0
Best Practices for Administering
Novell GroupWise 8 ®                                ®




Robin Redgrave                 ...
Agenda

    •   System Administration

    •   Using GWCheck

    •   Moving users

    •   Monitoring the system




2   ...
System Administration
New in Novell GroupWise 8             ®         ®




    •   Some defaults changed
         –   More appropriate settings...
System Operations

    •   Only make system changes from the primary domain
    •   Regularly check on pending operations
...
Why Restrict System Operations

    •   Local administrators can not make system changes
         –   GWCheck scheduled ev...
System Operations

    •   Enable Novell eDirectory synchronisation
                                          ®
          ...
System Operations

    •   Lightweight Directory Access Protocol (LDAP)
        Authentication
         –   Uses Novell eD...
Domain

    •   Ensure adequate disk space
         –   Novell eDirectory and Novell GroupWise will get corrupted if
     ...
Message Transfer Agent

     •   Reduce attach retry
          –   The new default is 60 seconds which is good

          ...
Message Transfer Agent

     •   Enable Hypertext Transfer Protocol (HTTP) monitoring
          –   Ensure that there are ...
Message Transfer Agent

     •   Message logging
          –   Useful for tracking messages through the system
           ...
Post Office

     •   Ensure adequate disk space
          –   Novell eDirectory and Novell GroupWise will get
           ...
Post Office

     •   Security
          –   Should be set to high (Now default)

          –   With low intruders may get...
Post Office Agent

     •   Logging
          –   Have logging set at normal
               >   Don't keep log files too l...
Post Office Agent

     •   QuickFinder indexing              ™



          –   Once a day is enough, unless using
      ...
Link Configuration

     •   Use Message Transport Protocol (IP) links everywhere
          –   Domain to domain
         ...
Client Options

     •   Some can be set through ConsoleOne          ®




          –   Use client options

     •   Some...
Gateways:
     Novell GroupWise Internet Agent
                             ®              ®




     •   Disable features...
Gateways:
     Novell GroupWise Internet Agent
                             ®                     ®




     •   Avoid Gat...
Email Address Publishing

     •   Email Addresses

          –   By default, only a user's preferred e-mail address is pu...
New in Novell GroupWise 8 SP2         ®        ®




     •   Restrict the number of recipients
          –   No more unau...
Gateways: WebAccess

     •   Disable features that are not needed
          –   Document management
          –   LDAP ad...
Tuning the Server

     •   Optimise the server settings where required

     •   Choose the best file system

     •   En...
File System

     •   Turn Compression off
          –   Novell GroupWise compresses all files itself
                    ...
Good House Keeping

     •   Domain and post office directories
          –   Tidy up / Delete stuck messages from queues
...
System Synchronisation

     •   Regularly check the system synchronisation

          –   Connect to each domain and chec...
Novell eDirectory       ®
                                           ™




     •   Ensure that Novell GroupWise and Novel...
Standardise

     •   Standardise as much as possible

          –   Directory paths

          –   Domain, post office, M...
Local Administration

     •   Try to keep central control of the system components
          –   Keep central control of
...
How to Set QuickFinder Indexing                            ™




     •   POA Startup file
          –   QFLevel
         ...
Using GWCheck
Novell GroupWise Check  ®                           ®




     Scheduled events
          –   Default Daily Maintenance Ev...
Novell GroupWise Check  ®             ®




     •   Optional checks
          –   Library
          –   Expire/reduce
   ...
Moving Users
Moving Users

     •   Run a GWCheck first
          –   Attclip
          –   DelDupFolders
          –   Clear all issue...
Monitoring
Monitor Your Environment

     •   Use Novell GroupWise Monitor ®    ®




          –   Comes free with GroupWise

      ...
Monitor Your Environment

     •   Use third party monitoring software



                       IntelliReach Control
    ...
Questions
Unpublished Work of Novell, Inc. All Rights Reserved.
This work is an unpublished work and contains confidential, propriet...
Additional GWCheck Options
GroupWise Check Support Options       ®




     •   AttClip
          –   Removes references of lost attachment files

  ...
Support Options 1

     •   AttClip
          –   Removes references of lost attachment files

     •   StoreDrop (alias C...
Support Options 2

     •   SubjectPurge (alias ItemPurge)
          –   Purge items if subject matches

     •   AttachPu...
Support Options 3

     •   CheckJobList
          –   Checks the jobs in the ngwcheck.db

     •   MAPICleanup
          ...
Support Options 4

     •   PabSkip (alias SkipPab)
          –   Skip personal address book check

     •   NoSubjectPurg...
Support Options 5

     •   ResetMove
          –   Check the user store for move in progress flag in
              VERIFI...
Support Options 6

     •   ResequenceFolders (Alias Resequence)
          –   Re-sequence all folders (at all levels)

  ...
Support Options 7

     •   PabDelDupRec
          –   Cleans up duplicate personal groups in a personal
              add...
Support Options 8

     •   Bypass_DigestRetention
          –   Allows items to be expired (removed) even when the digest...
Support Options 9

     •   ClearTZ
          –   Delete the WebAccess timezone information from the
              user se...
Support Options 10

     •   ResetMaintFlag
          –   Removes the maintenance flag (ie file lock) for a database
     ...
Support Options 11

     •   ResetDocAuthor
          –   Reset the document author and creator to the values found in
   ...
Support Options 12

     •   ProxyFix
          –   Removes all duplicate user from proxy access lists created by
        ...
Best Practices for Administering Novell GroupWise 8
Upcoming SlideShare
Loading in...5
×

Best Practices for Administering Novell GroupWise 8

13,163

Published on

Along with a host of new end-user features, Novell GroupWise 8 includes administrative updates to make it easier than ever to keep your system running reliably, safeguard your data and leverage your existing investments. This session will assist you in perfecting the administration of your GroupWise messaging environment. You'll learn how to optimize and manage agents and configuration settings to maximize your system stability and performance.

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
13,163
On Slideshare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
290
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Transcript of "Best Practices for Administering Novell GroupWise 8"

  1. 1. Best Practices for Administering Novell GroupWise 8 ® ® Robin Redgrave Tim Heywood Workgroup Technical Specialist CTO, NDS8 rredgrave@novell.com tim.heywood@nds8.co.uk
  2. 2. Agenda • System Administration • Using GWCheck • Moving users • Monitoring the system 2 © Novell, Inc. All rights reserved.
  3. 3. System Administration
  4. 4. New in Novell GroupWise 8 ® ® • Some defaults changed – More appropriate settings • Maximum mailbox size – Currently 4 GB – Will rise to 4 TB • Training and Tutorials URL – Can be customised to point at an internal resource • First appearance of admin SOAP interface 4 © Novell, Inc. All rights reserved.
  5. 5. System Operations • Only make system changes from the primary domain • Regularly check on pending operations – From each administration domain • Lock out older administration snapins – Can cause problems • Restrict system operations to the primary domain 5 © Novell, Inc. All rights reserved.
  6. 6. Why Restrict System Operations • Local administrators can not make system changes – GWCheck scheduled events – User LDAP authentication Override – Internet addressing – Trusted applications 6 © Novell, Inc. All rights reserved.
  7. 7. System Operations • Enable Novell eDirectory synchronisation ® ™ – Chose LDAP server and credentials carefully – Look at the active log for users – Check rights and the post office membership • Enable auto create Nickname on a user move – Avoid D101 errors – Expire after a few days (28) 7 © Novell, Inc. All rights reserved.
  8. 8. System Operations • Lightweight Directory Access Protocol (LDAP) Authentication – Uses Novell eDirectory password to access ® ™ Novell GroupWise ® – Always use SSL over the wire • Set access rights automatically – Needed to find the post office – Does not assign file access rights 8 © Novell, Inc. All rights reserved.
  9. 9. Domain • Ensure adequate disk space – Novell eDirectory and Novell GroupWise will get corrupted if ® ™ ® you run out of space • Ensure an administrator is defined for each domain – No error messages delivered – No Novell GroupWise Check logs delivered • Define alternate Internet Agent – Will automatically route messages to the alternate if the primary is unavailable – Needs Message Transfer Protocol (MTP) to the Novell GroupWise Internet Agent (GWIA) 9 © Novell, Inc. All rights reserved.
  10. 10. Message Transfer Agent • Reduce attach retry – The new default is 60 seconds which is good – Older Domains will have a setting of 600 • Enable Priority Scanners – Additional threads for queues 0/1 and 2/3 (Now default) • Have settings in ConsoleOne if possible ® – Not in the startup file – can cause confusion 10 © Novell, Inc. All rights reserved.
  11. 11. Message Transfer Agent • Enable Hypertext Transfer Protocol (HTTP) monitoring – Ensure that there are authentication details set – Make sure that Secure Sockets Layer (SSL) is enabled • Logging – Have logging set at normal > Don't keep log files too long > 7 days at most – Use verbose logging > When trouble shooting > If needed by third party monitoring software 11 © Novell, Inc. All rights reserved.
  12. 12. Message Transfer Agent • Message logging – Useful for tracking messages through the system > Available from MTA HTTP Monitor > Available from Novell GroupWise Monitor ® ® – Required by some third party monitoring tools > Do not keep logs forever » Delete after 14 days or so – Turn off if not being used – Clear out MSLOCALMSGLOG directory > Check even if not enabled 12 © Novell, Inc. All rights reserved.
  13. 13. Post Office • Ensure adequate disk space – Novell eDirectory and Novell GroupWise will get ® ™ ® corrupted if you run out of space – Disk check event • Access mode – Use “Client/server only” not “Direct” or “C/S and Direct” • Enable intruder detection – Someone can try a brute force attack 13 © Novell, Inc. All rights reserved.
  14. 14. Post Office • Security – Should be set to high (Now default) – With low intruders may get access to a mailbox without the need for a password • Check membership – Needed for Novell eDirectory synchronisation ® ™ – Use a spreadsheet to compare numbers 14 © Novell, Inc. All rights reserved.
  15. 15. Post Office Agent • Logging – Have logging set at normal > Don't keep log files too long, 7 days is fine – Use verbose logging > When trouble shooting > If needed by third party monitoring software – Have a common directory to place all logs in • Set up proxy server address – Used for external access to the system – Optionally add SSL for external access 15 © Novell, Inc. All rights reserved.
  16. 16. Post Office Agent • QuickFinder indexing ™ – Once a day is enough, unless using document management – Don't turn off – Check for issues > Look in the logs > Check the directory for temporary files > Enable quarantine – Recreate occasionally 16 © Novell, Inc. All rights reserved.
  17. 17. Link Configuration • Use Message Transport Protocol (IP) links everywhere – Domain to domain – Domain to post office > Even when on the same server – Domain to Novell GroupWise Internet Agent ® ® – Use a meshed, routed, or mixed infrastructure > Balancing act > Always use direct links to and from the primary to all secondary domains • Can set maximum size limit for slow links – Can set a delay size limit 17 © Novell, Inc. All rights reserved.
  18. 18. Client Options • Some can be set through ConsoleOne ® – Use client options • Some can be set through the registry – HKEY_CURRENT_USERSoftwareNovellGroupWise – HKEY_LOCAL_MACHINESoftwareNovellGroupWise • Some settings cannot be set by the administrator at all – Need to be set through the client – Need to be authenticated as the user 18 © Novell, Inc. All rights reserved.
  19. 19. Gateways: Novell GroupWise Internet Agent ® ® • Disable features that are not used – Post Office Protocol (POP) – Internet Message Access Protocol (IMAP) – LDAP – iCalendar (iCal) • Monitor accounting file – Can give useful information • Use MTP – Enables alternate Internet agent 19 © Novell, Inc. All rights reserved.
  20. 20. Gateways: Novell GroupWise Internet Agent ® ® • Avoid Gateway aliases – Use the Internet Addressing override instead > Updates the Novell GroupWise address book > Updates Novell eDirectory ™ – Gateway Alias Migration utility > Will migrate aliases to Internet Addressing override > Available on the Novell GroupWise Utilities menu in ConsoleOne ® 20 © Novell, Inc. All rights reserved.
  21. 21. Email Address Publishing • Email Addresses – By default, only a user's preferred e-mail address is published to Novell eDirectory ® ™ • In Novell GroupWise 8 ® – Can now select which Internet addressing formats to publish – Can publish Nickname Internet addresses – Can publish aliases (but you wont) 21 © Novell, Inc. All rights reserved.
  22. 22. New in Novell GroupWise 8 SP2 ® ® • Restrict the number of recipients – No more unauthorised mail messages sent to all • Limit the attachment types of mail messages – No more exe or mp3 files • Access control to specified distribution lists – No unauthorised sending • Teaming + Conferencing options – Scheduling and saving 22 © Novell, Inc. All rights reserved.
  23. 23. Gateways: WebAccess • Disable features that are not needed – Document management – LDAP address book • Secure your web server – Use HyperText Transport Protocol Secure (HTTPS) – Use a valid certificate – Can mint your own • Customise with your corporate branding – Adjust date format if required 23 © Novell, Inc. All rights reserved.
  24. 24. Tuning the Server • Optimise the server settings where required • Choose the best file system • Ensure sufficient disk I/O • Be careful with virtualisation 24 © Novell, Inc. All rights reserved.
  25. 25. File System • Turn Compression off – Novell GroupWise compresses all files itself ® ® • Purge immediate on – WPCSIN, WPCSOUT and MSLOCAL and other queues • Disable atime and diratime • Turn off file-based virus checking of Novell GroupWise – There is no point as files are encrypted 25 © Novell, Inc. All rights reserved.
  26. 26. Good House Keeping • Domain and post office directories – Tidy up / Delete stuck messages from queues • Remove users that have left – Security issues • Clear out old records – Can see on the 'Record Enumerations' screen > X.400 records / Administrators • Remove unused objects from the system – Domains, post offices, gateways 26 © Novell, Inc. All rights reserved.
  27. 27. System Synchronisation • Regularly check the system synchronisation – Connect to each domain and check system information • If out of synchronization try manually synchronizing the missing object • If the problem persists initiate a top down rebuild – Remember to synchronize primary with secondary for all domains first 27 © Novell, Inc. All rights reserved.
  28. 28. Novell eDirectory ® ™ • Ensure that Novell GroupWise and Novell eDirectory ® are synchronised – Novell GroupWise to Novell eDirectory object – Novell eDirectory to Novell GroupWise object – Post office member list – Check invalid users in ConsoleOne ® • If in doubt graft the objects • Avoid having Novell eDirectory replicas on GW servers 28 © Novell, Inc. All rights reserved.
  29. 29. Standardise • Standardise as much as possible – Directory paths – Domain, post office, MTA & POA configuration – Start up files – Server settings • Have full documentation on configuration with screen shots to help with the configuration of new objects 29 © Novell, Inc. All rights reserved.
  30. 30. Local Administration • Try to keep central control of the system components – Keep central control of > Post offices/POA > Domains/MTA > Gateways • Local administrators should only have rights to administer users, resources & distribution lists – See TID 2928483 • Can cause political problems 30 © Novell, Inc. All rights reserved.
  31. 31. How to Set QuickFinder Indexing ™ • POA Startup file – QFLevel > 0 – Index a maximum of 1000 at a time > 1 – Index 500 items at a time on a low priority thread (default) > 2 – Index 1000 items at a time on a medium priority thread > 3 – Index 2000 items at a time on a high priority thread > 999 – index constantly until all databases indexed – QFNoPreProc > Suppress creation of word list, use if there are no libraries – QFDeleteOld > Delete old versions to keep disk space usage down 31 © Novell, Inc. All rights reserved.
  32. 32. Using GWCheck
  33. 33. Novell GroupWise Check ® ® Scheduled events – Default Daily Maintenance Event > Structural check – Default Weekly Maintenance Event > Contents check (attclip option is available) > Audit » Reports inactive mailboxes » The client versions and platforms are reported – Weekly Reduce – Default Disk Check Event, ensure thresholds are reasonable > Threshold for actions > Threshold to stop message processing 33 © Novell, Inc. All rights reserved.
  34. 34. Novell GroupWise Check ® ® • Optional checks – Library – Expire/reduce • Check the log files – Resolve any issues encountered • GWCheck options file – Now uses the same XML format across NetWare , Linux, ® and Windows – Can write option files for batch processing 34 © Novell, Inc. All rights reserved.
  35. 35. Moving Users
  36. 36. Moving Users • Run a GWCheck first – Attclip – DelDupFolders – Clear all issues • Ensure that you are using the live move functionality • If moving many users or large mailboxes – Increase threads and percentage for priming and moves • Monitor with move user status and POA log – Can now get an inventory of messages not moved 36 © Novell, Inc. All rights reserved.
  37. 37. Monitoring
  38. 38. Monitor Your Environment • Use Novell GroupWise Monitor ® ® – Comes free with GroupWise – Ensure all agents monitored – Set up thresholds – See the best practices guide • Needed for Novell GroupWise High Availability (GWHA) 38 © Novell, Inc. All rights reserved.
  39. 39. Monitor Your Environment • Use third party monitoring software IntelliReach Control http://www.intellireach.com/products/control.asp GWAVA Redline http://www.gwava.com/products/redline_overview.html 39 © Novell, Inc. All rights reserved.
  40. 40. Questions
  41. 41. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
  42. 42. Additional GWCheck Options
  43. 43. GroupWise Check Support Options ® • AttClip – Removes references of lost attachment files • DelDupFolders – Deletes .dup folders • SubjectPurge - (alias ItemPurge) – Purge items if subject matches • AttachPurge (alias AttFindPurge) – Deletes attachments that match the specified file name 44 © Novell, Inc. All rights reserved.
  44. 44. Support Options 1 • AttClip – Removes references of lost attachment files • StoreDrop (alias CleanSC) – Force stores to be dropped • DelDupFolders – Deletes .dup folders • ProxyMinReset – Removes all minimum user access records 45 © Novell, Inc. All rights reserved.
  45. 45. Support Options 2 • SubjectPurge (alias ItemPurge) – Purge items if subject matches • AttachPurge (alias AttFindPurge) – Deletes attachments that match the specified file name • FolderReset (alias ResFldr) – System folder reset mode • ResetMaintFlag – Removes the maintenance flag (ie file lock) for a database 46 © Novell, Inc. All rights reserved.
  46. 46. Support Options 3 • CheckJobList – Checks the jobs in the ngwcheck.db • MAPICleanup – MAPI cleanup • TestMode (alias WPTest) – Halt states and other debug flags 47 © Novell, Inc. All rights reserved.
  47. 47. Support Options 4 • PabSkip (alias SkipPab) – Skip personal address book check • NoSubjectPurge – Purges LIN_RECORD if it doesn't have a SUBJECT_TEXT • PabGroupFix – Changes group if another non-case-sensitive group exists • PabOnly – Stop check after personal address book verification 48 © Novell, Inc. All rights reserved.
  48. 48. Support Options 5 • ResetMove – Check the user store for move in progress flag in VERIFICATION_RECORD and clip. • SubjectList – List all subjects in message databases, creates file SUBDUMP • NoMsgDB (alias NoMDB) – Don't validate pointers to message databases 49 © Novell, Inc. All rights reserved.
  49. 49. Support Options 6 • ResequenceFolders (Alias Resequence) – Re-sequence all folders (at all levels) • SystemCategoryReset (Alias Ressyscat) – Reset (clear) all system category names • PabPurge – Delete specified PAB entries • PabFix – Fix bad addresses 50 © Novell, Inc. All rights reserved.
  50. 50. Support Options 7 • PabDelDupRec – Cleans up duplicate personal groups in a personal address group • VerifyMode (Alias vrfixup) – Verification mode (force repairing verification record) • CleanUpGWEventsKey – Delete/remove all event and event-definition records containing the specified key string 51 © Novell, Inc. All rights reserved.
  51. 51. Support Options 8 • Bypass_DigestRetention – Allows items to be expired (removed) even when the digest retention setting is in effect • Bypass_Retention (Alias ByPassRetention) – Allows items to be expired even when retention is active • ByPass_SmartPurge (Alias ByPassSmartPurge) – Allows items to be expired even when smart purge is active 52 © Novell, Inc. All rights reserved.
  52. 52. Support Options 9 • ClearTZ – Delete the WebAccess timezone information from the user settings • ForceClean – Forces deletion based on expire/reduce options • DelAllSubscribeRecords – Deletes all of the users SUBCRIBE_TO_RECORD and SUBSCRIBER_RECORD 53 © Novell, Inc. All rights reserved.
  53. 53. Support Options 10 • ResetMaintFlag – Removes the maintenance flag (ie file lock) for a database • StoreLowerCase – Convert the file names and directory names stored inside GroupWise databases in the post office to lower case ® – Useful when migrating to a Linux environment • DelSubscribeRecords – Deletes the users SUBCRIBE_TO_RECORD and SUBSCRIBER_RECORD • resetfutureapptcreatedates resetcreatedates 54 © Novell, Inc. All rights reserved.
  54. 54. Support Options 11 • ResetDocAuthor – Reset the document author and creator to the values found in the activity log • UnHideFolders – Unhide all hidden folder records • ClearMoveInventoryList – Clear any remaining inventory list items from moving this user 55 © Novell, Inc. All rights reserved.
  55. 55. Support Options 12 • ProxyFix – Removes all duplicate user from proxy access lists created by 5.2 to 5.5 upgrade • SetupMode (alias SetOnly) – Setup mode 56 © Novell, Inc. All rights reserved.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×