test

Deployment Example: Sun Java System Communications Services for Access Anywhere (EdgeMail)

ProcedureTo Configure Instant Messaging on the FE Servers

Configure Instant Messaging services on two of the FE systems, fe-amer-11.example.com and fe-amer-12.example.com.

Steps

  1. Run the Instant Messaging configurator:


    # cd /opt/SUNWiim
# ./configure -nodisplay

   Components to configure:
         Sun Java System Instant Messaging Server
         Sun Java System Instant Messenger Resources
   
   Host name:        im-amer
   DNS Domain name:  example.com
   User ID:          iimuser
   Group ID:         iimgroup
   
   Instant Messaging Server runtime files directory:  /var/opt/SUNWiim

   Instant Messaging Server Configuration:
          Domain Name:             example.com
          IM Server port:          9999
          Multiplexor port:        9909
          Disable Server:          yes
          Remote Server Hostname:  im-amer-01.us.example.com
          Messenger Resources Code Base URL:  http://im-amer.example.com:80

   Start Instant Messaging Services after successful configuration:  no
   Start Instant Messaging Services on system startup:               yes

  2. Add the SSL certificates


    # cd /usr/local/cert/SUN_PKI.cert/im-amer
# cp cert8.db /opt/SUNWwbsvr/alias/https-im-amer-cert8.db
# cp key3.db /opt/SUNWwbsvr/alias/https-im-amer-key3.db
# cp secmod.db /opt/SUNWwbsvr/alias/secmod.db
# cp cert8.db /etc/opt/SUNWiim/default/config/https-im-amer-cert8.db
# cp key3.db /etc/opt/SUNWiim/default/config/https-im-amer-key3.db
# cp secmod.db /etc/opt/SUNWiim/default/config/secmod.db
# cp PW /etc/opt/SUNWiim/default/config/PW
# cd /opt/SUNWwbsvr/alias
# chmod 644 *
# cd /etc/opt/SUNWiim/default/config
# mv PW sslpassword.conf
# chown iimuser:iimgroup *

  3. Edit the /etc/opt/SUNWiim/default/config/sslpassword.conf file and change it to the following format:


    Internal (Software) Token:password_from_PW_file

  4. Edit the /etc/opt/SUNWiim/default/config/iim.conf file and verify the following parameters: 


    iim.smtpserver = "mail-amer-xfr.example.com"
iim.instancedir = "/opt/SUNWiim"
iim.instancevardir = "/var/opt/SUNWiim/default"
iim.user = "iimuser"
iim.group = "iimgroup"
iim_ldap.host = "empldap1.us.example.com:389"
iim_ldap.searchbase = "dc=example,dc=com"
iim_ldap.usergroupbinddn = ""
iim_ldap.usergroupbindcred = ""
iim.log.iim_server.severity = "INFO"
iim.log.iim_mux.severity = "INFO"
iim.log.iim_wd.severity = "INFO"
iim_server.domainname = "example.com"
iim_server.useport = "True"
iim_server.port = "5269"
iim_server.usesslport = "False"
iim_server.enable = "false"
iim_server.clienttimeout = "15"
iim_server.usesso = "0"
iim.policy.modules = "iim_ldap"
iim.userprops.store = "file"
iim_mux.listenport = "im-amer.example.com:9909"
iim_mux.serverport = "im-amer-01.us.example.com:9999"
iim_mux.enable = "true"
iim_mux.numinstances = "4"
iim_mux.maxthreads = "10"
iim_mux.maxsessions = "1000"

! SSL settings
iim_mux.usessl = "on"
iim_mux.secconfigdir = "/etc/opt/SUNWiim/default/config"
iim_mux.keydbprefix = "https-im-amer-"
iim_mux.certdbprefix = "https-im-amer-"
iim_mux.secmodfile = "secmod.db"
iim_mux.certnickname = "Server-Cert"
iim_mux.keystorepasswordfile = "sslpassword.conf"

iim_wd.enable = "true"
iim_wd.period = "300"
iim_wd.maxRetries = "3"
! Calendar agent stuff - disable on the FEs
iim_agent.enable = "false"
iim_agent.agent-calendar.enable = "false"

  5. Edit the IM client resources to force the use of SSL (all language files must be edited

  6. Edit /opt/SUNWiim/html/index.html, search for and change all instances of the following:


    im.html to imssl.html
im.jnlp to imssl.jnlp

  7. Perform the same edits on the index.html files for all languages. The index.html file is found in the following directories: 


    /opt/SUNWiim/html/de
/opt/SUNWiim/html/es
/opt/SUNWiim/html/fr
/opt/SUNWiim/html/ja
/opt/SUNWiim/html/ko
/opt/SUNWiim/html/zh
/opt/SUNWiim/html/zh_TW