3.2 Installing and Setting Up Your Novell Messenger System

3.2.1 Installation Prerequisites

Before starting the Messenger Installation program, ensure that your system has been prepared for the Messenger system configuration for which you have planned. In addition to this list, ensure that the server requirements have been met.

  • Ensure that the container object exists where you want to create your Messenger system.

  • If you are planning to have the Messenger agents use LDAP access to eDirectory but you are not providing a root certificate, ensure that your LDAP server supports clear text passwords. In ConsoleOne, check the properties of the LDAP Group object that your LDAP server is a part of. Depending on your version of eDirectory, the Allow Clear Text Passwords option should be selected or the Require SSL/TSL option should be deselected.

  • If you are planning to install the Windows Messenger agents as Windows services and you do not want them to run under the local system account, ensure that the account you want them to use has been created on the Windows server.

  • If you are running the Messenger Installation program at a Windows workstation or server, ensure that you are logged in as an Admin equivalent to the eDirectory tree where you are planning to create your Messenger system. If you are installing the Messaging agents on a Windows server, you should run the Installation program at that server.

Follow the setup instructions for the platform where you are creating your Messenger system:

3.2.2 Installing and Setting Up a Messenger System on Windows

Installing ConsoleOne on Windows

If ConsoleOne is not already installed on the Windows server where you plan to install Messenger, you need to install it.

  1. At a Windows workstation or server, download the consoleone.zip file from the Novell Customer Center (NCC).

  2. Unzip the consoleone.zip file on your Windows workstation or server.

  3. In the ConsoleOne directory, run the install.exe file and complete the installation wizard.

  4. Continue with Starting the Messenger Installation Program.

Starting the Messenger Installation Program

  1. At a Windows workstation or server, download the Novell Messenger 3.0 image.

  2. In the server directory, run the setup.exe file to start the installation program.

  3. Select the language in which you want to run the Installation program, then click OK.

  4. Click Yes to accept the License Agreement.

  5. Continue with Creating Your Messenger System.

Creating Your Messenger System

The Installation Options page lets you select what type of installation you want to perform.

Throughout the installation process, you can refer to the Installation Guide by clicking Installation Guide in the lower-left corner of each Installation program page.

Figure 3-2 Installation Options Dialog Box

  1. Select Create or Update a System, then click Next to display the Installation Path page.

    Server Information dialog box
  2. Specify the directory path or browse to and select the directory where you want to install the Messenger agents as planned under item 3 of the worksheet, then click Next to display the System Configuration page.

    System Configuration dialog box
  3. Provide the Messenger system configuration information as planned under item 4 through item 6 of the worksheet, then click Next to display the Installation Components page.

    Install Components dialog box
  4. Leave all the components selected for your initial Messenger installation, then click Next.

    If you are installing the Windows Messenger agents and selected to install them as Windows services, the Windows Service Options page appears.

    Windows Service Options dialog box
  5. For the Windows Messenger agents, provide the Windows service information as planned under item 8 of the worksheet, then click Next to display the Directory Access page.

    Directory Access dialog box
  6. Provide the eDirectory access information as planned under item 9 of the worksheet, then click Next to display the Directory Authentication page.

    Directory Authentication dialog box
  7. Provide the eDirectory authentication information as planned under item 10 of the worksheet, then click Next to display the User Configuration page.

    User Configuration dialog box

    The context of the eDirectory user is automatically added to the context list.

  8. If necessary, click Add, then browse to and select another user context as planned under item 11 of the worksheet.

  9. Select Include subcontexts if User objects exist in nested container objects beneath the selected context.

    IMPORTANT:If you do not select Include subcontexts, User objects in containers beneath the selected context are not considered part of your Messenger system.

  10. Click OK to add the context to the contact list.

  11. Repeat Step 8 through Step 10 for each context where User objects reside, then click Next to display the Server Address page.

    Server Address dialog box
  12. Verify the IP address or DNS hostname of the server where the agents will run, and the port number that each agent will use as planned under item 12 of the worksheet.

    If you are using IPV6 for the agents, you must us the DNS hostname instead of the IP address.

  13. Click Next to display the Security Configuration page.

  14. Check the box to input your own certificates. If you do not import your own certificates, Messenger will create an internal SSL certificate.

    Admin Configuration dialog box
  15. Verify the path to ConsoleOne.

  16. Click Next.

  17. If you are installing Messenger in a cluster, see the appropriate section of the GroupWise 2014 Interoperability Guide for additional instructions.

  18. Specify if you want to allow product improvement to collect and send information to Micro Focus.

  19. Continue with Installing the Messenger Software.

Installing the Messenger Software

The installation summary lets you review the information you have provided before the installation actually begins.

Figure 3-3 Installation Summary Dialog Box

  1. Review the summary of the selections you have made.

    If necessary, click Back to change information as needed before proceeding with the installation.

  2. Click Next to begin the installation.

    When the installation is complete, you can choose to view the Readme or start the Messenger agents immediately.

  3. Select the post-installation options you want, then click Finish.

  4. Continue with Section 3.4, What’s Next.

3.2.3 Installing and Setting Up a Messenger System on Linux

Installing ConsoleOne on Linux

If ConsoleOne is not already installed on the Linux server where you plan to install Messenger, you need to install it.

  1. At a Linux server, download the consoleone.tar.gz file from the Novell Customer Center .

  2. Untar the consoleone.tar.gz file on your Linux server.

  3. In a terminal window, become root by entering su - and the root password.

  4. Change to the consoleone/Linux subdirectory of the software image.

  5. Check to see if an older version of ConsoleOne is already installed on the Linux server:

    ls /usr/ConsoleOne

  6. (Conditional) If the ConsoleOne directory exists, uninstall ConsoleOne:

    ./c1-uninstall

  7. Install ConsoleOne:

    ./c1-install

  8. Enter the numbers for the languages that you want to install.

  9. Enter 3 to install the LDAP snap-in.

  10. When asked whether to install the IBM JRE, select Yes.

  11. Continue with Starting the Messenger Installation Program on Linux.

Starting the Messenger Installation Program on Linux

  1. At the Linux server, become root by entering su and the root password.

  2. Change to the /server directory on the downloaded Messenger 3.0 image.

  3. Ensure that the install.sh file has execute permissions. If it does not, enter chmod +x install.sh.

  4. Enter the following:

    ./install.sh

  5. Press Enter to continue and display the license agreement.

  6. Press Enter or the Spacebar to scroll through the license agreement. At the end of the license agreement, enter y to accept the agreement, or enter n to not accept the license agreement.

  7. If you accept the license agreement, the necessary .rpm files are installed to the server. Enter y to continue with the installation.

  8. Continue with Configuring Your Messenger System on Linux.

Configuring Your Messenger System on Linux

  1. After the packages are installed, enter y to configure the Messenger system.

    The following options are displayed:

    • 1) Create a new system
    • 2) Install a new server to an existing system
    • 3) Extend schema only
  2. Enter 1 to create a new system.

    If you are installing from a support pack file:

    Enter Y when asked Are you installing to a cluster? (y/n). For additional clustering configuration steps, see the GroupWise 2014 Interoperability Guide.

    The following options are displayed:

    • 1) Use LDAP to access eDirectory
    • 2) Use eDirectory libraries for direct access
  3. Enter 1 or 2 (worksheet item 9).

    If 32-bit eDirectory is not installed on the Linux server, only the option for using LDAP is displayed.

  4. If you selected LDAP in Step 3, specify the following information:

    • The IP address of the LDAP server.

    • y or n to select whether to use SSL.

    • The port of the LDAP server (worksheet item 9).

    • If you select to use SSL, you next need to enter the path to the LDAP server’s root certificate (worksheet item 15). For more information, see Messenger System Security.

    or

    If you selected direct access, specify the name of the eDirectory tree to extend and create objects in, and the replica address for that tree (IP address of the server running eDirectory) (worksheet item 9).

  5. Specify the context to create the objects in, for example, ou=linuxsystem,o=novell (worksheet item 5).

  6. Specify the Messenger system object name (worksheet item 6).

    You can press Enter to accept the default name of MessengerService.

  7. Specify the Messenger server object name (worksheet item 6).

    You can press Enter to accept the default name, which is the Linux server name plus the word server.

  8. Specify the full context of the directory user object that will be used to extend the schema and create the objects. For example, cn=admin,ou-linuxsystem,o=novell.

    This user must have rights to extend the schema and create objects in eDirectory. This user is not saved to disk and is deleted from memory after the installation.

  9. Specify the full context of the directory user object that will be used by the agents to access the directory. For example, cn=admin,ou=linuxsystem,o=novell (worksheet item 10).

    For more information, see eDirectory Access and Authentication.

  10. Enter the password for this user twice (worksheet item 10).

  11. Specify the default contexts where Messenger will authenticate and search for users. For example, ou=linuxsystem,o=novell (worksheet item 11).

    For more information, see Messenger User Locations.

  12. Specify the IP address of the Linux server (worksheet item 12).

  13. Specify y or n to select whether to use your own SSL certificate or to use a Messenger created certificate.

    If you select y, specify the path to the server’s root certificate and the path to the server’s root certificate key, then enter the password for the server’s root certificate.

    If you select n, Messenger will automatically configure the certificate for you. You need to enter the host name or IP address that users will use to connect to Messenger and the certificate path for the server.

  14. Enter a non-root system user for the Messenger service to run as.

    You can press Enter to accept the default name of nvlmsgr.

    If you are installing to an NSS volume, select root as the default user. For additional information on configuring Novell Messenger for an NSS volume, see Section 3.2.5, Setting Up Non-root Access on an NSS Volume on Novell Open Enterprise Server Linux.

  15. Specify if you want to allow product improvement to collect and send information to Micro Focus.

    A summary of the information you supplied is displayed.

  16. Enter y to continue with the installation.

  17. After the installation and configuration are complete, enter n to not start the agents at this time.

  18. Continue with Configuring the Linux Messenger Agents for SSL.

Configuring the Linux Messenger Agents for SSL

The Messenger Cross-Platform client requires an SSL connection with the Messenger agents. If you are not already familiar with SSL, or if SSL is not already set up on your system, you can add SSL security to your Messenger system, as described in Configuring Messaging Security with SSL Encryption in Managing the Messaging Agent in the Novell Messenger 3.0 Administration Guide.

NOTE:The Messenger Windows client does not require an SSL connection with the Messenger agents.

The required SSL connection is most easily configured in ConsoleOne. On Linux, ConsoleOne does not automatically authenticate to any eDirectory trees when it starts, so the NDS object is not immediately expandable.

Figure 3-4 ConsoleOne on Linux

  1. In ConsoleOne, select NDS, then click File > Authenticate.

  2. Fill in the following fields:

    Login Name: Provide a NetIQ eDirectory user name that has rights to modify eDirectory objects.

    Password: Provide the password for the user name.

    Tree: Type or select the eDirectory tree where you created your Messenger system.

    If the eDirectory tree is located on a Windows server, you might need to specify the IP address of the server instead of the tree name.

    Context: Provide the full context of the User object associated with the user name you provided.

  3. Click Login.

  4. Under the NDS object, select the tree where you created your Messenger system.

  5. Browse to and right-click the Server object in your Messenger system, then click Properties.

  6. Click Server > Security.

    Security property page
  7. Fill in the fields (worksheet item 15).

  8. Click OK to save the security settings.

  9. Continue with Starting the Linux Messenger Agents.

Starting the Linux Messenger Agents

To start the agents manually, use the startup scripts provided in the /etc/init.d directory.

  1. At the Linux server, become root by entering su and the root password.

  2. Change to the /etc/init.d directory.

  3. To start the Messaging Agent, enter the following command:

    ./novell-nmma start

  4. To start the Archive Agent, enter the following command:

    ./novell-nmaa start

    You can also use the stop, restart, and status options for these agents from the same directory.

    Messenger agent log files are created in the /var/opt/novell/log/messenger directory. The Messenger agents can be monitored by using the agent web consoles from your browser, as described in Using the Messaging Agent Web Console in Managing the Messaging Agent in the Novell Messenger 3.0 Administration Guide.

    For additional agent startup alternatives, see Starting the Messaging Agent and Starting the Archive Agent in the Novell Messenger 3.0 Administration Guide.

  5. Skip to Section 3.4, What’s Next.

3.2.4 Setting Up the High Availability Service

The High Availability service uses the GroupWise Monitor Agent to periodically check the status of the agents that it is responsible for restarting. For information on configuring Monitor for the GroupWise Messaging agents, see Monitoring the Messaging Agent in the Novell Messenger 3.0 Administration Guide.

  1. Become root by entering su and the root password.

  2. Copy the novell-groupwise-gwha RPM file to your local drive.

  3. From the location that you copied the novell-groupwise-gwha rpm, enter the following command to install the gwha service:

    rpm -Uvf novell-groupwise-gwha-7.0.xxxxxxxx.i386.rpm

  4. Modify the GroupWise High Availability service file (gwha):

    1. Change to the /etc/xinetd.d directory.

    2. Edit the gwha file in a text editor.

    3. In the port = field, specify a unique port number, for example 8303.

    4. Save the file, then exit the text editor.

  5. If you use SSL, you need to modify the High Availability service configuration file.

    1. Change to the /etc/opt/novell/groupwise directory.

    2. Edit the gwha.conf file in a text editor.

    3. Under the [gwha] section, fill in the fields as follows:

      [gwha] ssl      = yes key      = filename.key cert     = filename.crt password = password

    4. Save the file, then exit the text editor.

  6. Enable the High Availability service:

    1. In YaST, click Network Services > Network Services (inetd).

    2. If necessary, select Enable to activate the list of services.

    3. Scroll down to the gwha line, select it, then click Toggle Status (On or Off) to change the status to On.

    4. Click Finish.

  7. Start the agents as daemons.

    1. Change to the /etc/init.d directory.

    2. Enter the following commands to start the Messaging Agent and the Archiving Agent:

      ./novell-nmma start ./novell-nmaa start

    3. If the agents started correctly, a message displays indicating “Done.”

  8. Create a new user and associated password on your Linux server to represent the High Availability service.

    You might name it gwha.

  9. Test your configuration of the High Availability service.

    NOTE:If you configured the High Availability service for SSL, you cannot use a telnet session to test it. The connection will be refused. You can try to test it by killing the PID for the Agents and watch for Monitor to restart the Agents.

    1. Telnet into the High Availability server.

      For example, on the Linux server where you have configured the High Availability service, you could use the following command:

      telnet localhost port_number

      Use the unique port number you specified in Step 4.c.

    2. Specify the user name and password that you set up in Step 8.

      If telnet returns 000 Ok, then the gwha service is configured correctly.

    3. To exit the telnet session, press Ctrl+].

3.2.5 Setting Up Non-root Access on an NSS Volume on Novell Open Enterprise Server Linux

When the Novell Messenger agents are located on a Novell Open Enterprise Server (OES) Linux NSS volume, you must create an eDirectory user for the agents to run as, and you must LUM-enable that user. On OES Linux, you can use Novell iManager to accomplish these tasks.

After you have installed the agents on OES Linux, you need to configure the agents to switch users after startup and provide access to an NSS volume.

Creating an eDirectory User

You might want to create a new user specifically for the Novell Messenger service, perhaps named novellmsgr.

  1. On the Open Enterprise Server Welcome page in your browser, expand Network Management, then click iManager 2.5.x.

  2. In the iManager Links box, click Open Novell iManager 2.5.

  3. To log in to iManager, specify a user name, a password, and a tree.

  4. In the left pane, expand Users, then click Create User.

  5. Provide the required information, then click OK.

    The user does not need a password.

Enabling a LUM User

To LUM-enable the user you just created:

  1. In the left pane, expand Linux User Management, then click Enable User for LUM.

  2. Browse to and select the user you just created, then click OK.

  3. Browse to and select a primary group for the LUM user.

  4. Select /bin/false as the desired shell (because the LUM user does not need a shell), then click OK.

Configuring Novell Messenger for the NSS Volume

After you have finished LUM-enabling the eDirectory user, you need to set the user as the default user for the Novell Messenger service. In addition, you need to change the store path, queue path, and log path to be on the NSS volume.

Changing the Service User

  1. In a terminal window, enter the following command:

    cd /etc/opt/novell/messenger

  2. Using a text editor, edit the uid.conf file, remove root as the user, and add the LUM-enabled user.

Changing the Store Path

  1. In ConsoleOne, log in to the eDirectory tree containing your Novell Messenger service.

  2. Browse to the File Module object, right-click it, then select Properties.

    The File Module object is located at eDirectory Tree > Messenger Service > Messenger server > Archive Agent > File Module.

  3. Change the Store Path to the NSS volume, then click OK.

Changing the Messenger Agent Queue Path

  1. In ConsoleOne, log in to the eDirectory tree containing your Novell Messenger service.

  2. Browse to the Messenger Agent object, right-click it, then select Properties.

  3. Change the Queue Path to the NSS volume, then click OK.

Changing the Archive Agent Queue Path

  1. In ConsoleOne, log in to the eDirectory tree containing your Novell Messenger service.

  2. Browse to the Archive Agent object, right-click it, then select Properties.

  3. Change the Queue Path to the NSS volume, then click OK.

Changing the Messenger Agent Log Path

  1. In ConsoleOne, log in to the eDirectory tree containing your Novell Messenger service.

  2. Browse to the Messenger Agent object, right-click it, then select Properties.

  3. Change the Log Path to the NSS volume, then click OK.

Changing the Archive Agent Log Path

  1. In ConsoleOne, log in to the eDirectory tree containing your Novell Messenger service.

  2. Browse to the Archive Agent object, right-click it, then select Properties.

  3. Change the Log Path to the NSS volume, then click OK.

Granting Access to the LUM-Enabled User

The new LUM-enabled user must have rights to the store, queue, and log paths on the NSS volumes.

In a terminal window, use the following command to grant the user the required rights to the directories that the agents need to access on the local server:

rights -f /directory -r rwcemf trustee user.context.tree

When you have finished changing the rights to the directories, you must stop and then start the agents.