This chapter describes the general Oracle Communications Messaging Server tasks, such as configuring directory access by using command-line utilities. Tasks specific to administering individual Messaging Server services, such as POP, IMAP, HTTP, and SMTP, are described later in this guide.
If you set up multiple administrators with the same password during the initial Messaging Server configuration, you might want to change the passwords of those administrators.
Table 4-1 shows the password options that are set up during initial runtime configuration. Use the msconfig command to make changes to the Messaging Server configuration, or ldapmodify to update information stored in Directory Server.
Table 4-1 Passwords Set in Messaging Server Initial Runtime Configuration
| Option | Description |
|---|---|
|
base.ugldapbindcred |
Password for the Messaging Server LDAP user/group access account (base.ugldapbinddn). Use msconfig to change. |
|
base.proxyadminpass |
Password for the Proxy Administrator account (base.proxyadmin), which is used to provide proxy authentication access to end-user mailboxes. Use msconfig to change. |
|
http.smtpauthpassword |
Password used when mshttpd submits mail to the MTA. Set by initial configuration to the same password as base.proxyadminpass. Use msconfig to change. |
|
SSL passwords for key files |
Passwords that are stored in the xpass.xml file. Use the msconfig set -prompt "sectoken:Internal (Software) Token" command to change. This command causes msconfig to prompt for the password without an echo. |
|
Admin Account credentials |
The "admin" account is both in the service administrator group by default and is a store admin by default. You are prompted for this password during initial configuration. By default, the "admin" account is used for proxy and SMTP authentication, so this password needs to match the settings for base.proxyadminpass and http.smtpauthpassword. |
|
Messaging End User Administrator |
This is the LDAP user for this specific host. The base.ugldapbindcred entry and the "Messaging End User Administrator" actually refer to the same password, which is set both in the option and in the userPassword attribute for that user in the LDAP directory. The password is generated randomly by initial configuration and is only used by one single Messaging Server host to bind to the LDAP directory server to perform searches. |
The following example uses the proxyadminpass option to change the password of the Proxy Administrator account. You should not set passwords from the command line, so this example shows using msconfig in interactive mode.
msconfig msconfig> set -prompt proxyadminpass Password: Verify: msconfig# write msconfig> exit
User, mailing list, and domain information is stored as entries in an LDAP directory. An LDAP directory can contain a wide range of information about an organization's employees, members, clients, or other types of individuals that in one way or another "belong" to the organization. These individuals constitute the users of the organization.
In the LDAP directory, the information about users is structured for efficient searching, with each user entry identified by a set of attributes. Directory attributes associated with a user can include the user's name and other identification, division membership, job classification, physical location, name of manager, names of direct reports, access permission to various parts of the organization, and preferences of various kinds.
In an organization with electronic messaging services, many if not all users hold mail accounts. Messaging Server stores copies of some account information (uid and quota in particular) on local servers. In general, the LDAP directory is considered authoritative for account information by Messaging Server. Once account information for a mail user is present in the LDAP directory, then the mail server named in the mailHost attribute automatically creates that user without any additional mail server specific configuration.
Creating and managing mail users and mailing lists consists of creating and modifying user and mailing list entries in the LDAP directory. This is done by using the Delegated Administrator GUI or command-line utilities, or by directly modifying the LDAP directory information.
Note:
In general, the Messaging Server documentation does not describe how to directly modify the LDAP directory. Consult the Directory Server documentation for more information.Mark the user as deleted by running the commadmin user delete command. (For more information, see the discussion about removing users, groups, and services from a domain in Delegated Administrator System Administrator's Guide.)
Remove services from the user. A service can be a mailbox or a calendar. For the current version of Messaging Server, the program is called "msuserpurge".
Permanently remove the user, by invoking the commadmin domain purge command.
Mark the domain as deleted by running the commadmin domain delete command. (See the discussion on removing users, groups, and services from a domain in Delegated Administrator System Administrator's Guide for more information.)
Remove services from the users of that domain. A service can be a mailbox or a calendar. For Messaging Server, the program is called "msuserpurge".
Permanently remove the domain, by invoking the commadmin domain purge command.
Messaging Server enables you to schedule automatic tasks, such as running the imexpire command at predetermined times.
Messaging Server provides a general task scheduling mechanism by using a process called imsched. It is intended for scheduling Messaging Server processes. It is enabled by setting the schedule.task option. If you modify the schedule, either restart the scheduler with the command stop-msg sched and start-msg sched, or refresh the scheduler process (refresh sched).
This option requires a command and a schedule on which to execute the command. The format is as follows:
schedule.task:taskname.crontab = schedule
where:
taskname is the name of the command to run, for example, expire, msprobe, and so on.
schedule is a non-empty string with the following format:
minute hour day-of-month month-of-year day-of-week command args
command args can be any Messaging Server command and its arguments. Paths can be relative to MessagingServer_home or absolute paths. See "Pre-defined Automatic Tasks" for relative path examples.
minute hour day-of-month month-of-year day-of-week is the schedule for running the command. It follows the UNIX crontab time format.
The values are separated by a space or tab and can be 0-59, 0-23, 1-31, 1-12 or 0-6 (with 0=Sunday) respectively. Each time field can be either an asterisk (meaning all legal values), a list of comma-separated values, or a range of two values separated by a hyphen. Days can be specified by both day of the month and day of the week and both are required if specified. For example, setting the 17th day of the month and Tuesday only runs the command on the 17th day of a month when it is Tuesday.
If you modify scheduler, either restart the scheduler with the command stop-msg sched and start-msg sched, or refresh the scheduler by running refresh sched.
To disable a scheduled task:
msconfig set schedule.task:taskname.enable = 0refresh sched
Run imexpire at 12:30am, 8:30am, and 4:30pm:
msconfig set schedule.task:expire.crontab "30 0,8,16 * * * bin/imexpire"
Run imsbackup Monday through Friday at midnight (12AM):
msconfig set schedule.task:msbackup.crontab "0 0 * * 1-5 bin/imsbackup -f backupfile /primary"
At installation, Messaging Server creates, schedules and enables the following set of pre-defined automatic tasks:
The following automatic tasks are set and enabled for the message store:
schedule.task:expire.crontab = 0 23 * * * bin/imexpire schedule.task:snapshot.crontab = 0 2 * * * bin/imdbverify -s -m schedule.task:snapshotverify.crontab = 5,15,25,35,45,55 * * * * bin/imdbverify
The following automatic tasks are set and enabled for the MTA:
schedule.task:purge.crontab = 0 0,4,8,12,16,20 * * * bin/imsimta purge schedule.task:return_job.crontab = 30 0 * * * lib/return_job
The following automatic task is set and enabled for the message store:
schedule.task:msprobe.crontab = 5,15,25,35,45,55 * * * * lib/msprobe
Messaging Server enables you to create an email greeting message to be sent to each new user.
To create a new-user greeting:
msconfig set base.welcomemsg Message
Where Message must contain a header (with at least a subject line), followed by $$, then the message body. The $ represents a new line.
For example, to enable this option, you can set the following configuration variables:
msconfig set base.welcomemsg 'Subject: Welcome!! $$ example.com welcomes you to the premier Internet experience in Dafandzadgad!'
Depending on the shell that you are using, it might be necessary to append a special character before $ to escape the special meaning of $. ($ is often the escape character for the shell.) Alternatively, you can do this within the msconfig prompt so that you do not need to the $. Simply run msconfig, then issue the setoptionvalue command.
Whenever you create a new hosted domain, create per-domain greeting messages for your supported languages. If this is not done, the generic greeting message set by base.welcomemsg is sent.
You can set a greeting message for new users in each domain. The message can vary depending on the user's, the domain's, or the site's preferred language. This is done by setting the mailDomainWelcomeMessage attribute in the desired LDAP domain entry. The attribute syntax is as follows:
mailDomainWelcomeMessage;lang-userprefLang
mailDomainWelcomeMessage;lang-domain_prefLang
mailDomainWelcomeMessage;lang-gen.sitelanguage
The following example sets the domain welcome message for English:
mailDomainWelcomeMessage;lang-en: Subject: Welcome!! $$Welcome to the mail system.
The following example sets the domain welcome message for French:
mailDomainWelcomeMessage;lang-fr: Subject: Bienvenue!! $$Bienvenue a example.org!
Using these examples, assume the following:
The domain is example.org.
A new user belongs to this domain.
The user's preferred language is French as specified by the LDAP attribute preferredlanguage.
The example.org domain has the above English and French welcome messages available.
The site language is en as specified by gen.sitelanguage.
For a list of supported locales and their language value tag, see Directory Server Reference.
When users log in for the first time, they receive the French greeting. If the French welcome message isn't available, they get the English greeting.
Greeting Message Theory of Operations
Greeting messages can be set by both the LDAP attribute mailDomainWelcomeMessage, the base.welcomemsg option, and the message_language:langcode.welcomemsg option.The base.welcomemsg option is the default, the message_language:langcode.welcomemsg option is language-code specific. The order in which a message is chosen, with the top one having the highest preference, is shown below:
mailDomainWelcomeMessage;lang-user_prefLang
mailDomainWelcomeMessage;lang-domain_prefLang
mailDomainWelcomeMessage;lang-gen.sitelanguage
mailDomainWelcomeMessage
base.welcomemsg;lang-"$user-prefLang"
base.welcomemsg;lang-"$domain-prefLang"
base.welcomemsg;lang-"$gen.sitelanguage"
base.welcomemsg
The algorithm works as follows: if there are no domains (or there are, but there is no per domain welcome message provisioned for them), a welcome message is configured with the base.welcomemsg option, if specified. If a user has a preferred language (set with the preferredlanguage LDAP attribute) and base.welcomemsg;lang-user_prefLang is set, the user will receive that welcome message at the time of their first log in to the server. If base.welcomemsg;lang-gen.sitelanguage is set, and preferredlanguage is not set, but the site language is set (using base.sitelanguage option), user will receive that message. If no language tag option is set and a untagged base.welcomemsg is set, then that message will be sent to the user. If none of the values are set, user will not receive any welcome message.
If the user is in a domain, then similar to the discussion above, the user might receive one of mailDomainWelcomeMessage;lang-xx, depending on which one is available in the list and in the order given.
Example: Domain is example.org. The domain preferred language is German (de). But the new user in this domain has preferred language of Turkish (tr). Site language is English. The following values are available (mailDomainWelcomeMessage are attributes of the domain example.org):
mailDomainWelcomeMessage;lang-fr mailDomainWelcomeMessage;lang-ja base.welcomemsg;lang-de base.welcomemsg;lang-en base.welcomemsg
According to the algorithm, the message sent to the user is base.welcomemsg;lang-de.
Messaging Server enables you to set a user preferred language.
You can set a preferred language for the GUI and server-generated messages by setting the attribute preferredLanguage in the user's LDAP entry.
When the server sends messages to users outside of the server's administrative domain it does not know what their preferred language is unless it is responding to an incoming message with a preferred language specified in the incoming message's header. The header fields (Accept-Language, Preferred-Language or X-Accept-Language) are set according to attributes specified in the user's mail client.
If there are multiple settings for the preferred language, the server chooses the preferred language. For example, if a user has a preferred language attribute stored in the Directory Server and also has a preferred language specified in their mail client, the server chooses the preferred language in the following order:
The Accept-Language header field of the original message.
The Preferred-Language header field of the original message.
The X-Accept-Language header field of the original message.
The preferred language attribute of the sender (if found in the LDAP directory).
A domain preferred language is a default language specified for a particular domain. For example, you can specify Spanish for a domain called mexico.example.org. Administrators can set a domain preferred language by setting the attribute preferredLanguage in the domain's LDAP entry.
You can specify a default site language for your server as follows. The site language is used to send language-specific versions of messages if no user preferred language is set.
Command Line: Specify a site language as follows:
msconfig set base.sitelanguage value
where value is one of the local supported languages. See the Directory Server documentation for a list of supported locales and the language value tag.
This is described in enabling SSL and selecting ciphers in Messaging Server Security Guide, which also contains background information on all security and access-control topics for Messaging Server.
It is possible to specify more than one LDAP server for the user/group directory so that if one fails another takes over.
To set a failover LDAP server:
Set base.ugldaphost to the multiple replicated LDAP servers. For example:
msconfig set base.ugldaphost "ldap1.example.com ldap2.example.com:389"
If you are using a compiled MTA configuration then recompile the MTA configuration file.
imsimta cnbuild
Restart Messaging Server.
stop-msg start-msg