard appears. The following steps walk you through configuring Communications Express.
Note
If you are invoking the configuration wizard in a language other than English, resize the configuration panel to view its contents properly.
- Welcome.
The first panel in the configure program is a copyright page. Select Next to continue or Cancel to exit.
- Select the Directory to Store Configuration and Data Files.
Select the directory where you want Communications Express’s configuration and data files to reside. For example, /var/opt/SUNWuwc.
Note
The directory you enter here is the directory in which Communications Express is deployed. This directory is referred as <uwc-deployed-path> throughout this guide.
Click Next.
- You will see a small alert window indicating that the components are being loaded. This may take a few minutes.
- Select Components to be Configured.
Select the components you want to configure and uncheck those components you do not wish to configure.
- Network Connection.
The configuration program tries to establish a network connection using the host name and DNS domain name displayed in this panel.
Host Name. The host name on which Communication Express is being configured is displayed.
DNS Domain Name. Displays the DNS domain name maintained by the DNS Server.
Click Next.
- Select the Web Container.
Select the web container you want to use from the options displayed. The options available are:
- If you have selected Application Server to be your web container
- The Application Server Configuration Details panel appears.
Specify the following details in the panel:
Install Directory. Browse to select the local directory in which Application Server is installed.
Domain Directory. Browse to select the domain directory of the Application Server.
Document Root Directory. Browse to select the document root directory of the Application Server.
Server Instance Name. Enter a name for the Application Server Instance for which Communications Express is to be configured.
Virtual Server Identifier. Enter the virtual server identifier for which Communications Express is to be configured.
Server Instance HTTP Port. Enter the Application Server port number where an HTTP service is available. This is the HTTP port from which Communications Express application will be accessed.
Click Next.
Note
Specify the HTTP Port number here. If you want to configure a secure HTTP port number, specify it after configuring Communications Express. To configure a secure port number refer to the post configuration steps provided in the section To Use Communications Express in the SSL mode, in Chapter 3, "Configuring Your System for Communications Express".
- You will see a small pop-up window indicating that the Application Server Instance is being verified. This may take a few minutes.
An Error message is displayed if the configure tool is unable to connect to the Application Server Instance. Click Accept, to continue with the installation process or click Choose New to specify the Application Server Configuration Details again.
- Application Server Administration Instance Details.
Specify the administration instance details of the Application Server. The administration instance details is used by the configurator to configure Communications Express on Application Server.
Administration Server Port. Enter the Administration Server port number.
Note
The Application Server’s Administration port must be available for configuring Communications Express on Application Server.
Administrator User ID. Enter the administrator’s user identifier.
Administrator Password. Enter the administrator’s user password.
Secure Administration Server Instance. Select this check box to specify that the Application server’s administration instance is running in the secure mode.
Deselect the checkbox to specify that the Application server’s administration instance is running in the normal mode.
Click Next.
Depending on the selection, a pop-up window confirming the mode in which the application server’s administration instance is running appears. Click OK to exit the pop-up window.
- Module Name for this Web Application.
Enter the module name with which Communications Express should be deployed on Application Server.
Click Next.
- If you have selected Web Server to be your web container
- The Web Server Configuration Details panel is displayed.
Specify the local Web Server instance details. The web server details specified here is used by the installer to deploy Communications Express on Web Server.
Server Root Directory. Browse to select the installation root of the Web Server. For example, /opt/SUNWwbsr/
Server Instance Identifier. Enter the Web Server Instance on which Communications Express is to be deployed. For example, budgie.siroe.varrius.com.
Virtual Server Identifier. Enter the virtual server identifier on which Communications Express is to be deployed. For example, https-budgie.siroe.varrius.com
HTTP Port. Enter the HTTP port number Web Server listens to. This is the HTTP port from which Communications Express is accessed.
Note
If you want to configure a secure HTTP port number, specify it after configuring Communications Express. To configure a secure port number refer to the post configuration steps provided in the section To Use Communications Express in the SSL mode, in Chapter 3, "Configuring Your System for Communications Express".
Click Next.
- You will see a small pop-up window indicating that the Web Server Instance is being verified. This may take a few minutes
An Error message is displayed if the configure tool is unable to connect to the Web Server Instance. Click Accept, to continue with the installation process or click Choose New to specify different Web Server Configuration Details.
- Web Container User and Group.
Specifies the identity the web container uses to run the services.
Web Container User ID. The web container user identifier from the user database is displayed.
Web Container Group ID. The web container group identifier from the group database is displayed.
Click Next.
The configurator program installs some files and directories containing sensitive data, such as passwords. The ownership of these files and directories are given to web container user and group mentioned in this panel. Only the web container user is given read and write permissions to the files and directories containing sensitive data.
Note
Ensure you enter the correct web container User ID and Group ID values in this panel. Entering wrong values may result in startup failure of Communications Express.
- URI Path Setting.
Enter the URI where Communications Express should be deployed. For example, /uwc.
Click Next.
- Do you want Hosted Domain Support?
Select the option to enable hosted domain support for Communications Express.
Click Next.
- User/Group Directory (LDAP) Server Details.
Enter the following details:
LdapURL. Specify the user/group LDAP URL in the format ldap://user-group-ldap-hostname:user-group-ldap-port.
Bind DN. Enter the LDAP distinguished name of the User/Group administrator.
Bind Password. Enter the bind password for User/Group administrator.
Click Next.
- DC Tree Suffix.
Enter the base distinguished name for the DC tree suffix. This suffix will be used by Communications Express to search for configured hosted domains.
Click Next.
- Default Domain Name.
Enter the default domain name. This is the default domain that will be used when a user logs in without specifying a domain name.
- Enable Identity Server for Single Sign-on
To setup single sign-on with Identity Server, select Enable Identity Support for Sun Java System Communications Express.
- If you have enabled Identity Support for Sun Java System Communications Express the Identity Server Preferences panel is displayed.
Enter the Identity Server Preferences such as the login URL, Identity Server Administrator DN and Password in this panel.
Login URL. Specify the Identity Server Login URL in the format <protocol>://<Identity server hostname>:<Identity Server port>/<context -path-of-amserver>/UI/Login.
Admin DN. Enter the LDAP distinguished name of the Identity Server Administrator such as DN=uid=amAdmin, ou=people, <Identity Server-root suffix>
Admin Password. Enter the Password for the Identity Server administrator.
Click Next.
- Messaging Express Port
This panel appears only when mail component is selected in Select Components to be Configured panel.
Enter the port number where the Messenger Express service is available.
Note
Ensure Communications Express is deployed on the same machine on which Messenger Express is deployed.
Click Next.
- Calendar HTTP Server Host and Port Configuration
This panel appears only when calendar component is selected in Select Components to be Configured panel.
Calendar HTTP Server Host Name. Enter the Calendar Server’s host name.
Calendar HTTP Server Port Number. Enter the Calendar Server’s HTTP port number.
Click Next.
- Calendar Server Administration Details
This panel appears only when calendar component is selected in Select Components to be Configured panel.
Administrator User ID. Enter the Calendar Server’s administrator’s name. For example, calmaster.
Administrator User Password. Enter the Calendar Server’s administrator’s password.
Note
Ensure that the Calendar Admin User ID value you have entered here corresponds to the service.admin.calmaster.userid value mentioned in Calendar Server’s ics.conf file.
Click Next.
- PAB Directory Server Details.
The Personal Address Book LDAP Server contains the personal address book information for users.
LDAP URL. Specify the LDAP host and port for the PAB Store. The url should be in the format: ldap://PAB-ldap-hostname:PAB-ldap-portnumber
Bind DN. Enter the LDAP DN to be used to bind to the PAB Store. The Bind DN specified here should have appropriate privileges to manage the data under root suffix o=PiServerDB.
Password. Enter the bind password.
Click Next
- Ready to Configure
The configuration program will check for enough disk space on your machine and then outline the components it is ready to configure.
Click Configure Now, to configure the Communications Express.
Click Back, to change any of your configuration variables.
Click Cancel, to exit from the configuration program.
- A summary of tasks and the sequence status is displayed.
Click Next.
- The Configuration Summary panel lists the status of the configuration program. Click Details button to view the log.
In order to complete the configuration process, follow the post-configuration steps provided here.
Post Configuration Instructions
Note
Make sure you are familiar with the location of the Communications Express files.
All the Communications Express configuration files are located under <uwc-deployed-path>/WEB-INF/config directory. The uwc-deploy-path is the directory entered in “Select Directory to Store Configuration and Data files” panel of the configurator tool.
Refer to Chapter 3, "Configuring Your System for Communications Express," and Chapter 7, "Configuring the Client," of this guide for details on configuration parameters.
After you have configured Communications Express, perform the following steps
- If you have enabled Identity Server for Communications Express, refer to Chapter 5, "Deploying Communications Express and Identity Server," for configuration steps to be performed to enable proper operation of Identity Server with Communications Express.
- To enable the Mail component in Communications Express, configure SSO. Refer to Chapter 4, "Implementing Single Sign-On," for information on configuring Messaging Express and Communications Express.
- Customize the user’s default view after logging in. By default, Address Book is configured to be the user’s default view. You can configure the default view to Calendar or Mail by editing the parameter uwc-user-attr-sunUCDefaultApplication in uwcdomainconfig.properties file. For information on uwc-user-attr-sunUCDefaultApplication parameter refer to the section on Configuring Parameters in uwcdomainconfig.properties file.
- Go to <calendar-server-install-directory>/SUNWics5/cal/bin/config (e.g. /opt/SUNWics5/cal/bin/config).
Edit the ics.conf file and set the following:
- service.http.allowadminproxy = "yes"
- service.http.admins = <proxy admin for calendar http service>
- service.admin.calmaster.userid = <the value specified for calendar.wcap.adminid in uwcconfig.properties>
- service.admin.calmaster.cred = <the value specified for calendar.wcap.passwd in uwcconfig.properties>
- service.wcap.anonymous.allowpubliccalendarwrite = "yes"
- service.http.allowanonymouslogin = "yes"
- service.calendarsearch.ldap = "no"
- If you have edited the ics.conf file, restart Calendar Server for the changes to take effect.
- Restart Web Server, if Web Server was selected as the web container.
- Restart the Application Server, if you have selected Application Server as the web container and enabled Identity Server for Communications Express.
- Communications Express is now ready and you can access the application from:
http://Web-Container-host: Web-Container-port/URI path
where
Web-Container-host is the host name of the web container instance in which the Communications Express application is configured.
Web-Container-port is port number of the web container instance in which the Communications Express application is configured
URI path is the path specified in the URI Path Setting panel.
Unconfiguring Communications ExpressPerform the following steps if you have configured Communications Express on Web Server or Application Server and feel the need to unconfigure Communications Express:
- To unconfigure Communications Express from Web Server, use the wdeploy tool of the Web Server. Refer to the Web Server Administration Guide for steps on how to run the wdeploy tool.
- To unconfigure Communications Express from Application Server, use the asadmin tool of the Application Server. Refer to the Application Server Administration Guide for steps on how to run the asadmin tool.
Installing Communications Express without Messaging Server and using a Single Tree StructureIf you are installing Communications Express on a setup on which the Messaging Server is not installed or configured and uses a single tree namespace structure for retrieving user/group entries, you need to map the existing DIT to the dual tree namespace to retrieve user/group entries.
The sections below describes how Communications Express uses the two DIT tree mechanism and how an existing single tree namespace structure maps to the dual tree name space.
Two Tree Names Space Mechanism
The namespace of Communications Express should consist of two directory information trees (DIT), an Organization Tree and a Domain Component Tree (DC Tree). Organization Trees contain the user and group entries. The DC Tree mirrors the local DNS structure and is used by the system as an index to the Organization Tree(s) containing the data entries. The DC Tree also contains the domain’s operating parameters such as the service specific attributes.
How the Two-tree Namespace Mechanism Works
This section describes how Communications Express uses the two-DIT mechanism.
When Communications Express searches for user/group entries, it first looks at the user/group’s domain node in the DC Tree and extracts the value of the inetDomainBaseDN attribute. This attribute holds a DN reference to the organization subtree containing the actual user/group entry.
Using this model, Communications Express can support entries stored in any type of directory Tree, provided that a domain component node in the DC Tree points to the node in the Organization Tree under which the users for that domain can be found.
Why Two Directory Information Trees?
This dual-tree mechanism provides the following enhancements:
- The partitioning of data for organization-specific access control. That is, each organization can have a separate subtree in the DIT where user and group entries are located. Access to that data can be limited to users in that part of the subtree.
- The ability to have a distinct namespace for subdomains. For example, west.siroe.com and siroe.com may be mapped to separate organization subtrees allowing the creation of user entries with the same UID in each one of them.
How to map an existing DIT to the dual tree namespace?
Assuming that the root suffix for Organization tree is: o=isp
Assuming that the Organization DN that is currently being used is o=siroe.com,o=isp and the user container is ou=People,o=siroe.com,o=isp
- Create a root suffix, o=internet for DC tree.
The root suffix can be created using the Directory Server console.
- Under this DC tree root suffix, create a domain entry with DN as
dc=siroe,dc=com,o=internet.
Use the following LDIFs to create the domain entry using the ldapmodify command:
Note
Please change the Organization root, Organization Name, Organization DN, Object Classes and Attribute values mentioned in the LDIF files to reflect your deployment details.
root suffix
Organization root suffix: o=isp
Organization name: siroe
DNS domain name: siroe.com
Origanization DN: o=siroe.com,o=isp
The following Object Classes and attributes are used by mail service:
ObjectClasses:
mailDomain, nsManagedDomain
Attributes:
mailDomainStatus, preferredMailHost, mailDomainDiskQuota, mailDomainMsgQuota
mailDomainReportAddress, nsMaxDomains, nsNumUsers, nsNumDomains, nsNumMailLists
Examples of LDIF File
Use ldapmodify command to add the LDIF file entries to the DC tree