Did you use the GroupWise Monitor on a Windows Workstation; do you miss the nice old features (like showing all logged on users)?
The old monitor is still there (http://localhost:8200 but pretty useless without any access control) so what you want to add is SSL and an authentication against your eDirectory. I am using SLES11 in this example.
1. Install the GroupWise Monitor Agent (the Monitor Application is NOT needed)
2. Make sure you have Apache installed.
3. Activate the Apache module “proxy_http“.
As the root user type: “a2enmod proxy_http“
Uncomment the “proxy-http” line in “etc/apache/sysconfig.d/loadmodule.conf”
I recommend creating a new vhost in “/etc/apache2/vhosts.d/” lets name it “gwm” listening on port 4433. So create a file “/etc/apache2/vhosts.d/gwm.conf” with the following lines:
<IfDefine SSL> <IfDefine !NOSSL> Listen *:4433 <VirtualHost *:4433> ServerName ThisNameShouldMatchTheNameInTheCertificate DocumentRoot "/srv/www/htdocs" ErrorLog /var/log/apache2/error_log TransferLog /var/log/apache2/access_log SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /etc/apache2/ssl.crt/mycert.pem SSLCertificateKeyFile /etc/apache2/ssl.key/mykey.key SSLCertificateChainFile /etc/apache2/ssl.crt/mychain.pem <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/srv/www/cgi-bin"> SSLOptions +StdEnvVars </Directory> CustomLog /var/log/apache2/ssl_request_log ssl_combined ProxyRequests Off <Location /> SSLRequireSSL AuthName "Enter Username and password" AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative On AuthLDAPURL ldaps://YourLDAPServer/YourSearchBase?cn?sub?(objectClass=person) AuthLDAPBindDN cn=MyLDAPReader,o=novell AuthLDAPBindPassword "LDapReaderPassword" Require ldap-attribute groupmembership=cn=groupwisemonitor,o=novell ProxyPass http://127.0.0.1:8200/ ProxyPassReverse http://127.0.0.1:8200/ </Location> </VirtualHost> </IfDefine> </IfDefine>
Some explanations:
ThisNameShouldMatchTheNameInTheCertificate: Replace with the name of your CN found in the certificate
mycert.pem, mykey.pem, mychain.pem: Your certificate, private key and your certificate chain. (this is optional and you could just delete the line)
YourLDAPServer: Hostname of your LDAP Server.
YourSearchBase: Your Searchbase (for example: “o=novell“)
MyLDAPReader, LdapReaderPassword: Username and password of a user object which is allowed to read group membership in your tree.
cn=groupwisemonitor,o=novell: The group which any user accessing the GWMonitor must be in.
4. Open port 4433 in the SuSE Firewall
5. Restart Apache “rcapache2 restart“
The URL of your GroupWise Monitor is now: https://yourhost:4433.
Have fun.