Lotus Admin Training Part II


Published on

Presents an overview of various design issues/decisions involved during Domino Infrastructure planning, including the factors/issues relating to the hardware infrastructure strategy in terms of server, standards, messaging, replication, security, Internet connection, etc.

Published in: Technology, Business
1 Comment
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Lotus Admin Training Part II

  1. 1. Lotus Domino Admin Training Planning Domino Infrastructure Presents an overview of various design issues/decisions involved during Domino Infrastructure planning, including the factors/issues relating to the hardware infrastructure strategy in terms of server, standards, messaging, replication, security, Internet connection, etc. Reference: Domino Admin Help (c) Sanjaya Kumar Saxena
  2. 2. Planning Scenarios ‣ New Installation There are 2 possible scenarios viz. (a) notes deploying domino for the first time in the organization, and (b) upgrading an ‣ Upgrade existing infrastructure to a higher version. Both require different approaches. This training will have a higher focus on planning a new Domino Infrastructure.
  3. 3. Considerations for New Infrastructure ‣ Domino Server Platform These topics are discussed in detail in notes subsequent slides. ‣ Choice of Client ‣ Organization Structure ‣ Naming Standards ‣ Mail Routing ‣ Replication Strategy ‣ Availability ‣ Security ‣ Administration Strategy ‣ Third Party Applications
  4. 4. Domino Server Platform ‣ Domino 7 Choices For exact details of the version being notes deployed, please refer to the detailed systems requirements to select the • Windows 2000 or 2003 on Pentium or better right platform along with service packs and/or PTFs. • AIX 5.2 or 5.3 on PowerPC The other key step, after selecting the • Solaris 9 or 10 UltraSPARC server platform is server sizing. This is explained in the next 2 slides. • Red Hat RHEL 4 on Pentium or better • i5 OS V5R3 or V5R4 on i5 model 520 or better • Novell SLES 8 or 9 or 10 on Pentium or better ‣ Domino 8 Choices • Windows 2003 on Pentium or better • AIX 5.3 on PowerPC • Solaris 10 UltraSPARC III or better • Red Hat RHEL 5 on Pentium or better • i5 OS V5R4 on i5 model 520-901 or better • Novell SLES 10 on Pentium or better
  5. 5. Server Sizing ‣ Peak Load Server sizing is an important activity notes wherein you determine the server machine(s) specifications for a given ‣ Expected Growth application. ‣ Architecture One of the key objective of sizing is to ensure that the hardware is able to handle the peak load. The peak load can occur due to several factors. For example, seasonal changes in Use benchmark numbers provided by the server hardware business or one machine going down in a cluster operation. vendors to get an idea of sizing. Growth trends are very important to consider so that an appropriate Always consider a server that is scalable. capacity can be planned. These trends can be determined from business growth, expected application deployments, mail traffic growth, etc. Architecture in terms of various kind of domino servers (mail, application, etc), configurations (central, distributed, clustered or partitioned) plays an important role in sizing each machine.
  6. 6. Server Sizing ‣ Notes client reduces load on the notes Client(s) used server as it can do a lot of processing locally; whereas DWA is server centric • Notes Client and exerts more server load. In the notes client environment, proper use - Local replicas of local replicas can reduce the server load significantly. One of the key parameter is “replication interval”. • Domino Web Access (DWA) Larger Mail files require faster disks & ‣ Mail file size larger amount of RAM to deliver required performance. ‣ Full text indexing Full text indexing requires more server ‣ Port encryption/SSL capacity. It is important to know the number of databases that will be ‣ indexed and the number of users that Transaction Logging will use search function. ‣ Cluster Any encryption or decryption is highly CPU intensive and must be used carefully. It is always recommended to use an external box for the same. Transaction logging requires updates to be written second time. This increases the server load. It is important to consider a separate dedicated disk (array) for this purpose. Cluster puts an extra load of cluster replication on each participating server. Special consideration is required in event of one more more member failing.
  7. 7. Choice of Client ‣ Notes Client offers standard notes Notes Client advantage of any standard client/ server configuration. It reduces overall ‣ Domino Web Access (DWA) server load and offers many advantages like, local replication, rich ‣ text, However, it needs to be installed SMTP/POP3 or IMAP Client & configured on every user machine. DWA is like any other browser based application and offers all the advantage of any web based application. No installation or configuration is required. But DWA requires more server resources, especially CPU & memory. Both Notes & DWA can run workflow applications & support calendaring & scheduling. SMTP/POP3 or IMAP allows us to use any standard internet mail client like Outlook or Thunderbird. It requires LDAP server for address searches. Also it does not have native calendering & scheduling support. The load on server is less in this case also.
  8. 8. Organization Structure ‣ One organizaion-one domain is ideal notes Domino Domains for small and mid size organizations, where one Domino domain is created • Most common scenario: one organization, one domain and all resources and users belong to one Domino Directory. This is • Other possibilities are considered as the most popular and easy to manage setup. Other scenarios are not discussed here. - One organization, multiple domains Like any organization structure, Lotus - Multiple organizations, one domain notes X.500/Organization Structure must be stable and should not change - Multiple organization, multiple domains frequently. It should ideally reflect organization structure. Any change in OUs can involve a lot of work within Lotus Notes. ‣ X.500 Structure Unless it is absolutely necessary, it is recommended to use only up to 2 or 3 • Create a structure around entities that are least likely to OU hierarchy levels. This way 1 or 2 OU levels are left to respond to any change organization structure changes that may occur in future. • Don’t consume all 4 OU hierarchical levels, leave room A separate OU for servers helps in for future expansion better management of servers. • Consider a separate OU for servers
  9. 9. Naming Standards ‣ User naming standards should be notes Considerations for standards uniform and must define mechanisms to handle name conflicts. It should • User Names also take care of internet mail address also. In Lotus Notes, First Name/ • Server Names Middle Initials/Last name is a well accepted standard. For internet there are many possibilities. Common • ACL Groups example is <first name>.<last name>@domain.com. • Ports Server names should not be very long. • NNNs It is a good idea to limit the length to say 15 characters. Meaningful server name can be created by concatenating its purpose, and OU it serves. While creating groups, their purpose is required to be clearly defined and logged in the group document. Further, the appropriate group type is always selected. Access level code (M-Manager, D-Designer, E-Editor, A- Author, R-Reader, and P-Depositor) must be part of the group name as the first letter of the name. With TCP/IP as the network protocol, the Domino default port, named “TCPIP”, is used across the enterprise. Only in special cases such as clustering, additional port(s) may be required. In such cases, the purpose code is prefixed to TCPIP, e.g. CLU_TCPIP.
  10. 10. Mail Routing ‣ There are 2 possible protocols for mail notes Internal Mail Routing routing - Notes Routing and SMTP. Notes routing is usually preferred for • Routing Protocol internal mail routing as it offers better security including Notes PK security, • Routing Topology mail enabled workflow apps, and various kind of links. • Routing to users who are on different mail system Most popular mail routing topology is hub & spoke topology. In this topology, ‣ Internet Mail Routing mail traffic passes between a central hub server and multiple spoke servers; no mail is exchanged directly among the spokes. It is suitable for handling a high volume of mail in an organization. If there are more mail systems that are in use, consider using smart host server. Internet mail is routed using SMTP. Simplest arrangement for internet mail routing is to designated one Domino Server as SMTP server for inbound & outbound mails. More then one server can be set up for load balancing & availability perspective. Further details are discussed in module on Lotus Domino Messaging.
  11. 11. Replication Strategy ‣ Like mailing for replication also the notes Replication Topology most popular routing topology is hub & spoke topology. It is an efficient ‣ Replication Priorities topology as it minimizes the network traffic. Peer to peer topology can be ‣ considered for small organization Replication Schedule having few servers only. Lotus replication allows 3 different replication priorities viz. (a) High, (b) Medium, and (c) Low. It is possible to setup different replication schedules for these priorities separately. This setup is typically done in consultation with application developers. Further details are discussed in module on Lotus Domino Replication.
  12. 12. Availability ‣ One of the most critical aspects of notes Backup & Recovery Mechanisms administrating a Lotus Notes/Domino network is in the preparation for a ‣ Domino Cluster disaster that can lead to total and irrecoverable loss of data. Therefore, the backup of Domino servers is one of the most crucial parts of an administrator's job. Criticality of this necessitates that the backup should be performed daily. You can leverage replication to set up a separate backup server to maintain replicated backup of critical databases. Or you can chose from third party online backup tools for Lotus Domino. Any outage may occur due to hardware, operating system, or application failure. And typical figures for hardware repair, application restart, and operating system reboot times is ½ hour to few days, 2 to 30 minutes, and 5 to 20 minutes respectively. Impact due to non-availability is summarized below: Availability Downtime/Day 98.0% 28 minutes 99.0% 14 minutes 99.9% 1.5 minutes Domino clusters offer high availability & load balancing and must be considered for any high availability requirements. It is an application level clustering and does not require any special hardware or OS software.
  13. 13. Security ‣ Operating System security typically notes Operating System involves applying latest patches, hardening of OS and shutting all the ‣ Domino services that are not required. Please consult your OS security guidelines for • Servers the same. • Databases As a bare minimum step for Domino security, you need to focus on Server, Database, workstation and ID files • Workstations security. Some of the essential steps are prohibiting anonymous access, to • ID Files servers & databases; enforcing consistent ACL across; storing all ID ‣ files securely; and leveraging Internet workstation ECLs. Internet security involves planning firewalls, SMTP security and application level security for web enabled applications. A very comprehensive material titled “Building Rock Solid Domino Security” is separately available.
  14. 14. Administration Strategy ‣ DIstributed administration may be notes Centralized v/s Distributed required in big organizations where servers are spread over a large ‣ User Management geography. In such case, the authority levels delegated to regional/local ‣ administration must be carefully Server Management planned. ‣ Monitoring User management involves creating, moving, disabling (or deleting) users. Developing appropriate policies for users (e.g. for desktop, security, and mail archiving etc.) is critical along with their proper enforcement. It may also be important from security perspective to log all failed login attempts. Server management involves tasks like Change the server administrator, setting and managing passwords for the server console, commissioning/ decommission a server, re-certify a server ID, or moving a Domino server from one computer to another, etc. Continuous monitoring of Domino infrastructure is essential for its perfect running state. The critical elements that require monitoring include databases/applications, messaging, replication, security, directory, host OS and web services. Domino Domain Monitoring (DDM) provides pre- configured monitoring capabilities. It delivers a single feature-oriented view that allows administrators to view the status of multiple servers across a domain. DDM was introduced in the Release 7 of Lotus Domino.
  15. 15. New Administration Features in Release 8 ‣ Notes Mail Template has undergone a notes Out of Office Service major enhancement in Release 8. Now it supports dual architecture for out of ‣ Message Recall office functionality. It can be configured as either a mail router level ‣ service or as an agent. Inbox Maintenance ‣ New On Disk Structure ODS48 The message recall feature provides users with the ability to recall mail messages after they are sent. This ‣ Database Redirects feature is useful when a Lotus Notes client user has accidentally clicked ‣ Streaming Cluster Replication Send and then needs to retract the message in order to complete or modify the message content Inbox maintenance feature offers improved server performance by reducing the size of users' Inboxes in mail files. The new ODS provides potential improvements for I/O & folder optimization, Database names list for user renames, and Design compression. Database redirect feature allows automatic redirection of Notes client references from deleted or moved databases to a database replica that you specify. It is a very useful features for database management. Streaming cluster replication significantly enhances the performance & I/O in clusters.
  16. 16. Third Party Applications ‣ Backup, Anti Virus & Anti SPAM are notes Backup few essential third party applications that must be carefully evaluated & ‣ Anti Virus deployed. Some of them are available in form of appliances e.g. Anti SPAM. ‣ Anti SPAM While evaluating, it is important to look at any dependencies, degree of integration, and the specific Lotus Domino version support.
  17. 17. Upgrade Considerations ‣ notes Existing Domino Release ‣ Hardware age & its capacity • Usage profile of each server ‣ Any existing template customizations ‣ Domain & Directory Configuration ‣ Mail Routing ‣ Replication
  18. 18. Upgrade Methodology ‣ During planning develop an upgrade notes Plan policy & strategy including coexistence, transition plan for ‣ Prepare servers, clients, mailing and applications. It is important to have a ‣ rollback plan in place. This is a critical Pilot piece for any disaster during upgrade. ‣ Go Live! Preparation is all about setting a test environment, and having a SOP & check list ready for the upgrade process. Pilot involves creating a simulated upgrade in the test environment using the SOPs & checklists. It is important to document any problems faced during pilot and accordingly correct the SOPs and checklists. Once the pilot is successful, you are ready to rollout the upgrade process and go live! Note: Consider using Smart Upgrade tool upgrade client software as it saves the effort to visit each & every workstation.