Chapter 4   Scenarios and Procedures for Migrating a Multi-Server System to the iPlanet Messaging Server


This chapter describes how to migrate from a multi-server SIMS 4.0 or Netscape Messaging Server 4.x system to an iPlanet Messaging Server system. Five scenarios to cover SIMS 4.0 and Netscape Messaging Server 4.x deployments are presented. Note, however, that each deployment is unique, and your particular situation may require some modification of these procedures.

---

Note	Please read this entire book to become familiar with all aspects of your particular migration issues. Once you feel comfortable with the process, back up all directory and message store data, and practice migration on a small number of users before attempting to migrate the whole system.

---

The sections in this chapter are:

• "Multi-Server Migration Overview"

• "Installing a Configuration Server"

• "Migrating from a SIMS Multi-Server Deployment"
  • "Upgrading SIMS Domain Entries to iPlanet Messaging Server Domain Entries"

  • "Upgrading SIMS SMTP Relay Servers"

  • "Upgrading SIMS POP/IMAP Proxy Servers"

  • "Migrating Backend SIMS Mail Store Servers to the iPlanet Messaging Server Using the Off-line Migration Method"

  • "Migrating Backend SIMS Mail Store Servers to the iPlanet Messaging Server Using the On-line Migration Method"

  • "Migrating SIMS Message Store Servers to the iPlanet Messaging Server Using the Incremental Migration Method"

• "Upgrading a Netscape Messaging Server Multi-Server Deployment"
  • "Adding the Required Naming Contexts"

  • "Upgrading Netscape Messaging Server SMTP Relay Servers"

  • "Upgrading Netscape Messaging Server MMP Servers"

  • "Migrating Netscape Messaging Server Backend Message Stores"

Multi-Server Migration Overview

---

When migrating a multiple server deployment, the basic process is as follows:

1. Install a configuration server

2. Migrate the outermost servers (SMTP relay servers and message access proxies)

3. Migrate the backend message store servers

Topology for Multiple Server Scenarios

The scenarios in this section refer to the server deployment shown in Figure 4-1. The following assumptions are made:

• Current system is either SIMS 4.0 or Netscape Messaging Server 4.15

• Server distribution is:
  • 2 inbound SMTP servers: inbound1.siroe.com & inbound2.siroe.com

  • 1 outbound SMTP relay server: outbound.siroe.com

  • 1 messaging multiplexor (MMP) proxy: mail.siroe.com

  • 2 backend (message store) servers: store1.siroe.com & store2.siroe.com

  • 1 LDAP master for user/group data and iPlanet Messaging Server configuration information: ldapmaster.siroe.com (port 389 for user/group server and port 390 for configuration server)

  • 2 LDAP replicas: ldapreplica1.siroe.com & ldapreplica2.siroe.com
    

    ---

    Note	We highly recommend backing up your LDAP database prior to making changes to the directory server.

    ---

    
    

Figure 4-1    Multiple Server Sample Scenario

Installing a Configuration Server

---

A configuration server is an LDAP server containing iPlanet Messaging Server configuration data. This is a departure for SIMS in that configuration data was stored in configuration files.

Typically you only need one configuration server per deployment. For Netscape Messaging Server deployments with an existing configuration server, you can use this machine, but you will need to install an additional directory server to be used as the new configuration server.

For SIMS, pick a machine on which you will install a new directory server to be used as the configuration server. In the examples that follow, we use the machine that holds the LDAP server containing the user/group entries (ldapmaster.siroe.com) to also host the new configuration server. ldapmaster.siroe.com will host an LDAP server for user and group entries and iPlanet Messaging Server configuration data.

1. Install only directory server from the iPlanet Messaging Server CD.

   During installation, you can choose to install only a directory server. See the Installation Guide. When you receive the follow prompt, enter 1, 2, 3.

   Sun-Netscape Alliance
   iPlanet Server Products Installation/Uninstallation
   --------------------------------------------------------------------------------

   iPlanet Server Products components:
   Components with a number in () contain additional subcomponents
   which you can select using subsequent screens.

   1. Netscape Server Products Core Components (3)
   2. Netscape Directory Suite (2)
   3. Administration Services (2)
   4. iPlanet Messaging Suite (5)

   Specify the components you wish to install [All]: 1, 2,3

   Since the existing user/group directory is using port 389, use a unused port, for example, 390.

2. Run ims_dssetup.pl to prepare the directory server for later use by the iPlanet Messaging Server installation. For more information refer to the iPlanet Messaging Server Installation Guide.

3. (For Netscape Messaging Server deployments only.) Change the default user/group server in the newly installed configuration server.
   1. Run startconsole from the server root of the configuration server.

   2. Double click on the Administration Server to bring up the console for the Admin Server.

   3. Select the Configuration tab on the Administration Server console and then the User DS tab.

   4. Select radio button for Set User Directory. Enter the LDAP Host and Port for the user/group directory (example: ldapmaster.siroe.com:389) and the User Directory Subtree (example: o=siroe.com). Press Save.

Migrating from a SIMS Multi-Server Deployment

---

This section describes how to migrate from a SIMS Multi-Server deployment to an iPlanet Messaging Server deployment. The basic steps are as follows:

• "Installing a Configuration Server".

• "Upgrading SIMS Domain Entries to iPlanet Messaging Server Domain Entries".

• "Upgrading SIMS SMTP Relay Servers".

• "Upgrading SIMS POP/IMAP Proxy Servers".

• Upgrade Backend Message Stores. There are three ways to this, and they are described in the following sections:
  • "Migrating Backend SIMS Mail Store Servers to the iPlanet Messaging Server Using the Off-line Migration Method"

  • "Migrating Backend SIMS Mail Store Servers to the iPlanet Messaging Server Using the On-line Migration Method"

  • "Migrating SIMS Message Store Servers to the iPlanet Messaging Server Using the Incremental Migration Method"

  For a description of the advantages and disadvantages of each migration method refer to "Choosing a SIMS Message Store Migration Method".

Upgrading SIMS Domain Entries to iPlanet Messaging Server Domain Entries

Before proceeding on SIMS migration you must upgrade all the SIMS domain entries to the iPlanet Messaging Server domain entries.

imsdirmig -h ldapmaster.siroe.com -b "o=internet" -M sims -D "cn=Directory Manager" -w secret -m domains -P

In this case all domains under o=internet are upgraded.

Upgrading SIMS SMTP Relay Servers

This procedure applies to SIMS inbound and outbound SMTP servers.

1. Before upgrading any SMTP or mail multiplexor (called proxy servers in SIMS) servers, you must first add the merged schema files (merged.oc.conf and merged.at.conf) to the directory server. Refer to "Supporting a Multiple Schemas".

2. Stop the old SIMS SMTP Server (inbound1.siroe.com). During this time, incoming messages will be handled by the second inbound SMTP server (inbound2.siroe.com).

   If your servers sit behind a load balancer, ensure that its configuration is modified to not redirect inbound connections to inbound1.siroe.com. If you are using round-robin DNS to do load balancing, then remove the DNS entry for the server going off-line.

3. Ensure that all the messages in the SMTP server queues server are processed and that the queues are empty.

   One way to do this is to stop the dispatcher:

   /opt/SUNWmail/sbin/imta stop dispatcher

   At this point the SMTP server is shut down, however the job controller continues to process messages in the queue. You can verify that the queues are empty by entering the following command:

   /opt/SUNWmail/sbin/imta qm counters

4. Install and configure the iPlanet Messaging Server.

   Do not install a new directory server. Enter 1,3,4 for the following prompt:

   Components with a number in () contain additional subcomponents
   which you can select using subsequent screens.

   1. Netscape Server Products Core Components (3)
   2. Netscape Directory Suite (2)
   3. Administration Services (2)
   4. iPlanet Messaging Suite (5)

   Specify the components you wish to install [All]: 1,3,4

   When you are prompted for the configuration server enter the URL and port number. (The one installed as described in "Installing a Configuration Server".)

   Enter the non-secured LDAP URL of the server that contains the
   Configuration Directory using the form:

   ldap://<hostname>:<port>

   URL of Directory Server [ldap://inbound1.siroe.com:389/]: ldap://ldapmaster.siroe.com:390

5. After installation, configure the newly installed iPlanet Messaging Server to point to the SIMS 4.0 user/group directory. Use configutil to change the following configuration parameters:

   local.ugldapbasedn = o=internet (Suffix SIMS 4.0 uses to store users)
   local.ugldapbinddn = "cn=Directory Manager" (DS bind DN)
   local.ugldapbindcred = secret (DS bind password)
   local.ugldaphost = ldapreplica1.siroe.com (ldap server located)
   local.ugldapport = 389

6. Configure dirsync to support the new multi-system schema by using configutil to add the following two parameters:

   <InstanceRoot>/configutil -o local.imta.schematag -v "ims50,sims40"

   <InstanceRoot>/configutil -o local.imta.ugfilter -v (|(objectClass=inetLocalMailRecipient)(|(objectClass=inetMailUser)(objectclass=inetmailGroup)))

7. If the old SIMS SMTP relay server is using "+" as the login separator, change it in the iPlanet Messaging Server as well, since "@" is the default. This allows users to do SMTP AUTH using the existing login separator.

   Use the following command:

   configutil -o service.loginseparator -v +

8. If this is an outbound SMTP server, enable SMTP relaying as per your site policy.
   1. If you want to allow all the nodes on your class C network to relay through the server, edit the mappings file under <server-root>/msg-<instance>/imta/config by changing "* $N" to "* $Y"

      ++++++++++++++++
      INTERNAL_IP
      
        $(192.18.74.57/24) $Y
        127.0.0.1 $Y
        * $Y
      ++++++++++++++++

   2. Then run the command imsimta cnbuild. At this point you have a fully functioning relay server.

   3. Do a full dirsync:

      <InstanceRoot>/imsimta dirsync -F

   4. Start the SMTP server.

      <InstanceRoot>/start-msg smtp

   For more information on enabling SMTP relaying, see "Adding SMTP Relaying".

9. If you have modified your load balancing configuration as described in the initial step of this procedure (Step 2), make the required readjustments.

10. Upgrade the other SMTP inbound and outbound relay servers.

Upgrading SIMS POP/IMAP Proxy Servers

Use the following procedures to upgrade from a SIMS Proxy Server to an iPlanet Messaging Server MMP.

1. Before upgrading any SMTP or mail multiplexor (called proxy servers in SIMS) servers, you must first add the merged schema files (merged.oc.conf and merged.at.conf) to the directory server. Refer to "Supporting a Multiple Schemas".

2. Stop the SIMS proxy server.

3. Install the iPlanet Messaging Server MMP. See iPlanet Messaging Server Installation Guide. During installation, provide the name of the SIMS user/group LDAP server when prompted:

   Please enter the LDAP URL to the domain component tree [ldap://siroe.com:389/o=internet]: ldap://ldapmaster.siroe.com:389/o=internet

4. If the SIMS server was using "+" as the login separator, then change the following configuration parameters in both ImapProxyAService.cfg and PopProxyAService.cfg file to accommodate the default login separator "@" for the iPlanet Messaging Server.

   #
   # list of valid delimiters
   #
   default:VirtualDomainDelim +@

   #
   # canonical delimiter
   #
   default:CanonicalVirtualDomainDelim +

Migrating Backend SIMS Mail Store Servers to the iPlanet Messaging Server Using the Off-line Migration Method

Before migrating the backend SIMS messaging servers, be sure all message access proxies and SMTP relay servers have been upgraded. For a discussion of the advantages and disadvantages of off-line migration, refer to "Off-line Message Store Migration".

Assumptions:

• iPlanet Messaging Server to replace SIMS 4.0 on the same host.

• iPlanet Messaging Server will use the existing user/group directory server and the configuration directory server.

• Mail service will be unavailable (mail access will be off-line, but incoming messages will be stored in the inbound SMTP server) while message store is being migrated.

• System uses the Netscape Directory Server 4.12.

• SIMS user/group Directory Suffix: o=internet
  SIMS/iPlanet Messaging Server backend server name: store1.siroe.com
  Master Directory Server: ldapmaster.siroe.com
  Master Directory server network port: 389
  Configuration Directory Server: ldapmaster.siroe.com
  Configuration Directory server network port: 390
  Directory Server Bind password: secret
  SIMS Default Organization DN: dc=siroe,dc=com,o=internet
  User/group entries are contained in the DC Tree (one DIT)

Migration Procedures:

1. Ensure that all the messages in the SMTP server queues server are processed and that the queues are empty.

   One way to do this is to stop dispatcher:

   /opt/SUNWmail/sbin/imta stop dispatcher

   At this point the SMTP server is shut down, however the job controller continues to process messages in the queue. You can verify that the queues are empty by entering the following command:

   /opt/SUNWmail/sbin/imta qm counters

2. Stop SIMS by using /opt/SUNWmail/sbin/im.server stop.

   Make sure all SIMS processes are stopped. During this time users cannot access their mailboxes. They can send mail through outbound SMTP server outbound.siroe.com.

3. If there is not enough system disk space to hold two and one-half times the size of the message store, the next step is to backup the SIMS message store on another device (for example, a tape drive) using the SIMS imbackup command. This SIMS message store backup will be moved to the iPlanet Messaging Server message store.

   An example of using the imbackup command to backup to tape is as follows:

   imbackup -f /dev/rmt/0

   If you have the extra disk space you can minimize downtime by leaving the SIMS message store in place and streaming the data from imbackup directly to imsrestore as described in a later step.

4. Install and configure the iPlanet Messaging Server.

   Do not install a new directory server. Enter 1,3,4 for the following prompt:

   Components with a number in () contain additional subcomponents
   which you can select using subsequent screens.

   1. Netscape Server Products Core Components (3)
   2. Netscape Directory Suite (2)
   3. Administration Services (2)
   4. iPlanet Messaging Suite (5)

   Specify the components you wish to install [All]: 1,3,4

   When you are prompted for the configuration server enter the URL and port number. (The one installed as described in "Installing a Configuration Server".)

   Enter the non-secured LDAP URL of the server that contains the
   Configuration Directory using the form:

   ldap://<hostname>:<port>

   URL of Directory Server [ldap://store1.siroe.com:389/]: ldap://ldapmaster.siroe.com:390

5. Stop all server processes.

   The installer starts all the server processes at the end of install. You will want to stop all processes after installation. As root do the following:
   
   <InstanceRoot>/stop-msg

6. Change the iPlanet Messaging Server configuration to make it point to the SIMS 4.0 user/group directory.

   Use configutil to change the following configuration parameters:

   local.ugldapbasedn = o=internet (Suffix which SIMS 4.0 used to store their users)
   local.ugldapbinddn = "cn=Directory Manager" (DS bind DN)
   local.ugldapbindcred = secret (DS bind password)
   local.ugldapdeforgdn = "dc=siroe,dc=com,o=internet" (Default organization DN)
   local.ugldaphost = ldapreplica1.siroe.com (The host where ldap replica is located)
   local.ugldapport = 389

7. Convert the SIMS message store to the iPlanet Messaging Server message store.
   1. If you backed up the SIMS message store on tape (see Step 3), restore it to the iPlanet Messaging Server message store as root using the following commands:

      configutil -o "local.store.synclevel" -v 0
      <InstanceRoot>/start-msg store
      imsrestore -f /dev/rmt/0 -cy -n -v1

   2. If you have extra disk space you can convert the SIMS message store format directly to the iPlanet Messaging Server message store as root using the following commands:

      configutil -o "local.store.synclevel" -v 0
      <InstanceRoot>/start-msg store
      imbackup -f- -u <UserFile> | <SERVERROOT>/bin/msg/store/bin/imsrestore -f- -cy -n -v1

      where <UserFile> is a file containing user mailbox names. Split the user entries into equal groups for each user file and run 10 to 15 concurrent backup and restore sessions for optimal restore speed to the new message store.

8. Once the restore is completed, change back the configuration parameter local.store.synclevel:

   configutil -o local.store.synclevel -v -1

9. Stop store.

   <InstanceRoot>/stop-msg store

10. If the old SIMS server is using "+" as the login separator, we need to change it in iPlanet Messaging Server as well, since "@" is the default. You can use the following command:

    configutil -o service.loginseparator -v +

11. Do a full dirsync:

    <InstanceRoot>/imsimta dirsync -F

12. Start the messaging server.

    <InstanceRoot>/start-msg

    At this point, the backend server is fully functional.
    

    ---

    Note	The default configuration of the newly installed iPlanet Messaging Server blocks all SMTP relaying. To align default configuration to your site policy, refer to "SMTP Relay Function".

    ---

    
    

13. Migrate the next backend server.

    Go to step 1 and repeat for each remaining backend server.

14. After all backend servers are migrated, do the following steps:
    1. Upgrade user and group entries to use iPlanet Messaging Server schema.

       Use imsdirmig:

       imsdirmig -b "o=internet" -M sims -F "(mailhost=store1.siroe.com)" -D "cn=Directory Manager" -w secret -m both

       In this case all user/group entries under o=internet are upgraded.

    2. Disable multi-schema support on all SMTP servers (backend message store servers, SMTP relay servers, etc.).

       Once all the directory entries have been upgraded to iPlanet Messaging Server schema, multi-schema support is no longer needed. Using configutil, delete the following two parameters:

       <InstanceRoot>/configutil -o local.imta.schematag -v ""
       <InstanceRoot>/configutil -o local.imta.ugfilter -v ""

    3. Modify the system to support the iPlanet Delegated Administrator for Messaging.

       The imsdaaci command, packaged with the migration toolkit and shown below, generates an LDIF file that can be used to create a Delegated Administrator Service Administrator Group and Delegated Administrator Domain Administrator Group along with the required ACIs.

       <ServerRoot>/bin/msg/migrate/bin/imsdaaci

       Use ldapmodify to add the LDIF file into the DIT. For an explanation of the ACIs refer to the iPlanet Messaging Server Provisioning Guide

Migrating Backend SIMS Mail Store Servers to the iPlanet Messaging Server Using the On-line Migration Method

Before migrating the backend messaging servers, be sure all message access proxies and SMTP relay servers have been upgraded. For a discussion of the advantages and disadvantages of off-line migration, refer to "On-line Message Store Migration". The migration process will differ depending on whether you have extra hardware or not. If you do not have extra hardware see "Migration Procedures for Multi-Server, On-line, No Extra Hardware:". If you have extra hardware see "Migration Procedures for Multi-Server, On-line, Extra Hardware".

Assumptions:

• iPlanet Messaging Server to replace SIMS 4.0 on the same host or a new host.

• iPlanet Messaging Server will use the existing user/group directory server and the configuration directory server.

• The directory server is Netscape Directory Server 4.12 and can be on the same host as SIMS or on a different host. A new directory server has already been installed to hold the iPlanet Messaging Server configuration data (see "Installing a Configuration Server"). The old directory, that is, the directory supporting SIMS, will support the new iPlanet Messaging Server with the same (but upgraded) user, group, and domain entries.

• The SIMS message store will be migrated to the iPlanet Messaging Server message store while the server is active and on-line. Messages being migrated will be mixed in with new messages delivered during the migration process.

• These assumptions are for an example of a system being installed on a new host. Assumptions:
  SIMS user/group Directory Suffix: o=internet
  SIMS Mail server name: store1.siroe.com
  iPlanet Messaging Server Mail server name: store1.siroe.com (same host) or newstore1.siroe.com (if new host)
  Master Directory Server: ldapmaster.siroe.com
  Master Directory server network port: 389
  Configuration Directory Server: ldapmaster.siroe.com
  Configuration Directory server network port: 390
  Directory Server Bind password: secret
  SIMS Default Organization DN: dc=siroe,dc=com,o=internet

Migration Procedures for Multi-Server, On-line, No Extra Hardware:

1. Ensure that all the messages in the SMTP server queues server are processed and that the queues are empty.

   One way to do this is to stop dispatcher:

   /opt/SUNWmail/sbin/imta stop dispatcher

   At this point the SMTP server is shut down, however the job controller continues to process messages in the queue. You can verify that the queues are empty by entering the following command:

   /opt/SUNWmail/sbin/imta qm counters

2. Stop SIMS by using /opt/SUNWmail/sbin/im.server stop.

   Make sure all SIMS processes are stopped. During this time users cannot access their mailboxes. They can send mail through outbound server outbound.siroe.com.

3. Install and configure the iPlanet Messaging Server.

   Do not install a new directory server. Enter 1,3,4 for the following prompt:

   Components with a number in () contain additional subcomponents
   which you can select using subsequent screens.

   1. Netscape Server Products Core Components (3)
   2. Netscape Directory Suite (2)
   3. Administration Services (2)
   4. iPlanet Messaging Suite (5)

   Specify the components you wish to install [All]: 1,3,4

   When you are prompted for the configuration server enter the URL and port number. (The one installed as described in "Installing a Configuration Server".)

   Enter the non-secured LDAP URL of the server that contains the
   Configuration Directory using the form:

   ldap://<hostname>:<port>

   URL of Directory Server [ldap://store1.siroe.com:389/]: ldap://ldapmaster.siroe.com:390

4. Stop all server processes.

   The installer starts all the server processes at the end of install. You will want to stop all processes after installation. As root do the following:

   <InstanceRoot>/stop-msg

5. Change the iPlanet Messaging Server configuration to make it point to the SIMS 4.0 user/group directory.

   Use configutil to change the following configuration parameters:

   local.ugldapbasedn = o=internet (Suffix which SIMS 4.0 used to store their users)
   local.ugldapbinddn = "cn=Directory Manager" (DS bind DN)
   local.ugldapbindcred = secret (DS bind password)
   local.ugldapdeforgdn = "dc=siroe,dc=com,o=internet" (Default organization DN)
   local.ugldaphost = ldapreplica1.siroe.com (The host where ldap replica is located)
   local.ugldapport = 389

6. If the old SIMS server is using "+" as the login separator, we need to change it in iPlanet Messaging Server as well, since "@" is the default. You can use the following command:

   configutil -o service.loginseparator -v +

7. Run a full dirsync on the SMTP relay servers and the upgraded backend stores.

   <InstanceRoot>/imsimta dirsync -F

8. Start the messaging server.

   Start all other server processes:

   <InstanceRoot>/start-msg

   At this point, the iPlanet Messaging Server is fully functional (users can log in, new messages are delivered, etc.). Normal deferred message processing delivers deferred messages on the inbound SMTP servers to store1.siroe.com.
   

   ---

   Note	The default configuration of the newly installed iPlanet Messaging Server blocks all SMTP relaying. To align default configuration to your site policy, refer to "SMTP Relay Function".

   ---

   
   

9. Migrating SIMS mailboxes to iPlanet Messaging Server.

   Users will not be able to retrieve messages until after the SIMS message store is migrated to the iPlanet Messaging Server message store. The situation may arise where they see a temporarily empty mailbox. In addition, when old messages are migrated from SIMS, they will be mixed in with new messages that went directly into the iPlanet Messaging Server message store. This could result in some incorrect ordering of the messages.

   Run this command on store1.siroe.com

   imbackup -f- -u <user> | <ServerRoot>/bin/msg/store/bin/imsrestore -f- -cy -n -v1

   where <UserFile> is a file containing user mailbox names. Split the user entries into equal groups for each user file and run 10 to 15 concurrent backup and restore sessions to maximize the restore speed into the new message store.
   

   ---

   Note	Do not disable fsync using configutil -o "local.store.synclevel" -v 0

   ---

   
   

10. Repeat this process for all other SIMS backend message store servers.

    Go to step 1.

11. After all backend message stores have been migrated do the following steps.
    1. Upgrade user and group entries to use iPlanet Messaging Server schema.

    Use imsdirmig:

    imsdirmig -h ldapmaster.siroe.com -b "o=internet" -M sims -F (mailhost=store1.siroe.com) -D "cn=Directory Manager" -w secret -m both

    In this case all user/group entries under o=internet are upgraded.

    1. Disable multi-schema support on all SMTP servers (backend message store servers, SMTP relay servers, etc.).

       Once all the directory entries have been upgraded to iPlanet Messaging Server schema, multi-schema support is no longer needed. Using configutil, delete the following two parameters:

       <InstanceRoot>/configutil -o local.imta.schematag -v ""
       <InstanceRoot>/configutil -o local.imta.ugfilter -v ""

    2. Modify the system to support the iPlanet Delegated Administrator for Messaging.

       The imsdaaci command, packaged with the migration toolkit and shown below, generates an LDIF file that can be used to create a Delegated Administrator Service Administrator Group and Delegated Administrator Domain Administrator Group along with the required ACIs.

       <ServerRoot>/bin/msg/migrate/bin/imsdaaci

       Use ldapmodify to add the LDIF file into the DIT. For an explanation of the ACIs refer to the iPlanet Messaging Server Provisioning Guide

Migration Procedures for Multi-Server, On-line, Extra Hardware

1. Install and configure the iPlanet Messaging Server on the new machine (newstore1.siroe.com).

   Do not install a new directory server. Enter 1,3,4 for the following prompt:

   Components with a number in () contain additional subcomponents
   which you can select using subsequent screens.

   1. Netscape Server Products Core Components (3)
   2. Netscape Directory Suite (2)
   3. Administration Services (2)
   4. iPlanet Messaging Suite (5)

   Specify the components you wish to install [All]: 1,3,4

   When you are prompted for the configuration server enter the URL and port number. (The one installed as described in "Installing a Configuration Server".)

   Enter the non-secured LDAP URL of the server that contains the
   Configuration Directory using the form:

   ldap://<hostname>:<port>

   URL of Directory Server [ldap://newstore1.siroe.com:389/]: ldap://ldapmaster.siroe.com:390

2. Stop all server processes.

   The installer starts all the server processes at the end of install. You will want to stop all processes after installation. As root do the following:

   <InstanceRoot>/stop-msg

3. Change the iPlanet Messaging Server configuration to make it point to the SIMS 4.0 user/group directory.

   Use configutil to change the following configuration parameters:

   local.ugldapbasedn = o=internet (Suffix which SIMS 4.0 used to store their users)
   local.ugldapbinddn = "cn=Directory Manager" (DS bind DN)
   local.ugldapbindcred = secret (DS bind password)
   local.ugldapdeforgdn = "dc=siroe,dc=com,o=internet" (Default organization DN)
   local.ugldaphost = ldapreplica1.siroe.com (The host where ldap replica is located)
   local.ugldapport = 389

4. If the old SIMS server is using "+" as the login separator, we need to change it in iPlanet Messaging Server as well, since "@" is the default. You can use the following command:

   configutil -o service.loginseparator -v +

5. Upgrade domain entries to add to the new backend SMTP routing hosts.

   imsdirmig -h ldap.siroe.com -b "o=internet" -M sims -D "cn=Directory Manager" -w secret -m domains -A mailroutinghosts:newstore1.siroe.com -P -O

6. Upgrade user and group entries to point to the new mailhost.

   Using imsdirmig:

   imsdirmig -h -b "o=internet" -M sims -F (mailhost=store1.siroe.com) -D "cn=Directory Manager" -w secret -m both -A mailhost:newstore1.siroe.com -O

   In this case all user/group entries under o=internet are assigned a new mailhost and are upgraded to the new schema.

7. Configure dirsync to support the new multi-system schema by using configutil to add the following two parameters:

   <InstanceRoot>/configutil -o local.imta.schematag -v "ims50,sims40"

   <InstanceRoot>/configutil -o local.imta.ugfilter -v (|(objectClass=inetLocalMailRecipient)(|(objectClass=inetMailUser)(objectclass=inetmailGroup)))

8. Run a full dirsync on the upgraded backend store newstore1.siroe.com.

   This will allow the new server to start accepting messages from the SMTP servers:

   <InstanceRoot>/imsimta dirsync -F

9. Start the messaging server.

   Start all other server processes using the 'start-msg' command. At this point, the iPlanet Messaging Server is fully functional (users can log in, new messages can be delivered, etc.).

   Old messages will not be retrievable until after the SIMS message store is migrated to the iPlanet Messaging Server message store. In addition, when old messages are migrated from SIMS, they will be mixed in with new messages that went directly into the iPlanet Messaging Server message store. This could result in some incorrect ordering of the messages.
   

   ---

   Note	The default configuration of the newly installed iPlanet Messaging Server blocks all SMTP relaying. To align default configuration to your site policy, refer to "SMTP Relay Function".

   ---

   
   

10. Run an incremental dirsync on all SMTP servers.

    <InstanceRoot>/imsimta dirsync

    Messages to the migrated users will now be routed by the inbound1.siroe.com and inbound2.siroe.com to the newstore1.siroe.com message store.

11. Ensure that all the messages in the SIMS SMTP server queues server are processed.

    At this point no messages will be routed by the inbound SMTP servers to the SIMS backend message store. Before shutting down the SIMS backend server make sure that all the messages in the MTA queues are delivered.

12. Stop SIMS by using /opt/SUNWmail/sbin/im.server stop.

    Make sure all SIMS processes are stopped.

13. Migrate SIMS mailboxes to iPlanet Messaging Server.

    Run this command on newstore1.siroe.com

    rsh store1.siroe.com /opt/SUNWmail/sbin/imbackup -f- -u <user> | <ServerRoot>/bin/msg/store/bin/imsrestore -f- -cy -n -v1

    where <user> is a file containing user mailbox names. Split the user entries into equal groups for each user file and run 10 to 15 such backup and restore sessions at the same time for the optimal way to maximize the restore speed into the new message store.
    

    ---

    Note	Do not disable fsync using configutil -o "local.store.synclevel" -v 0

    ---

    
    

    Old messages will not be retrievable until after the SIMS message store is migrated to the iPlanet Messaging Server message store. The situation may arise where they see a temporarily empty mailbox. In addition, when old messages are migrated from SIMS, they will be mixed in with new messages that went directly into the iPlanet Messaging Server message store. This could result in some incorrect ordering of the messages.

14. Repeat this process for all other SIMS backend message store servers.

    Go to step 1.

15. After all backend message stores have been migrated do the following steps.
    1. Upgrade user and group entries to use iPlanet Messaging Server schema.

       Using imsdirmig:

       imsdirmig -h ldapmaster.siroe.com -b "o=internet" -M sims -D "cn=Directory Manager" -w secret -m both

       In this case all user/group entries under o=internet are upgraded to the new schema.

    2. Disable multi-schema support on all SMTP servers (backend message store servers, SMTP relay servers, etc.).

       Once all the directory entries have been upgraded to iPlanet Messaging Server schema, multi-schema support is no longer needed. Using configutil, delete the following two parameters:

       <InstanceRoot>/configutil -o local.imta.schematag -v ""
       <InstanceRoot>/configutil -o local.imta.ugfilter -v ""

    3. Modify the system to support the iPlanet Delegated Administrator for Messaging.

       The imsdaaci command, packaged with the migration toolkit and shown below, generates an LDIF file that can be used to create a Delegated Administrator Service Administrator Group and Delegated Administrator Domain Administrator Group along with the required ACIs.

       <ServerRoot>/bin/msg/migrate/bin/imsdaaci

       Use ldapmodify to add the LDIF file into the DIT. For an explanation of the ACIs refer to the iPlanet Messaging Server Provisioning Guide

Migrating SIMS Message Store Servers to the iPlanet Messaging Server Using the Incremental Migration Method

Before migrating the backend messaging servers, be sure all message access proxy servers, and SMTP relay servers have been upgraded. For a discussion of the advantages and disadvantages of incremental migration, refer to "Off-line Message Store Migration".

Assumptions:

• iPlanet Messaging Server will be installed on a new host and will replace SIMS 4.0.

• iPlanet Messaging Server will use the existing user/group directory server and the configuration directory server.

• The directory server is Netscape Directory Server 4.12 and can be on the same host as SIMS, or on a different host. A new directory server has already been installed to hold the iPlanet Messaging Server configuration data (see "Installing a Configuration Server"). The user/group directory, that is, the directory supporting SIMS, will support the new iPlanet Messaging Server with the same (but upgraded) user, group, and domain entries.

• SIMS user mailboxes will be migrated in batches rather than all at once.

• These assumptions are for an example of a system being installed on a new host. Assumptions:
  SIMS user/group Directory Suffix: o=internet
  SIMS Mail server name: store1.siroe.com
  iPlanet Messaging Server Mail server name: newstore1.siroe.com
  Master Directory Server: ldapmaster.siroe.com
  Master Directory server network port: 389
  Configuration Directory Server: ldapmaster.siroe.com
  Configuration Directory server network port: 390
  Directory Server Bind password: secret
  SIMS Default Organization DN: dc=siroe,dc=com,o=internet

Migration Procedures

1. Install and configure the iPlanet Messaging Server on the new machine (newstore1.siroe.com).

   Do not install a new directory server. Enter 1,3,4 for the following prompt:

   Components with a number in () contain additional subcomponents
   which you can select using subsequent screens.

   1. Netscape Server Products Core Components (3)
   2. Netscape Directory Suite (2)
   3. Administration Services (2)
   4. iPlanet Messaging Suite (5)

   Specify the components you wish to install [All]: 1,3,4

   When you are prompted for the configuration server enter the URL and port number. (The one installed as described in "Installing a Configuration Server".)

   Enter the non-secured LDAP URL of the server that contains the
   Configuration Directory using the form:

   ldap://<hostname>:<port>

   URL of Directory Server [ldap://newstore1.siroe.com:389/]: ldap://ldapmaster.siroe.com:390

2. Stop all server processes.

   The installer starts all the server processes at the end of install. You will want to stop all processes after installation. As root do the following:

   <InstanceRoot>/stop-msg

3. Change the iPlanet Messaging Server configuration to make it point to the SIMS 4.0 user/group directory.

   Use configutil to change the following configuration parameters:

   local.ugldapbasedn = o=internet (Suffix which SIMS 4.0 used to store their users)
   local.ugldapbinddn = "cn=Directory Manager" (DS bind DN)
   local.ugldapbindcred = secret (DS bind password)
   local.ugldapdeforgdn = "dc=siroe,dc=com,o=internet" (Default organization DN)
   local.ugldaphost = ldapreplica1.siroe.com (The host where ldap replica is located)
   local.ugldapport = 389

4. If the old SIMS server is using "+" as the login separator, we need to change it in iPlanet Messaging Server as well, since "@" is the default. You can use the following command:

   configutil -o service.loginseparator -v +

5. Configure the dirsync command in the iPlanet Messaging Server (newstore1.siroe.com)to support multi-schema LDAP entries. This is done by using configutil to set the following three parameters:

   <InstanceRoot>/configutil -o local.imta.schematag -v "sims40,ims50"
   <InstanceRoot>/configutil -o local.imta.ugfilter -v
   "(|(objectClass=inetLocalMailRecipient)(|(objectClass=inetMailUser)(objectClass=inetMailGroup)))"
   <InstanceRoot>/configutil -o local.imta.sims_migrate -v True

6. Do a full dirsync.

   <InstanceRoot>/imsimta dirsync -F

7. Start all server processes on newstore1.siroe.com

   <InstanceRoot>/start-msg

---

Note	The default configuration of the newly installed iPlanet Messaging Server blocks all SMTP relaying. To align default configuration to your site policy, refer to "SMTP Relay Function".

---

8. Migrate a batch of user mailboxes from store1.siroe.com to newstore1.siroe.com

   You can minimize user downtime (the amount of time users are blocked from accessing their mailboxes) by selecting a subset of users to migrate to the new system. We recommend migrating a small number of users at first to see how the process works. For each batch of users, perform the following steps.

   1. Select a batch of users to migrate. Notify users that they will not be able to access their mail during the migration process.

   2. Direct all incoming messages to these users into the Hold Channel instead of their mailboxes and lock the user's mailboxes so that they cannot be opened during migration. The command is:

      imsdirmig -h ldapmaster.siroe.com -b "dc=siroe,dc=com,o=internet" -M sims -D "cn=Directory Manager" -w secret -m users -F "(uid=s*)" -A mailDeliveryOption:hold\;mailFolderMap:LOCK -O

      In the above example, all the user entries in siroe.com whose uid value begins with an "s" (you can use any LDAP filter as per the RFC-1558) are updated with the new attributes values for mailDeliveryOption and mailFolderMap. Note that this command does not upgrade the entry's to support the iPlanet Messaging Server schema. This will occur later in the migration process.

      After this command is run, these users cannot access their mailboxes, though they can continue to send mail. Incoming mail is saved in the Hold channel and will be delivered to the mailbox at the end of this process.

   3. Run dirsync on the inbound and outbound SMTP relay hosts as well as store1.siroe.com and newstore1.siroe.com to pick up the routing changes specified in the previous step.

   4. Convert and move the batch of SIMS users to the iPlanet Messaging Server message store as follows (on iPlanet Messaging Server):

      rsh store1.siroe.com /opt/SUNWmail/ims/sbin/imbackup -f- -u <UserFile> | <ServerRoot>/bin/msg/store/bin/imsrestore -f- -cy -n -v1

      imbackup is executed on the SIMS host. <UserFile> is a file containing user mailbox names. Split the user entries into equal groups for each user file and run 10 to 15 concurrent backup and restore sessions to maximize the restore speed. imsrestore is run on the iPlanet Messaging Server host.

   5. Change the user entries to point to the new iPlanet Messaging Server and unset the mailbox hold by setting mailDeliveryOption=mailbox, and mailhost:newmail.siroe.com in the user entries. Use imsdirmig with -O and -A options:

      imsdirmig -h ldapmaster.siroe.com -b "dc=siroe,dc=com,o=internet" -M sims -D "cn=Directory Manager" -w secret -m users -F "(uid=s*)" -O -A mailDeliveryOption:mailbox\;mailhost:newstore1.siroe.com

      Migrated users can now access their mailboxes.

   6. Run an incremental dirsync on newstore1.siroe.com, store1.siroe.com, and all the relay servers. Messages to the migrated users will now be routed by the inbound SMTP relay servers to the newstore1.siroe.com message store.

   7. Drain the hold queue on store1.siroe.com and newstore1.siroe.com to redirect all messages that came into the system while users mailbox was being moved to the new server, newstore1.siroe.com:

      /opt/SUNWmail/imta/sbin/hold_master -u <uid> -d <domain>

      You can write a script to do more than one user at a time.

9. Migrate the next batch of users and mailing lists. See previous step.

10. For mailing list entries, change the mailhost attribute to the fully qualified name of the new iPlanet Messaging Server host (example: newstore1.siroe.com). If this is not done, mail will be misdirected to the old SIMS server when a local delivery is attempted.

    imsdirmig -h ldapmaster.siroe.com -b "dc=siroe,dc=com,o=internet" -M sims -D "cn=Directory Manager" -w secret -m groups -F "(objectclass=inetmailgroup)" -O -A mailhost:newstore1.siroe.com

    This upgrades the LDAP entries for all groups .

11. Ensure that all the messages in the SMTP server queues server are processed and that the queues are empty.

    One way to do this is to stop dispatcher:

    /opt/SUNWmail/sbin/imta stop dispatcher

    At this point the SMTP server is shut down, however the job controller continues to process messages in the queue. You can verify that the queues are empty by entering the following command:

    /opt/SUNWmail/sbin/imta qm counters

12. After all mailboxes are migrated, then store1.siroe.com is ready to be decommissioned.

13. Repeat the previous steps for all backend servers.

14. After all backend message stores are migrated, do the following:
    1. Upgrade ALL user/group directory entries to the iPlanet Messaging Server schema using imsdirmig:

       imsdirmig -h ldapmaster.siroe.com -b "o=internet" -M sims -D "cn=Directory Manager" -w secret -m both

    2. Disable multi-schema support on all SMTP servers.

       Once all the directory entries have been upgraded to the iPlanet Messaging Server schema, multi-schema support is no longer needed. Using configutil, delete the following two parameters on all SMTP servers (message store servers and all inbound and outbound relay servers):

       <InstanceRoot>/configutil -o local.imta.schematag -v ""
       <InstanceRoot>/configutil -o local.imta.ugfilter -v ""

    3. Run the command imsimta dirsync -F on all SMTP servers (message store servers and all inbound and outbound relay servers).

    4. Modify the system to support the iPlanet Delegated Administrator for Messaging.

       The imsdaaci command, packaged with the migration toolkit and shown below, generates an LDIF file that can be used to create a Delegated Administrator Service Administrator Group and Delegated Administrator Domain Administrator Group along with the required ACIs.

       <ServerRoot>/bin/msg/migrate/bin/imsdaaci

       Use ldapmodify to add the LDIF file into the DIT. For an explanation of the ACIs refer to the iPlanet Messaging Server Provisioning Guide

Addendum

Message store configuration can be modified (as shown below) to enhance mailbox migration performance on the first batch of users. However, it is unsafe to run a live messaging server with this configuration in place. Our recommendation is to reset the configuration change once the first batch of user mailboxes have been migrated from the SIMS server to the iPlanet Messaging Server.

Steps for mailbox migration optimization:

1. Stop the messaging server after Step Step 8Step c.

   <InstanceRoot>/stop-msg

2. Set the sync level to 0.

   <InstanceRoot>/configutil -o "local.store.synclevel" -v 0

3. Start the store daemon.

   <InstanceRoot>/start stored

4. Return to Step Step 8Step d.

5. After the first batch of mailbox migrations is complete, reset the sync level.

   configutil -o "local.store.synclevel" -v 1

6. Restart the messaging server processes.

   <InstanceRoot>/start-msg

Upgrading a Netscape Messaging Server Multi-Server Deployment

---

This section describes the process of upgrading a Netscape Messaging Server multi-server deployment to an iPlanet Messaging Server deployment. The basic steps are as follows:

1. "Adding the Required Naming Contexts".

2. "Upgrading Netscape Messaging Server SMTP Relay Servers".

3. "Upgrading Netscape Messaging Server MMP Servers".

4. "Migrating Netscape Messaging Server Backend Message Stores"

Adding the Required Naming Contexts

In order to use the existing user/group directory, you must create the required DC and Organization Tree root suffixes and additional directory indices in the user/group directory server. This is described below.

1. Run ims_dssetup.pl against the Netscape Messaging Server user/group LDAP server (ldapmaster.siroe.com).

   Below is an example screen prompts with the appropriate responses:

   Welcome to the iMS Directory Server preparation tool.

   This tool will help you setup a Netscape Directory Server and
   make it ready to use for installing iPlanet Messaging Server.

   Do you want to continue [y]:

   Please enter the full path to the directory where Netscape
   Directory Server was installed.

   Directory server root [/usr/netscape/server4]:

   Please select a directory server instance from the following list:

   [1] slapd-users

   Which instance do you want [1]:

   Please enter the base suffix for DC Tree [o=internet]:

   Please enter the base suffix under which the Users/Groups data should be
   setup [o=siroe.com]:

   Do you want to update the schema files [yes]: no

   Do you want to configure new indexes [yes]:

   Please enter the schema directory [/cdrom/cdrom0/solaris/iMS/msg/config]:

   Here is a summary of the settings that you chose:

   Server Root:    /usr/netscape/server4
   Server Instance:   slapd-users
   Update Schema:   no
   DC Root:   o=internet
   User/Group Root:   o=siroe.com
   Add New Indexes:    yes
   Schema Directory:   /cdrom/cdrom0/solaris/iMS/msg/config

   Do you want to continue [y]:

   The script proceeds to create the naming contexts and index the new attributes.

2. Restart the Netscape Messaging Server user/group directory server

   <InstanceRoot>/restart-slapd

Upgrading Netscape Messaging Server SMTP Relay Servers

1. Before upgrading any SMTP or mail multiplexor (called proxy servers in SIMS) servers, you must first add the merged schema files (merged.oc.conf and merged.at.conf) to the directory server. Refer to "Supporting a Multiple Schemas".

2. Ensure that all the messages in the SMTP server queues server are processed and that the queues are empty.

   One way to do this is to change the SMTP port number and restart the SMTP server. This allows the server to continue processing any messages in the queue while not accepting messages on the standard SMTP port.

   <InstanceRoot>/configutil -o service.smtp.port -v 901
   <InstanceRoot>/stop-msg smtp
   <InstanceRoot>/start-msg smtp

   You can verify that the queues are empty by entering the following command:

   /usr/bin/mailq

3. Stop the old SMTP Server. During this time, incoming messages will be handled by the second inbound SMTP server.

4. Install and configure the iPlanet Messaging Server. Use the default selections except when you see the following screen prompts:
   1. Do not install a new directory server. Enter 1,3,4 for the following prompt:

      Components with a number in () contain additional subcomponents
      which you can select using subsequent screens.

      1. Netscape Server Products Core Components (3)
      2. Netscape Directory Suite (2)
      3. Administration Services (2)
      4. iPlanet Messaging Suite (5)

      Specify the components you wish to install [All]: 1,3,4

   2. When you are prompted for the configuration server enter the URL and port number. (The one installed as described in "Installing a Configuration Server".)

      Enter the non-secured LDAP URL of the server that contains the
      Configuration Directory using the form:

      ldap://<hostname>:<port>

      URL of Directory Server [ldap://inbound1.siroe.com:389/]: ldap://ldapmaster.siroe.com:390

   3. For the following install prompt:

      Default Organization DN [o=siroe.com,o=siroe.com]:

      Use the default value (o=siroe.com,o=siroe.com). Note that this is not where the Netscape Messaging Server user/group entries reside. The entries will remain in the current namespace for now.

5. After the iPlanet Messaging Server is installed, change the value of the inetdomainbasedn attribute in the default domain entry of the DC Tree (in this case dc=siroe,dc=com,o=internet) to the DN where the Netscape Messaging Server users are located (in this case, o=siroe.com). Also, use configutil to set local.ugldapdeforgdn to o=siroe.com

   <InstanceRoot>/configutil -o "local.ugldapdeforgdn" -v "o=siroe.com"

   By default the installer configures the default domain to look for users/groups in o=siroe.com,o=siroe.com, but the existing Netscape Messaging Server users and groups are located under o=siroe.com. Thus DN reference of the DT tree domain node siroe.com must point at the correct organization subtree. See "Using Existing Directory Information Trees in the iPlanet Messaging Server" on how this change allows iPlanet Messaging Server to recognize the existing Netscape Messaging Server users/groups in the user/group directory server.

6. Configure dirsync to support the new multi-system schema:

   <InstanceRoot>/configutil -o local.imta.schematag -v "ims50,nms41"

   <InstanceRoot>/configutil -o local.imta.ugfilter -v (|(objectClass=inetLocalMailRecipient)(|(objectClass=mailRecipient)(objectclass=mailGroup)))

7. If the old Netscape Messaging Server SMTP relay server is using "+" as the login separator, change it in the iPlanet Messaging Server as well, since "@" is the default. This allows users to do SMTP AUTH using the existing login separator.

   Use the following command:

   configutil -o service.loginseparator -v +

8. If this is an outbound SMTP server, enable SMTP relaying as per your site policy.
   1. Add the dequeue_removeroute option into tcp_local and tcp_intranet channel in imta.cnf file.

      The channels blocks will look like this:

      ! tcp_local
      tcp_local smtp mx single_sys remotehost inner switchchannel \
      identnonelimited subdirs 20 maxjobs 7 pool SMTP_POOL \ maytlsserver maysaslserver saslswitchchannel tcp_auth \ dequeue_removeroute
      tcp-daemon
      
      !
      ! tcp_intranet
      tcp_intranet smtp mx single_sys subdirs 20 noreverse \
      maxjobs 7 pool SMTP_POOL maytlsserver allowswitchchannel \
      saslswitchchannel tcp_auth dequeue_removeroute
      tcp_intranet-daemon

   2. If you want to allow all the nodes on your class C network to relay through the server, edit the mappings file under <server-root>/msg-<instance>/imta/config by changing "* $N" to "* $Y"

      ++++++++++++++++
      INTERNAL_IP
      
        $(192.18.74.57/24) $Y
        127.0.0.1 $Y
        * $Y
      ++++++++++++++++

   3. Then run the command imsimta cnbuild. At this point you have a fully functioning relay server.

   4. Do a full dirsync:

      <InstanceRoot>/imsimta dirsync -F

   5. Start the SMTP server.

      <InstanceRoot>/start-msg smtp

   For more information on enabling SMTP relaying, see "Adding SMTP Relaying".

Upgrading Netscape Messaging Server MMP Servers

1. Before upgrading any SMTP or mail multiplexor servers, you must first add the merged schema files (merged.oc.conf and merged.at.conf) to the directory server. Refer to "Supporting a Multiple Schemas".

2. When you installed the SMTP server, the installer created a DC Tree in ldapmaster.siroe.com. However, there is no replication agreement between the master and the replicas to replicate the data in the DC Tree. You must create this replication agreement. Refer to the Netscape Directory Server Administrator's Guide.

3. Stop the old Netscape Messaging Server MMP Server.

4. Install and configure the MMP server. Use the default selections except when you see the following screen prompt:

   Please enter the LDAP URL to the domain component tree [ldap://siroe.com:389/o=internet]: ldap://ldapreplica2.siroe.com:389/o=internet

   Enter the Netscape Messaging Server LDAP server information. This is the existing Netscape Messaging Server user/group LDAP server.

Migrating Netscape Messaging Server Backend Message Stores

Before migrating the backend messaging servers, be sure all MMPs and SMTP relay servers have been upgraded.

Assumptions:

• iPlanet Messaging Server will replace Netscape Messaging Server 4.x on the same server.

• iPlanet Messaging Server will use the existing user/group directory server and the configuration directory server installed earlier.

• iPlanet Messaging Server DC Tree Suffix: o=internet
  Master Directory Server: ldapmaster.siroe.com
  Master Directory server network port: 389
  Configuration Directory Server: ldapmaster.siroe.com
  Configuration Directory server network port: 390
  Directory Server Bind DN: cn=Directory Manager
  Directory Server Bind password: secret
  Netscape Messaging Server user/group base DN: o=siroe.com
  iPlanet Messaging Server Default Organization DN:
         dc=siroe,dc=com,o=internet
  iPlanet Messaging Server server user: mailsrv

Migration Procedures:

We strongly recommend backing up the message store before attempting migration.

1. Ensure that all the messages in the SMTP server queues server are processed and that the queues are empty.

   One way to do this is to change the SMTP port number and restart the SMTP server. This allows the server to continue processing any messages in the queue while not accepting messages on the standard SMTP port.

   <InstanceRoot>/configutil -o service.smtp.port -v 901
   <InstanceRoot>/stop-msg smtp
   <InstanceRoot>/start-msg smtp

   You can verify that the queues are empty by entering the following command:

   /usr/bin/mailq

2. Stop Netscape Messaging Server 4.x.

   <InstanceRoot>/stop-msg

3. Install and configure the iPlanet Messaging Server.

   Do not install a new directory server. Enter 1,3,4 for the following prompt:

   Components with a number in () contain additional subcomponents
   which you can select using subsequent screens.

   1. Netscape Server Products Core Components (3)
   2. Netscape Directory Suite (2)
   3. Administration Services (2)
   4. iPlanet Messaging Suite (5)

   Specify the components you wish to install [All]: 1,3,4

   When you are prompted for the configuration server enter the URL and port number. (The one installed as described in "Installing a Configuration Server".)

   Enter the non-secured LDAP URL of the server that contains the
   Configuration Directory using the form:

   ldap://<hostname>:<port>

   URL of Directory Server [ldap://store1.siroe.com:389/]: ldap://ldapmaster.siroe.com:390

4. Stop all server processes.

   <InstanceRoot>/stop-msg

5. Map or modify the existing Netscape Messaging Server directory namespace to the iPlanet Messaging Server directory namespace.

   Refer to "Using Existing Directory Information Trees in the iPlanet Messaging Server".

6. Set the default Organization Tree.

   Use configutil to set local.ugldapdeforgdn to o=siroe.com

   <InstanceRoot>/configutil -o "local.ugldapdeforgdn" -v "o=siroe.com"

   o=siroe.com is the DN of the Organization Tree that corresponds to the default domain.

7. Migrate the Netscape Messaging Server message store to iPlanet Messaging Server message store.

   Change the primary store partition path to point at the Netscape Messaging Server 4.x message store path as follows:

   1. Use the iPlanet Messaging Server Admin Console to change the message store configuration to point at all the Netscape Messaging Server 4.x mail store partitions. (See iPlanet Messaging Server Administrators Guide.)
      

      ---

      Note	When cleaning out Netscape Messaging Server 4.x do not remove the message store directories as this is where the message store data resides.

      ---

      
      

   2. Remove user subscriptions directory:

      rmdir <iMSServerRoot>/msg-<instance>/store/user/

   3. Set up a symbolic link to the Netscape Messaging Server user's subscriptions folders:

      ln -s <NMSServerRoot>/msg-<instance>/store/user/
      <iMSServerRoot>/msg-<instance>/store/user/

   4. Copy the mboxlist file:

      cp <NMSServerRoot>/msg-<instance>/store/mboxlist/data.db2
      <iMSServerRoot>/msg-<instance>/store/mboxlist/folder.db

   5. Copy the quota files:

      cp <NMSServerRoot>/msg-<instance>/store/quota.db2 <iMSServerRoot>/msg-<instance>/mboxlist/quota.db

   6. Make sure files are owned by the mail server user. Example:

      chown mailsrv <iMSServerRoot>/msg-<instance>/store/mboxlist/*

   7. Do not copy any other files!

8. Configure dirsync to support the new multi-system schema by using configutil to add the following two parameters:

   <InstanceRoot>/configutil -o local.imta.schematag -v "ims50,nms41"
   
   <InstanceRoot>/configutil -o local.imta.ugfilter -v "(|(objectClass=inetLocalMailRecipient)(|(objectClass=mailRecipient)(objectclass=mailGroup)))"

9. Run a full dirsync on store server.

   <InstanceRoot>/imsimta dirsync -F

10. Restart the iPlanet Messaging Server.

    The mail server is now available for use. At this time iPlanet Messaging Server is working off the old directory entries in ldapmaster.siroe.com using multi-schema support. New user and group entries will be created in the new directory nodes.
    

    ---

    Note	The default configuration of the newly installed iPlanet Messaging Server blocks all SMTP relaying. To align default configuration to your site policy, refer to "SMTP Relay Function".

    ---

    
    

11. Upgrade quota database to enable new features.

    Run the following as mail server user:

    su mailsrv
    cd <iMSServerRoot>/bin/msg/admin/bin
    setenv CONFIGROOT <iMSServerRoot>/msg-<Instance>/config
    ./reconstruct -q
    exit

12. Repeat these procedures for all backend servers.

13. After all backend servers are migrated do the following steps:
    1. Upgrade user/group entries to the iPlanet Messaging Server schema using imsdirmig:

       imsdirmig -h ldapmaster.siroe.com -b "o=siroe.com" -M nms -D "cn=Directory Manager" -w secret -m both

    2. Disable multi-schema support for all SMTP servers.

       Once all the directory entries have been upgraded to iPlanet Messaging Server schema, multi-schema support is no longer needed. Using configutil, delete the following two parameters:

       <InstanceRoot>/configutil -o local.imta.schematag -v ""
       <InstanceRoot>/configutil -o local.imta.ugfilter -v ""