Configuring the GroupWise WebAccess Gateway

Previous page
Table of content
Next page

In this section, you'll learn about some of the eDirectory objects associated with the WebAccess gateway, what functions they perform, and how to configure all aspects of the WebAccess gateway. This section goes through each configuration screen, discussing most of the options and how they affect the overall performance or functionality of the WebAccess gateway. This section does not discuss every option, because some of the options are self-explanatory and make minor changes to the functionality of WebAccess. Also, there are a few generic gateway options of minimal consequence that will not be discussed.

The WebAccess Agent

This is the object you can see associated with a domain when you select to view gateways. It is the only object associated with a WebAccess gateway that is directly associated with a domain. When you edit the properties of the WebAccess Agent, you can configure the settings associated with this agent.

GroupWise Identification Property Page

Following is an explanation of the Identification property page of the GroupWise WebAccess Agent:

  • Subdirectory: This is the directory of the owning domain for the agent. It's located under the WPGATE directory. If you select the drop-down button, you will see all the gateway directories under this gateway. This should be the directory that the WebAccess Agent uses for some of its configuration files.

  • Time Zone: This allows you to enter the agent's default time zone.

Tip

Users can adjust the time zone from the WebAccess client so that appointments will show up in their local time zone.


  • Platform: You should specify on which platform this WebAccess Agent will be running. If you are running the agent on a Windows 2000/2003 or Linux platform, you will need to change this to reflect that OS.

  • Gateway Alias Type: For the WebAccess gateway, you should not need an alias type. This field is active on any of the GroupWise gateways.

  • Foreign ID: For the WebAccess gateway, you should not need a foreign ID. Again, this field is active on any of the GroupWise gateways and is primarily used with a GWIA.

  • SNMP Community "Get" String: If you are using SNMP-monitoring software to monitor the WebAccess gateway, this field allows you to set the get string to match your monitoring software. Blank is the default.

Network Address Property Page

Following is an explanation of the Network Address property page of the GroupWise WebAccess Agent:

  • TCP/IP Address: This should be the TCP/IP or DNS address for the WebAccess Agent.

  • HTTP Port: The HTTP port is used by the WebAccess Agent and the GroupWise Monitor utility. This port tells the WebAccess Agent which port to listen on for Web-browser monitoring. This GroupWise Monitor utility reads the HTTP port value from the domain database in order to monitor the WebAccess Agent.

    Tip

    To enable HTTP monitoring, you should also enable the HTTP username and password. To do this, go to the Optional Gateway Settings property page and fill in the HTTP username and password fields.


    The SSL portions of this screen are not discussed in this chapter. Chapter 27, "Securing Your GroupWise System via SSL," provides detailed information about how to enable SSL for WebAccess.

  • TCP Port: This is the port that the WebAccess Application running on the web server will use to communicate data to the WebAccess Agent. In other words, the agent will listen on this port for data coming from the application.

Configuring the GroupWise Optional Gateway Settings Property Page

Most optional gateway settings are generic gateway settings that do not apply to the WebAccess gateway. The help file regarding them should suffice. Be sure to fill in the HTTP username and password fields.

Understanding the GroupWise Gateway Administrators Property Page

In the GroupWise Gateway Administrators property page, you can define a GroupWise user or group as the administrator for the GroupWise agent. The roles are generic roles for all gateways. The one role you might be interested in setting is the operator.

The operator role allows the defined user(s) or group(s) to receive mail messages when errors occur at the GroupWise agent. This helps alert you to problems with the gateway.

Note

The user whom you add as an operator must be a GroupWise user. Also, if you add a group or distribution list, its visibility must be set to system.


Configuring the WebAccess Settings Property Page

Shown in Figure 11.14, the WebAccess Settings property page is important to enabling the application and agent to communicate properly. Both settings are stored in the domain database and in the COMMGR.CFG file, which is located in two places. It is located in the DOMAIN\WPGATE\WEBACCESS directory for the WebAccess Agent, and a copy of this file is made available to the WebAccess Application on the web server, the default of which is \NOVELL\WebAccess. On a NetWare server, the NOVELL\WebAccess directory is generally in the root of the SYS:volume. On a Linux server, the commgr.cfg file will typically be located in the directory /opt/novell/groupwise/webaccess.

Figure 11.14. The WebAccess Settings property page


Note

The COMINT.CFG file located in the DOMAIN\WPGATE\WEBACCESS directory is basically a live backup of the COMMGR.CFG file. If your COMMGR.CFG file becomes damaged or corrupt, you can copy the COMINT.CFG file to COMMGR.CFG.


When you make changes to the maximum-threads or encryption-key settings, three files will be updated. They are the COMINT.CFG and COMMGR.CFG files located at the DOMAIN\WPGATE\WEBACCESS directory, and the COMMGR.CFG file located on the web server in the \NOVELL\WebAccess directory.

Note

When you make changes to the maximum-threads or encryption-key settings, the COMMGR.CFG file in the \NOVELL\WebAccess directory is first backed up to COMMGR.CFG.1 and a new COMMGR.CFG file is placed here. For this reason, you might see several COMMGR.CFG.X files in your \NOVELL\WebAccess directory. This indicates when a change was made to the threads or encryption key.


Following is an explanation of the Settings property page of the GroupWise WebAccess Agent:

  • Maximum Threads: This setting allows you to increase or decrease the maximum number of threads that the WebAccess Agent will use for communication. If you find that your users are receiving slow responses when using WebAccess, you might need to increase this number. You can monitor your agent to see whether it has reached the maximum number of threads. You will learn how to identify how many threads the WebAccess Agent is using later, in the section "Understanding the GroupWise WebAccess Console."

  • Encryption Key: The encryption-key value defined here is used to encrypt data sent between the WebAccess Agent and the WebAccess Application provider. This ensures that communication between these two WebAccess components is encrypted and secure. As mentioned earlier in this section, this encryption key is stored in the COMMGR.CFG file. Because both the WebAccess Agent and the Application provider must use the same encryption key, the COMMGR.CFG file is accessible to them both.

    You can accept the default encryption key that the install generates, or you can use your own encryption key, if desired. If the Application cannot talk to the Agent, it is good to double-check the COMMGR.CFG file on the web server running the Application and the server running the Agent. You can manually copy the COMMGR.CFG file from the DOMAIN\WPGATE\WEBACCESS directory to the \NOVELL\WEBACCESS directory if you do have a communication problem between these two agents.

Configuring the Access Control Settings Property Page

The Access Control Settings configuration page allows you to determine who can use the WebAccess gateway to access the GroupWise mailbox. You can define multiple classes of service with corresponding members. The default class of service contains everyone and allows everyone access to the WebAccess Agent.

One of the most important settings under Access Control is the Timeout After setting. The default of 20 minutes is generally a good setting to keep. If you increase this setting, users may needlessly tie up resources on the WebAccess Agent when they have already closed their browser.

To edit the Timeout After value, do the following:

1.

Go to the Access Control page.

2.

Highlight the class of service you want to affect, which is typically the Default Class of Service.

3.

Click the Edit button.

4.

Modify the Timeout After X Minutes of No Use field to reflect your desired timeout length.

You have now successfully changed the timeout value.

Understanding the Access Control Database Management Properties Page

All the access control settings regarding classes of service and membership are stored in a database called GWAC.DB. This database is located in the DOMAIN\WPGATE\WEBACCESS directory. This database management tab allows you to validate and recover this database.

Following is an explanation of the Access Control Database Management property page of the GroupWise WebAccess Agent:

  • Validate Now: Clicking this option will basically run a structure check on the GWAC.DB file that reports any inconsistencies found in the database. It also tells you how many bytes, fields, and indexes it validated. If inconsistencies are found, you should perform a Recover Now operation on the database.

  • Recover Now: Clicking this option will basically run a structural rebuild of the GWAC.DB that will repair any structural damage in the database. The GWAC.DC file is used as a template file on how to structurally build the new GWAC.DB file.

This section spoke of how to fix the GWAC.DB. However, you will rarely have issues with the GWAC.DB file.

Configuring the Reattach Settings Property Page

The Reattach Settings tab is used when you are running the WebAccess Agent on a Windows 2000/2003 platform and when the links to the post office are direct (or UNC). (Post office links are discussed in the next section.) If you are running the WebAccess Agent on a NetWare platform or if the post office links are TCP/IP, you do not need this information. Remember that the WebAccess Agent acts like a client when it accesses the user's user and message databases. If the agent is running on Windows 2000/2003 and you have defined direct links to post offices, the 2000/2003 server running the agent must log in to the post office's server in order to access the message store. This facilitates the need to supply the following information.

Following is an explanation of the Reattach Settings property page of the GroupWise WebAccess Agent:

  • Tree: Enter the name of the eDirectory tree where the server that houses the post offices is located.

  • Context: Enter the full context of the eDirectory user who will be used to log in to the post office server.

  • User ID: Enter the ID of the eDirectory user who has rights to the post office directory. (This user must have read, write, create, erase, modify, and file scan rights to the post office directory.)

  • Password: Enter the password for the eDirectory user.

Customers who use NetWare will most likely not have to use the settings on this property page.

Understanding the Post Office Links Settings Property Page

The Post Office Links Settings tab is very important. It defines exactly how the WebAccess Agent will communicate to the post offices in the GroupWise system. Remember that the agent acts like a client in that it must access the post office message store to retrieve a user's mail.

Following is an explanation of the Post Office Links Settings property page of the GroupWise WebAccess Agent:

  • Domain Column: This defines the domain that the post office is under.

  • Post Office Column: This identifies the name of the post office.

  • Access Mode: This defines how the WebAccess Agent will access the post office. You have four options here:

    • Client/server and direct

    • Client/server only

    • Direct only

    • Follow P.O. (use current post office access)

If the access mode is set to Use Current Post Office Access (also known as "Follow P.O."), it depends on what the post office object access mode is set to. If it is set to client/server only, you will see an IP address or a DNS name in the Link column. If it is set to direct only, you will see the UNC path to the post office in the Link column. If it is set to client/server and direct, you might see either an IP address or a UNC path. You need client/server access from the WebAccess Agent to each post office.

Warning

It's not possible to have a post office set to allow client/server only on the access mode but have the WebAccess Agent set to a direct connection. If this were the case, users of the WebAccess client would not be able to log in to their post offices, because the post office would reject direct connections coming from the WebAccess Agent.


You can edit any of the post office links from this interface if they are not configured correctly. Simply highlight the post office you would like to edit and click the Edit Link button.

Notice that the Post Office Links Settings window defines what the access mode for the post office is currently set to so that you don't have to pull up the details of each post office object to find this information. Also, when you have Follow P.O. selected, you cannot modify the links; they are grayed out. This is because it will read the UNC path and IP address from the POA object record in the WPDOMAIN.DB and use it. If you select any of the other three options, you will be able to modify either the UNC path or the IP address and port.

Tip

When troubleshooting WebAccess to POA connectivity problems, go to the Post Office Links property page first. Quite often, WebAccess will have the incorrect IP address or port for the POA. Somehow, when a POA's IP information or a post office's access method is updated, it is not always communicated well enough to WebAccess. Making the change from the Post Office Links property page is often the solution.


Configuring the WebPublisher Settings Property Page

These settings are used only if you installed the WebPublisher piece of WebAccess during the initial gateway install. Here's an explanation of these options so that if you are running GroupWise document management, you can configure this piece of the WebAccess gateway.

Following is an explanation of the WebPublisher Settings property page of the GroupWise WebAccess Agent:

  • WebPublisher Proxy User Mailbox ID: This is the GroupWise mailbox ID of a GroupWise user who will actually be retrieving documents in the GroupWise system. Document management users must share their documents with this particular proxy user in order for them to view these documents from WebPublisher. The proxy user is just a GroupWise user created in your system, for the express purpose of supporting WebPublisher.

  • WebPublisher Proxy User Mailbox Password: Enter the Proxy user's GroupWise password here.

  • Library Access: Here is where you define which libraries will be visible from WebPublisher. If you have multiple libraries in your GroupWise system, you can allow or restrict access to these libraries for the WebPublisher agent.

  • Assign General User Access to WebPublisher Users: If you enable this option, documents in the available libraries that are accessible to general users are available through WebAccess. In other words, if a user creates a document and this particular document type is accessible by all users, the WebPublisher proxy user would be able to see it, so the document would be available through WebPublisher. The owner of the document would not need to explicitly share it with the WebPublisher proxy user.

  • Disk Cache Size: This setting determines the size of the disk cache where cached documents will reside. When a user retrieves a document from a GroupWise document management library from within WebPublisher, the document will be cached. This setting determines how large this cache can grow to.

  • Cache Synchronization Interval: This value in seconds determines how often the WebPublisher Application will synchronize the document(s) in the cache with the real document sitting in the GroupWise library.

  • Disk Cache Path: This defines the location of the cache for documents that are retrieved via WebPublisher. It is recommended to have this directory located on the same server as the one where the WebAccess Agent is running. The default location for this cache on a NetWare server is SYS\SYSTEM\CACHE.

You should now be comfortable configuring the WebAccess Agent and should understand how these settings can affect the performance and functionality of your WebAccess Agent.

The next section discusses the eDirectory objects that are created with the WebAccess Application installation. It is through these eDirectory objects that you administer the remaining components of the WebAccess gateway.


Previous page
Table of content
Next page
NOVELL GroupWise 7 Administrator Solutions Guide
Novell GroupWise 7 Administrator Solutions Guide
ISBN: 0672327880
EAN: 2147483647
Year: 2003
Pages: 320
Authors: Tay Kratzer
BUY ON AMAZON
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Introduction to 80x86 Assembly Language and Computer Architecture
Sap Bw: a Step By Step Guide for Bw 2.0
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
DNS & BIND Cookbook
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy