4.2 Installing iFolder Server

After you have met all the prerequisites for installing iFolder on NetWare, you are ready to install Novell iFolder 2.1.

  1. On your installation workstation, map a drive to the sys: volume on the destination server where you want to install the iFolder server. Map the drive, using one of these methods:

    • If you use CIFS on the destination NetWare server, map a drive, using Windows Explorer.
    • If you do not use CIFS on the destination NetWare server, map a drive, using the Novell Client™.

    Remember this drive letter; you need it in Step 6 to enter as the installation drive path.

  2. On your NetWare server, you must bring the Apache Web site down to install, upgrade, repair, or uninstall the iFolder server.

    For Apache 1.3.26 and 1.3.27, enter the following command from the NetWare command prompt:

    nvxadmdn.ncf

  3. To start the installation, go to the temporary directory on your workstation where you saved the installation program, then double-click the installation program icon.

    The iFolder Installation Wizard opens on the desktop of your installation workstation.

  4. Do one of the following:

    • New Installation of iFolder 2.1: Continue or Cancel the installation.

      If you click Continue, proceed to Step 5.

      If you click Cancel, the installation program exits and iFolder server is not installed. You can restart the install at a later time.

    • Upgrade Installation or Repair of iFolder 2.1: If you are installing iFolder 2.1 on an existing iFolder server, the Installation Wizard automatically detects it. Proceed to Step 10.

  5. For new iFolder 2.1 installations, read the End User License Agreement, then do one of the following:

    • Agree (click Yes)

      The installation program proceeds.

    • Disagree (click No)

      The installation program exits and the iFolder server is not installed. You can restart the installation at a later time.

  6. Specify the directory on the destination NetWare server where you want iFolder server to be installed. Browse to select the drive letter that you mapped in Step 1.

  7. Configure the global settings for the eDirectory LDAP server that your iFolder server uses, then click Next.

    • LDAP hostname or IP: Enter the DNS name (such as ldap1.your-domain-name.com) or IP address (such as 192.168.1.1) of the server that acts as your LDAP server.

      This might be the same server that you are configuring as your iFolder server.

      IMPORTANT:If you use a DNS name, that name must already exist as an entry on your DNS server and point to the IP address of the destination server.

    • Port: Select the port type, based your security needs, for data exchanges between your LDAP server and your iFolder server.

      Select one of the following methods:

      • Clear Text: Specify any valid TCP port number to use for Clear Text exchanges. By default, Port 389 is used for Clear Text.

        Use Clear Text if you want to use LDAP without SSL encryption or if your LDAP server does not support SSL. Clear Text is also a good choice if iFolder and LDAP are running on the same server. Because no communication or data is being transferred across network connections, no encryption is necessary.

        If you use Clear Text, the LDAP Group object must be able to allow clear text passwords. To verify this, launch ConsoleOne®, locate the context where your server resides, right-click the LDAP Group object, click Parameters, and make sure the Allow Clear Text Passwords check box is checked.

      • SSL: Specify any valid TCP port number to use for SSL exchanges. By default, Port 636 is used for SSL.

        Select SSL if you want to use SSL exchanges to provide your network with encryption and security when data is transferred across network connections.

        To use a non-standard secure port (other than 636), you must provide the LDAP server Root certificate file to the iFolder server after the installation is complete.

        For more information, refer to Section 4.2.1, Post-Installation

    • LDAP Context Where iFolder Admin User Is Located: Enter the LDAP context where you iFolder Admin User objects are located. For example, o=all.

      If you are entering more than one context, separate them with semicolons and with no spaces. For example,

      o=all;o=novell

      Do not include spaces between delimiters in the context. For example,

      o=novell;ou=users,o=novell

  8. Configure the iFolder settings for the NetWare server that will be your iFolder server, then click next.

    • iFolder Server Host Name or IP: Enter the DNS name (such as nif1.your-domain-name.com) or the IP address (such as192.168.1.1) to use for your iFolder server.

      IMPORTANT:If you use a DNS name, that name must already exist as an entry on your DNS server and point to the IP address of the destination server.

      If you are planning to create a Novell cluster server, use the DNS name here. For information, see Step 1.

      To specify a port, append the IP address of the server with a colon followed by the port number. For example, 192.168.1.1:80.

    • iFolder Admin Names: Specify the default user ID for the iFolder administrator for this iFolder server. For example,

      admin

      The iFolder Admin Names are the users who have permission to manage the iFolder server, using the iFolder Management Console. You can assign more than one user ID to be an iFolder administrator. If you have multiple user IDs, separate them with semicolons and with no spaces. For example,

      admin;jsmith;acatt

      IMPORTANT:All of the users identified here must exist in the context identified in Step 7.

    • Local iFolder User Database Path: Specify the path to the directory on the iFolder server where user data for all the iFolder accounts will be stored. For example, sys:\iFolder or nif-user:\iFolder, where sys: or nif-user: is the name of the preexisting volume and iFolder is the location of iFolder user data.

      The default location is sys:\iFolder because a sys: volume is the only NSS volume known to exist prior to the definition of your storage architecture solution for the NetWare server. By using a separate volume for user data, you can avoid filling up your sys: volume.

      The iFolder installation creates a directory on an existing volume, but it does not create a new volume. You must create the alternate volume prior to installing iFolder. Otherwise, the installation will fail.

      Do one of the following:

      • Specify the preexisting volume other than sys: and the directory where you want to store user data. For example, nif-user:\iFolder, where nif-user is the name of the preexisting volume and iFolder is the location of iFolder user data.
      • Specify the default location of sys:\iFolder for now. If desired, you can change the location later by editing the value in the Apache\iFolderServer\httpd_ifolder_nw.conf file.
  9. Review the settings you provided in the previous steps. To return to previous pages and change the settings, click Back and repeat the steps, as necessary.

    When you are done, click Next, then go to Step 11.

  10. If a version of iFolder already exists on the server as identified in Step 4, you can upgrade, repair, or uninstall that version.

    Do one of the following:

    • Upgrade to iFolder 2.1: Click Upgrade/Repair, then do one of the following:

      • Upgrade from iFolder Standard Edition: The iFolder Installation Wizard requests that you confirm the upgrade to iFolder 2.1.

        IMPORTANT:You might need to follow a manual upgrade process if you have a large number of users who have extended characters in their passphrases. You must also follow special precautions if you decide to concurrently use both iFolder 1.x and iFolder 2.1 systems. For information, see Section B.0, Upgrading from iFolder Standard Edition to iFolder 2.1.

        To accept, click Yes. The installation continues and uses the current settings of your iFolder 1.x server as the default settings for iFolder 2.1. iFolder notifies you when the upgrade installation is complete. User data remains untouched.

        In iFolder 2.1, the iFolder policies are stored in the iFolderSettings object in eDirectory™ instead of the ifolder.xml file. After the upgrade process completes, manually remove the ifolder.xml file from the iFolder data directory. By default, this location is sys:\ifolder\ifolder.xml. Replace sys:\ifolder with the actual path to your iFolder data directory.

      • Upgrade from iFolder 2.0 Professional Edition: The iFolder Installation Wizard requests that you confirm the upgrade to iFolder 2.1.

        To accept, click Yes. The installation continues and uses the current settings of your iFolder 2.0 server as the default settings for iFolder 2.1. iFolder notifies you when the upgrade installation is complete. User data remains untouched.

      • Decline the Upgrade: To decline, click No. Your iFolder server is not upgraded.

    • Repair iFolder 2.1: The iFolder Installation Wizard requests that you confirm the repair of iFolder 2.1.

      To accept, click Yes. The reinstall continues and uses the current settings of your iFolder 2.1 server as the default settings. iFolder notifies you when the repair installation is complete. User data remains untouched.

      To decline, click No. Your iFolder 2.1 server is not repaired.

    • Uninstall iFolder 2.1: Click Uninstall. The iFolder Installation Wizard requests that you confirm the uninstall.

      To accept, click Yes. The iFolder uninstall process stops the iFolder server and removes all iFolder files and settings. iFolder notifies you when the uninstall is complete. User data remains on the server; you must remove it manually.

      To decline, click No. iFolder will not be uninstalled.

  11. To exit the Installation Wizard, click Finish.

  12. After the software is installed or upgraded on your NetWare server, you must bring the Apache Web site down and up again to make the changes permanent.

    For Apache Web Server 1.3.26 and 1.3.27, at the command prompt, enter

    nvxadmdn.ncf

    Allow enough time for the Web server to shut down gracefully, then at the command prompt, enter

    nvxadmup.ncf

    After the server restarts, iFolder is active on your system.

    If this is a new installation of iFolder, continue to Step 13. If this is an upgrade, your upgrade is successfully completed.

  13. If this is a new installation, you must extend the eDirectory schema before you can use the iFolder server.

    1. To open the iFolder Management Console, do one of the following:

      • Select the Administer iFolder option on the last window of the iFolder installation process.
      • From a Web browser on your installation workstation, go to the iFolder Management Console, click File > Open, then enter the following URL:

        https://nif1.your-domain-name.com/iFolderServer/Admin

        IMPORTANT:This URL is case sensitive.

        Replace nif1.your-domain-name.com with the actual DNS name or IP address of your iFolder server.

    2. Log in to the Global Settings page.

      On successful login, iFolder extends the eDirectory schema. This can take several seconds, so expect a 10- to 30-second delay in the response.

      When the browser opens to the Global Settings General Information page, the installation is complete.

4.2.1 Post-Installation

To connect over non-standard secure port, copy the LDAP trusted root certificate (rootcert.der file) from your LDAP server to a directory on your iFolder server. For example, in NetWare, copy the rootcert.der file from LDAP server's sys:\public directory to a directory on the iFolder server.

  1. In iFolder server, go to sys:\apache2\ifolder\server and open the httpd_ifolder_nw.conf file.

  2. In the httpd_ifolder_nw.conf file, locate the “LdapRootCert” directive, uncomment it, and then add the location including certificate file name as its value.

  3. Restart the iFolder server.

NOTE:If you enter a value for LdapRootCert directive, the iFolder server considers any LDAP port (apart from 389) as a secure port.