Novell GROUPWISE 8 Post Office Agent
IX
Post Office Agent
Chapter 35, “Understanding Message Delivery and Storage in the Post Office,” on page 475
Chapter 36, “Configuring the POA,” on page 487
Chapter 37, “Monitoring the POA,” on page 529
Chapter 38, “Optimizing the POA,” on page 561
Chapter 39, “Using POA Startup Switches,” on page 581
novdocx (en) 22 June 2009
IX
Post Office Agent
473
novdocx (en) 22 June 2009
474 GroupWise 8 Administration Guide
35
Understanding Message Delivery
novdocx (en) 22 June 2009
and Storage in the Post Office
A post office is a collection of user mailboxes and GroupWise® objects. Messages are delivered into
mailboxes by the Post Office Agent (POA). The following topics help you understand the post office
and the functions of the POA:
Section 35.1, “Post Office Representation in ConsoleOne,” on page 475
Section 35.2, “Post Office Directory Structure,” on page 476
Section 35.3, “Information Stored in the Post Office,” on page 476
Section 35.4, “Post Office Access Mode,” on page 480
Section 35.5, “Role of the Post Office Agent,” on page 481
Section 35.6, “Message Flow in the Post Office,” on page 483
Section 35.7, “Cross-Platform Issues in the Post Office,” on page 483
35.1 Post Office Representation in ConsoleOne
In ConsoleOne®, post offices are container objects that contain at least one POA object, as shown
below:
Figure 35-1 ConsoleOne View Showing the POA Object
35
Although each post office is linked to a domain, it does not display as subordinate to the domain in
the Console View. However, using the GroupWise View, you can display post offices as subordinate
to the domains to which they are linked in your GroupWise system.
Understanding Message Delivery and Storage in the Post Office
475
Figure 35-2 GroupWise View Showing Post Offices in Relationship to Domains
35.2 Post Office Directory Structure
Physically, a post office consists of a set of directories that house all the information stored in the
post office. See “Post Office Directory” in GroupWise 8 Troubleshooting 3: Message Flow and
Directory Structure.
novdocx (en) 22 June 2009
35.3 Information Stored in the Post Office
The following types of information are stored in the post office:
Section 35.3.1, “Post Office Database,” on page 476
Section 35.3.2, “Message Store,” on page 476
Section 35.3.3, “Guardian Database,” on page 478
Section 35.3.4, “Agent Input/Output Queues in the Post Office,” on page 478
Section 35.3.5, “Libraries (optional),” on page 479
All databases in the post office should be backed up regularly. How often you back up GroupWise
databases depends on the reliability of your network and hardware. See Section 31.2, “Backing Up a
Post Office,” on page 423.
35.3.1 Post Office Database
The post office database (
including a copy of the GroupWise Address Book. This information is necessary for users to send
messages to others in the GroupWise system.
35.3.2 Message Store
wphost.db
) contains all administrative information for the post office,
GroupWise messages are made up of three parts:
Message Header: The message header contains addressing information including the sender’s
address, recipient’s address, message priority, status level, and a pointer that links the header to
the message body.
476 GroupWise 8 Administration Guide
Message Body: The message body contains the message text in an encrypted format and a
distribution list containing user IDs of the sender and recipients.
File Attachments (optional): File attachments can be any type of file that is attached to the
message.
The message store consists of directories and databases that hold messages. The message store is
shared by all members of the post office so only one copy of a message and its attachments is stored
in the post office, no matter how many members of the post office receive the message. This makes
the system more efficient in terms of message processing, speed, and storage space.
All information in the message store is encrypted to prevent unauthorized access.
The message store contains the following components:
“User Databases” on page 477
“Message Databases” on page 477
“Attachments Directory” on page 478
User Databases
novdocx (en) 22 June 2009
Each member of the post office has a personal database (
userxxx.db
) which represents the user’s
mailbox. The user database contains the following:
Message header information
Pointers to messages
Folder assignments
Personal groups
Personal address books
Rules
Contacts
Checklists
Categories
Junk Mail lists
When a member of another post office shares a folder with one or more members of the local post
office, a “prime user” database (
puxxxxx.db
) is created to store the shared information. The “prime
user” is the owner of the shared information.
Local user databases and prime user databases are stored in the
ofuser
directory in the post office.
Message Databases
Each member of the post office is arbitrarily assigned to a message database (
msgnnn.db
) where the
body portions of messages are stored. Many users in a post office share a single message database.
There can be as many as 255 message databases (numbered 0 through 254) in a post office. Message
ofmsg
databases are stored in the
directory in the post office.
Historical Note: Prior to GroupWise 7, the POA created a maximum of 25 message databases per
post office. The current maximum of 255 message databases speeds up message delivery and
minimizes user impact if a database is damaged.
Understanding Message Delivery and Storage in the Post Office 477
Outgoing messages from local senders are stored in the message database assigned to each sender.
Incoming messages from users in other post offices are stored in the message database that
corresponds to the message database assigned to the sender in his or her own post office. In each
case, only one copy of the message is stored in the post office, no matter how many members of the
post office it is addressed to.
Attachments Directory
novdocx (en) 22 June 2009
The attachments directory (
offiles
) contains subdirectories that store file attachments, message
text, and distribution lists that exceed 2 KB. Items of this size are stored more efficiently as files
than as database records. The message database contains a pointer to where each item is found.
35.3.3 Guardian Database
The guardian database (
for the following subordinate databases in the post office:
User databases (
Message databases (
Prime user databases (
Library databases (
The guardian database is vital to GroupWise functioning. Therefore, the POA has an automated
back-up and roll-forward process to protect it. The POA keeps a known good copy of the guardian
database called
ngwguard.fbk
the transaction in the roll-forward transaction log called
ngwguard.db
to the
file (the “fall back” copy) and applies the transactions recorded in the
new, valid and up-to-date
In addition to the POA back-up and roll-forward process, you should still back up the
ngwguard.db, ngwguard.fbk
Without a valid ngwguard.db file, you cannot access your e-mail. With current
ngwguard.rfl
files, a valid
ngwguard.db
userxxx.db
msgnnn.db
puxxxxx.db
dmsh.db
) serves as the master copy of the data dictionary information
)
)
)
and
dmxxnn01-FF.db
. Whenever it modifies the
)
ngwguard.db
ngwguard.rfl
file, the POA also records
. If the POA detects damage
file on startup or during a write transaction, it goes back to the
ngwguard.rfl
ngwguard.db
, and
ngwguard.db
.
ngwguard.rfl
files regularly to protect against media failure.
file can be rebuilt should the need arise.
ngwguard.fbk
ngwguard.fbk
file to create a
and
The
ngwguard.dc
file is the structural template for building the guardian database and its
subordinate databases. Also called a dictionary file, the
information, such as data types and record indexes. If this dictionary file is missing, no additional
databases can be created in the post office.
35.3.4 Agent Input/Output Queues in the Post Office
Each post office contains agent input/output queues where messages are deposited and picked up for
processing by the POA and the MTA. The MTA transfers messages into and out of the post office,
while the POA handles message delivery.
For illustrations of the processes presented below, see “Message Delivery to a Different Post Office”
and “Message Delivery to a Different Domain” in GroupWise 8 Troubleshooting 3: Message Flow
and Directory Structure.
478 GroupWise 8 Administration Guide
ngwguard.dc
file contains schema
MTA Output Queue in the Post Office
novdocx (en) 22 June 2009
The MTA output queue in each post office is the
post_office\wpcsout
directory.
If the MTA has a mapped or UNC link to the post office, the MTA writes user messages directly into
its output queue, which requires write access to the post office. If the MTA has a TCP/IP link to the
post office, the MTA transfers user messages to the POA by way of TCP/IP. The POA then stores the
messages in the MTA output queue on behalf of the MTA, so the MTA does not need write access to
the post office.
post_office\wpcsout\ofs
The
subdirectory is where the MTA transfers user messages for
delivery by the POA to users’ mailboxes in the local post office.
The MTA
post_office\wpcsout\ads
messages instructing the POA admin thread to update the post office database (
subdirectory is where the MTA transfers administrative
wphost.db
).
POA Input Queue in the Post Office
The POA input queue in each post office is the
post_office\wpcsout
directory, which is the same
as the MTA output queue.
post_office\wpcsout\ofs
The
subdirectory is where the POA picks up user messages deposited
there by the MTA and updates the local message store, so users receive their messages.
post_office\wpcsout\ads
The
subdirectory is where the POA admin thread picks up
administrative messages deposited there by the MTA and updates the post office database
wphost.db
(
).
POA Output Queue in the Post Office
The POA output queue (post_office\wpcsin) is where the POA deposits user messages for the MTA
to transfer to other domains and post offices.
Historical Note: In earlier versions of GroupWise, the GroupWise client wrote user messages to the
POA output queue when using direct access to the post office. In GroupWise 6.x and later, client/
server access to the post office is the preferred method.
MTA Input Queue in the Post Office
The MTA input queue in each post office (
post_office\wpcsin
) is the same as the POA output
queue. The MTA picks up user messages deposited there by the POA and transfers them to other
domains and post offices.
For a mapped or UNC link between the domain and post office, the MTA requires read/write access
rights to its input/output queues in the post office. For a TCP/IP link, no access rights are required
because messages are communicated to the MTA by way of TCP/IP.
35.3.5 Libraries (optional)
A library is a collection of documents and document properties stored in a database system that can
be managed and searched. You do not need to set up libraries unless you are using GroupWise
Document Management Services (DMS). See Part VII, “Libraries and Documents,” on page 305.
Understanding Message Delivery and Storage in the Post Office 479
Library Databases
novdocx (en) 22 June 2009
The databases for managing libraries are stored in the
gwdms
directory and its subdirectories in the
post office.
The
dmsh.db
file is a database shared by all libraries in the post office. It contains information about
where each library in the post office is located.
Each library has its own subdirectory in the gwdms directory. In each library directory, the
dmxxnn01-FF.db
files contain information specific to that library, such as document properties and
what users have rights to access the library.
Document Storage Areas
The actual documents in a library are not kept in the library databases. They are kept in a document
storage area, which consists of a series of directories for storing document files. Documents are
encrypted and stored in BLOBs (binary large objects) to make document management easier. A
document, its versions, and related objects are stored together in the same BLOB.
A document storage area might be located in the post office directory structure, or in some other
location where more storage space is available. If it is located in the post office, the document
storage area can never be moved. Therefore, storing documents in the post office directory structure
is not usually recommended. If it is stored outside the post office, a document storage area can be
moved when additional disk space is required.
35.4 Post Office Access Mode
The GroupWise 6.x and later Windows client and the GroupWise 6.5 and later Linux/Mac client
both use client/server access mode to the post office. This requires a TCP/IP connection between the
GroupWise clients and the POA in order for users to access their mailboxes. Benefits of client/server
access include:
Load Balancing: The workload is split between the client workstation and the POA on another
server. The POA can perform a processor-intensive request while the client is doing something
else.
Database Integrity: The GroupWise client does not need write access to databases in the post
office. Therefore, client failures cannot damage databases.
Reduced Network Traffic: Requests are processed on the POA server and only the results are
sent back across the network to the client workstation.
Tighter Security: Client users do not need to log in to the server where the post office is
located. This eliminates the need for users to have write access to the post office directory.
Scalability: More concurrent users can be supported in a single post office.
Platform Independence: The GroupWise client on any platform can access the post office by
way of TCP/IP communication with the POA.
Simplified Client Connections: The GroupWise client can communicate with any POA in the
GroupWise system. Any POA can then redirect the client to connect to the correct POA for the
users’ post office.
480 GroupWise 8 Administration Guide
Historical Note: In GroupWise 5.x, the GroupWise client allowed the user to enter a path to the post
office directory to facilitate direct access mode. The GroupWise 6.x and later clients no longer offer
the user that option. However, you can force the GroupWise 6.x and later client to use direct access
by starting it with the /ph switch and providing the path to the post office directory.
35.5 Role of the Post Office Agent
The GroupWise Post Office Agent (POA) delivers messages to users’ mailboxes, connects users to
their post offices in client/server access mode, updates post office databases, indexes messages and
documents, and performs other post office-related tasks. You must run at least one POA for each
post office.
The following sections help you understand the various functions of the POA:
Section 35.5.1, “Client/Server Processing,” on page 481
Section 35.5.2, “Message File Processing,” on page 482
Section 35.5.3, “Other POA Functions,” on page 482
novdocx (en) 22 June 2009
35.5.1 Client/Server Processing
Using client/server access mode, the GroupWise client maintains one or more TCP/IP connections
with the POA and does not access the post office directly. Consequently, the performance of the
POA in responding to requests from the GroupWise client directly affects the GroupWise client’s
responsiveness to users. To provide the highest responsiveness to client users, you can configure a
POA just to handle client/server processing. See Section 38.1.3, “Configuring a Dedicated Client/
Server POA,” on page 564.
When using client/server access mode, the GroupWise client can be configured to control how much
time it spends actually connected to the POA.
In Online mode, the client is continuously connected.
In Caching mode, the client connects at regular intervals to check for incoming messages and
also whenever the client user sends a message. Address lookup is performed locally. Caching
mode allows the POA to service a much higher number of users than Online Mode.
In Remote mode, the client connects whenever the client user chooses, such as when using a
brief modem connection to download and upload messages.
NOTE: Remote mode is not currently available in the Linux/Mac client.
For more information about the client modes available with client/server access mode, see:
“Using Caching Mode” and “Using Remote Mode” in the GroupWise 8 Windows Client User
Guide
“Caching Mode” in the GroupWise 8 Linux/Mac Client User Guide
Client/server access mode also allows users to access their GroupWise mailboxes from POP and
IMAP clients, in addition to the GroupWise client. See Section 36.2.3, “Supporting IMAP Clients,”
on page 502.
Understanding Message Delivery and Storage in the Post Office 481
In client/server mode, the POA is enabled for secure SSL connections by default. If necessary, you
can configure the POA to force SSL connections with all clients. See Section 36.3.3, “Securing the
Post Office with SSL Connections to the POA,” on page 511.
35.5.2 Message File Processing
Messages from users in other post offices arrive in the local post office in the form of message files
deposited in the POA input queue. See Section 35.3.4, “Agent Input/Output Queues in the Post
Office,” on page 478.
The POA picks up the message files and updates all user and message databases to deliver incoming
messages in the local post office. To provide timely delivery for a large volume of incoming
messages, you can configure a POA just to handle message file processing. See Section 38.2.2,
“Configuring a Dedicated Message File Processing POA,” on page 567.
35.5.3 Other POA Functions
In addition to client/server processing (interacting with client users) and message file processing
(delivering messages), the POA:
novdocx (en) 22 June 2009
Performs indexing tasks for document management. See Section 38.3.1, “Regulating
Indexing,” on page 569.
Performs scheduled maintenance on databases in the post office. See Section 36.4.1,
“Scheduling Database Maintenance,” on page 520.
Monitors and manages disk space usage in the post office. See Section 36.4.2, “Scheduling
Disk Space Management,” on page 523.
Restricts the size of messages that users can send outside the post office. See Section 36.2.7,
“Restricting Message Size between Post Offices,” on page 507.
Primes users’ mailboxes for Caching mode. See Section 36.2.6, “Supporting Forced Mailbox
Caching,” on page 506.
Performs nightly user upkeep so users do not need to wait while the GroupWise client performs
it; also creates a downloadable version of the GroupWise Address Book for Remote and
Caching users. See Section 36.4.3, “Performing Nightly User Upkeep,” on page 526.
Provides LDAP authentication and LDAP server pooling. See Section 36.3.4, “Providing
LDAP Authentication for GroupWise Users,” on page 514.
Prevents unauthorized access to the post office. See Section 36.3.5, “Enabling Intruder
Detection,” on page 519.
Tracks the GroupWise client software in use in the post office. See Section 36.2.5, “Checking
What GroupWise Clients Are in Use,” on page 505.
Automatically detects and repairs invalid information in user databases (
message databases (
msgnnn.db
) for the local post office by using an efficient multi-threaded
userxxx.db
) and
process. See Section 38.4.1, “Adjusting the Number of POA Threads for Database
Maintenance,” on page 575.
Automatically detects and repairs invalid information in the post office database (
wphost.db
).
Automatically detects and repairs damage to the guardian database (
office.
482 GroupWise 8 Administration Guide
ngwguard.db
) in the post
Updates the post office database whenever GroupWise users, resources, post offices, or other
GroupWise objects are added, modified, or deleted.
Replicates shared folders between post offices.
Executes GroupWise client rules.
Processes requests from GroupWise Remote users.
35.6 Message Flow in the Post Office
To see how messages are delivered using client/server access mode, see “Message Delivery in the
Local Post Office” in GroupWise 8 Troubleshooting 3: Message Flow and Directory Structure.
35.7 Cross-Platform Issues in the Post Office
GroupWise is designed to function in a variety of environments. The GroupWise Windows client
runs on the following platforms:
Windows XP
Windows Vista
novdocx (en) 22 June 2009
The GroupWise Linux/Mac client runs on the following platforms:
Linux
Mac OS* X for Intel*
Mac OS X for PowerPC*
In addition, GroupWise users can access their mailboxes without using a GroupWise client through
the following applications:
GroupWise WebAccess (see “WebAccess” on page 875)
POP and IMAP clients such as Netscape* Mail, Eudora* Pro, Microsoft Outlook, Thunderbird,
and Entourage*
MAPI clients such as Microsoft Mail and cc:Mail*
SOAP clients such as Evolution and many mobile devices
Post offices can be located on the following platforms:
Novell
Windows Server
Linux
®
NetWare
®
The GroupWise agents can run on the following platforms:
Novell NetWare
Windows Server
Linux
Understanding Message Delivery and Storage in the Post Office 483
In general, GroupWise is most efficient if you match the agent platform with the network operating
system, so the POA and the post office should be on the same platform, and the client should be on a
compatible platform. Those with mixed networks might wonder what combinations are possible.
You have several alternatives.
Section 35.7.1, “Client/Post Office Platform Independence through Browser Technology,” on
page 484
Section 35.7.2, “Client/Post Office Platform Independence through Client/Server Mode,” on
page 484
Section 35.7.3, “POA/Post Office Platform Dependencies Because of Direct Access
Requirements,” on page 484
35.7.1 Client/Post Office Platform Independence through Browser Technology
If your GroupWise users want to access their mailboxes through POP3, IMAP4, or SOAP clients, it
makes no difference what platform their post offices are located on. However, users are limited to
the client capabilities of their POP3, IMAP4, or SOAP clients.
novdocx (en) 22 June 2009
If you install GroupWise WebAccess on a Web server, GroupWise users can still access their
mailboxes through their browsers and with more native GroupWise features available. See
“WebAccess” on page 875 for more information.
35.7.2 Client/Post Office Platform Independence through Client/Server Mode
The GroupWise 6.5 and later Windows client and the Linux/Mac client require Client/Server access
mode. With this configuration, it makes no difference what platform users’ post offices are located
on. The GroupWise client accesses the post office by communicating with the POA using TCP/IP,
which is a platform-independent protocol.
35.7.3 POA/Post Office Platform Dependencies Because of Direct Access Requirements
The POA must have direct access to the post office directory. Therefore, the POA must be able to
log in to the server where the post office is located and must be able to write to the databases and
directories located in the post office.
Although the recommended configuration is for the POA and the post office to be on the same
platform and preferably on the same server, some variation is possible. The table below summarizes
the various combinations of POA and post office platforms and indicates which combinations work
for direct access and which ones do not for GroupWise 8:
Table 35-1 POAs and Platforms Supported for Direct Access
Post Office on NetWare Yes Not supported
Post Office on Linux Not supported
484 GroupWise 8 Administration Guide
NetWare POA Linux POA Windows POA
1
1
Yes Yes
Yes
NetWare POA Linux POA Windows POA
novdocx (en) 22 June 2009
No
2
3
Yes Yes
3
No
No
3
Post Office on Windows No
Post Office on
Macintosh
1
For these combinations, an NFS* connection is required, which is not a supported configuration
for the agents.
2
The NetWare POA cannot service a post office on a Windows server because Windows does not
support the required cross-platform connection.
3
Post offices cannot be created on Macintosh computers.
Understanding Message Delivery and Storage in the Post Office 485
novdocx (en) 22 June 2009
486 GroupWise 8 Administration Guide
36
Configuring the POA
For detailed instructions about installing and starting the POA for the first time, see “Installing
GroupWise Agents” in the GroupWise 8 Installation Guide.
®
As your GroupWise
meet the changing needs of the post office it services. The following topics help you configure the
POA:
Table 36-1 Configuring the POA
system grows and evolves, you might need to modify POA configuration to
novdocx (en) 22 June 2009
36
Section 36.1, “Performing
Basic POA Configuration,” on
page 487
Section 36.2, “Configuring
User Access to the Post
Office,” on page 498
Section 36.3, “Configuring Post
Office Security,” on page 508
Section 36.4, “Configuring Post
Office Maintenance,” on
page 520
Creating a POA Object in eDirectory
Configuring the POA in ConsoleOne
Changing the Link Protocol between the Post Office and the
Domain
Binding the POA to a Specific IP Address
Moving the POA to a Different Server
Adjusting the POA for a New Post Office Location
Adjusting the POA Logging Level and Other Log Settings
Using Client/Server Access to the Post Office
Simplifying Client/Server Access with a GroupWise Name Server
Supporting IMAP Clients
Supporting SOAP Clients
Checking What GroupWise Clients Are in Use
Supporting Forced Mailbox Caching
Restricting Message Size between Post Offices
Securing Client/Server Access through an External Proxy Server
Securing the Post Office with SSL Connections to the POA
Providing LDAP Authentication for GroupWise Users
Enabling Intruder Detection
Configuring Trusted Application Support
Scheduling Database Maintenance
Scheduling Disk Space Management
Performing Nightly User Upkeep
36.1 Performing Basic POA Configuration
POA configuration information is stored as properties of its POA object in eDirectoryTM. The
following topics help you modify the POA object in ConsoleOne
meet changing system configurations:
Section 36.1.1, “Creating a POA Object in eDirectory,” on page 488
Section 36.1.2, “Configuring the POA in ConsoleOne,” on page 489
Section 36.1.3, “Changing the Link Protocol between the Post Office and the Domain,” on
page 493
®
and change POA configuration to
Configuring the POA
487
Section 36.1.4, “Binding the POA to a Specific IP Address,” on page 495
Section 36.1.5, “Moving the POA to a Different Server,” on page 496
Section 36.1.6, “Adjusting the POA for a New Post Office Location,” on page 496
Section 36.1.7, “Adjusting the POA Logging Level and Other Log Settings,” on page 497
36.1.1 Creating a POA Object in eDirectory
When you create a new post office, one POA object is automatically created for it. You can set up
additional POAs for an existing post office if message traffic in the post office is heavy. To
accomplish this, you must create additional POA objects as well.
®
To create a new POA object in Novell
1 In ConsoleOne, browse to and right-click the Post Office object for which you want to create a
new POA object, then click New > Object.
2 Double-click GroupWise Agent to display the Create GroupWise Agent dialog box.
eDirectory:
novdocx (en) 22 June 2009
3 Type a unique name for the new POA. The name can include as many as 8 characters. Do not
use any of the following invalid characters in the name:
ASCII characters 0-31 Comma ,
Asterisk * Double quote "
At sign @ Extended ASCII characters that are graphical or typographical symbols;
accented characters in the extended range can be used
Backslash \ Parentheses ( )
Braces { } Period .
Colon :
You use this name with the /name startup switch when you start the new POA.
The Type field is automatically set to Post Office.
4 Select Define Additional Properties.
5 Click OK.
The POA object is automatically placed within the Post Office object.
6 Review the information displayed for the first four fields on the Identification page to ensure
that you are creating the correct type of Agent object in the correct location.
488 GroupWise 8 Administration Guide
7 In the Description field, type one or more lines of text describing the POA.
This description displays on the POA server console as the POA runs. When you run multiple
POAs on the same server, the description should uniquely identify each one. If multiple
administrators work at the server where the POA runs, the description could include a note
about who to contact before stopping the POA.
8 In the Platform field, select the platform (NetWare, Linux, or Windows) where the POA will
run.
9 Continue with Section 36.1.2, “Configuring the POA in ConsoleOne,” on page 489.
novdocx (en) 22 June 2009
36.1.2 Configuring the POA in ConsoleOne
The advantage to configuring the POA in ConsoleOne, as opposed to using startup switches in a
POA startup file, is that the POA configuration settings are stored in eDirectory.
1 In ConsoleOne, expand the eDirectory container where the Post Office object is located.
2 Expand the Post Office object.
3 Right-click the POA object, then click Properties.
The table below summarizes the POA configuration settings in the POA object properties pages and
how they correspond to POA startup switches (as described in Chapter 39, “Using POA Startup
Switches,” on page 581). The table also includes settings on the Post Office object that correspond
to POA startup switches.
Table 36-2 POA Configuration Settings
ConsoleOne Properties Pages
and Settings
POA Identification Page
Corresponding Tasks and Startup Switches
Configuring the POA 489
novdocx (en) 22 June 2009
ConsoleOne Properties Pages
and Settings
Domain.PO
Distinguished Name
Corresponding Tasks and Startup Switches
See Section 36.1.1, “Creating a POA Object in eDirectory,” on
page 488.
Name
Agent Type
Description
Platform
POA Agent Settings Page
Message File Processing See Section 38.2.2, “Configuring a Dedicated Message File Processing
POA,” on page 567.
See also /nomf, /nomfhigh, and /nomflow.
Message Handler Threads See Section 38.2.1, “Adjusting the Number of POA Threads for
Message File Processing,” on page 566.
See also /threads.
Enable Client/Server See Section 36.2.1, “Using Client/Server Access to the Post Office,” on
page 498 and Section 38.1.3, “Configuring a Dedicated Client/Server
POA,” on page 564.
See also /notcpip.
Client/Server Handler Threads See Section 38.1.2, “Adjusting the Number of Connections for Client/
Server Processing,” on page 563.
See also /tcpthreads.
Max Physical Connections
Max Application Connections
See Section 38.1.2, “Adjusting the Number of Connections for Client/
Server Processing,” on page 563.
See also /maxphysconns and /maxappconns.
Enable Caching See /nocache.
CPU Utilization (NLM)
Delay Time (NLM)
See Section 38.5, “Optimizing CPU Utilization for the NetWare POA,”
on page 577.
See also /cpu and /sleep.
Max Thread Usage for Priming
and Moves
See Section 36.2.6, “Supporting Forced Mailbox Caching,” on
page 506.
See also /primingmax.
Enable IMAP
Max IMAP Threads
Enable SOAP
Max SOAP Threads
See Section 36.2.3, “Supporting IMAP Clients,” on page 502.
See also /imap and /imapmaxthreads.
See Section 36.2.4, “Supporting SOAP Clients,” on page 504.
See also /soap and /soapmaxthreads.
Enable SNMP
SNMP Community "Get" String
490 GroupWise 8 Administration Guide
See Section 37.6, “Using an SNMP Management Console,” on
page 555.
See also /nosnmp.
novdocx (en) 22 June 2009
ConsoleOne Properties Pages
and Settings
Disable Administration Task
Corresponding Tasks and Startup Switches
See /noada.
Processing
HTTP User Name
HTTP Password
See Section 37.2.1, “Setting Up the POA Web Console,” on page 544.
See also /httpuser and /httppassword.
Network Address Page
TCP/IP Address
IPX/SPX Address
See Section 36.2.1, “Using Client/Server Access to the Post Office,” on
page 498 and “Using TCP/IP Links between the Post Office and the
Domain” on page 493.
See also /ip.
External IP Address See Section 36.3.1, “Securing Client/Server Access through an
External Proxy Server,” on page 509.
Bind Exclusively to TCP/IP
Address
See Section 36.1.4, “Binding the POA to a Specific IP Address,” on
page 495
See also /ip.
Message Transfer See “Using TCP/IP Links between the Post Office and the Domain” on
page 493.
See also /mtpinipaddr, /mtpinport, /mtpoutipaddr, /mtpoutport, /
mtpsendmax, and /mtpssl.
HTTP See Section 37.2.1, “Setting Up the POA Web Console,” on page 544.
See also /httpport and /httpssl.
Local Intranet Client/Server
Internet Proxy Client/Server
See Section 36.2.1, “Using Client/Server Access to the Post Office,” on
page 498 and “Using TCP/IP Links between the Post Office and the
Domain” on page 493.
See also /port, /internalclientssl, and /externalclientssl.
IMAP See Section 36.2.3, “Supporting IMAP Clients,” on page 502.
See also /imapport, /imapssl, and /imapsslport.
SOAP See Section 36.2.4, “Supporting SOAP Clients,” on page 504.
See also /soapport and /soapssl.
QuickFinder Page
Enable QuickFinder Indexing
Start QuickFinder Indexing
QuickFinder Interval
Quarantine Files That Fail
See Section 38.3.1, “Regulating Indexing,” on page 569 and
Section 38.3.3, “Configuring a Dedicated Indexing POA,” on page 571.
See also /qfbaseoffset, /qfbaseoffsetinminute, /qfinterval, /
qfintervalinminute, and /noqf.
during Conversion
Maintenance Page
Enable Auto DB Recovery See /norecover.
Configuring the POA 491
novdocx (en) 22 June 2009
ConsoleOne Properties Pages
and Settings
Corresponding Tasks and Startup Switches
Maintenance Handler Threads See Section 38.4.1, “Adjusting the Number of POA Threads for
Database Maintenance,” on page 575.
See also /gwchkthreads and /nogwchk.
Perform User Upkeep
Start User Upkeep
Generate Address Book for
See Section 36.4.3, “Performing Nightly User Upkeep,” on page 526.
See also /nuuoffset, /nonuu, /rdaboffset, and /nordab.
Remote
Start Address Book Generation
Disk Check Interval
Disk Check Delay
See Section 36.4.2, “Scheduling Disk Space Management,” on
page 523.
POA Log Settings Page
Log File Path
Logging Level
Max Log File Age
See Section 37.3, “Using POA Log Files,” on page 553.
See also /log, /logdays, /logdiskoff, /loglevel, and /logmax.
Max Log Disk Space
POA Scheduled Events
Page
Disk Check Event See Section 36.4.2, “Scheduling Disk Space Management,” on
page 523.
Mailbox/Library Maintenance
Event
POA SSL Settings Page
Certificate File
SSL Key File
Password
Post Office Settings Page
Remote User Name
Remote Password
Post Office Client Access
Settings Page
Lock Out Older GroupWise
Clients
Minimum Client Release
Versio n
Minimum Client Release Date
Enable Intruder Detection
Incorrect Logins Allowed
Incorrect Login Reset Time
Lockout Reset Time
See Section 36.4.1, “Scheduling Database Maintenance,” on page 520.
See Section 36.3.3, “Securing the Post Office with SSL Connections to
the POA,” on page 511.
See also /certfile, /keyfile, /keypassword.
See /user and /password.
See Section 36.2.5, “Checking What GroupWise Clients Are in Use,” on
page 505.
See also /gwclientreleasedate, /gwclientreleaseversion, and
/
enforceclientversion.
See Section 36.3.5, “Enabling Intruder Detection,” on page 519.
See also /intruderlockout, /incorrectloginattempts, /
attemptsresetinterval, and /lockoutresetinterval.
Post Office Security Page
492 GroupWise 8 Administration Guide
novdocx (en) 22 June 2009
ConsoleOne Properties Pages
and Settings
LDAP Authentication See Section 36.3.4, “Providing LDAP Authentication for GroupWise
Corresponding Tasks and Startup Switches
Users,” on page 514.
See also /ldapipaddr, /ldapport, /ldapuser, /ldappwd, /
ldapuserauthmethod, /ldapdisablepwdchg, /ldapssl, /ldapsslkey, /
ldaptimeout, and /noldapx. See also /ldapippooln, /ldappoolresettime, /
ldapportpooln, /ldapsslpooln, and /ldapsslkeypooln.
After you install the POA software, you can further configure the POA using a startup file. See
Chapter 39, “Using POA Startup Switches,” on page 581 to survey the many ways the POA can be
configured.
36.1.3 Changing the Link Protocol between the Post Office and the Domain
How messages are transferred between the POA and the MTA is determined by the link protocol in
use between the post office and the domain. For a review of link protocols, see Section 10.1.3, “Link
Protocols for Direct Links,” on page 149.
If you need to change from one link protocol to another, some reconfiguration of the POA and its
link to the domain is necessary.
“Using TCP/IP Links between the Post Office and the Domain” on page 493
“Using Mapped or UNC Links between the Post Office and the Domain” on page 495
NOTE: The Linux POA requires TCP/IP links between the post office and the domain.
Using TCP/IP Links between the Post Office and the Domain
To change from a mapped or UNC link to a TCP/IP link between a post office and its domain, you
must perform the following two tasks:
“Configuring the Agents for TCP/IP” on page 493
“Changing the Link between the Post Office and the Domain to TCP/IP” on page 494
Configuring the Agents for TCP/IP
1 If the MTA in the domain is not yet set up for TCP/IP communication, follow the instructions
in “Configuring the MTA for TCP/IP” on page 632.
2 To make sure the POA is properly set up for TCP/IP communication, follow the instructions in
Section 36.2.1, “Using Client/Server Access to the Post Office,” on page 498.
Only one POA per post office needs to communicate with the MTA. If the post office has
multiple POAs, have a POA that performs message file processing communicate with the MTA
for best performance. For information about message file processing, see Section 35.5, “Role
of the Post Office Agent,” on page 481.
3 In ConsoleOne, browse to and right-click the POA object, then click Properties.
4 Click GroupWise > Network Address to display the Network Address page.
Configuring the POA 493
5 In the Message Transfer field, specify the TCP port on which the POA will listen for incoming
messages from the MTA.
The default message transfer port for the POA to listen on is 7101.
novdocx (en) 22 June 2009
6 Click OK to save the TCP/IP information and return to the main ConsoleOne window.
Corresponding Startup Switches You can also use the /mtpinipaddr and /mtpinport startup
switches in the POA startup file to set the incoming IP address and port.
Changing the Link between the Post Office and the Domain to TCP/IP
1 In ConsoleOne, click Tools > GroupWise Utilities > Link Configuration.
2 In the drop-down list, select the domain where the post office resides.
3 Click Post Office Links, then double-click the post office for which you want to change the link
protocol.
4 In the Protocol field, select TCP/IP.
5 Make sure the information displayed in the Edit Post Office Link dialog box matches the
information on the Network Address page for the POA.
6 Click OK.
7 To exit the Link Configuration tool and save your changes, click File > Exit > Yes.
ConsoleOne then notifies the POA and MTA to restart using the new link protocol.
494 GroupWise 8 Administration Guide
For a sample message flow for this configuration, see “TCP/IP Link Open: Transfer between Post
Offices Successful” in “Message Delivery to a Different Post Office” in GroupWise 8
Troubleshooting 3: Message Flow and Directory Structure.
Corresponding Startup Switches You can also use the /mtpoutipaddr and /mtpoutport startup
switches in the POA startup file to set the outgoing IP address and port.
Using Mapped or UNC Links between the Post Office and the Domain
To change from a TCP/IP link to a mapped or UNC link between a post office and its domain:
1 In ConsoleOne, click Tools > GroupWise Utilities > Link Configuration.
2 In the drop-down list, select the domain where the post office resides.
3 Click Post Office Links, then double-click the post office for which you want to change the link
protocol.
4 In the Protocol field, select Mapped or UNC.
5 Provide the location of the post office in the format appropriate to the selected protocol.
6 Click OK.
7 To exit the Link Configuration tool and save your changes, click File > Exit > Yes.
ConsoleOne then notifies the POA and MTA to restart using the new link protocol.
novdocx (en) 22 June 2009
36.1.4 Binding the POA to a Specific IP Address
You can now cause the POA to bind to a specified IP address when the server where it runs uses
multiple IP addresses. The specified IP address is associated with all ports used by the agent.
Without an exclusive bind, the POA binds to all IP addresses available on the server.
1 In ConsoleOne, browse to and right-click the POA object, then click Properties.
2 Click GroupWise > Network Address to display the Network Address page.
3 Select Bind Exclusively to TCP/IP Address, then click OK to save your change.
Configuring the POA 495
Corresponding Startup Switches You can also use the /ip and /mtpoutport startup switch in the
POA startup file to establish an exclusive bind to the specified IP address.
36.1.5 Moving the POA to a Different Server
As your GroupWise system grows and evolves, you might need to move a POA from one server to
another. For example, you might decide to run the POA on a different platform, or perhaps you want
to move it to a server that has more memory.
1 When moving the POA, pay special attention to the following details:
For a POA configured for client/server processing, reconfigure the POA object with the
new IP address and port number for the POA to use on the new server. See Section 36.2.1,
“Using Client/Server Access to the Post Office,” on page 498.
For the NetWare POA, if it was originally on the same server where the post office is
located and you are moving it to a different server, add the /dn switch or the /user and /
password switches to the POA startup file to give the NetWare POA access to the server
where the post office is located. You can also provide user and password information on
the Post Office Settings page.
novdocx (en) 22 June 2009
2 Install the POA on the new server, as described in “Installing GroupWise Agents” in the
GroupWise 8 Installation Guide.
3 Start the new POA, as described in the following sections in the GroupWise 8 Installation
Guide:
“Starting the NetWare GroupWise Agents”
“Starting the Linux Agents with a User Interface”
“Starting the Windows GroupWise Agents”
4 Observe the new POA to see that it is running smoothly, as described in Chapter 37,
“Monitoring the POA,” on page 529.
5 Stop the old POA.
6 If you are no longer using the old server for any GroupWise agents, you can remove them to
reclaim the disk space, as described in the following sections in the GroupWise 8 Installation
Guide:
“Uninstalling the NetWare GroupWise Agents”
“Uninstalling the Linux GroupWise Agents”
“Uninstalling the Windows GroupWise Agents”
36.1.6 Adjusting the POA for a New Post Office Location
If you move a post office from one server to another, you also need to edit the POA startup file to
provide the new location of the post office directory.
1 Stop the POA for the old post office location if it is still running.
2 Use an ASCII text editor to edit the POA startup file.
The POA startup file is named after the post office name, plus a .poa extension.
496 GroupWise 8 Administration Guide
novdocx (en) 22 June 2009
NetWare
and
Windows:
Linux: The full post office name is used in the filename. However, all letters are lowercase
Only the first 8 characters of the post office name are used in the filename. The
startup file is typically located in the directory where the POA software is installed.
and any spaces in the post office name are removed. The startup file is located in the
/opt/novell/groupwise/agents/share
directory.
3 Adjust the setting of the /home switch to point to the new location of the post office directory.
4 Save the POA startup file.
5 Start the POA for the new post office location, as described in the following sections in the
GroupWise 8 Installation Guide:
“Starting the NetWare GroupWise Agents”
“Starting the Linux Agents with a User Interface”
“Starting the Windows GroupWise Agents”
6 Adjust the link between the post office and the domain. See Section 41.1.7, “Adjusting the
MTA for a New Location of a Domain or Post Office,” on page 640.
36.1.7 Adjusting the POA Logging Level and Other Log Settings
When installing or troubleshooting the POA, a logging level of Verbose can be useful. However,
when the POA is running smoothly, you can set the logging level down to Normal to conserve disk
space occupied by log files.
1 In ConsoleOne, browse to and right-click the POA object, then click Properties.
2 Click GroupWise > Log Settings to display the Log Settings page.
3 Set the desired settings for logging.
Configuring the POA 497
Log File Path: Browse to and select the directory where you want this POA to store its log
files. The default location varies by platform:
novdocx (en) 22 June 2009
NetWare:
Linux:
Windows:
post_office\wpcsout\ofs
/var/log/novell/groupwise/post_office.poa
post_office\wpcsout\ofs
For more information about log settings and log files, see Section 37.3, “Using POA Log
Files,” on page 553.
Logging Level: Select the amount of data displayed on the POA agent console and written to
the POA log file.
Off: Turns off disk logging and sets the logging level for the POA to its default. Logging
information is still displayed on the POA agent console.
Normal: Displays only the essential information suitable for a smoothly running POA.
Ve rb os e: Displays the essential information, plus additional information that can be
helpful for troubleshooting.
Diagnostic: Turns on Extensive Logging Options and SOAP Logging Options on the POA
Web console Log Settings page.
Corresponding Startup Switches You can also use the /log, /loglevel, /logdays, /logmax, and /
logdiskoff switches in the POA startup file to configure logging.
POA Web Console You can view and search POA log files on the Log Files page.
36.2 Configuring User Access to the Post Office
As described in Section 35.4, “Post Office Access Mode,” on page 480, the GroupWise 8 client
defaults to client/server access mode. The following topics help you configure the POA to customize
the types of client/server access provided to the post office:
Section 36.2.1, “Using Client/Server Access to the Post Office,” on page 498
Section 36.2.2, “Simplifying Client/Server Access with a GroupWise Name Server,” on
page 501
Section 36.2.3, “Supporting IMAP Clients,” on page 502
Section 36.2.4, “Supporting SOAP Clients,” on page 504
Section 36.2.5, “Checking What GroupWise Clients Are in Use,” on page 505
Section 36.2.6, “Supporting Forced Mailbox Caching,” on page 506
Section 36.2.7, “Restricting Message Size between Post Offices,” on page 507
Section 36.2.8, “Supporting Calendar Publishing,” on page 508
36.2.1 Using Client/Server Access to the Post Office
The POA defaults to Client/Server mode, which enables you to:
Set up TCP/IP for client/server communication between this POA and the GroupWise client
Set up TCP/IP communication between this POA and the MTA for the domain
498 GroupWise 8 Administration Guide
Configure the POA so network management and monitoring programs can use TCP/IP to send
SNMP requests to this POA
Set up an external server with Internet access for the POA
Configure the POA to provide a Web console for use with GroupWise Monitor
Configure the POA to communicate with IMAP (Internet Message Application Protocol)
clients
Configure the POA to communicate with SOAP (Simple Object Access Protocol) clients
Configure the POA for calendar publishing so that users' calendars can be viewed on the
Internet
To make sure the GroupWise client has proper client/server access to the post office:
1 Make sure TCP/IP is properly set up on the server where the POA is running.
2 In ConsoleOne, browse to and right-click the POA object, then click Properties.
3 Click GroupWise > Agent Settings to display the Agent Settings page.
novdocx (en) 22 June 2009
4 Make sure that Enable Client/Server is selected.
The default numbers of physical connections and application connections are appropriate for a
post office with as many as 500 users. If you are configuring the POA to service more than 500
users, see Section 38.1.2, “Adjusting the Number of Connections for Client/Server
Processing,” on page 563 for more detailed recommendations. Configuring the POA with
insufficient connections can result in error conditions.
5 Click GroupWise > Network Address.
Configuring the POA 499
6 On the Network Address page, click the pencil icon for the TCP/IP Address field to display the
Edit Network Address dialog box.
novdocx (en) 22 June 2009
7 Select IP Address, then specify the IP address, in dotted decimal format, of the server where the
POA is running.
or
Select DNS Host Name, then provide the DNS hostname of the server where the POA is
running.
IMPORTANT: The POA must run on a server that has a static IP address. DHCP cannot be
used to dynamically assign an IP address for it.
Specifying the DNS hostname rather than the IP address makes it easier to move the POA from
one server to another, should the need arise at a later time. You can assign a new IP address to
the hostname in DNS, without needing to change the POA configuration information in
ConsoleOne.
8 Click OK.
9 To use a TCP port number other than the default port of 1677, type the port number in the
Internal Client/Server Port field.
If multiple POAs will run on the same server, each POA must have a unique TCP port number.
10 For optimum security, select Required in the SSL drop-down list for local intranet client/server
connections, Internet client/server connections, or both. For more information, see
Section 36.3.3, “Securing the Post Office with SSL Connections to the POA,” on page 511.
500 GroupWise 8 Administration Guide
11 Click OK to save the network address and port information and return to the main ConsoleOne
window.
ConsoleOne then notifies the POA to restart with client/server processing enabled.
For a sample message flow for this configuration, see “Message Delivery in the Local Post Office”
in GroupWise 8 Troubleshooting 3: Message Flow and Directory Structure.
Corresponding Startup Switches You can also use the /port switch in the POA startup file to
provide the client/server port number. On a server with multiple IP addresses, you can use the /ip
switch to bind the POA to a specific address.
POA Web Console You can view the TCP/IP address and port information for the POA on the
Configuration page under the Client/Server Settings heading.
36.2.2 Simplifying Client/Server Access with a GroupWise Name Server
If GroupWise users are set up correctly in eDirectory, the GroupWise client can determine which
post office to access for each user based on the information stored in eDirectory. This lets the
GroupWise client start automatically in client/server mode without users needing to know and
provide any IP address information. However, some GroupWise users might be on platforms where
eDirectory is not in use. To fill the same function for non-eDirectory users, you can set up a
GroupWise name server.
novdocx (en) 22 June 2009
A GroupWise name server redirects each GroupWise client user to the IP address and port number
of the POA that services the user’s post office. By setting up a GroupWise name server, noneDirectory GroupWise client users do not need to know and provide any IP address information
when they start the GroupWise client in client/server mode. The GroupWise name server takes care
of this for them.
“Required Hostnames” on page 501
“Required Port Number” on page 501
“How a GroupWise Name Server Helps the GroupWise Client Start” on page 502
“Setting Up a GroupWise Name Server” on page 502
Required Hostnames
The primary GroupWise name server must be designated using the hostname
can also designate a backup GroupWise name server using the hostname
Required Port Number
Each server designated as a GroupWise name server must have a POA running on it that uses the
default port number of 1677. Other agents can run on the same server, but one POA must use the
default port number of 1677 in order for the GroupWise name server to function. For setup
instructions, see Section 36.2.1, “Using Client/Server Access to the Post Office,” on page 498.
ngwnameserver
ngwnameserver2
. You
.
Configuring the POA 501
How a GroupWise Name Server Helps the GroupWise Client Start
novdocx (en) 22 June 2009
After a server has been designated as
ngwnameserver
, and a POA using the default port number of
1677 is running on that server, the GroupWise client can connect to the POA of the appropriate post
office by contacting the POA located on
ngwnameserver
. If
ngwnameserver
is not available, the
client next attempts to contact the backup name server, ngwnameserver2. If no GroupWise name
server is available, the user must provide the IP address and port number of the appropriate POA in
order to start the GroupWise client in client/server mode.
Setting Up a GroupWise Name Server
1 Make sure that TCP/IP is set up and functioning on your network.
2 Know the IP address of the server you want to set up as a GroupWise name server.
3 Make sure the POA on that server uses the default TCP port of 1677.
4 If you want a backup GroupWise name server, identify the IP address of a second server where
the POA uses the default TCP port of 1677.
5 Use your tool of choice for modifying DNS.
NetWare: You can use INETCFG.
Linux: You can use the YaST Control Center.
Windows: You can use DNS Manager.
6 Create an entry for the IP address of the first POA and give it the hostname
ngwnameserver
.
7 If you want a backup name server, create an entry for the IP address of the second
POA and give it the hostname
ngwnameserver2
.
You must use the hostnames
ngwnameserver
and
ngwnameserver2
. Any other hostnames are
not recognized as GroupWise name servers.
8 Save your changes.
As soon as the hostname information replicates throughout your system, GroupWise client users can
start the GroupWise client in client/server mode without specifying a TCP/IP address and port
number.
36.2.3 Supporting IMAP Clients
Internet Messaging Application Protocol (IMAP) is used by e-mail clients such as Netscape Mail,
Eudora Pro, Microsoft Outlook, and Entourage*. You can configure the POA to communicate with
IMAP-enabled e-mail clients much like the GroupWise client does.
NOTE: IMAP clients connecting to your GroupWise system from outside your firewall must
connect through the Internet Agent, as described in Section 46.2, “Configuring POP3/IMAP4
Services,” on page 752, rather than through the POA. Connecting directly through the POA provides
faster access for internal IMAP clients.
1 In ConsoleOne, browse to and right-click the POA object, then click Properties.
2 Click GroupWise > Agent Settings to display the Agent Settings page.
502 GroupWise 8 Administration Guide
Loading...