3.8 Performing Optional Configuration Tasks

3.8.1 Creating a Trusted Application on Linux

For background information about GroupWise trusted applications, see Trusted Applications in System in the GroupWise 8 Administration Guide. When you set up a trusted application, you must register GroupWise Mobile Server as a GroupWise trusted application. When GroupWise Mobile Server has been registered, a trusted application key is assigned to GroupWise Mobile Server for accessing GroupWise. Trusted applications must be set up on Windows, although they can run on Linux.

  1. From a Windows machine where ConsoleOne® and the GroupWise Administrator snap-ins are installed, map a drive to the primary domain directory in your GroupWise system.

  2. From Novell Downloads, download GWTrustedApp.exe and GWTApp.dll to a convenient location on the Windows machine.

  3. At a command prompt, change to the directory where you downloaded the trusted application files.

  4. Enter the following command to register GroupWise Mobile Server as a GroupWise trusted application and generate the trusted application key:

    GWTrustedApp.exe “path_to_primary_domain

    A message displays, stating that trusted application was successfully registered. It also displays your trusted application key.

  5. Transfer the trusted application key to the Linux machine where you are setting up GroupWise Mobile Server.

  6. In the WebAdmin Console under the Access GroupWise Using head on the Novell GroupWise Access tab, select Trusted Application, paste the trusted application key into the Key field, click Save, then click Done.

    By default, the key allows GroupWise Mobile Server to authenticate to your GroupWise system from any network address. For higher security, you can configure the trusted application so that it must be running at a specified network address in order to authenticate. This higher level of security is obtained by configuring the trusted application in ConsoleOne.

  7. In ConsoleOne, configure GroupWise Mobile Server as a GroupWise trusted application, as described in Trusted Applications in System in the GroupWise 8 Administration Guide.

3.8.2 Changing the WebAdmin Password

  1. In the WebAdmin Console, click Management > Administrators.

    Administrators

    The admin user created during installation is listed.

  2. Click admin, then click Edit.

    Edit Administrator page
  3. Type the new password twice, click Save, then click Done.

3.8.3 Installing the Secure Gateway on Additional Linux Servers

If you want to run the Secure Gateway on a different server from where you installed GroupWise Mobile Server, as illustrated in Section 1.9.2, Network Configuration with the Secure Gateway in Your DMZ, you must run the GroupWise Mobile Server installer again on the Linux server in your DMZ.

  1. If the Linux server where you are planning to install the Secure Gateway has Apache and Tomcat running on it, you must stop them before installing the Secure Gateway.

    If you want to continue to run Apache and Tomcat on the same server where you are installing the Secure Gateway, some post-installation reconfiguration is required, as described in Section 3.8.4, Running Apache on the Same Server with the Secure Gateway.

  2. Download or copy the gms301_linux.tar.gz file to a temporary directory on the Secure Gateway machine and extract it.

  3. Become root by entering su - and the root password.

  4. Change to the gms301_linux directory:

    cd gms301_linux

  5. To start the installer, enter the following command:

    sh ims.bin

  6. Click Next to input the following evaluation license key:

    034B4A597DB4B5B4B54B104B4A4B4B0A7F

  7. Select and copy the license key, then use Ctrl+V to paste it into the field.

  8. Click Next to display the License Agreement page, then accept the License Agreement.

    Choose Installation Set page
  9. Select Secure Gateway, then click Next.

  10. Follow the prompts until you finish the installation and return to the command prompt.

    The Secure Gateway daemon (securegatewayd) is installed to the /usr/sbin directory on your Linux server.

  11. Use the following commands to manage the Secure Gateway:

    /etc/init.d/securegateway status
    /etc/init.d/securegateway start
    /etc/init.d/securegateway stop
    

3.8.4 Running Apache on the Same Server with the Secure Gateway

If you want to continue to use Apache on the server where you install the Secure Gateway, some post-installation configuration changes are required. You can decide whether you want to modify the configuration of the Secure Gateway or the configuration of Apache.

Reconfiguring the Secure Gateway to Use a Different Port Number

The default HTTP ports for the Secure Gateway are port 80 for non-secure connections and port 443 for secure SSL connections. You might not want to open port 80 or port 443 to your demilitarized zone (DMZ).Therefore, you might want to change the port for the Secure Gateway from the default port to another port.

  1. On the Secure Gateway machine, use a text editor to edit the securegateway.properties file.

    By default, the securegateway.properties file is located in the following directory:

    /opt/ims/conf
    
    1. Locate the #HttpPort=80 line, remove the comment character (#), and replace 80 with the port you want the Secure Gateway to listen on.

      or

      If you are using a secure SSL connection, locate the #HttpSSLPort=443 line, remove the comment character (#), and replace 443 with the port you want the Secure Gateway to listen on.

    2. Save the securegateway.properties file.

  2. On the GroupWise Mobile Server machine, start the WebAdmin Console.

  3. Update the Secure Gateway port information:

    1. Click System Settings > Secure Gateways.

      Secure Gateways page
    2. Click New.

      Create Secure Gateway page
    3. Specify the Secure Gateway server, accompanied by the port you want it to use; for example:

      http://www.corporate.net:8888
      
      https://www.corporate.net:4433
      
    4. Click Save, then click Done.

  4. Update the Web server and sync server information:

    1. Under System Settings, click Server Names, then click Edit.

      Edit Server Names Settings page
    2. In the Web Server Name field, add the new port number to the existing DNS hostname with a colon (:) between them.

    3. In the Sync Server Name field, add the new port number to the existing DNS hostname with a colon (:) between them.

    4. Click Save, then click Done.

  5. Restart the GroupWise Mobile Server machine.

  6. Restart the Secure Gateway machine.

  7. Notify existing mobile device users to add the port number to the server that their devices use for synchronization.

    For instructions, see the device-specific User Guides at the GroupWise Mobile Server 3 Documentation Web site.

Reconfiguring Apache to Use a Different Port Number

  1. Become root by entering su - and the root password.

  2. Change to the /etc/apache2 directory, then use a text editor to edit the listen.conf file.

  3. Change the Listen parameter from 80 to the port number that you want Apache to use in the future.

    or

    If you are using SSL, change the Listen parameter from 443 to the port number that you want Apache to use in the future.

  4. Save the listen.conf file.

  5. Restart Apache.

3.8.5 Configuring SMS Push on Linux

By default, GroupWise Mobile Server uses Network Push by way of TCP/IP over port 3102 to push GroupWise PIM data from your mailbox to your mobile device. Instructions for configuring Network Push are provided in the Intellisync Mobile Server Linux Administrator’s Guide.

As a backup to Network Push, you can enable SMS Push, which allows your mobile device to receive update notifications even when the permanent connection to GroupWise Mobile Server is not available. Before configuring the SMS Push feature, you must configure the GroupWise Internet Agent as a relay host, as described in Section 2.5, Configuring the Internet Agent for SMTP Relay to Support SMS Push.

IMPORTANT:Before you implement SMS Push, make sure that your phone carrier supports it. Also be aware that with SMS Push, update notifications arrive to your mobil device as SMS messages, which can be quite expensive on some phone plans, especially if you travel abroad.

To configure the SMS Push feature:

  1. In the WebAdmin Console, expand User Settings.

  2. To enable/disable Push and to configure synchronization settings:

    1. Expand General > Push/Interval Sync.

    2. Select a device for which to configure synchronization settings (for example, Symbian), then click Edit.

      Push/Interval Sync page
    3. Click Help for information about the Push/ReadySync settings.

    4. Set the Push/Interval Sync settings as needed for your mobile users who use the selected device.

    5. Click Save to save the Push/Interval Sync settings.

    6. Repeat Step 2.b through Step 2.e for each device used by your mobile users

  3. To configure the types of items that are pushed to mobile devices:

    1. Expand Wireless Email > Push.

    2. In the Setting field, click Default, then click Edit.

      Push Settings page
  4. Click Help for information about the Push settings.

  5. Set the Push settings as needed for your mobile device users.

    These settings apply to all mobile devices.

  6. Click Save to save the Push settings, then click Done.