All steps under in Chapter 3, Solaris Installation and Configuration must be completed, especially parts pertaining to FE nodes.
Directory Server on port 34389 in /opt/ds must be installed and configured.
Admin Server must be installed and configured.
Web Server must be installed for MailFilters.
Messaging Server must be installed and patched.
FOUNDRY: set up loopback for mail-amer.example.com and use mail VIP for install and configuration.
NAUTICUS: use hostname of d1 server for install and configuration: d1-amer-01.example.com.
Run configure Always check the silent install file before using it.
# cd /opt/SUNWmsgsr/sbin # ./configure -nodisplay -noconsole -state /var/bits/silent/BE/FE_RAMESH/d1-msg-configure.cnf |
Backup configdir with db2ldif to ensure a good copy is saved
# cd /opt/ds/slapd-cfg # ./db2ldif |
Disable POP and IMAP
# configutil -o service.pop.enable -v 0 # configutil -o service.pop.enablesslport -v 0 # configutil -o service.imap.enable -v 0 # configutil -o service.imap.enablesslport -v 0 |
Verify msg-admin account for your geo; setup if needed; add to group similar to BE process
1. ldapsearch -h ds-amer-0[123] -b dc=example,dc=com uid=msg-admin-mail-amer.example.com dn |
IF uid is NOT in ldap , create ldap entry for your msg-admin user. Create ldap file .e.g call it msg-admin.ldif with contents (modify contents for your geo):
dn: uid=msg-admin-mail-sfbay.example.com,ou=People, dc=example,dc=com givenName: Messaging End User SFBAY userPassword: {SSHA}ttW9Pash8si8u81XCWAXwV9Hfk9JRBti/yOJMw== objectClass: top objectClass: person objectClass: inetorgperson objectClass: iplanet-am-managed-person objectClass: organizationalPerson cn: Messaging End User SFBAY Administrator sn: Administrator uid: msg-admin-mail-sfbay.example.com |
Add the entry to ldap
ldapmodify -h ds-amer-0[123] -D "cn=Directory Manager" -w password -a -f ./msg-admin.ldif |
IF uid IS in ldap, then verify the msg-admin user for your geo is a uniqueMember in the ou=groups entry for cn=Messaging End User Administrators
ldapsearch -h ds-amer-01 -b dc=example,dc=com cn="Messaging End User Administrators Group" uniqueMember |\ grep msg-admin-mail-amer |
If necessary add in your msg-admin user to the Administrators Group using an ldap browser or ldapmodify command. Note: any entries with long time stamps should probably be removed in a clean up effort. However, it is suggested that you clean up entries only for geo you are configuring.
Change the following:
ImapProxyAservice.cfg default:BindDN "uid=msg-admin-mail-amer.example.com, ou=People, dc=example, dc=com" default:BindPass (verify PW for your msg-admin user and reset if needed) configutil values local.service.pab.ldapbinddn (same DN as above) local.ugldapbinddn (same DN as above) local.ugldapbindcred (same PW as above) local.service.pab.ldappasswd (same PW as above) |
Restart messaging and test. Use e.g. ImapProxy log to see if authentication is working as expected. Edit LDIF or configuration information as needed; it all needs to match.
|
Enable SSL by following the procedures To Request an SSL Certificate and To Install an SSL Certificate. Messaging Server uses the /opt/SUNWmsgsr/config/sslpassword.conf file.