Use the GroupWise WebAccess Installation Summary Sheets to record your decisions about how to install WebAccess. The topics in this section present the required information in a convenient planning sequence. The Installation Summary Sheets organize the information in the order in which you need it during installation.
For additional assistance in planning your GroupWise installation, see GroupWise Best Practices and GroupWise 8 Good and Bad Habits.
IMPORTANT:If you plan to install WebAccess in a clustered server environment, refer to the GroupWise 8 Administration Guide as you plan your WebAccess installation.
After reviewing Section 5.1, GroupWise WebAccess Overview and the system requirements listed in Section 5.2, WebAccess System Requirements, plan where you want to install the WebAccess components in your system.
For best performance, the WebAccess Agent should be installed on the same server where the domain it belongs to is located. If you need to install it on a remote server, you can create a secondary domain on the remote server so that the WebAccess Agent has a local domain and MTA to communicate with. The default installation directories are
|
NetWare: |
|
|
Linux: |
|
|
Windows: |
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under , mark the platform where you will install the WebAccess Agent. Under , specify the directory where you want to install the WebAccess Agent software. |
The WebAccess Application integrates with your Web server. The location of the Monitor Application files that are installed depends on the Web server that it is being integrated with. The default Web server paths vary by platform:
|
Apache Web Server for NetWare: |
drive:\Apache2 |
|
Apache Web Server for OES Linux: Tomcat for OES Linux: |
/etc/opt/novell/httpd/conf.d /var/opt/novell/tomcat5/webapps |
|
Apache Web Server for SLES: Tomcat for SLES: |
/etc/apache2/conf.d /srv/www/tomcat5/base/webapps |
|
Microsoft Internet Information Server (IIS) for Windows: |
c:\inetpub\wwwroot |
The Web server uses a servlet engine in order to incorporate product-specific components, such as the WebAccess Application, into its functioning.
|
GROUPWISE WEBACCESS APPLICATION INSTALLATION SUMMARY SHEET |
|---|
|
Under , select the type of Web server where you will install the WebAccess Application and WebPublisher Application, then specify the Web server’s root directory. On Windows, if the Internet Information Server services more than one Web site, specify the Web site where you want to install the WebAccess Application. |
IMPORTANT:Starting with GroupWise 8, you must update the WebAccess Agent and the WebAccess Application at the same time. Mixed-version configurations are no longer supported.
As you install the WebAccess Agent, you are prompted to supply the configuration information described in the following sections:
The WebAccess Agent communicates with the WebAccess Application and WebPublisher Application (on the Web server) through TCP/IP.
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under , specify the IP address or DNS hostname of the WebAccess Agent’s server, then specify the port number for the agent to use. The default is 7205. |
For a complete list of default port numbers used by the GroupWise agents, refer to GroupWise Port Numbers
in the GroupWise 8 Administration Guide.
The WebAccess Agent requires a GroupWise gateway directory in which to store configuration information and work files. The gateway directory must be located under a GroupWise domain directory. The default directory name is webac80a. If you change the name, use the following platform-specific conventions:
|
NetWare: |
Use a maximum of 8 characters |
|
Linux: |
Use only lowercase characters |
|
Windows: |
No limitations. |
After you specify the domain directory location and a gateway directory name, the Installation program creates the gateway directory under the domain\wpgate directory (for example, provo\wpgate\webac80a).
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under , specify the domain name and the full path to the domain directory where you want to create the gateway directory, then give the gateway directory a name. If you are installing the WebAccess Application on a different server from where you are installing the WebAccess agent, record the gateway directory on the GroupWise WebAccess/WebPublisher Application Installation Summary Sheet as well. If you are installing the Linux WebAccess Agent, record the eDirectory context of the Domain object (for example, cn=provo3,ou=groupwise,o=corporate). |
The WebAccess Agent also requires a GroupWise Gateway object in Novell eDirectory. By default, it is named the same as the gateway directory and is referred to as the WebAccess Agent object. This object stores the WebAccess Agent’s information and enables configuration of the agent through ConsoleOne.
The WebAccess Agent object is created below the Domain object. If you have multiple domains, the Installation program uses the Domain object associated with the domain directory where you are creating the WebAccess Agent gateway directory.
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under , specify the name you want to give the WebAccess Agent object. The default name is the same as the gateway directory name you chose under . |
The WebAccess Agent requires access to the domain. It also requires access to each post office where mailboxes or libraries are located that WebAccess or WebPublisher users will access.
Domain: The WebAccess Agent needs direct access to the domain directory so that it can write to its gateway directory (domain\wpgate\webac80a). If the WebAccess Agent cannot be installed on the same server where the domain directory is located, you can create an intermediary domain on the WebAccess Agent server so that the WebAccess Agent has a local MTA to communicate with.
Post Office: The WebAccess Agent needs direct access to the post office directory so that it can write to the POA’s input queue, or it needs client/server access (TCP/IP) to the post office’s POA. By default, the WebAccess Agent uses whatever access mode has been established for the post office on the Post Office Settings property page of the Post Office object in ConsoleOne. TCP/IP is highly recommended.
If the WebAccess Agent must access a remote server in order to access a domain or post office, it needs to be able to log in to the remote server.
|
NetWare: |
Ensure that an eDirectory user account exists that provides the required access to the domain and post office directories. For direct access to the domain directory or a post office directory, the WebAccess Agent needs Read, Write, Create, Erase, Modify, and File Scan rights. |
|
Windows: |
Ensure that a Windows user account exists on the Windows server for the agent. If the domain or any post office directories directly accessed by the WebAccess Agent are on remote Windows servers, ensure that the Windows user account provides Full Control access to those directories. If the domain directory or any post office directories directly accessed by the WebAccess Agent are on remote NetWare servers, ensure that the WebAccess Agent has an eDirectory user account with the same username and password as the agent’s Windows user account. The eDirectory account must provide Read, Write, Create, Erase, Modify, and File Scan rights to the directories. |
|
GROUPWISE WEBACCESS INSTALLATION SUMMARY SHEET |
|---|
|
Under , specify the eDirectory username and password you want the WebAccess Agent to use to access the domain directory and post office directories. This applies to the NetWare WebAccess Agent only. If you are using the Windows WebAccess Agent, ensure that the appropriate Windows and eDirectory user accounts exist. Specify them under and so that the Windows WebAccess Agent can access domains on Windows and NetWare servers. |
The WebAccess Agent server console enables you to monitor the WebAccess Agent from the server where it is running. If you want, you can enable the WebAccess Agent Web console. The Web console lets you view the WebAccess Agent’s statistical and diagnostic information through a Web browser, which is useful if want to see the WebAccess Agent’s activity without physically visiting the agent’s server.
You access the Web console by entering the WebAccess Agent’s network address and HTTP port number in a Web browser (for example, http://172.16.5.18:7211). If necessary, you can change the WebAccess Agent’s default HTTP port number (7211).
If you want to restrict access to the Web console, you can assign a username and password. This can be any username and password you want. By default, the username and password are passed through a non-secure connection between the Web browser and the WebAccess Agent. Therefore, do not use an existing eDirectory username and password unless you secure this connection by using SSL. For information about securing the WebAccess Agent’s connections, see WebAccess
in the GroupWise 8 Administration Guide.
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under , select if you want to enable the Web console. If you want to restrict access to the Web console, provide a username and password. |
You can choose whether or not you want the WebAccess Agent to support GroupWise WebPublisher. If you enable WebPublisher support, you need to specify a GroupWise account (mailbox ID and password). The GroupWise account serves two purposes:
GroupWise users publish documents to WebPublisher users by sharing the documents with this GroupWise account.
When Internet users access WebPublisher, the WebAccess Agent logs in to this GroupWise account. This lets the WebAccess Agent know which documents have been shared with WebPublisher users. It can then retrieve these documents (and only these documents) for the WebPublisher users.
Create a new GroupWise account specifically for GroupWise WebPublisher. If you’ve already created an eDirectory account for the WebAccess Agent to use when accessing domain or post office directories, as described in Domain and Post Office Access, you might want to create the GroupWise account under that eDirectory user account.
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under WebPublisher Support, select if you want to enable the WebAccess Agent to support WebPublisher, then enter the Mailbox ID and password for the GroupWise account you want the WebAccess Agent to use. |
If you enable GroupWise WebPublisher support, you need to select the libraries that you want to make public. The WebAccess Agent, acting on behalf of WebPublisher users, only accesses documents in public libraries.
Making a library public does not automatically give WebPublisher users access to all documents in the library. For WebPublisher users to have access to a document in a public library, the document’s owner must have shared the document with the WebPublisher user account.
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under , list the libraries from which documents can be shared. The Installation program lists all libraries in your GroupWise system. If you want, you can wait until then to select libraries. |
NOTE:When a WebPublisher user requests a library document in HTML format rather than its native format, the Viewer Agent renders the document from its native format to HTML format. The Viewer Agent can be configured to cache the HTML document to a subdirectory of the WebAccess Agent installation directory. This enables the WebAccess Agent to use the cached document for future requests. For instructions to configure the Viewer Agent, see WebAccess
in the GroupWise 8 Administration Guide.
Novell Cluster Services is a server clustering system that ensures high availability and manageability of critical network resources including volumes (where GroupWise domains and post offices reside) and applications (such as the GroupWise WebAccess Agent). Novell Cluster Services supports failover, failback, and migration of individually managed cluster resources.
During installation, the NetWare WebAccess Agent can be configured to take advantage of the fault-tolerant environment provided by Novell Cluster Services if the following requirements are met:
The domains and post offices to be serviced by the NetWare WebAccess Agent have already been created on shared NSS volumes in the cluster.
The NetWare WebAccess Agent is being installed to a server that is part of the same cluster.
When the WebAccess Agent is configured for clustering, its startup file (webac80a.waa) is configured with shared volume names rather than specific server names.
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under , mark whether or not you want to configure the NetWare WebAccess Agent for clustering. If you do, follow the installation instructions in |
When you install the Linux WebAccess Agent, the following Linux-specific options are available in the Installation program:
If you are installing the Linux WebAccess Agent and WebAccess Application, the Installation program needs to access eDirectory through LDAP. eDirectory access is required in order to create the WebAccess Agent and WebAccess Application objects. To obtain access, the Installation program needs the IP address and port number of an LDAP server, along with an eDirectory username and password to log in with. The user must have sufficient rights to create GroupWise objects in eDirectory. Because the Linux Installation program uses LDAP to access eDirectory, you must provide the username in LDAP format. For example:
cn=admin,ou=users,o=corporate
If you want to secure the connection to eDirectory with SSL, you can specify a certificate file. For background information about SSL, see Trusted Root Certificates and LDAP Authentication
in Security Administration
in the GroupWise 8 Administration Guide.
IMPORTANT:If you do not want to use SSL, the LDAP server must be configured to accept clear text passwords. This is configured on the server’s LDAP Group object in ConsoleOne by deselecting . The LDAP snap-in to ConsoleOne is required in order to change the setting.
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under , specify the IP address and port number of an LDAP server, a username in LDAP format, the password for the username, and if necessary, the full path to your SSL root certificate file. |
On Linux, you can install the WebAccess Agent on Novell Cluster Services. The Linux GroupWise Installation program provides a option that simplifies the process of installing the Linux WebAccess Agent on multiple nodes in the cluster.
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under , mark whether you want to configure the Linux WebAccess Agent for clustering using Novell Cluster Services. If you do, follow the installation instructions in |
The Windows WebAccess Agent can be configured to support SNMP. This enables the WebAccess Agent to be monitored and managed through an SNMP management program.
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
If you want the WebAccess Agent to support SNMP, under , select . |
NOTE:The NetWare and Linux WebAccess Agents rely on operating system components for SNMP functionality and do not require this installation option.
The WebAccess Agent can run as a Windows service rather than a standard Windows application. To do so, the WebAccess Agent service requires a user account. The requirements for the Windows service user account are the same as those listed for the Windows WebAccess Agent in Domain and Post Office Access.
|
GROUPWISE WEBACCESS AGENT INSTALLATION SUMMARY SHEET |
|---|
|
Under , select . Under, enter the username and password for the service’s user account. |
NOTE:On Windows Server 2008, the Windows WebAccess Agent running as a service cannot interact with the desktop. It must run as a background process.
As you install the WebAccess Application and/or the WebPublisher Application to a Web server, you are prompted to supply the configuration information described in the following sections:
NOTE:You should have already selected the Web server where you will install the WebAccess Application and WebPublisher Application. If you have not, see Section 5.3.1, Deciding Where to Install the GroupWise WebAccess Components.
The Installation program installs all available languages. You need to specify which language should be used when displaying the Novell Web Services page. When users access the Novell Web Services page, they can use the default language for WebAccess or WebPublisher, or they can select another language.
|
GROUPWISE WEBACCESS APPLICATION INSTALLATION SUMMARY SHEET |
|---|
|
Under , specify the language for the Novell Web Services page. |
For more information, see Multilingual GroupWise Systems
in the GroupWise 8 Administration Guide.
WebAccess Application and WebPublisher Application configuration information is stored in two places:
eDirectory objects
The webacc.cfg and webpub.cfg files, located in the following directories:
The WebAccess Application object and WebPublisher Application object allow you to easily modify configuration information in ConsoleOne. The eDirectory information is the master information; any changes made to the objects in eDirectory are also written to the configuration files.
In some installation scenarios, such as installing to a Web server outside a firewall, you might not have access to eDirectory, which means the Installation program cannot create the objects. It can, however, still create the configuration files on the Web server. In this case, to change the application’s configuration, you need to manually modify the webacc.cfg and webpub.cfg files.
You need to select the eDirectory container where you want the objects created. They are all created in the same container. The default container is the Domain object, which means the objects are created beneath the Domain object along with the MTA, Internet Agent, and WebAccess objects.
NOTE:Each application also has several providers associated with it. For example, the WebAccess Application has a GroupWise Provider and an LDAP Provider. The GroupWise Provider is the component that actually communicates with the WebAccess Agent to request information for users. The LDAP Provider communicates with LDAP servers to enable users to search LDAP address books. Provider objects are created in the same location as the application objects.
|
GROUPWISE WEBACCESS APPLICATION INSTALLATION SUMMARY SHEET |
|---|
|
Under and if needed, under , specify the tree where you want the objects created, then specify the context. If you will be installing from a location where you don’t have access to eDirectory, you can skip this item. |