CHAPTER 10 |
SIMS Adminstration Console |
SIMS Administration Console is a GUI-based tool that allows administering and maintaining SIMS administrative tasks, including domain hosting.
Topics in this chapter include:
|
|
SIMS administration services |
|
|
SIMS administration console |
|
|
Administration server |
|
|
Mail server authorities |
|
|
Administration services |
SIMS administrative services enable you to fine-tune the default configuration, maintain, monitor, and troubleshoot the SIMS components. It is composed of the following elements:
|
|
Administration console |
|
|
Administration server |
|
|
SIMS components |
|
|
Remote Method Invocation (RMI) |
FIGURE 10-1 illustrates these elements. The following sections provide further explanation.
FIGURE 10-1 Sun Internet Mail Server Administrative Architecture
You can administer SIMS from the same machine on which all SIMS components are installed, or if desired, remotely from any machine on the network. The remote machine must be able to run the Netscape browser 4.06 and higher. Other browsers or other versions of HotJava may not work with the Administration Console.
The SIMS Administration Console provides the graphical user interface that enables you to configure, maintain, monitor, and troubleshoot the SIMS components, including domain hosting capabilities. The SIMS Administration Console runs on either the Netscape or the HotJava browser. FIGURE 10-2 shows a sample SIMS Administration Console page.
The applet contains interfaces to the managed objects that reside in the Administration Server.
See Chapter 11, "Delegated Management Administration," for summaries of tools that different types of administrators could use to perform domain hosting administrative tasks.
See Chapter 11, "SIMS Configuration Files" in the The Sun Internet Mail Server 4.0 Installation Guide for a list of configuration files associated with each component of SIMS.
SIMS Administration server contains two relevant elements:
|
|
Managed objects |
|
|
HyperText Transfer Protocol (HTTP) server |
A managed object is a collection of configurable attributes, for example, a collection of attributes for the directory service. (Note that a managed object does not necessarily map to a SIMS component.)
An HTTP server resides on the Administration Server to provide bootstrap capabilities for certain Java elements. A HyperText Markup Language (HTML) file causes an initial applet and managed objects to be loaded from the Administration Server to the browser. After the initial applet takes control, it uses its managed object interfaces to communicate with the Administration Server.
You do not need to configure or interact in any way with the Administration Server.
Each SIMS component except the directory service (specifically, the directory access object that manages the user and group entries) communicates with the Administration Server using that component's native format. The directory access object interfaces with the Administration Server using the Lightweight Directory Access Protocol (LDAP, The directory configuration object that manages the configuration of the directory service itself interfaces with the Administration Server using the native format.)
The Java Remote Method Invocation (RMI) enables the Administration Server and Console, which are running in either different address spaces on the same machine or on different machines, to communicate with each other. RMI enables the remote managed objects that reside on the Administration Server to be manipulated by the managed object interfaces that reside in the Admin Console.
The Sun Internet Mail Server features two levels of security: one level from the directory service and another from the UNIX file system. Specifically, you must have access permission from the following authorities.
Directory services requires user name and encrypted password to access the Administration Console.
inetmail (owner of Sun Internet message store and configuration files)--Requires root permission to invoke SIMS utilities and commands from the command line.
Solaris format mailbox files (owned by individual users)--Requires either ownership of the mailbox to be manipulated or root permission.
Note - When a client machine binds to a directory server, the password used in the bind request is passed in clear text rather than encrypted text.
The administration services component contains the client and server software responsible for managing all the components of the SIMS. It also provides the GUI for some system functionality.
Key features of this component are:
|
|
Installation |
|
|
Initialization and setup |
|
|
Configuration |
|
|
Maintenance |
|
|
Error recovery |
The administration services component manages:
|
|
Sun directory services |
|
|
IMTA |
|
|
Sun message store |
|
|
Security |
The following submodules provide the core functions of the Administration services:
|
|
Browser-based Java administration console |
|
|
Downloadable Java applets |
|
|
Java-based administration server |
|
|
HTTP server |
The SIMS Administrator has the right to perform the following tasks:
|
|
Login to the SIMS administration console |
|
|
Change configuration from the SIMS Administration Console |
|
|
Change the directory content both from the Console and from command line. |
More than one SIMS administrator can exist. A user can become a SIMS administrator by using the CLI imadmin add admin commands. However, only one administrator can log into the SIMS Administration Console at any time.
During the installation, one administrator is created. The default name is siteadmin, the default password is the password for the UNIX user inetmail.
Note - The password is encoded from the admin console machine to the admin server machine, but when the server machine binds to the directory server, the password used in the bind request is passed in clear rather than encrypted text.
In general it is not recommended that you edit the configuration files in any way. Use the SIMS Administration Console and the CLI commands to manipulate the configurations. In some situations, especially for IMTA, not all of the parameters that are supported in the configuration file are configurable from the Administration Console. If there's a need to manually edit the configuration file, you should use the imedit tool that is provided with SIMS4.0 to edit the configuration file.