Quickstart Guide for Installing Domino 7 on SLES 9
Novell Cool Solutions: AppNote
By Michel Bluteau
Digg This -
Updated: 22 Feb 2007
The purpose of this document is to provide a quick way for someone who wants to test drive Domino on SUSE Linux Enterprise Server 9, for example for a lab pilot, etc. This document is not a comprehensive installation guide for Domino 7 on SLES 9, but I hope that it may save some time to others like me who needed a running Domino server fast, to eventually tune it or use it together with other solutions like Novell Identity Manager.
If you are preparation for a deployment in production, or if you need in depth information on optimization, security, administration, and other topics, you should take a look at the IBM Redbook for Domino 6 on Linux:
At the time of this writing, there was no Redbook for Domino 7 on Linux.
I got my Domino version from the IBM web site, which is a 90-day eval. I got the server portion for Linux, and the client/admin portion for Windows. I will concentrate on the server side, since the client side is fairly trivial.
The first step is to create a user and a group called notes on SLES.
Figure 1: Start YaST as root, and select Security and Users.
Figure 2: From the User and Group Administration screen, click Add.
Figure 3: Create a user called notes, and select a password.
Figure 4: You should now have a new user called notes.
Figure 5: Now select the Groups radio button, and click Add.
Figure 6: Create a group called notes, and add notes as a member.
Figure 7: You should now see the new group called notes.
Before we start the installation, we need to modify an X server parameter, otherwise the second portion of the installation, the graphical portion, will not launch properly.
Figure 8: in YaST, select the System category, then click on /etc/sysconfig Editor.
Figure 9: Expand the Desktop, then the Display manager section, then select DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN and set its value to yes.
Now we are ready to launch the installation. You need to open a Terminal screen as root, and mount the installation CD or ISO.
Figure 10: If you try to launch the installation with a non-root user, you will get an error message like the above.
Figure 11: Switch to root using su, then launch the installation.
Figure 12: Launching the installation executable.
Figure 14: Domino Server Installation Welcome screen.
Figure 15: Press TAB to continue.
Figure 16: Press TAB to read the Software Agreement.
Figure 17: Software Agreement.
Figure 18: Press Tab to continue.
Figure 19: Press TAB if you agree with the terms.
Figure 20: Accept the default(No) by pressing TAB unless you only want the data directories.
Figure 21: Press TAB unless you don't want the default of Domino Enterprise Server.
Figure 22: You could also select to install a Domino Messaging Server. To change the selection, press Spacebar.
Figure 23: The 3rd type of installation is Domino Utility Server.
Figure 24: Press TAB in order to accept the default which is to install all template files.
Figure 25: Press TAB if you are ready to accept the default of No.
Figure 26: You now have the opportunity to select the program directory. Press TAB to accept the default.
Figure 27: Next you will have to select the existing user and group for the installation.
Figure 28: Press TAB to accept the default of No if you do not want to run multiple servers.
Figure 29: You can change the default data directory, of press TAB to accept the default.
Figure 30: Press TAB to accept the default user which is notes.
Figure 31: Press TAB to accept the default group which is notes.
Figure 32: Here you can accept the default, which is Manual Server Setup, but I decided to go for Local Server Setup in order to launch the setup tool automatically.
Figure 33: Once the configuration is complete, you are now ready to install the program.
Figure 34: You have a last opportunity to review your configuration. Press TAB to install.
Figure 35: You should now see the progress bar for the installation.
Figure 36: Once the program installation portion is complete, the graphical setup tool should launch automatically.
Figure 37: If you get an error similar to the one above about the DISPLAY environment variable, it is because you did not configured the display manager as in Figure 9.
If you need to re-install, you can delete the 2 directories with rm -R as root, and restart the installation after configuring the display manager.
Figure 38: Make sure that xdm is listening on port 6000 by using the netstat command.
Figure 39: Welcome screen for the graphical setup portion of the installation.
Figure 40: Select between first or additionnal server then click Next.
Figure 41: Select a server name, then type in a descriptive title. Click Next.
Figure 42: Type an organization name, and select a Certifier password. Click Next.
Figure 43: Select a Domino domain name, then click Next.
Figure 44: Select the administrator's name, choose a password, then click Next.
Figure 45: Select the internet services you want, then click Next.
Figure 46: It is also possible to go into Advanced Domino Services for a more granular list.
Figure 47: Select the network settings, then click Next.
Figure 48: You can modify the security settings. Click Next when you are done.
Figure 49: You have one last chance to review your settings. Click Setup when you are ready.
Figure 50: You should now see the Domino Server Setup progress screen. It took less than a minute on my system, which is a VMware machine.
Figure 51: You should get to this Setup summary screen after the setup portion is completed.
Before you start the Domino server, you may want to double check a few things.
The ownership for the files(program and data) should be set to notes: chown -R -h notes:notes /opt/ibm/lotus chown -R -h notes:notes /local/notesdata And the permissions should be set properly: chmod -R 550 /opt/ibm/lotus chmod -R 700 /local/notesdata Also, add the following line to /etc/ld.so.conf: /opt/lotus/notes/latest/linux You will also need to edit the .profile file for the notes user(under /home/notes) and add the following lines: export LOTUS=/opt/lotus export NOTES_DATA_DIR=/local/notesdata export Notes_ExecDirectory=$LOTUS/notes/latest/linux export PATH=$PATH:$NOTES_DATA_DIR:$Notes_ExecDirectory:$Notes_ExecDirectory/res/C There is an issue with bindsock on my system, and i have seen many threads in newsgroups from people encountering the same issue. The Domino server gives an error about rights not being set properly, but I have not been able to overcome this issue yet on my system. I will update the article once I find a solution. The official recipe seems to be: chown root:notes /opt/ibm/lotus/notes/70000/linux/bindsock chmod 4550 /opt/ibm/lotus/notes/70000/linux/bindsock But on my system, this is not sufficient. Now we are ready to start the Domino server for the first time. Logout and login as notes, or open a Terminal and su as notes. Then cd to /local/notesdata and type the following command: /opt/ibm/lotus/bin/server You should see the server starting: Figure 52: Starting the Domino server.
Figure 53: Domino server console during startup.
Figure 54: Domino server console. You may be getting the error about bindsock like me. Also, there is an error about port 6400 being already in use, but this is not true.
I will try to revolve these errors and post a footnote for this article later.
Now we are ready to test the server with a client running on Windows. If you have not done so already, you should install the client on a Windows machine.
Figure 55: Starting the Windows client for the first time.
Figure 56: Enter the name for the notes user, and the Domino server name. You will need either DNS resolution or an entry in hosts in order to make the connection.
Figure 57: Adding an entry in the Windows hosts file in order to resolve the Domino server name.
Figure 58: You may be getting a warning like the one above. It is not mandatory to have the same password as your Windows logon, which would provide you with a single sign-on.
Figure 59: Without single sign-on, you must enter the password for the notes user.
Figure 60: You will be presented with several optional configuration options like Instant messaging and Internet mail.
Figure 61: Setup screen for additional services.
Figure 62: Setup screen for Internet mail.
Figure 63: Once you are done with the configuration, you should see this Welcome screen.
Figure 64: If you close the Welcome screen, you should be able to browse the domain information.
Figure 65: With Domino Administrator, you should be able to manage your servers and domain. Above is a Remote Console screen for our server.
Figure 66: You can access different pages like the one above which allows you to manage the services.
Figure 67: The above page is for managing the server's document.
This is it for this quickstart guide for installing Domino 7 on SUSE Linux Enterprise Server 9. Hopefully, this simple guide will help you to get up to speed faster, and allow you to get a rough idea about the steps involved.
Feel free to send comments, feedback and questions to me.
Thank you for your article. Helps me a lot
I found out some changes to run it on openSUSE 10
You get only a little mistake when he is searching for a SLES configuration. This error you can ignore.
Installation Domino Server 7.0.2 OpenSUSE 10
Login as root:
Open Firewall Port 1352, 8585 (Remote Setup) Create User Notes Create Group Notes /.install ......
Before you start the Domino server, you may want to double check a few things. The ownership for the files(program and data) should be set to notes:
chown -R -h notes:notes /opt/ibm/lotus chown -R -h notes:notes /local/notesdata
And the permissions should be set properly:
chmod -R 550 /opt/ibm/lotus chmod -R 700 /local/notesdata
Also, add the following line to /etc/ld.so.conf:
You will also need to edit the .profile file for the notes user(under /home/notes) and add the following lines:
export LOTUS=/opt/lotus export NOTES_DATA_DIR=/local/notesdata export Notes_ExecDirectory=$LOTUS/notes/latest/linux export PATH=$PATH:$NOTES_DATA_DIR:$Notes_ExecDirectory:$Notes_ExecDirectory/res/C yast System / Runlevel editor Stop postfix (or any other smtp that is blocking domino smtp - the bindsock problem)
From the 7.0.2 Release Notes
- Domino is started from a login session
For this case, the default must be overridden by modifying the file /etc/security/limits.conf AND insuring it is respected by the login. Edit /etc/security/limits.conf using root and add or modify the lines:
notes soft nofile 20000 notes hard nofile 49152
where "domsrvr" is an example of the user id that will run the Domino server. Specify the UNIX user name in the first column that is the owner of the notesdata directory specified during Domino installation. If more than one Domino partition exists on the same Linux for zSeries platform, repeat these lines for each user id. The "soft" value specifies the new default file descriptor limit (ulimit -n), and the "hard" value specifies the maximum file descriptor limit that may be set by the user.
In order for these limits to be respected following logon, insure the following line is in the appropriate pam.d login file:
session required /lib/security/pam_limits.so
For example, if ssh login is used, this line must appear in /etc/pam.d/sshd
If telnet is used, this line must appear in /etc/pam.d/login
If rlogin is used, this line must appear in /etc/pam.d/rlogin
The user id must login after the above changes are made and saved.
- Domino is automatically started through /etc/init.d
Starting a Domino server automatically when Linux is booted is typically accomplished by executing a script which resides in the /etc/init.d directory (in a "runlevel") . It is worth noting, however, that /etc/security/limits.conf settings are NOT respected when Domino is automatically started by a /etc/init.d script. Therefore, a line such as the following MUST appear in the "start" section of such a script:
ulimit -n 20000
Warning: Always make /etc/security/limits.conf change ( 1. above) in addition to modification of the "start" script. Otherwise, on the occasion that Domino is started from a login session, the file descriptor limit will be inadequate.
chown root:notes /opt/ibm/lotus/notes/70020/linux/bindsock chmod 4550 /opt/ibm/lotus/notes/70020/linux/bindsock chown root:notes /opt/ibm/lotus/notes/70020/linux/tunekrnl chmod 4550 /opt/ibm/lotus/notes/70020/linux/tunekrnl
Close Firewall Port 8585
Now we are ready to start the Domino server for the first time. Logout and login as notes, or open a Terminal and su as notes. Then cd to /local/notesdata and type the following command:
You should see the server starting.
Martijn de Jong
As I didn't really see any mention of it anywhere else, I though I'd just write this as a comment to your Quickstart guide to Domino 7 on Suse Linux.
If you chown notes:notes on /opt/ibm/lotus you need to put proper permissions back on 2(!) files:
- chown root:notes /opt/ibm/lotus/notes/latest/linux/bindsock
- chmod 4550 /opt/ibm/lotus/notes/latest/linux/bindsock
- chown root:notes /opt/ibm/lotus/notes/latest/linux/tunekrnl
- chmod 4550 /opt/ibm/lotus/notes/latest/linux/tunekrnl
You need to put proper permissions on tunekrnl to allow this file to change some of the system variables which are needed to give Domino a better performance.
Thanks for your extremely detailed and useful article that helped me achieve this for a client with little fuss.
After creating the notes user, run sux notes as this initialises their gui environment, otherwise the server config still doesn't run.
bindsock helper errors.
I found we needed to chmod 755 as notes and root need execute permission but root needs to own it. Even after this, you get "normal" instances of this error because of port clashes:
These can be with Postfix port 25, Apache port 80, NDS LDAP ports 389/636. Once we killed postfix and moved the Domino services to other ports, the errors vanishes.
Apache coexistence with Domino can be done by having Apache act as proxy as per: http://www.ferdychristant.com/blog/archive/DOMV-5ZKPCQ
The biggest omission in the package though is the absence of start up scripts for Domino, so you have to log in as notes and run the Domino server manually. Luckily I found prewritten excellent scripts that did this for me: These are very easy to implement and means the Domino server starts from boot without a window. You can monitor and control the server from an SSH terminal or from your Administrator. the scripts are obtainable free on request from here: http://www.nashcom.de/nshweb/pages/startscript.htm
An update to this article, suggested by Sascha Siekmann, is as follows:
The bindsock problem is self induced.
After you set
chown - R - h notes:notes /opt/ibm/lotus
The bindsock application is not owned by root anymore and therefore unable to bind to a privileged port. You need to chown to root on /opt/lotus/notes/60050/linux/bindsock/opt/lotus/notes/60050/linux/bindsock
Once that is done, you can restart smtp and the error message will disappear.
This is a longstanding and misleading display bug where port 6400 decimal is x1900 hex which when you byteswap it, becomes ... port 25! You can read more about this in my post to the Suse Domino list http://lists.suse.com/archive/suse-domino/2004-Sep/0013.html.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com