Presentation is loading. Please wait.

Presentation is loading. Please wait.

GroupWise ® WebAccess Design and Implementation Tay Kratzer Primary Support Engineer, Novell Inc. Mike Bills ATT Engineer, Novell Inc.

Published byViolet Rose Modified over 9 years ago

Similar presentations

Presentation on theme: "GroupWise ® WebAccess Design and Implementation Tay Kratzer Primary Support Engineer, Novell Inc. Mike Bills ATT Engineer, Novell Inc."— Presentation transcript:

1 GroupWise ® WebAccess Design and Implementation Tay Kratzer Primary Support Engineer, Novell Inc. tkratzer@novell.com Mike Bills ATT Engineer, Novell Inc. mbills@novell.com

2 © March 9, 2004 Novell Inc. 2 one Net: Information without boundaries…where the right people are connected with the right information at the right time to make the right decisions. The one Net vision Novell exteNd ™ Novell Nsure ™ Novell Nterprise ™ Novell Ngage SM : : : :

3 © March 9, 2004 Novell Inc. 3 The one Net vision Novell Nterprise is an innovative family of products which gives you the power to enable and manage the constant interaction of people with your business systems — regardless of who they are or where they are. Novell Nterprise ™ Novell exteNd ™ Novell Nsure ™ Novell Nterprise ™ Novell Ngage SM : : : :

4 © February 2, 2004 Novell Inc. 4 Session Goals Explain GroupWise ® WebAccess Architecture Increase GroupWise WebAccess Stability Increase WebAcces session performance & scalability Secure WebAccess sessions via SSL Implement a Virus Protection solution HTML Monitoring WebAccess Agent and Application Fine tuning tips

5 © February 2, 2004 Novell Inc. 5 GroupWise WebAccess Architecture Two WebAccess Components WebAccess Application WebAccess Agent 1 2 Post Office WebAccess Agent Web Server with WebAccess

6 © February 2, 2004 Novell Inc. 6 GroupWise WebAccess Application Runs on NetWare, Linux, Unix, Windows Runs a Java Applet - Hosted by a web server Administered through ConsoleOne or the WEBACC.CFG file Handles about 1,000 users Very stable process Web Server with WebAccess

7 © February 2, 2004 Novell Inc. 7 GroupWise WebAccess Application Java Applet – Tomcat – On NetWare ®

8 © February 2, 2004 Novell Inc. 8 GroupWise WebAccess Application Web Server - Apache – On NetWare

9 © February 2, 2004 Novell Inc. 9 GroupWise WebAccess Application Administration Available in the eDirectory™ browser view in ConsoleOne Not available in the GroupWise ® View Settings kept in eDirectory and the WEBACC.CFG Four Objects – GroupWiseWebAccess – NovellSpeller – GroupWiseProvider – LDAPProvider

10 © February 2, 2004 Novell Inc. 10 GroupWise WebAccess Application WebAccess Application Objects in ConsoleOne ®

11 © February 2, 2004 Novell Inc. 11 GroupWise WebAccess Application Changes made to the WebAccess Application Objects in ConsoleOne are saved in *.CFG files on the web server. For example: WEBACC.CFG.

12 © February 2, 2004 Novell Inc. 12 GroupWise WebAccess Agent Executable code “GWINTER” on NetWare, Linux or Windows NT/2000 It’s the workhorse, it acts as a client to the POA on behalf of WebAccess users Less stable than the WebAccess Application By default the WebAccess Agent only supports 250 user connections Administered through ConsoleOne in either the GroupWise view or the eDirectory view

13 © February 2, 2004 Novell Inc. 13 GroupWise WebAccess Agent WebAccess Agent on NetWare (GWINTER.NLM)

14 © March 9, 2004 Novell Inc. 14 GroupWise WebAccess Agent WebAccess Agent on Linux (GWINTER)

15 © February 2, 2004 Novell Inc. 15 GroupWise WebAccess Agent Increase Stability Load Agents into protected memory for fast ABEND recovery (NetWare) Install additional Agents Configure Application to failover to additional agents Exclude file attachment viewing of certain file types

16 © February 2, 2004 Novell Inc. 16 Protected Memory Notes NetWare 5.1 or 6.x with latest patches Additional memory beyond current memory requirements – about 20% more for the modules that load Abends only happened in the protected memory space NetWare unloads and re-loads the protected memory space automatically Prerequisites:Advantages:

17 © February 2, 2004 Novell Inc. 17 WebAccess Agent on NetWare Add the following line to the STARTUP.NCF SET MEMORY PROTECTION NO RESTART INTERVAL = 0 Create a GWINTER.CFG in SYS:SYSTEM: /HOME= /USER= /PASSWORD= /LOGDISKON 1 2 Protected Memory Configuration Steps (Note: The Linux WebAccess Agent does not use the “/user” and “/password” switches, but the NetWare and Windows WebAccess Agents do.)

18 © March 9, 2004 Novell Inc. 18 Create a STARTGWA.NCF in SYS:SYSTEM LOAD ADDRESS SPACE =GW1 GWINTER @GWINTER.CFG PROTECTION RESTART GW1 3 Create a STOPGWA.NCF in SYS:SYSTEM UNLOAD ADDRESS SPACE =GW1 GWINTER UNLOAD KILL ADDRESS SPACE=GW1 4 Protected Memory Configuration Steps (cont.) WebAccess Agent on NetWare

19 © March 9, 2004 Novell Inc. 19 WebAccess Agent on NetWare (GWINTER.NLM) If the WebAccess Agent abends, NetWare unloads the protected memory space automatically. GWINTER Abend

20 © March 9, 2004 Novell Inc. 20 NetWare reloads GWINTER into protected memory WebAccess Agent on NetWare (GWINTER.NLM) Then NetWare reloads the protected memory space automatically. (Note this all happened in 7 seconds)

21 © March 9, 2004 Novell Inc. 21 WebAccess Agent on NetWare Protected Memory - Final Notes: Use the STOPGWA.NCF to unload the GWINTER Apply latest support pack to NetWare for essential patches to fix protected memory issues. Or – apply the patches in NWMEM3.EXE (support.novell.com) NW56UP3.EXE (support.novell.com) More reading on this topic: December 2002 Novell Appnotes: “Implementing a High Availability WebAccess Solution with GroupWise 6” http://developer.novell.com/appnotes

22 © March 9, 2004 Novell Inc. 22 WebAccess Agent Confirguration for Speed, Scalibility and Failover Create multiple WebAccess Agents and put WebAccess Agents in close network proximity to post offices they are designed to service. Post Office WebAccess Agent Web Server with WebAccess Post Office WebAccess Agent

23 © March 9, 2004 Novell Inc. 23 WebAccess Agent Confirguration for Speed and Scalibility Create an additional special-purpose secondary domain to contain the WebAccess Agent as needed. Run the GroupWise WebAccess installation, choose to just install the WebAccess Agent (do not install the Application again). Install the WebAccess Agent to a GroupWise domain, the special-purpose secondary domain if you created one. Installation 1 2 3

24 © March 9, 2004 Novell Inc. 24 WebAccess Agent Confirguration for Speed and Scalibility Configuration 1 Make sure that the newly created WebAccess Agent has the same encryption as the first WebAccess Agent. All WebAccess Agents should have identical encryption keys. Edit the properties of the WebAccess Agent to configure the encryption key.

25 © March 9, 2004 Novell Inc. 25 WebAccess Agent Confirguration for Speed and Scalibility Configuration 2 Edit the domain or post office object and specify the default WebAccess Agent.

26 © March 9, 2004 Novell Inc. 26 Add additional WebAccess Agents to the WebAccess Application's GroupWiseProvider object's failover list. Configuration 3 WebAccess Agent Confirguration for Speed and Scalibility

27 © March 9, 2004 Novell Inc. 27 WebAccess Agent Confirguration for Speed and Scalibility Configuration – Final Notes - 1 Only two or three WebAccess Agents are needed in the provider list, but you can create many more WebAccess Agents then that. One customer I know of has 30 WebAccess Agents.

28 © March 9, 2004 Novell Inc. 28 WebAccess Agent Confirguration for Speed and Scalibility Configuration – Final Notes - 2 Changes made to the GroupWiseProvider object should be committed to the WEBACC.CFG in the \NOVELL\WEBACCESS directory. For example on a NetWare server the directory is typically SYS:NOVELL\WEBACCESS. Look for the syntax such as: Provider.GWAP.Default.address.1=137.65.55.211:7205 Provider.GWAP.Default.address.2=137.65.55.215:7205 These two lines are the reference to the two WebAccess Agents. Sometimes the ConsoleOne Snapins do not write these lines to the WEBACC.CFG. You may have to add these line manually to the WEBACC.CFG. You can add these lines to the end of the file. The syntax is very exacting and case sensitive. If you were to add a third line it might look like this example: Provider.GWAP.Default.address.3=137.65.55.216:7205

29 © March 9, 2004 Novell Inc. 29 WebAccess Agent Confirguration for Speed and Scalibility When a user on the SLCPO logs in the WebAccess Application will create the session with the WebAccess Agent called “SLC-WEB”. When a user on the NYPO logs in the WebAccess Application will create the session with the WebAccess Agent called “NY-WEB”. If one of the WebAccess Agents goes down, the WebAccess Application just rolls to one of the WebAccess Agents listed in the WEBACC.CFG WebAccess Operation

30 © March 9, 2004 Novell Inc. 30 Secure WebAccess Sessions via SSL If you do not enable SSL encryption of web server/WebAccess sessions, the user's passwords etc. pass over the Internet in clear text. If you use a certificate signed by your own eDirectory tree, users will be prompted to accept the certificate each time they log into GroupWise If you use a certificate signed by a third-party, such as Verisign, your users will not be prompted to accept the certificate.

31 © March 9, 2004 Novell Inc. 31 Secure WebAccess Sessions via SSL The SSL certificate is enabled on the web server. For Apache on NetWare edit the *.CONF file for the Apache web server. Add, or enabled the lines related to SSL. For example: LoadModule tls_module modules/mod_tls.nlm SecureListen 137.65.55.211:443 "SSL CertificateDNS" or if you have a certificate signed by a third-party: LoadModule tls_module modules/mod_tls.nlm SecureListen 137.65.55.211:443 "VERISIGN_WWWFS1"

32 © March 9, 2004 Novell Inc. 32 Secure WebAccess Sessions via SSL For further details read the October 2002 Novell Connection Magazine article titled: Securing a Web Server on NetWare http://www.novell.com/connectionmagazine/2002/1 0/secure.pdf

33 © March 9, 2004 Novell Inc. 33 Virus Protection for GroupWise WebAccess For many customers GroupWise WebAccess is a gaping hole in their virus protection. When users access GroupWise WebAccess from home or other locations, there is no guarantee that their desktop is protected from viruses. A server-based virus protection solution should be put in place on the web server. Attachments that users upload are only kept in their native format on the web server. The attachments are uploaded by default to the \NOVELL\WEBACCESS\TEMP directory. Some virus vendors do not detect a virus that comes in via a web session, for example McAfee and Symantec. Inoculan does detect viruses.

34 © March 9, 2004 Novell Inc. 34 Virus Protection for GroupWise WebAccess Beginfinite makes a product “GWAVA WebAccess Edition” which is specifically designed to protect GroupWise from inbound viruses from WebAccess sessions. NOTE: Owning GWAVA is not a pre-requisite to implementing GWAVA WebAccess Edition.

35 © March 9, 2004 Novell Inc. 35 Virus Protection for GroupWise WebAccess You can read more about how my customer and I virus protected their web server with Inoculan in the following article: Virus Protection for GroupWise http://www.novell.com/connectionmagazine/2002/02/virus22.pdf

36 © March 9, 2004 Novell Inc. 36 Monitoring The WebAccess Agent from a Web Browser Edit the WebAccess Agent object Configure the HTTP port on the Network Address page Fill in the HTTP User Name and the HTTP Password on the Optional Gateway Settings page Restart the WebAccess Agent

37 © March 9, 2004 Novell Inc. 37 Monitoring The WebAccess Agent from a Web Browser From a web browser type in the :. For example: http://137.65.55.215:7211http://137.65.55.215:7211

38 © March 9, 2004 Novell Inc. 38 Monitoring The WebAccess Application from a Web Browser Edit the WEBACC.CFG file for the WebAccess Application. This file is typically in the \NOVELL\WEBACCESS directory. These commands are only valid with the GroupWise 6.5.1 WebAccess Application or later. Look for the following three lines, or add them if they are not in the WEBACC.CFG file. Make sure the enable option is set to “true”. Configure the username and password. Admin.WebConsole.enable=true Admin.WebConsole.username=gwadmin Admin.WebConsole.password=novell Restart the WebAccess Application java -exit tomcat33

39 © March 9, 2004 Novell Inc. 39 Monitoring The WebAccess Application from a Web Browser Access the WebAccess Application monitoring page using the following syntax: http:// /servlet/webacc?action=Admin.Open

40 © March 9, 2004 Novell Inc. 40 WebAccess Application Tips Apache and Microsoft Internet Explorer have a problem with relation to friendly http errors. End users (particularly those with slow connections) may suddenly get the error “Page Cannot Be Displayed” during their WebAccess session. By enalbing the “nokeepalive” parameter, you can fix this issue. See the following document at Novell's http://support.novell.com web-site to remedy this problem with: 10081268 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10081268.htm

41 © March 9, 2004 Novell Inc. 41 A WebAccess Application that supports lots of simultaneous users will need more memory than what is allocated by default. By default Java will only use 64 megabytes of memory. You must force Java to use more memory. Edit the TOMCAT33.NCF file. Add the commands - XmsNNN -XmxNNN to increase Java memory. See TID # 10068408 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10068408.htm WebAccess Application Tips

42 © March 9, 2004 Novell Inc. 42 Bypass the GroupWise language selection page. Rename the home page (INDEX.HTM, INDEX.HTML or DEFAULT.HTM). For example in Apache, create a file by the name of INDEX.HTML in the HTDOCS directory (or the NWDOCS directory if that is what you are using). The file should contain verbage similar to this: GroupWise WebAccess location="https://groupwise.wwwidgets.co m/servlet/webacc" WebAccess Application Tips

43 © March 9, 2004 Novell Inc. 43 The WebAccess Agent is the workhorse for WebAccess Fast CPU Sufficient Memory The WebAccess Agent on the NetWare platform is benefited by SMP Increase Maximum threads beyond 12 if needed. For example 25 threads. Configure post office links to be Client Server only WebAccess Agent Tips

44 © March 9, 2004 Novell Inc. 44 Demonstration Bypassing the WebAccess Language selection screen SSL Enabled WebAccess Session WebAccess Agent Abend Recovery WebAccess Agent Failover WebAccess Agent specific to the post office logged into HTML Monitoring of the WebAccess Application and Agent

45

46 © February 2, 2004 Novell Inc. 46 General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Novell, Inc., makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

Download ppt "GroupWise ® WebAccess Design and Implementation Tay Kratzer Primary Support Engineer, Novell Inc. Mike Bills ATT Engineer, Novell Inc."

Similar presentations

December 29, 2013 Willem Bagchus Master CNE, CLP, MCP Senior SE, Senior Trainer GWAVA Reload.

December 29, 2013 Willem Bagchus Master CNE, CLP, MCP Senior SE, Senior Trainer GWAVA Reload.
Migrate GroupWise Post Office to Linux from NetWare

Migrate GroupWise Post Office to Linux from NetWare
Reduce Cost & Complexity Partner logo here Presenters Name (16pt) Presenters Title (14pt) Company/e-mail (14pt) Manage and Deploy Applications using Virtualization.

Reduce Cost & Complexity Partner logo here Presenters Name (16pt) Presenters Title (14pt) Company/ (14pt) Manage and Deploy Applications using Virtualization.
Services Course Windows Live SkyDrive Participant Guide.

Services Course Windows Live SkyDrive Participant Guide.
Nsure ™ Audit Essentials Rick Meredith Software Engineer Novell, Inc. Jaime Brimhall Software Engineer Novell, Inc.

Nsure ™ Audit Essentials Rick Meredith Software Engineer Novell, Inc. Jaime Brimhall Software Engineer Novell, Inc.
Deploying GEE Whiz Enterprise Anti-SPAM for GroupWise ® and NetMail ® Aldo Zanoni Master CNI SM, B.A., B.Ed. Director of Customer Service, Omni Technology.

Deploying GEE Whiz Enterprise Anti-SPAM for GroupWise ® and NetMail ® Aldo Zanoni Master CNI SM, B.A., B.Ed. Director of Customer Service, Omni Technology.
AdvisorEvents.com Secure GroupWise with SSL Author: Tay Kratzer & Gregg A. Hinchman Company: Novell, Inc. & Hinchman Consulting Session Number.

AdvisorEvents.com Secure GroupWise with SSL Author: Tay Kratzer & Gregg A. Hinchman Company: Novell, Inc. & Hinchman Consulting Session Number.
How to Successfully Cluster GroupWise Gregg A. Hinchman Consultant, Hinchman Consulting Ed Hanley Senior Consultant, Novell.

How to Successfully Cluster GroupWise Gregg A. Hinchman Consultant, Hinchman Consulting Ed Hanley Senior Consultant, Novell.
SAN Design Considerations Hylton Leigh Senior Consultant Novell Consulting, UK Stuart Thompson Senior Consultant Novell Consulting, UK.

SAN Design Considerations Hylton Leigh Senior Consultant Novell Consulting, UK Stuart Thompson Senior Consultant Novell Consulting, UK.
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.

1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
How to Implement a Cluster of Clusters Atiq Adamjee Senior Architect Novell, Inc. Brad Rupp Software Engineer Novell, Inc.

How to Implement a Cluster of Clusters Atiq Adamjee Senior Architect Novell, Inc. Brad Rupp Software Engineer Novell, Inc.
Securing Your GroupWise ® System Morris Blackham Software Engineer Novell, Inc. Danita Zanrè Senior Consultant Caledonia.

Securing Your GroupWise ® System Morris Blackham Software Engineer Novell, Inc. Danita Zanrè Senior Consultant Caledonia.
Password Management Bill Street, Nathan Jensen, Mike Simpson, Will Peterson Identity Management Engineering.

Password Management Bill Street, Nathan Jensen, Mike Simpson, Will Peterson Identity Management Engineering.
Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen,

Upgrading to Novell ® SecureLogin 3.5 Rod Tietjen,
Developing for Novell ® Nsure ™ SecureLogin Gordon Mathis Senior Software Engineer, Novell Inc.

Developing for Novell ® Nsure ™ SecureLogin Gordon Mathis Senior Software Engineer, Novell Inc.
DIR-835A1 Wireless N750 Dual-Band Router Wireless & Router Product Div. July 2011 D-Link WRPD.

DIR-835A1 Wireless N750 Dual-Band Router Wireless & Router Product Div. July 2011 D-Link WRPD.
Document Management with GroupWise ® Gregg Hinchman Consultant Hinchman Consulting Jerry Winkel Novell Escalation Engineer.

Document Management with GroupWise ® Gregg Hinchman Consultant Hinchman Consulting Jerry Winkel Novell Escalation Engineer.
1 Guide to Novell NetWare 6.0 Network Administration Chapter 12.

1 Guide to Novell NetWare 6.0 Network Administration Chapter 12.
Nsure ™ Audit: Instrumenting Custom Applications Rick Meredith Jason Arrington Nsure Audit Engineering Novell, Inc.

Nsure ™ Audit: Instrumenting Custom Applications Rick Meredith Jason Arrington Nsure Audit Engineering Novell, Inc.
Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.

Similar presentations

Ads by Google