2.4 Remote Access to ConsoleOne on a Linux Server

If your GroupWise system includes domains on Linux servers, file system mounts are required for a few specific GroupWise administration tasks. However, you can perform the bulk of typical domain, post office, and user administration without needing file system mounts between Linux servers where domains and post offices reside. You can perform these administration tasks from either Linux or Windows.

2.4.1 Administrative Tasks Requiring File System Mounts

ConsoleOne requires file system mounts to both the primary domain database and a secondary domain database simultaneously to perform the following tasks:

  • Create Domain

  • Rebuild Domain Database

  • Sync Primary with Secondary

  • Replace Primary with Secondary

  • Merge/Release

For more information, see Section 4.1.2, Understanding the Need for Domain Connections.

Aside from these fairly specialized administrative tasks, you can connect directly to a secondary domain database on a Linux server from either Linux or Windows, and then run Linux ConsoleOne to conveniently perform other GroupWise administration tasks remotely.

2.4.2 Remote ConsoleOne Access with a VNC Client

Remote administration can be made possible by using a VNC (Virtual Network Connection) client where you want to run ConsoleOne (on either Linux or Windows) and by enabling Remote Administration on each remote Linux server where you need to access a domain database.

Selecting a VNC Client

Many VNC clients are available for use on Linux and Windows. To investigate your options, you can google “VNC clients”. Review their capabilities and select one that appeals to you. RealVNC is a common favorite. Install the VNC client where you want to run ConsoleOne with direct access to remote Linux servers.

Enabling Remote Administration

By default, Linux servers do not allow remote administration for understandable security reasons. To use your VNC client, you must enable Remote Administration on each remote Linux server.

  1. In YaST:

    1. (Conditional) On OES, click Network Devices > Remote Administration.

      or

    2. (Conditional) On SLES, click Network Services > Remote Administration.

  2. Select Allow Remote Administration.

    If your firewall is properly configured, Open Port in Firewall is selected by default. The default port number used for remote administration is 5901.

  3. (Conditional) If Open Port in Firewall is not selected:

    1. Click Abort to cancel Remote Administration setup.

    2. Click Security and Users > Firewall.

    3. In the left pane, click Interfaces, then click Change to configure the firewall interface.

    4. In the Interface Zone drop-down list, select the zone appropriate for the Linux server where you are enabling Remote Administration, then click OK.

    5. Click Next to list your current firewall settings, then click Finish to put the updated setting into effect.

    6. Return to Step 1 to enable Remote Administration.

  4. After enabling Remote Administration, click Finish to put the settings into effect.

Using Your VNC Client on Linux or Windows to Run ConsoleOne on the Linux Server

After you have enabled Remote Administration on the remote Linux servers:

  1. Access the remote Linux server in your VNC client by providing the remote server’s IP address and the remote administration port number, for example:

    137.16.5.18:5901

  2. In the window that opens on the remote Linux server, start ConsoleOne:

    /usr/ConsoleOne/bin/ConsoleOne

  3. Authenticate to the eDirectory tree to start ConsoleOne as usual.

  4. Attach to the domain on the Linux server.

  5. Proceed with your GroupWise administration tasks.

  6. When you are finished with GroupWise administration on the remote Linux server, exit ConsoleOne.

  7. Close the window where you have been running ConsoleOne, to close the connection with the remote Linux server.

2.4.3 Remote ConsoleOne Access with a Secure Shell (SSH) Connection

As an alternative to the Remote Administration feature in YaST, you can use a secure shell (SSH) connection to a remote Linux server in order to run ConsoleOne on the remote Linux server.

Configuring a Linux Server to Allow a Secure Shell Connection

On OES 11 and SLES 11

  1. In YaST, click Network Service > SSHD Configuration.

  2. Ensure that Allow X11 Forwarding is selected.

    This is the default setting.

  3. Click Finish to enable SSHD.

  4. Configure your firewall to allow the SSHD connection:

    1. Under Security and Users, click Firewall.

    2. Click Allowed Services.

    3. In the Service to Allow drop-down list, select Secure Shell Server, then click Add.

    4. Click Next, then click Finish.

On OES 2 and SLES 10

  1. Check the /etc/ssh/sshd_config file to ensure that X11Forwarding is set to yes.

    This is the default setting.

  2. Configure your firewall to allow the SSH connection:

    1. Under Security and Users, click Firewall.

    2. Click Allowed Services.

    3. In the Service to Allow drop-down list, select SSH, then click Add.

    4. Click Next, then click Finish.

Using a Secure Shell Connection on Linux to Run ConsoleOne on the Linux Server

  1. Enter the following command to establish a secure shell connection to the remote Linux server:

    ssh -X network_address

    Replace network_address with the IP address or DNS hostname of the remote Linux server.

  2. Enter the password to access the remote Linux server as root.

    The command prompt changes to the name of the remote Linux server.

  3. Start ConsoleOne on the Linux server:

    /usr/ConsoleOne/bin/ConsoleOne

  4. Authenticate to the eDirectory tree as usual.

  5. Connect to the domain on the Linux server.

  6. Proceed with your GroupWise administration tasks.

  7. When you are finished with GroupWise administration on the remote Linux server, exit ConsoleOne.

  8. Exit the terminal window where you have been connected to the remote Linux server, to close the secure shell session.

Using a Secure Shell Connection on Windows to Run ConsoleOne on the Linux Server

Because Windows does not include an X server, setting up a secure shell from Windows to Linux requires additional software that is not free nor especially easy to set up. If you still want to pursue this option, refer to the Cool Solutions article, Remote Management Using SSH and X-Forwarding on Windows.