Novell Home

AppNote: Configuring GroupWise on Novell Linux Small Business Suite 9.0 to use an Existing eDirectory Tree

Novell Cool Solutions: AppNote
By Michael Fritch

Digg This - Slashdot This

Posted: 8 Apr 2005
 

Abstract: This article describes how to configure GroupWise on a Novell Linux Small Business Suite 9.0 (NLSBS) server using an already existing eDirectory tree. This existing eDirectory tree may be running on any platform or combination of platforms including NetWare or Linux.

Table of Contents

Introduction

For many small to medium businesses, there exists the need to run their network services on several different servers. Novell Linux Small Business Suite (NLSBS), by default, guides the administrator to configure eDirectory, iManager, and GroupWise to run on the same server. However, this may be a problem, since many businesses may already have an existing eDirectory setup possibly running on NetWare. For these businesses, the need may exist to reuse some of their current network services. They have already invested time and money in these services and may not want to migrate them all at once to Linux.

This article will describe how to configure a NLSBS server to use an already configured eDirectory tree. It will describe how to retrieve the needed information from this previously configured eDirectory tree and use this information to set up GroupWise on a new NLSBS server. There are three steps needed to accomplish this task: ConsoleOne must be installed on the NLSBS server, a self signed certificate must be exported from the existing eDirectory tree, and GroupWise must be configured to use this self signed certificate.

It is possible to configure eDirectory on the NLSBS server to use an existing tree. In many cases, this may be the preferred method. This article, is intended for those who do not want another eDirectory replica on their NLSBS server. To choose the solution that best fits your network, please consult the NLSBS documentation site: http://www.novell.com/documentation/nlsbs9/index.html?page=/documentation/nlsbs9/nlsbs9/ data/bv5dgkd.html

Licensing

In most cases, what is described in this article, conforms to the licensing agreement. Please ensure you will be in accordance with the licensing agreement, if you decide to use this solution.

Customers who have Novell Small Business Suite 6.5 and have current upgrade protection may deploy Novell Linux Small Business Suite as part of their existing Novell Small Business Suite 6.5 eDirectory tree and enjoy the benefits of NetWare and Linux in the same network. Customers deploying in this manner may install up to three Linux servers (in addition to their current NetWare servers), but they may not exceed their current Novell Small Business Suite 6.5 user count unless they purchase additional user licenses.

Customers using the Novell Linux Small Business Suite to replace their existing Novell Small Business Suite are entitled to the same user count for their Novell Linux Small Business Suite as they had for the Novell Small Business Suite 6.5. In this scenario, customers would need to remove their NetWare servers and replace them with the Linux servers. A maximum of three servers may be deployed per Novell Linux Small Business Suite eDirectory tree. Any additional users would need to be purchased.

Installing ConsoleOne

By default, NLSBS installs ConsoleOne through the eDirectory wizard in YaST. One possible solution, is to use the YaST wizard to set up another eDirectory replica on a new NLSBS server. However, for many business, if eDirectory is already installed elsewhere, it may not be desirable to install eDirectory again on a new NLSBS server.

Since ConsoleOne is needed on the same sever, to successfully configure GroupWise, it must be installed manually. However, as we will see later, ConsoleOne is also useful for exporting the eDirectory self signed certificate.

To install ConsoleOne manually:

  1. The novell-c1-sdd rpm must be installed. Figure 1 shows this using the Install and Remove Software wizard in YaST and searching for the ConsoleOne rpm(novell-c1-sdd).



  2. Figure 1

  3. ConsoleOne can now be configured from a shell window using the command /opt/novell/ConsoleOne/software/c1-install -u.

Exporting an eDirectory Self Signed Certificate

Now that ConsoleOne is installed on the NLSBS server, it can be used to export the eDirectory self signed certificate. To start ConsoleOne on the NLSBS server, the command sudo /usr/ConsoleOne/bin/ConsoleOne may be used from a shell window. Once ConsoleOne is running, we must authenticate to the remote eDirectory server (not the local NLSBS server). If you are not familiar with how to do this, instructions can be found at http://www.novell.com/documentation/nlsbs9/index.html?page=/documentation/nlsbs9/nlsbs9/ data/bv0ps4t.html#bui7pfx

After authenticating to the eDirectory tree, the eDirectory self signed certificate may be exported:

  1. Select the Security container for your tree.


  2. Figure 2 shows an example of a CA object in ConsoleOne named MIFRITCH1_TREE CA. Right click on the CA object for your tree and select Properties.



  3. Figure 2

  4. Click on the Certificates tab and click the Export button (Figure 3). It is important to make sure Self Signed Certificate is selected on the Certificates tab. GroupWise will not accept an exported Public Key Certificate.



  5. Figure 3

  6. Modify the Filename field to represent where the certificate is to be saved (Figure 4). By default the GroupWise YaST wizard looks for the certificate file at /etc/opt/novell/SSCert.der, but as we will see later, the wizard will allow this value to be modified if you prefer to save the certificate to a different location.



  7. Figure 4

  8. Click the 'Export' button.

At this point, the certificate file should be present at the location specified on the NLSBS server, during step 4.

Configuring GroupWise to use a Certificate

Many GroupWise services require the use of a static IP address. Before starting the GroupWise YaST wizard, make sure that the NLSBS server is configured to use a static IP address. This can be done through the YaST Control Center by selecting Network Devices > Network Card. Once a static IP address has been established, GroupWise can be configured on the NLSBS server.

  1. Open the GroupWise wizard in the YaST Control Center by selecting Novell Small Business Suite > GroupWise.


  2. On the first screen of the wizard, choose which GroupWise components should be configured to run on this server. For example, WebAccess could run on a separate server than Internet Agent. Figure 5, shows an example of a GroupWise configuration in which all of the GroupWise components have been selected for configuration.



  3. Figure 5

  4. Figure 6 depicts the eDirectory LDAP authentication dialog. The authentication information for the remote eDirectory server must be specified for all of the fields on this screen. By default the YaST wizard will use the IP address of your local NLSBS box. Remember to change this value to the IP address of your remote eDirectory server instead.



  5. Figure 6


    Figure 7

  6. Follow any additional dialog screens that may appear until you reach the Summary dialog screen (Figure 7). Once you have reached the Summary dialog, make sure that the wizard has correctly identified the location of the exported eDirectory certificate. As seen in Figure 7, there is a field labeled LDAP SSL Certificate file under each GroupWise component. If the location of your certificate happens to be different than the default location in the wizard, you must specify this alternate location for each GroupWise component you wish to configure. This can be done by clicking on each of the component links in the summary and modifying the LDAP SSL Certificate field. Figure 8 shows an example of one of these fields for the Internet Agent component.



  7. Figure 8

  8. After you have reviewed all of the information in the summary and made the appropriate changes for your configuration, click the Finish button and the GroupWise wizard will do the rest of the work for you!

Conclusion

At this point, after adding a user to your new GroupWise Post Office, you should be able to send and receive email with your NLSBS server. If you already had a GroupWise server before installing this NLSBS server, you may want to migrate your GroupWise users and Post Offices from that server to the new NLSBS server. Some useful documentation on this is located at the following two URL's:

Additionally, you may want to run some other network services in addition to GroupWise on your NLSBS server. More information can be found at the NLSBS documentation site: http://www.novell.com/documentation/nlsbs9/index.html


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell