These release notes contain important information about iPlanet Messaging Server 5.1. Features and enhancements, installation notes, known problems, and other late-breaking issues are addressed here. Read this document before you install iPlanet Messaging Server.
An electronic version of these release notes can be found at the iPlanet documentation web site: http://docs.iplanet.com/docs/manuals/messaging.html/. Check the web site prior to installing and setting up your software and then periodically thereafter to view the most up-to-date release notes and manuals.
These release notes contain the following sections:
iPlanet Messaging Server provides a powerful and flexible solution to the email needs of enterprises and messaging hosts of all sizes using open Internet standards.
iPlanet Messaging Server is an integration of the Netscape Messaging Server and Sun Internet Messaging Server. The most robust and highest performing components of each product have been combined to produce the iPlanet Messaging Server. For example, the message store, LDAP directory, and Administration Console come from Netscape Messaging Server, while the message transfer agent (MTA) and delegated administrator command line interface come from Sun Internet Mail Server.
Because this is an integrated product, Netscape Messaging Server and Sun Internet Messaging Server customers might find that many processes and procedures for those products are different for iPlanet Messaging Server. For complete information refer to the iPlanet Messaging Server 5.1 documentation at http://docs.iplanet.com/docs/manuals/messaging.html.
The following list describes features available in Messaging Server 5.0 and 5.1:
The following list describes features specific to Messaging Server 5.1:
The minimum hardware requirements for iPlanet Messaging Server are:
The following addresses client software requirements. For Messenger Express access, Messaging Server requires a JavaScript-enabled browser. For optimal performance, iPlanet recommends the following browsers:
iPlanet Messaging Server is supported on the following platforms:
Note | Solaris 2.7 is not a supported platform for iPlanet Messaging Server.
|
The supported Solaris platforms require the following patches.
A list of recommended patches for Solaris 2.6 and Solaris 8 can be found at http://access1.sun.com.
Additionally, ensure that your Solaris setup specifies how to route to hosts that are not on the local subnet. To do this, ensure that:
The HP-UX 11.0 platform requires the following operating system bundles and patches:
A list of recommended patches for HP-UX 11.00 can be found at the following URL: http://us-support.external.hp.com/index.html/
Windows NT 4.0 SP6a (Service Pack 6a) is supported.
iPlanet Messaging Server 5.1 requires the following:
Note |
For iPlanet Web Server, it is strongly recommended that you visit the following site to determine which patches are required: http://docs.iplanet.com/docs/manuals/enterprise/
|
These products are all included on the Messaging Server CD and at the download site at http://www.iplanet.com/downloads/download/.
The following sections describe known problems, limitations, and considerations of iPlanet Messaging Server and its components. This section contains the following sub-sections:
Known Problems and Limitations
The following are known problems, issues, and considerations with the Messaging Server installation and uninstallation.
In iPlanet Messaging Server 5.1, besides the Directory Server, servers are not started by the installer.
Note
If you point to an existing Directory Server as the Users/Groups Directory Server, and that server has been set up for replication, the installation will fail. To prevent the installation from failing, install the Messaging Server before setting up replication.
You must install Messaging Server in an empty directory or a directory that does not already exist. This directory cannot contain any subdirectories that serve as mount points. After you complete the Messaging Server installation, you can create mount points as desired.
Moreover, after uninstalling iPlanet Messaging Server, if you use the same server-root directory that was previously uninstalled, you might get an error during re-installation. You will need to use a new server-root directory when performing the re-installation.
For more information, see: http://docs.iplanet.com/docs/manuals/messaging/ims50/daig/
install.htm#28567
Occasionally, upon successful installation, error messages are still found in the installation log.
On UNIX, a successful installation ends with the following message: "Go to server-root and enter start console to begin managing your servers." In this message, server-root is the absolute directory path where you chose to install the messaging server, for example: /usr/iplanet/server5.
On Windows NT, a successful installation ends with a prompt asking if the user wants to view the README file or reboot the system.
When installing Messaging Server, you should write down the administration port number you specify to the installer. You will need to know this port number to use the Administration Console. During an express installation, you are not prompted for an administration port number; instead, the installer chooses a random port number. When you start Console, you will be asked for the administration port number chosen during installation. If you do not know the port number, it is recorded in the following file: server-root/admin-serv/config/adm.conf
If you want to install only MMP, follow the steps listed below to select MMP; otherwise the installation will fail:
The directory should be owned by the iPlanet Messaging Server user and group, and have permissions 750.
Due to limitations in the iPlanet Messaging Server Sun Cluster 2.2 agent, Messaging Server must be installed at a predetermined mount point, as determined by the $LOGICAL_HOSTNAME environment variable.
When installing on a Sun Cluster 2.2 cluster node, the installation procedure produces an invalid ims_ha.inf file. You will need to manually edit this file and replace the line reading <msg.InstanceName> with the actual instance name. For example, if the Messaging Server instance name is "mail" then change that line to read: mail.
If you are using Sun Cluster 2.2 or Veritas Cluster Server 1.1, you must uninstall Messaging Server manually.
Be aware that the following procedure will uninstall all components including the message store.
This section describes known problems, limitations, and considerations when migrating from earlier versions of Messaging Server.
In order to run the imsdirmig and imsdaaci commands on Windows NT, you must copy the DLL files libyasr.dll and nsldap32v40.dll from server-root\bin\msg\lib to the directory where these commands are located: server-root\bin\msg\migrate\bin.
When migrating directory entries from Netscape Messaging Server 4.x, specify an LDAP filter using the -F argument to imsdirmig that excludes the existing Netscape Messaging Server's postmaster entry. An example of such a filter is -F "(!(cn=postmaster))". This filter will exclude the postmaster entry from the migration processing. If such a filter is not specified, imsdirmig fails to process the entry and exits on the resulting error, unless -c is specified to force imsdirmig to continue processing after it encounters an error.
After adding iPlanet Delegated Administrator for Messaging and Collaboration support, the old Sun Internet Mail Server still appears in certain situations through the iPlanet Delegated Administrator user interface. For example, on the Domain Mail Properties page, creating a user and enabling the mail service for that user will list the old Sun Internet Mail Server mail host. This behavior occurs because migrating from the Sun Internet Mail Server domain preserves the preferredMailHost domain attribute. To fix the problem, change this attribute value to point to the correct mail server.
For information about running the ims_dssetup utility, see the iPlanet Messaging Server Migration Guide, Chapter 3, section titled "Migrating from a Single-Server Netscape Messaging Server System," sub-section titled "Migration Procedures," step 3.
For information about regenerating the index for the above attributes, refer to the iPlanet Directory Server documentation at: http://docs.iplanet.com/docs/manuals/directory/41/admin/
index1.htm#1008974
For information about installing the server, see the iPlanet Messaging Server Migration Guide, Chapter 3, section titled "Migrating from a Single-Server Netscape Messaging Server System," sub-section titled "Migration Procedures," step 7.
Installing iPlanet Delegated Administrator for Messaging and Collaboration against a Directory Server that has the merged.oc.conf and merged.at.conf schema files will result in duplicate, conflicting object class definitions in the merged schema files. As a result, trying to modify the migrated Sun Internet Mail Server domain entry using ldapmodify will create an object class violation error.
To fix this problem, you have to comment out the extra object classes defined in the file instanceroot/config/slapd.user_oc.conf:
inetdomain, inetdomainalias, inetdomainorg, inetdomainauthinfo, maildomain, inetuser, inetsubscriber, ipuser, userpresenceprofile, inetmailuser, inetlocalmailrecipient, inetmailadministrator, inetmailgroup, inetmailgroupmanagement, inetmanagedgroup, pabperson pabgroup, pab, inetadmin, msgvanitydomainuser, icscalendaruser, inetresource, icscalendarresource, icscalendardomain, icsadministrator
The following steps are based on the iPlanet Messaging Server Migration Guide, Chapter 3, section titled "Migrating from a Single-Server Netscape Messaging Server System." However, changes have been made here specifically for migration on a Windows NT platform.
One way to do this is to change the SMTP port number and restart the SMTP server. This allows the server to continue processing any messages in the queue while not accepting messages on the standard SMTP port.
InstanceRoot\configutil -o service.smtp.port -v 901
InstanceRoot\stop-msg smtp
InstanceRoot\start-msg smtp
Refer to "Using Existing Directory Information Trees in the iPlanet Messaging Server" in Appendix B of the iPlanet Messaging Server Migration Guide.
Use configutil to set local.ugldapdeforgdn to o=sesta.com:
InstanceRoot/configutil -o "local.ugldapdeforgdn" -v "o=sesta.com"
o=sesta.com is the DN of the Organization Tree that corresponds to the default domain.
Change the primary store partition path to point at the Netscape Messaging Server 4.x message store path as follows:
NMSServerRoot/mailstore/store/user/
to:
iMSServerRoot/msg-instance/store/user/
(mailstore is the example given in step 5.)
NMSServerRoot/mailstore/store/mboxlist/data.db2
to
iMSServerRoot/msg-instance/store/mboxlist/folder.db
InstanceRoot/configutil -o local.imta.schematag
-v "ims50,nms41"
InstanceRoot/configutil -o local.imta.ugfilter
-v (|(objectClass=inetLocalMailRecipient)
(|(objectClass=mailRecipient) (objectclass=mailGroup)))
The mail server is now available for use. At this time iPlanet Messaging Server is working off the old directory entries in: ldap.sesta.com using multi-schema support. New user and group entries will be created in the new directory nodes.
imsdirmig -b "o=sesta.com" -M nms -D "cn=Directory Manager" -w secret -m both -F "(!(cn=postmaster))"
If a user's uid attribute in LDAP contains any upper case characters--for example, the uppercase K in Kolander--after a migration has occurred from SIMS to iPlanet Messaging Server, the user will not be able to access the migrated mailbox.
SIMS stores all mailbox names in lowercase characters, but iPlanet Messaging Server does not. Moreover, SIMS converts LDAP uid attributes to lowercase characters before it searches its message store for a mailbox name that matches that uid; again, iPlanet Messaging Server does not. During a migration, SIMS mailboxes are restored to iPlanet Messaging Server. In this situation, because the mailboxes were migrated from SIMS, they are all in lowercase characters. Since iPlanet Messaging Server does not convert LDAP uid attributes to lowercase, uid attributes that contain uppercase characters will not match the names of the migrated mailboxes. Mail users with uid attributes containing uppercase characters will not be able to access their mailboxes.
To fix this problem, administrators have two options.
where filename is the name of a file that contains an entry such as the following:
Notice, when using the rename option, DO NOT change the case of the domain portion of the user ID, for example sesta.com. It must remain in lowercase or the mailbox name will not be recognized when a user logs in.
Refer to the iPlanet Messaging Server Reference Manual for more information on renaming users with imsrestore.
This section describes known problems, limitations, and considerations when upgrading iPlanet Messaging Server.
The upgrade process overwrites the Messenger Express HTML files. If you have made customizations, they will be lost. To fix this, make a backup of your customized files before you perform the upgrade process.
After iPlanet Messaging Server is upgraded, the file server-root/msg-instance/html/main.js is not updated with the correct iPlanet Delegated Administrator for Messaging and Collaboration port.
To fix this problem, before upgrade, search for the variable called NDAStartPage in the main.js file. It is a URL containing the iPlanet Delegated Administrator for Messaging and Collaboration host name and port number. The port will be set to 8080 after an upgrade. Change the port number to the correct iPlanet Delegated Administrator for Messaging and Collaboration port that you are using.
When you attempt to upgrade iPlanet Messaging Server in a Sun Cluster 2.2 environment or in a Veritas Cluster Server 1.1 or later environment, the upgrade will fail at the point where the install program tries to run stop-msg. You can work around this problem by performing the following:
-For Sun Cluster 2.2:
/opt/SUNWcluster/bin/hareg -n your_data_service
-For Veritas Cluster Server 1.1 or later:
/opt/VRTSvcs/bin/hares -offline your_mail_resource -sys
physical_hostname
-In a Sun Cluster 2.2 environment, rename the hareg command located in:
/opt/SUNWcluster/bin/hareg
-In a Veritas Cluster Server 1.1 or later environment, rename the hares command located in: /opt/VRTSvcs/bin/hares
With Messaging Server 5.0 patch 3 and later releases, cron jobs are no longer used for scheduling periodic dirsync jobs. After upgrading to iPlanet Messaging Server 5.1, ensure that there are no longer any crontab entries for the Messaging Server dirsync jobs. To alter the frequency of periodic dirsync jobs, edit the appropriate settings in the job_controller.cnf file.
The user is prompted by three separate screens, one prompt per screen. The three items that the user is prompted for are: the host name of the iPlanet Delegated Administrator for Messaging and Collaboration (a fully qualified host name), the Web Server port, and the default domain. The work-around is to provide the requested information as demonstrated by the following example:
Host Name of the server: ims.india.sesta.com
Port number of the server: 80
Default Domain: india.sesta.com
This section describes known problems, limitations, and considerations with iPlanet Messaging Server.
If you wish to use the program delivery feature, the user under which iPlanet Messaging Server runs must have a home directory, and must have permission to create and write files in the home directory.
When you create a user or group through the Administration Console, ensure that you are selecting the correct organizational unit (ou) under which you want to create a user or group. To do so, use the drop-down list to choose New Organizational Unit; then click Create.
In the Select Organizational Unit window, select the directory subtree (ou) to which the organizational unit will belong. Placing your cursor on any of the directory subtrees will reveal the complete DN of the organizational unit.
The IMAP, POP, and HTTP servers cache the LDAP entries of users who have recently logged in for the amount of time specified in the service.authcachettl configuration parameter. To make the deletion of a user immediately effective, you can run the servers with no authentication cache or turn off the authentication cache by setting service.authcachettl to 0 using the configutil utility and restarting all the services. Note, a setting of 0 will have an impact on performance.
This problem also applies to the Messaging Multiplexor (MMP); however, the MMP does not use configutil. It has a separate AuthCachTTL option in its configuration file.
This affects many searches performed by iPlanet Messaging Server, and is especially apparent when using the dirsync utility. To speed up searches use directory manager credentials to access the directory by using the following commands:
msg-instance/configutil -o local.ugldapbinddn -v "rootdn" -l
msg-instance/configutil -o local.ugldapbindcred -v "rootdn_passwd" -l
where rootdn and rootdn_passwd are the credentials of the Directory Server's administrator.
mgrpErrorsTo attribute does not support multiple values. If you want to specify multiple recipients for error messages, create a mailing list and specify the mailing list address as the value for the mgrpErrorsTo attribute.
A problem exists with the attribute store.expirerule.name.foldername.folderpattern.
Expiration rules that include this attribute will select folders outside the criteria you specify. This could create serious problems, including the unintentional deletion of messages. Therefore, do not use this attribute to limit a folder selection.
For example, the following command returns an error if the expiration rule name does not already exist: configutil -o store.expirerule.name.folderpattern -v pattern
Use Console instead of the command line. After an expiration rule is created, you can modify the parameters by using the configutil utility.
Due to the caching scheme, changing domain properties such as authorized services or status in LDAP does not take effect in IMAP, POP, SMTP, and HTTP until these services are restarted.
If an incremental dirsync is in progress at the time of an HA failover, the alias database will be marked as unsafe. The administrator will be notified of this condition when the messaging server is brought back online. The following message will appear in the log/imta/dirsync.trx-XXXX file:
When this occurs, run the following: imsimta recover-crash
Any updates that occurred since the imsimta dirsync -F command was last run will be lost. After running imsimta recover-crash, run: imsimta dirsync -F
When configuring "Host Names to allow" for the Administration Server, the access control list is case-sensitive. If the DNS server uses mixed-case host names in the IN-ADDR records (used when translating from an IP address to a domain name), the access control list must use the same case. For example, if your host is test.Sesta.Com, then the access control list must include *.Sesta.Com. Due to this bug, *.sesta.com will not suffice.
If Help does not launch from the Administration Console, create a script called "netscape", such as the one given below, and place this script in your path:
On Windows NT, the Administration Console Help does not come up if a browser is already open. If it is not open it brings up a browser and the pages can be viewed. To work around this behavior move server-root\bin\base\viewurl.exe somewhere else, or rename the file, for example rename the file to viewulr.exe.hide.
The return job causes this behavior. The likelihood of a crash increases when debugging is turned on. Typical behavior in this situation is for the Job Controller to crash at about 00:35.
A login name such as uid@domain is not accepted in certain POP mail clients, such as Netscape Messenger 4.76, Netscape Messenger 6.0, and Microsoft Outlook Express on Windows 2000. The work-around is as follows:
The user needs to become a member of the Service Administrator group in order to have Service Administrator privileges. To make the user a member of the group, you can add the user DN to the uniquemember attribute of the Service Administrator group.
For example, if the user/group base suffix is o=isp, then the DN of the service administrator group is cn=Service Administrators,ou=groups,o=isp. To designate the account uid=ofanning, o=sesta.com, o=isp as a service administrator, you should add the account's DN to the group. In the following modify record, the designated user is added as a group member in the LDIF:
dn: cn=Service Administrators,ou=groups,o=isp
changetype: modify
add: uniquemember
uniquemember: uid=ofanning, o=sesta.com, o=isp
Furthermore, for users to have service administrator privileges, the attribute memberof must be added to the user entry and set to the Service Administrator Group, for example:
For example, you might see an error message such as:
Cluster.PMF.pmfd: Error opening procfs control file
/proc/384/ctl for tag rg.rs.0.svc: No such file or directory
You can ignore these messages.
The instructions to turn on CRAM-MD5/DIGEST-MD5 do not work for "external" SMTP connections (by default all connections not from the local host). However, it works as documented for IMAP/POP and internal SMTP connections. To fix this problem, run:
configutil -o sasl.external.ldap.has_plain_passwords -v 1
To work around this problem, you can deploy separate MMP servers to handle the clients that are excluded from bad guy rules. These servers must have BadGuy turned off.
The Netscape browser might not display some Japanese Kanji characters properly in certain unicode font sizes (10, for example). To fix this, change the browser's unicode font size to 14.
As an example, if list1@sesta.com has specified the allowed broadcaster user@varrius.com, that user will not be able to send to the list.
The following are known problems with iPlanet Delegated Administrator for Messaging and Collaboration.
Note that the use of the provisioning utility imadmin requires that iPlanet Delegated Administrator for Messaging and Collaboration be installed.
iDA_ROOT\nda\lib\jss21.dll
to:
iWS_ROOT\bin\https\jss21.dll
(iDA_ROOT is the root for iPlanet Delegated Administator; iWS_ROOT is the root for iPlanet Web Server.)
(iDA_ROOT is the root for iPlanet Delegated Administrator; iWS_ROOT is the root for iPlanet Web Server.)
When logged-in as a Top-Level Administrator, you cannot create or manage a mail list. As a work-around, traverse to any of the hosted domains before clicking on the My Account icon.
iPlanet Delegated Administrator for Messaging and Collaboration allows you to create a new domain and have it point at an existing user/group subtree. This subtree must contain the domain administrator and postmaster groups. However, the creation of a domain when pointed at an existing user/group subtree fails as an invalid check is made for the domain administrator group under the root suffix of the user/group tree.
A workaround is to create these groups under the root suffix. The LDIF for creating these groups is shown below. The following variables are used in the LDIF examples and should be replaced with the appropriate values for the installation.
The imadmin command line utility will not work properly without the 106361-10 patch. This is one of the recommended patches for Solaris SPARC 2.6 and is available at: http://access1.sun.com
When using iPlanet Delegated Administrator for Messaging and Collaboration, to set the delivery options for a user whose mailhost is a Windows NT server, do not select Native as a delivery option. Selecting Native as the only option for mail delivery for such users will result in the mail message being bounced to the sender. The bounce message will be sent only after several days have elapsed. If you want bounce messages to be sent immediately for mail that is undeliverable because the user erroneously selected this inappropriate delivery method, add the following rewrite rule to msginstance/imta/config/imta.cnf:
native-daemon $?unix/native delivery not supported on server
If you have separate configuration and user-group directories, to run imadmin user purge you must set up pass-through authentication for the configuration directory to point to the user/group directory.
This will pass the authentication of service administrator performed by the Administration Serverbefore it can run the Common Gateway Interface (CGI) to delete user mailboxeson to the user/group directory.
You need to add the following line (one single line) in your configuration directory's slapd.conf file:
plugin preoperation on "Pass Through Authentication""SERVER_ROOT/lib/passthru-plugin.so" passthruauth_init"ldap://ugldap.varrius.com/SEARCH_BASE"
SEARCH_BASE can be o=varrius.com or o=internet that is your OSI suffix in the user/group directory, but if this search base exists in the configuration directory as well, then give a narrower search basefor example dc=iplanet, dc=com, o=internetthat does not exist in your configuration directory; therefore, if the suffix (or search base) exists in the configuration directory also, it will not work.
Refer to the following site for details on how to use the pass-through authentication plug-in: http://docs.iplanet.com/docs/manuals/directory/41/technote/passthru.htm
To remove a user from a family group, Service/Domain/Family group Administrators can use the imadmin family-member remove command, which is available from the command line interface.
With iPlanet Delegated Administrator for Messaging and Collaboration, you can create cn and cn:lang-xx attributes; however, the product does not have an interface to modify these attributes. To modify these attributes, use imadmin user modify with the -A option.
Messaging Server provisioning tools (iPlanet Delegated Administrator GUI and imadmin command) fail to create a hosted domain when a subdomain of that domain was previously created as a hosted domain. For example, if sales.sesta.com was created first, later attempts to create sesta.com as a hosted domain would fail.
To define sesta.com as a hosted domain, follow the procedure in the iPlanet Messaging Server Provisioning Guide in order to determine how to overlay the existing entry for sesta.com with the additional object classes. You also need to create an organization container for the domain sesta.com with all the required ACIs (appendix A, Provisioning Guide) and create the domain admin group for the domain.
The following are known problems with iPlanet Messenger Express:
This problem is more likely to occur in Japanese than in other languages. To display the attachment correctly, view it in a new window.
When using Netscape Communicator 4.x on Solaris in a Japanese EUC locale, the vcard of a message is displayed as garbage.
A user will not be able to attach files with Japanese file names using Netscape Communicator 4.x browser on Solaris.
If you are using Internet Explorer 5.5, Messenger Express might stop running after the login screen. Use Internet Explorer 5.5 Service Pack 1 (SP1) if you encounter this behavior.
Several minor glitches occur related to either javascript dialog or IMAP folder issues; users who run into these issues might want to use another browser.
This section describes any errors or changes to the iPlanet Messaging Server 5.1 documentation set.
The online version of the Administrator's Guide contains up-to-date changes not found in the CD version: For the online version, see: http://docs.iplanet.com/docs/manuals/messaging.html
Note
This section describes any errors or changes to the iPlanet Delegated Administrator for Messaging and Collaboration documentation.
The online help for these pages describes the "Vacation Start Time" and "Vacation End Time" fields. However, these fields do not appear on the interface. Disregard these fields on the online help. Note, information on "Vacation Start Date" and "Vacation End Date" is valid.
In Chapter 2, Step 2, sub-section titled "To Configure the Directory Server Plug-ins," step 2b contains an error. Change the following sentence from:
"Perform one of the following in order to include the counter plug-ins."
to
"Perform both of the following in order to include the counter plug-ins."
iDA_INSTALL_DIRECTORY/nda/classes/netscape/nda/servlet/resource.properties
|
For an explanation of these configuration parameters, see the iPlanet Delegated Administrator for Messaging and Collaboration Installation and Administration Guide, chapter titled "Installation Instructions", step titled "Install Delegated Administrator;" for Unix see "Install Screen 4Enable Purge Command"; for Windows NT, see "Install Screen 5Messaging Server Information".
In Appendix D of the iPlanet Messaging Server 5.1 Installation Guide for UNIX, the first step in the upgrade instructions should state the following:
1. Shut down all instances of Messaging Server before performing the upgrade. Note that you should not shut down the Directory Server, otherwise the upgrade process will fail.
This section describes any errors or changes to the iPlanet Messenger Express Customization Guide.
The following information should be included in the guide.
The Messenger Express server loads a default set of LDAP attributes for a user at the start of a session. These attributes are as follows:
cn, givenName, mail, mailAlternateAddress, mailAutoReplyMode, mailAutoReplySubject, mailAutoReplyText, mailAutoReplyTextInternal, mailAutoReplyTimeout, mailDeliveryOption, mailForwardingAddress, mailQuota,mailMsgQuota, preferredLanguage, sn, uid, vacationEndDate, vacationStartDate
You might want to obtain other customized LDAP attributes from the server. For example, an ISP might have a custom LDAP attribute assigned to all users called myuserclass. This attribute could denote different types of users that access services, including Messenger Express. Possible values for this attribute are regular and vip. Depending on the type of user (that is, the value of the myuserclass LDAP attribute), different advertisement types will be presented to the user when they log into Messenger Express (Messenger Express is customized to display banner advertisement). If the customized client has access to the myuserclass LDAP attribute, the type of user can be determined and the relevant banner advertisement for that user type can be displayed.
To obtain other customized LDAP attributes from the server, use configutil to modify the service.http.extrauserldapattrs configuration parameter. The attributes are read-only by default. If the customer wants to modify an attribute using the webmail code, that attribute needs to be marked read-write by appending the suffix: w
The example below assumes the customer wants to display banner advertisements depending on the class of the user and that the client program allows the user to edit a link to a homepage: configutil -l -o service.http.extrauserldapattrs -v myuserclass,homepage:w
This code example does not work because the code is not able to take the entry from the i18n_ldap_controls() function in in18n.js. To work around this problem, change the directory server name in the file instanceroot/html/lang_code/lookup_fs.html to the desired directory server name. The name is defined in the function s_SearchCtrl.
This section describes any errors or changes to the iPlanet Messaging Server Migration Guide.
(For more information about 396008, see the section on changes to the Provisioning Guide.)
In Chapter 1, under "Netscape Messaging Server 4.x Regressions/Changes/Transitions," remove the entire section labeled "Group Attribute mgrpAllowedBroadcaster Does Not Take a Group as a Valid Value." Furthermore, in Chapter 1, under "SIMS 4.0 Regressions/Changes/ Transitions," replace all the text in the section labeled "Allowing or Blocking Access to a Mailing List" with the following:
You can set mgrpAllowedBroadcaster or mgrpDisallowedBroadcaster to the address of a static group, however, nested groups--groups within groups--are not supported. For specific posters, set these attributes to the address of a specific allowed poster or specify as a dynamic group (LDAP search using URL criteria).
In Chapter 1, under "Netscape Messaging Server 4.x Regressions/Changes/Transitions," the following information on authorized senders should be added:
If you try to set an authorized sender, the attribute of mgrpAllowedBroadcaster will be set in LDAP for a mailing list which will disallow everyone else from sending to the mailing list. For example, listing mike as an authorized sender means that mike is the only one who is allowed to send to that mailing list.
In Appendix B, under the section titled "Supporting Multiple Schemas," a location for the two merged schema files, merged.oc.conf and merged.at.conf is given. The location is incorrect; it is listed as: CDRoot/solaris/migrate/schema
The correct locations, which depend upon the operating system, are:
HP-UX: CDRoot/HPUX/ims/msg/msg.zip
Windows NT: CDRoot/ntx86/ims/msg/msg.zip
Solaris: CDRoot/Solaris/ims/msg/msg.zip
In the same section, under the sub-section "Enabling Multi-schema Support on SIMS," in Step 3, the last sentence reads "Note that merged.oc.conf must be included first." It should read: "Note that merged.at.conf must be included first."
In Appendix B, section titled "Using Existing Directory Information Trees in the iPlanet Messaging Server," sub-section titled "Mapping Server Namespace with a Single Domain to an iPlanet Messaging Server Namespace," the following information appears:
This namespace configuration will now support Delegated Administrator and hosted domains. To add Delegated Administrator functionality, run the imsdaaci command (packaged with the migration toolkit). This generates an LDIF file that can be used to create a Delegated Administrator Service Administrator Group and Delegated Administrator Domain Administrator Group along with the required ACIs.
<ServerRoot>/bin/msg/migrate/bin/imsdaaci
Use ldapmodify to add the LDIF file into the DIT. For an explanation of the ACIs refer to the iPlanet Messaging Server Provisioning Guide.
The functionality discussed above is generated during installation and does not require that any further steps be taken; therefore, the information can be ignored.
This section describes any errors or changes to the iPlanet Messaging Server Provisioning Guide.
(For more information about 396008, see the section on changes to the Migration Guide.)
In Chapter 5, under "Creating Posting Restrictions on Mailing Lists," one of the bulleted items reads as follows:
mgrpDisallowedBroadcaster specifies addresses restricted from posting messages to the list. The sender's address is compared against those in this attribute. If there is a match then the message is rejected.
Under this item, add the following note:
In the Schema Reference Manual, Chapter 2, Attributes: the mailSMTPSubmitChannel is improperly defined.
The second sentence in the definition currently reads:
When defined, this attribute tells the MTA that if SMTP is successful, consider the channel named by this attribute to be the effective submission channel.
When defined, this attribute tells the MTA that if SMTP AUTH is successful (that is, if this is an authenticated SMTP session as per RFC 2554), consider the channel named by this attribute to be the effective submission channel.
Also, the example for this attribute is: mailSMTPSubmitChannel: tcp_guaranteed,which is sufficient. However, an example that is more likely to occur is: mailSMTPSubmitChannel: tcp_tas.
If you have problems with iPlanet Messaging Server, contact iPlanet customer support using one of the following mechanisms:
So that we can best assist you in resolving problems, please have the following information available when you contact support:
Useful iPlanet information can be found at the following Internet locations:
Last Updated October 30, 2001