1 / 42

Tips and Tricks for Novell GroupWise Administration

aquila
Download Presentation

Tips and Tricks for Novell GroupWise Administration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Tips and Tricks for Novell GroupWise® Administration Tim Heywood, Technical Director, NDS 8 Robin Redgrave, Senior Consultant, Novell

    2. Agenda Administration with ConsoleOne Fixing problems in the message store GWCheck and advanced options Administration, tips & tricks outside ConsoleOne

    3. System Operations Only make system changes from the primary domain Regularly check on pending operations From each domain Restrict system operations to the primary domain Local administrators cannot make global changes

    4. System Operations eDirectory™ synchronization Have enabled Check by pressing F4 on MTA, look at the active log Check the membership on the post office Re-graft if necessary Auto create Nickname on a user move Avoid D101 errors Monitor expired records

    5. System Operations Administrator-Defined Fields You can populate GroupWise with standard mappings eDirectory GroupWise Middle initial Middle Qualifier Suffix Street Address Location Mail Stop City City State State/Province Zip Zip/PostalCode Description Comments and add your own custom fields

    6. System Operations LDAP Authentication Use eDirectory password to access GroupWise Periodic password changes Password restrictions Always use SSL over the wire

    7. Domains Ensure an administrator is defined for each domain No error messages delivered No GWCheck logs delivered Ensure administrator mailbox is regularly checked Setup proxy rights Use rules to file messages

    8. Message Transfer Agent Reduce attach retry 60 seconds would be better Priority Scanners Consider increasing the /tcptrunkwidth setting Have settings in ConsoleOne® and not in the startup file where possible HTTP Settings Monitor the agent

    9. Message Transfer Agent Message logging Useful for tracking messages through the system Available from MTA HTTP Monitor Available from GWMonitor Required by some third party monitoring tools Do not keep logs forever Delete after 14 days Turn off if not being used Clear out MSLOCAL\MSGLOG directory Check even if not enabled

    10. Post Offices Access mode Use client/server only Enable intruder detection Security Should be set to high

    11. Post Office Agent Tune the agent Use monitor to determine requirements Disable unused services IMAP/CAP HTTP Settings Monitor the agent

    12. Log Settings Have logging set at normal Don't keep log files too long 7 days should be fine Use verbose logging When trouble shooting If needed by third party monitoring software

    13. Link Configuration Use a meshed architecture across the LAN Match the WAN where possible Use a routed architecture across the WAN Use dedicated routing domains where appropriate Primary domain Should have direct links to/from all secondary domains

    14. Link Configuration Use TCP/IP links everywhere Domain to domain/domain to post office Even when on the same server Can set maximum size limit for slow links Can set a delay size limit If the routing changes to a post office do not take effect Copy the post office hold queues to WPCSOUT\OFS Toggle the link back to UNC then back to TCP/IP Rebuild the post office

    15. Client options Some can be set through ConsoleOne Set for domain, post office or user & locked Some can be set through the registry HKEY_CURRENT_USER\Software\Novell\GroupWise HKEY_LOCAL_MACHINE\Software\Novell\GroupWise And other locations ... Some settings cannot be set by the administrator at all Need to be set manually through the client

    16. Client options Set and lock down Mailbox size Maximum message size Any other restrictions Set user word list directory if workstation locked down By default in root directory Called WT61xx.UWL Location can be changed HKEY_CURRENT_USER\Software\Novell\User Word List\6.1\US\User Word List 0

    17. GWCheck Scheduled events Daily structural check Weekly contents check Disk space check, ensure threshold is reasonable Optional checks Library checks Expire/reduce Audit Check the log files Resolve any issues encountered

    18. GWCheck Audit Report Use to ensure you are not paying too much in licensing Full license mailboxes Limited license mailboxes Active/inactive mailboxes

    19. GWCheck Standalone GWCheck Can be used to check specific users or databases Can check archive and remote Support Options Can be used to resolve specific issues

    20. GWCheck Support Options AttClip Removes references of lost attachment files StoreDrop (alias CleanSC) Force stores to be dropped DelDupFolders deletes .dup folders

    21. GWCheck Support Options ProxyMinReset Removes all minimum user access records StoreLowerCase Convert the file names and directory names stored inside GroupWise databases in the post office to lower case Useful when migrating to a Linux environment CheckJobs Checks the jobs in the ngwcheck.db

    22. GWCheck Support Options SubjectPurge - (alias ItemPurge) Purge items if subject matches AttachPurge (alias AttFindPurge) Deletes attachments that match the specified file name FolderReset (alias ResFldr) System folder reset mode ResetMaintFlag Removes the maintenance flag (ie file lock) for a database

    23. Architecture Consider having a dedicated primary domain Only on larger systems No post offices/No gateways Consider having dedicated routing domains Have Gateways local to a secondary domain Secondary domain placement Administration · Gateways Link scheduling · Wan links – 2 or more post offices

    24. Good House Keeping Clear out old records Can see on the 'Record Enumerations' screen X.400 records Administrators Remove unused objects from the system Domains, Post offices, gateways, expired records Unused accounts - from audit report Check addressing rules Are they still needed? Internet Addressing negates the need for SMTP rules

    25. Good House Keeping Domain and post office directories Tidy up Compression off Purge immediate on – Can be limited to a few directory structures WPCSIN, WPCSOUT and MSLOCAL and other queues See TID2920356 Check queue directories for stuck messages

    26. Tuning the Server Optimize the server settings for maximum GroupWise performance See GW sizing recommendations - TID10016883 GWTune.ncf www.nds8.co.uk/brainshare/gwtune.ncf Edit for your environment

    27. System Synchronization Regularly check the system synchronization Connect to each domain and check system information If out of synchronization try manually synchronizing the missing object If the problem persists initiate a top down rebuild Remember to synchronize primary with secondary for all domains first

    28. eDirectory Ensure that GroupWise and eDirectory are synchronized GroupWise to eDirectory object eDirectory to GroupWise object Post office member list If in doubt graft the objects Avoid having eDirectory replicas on GroupWise servers

    29. Moving Users Ensure that you are using the live move functionality If moving many users Increase maximum threads for priming and moves Increase C/S threads Monitor with move user status If the inventory does not complete use GW6iList See TID10082189

    30. Standardize Standardize as much as possible Directory paths Domain, post office, MTA & POA configuration Start up files Server settings Have full documentation on configuration with screen shots to help with the configuration of new objects

    31. Monitor your Environment Use GWMonitor Ensure all agents monitored Set up thresholds Queue Counts Threads Can use third party monitoring software IntelliReach Control http://www.intellireach.com/Products/Suites/control.htm GWAVA Redline http://www.gwava.com/products/redline_overview.html

    32. Security Post Office authentication Do not have low security enabled With LDAP ensure that it is not plain text across the wire Web Access Use HTTPS on the web server GWIA Ensure POP/IMAP is secure Disable LDAP – Use NLDAP instead, if needed Monitor Ensure HTTP monitoring is secure

    33. Local Administration Try to keep central control of the system components Keep central control of Post offices/POA Domains/MTA Gateways Local administrators should only have rights to administer users, resources & distribution lists See TID 2928483 Beware! Can cause political problems

    34. Gateways - GWIA GWIA Disable features that are not used POP/IMAP/LDAP Monitor accounting file Come to the last session tomorrow; 'An in depth look at the GroupWise Internet agent'

    35. GWIA - Gateway Aliases Try to avoid gateway aliases Use the Internet Addressing override instead Easier to administer Updates the GroupWise address book Updates eDirectory

    36. Gateways - WebAccess Disable features that are not needed Document management LDAP address book Secure your web server Customize with your corporate branding http://developer.novell.com/ndk/gwwbacc.htm

    37. Further information Best Practices Guide www.novell.com/products/groupwise/bestpractice.pdf CoolSolutions www.novell.com/coolsolutions/gwmag/ GroupWise sizing document Tid 10016883

    39. Distributing Digital Certificates Used for Encrypting messages Digitally signing messages Distribution Can manually import Users have to trained to import the certificates 10,000 users means 100,000,000 imports Alternatively can use LDAP to dynamically look up Import once centrally Can include external users

    40. GWCheck Support Options MAPICleanup MAPI cleanup TestMode (alias WPTest) Halt states and other debug flags ProxyFix Removes all duplicate user from proxy access lists created by 5.2 to 5.5 upgrade

    41. GWCheck Support Options SetupMode (alias SetOnly) setup mode PabSkip (alias SkipPab) Skip personal address book check DelSubscribeRecords Fixes subscriber records in notify list NoSubjectPurge Purges LIN_RECORD if it doesn't have a SUBJECT_TEXT

    42. GWCheck Support Options PabChangeFix Changes group if another non-case-sensitive group exists PabOnly Stop check after personal address book verification

    43. GWCheck Support Options ResetMove Check the user store for move in progress flag in VERIFICATION_RECORD and clip. SubjectList list all subjects in message databases, creates file SUBDUMP NoMsgDB (alias NoMDB) Don't validate pointers to messages databases

More Related