5.2 GroupWise Module
The GroupWise module allows Retain to archive messages from GroupWise. The GroupWise module must be fully configured before Retain can archive or communicate with the GroupWise mail system.
Other tools that work with the GroupWise Module:
-
GroupWise Client Plugin GroupWise Client Plugin.
-
GroupWise Webaccess Plugin GroupWise WebAccess Plugin.
-
Stubbing server Stubbing Server may be installed which can allow users to search Performing Retain Searches Within The GroupWise Client the Retain archive from their GroupWise client.
-
GroupWise Archive Migration Tool GroupWise Archive Migration Tool.
5.2.1 Prerequisites
Before beginning you will need to gather this information:
-
IP Address and SOAP port of a POA
-
A Trusted Key Name and Trusted Application Key
Setting up the Module
The GroupWise module page opens first with the Core Settings.
GroupWise
Browse to the GroupWise Administration page. Under System | Trusted Applications, create a key called Retain and export the key. You will need this for the SOAP section below.
We highly recommend enabling Message Retention Services in GroupWise, so users cannot delete messages before they are stored by Retain.
5.2.2 Core Settings
Normally all the checkboxes on this tab are always left selected. It is rare that you would ever deselect any of them. Two cases where you might, would be: troubleshooting (as instructed by Technical Support), and retiring an old email system.
The module needs to be enabled on this page to make it active in the Retain system.
The module can be given a name.
The Send Method option enables either the SMTP Forwarding or FTP features. For either feature to appear and function, the Module Forwarding tab must be configured on the Server Configuration page. See that section for more information.
The Enable Address Book Caching function allows Retain to regularly cache the online email systems address book and synchronize it with Retain. This is critical for administration, authentication, and archiving purposes. It is recommended to cache the Address Book once every 24 hours to keep the Retain storage system up to date. By default, maintenance is set to cache the Address Book once every 24 hours.
The Enable Authentication checkbox determines if end-user authentication is performed when the user logs into Retain. If it is deselected, the Retain system will NOT authenticate the user against the email system and the user will not be able to log in unless another authentication method is enabled.
The Enable Jobs checkbox determines if configured data retrieval jobs are ever passed to the Worker. Even if the individual job is fully configured and enabled, if this checkbox is switched off, no jobs configured for this module will be processed.
Set Storage Flags
If you have Retention Services enabled, which we highly recommend, you will need the Retention or Purge flags updated depending on which one you are using. Generally, you would use Retention flag for Retain and the Purge flag for your backup software, such as Reload.
You would enable Retention Services in GroupWise Administration under Domain or Post Office. Then in Client Options, Integrations, Retention, and Enable Message Retention Service.
This would be used in conjunction with a Trusted App Key which the GroupWise module needs for the SOAP tab.
The Send Method option enables either the SMTP Forwarding or FTP features. For either feature to appear and function, the Module Forwarding tab must be configured on the Server Configuration page. See that section for more information.
5.2.3 SOAP
Provide the POA Host Name and SOAP port. IP addresses are acceptable, but host names are preferred as IP addresses may change. SSL is supported, but comes at the price of speed, and will slow down the archiving process. Create a Trusted Application key for Retain, either manually from GroupWise Administration, System, Trusted Applications in GroupWise 2014 or above or Console One for GroupWise 2012 or lower.
The SOAP access information must be provided, and the connection tested and verified before the system can connect. After providing the required information, click the 'Test Connection' button. The results are displayed. A successful result must be reached before Retain can archive messages from GroupWise.
If mail server Redirection is required for mail servers which are not contained on the local WAN and must have the connection addresses manually specified, the appropriate information may be modified in the redirection table. Most installations will not require any modification.
5.2.4 LDAP
LDAP can be used to authenticate users against other directory services such as eDirectory or Active Directory.
LDAP may be used for individual users wishing to access their respective archives. If LDAP is setup and desired to be used for Retain user authentication, it must be fully configured in the GroupWise module.
Utilizing LDAP allows users to log into their respective archives using the user’s full email address. This authentication requires that the email attribute be marked indexed in GroupWise.
Using Active Directory Authentication
Before you use Active Directory Authentication, you must have LDAP Authentication configured in GroupWise and configure Retain to use Active Directory Authentication:
GroupWise Configuration
-
Make sure you have Active Directory configured as an LDAP directory and an LDAP server in the GroupWise Admin Console. Also, make sure the following are set in the GroupWise Admin Console:
-
On the LDAP Directory, must be selected.
-
On the LDAP server > tab, select the Post Office that you are using for LDAP.
-
Go to > Select the Post Office that you are using for LDAP > . Select and make sure the LDAP server is listed in the column in the .
Follow the steps in LDAP Directories and Servers in Your GroupWise System in the GroupWise 18 Administration Guide if you need help setting up the LDAP directory or LDAP server.
-
-
Make sure that your GroupWise mailboxes are associated with their LDAP users by following the steps in Associating GroupWise Users with an LDAP Directory in the GroupWise 18 Administration Guide .
Retain Configuration
-
In the GroupWise Module > LDAP tab, enter in the information for your LDAP server. Make sure Enable EMail Address Lookup is selected.
NOTE:The LDAP Admin User must be entered using the following form:
CN=Administrator,CN=Users,DC=company,DC=com
The Top Search Context is usually the distinguished name of the domain and must be entered using the following form:
DC=company,DC=com
-
Edit the ~Beginfinite\Retain\RetainServer\WEB-INF\classes\config\misc.properties file on the server changing the following lines:
custom.ldap.enabled=1 custom.ldap.class=com.gwava.authenticate.gw.AlternativeGWLDAPAuthentication
-
Restart tomcat on the Retain server.
5.2.5 Proxy
Users who have been given proxy to another account in GroupWise may be granted access to proxy accounts in the Retain archive as well.
For performance reasons, Retain caches proxy verifications for a period of days (default is 7 days). Revocation of proxy access might not be reflected immediately in Retain. The caching period may be reduced or even disabled, (a value of ‘0’ disables caching), but this is not recommended.