Novell 2014 R2 GroupWise Mobility Service Installation Guide
Below you will find brief information for GroupWise Mobility Service 2014 R2. The GroupWise Mobility Service provides data synchronization between GroupWise mailboxes and mobile devices for synchronizing email, appointments, contacts, tasks, notes, and phone messages. The GroupWise Mobility Service is fast, reliable and scalable, and supports the latest device operating systems.
Advertisement
Advertisement
www.novell.com/documentation
Installation Guide
GroupWise
®
Mobility Service 2014 R2
December 2015
Legal Notices
Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. See the Novell International Trade
Services web page (http://www.novell.com/info/exports/) for more information on exporting Novell software. Novell assumes no responsibility for your failure to obtain any necessary export approvals.
Copyright © 2010-15 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.
Novell, Inc.
1800 South Novell Place
Provo, UT 84606
U.S.A.
www.novell.com
Online Documentation: To access the online documentation for this and other Novell products, and to get updates, see the
Novell Documentation website (http://www.novell.com/documentation) .
Novell Trademarks
For Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/legal/trademarks/ tmlist.html) .
Third-Party Materials
All third-party trademarks are the property of their respective owners.
Contents
About This Guide 5
1 GroupWise Mobility Service Product Overview
7
2 GroupWise Mobility Service System Requirements
11
3 GroupWise Mobility Service Installation
17
Contents 3
4 GroupWise Mobility Service Update
45
A GroupWise Mobility Service Installation Troubleshooting 53
4 GroupWise Mobility Service 2014 R2 Installation Guide
About This Guide
The GroupWise Mobility Service 2014 R2 Installation Guide helps you to understand and set up a
GroupWise Mobility system by installing the GroupWise Mobility Service, which includes the
GroupWise Sync Agent and the Mobility Sync Agent.
Chapter 1, “GroupWise Mobility Service Product Overview,” on page 7
Chapter 2, “GroupWise Mobility Service System Requirements,” on page 11
Chapter 3, “GroupWise Mobility Service Installation,” on page 17
Chapter 4, “GroupWise Mobility Service Update,” on page 45
Appendix A, “GroupWise Mobility Service Installation Troubleshooting,” on page 53
Audience
This guide is intended for network administrators who install a Mobility system to provide data synchronization between GroupWise and mobile devices.
Feedback
We want to hear your comments and suggestions about this manual and the other documentation included with this product. Please use the User Comment feature at the bottom of each page of the online documentation.
Additional Documentation
For all GroupWise Mobility Service documentation, see the GroupWise Mobility Service 2.2
Documentation website (http://www.novell.com/documentation/groupwisemobility2) .
GroupWise Mobility User Quick Start
GroupWise Mobility Service Readme
GroupWise Mobility Service Installation Guide
GroupWise Mobility Service Administration Guide
In addition to the GroupWise Mobility Service product documentation, the following resources provide information about the Mobility Service:
Novell Support and Knowledgebase (http://www.novell.com/support)
GroupWise Mobility Service Cool Solutions (https://www.novell.com/communities/coolsolutions/ tag/groupwise-mobility-service)
GroupWise Mobility Service Devices Wiki (http://wiki.novell.com/index.php/
GroupWise_Mobility_Devices)
GroupWise Support Forums (https://forums.novell.com/forumdisplay.php/356-GroupWise)
GroupWise Product Website (http://www.novell.com/products/groupwise)
About This Guide 5
6 GroupWise Mobility Service 2014 R2 Installation Guide
1
GroupWise Mobility Service Product
Overview
The GroupWise Mobility Service provides data synchronization between GroupWise mailboxes and mobile devices for synchronizing email, appointments, contacts, tasks, notes, and phone messages.
The GroupWise Mobility Service is fast, reliable and scalable, and supports the latest device operating systems.
The GroupWise Mobility Service, the GroupWise Sync Agent, and the Device Sync Agent are installed together on a Linux server. A small Mobility system can consist of a single Mobility server. A large Mobility system can consist of multiple Mobility servers.
Section 1.1, “Mobility Server Configuration,” on page 7
Section 1.2, “Single Mobility Server System,” on page 8
Section 1.3, “Multiple Mobility Server System,” on page 8
Section 1.4, “Synchronization Capabilities,” on page 9
1.1 Mobility Server Configuration
The Mobility server must be able to communicate with other servers in your network, and with mobile devices outside your firewall.
GroupWise Post
Office Agent
GroupWise Post
Office Agent
GroupWise Post
Office Agent
LDAP Server
(optional)
Mobility
Admin Console
Web Browser
Mobility
Service
Mobility
Server
GroupWise
Sync Agent
Device
Sync Agent
Mobile Devices
Component Required Configuration
Sync Agents The Mobility server has one instance of each sync agent. The GroupWise Sync Agent communicates with the GroupWise POA to obtain items from users’ mailboxes. The Device
Sync Agent transfers GroupWise mailbox items to and from users’ mobile devices.
Mobility Admin
Console
The web-based Mobility Admin console communicates with the Mobility Service to enable you to configure the sync agents and monitor your Mobility system.
GroupWise Mobility Service Product Overview 7
Component Required Configuration
User Source You can add users to your Mobility system from an LDAP server or from a GroupWise system.
If you use LDAP as your user source, you access the Mobility Admin console as an LDAP user.
If you use GroupWise as your user source, you access the Mobility Admin console as the root user of the server where the Mobility Service is installed.
GroupWise
POA
The Mobility Service must be able to communicate with one GroupWise POA during installation. That POA, as well as additional POAs where mobile device users’ mailboxes are located, must be configured to support SOAP communication.
The initial POA uses the native GroupWise redirection process to inform the GroupWise Sync
Agent how to communicate with the additional POAs throughout your GroupWise system.
Thereafter, the GroupWise Sync Agent communicates directly with each POA where mobile device users’ mailboxes are located.
IMPORTANT: A Mobility server can be configured to communicate with one GroupWise system. If you have multiple GroupWise systems, you must set up a Mobility server for each
GroupWise system.
1.2 Single Mobility Server System
A Mobility system with a single Mobility server can meet the synchronization needs of approximately
750 users with up to 1000 devices. For more detailed scalability information, see Section 2.6,
“Recommended Number of Devices,” on page 14
.
1.3 Multiple Mobility Server System
You might need to set up a Mobility system that includes multiple Mobility servers to support the following situations:
Number of Devices: You need to support synchronization for more than 750 users with up to
1000 devices.
Setting up multiple Mobility servers in virtual machines can be a convenient way to support a large number of devices.
Location of Users: You need to support users that are located in distant geographical locations where synchronization performance could be adversely affected by the network connections between users and a remote Mobility server.
Location of Synchronized Applications: GroupWise has meaningful organizational segments
(domains and post offices). Having a Mobility server associated with each post office helps balance the synchronization load across all GroupWise users.
Quality of Service: Certain segments of your user population, such as executives of your organization, might expect and require a higher level of synchronization performance than other users. This higher quality of service can be accomplished by setting up a Mobility server specifically for such high-profile users.
Address Book Visibility: The GroupWise Address Book is displayed on mobile devices from the point of view of a specific GroupWise user. As an example, you might have a group of mobile device users who need access to Address Book information about upper-level management in your company and another group of mobile device users who should not have this Address Book information. To meet such needs, you would set up two Mobility servers, one with Address Book visibility that includes upper-level management, and a second one where such Address Book visibility is not provided.
8 GroupWise Mobility Service 2014 R2 Installation Guide
1.4 Synchronization Capabilities
The following GroupWise item types can be synchronized to and from mobile devices:
Appointments
Tasks
Notes
Address books
Contacts
Phone messages
Folders
As time passes, the following events can affect existing items, and the resulting changes in the items are also synchronized:
Items
Emails
Calendar Items
Tasks
Contacts
Phone Messages
Folders
Attachments
Actions That Synchronize
Send/receive messages
Forward/reply to messages
Mark messages read/unread
Delete messages
Send/receive appointments
Accept/decline appointments
Modify appointments
Post reminder notes
Send/receive/post tasks
Accept/decline tasks
Mark tasks completed
Receive notifications of task completion
Change the due date and priority for posted tasks
Delete tasks
Add new contacts
Delete contacts
Modify contact information, including all contact fields and photos
Receive phone messages
Delete phone messages
Add/delete folders
Select/deselect folders for synchronization
Forward full attachments even when the attachment size limit has been exceeded (on mobile devices that support Smart Forward functionality)
GroupWise Mobility Service Product Overview 9
10 GroupWise Mobility Service 2014 R2 Installation Guide
2
GroupWise Mobility Service System
Requirements
Before you install the GroupWise Mobility Service, ensure that the Mobility server meets the following system requirements:
Section 2.1, “Mobility Server Requirements,” on page 11
Section 2.2, “Directory Requirements,” on page 12
Section 2.3, “Web Browser Requirements for the Mobility Admin Console,” on page 12
Section 2.4, “GroupWise Requirements,” on page 12
Section 2.5, “Mobile Device Requirements,” on page 13
Section 2.6, “Recommended Number of Devices,” on page 14
2.1 Mobility Server Requirements
This section lists the minimum requirements for GroupWise Mobility Service. To see the recommended requirements for one server supporting approximately 750 users and 1000 devices,
see Section 2.6, “Recommended Number of Devices,” on page 14
.
Hardware requirements for the Mobility server:
x86-64 processor
2.2 GHz processor; multi-processor system recommended
Static IP address
Adequate server memory depending on the number of devices supported by the Mobility server
4 GB RAM to support approximately 300 devices
8 GB RAM to support up to the maximum of 750 users with up to 1000 devices
45 MB of disk space for the Mobility Service software
200 GB of disk space recommended for data storage during system operation
Data storage disk space varies widely depending on the amount of data being synchronized, the number of devices participating in synchronization, the logging level for
Mobility Service log files, and other variables specific to your Mobility system implementation.
The largest consumers of disk space are the Mobility database (/var/lib/pgsql) and
Mobility Service log files (/var/log/datasync). You might want to configure the Mobility server so that /var is on a separate partition to allow for convenient expansion.
Another large consumer of disk space is attachment storage in the /var/lib/datasync/ syncengine/attachments
directory.
NOTE: The 200 GB recommendation is appropriate for a Mobility server with a heavy load supporting approximately 750 users with up to 1000 devices. A Mobility server supporting substantially fewer devices requires substantially less disk space.
GroupWise Mobility Service System Requirements 11
SUSE Linux Enterprise Server (SLES) 11 (64-bit), plus Service Pack 3 or Service Pack 4
PostgreSQL
If PostgreSQL is not already installed on the Mobility server, the Mobility Service Installation program installs it for you.
Time synchronization
For the most reliable synchronization of time-sensitive items, such as appointments, the Mobility server and GroupWise servers should have their time synchronized as closely as possible. This is especially important on virtual machines.
In order for you to log in to the Mobility Admin console, your workstation and the Mobility server should have their time synchronized.
2.2 Directory Requirements
The GroupWise Mobility Service obtains users and groups from an LDAP directory or a GroupWise system.
Lightweight Directory Access Protocol (LDAP) v3
Any shipping version of NetIQ eDirectory fills this requirement. The GroupWise 2014 R2 LDAP server also fills this requirement.
or
GroupWise 2014 R2
See Section 2.4, “GroupWise Requirements,” on page 12
for complete details.
2.3 Web Browser Requirements for the Mobility
Admin Console
Any of the following web browsers:
Mozilla Firefox 20 or later
Microsoft Internet Explorer 10 or later
Safari 6 or later
Google Chrome 35 or later
2.4 GroupWise Requirements
In order for Mobility to interact successfully with a GroupWise POA, your GroupWise system must meet the following requirements:
GroupWise 2014 or later for post offices that have Mobility users.
For best synchronization performance, the latest version of GroupWise is strongly recommended.
You must have at least a basic GroupWise system (one domain and one post office) set up and running. For more information, see GroupWise System Creation in the GroupWise 2014 R2
Installation Guide .
12 GroupWise Mobility Service 2014 R2 Installation Guide
The GroupWise Post Office Agent (POA) that the GroupWise Sync Agent communicates with must have SOAP enabled.
The POA must also be configured with an HTTP user name and password on the Agent Settings property page of the POA object in the GroupWise Admin console (or in ConsoleOne in older
GroupWise systems). This enables you to monitor SOAP threads in the POA web console.
The initial POA uses the native GroupWise redirection process to inform the GroupWise Sync
Agent how to communicate with the additional POAs throughout your GroupWise system.
Thereafter, the GroupWise Sync Agent communicates directly with each POA where mobile device users’ mailboxes are located.
IMPORTANT: All POAs must have the same SSL setting--ether all enabled for SSL or all disabled for SSL. A tool has been created to help you test these settings. For information on this tool, see GMSsslCheck in the GroupWise Mobility Service 2014 R2 Security Enhancements
Quick Start .
A GroupWise trusted application key is required so that the GroupWise Sync Agent canauthenticate to GroupWise mailboxes without needing GroupWise users’ mailbox passwords. For more information, see Creating a Trusted Application and Key in the GroupWise
2014 R2 Administration Guide .
A Mobility server can be configured to communicate with one GroupWise system. If you have multiple GroupWise systems, you must set up a Mobility server for each GroupWise system.
2.5 Mobile Device Requirements
The Device Sync Agent communicates with mobile devices by using the Microsoft ActiveSync protocol version 14.x.
If a mobile device uses an earlier version of ActiveSync, the device can still successfully communicate with the Device Sync Agent, but functionality specific to 14.x is not available. If a mobile device uses a later version of ActiveSync, the device can still successfully communicate with the
Device Sync Agent, because later versions of ActiveSync are backward compatible with version 14.x.
Supported mobile device operating systems include:
Android 3.x, 4.x, and 5.x
Apple iOS 5.x, 6.x, 7.x, 8.x, and 9.x
Windows Phone 7
Windows 8 (Phone, Tablet, and Desktop)
BlackBerry 10.x
A user can synchronize data to multiple mobile devices as needed.
For the latest information about supported mobile devices, see the GroupWise Mobility Service
Devices Wiki (http://wiki.novell.com/index.php/GroupWise_Mobility_Devices) .
Mobile devices communicate directly with the Device Sync Agent to synchronize data. Some mobile devices require a data plan to accomplish this. Others work successfully with a Wi-Fi connection.
Some mobile devices can be configured to use either method. Your mobile device carrier is not involved in the synchronization process.
NOTE: The Device Sync Agent does not work with POP, IMAP, SMTP, or other message transfer protocols.
GroupWise Mobility Service System Requirements 13
2.6 Recommended Number of Devices
The following are the recommended requirements for a single Mobility server. For the minimum requirements, see
Section 2.1, “Mobility Server Requirements,” on page 11 .
A single Mobility server can comfortably support approximately 750 users with up to 1000 devices.
The following variables were taken into consideration for this configuration:
Server configuration
System configuration
Level of user activity, both in GroupWise and on their mobile devices
Server Configuration
Virtual machine
2.8 GHz processor
4 CPUs
8 GB RAM
Mobility System Configuration
750 users
1000 devices
User/Device Traffic
Average of 181 GroupWise events per minute
Email send / read / move to folder / delete
Appointment send / accept / decline / delete
Folder create
Average of 474 events per user in a 24-hour period
Average of 165 device requests per minute
Email send / read
Average of 427 emails from devices in a 24-hour period
Average of 2479 KB per minute of attachment data transfer
97% under 1 MB
2% between 1 MB and 2 MB
1% above 2 MB
NOTE: You can observe some of these statistics for your own Mobility system using the Dashboard in the Mobility Admin console. For more information, see “ Using the Mobility Dashboard ” in the
GroupWise Mobility Service 2014 R2 Administration Guide .
Device Profile
60% Apple devices
14 GroupWise Mobility Service 2014 R2 Installation Guide
37% Android devices
10% Windows Mobile devices
3% Other
Hardware Performance for Four Days
24% average CPU usage
17% average disk busy usage
26% average memory usage, with 32% maximum and 24% minimum
GroupWise Mobility Service System Requirements 15
16 GroupWise Mobility Service 2014 R2 Installation Guide
3
GroupWise Mobility Service Installation
The GroupWise Mobility Service Installation program available in YaST helps you install the Mobility
Service software. Then you use the Mobility Administration console to set up your Mobility system.
Section 3.1, “Planning a Mobility System,” on page 17
Section 3.2, “Preparing to Install the Mobility Service,” on page 27
Section 3.3, “Installing the Mobility Service,” on page 29
Section 3.4, “Adding Users to Your Initial Mobility System,” on page 34
Section 3.5, “Testing Your Initial Mobility System,” on page 36
Section 3.6, “Integrating with Mobile Device Management Applications,” on page 38
Section 3.7, “What’s Next,” on page 41
Section 3.8, “GroupWise Mobility Service Installation Worksheet,” on page 42
3.1 Planning a Mobility System
You can use the “GroupWise Mobility Service Installation Worksheet” on page 42
to gather the information you need, so that you are prepared to provide the information requested by the Mobility
Service Installation program.
The topics in this section present the required information in a convenient planning sequence. The
Installation Worksheet organizes the information in the order in which you need it during the installation process.
Section 3.1.1, “Planning the Configuration of Your Mobility System,” on page 17
Section 3.1.2, “Selecting Mobility Servers,” on page 18
Section 3.1.3, “Selecting the User Source for Your Mobility System,” on page 18
Section 3.1.4, “Gathering LDAP Information (Optional),” on page 19
Section 3.1.5, “Gathering GroupWise System Information,” on page 21
Section 3.1.6, “Gathering Mobile Device Information,” on page 24
Section 3.1.7, “Planning the Mobility Database,” on page 25
Section 3.1.8, “Establishing Mobility System Security,” on page 25
Section 3.1.9, “Registering for Automatic Updates from the Novell Customer Center,” on page 26
3.1.1
Planning the Configuration of Your Mobility System
A Mobility system can consist of a single Mobility server or multiple Mobility servers. For planning guidelines, review the following sections as needed:
Section 1.2, “Single Mobility Server System,” on page 8
Section 1.3, “Multiple Mobility Server System,” on page 8
Section 2.6, “Recommended Number of Devices,” on page 14
GroupWise Mobility Service Installation 17
MOBILITY SERVICE INSTALLATION WORKSHEET
planning for your Mobility system.
If you plan to install the Mobility Service on multiple servers, you can proceed through the planning sections server by server, or you can apply each planning section to all planned servers, and then proceed to the next planning section.
IMPORTANT: For best security, plan to install the Mobility Service software on servers inside your
DMZ.
3.1.2
Selecting Mobility Servers
Each server where you install the Mobility Service must meet the system requirements listed in
Chapter 2, “GroupWise Mobility Service System Requirements,” on page 11 . The Mobility Service
requires a static IP address.
MOBILITY SERVICE INSTALLATION WORKSHEET
Under Mobility Service Server Information, specify the IP address or DNS hostname of the server where you plan to install the Mobility Service software.
3.1.3
Selecting the User Source for Your Mobility System
The GroupWise Mobility Service can obtain information about users and groups of users from an
LDAP directory such as NetIQ eDirectory or from a GroupWise system.
If you use LDAP as your user source, you can do the following:
Use your LDAP management tool to manage the users and groups that are added to your
Mobility system.
Create LDAP groups of users for use in your Mobility system that are not addressable by
GroupWise users.
You can also use the GroupWise 2014 R2 LDAP server to provision and manage users. For information about GroupWise LDAP, see Configuring the LDAP Server Capabilities in the
GroupWise 2014 R2 Administration Guide . If you decide to use GroupWise LDAP, you must use
GroupWise authentication.
If you use GroupWise as your user source, you can do the following:
Use the GroupWise Admin console (or ConsoleOne in older GroupWise systems) to manage the users and GroupWise groups (distribution lists in older GroupWise systems) that are added to your Mobility system.
This keeps user management in a single location for both your GroupWise system and your
Mobility system.
18 GroupWise Mobility Service 2014 R2 Installation Guide
Configure the GroupWise groups (distribution lists in older GroupWise systems) that are specifically for use in your Mobility system with no visibility, so that they are not easily addressable for GroupWise users.
For more information, see Controlling Object Visibility in the GroupWise 2014 R2 Administration
Guide .
MOBILITY SERVICE INSTALLATION WORKSHEET
Under User Source, mark whether you want to use LDAP or GroupWise as the source for users and groups of users.
If you plan to use your GroupWise system, skip to
Section 3.1.5, “Gathering GroupWise System
.
3.1.4
Gathering LDAP Information (Optional)
If you plan to use LDAP or GroupWise LDAP as your user source, the Mobility Service Installation program needs access to an LDAP directory. The LDAP information that you provide during installation provides you with access to the Mobility Admin console. It also configures the Mobility
Admin console for the initial set of LDAP containers where users and groups are located.
“LDAP Server Network Information” on page 19
“LDAP Directory Credentials” on page 20
“LDAP User and Group Containers” on page 21
LDAP Server Network Information
In order to communicate with your LDAP directory, the Mobility Service Installation program needs the IP address or DNS hostname of your LDAP server. It also needs the port number that the LDAP server listens on. The LDAP port number depends on whether the LDAP server requires a secure
SSL connection. The default secure port number is 636. The default non-secure LDAP port number is
389.
MOBILITY SERVICE INSTALLATION WORKSHEET
Under LDAP Information, specify the IP address or DNS hostname of your LDAP server, and mark whether a secure SSL connection is required. If using GroupWise LDAP, a secure connection is required.
If the LDAP server requires a secure connection, additional setup might be required. See “ Securing
Communication with the LDAP Server ” in the GroupWise Mobility Service 2014 R2 Administration
Guide .
IMPORTANT: If there is a firewall between the Mobility server and the LDAP server, be sure to configure the firewall to allow communication on the selected LDAP port (636 or 389).
GroupWise Mobility Service Installation 19
LDAP Directory Credentials
Depending on the type of LDAP you are planning on using, follow the section below and enter it into the worksheet as follows:
MOBILITY SERVICE INSTALLATION WORKSHEET
Under LDAP Information, specify a fully qualified user name with sufficient rights to read the user and group information in your LDAP directory, along with the password for that user.
LDAP
In order to access the LDAP directory, the Mobility Service Installation program needs the user name and password of an administrator user in the LDAP directory who has sufficient rights to access the user and group information stored there. At least Read rights are required. You can use the admin
LDAP user or an admin-equivalent user. For more information about the required rights for the user you choose, see TID 7006841, “Rights Needed by the LDAP Administrator for the GroupWise
Mobility Service” in the Novell Support Knowledgebase (http://www.novell.com/support) .
Provide the user name, along with its context in your LDAP directory tree, in the following format: cn=user_name,ou=organizational_unit,o=organization
GroupWise LDAP
If you are using GroupWise LDAP for your LDAP source, you need to create an admin app user for
Mobility using the GroupWise Admin service. To create the admin app user, run the following curl command on your GroupWise primary domain server: curl -k --user gw_sys_admin:admin_password -X POST -H "Content-Type:application/ json" --data
"{\"name\":\"admin_app\",\"password\":\"admin_app_password\",\"description\":\"app
_description\"}" https://GW_domain_ip:9710/gwadmin-service/system/adminapps
The following items need to be replaced in the curl command:
gw_sys_admin: Specify your GroupWise system admin username.
admin_password: Specify the password of your GroupWise system admin.
admin_app: Specify a name for your admin app.
admin_app_password: Specify a password for your admin app.
app_description: Specify the purpose of the admin app. In this case it is for GMS.
GW_domain_ip: Specify the IP address of your GroupWise primary domain server.
NOTE: If you are running this command on a Windows server, curl may not be available. You can download curl from here if needed.
The admin app is then used to authenticate to GroupWise LDAP. You need the admin app name and password. The name of the admin app needs to be specified in Mobility as follows: cn=admin_app_user
20 GroupWise Mobility Service 2014 R2 Installation Guide
LDAP User and Group Containers
During installation, the Mobility Service Installation program configures the Mobility Admin console to search for users and groups in specified containers where you, as the LDAP administrator user, have rights to read the user and group information. The Installation program lets you browse for the user and group containers. It then displays the containers in the following LDAP format: ou=container_name,ou=organizational_unit,o=organization
Initially, you can add users and groups to your Mobility system from those containers.
If you are using GroupWise LDAP, the base directory will be your GroupWise System Name which can be found in the GroupWise Admin console > System > Information. It is listed at the top of the pop up window as Information - system_name. Using that, the base directory should be specified as follows: o=system_name
MOBILITY SERVICE INSTALLATION WORKSHEET
Under LDAP Containers, specify a container object and its context in the LDAP directory tree where User objects are located. If Group objects are located in a different container, list that container as well.
After installation, when the Mobility Admin console generates lists of users and groups, it searches the containers you specify, as well as subcontainers. If you want the Mobility Admin console to be able to search multiple and organizationally separate containers for users and groups, you can configure this functionality in the Mobility Admin console. For setup information, see “ Searching
Multiple LDAP Contexts for Users and Groups ” in the GroupWise Mobility Service 2014 R2
Administration Guide .
3.1.5
Gathering GroupWise System Information
In order to configure the GroupWise Sync Agent as you run the Mobility Service Installation program, you need to gather certain information about the GroupWise system where users want to synchronize data to mobile devices.
“GroupWise Trusted Application” on page 21
“GroupWise Post Office Agent SOAP URL” on page 23
“GroupWise Address Book User” on page 23
GroupWise Trusted Application
A GroupWise trusted application can log in to a GroupWise Post Office Agent (POA) in order to access GroupWise mailboxes without needing personal user passwords. The GroupWise Sync Agent requires such mailbox access in order to synchronize GroupWise data with mobile devices. In addition, the Device Sync Agent uses trusted application ion through the GroupWise Sync Agent in order to access the GroupWise Address Book. This provides contact lookup beyond the contacts that are downloaded to users’ devices from personal address books.
Before you install the Mobility Service, you must set up the GroupWise Sync Agent as a GroupWise trusted application. You might name the trusted application MobilityService or
GroupWiseSyncAgent
.
GroupWise Mobility Service Installation 21
A trusted application uses a key that consists of a long string of letters and numbers to provide ion for the GroupWise POA. The key file is initially created in a location that is accessible to GroupWise. You must transfer the key file to a location that is accessible to the Mobility Service Installation program.
When you set up the GroupWise Sync Agent as a trusted application, you must fill in only these three fields in the New Trusted App Key dialog box in the GroupWise Admin console (or in the Create
Trusted Application dialog box in ConsoleOne in older GroupWise systems):
Name
Location for Key File
Name of Key File
IMPORTANT: Do not fill in any other fields.
For more information, see Creating a Trusted Application and Key in the GroupWise 2014 R2
Administration Guide .
Copy the key file to a convenient location on the Mobility server. The Installation program automatically transfers the trusted application key from the key file into the configuration of the
GroupWise Sync Agent.
IMPORTANT: Do not use an existing trusted application key that is already in use by another application.
MOBILITY SERVICE INSTALLATION WORKSHEET
Under GroupWise Trusted Application, specify the name of the trusted application that you created and the location where the Mobility Service Installation program can access the trusted application key file.
You need to create only one trusted application key for the GroupWise Sync Agent, regardless of the number of servers where you install the Mobility Service, and regardless of the number of domains and post offices in your GroupWise system.
NOTE: If your GroupWise system connects to any external GroupWise domains, the external
GroupWise system needs its own Mobility Service installation on an additional Mobility server, along with its own separate trusted application key.
22 GroupWise Mobility Service 2014 R2 Installation Guide
GroupWise Post Office Agent SOAP URL
The GroupWise Sync Agent accesses your GroupWise system by communicating with a Post Office
Agent (POA). The selected POA must be configured for SOAP.
The Mobility Service Installation program and the GroupWise Sync Agent need the IP address or
DNS hostname of the server where the POA is running. In addition, they need the POA SOAP port.
The default POA SOAP port is 7191.
Typically, the same port number is used regardless of whether the POA is configured for a secure
SSL SOAP connection. The Mobility Service Installation program and the GroupWise Sync Agent need to know whether the connection is secure because they use one of the following URLs to communicate with the POA:
Non-Secure SOAP URL:
Secure SOAP URL: http://poa_server_address:soap_port/soap https://poa_server_address:soap_port/soap
MOBILITY SERVICE INSTALLATION WORKSHEET
Under GroupWise Post Office Agent, specify the IP address or DNS hostname of the server where a POA configured for SOAP is running. Specify the SOAP port, and whether or not the POA requires a secure SSL
SOAP connection.
IMPORTANT: By default, the POA communicates with the GroupWise Sync Agent using port 4500 on the Mobility server. If there is a firewall between the Mobility server and the POA server, be sure to configure the firewall on the Mobility server to allow communication on port 4500 from the POA server. If necessary, you can configure the GroupWise Sync Agent to listen on a different port number after installation. For setup information, see “ Changing the GroupWise Sync Agent Listening Port ” in the GroupWise Mobility Service 2014 R2 Administration Guide .
GroupWise Address Book User
The Device Sync Agent needs to be able to access the GroupWise Address Book to obtain user information. The Device Sync Agent establishes this access through the GroupWise Sync Agent.
The Device Sync Agent needs Address Book access that is equivalent to a typical user. You control what users see in the GroupWise Address Book by controlling object visibility. You want the Device
Sync Agent to access the GroupWise Address Book with the same visibility that a typical GroupWise user has when viewing the GroupWise Address Book. For more information, see Controlling Object
Visibility in the GroupWise 2014 R2 Administration Guide .
You need to select a user whose view of the GroupWise Address Book matches what you want the
Device Sync Agent to be able to access. You do not need to provide the password for the GroupWise user because the Device Sync Agent accesses the GroupWise Address Book through the
GroupWise Sync Agent, which has trusted application status.
As an example, you might have a group of mobile device users who need access to Address Book information about upper-level management in your company and another group of mobile device users who should not have this Address Book information. To meet such needs, you would set up two
Mobility servers, one with Address Book visibility that includes upper-level management, and a
GroupWise Mobility Service Installation 23
second one where such Address Book visibility is not provided. You would achieve this by setting up each Mobility server with an Address Book user whose Address Book visibility provides the visibility appropriate for all users on that Mobility server.
MOBILITY SERVICE INSTALLATION WORKSHEET
Under GroupWise Address Book User, specify a valid GroupWise user name that the Device Sync Agent can use to access the GroupWise Address Book to obtain contact information.
3.1.6
Gathering Mobile Device Information
The Device Sync Agent needs certain configuration information about the mobile devices that it synchronizes GroupWise data with.
“Mobile Device Port” on page 24
“Server Certificate” on page 25
For device-specific information, see the GroupWise Mobility Service Devices Wiki (http:// wiki.novell.com/index.php/GroupWise_Mobility_Devices) .
Mobile Device Port
By default, the Device Sync Agent uses all available IP addresses on the Mobility server. You can bind the Device Sync Agent to a specific IP address after installation. For setup information, see
“ Binding to a Specific IP Address ” in the GroupWise Mobility Service 2014 R2 Administration Guide .
Typically, the Device Sync Agent uses port 443 for secure SSL HTTP connections with mobile devices and port 80 for non-secure HTTP connections. If mobile devices connect directly to the
Device Sync Agent, a secure HTTP connection is strongly recommended. If mobile devices connect to the Device Sync Agent through a security application such as NetIQ Access Manager or Novell
ZENworks Mobile Management, the Device Sync Agent can appropriately be configured with a non-
secure HTTP connection. For more information, see Section 3.6, “Integrating with Mobile Device
Management Applications,” on page 38 .
MOBILITY SERVICE INSTALLATION WORKSHEET
Under Mobile Device Port, mark whether you want to configure the Device Sync Agent to use a secure or nonsecure HTTP port to communicate with mobile devices. Specify the port number used by the mobile devices that your Mobility system supports.
IMPORTANT: If there is a firewall between the Mobility server and users’ mobile devices, be sure to configure the firewall to allow communication on the selected HTTP port (443 or 80).
24 GroupWise Mobility Service 2014 R2 Installation Guide
Server Certificate
In order to use a secure SSL HTTP connection between the Device Sync Agent and mobile devices, a server certificate is required. If you do not already have a certificate signed by a certificate authority
(CA) for the Mobility server, the Mobility Service Installation program can generate a self-signed certificate for you. However, you should obtain a commercially signed certificate as soon after installation as possible.
MOBILITY SERVICE INSTALLATION WORKSHEET
Under Mobile Device Port, mark whether you want the Mobility Service Installation program to generate a selfsigned certificate for you. If you already have a commercially signed certificate, specify the location of the certificate file. Ensure that the location is accessible to the Mobility Service Installation program on the Mobility server.
For more information about certificates, see “ Securing Communication between the Device Sync
Agent and Mobile Devices ” in the GroupWise Mobility Service 2014 R2 Administration Guide .
3.1.7
Planning the Mobility Database
When you run the Mobility Service Installation program, it creates a PostgreSQL database that is used to store the Mobility system configuration information that you see in the Mobility Admin console. It also stores pending events when synchronization is interrupted.
The Mobility Service database is named datasync, and the user that has access is named datasync_user
. You must supply the password for the Mobility Service database user.
IMPORTANT: Choose the password carefully, because you cannot change it. Do not use an asterisk
(*) or a semi-colon (;) in the password.
MOBILITY SERVICE INSTALLATION WORKSHEET
Under Mobility Database, specify the password that you want to use for the Mobility Service database.
3.1.8
Establishing Mobility System Security
Configuration and administration of your Mobility system is performed through the Mobility
Administration console. From the Mobility Admin console, you can do the following:
Add users, groups of users, and resources to your Mobility system
Configure and monitor the sync agents
Reconfigure the connection to your LDAP server if you are using LDAP as your user source
Configure integration with other applications such as ZENworks Mobile Management and
KeyShield SSO
To protect your Mobility system operation and configuration, the Mobility Admin console is protected by a user name and password.
If you are using LDAP as your user source, you must choose one LDAP administrator user to access the Mobility Admin console. This LDAP user becomes the initial Mobility administrator. For simplest administration, use the LDAP Admin user or an admin-equivalent user. However, if you prefer to establish a Mobility administrator user with fewer rights than the LDAP Admin user, ensure that the
GroupWise Mobility Service Installation 25
user has sufficient rights to read the User and Group objects that you need to access as you add users to your Mobility system in the Mobility Admin console. Ensure that you know the LDAP administrator user’s password.
If you are using GroupWise as your user source, you log in to the Mobility Admin console by using the root
user name and password.
MOBILITY SERVICE INSTALLATION WORKSHEET
Under LDAP Information, specify the LDAP administrator user name and password that you want to grant access to the Mobility Admin console, if you are using LDAP as your user source.
Under root Access to Mobility Admin Console, specify the root
password on the Mobility server. If you are using LDAP, you can use the root
user and password to access the Mobility Admin console if the LDAP server is down.
If you are using LDAP as your user source, you can add more users as Mobility administrators after installation. For more information, see “ Setting Up Multiple Mobility Administrator Users ” in the
GroupWise Mobility Service 2014 R2 Administration Guide .
3.1.9
Registering for Automatic Updates from the Novell
Customer Center
When you create a new Mobility system, the Mobility Service Installation program can help you register to receive automatic Mobility Service software updates from the Novell Customer Center.
Before you run the Installation program, you need to know the email address that is associated with your Novell Login account for the Novell Customer Center. You also need to log in to the Customer
Center and obtain the activation code necessary to register for automatic software updates.
To obtain your Mobility Service activation code:
1 Log in to the Novell Customer Center (http://www.novell.com/customercenter) .
2 In the Organization drop-down list (next to your name in the upper-right corner), select your organization that is entitled to GroupWise Mobility Service.
3 Click Software.
4 In the Novell GroupWise section, locate Novell GroupWise Mobility Service 2014 R2, click Keys to view the activation code and save it for future reference.
MOBILITY SERVICE INSTALLATION WORKSHEET
Under Novell Customer Center Registration, specify the email address that you used to log in and the activation code that you obtained from the Novell Customer Center.
With this information, the Mobility Service Installation program registers you to receive future Mobility
Service updates through the Mobility 2014 R2 Updates channel.
26 GroupWise Mobility Service 2014 R2 Installation Guide
3.2 Preparing to Install the Mobility Service
The Mobility Service Installation program cannot run successfully unless you have properly prepared the environment where you run it.
Section 3.2.1, “Preparing the Linux Server,” on page 27
Section 3.2.2, “Opening Required Ports,” on page 27
Section 3.2.3, “Verifying GroupWise System Availability,” on page 28
Section 3.2.4, “Verifying Certificate Availability,” on page 28
3.2.1
Preparing the Linux Server
1 Ensure that the Linux server where you plan to install the Mobility Service meets the system requirements listed in
Chapter 2, “GroupWise Mobility Service System Requirements,” on page 11
.
2 Ensure that the Mobility server has a static IP address.
3 Ensure that the Mobility server has a valid hostname.
You can check this using the following command: hostname -f
If your SLES server is properly configured, this command returns the hostname of the server.
If you need to configure the server with a hostname:
3a In YaST, click Network Devices > Network Settings.
3b Click the Hostname/DNS tab.
3c In the Hostname field, specify the hostname of the Mobility server, then click OK.
3d Exit YaST.
3e Repeat the hostname -f command to verify the hostname.
4 Ensure that the Linux operating system media is available.
The Mobility Service Installation program might need to install additional operating system RPMs that are required by the Mobility Service. The Mobility Service Installation program can access the operating system files on a DVD or in a repository that is available from an FTP site or a web server.
5
Continue with Opening Required Ports
.
3.2.2
Opening Required Ports
1 Ensure that any firewalls between the Mobility server and other applications have been configured to allow communication on the following ports:
Port Number On Server
636/389 LDAP
7191
4500
POA
Mobility
Description
LDAP server secure or non-secure port if you are using LDAP as your user source
GroupWise Post Office Agent (POA) SOAP port
GroupWise Sync Agent listening port for event notifications
GroupWise Mobility Service Installation 27
Port Number On Server
443/80
8120
Mobility
Mobility
Description
Mobile device secure or non-secure port
Mobility Admin console port
GroupWise Post
Office Agent
GroupWise Post
Office Agent
GroupWise Post
Office Agent
LDAP Server
(optional)
Mobility
Admin Console
Web Browser port 636/389
Mobility
Server port 7191
Mobility
Service port 8120
GroupWise
Sync Agent port 4500
Device
Sync Agent port 443/80 port 7192 port 7191
Mobile Devices
The GroupWise Sync Agent initially communicates with the POA that you specify during Mobility
Service installation on the SOAP port that you specify. As users connect their mobile devices, the GroupWise Sync Agent determines from the initial POA the IP addresses and port numbers of all POAs where mobile device users have their mailboxes. Therefore, the GroupWise Sync
Agent can communicate with multiple POAs throughout your GroupWise system.
2
Continue with Verifying GroupWise System Availability .
3.2.3
Verifying GroupWise System Availability
1 Ensure that the GroupWise trusted application key for the GroupWise Sync Agent is accessible to the Mobility Service Installation program on the Mobility server.
For more information, see Creating a Trusted Application and Key in the GroupWise 2014 R2
Administration Guide .
2 Ensure that the GroupWise POA that the GroupWise Sync Agent will communicate with is configured for SOAP.
3 Ensure that the GroupWise POA is currently running.
4
Continue with Verifying Certificate Availability
.
3.2.4
Verifying Certificate Availability
1 (Conditional) If you have a signed certificate from a certificate authority (CA) as required for configuring secure HTTP connections with mobile devices:
1a Ensure that the certificate file is accessible to the Mobility Service Installation program on the Mobility server.
1b (Conditional) If the key file that you received with the certificate included a password, ensure that the password has been removed.
28 GroupWise Mobility Service 2014 R2 Installation Guide
1c (Conditional) If you received the certificate as multiple files, ensure that you have combined the files into one certificate file.
For instructions, see “ Securing Communication between the Device Sync Agent and Mobile
Devices ” in the GroupWise Mobility Service 2014 R2 Administration Guide .
2 (Conditional) If you chose to use YaST to generate a self-signed certificate, ensure that it was created to include the specific DNS hostname of the Mobility server.
3
Continue with Installing the Mobility Service .
For device-specific certificate issues, see GroupWise Mobility Service SSL Issues (http:// wiki.novell.com/index.php/Data_Synchronizer_Mobility_Connector_SSL_Issues) .
3.3 Installing the Mobility Service
Before you run the Mobility Service Installation program, ensure that you have done the following:
Review
Section 3.1, “Planning a Mobility System,” on page 17
.
Fill out the
GroupWise Mobility Service Installation Worksheet
.
If you are setting up a multi-server Mobility system, ensure that you have an Installation
Worksheet for each Mobility server. Each Mobility server is independent of other Mobility servers, so you can set them up in whatever order is convenient, based on the overall configuration of your Mobility system.
Complete the tasks in
Section 3.2, “Preparing to Install the Mobility Service,” on page 27 .
The following sections step you through the process of installing the Mobility Service and configuring a Mobility system.
Section 3.3.1, “Obtaining the GroupWise Mobility Service 2014 R2 ISO,” on page 29
Section 3.3.2, “Running the Mobility Service Installation Program,” on page 30
Section 3.3.3, “Checking the Status of the Mobility Service,” on page 33
Section 3.3.4, “Using the Mobility Admin Console,” on page 33
Section 3.3.5, “Uninstalling the Mobility Service,” on page 34
3.3.1
Obtaining the GroupWise Mobility Service 2014 R2 ISO
You can obtain the GroupWise Mobility Service 2014 R2 ISO from these locations:
“Novell Customer Center” on page 29
“Novell Downloads Website” on page 30
Novell Customer Center
1 Log in to the Novell Customer Center (http://www.novell.com/customercenter) .
2 In the Organization drop-down list (next to your name in the upper-right corner), select your organization that is entitled to GroupWise Mobility Service.
3 Click Software.
4 In the Novell GroupWise section, locate Novell GroupWise Mobility Service 2014 R2, then click
to display the download page.
GroupWise Mobility Service Installation 29
5 Follow the online instructions to download the GroupWise Mobility Service ISO to a convenient temporary directory on the Mobility server.
novell-groupwise-mobility-service-14.2.0-x86_64-build_number.iso
6
Skip to Running the Mobility Service Installation Program .
Novell Downloads Website
1 On Novell Downloads (http://download.novell.com) , under Patches, click Search Patches to display Patch Finder.
2 In the Select a Product drop-down list, select GroupWise.
3 At the bottom of the GroupWise product list, click GroupWise Mobility Service 2014 R2 to list the available patches.
4 Click GroupWise Mobility Service 14.2.0, review the product description, then click Proceed to
Download .
5 Follow the online instructions to download the GroupWise Mobility Service ISO to a convenient temporary directory on the Mobility server.
novell-groupwise-mobility-service-14.2.0-x86_64-build_number.iso
6
Continue with Running the Mobility Service Installation Program .
3.3.2
Running the Mobility Service Installation Program
1 Ensure that you know the location where the Mobility Service ISO was downloaded on the
Mobility server: novell-groupwise-mobility-service-14.2.0-x86_64-build_number.iso
2 On your Linux desktop, click Computer > YaST to open the YaST Control Center.
3 Enter the root password.
4 Under Groups, click Software, then click Add-On Products.
5 On the Installed Add-On Products page, click Add.
6 On the Media Types page, select Local ISO Image, then click Next.
7 In the Repository Name field, specify a name for the repository that will hold the Mobility Service software, such as Mobility Service.
8 In the Path to ISO Image field, specify the full path name of the ISO file from
, then click
Next .
9 Accept the License Agreement, then click Next.
10 Under Primary Functions, select Novell GroupWise Mobility Service.
30 GroupWise Mobility Service 2014 R2 Installation Guide
11 Click Accept to start the installation.
12 Click Continue to acknowledge the automatic changes to other aspects of the server that will be made as the Mobility Service software is installed.
IMPORTANT: Do not click Next at this point.
13 After the software has been installed, click Change > GroupWise Mobility Service Configuration to configure your Mobility system.
14 Use the information that you have entered on the
GroupWise Mobility Service Installation
Worksheet to provide the information that the Mobility Service Installation program prompts you
for. Click Next to move from page to page.
User Server Settings:
LDAP Server Settings (if you selected LDAP as the user source):
LDAP Server IP Address or Hostname
Mobility Service Settings (LDAP only):
GroupWise Mobility Service Installation 31
Mobility Service Settings:
Mobility Service Database Password
GroupWise Sync Agent Settings:
GroupWise Post Office Agent IP Address or Hostname
Device Sync Agent Settings:
Generate Self-Signed Certificate
Novell Customer Center Registration:
Mobility Service Activation Code
15 On the Mobility Service Configuration page, click Next to save the configuration settings and install the Mobility Service software.
You see the GroupWise Mobility Service listed on the Installed Add-on Products page.
16 Click OK to return to the YaST Control Center.
If you encounter any problems during the installation, check the Mobility Service Installation program log file for information about the problem:
/var/log/datasync/install.log
For additional assistance, see Appendix A, “GroupWise Mobility Service Installation
.
The Mobility Service Installation program creates the following directories and files:
/opt/novell/datasync
/etc/init.d/rcgms
/etc/datasync
/var/lib/datasync
/var/log/datasync
/var/run/datasync
/var/lib/pgsql
IMPORTANT: Although you use the YaST Add-On Products installer to install the Mobility Service, you must use the Mobility Service uninstall.sh script to uninstall it. For instructions, see
Section 3.3.5, “Uninstalling the Mobility Service,” on page 34
. If you do not uninstall the Mobility
Service correctly, you cannot successfully install it again.
32 GroupWise Mobility Service 2014 R2 Installation Guide
3.3.3
Checking the Status of the Mobility Service
The Mobility Service Installation program starts the Mobility Service for you. If the installation proceeded normally, all components of the Mobility Service should be running.
1 In a terminal window on the Mobility server, become root by entering su - and the root password.
2 Use the following command to check the status of the Mobility Service: rcgms status
3 Use the following commands to manually start and stop the Mobility Service: rcgms start rcgms restart rcgms stop
3.3.4
Using the Mobility Admin Console
The Mobility Service Installation program starts the GroupWise Sync Agent and the Device Sync
Agent for you. Use the Mobility Admin console to check sync agent status.
1 In your web browser, access the Mobility Admin console at the following URL: https://mobility_server_address:8120
Replace mobility_server_address with the IP address or DNS hostname of the server where the Mobility Service is installed.
2 Log in as the Mobility administrator (the LDAP Admin user that was set up during installation, or root
).
The sync agents should display a status of Running.
3 (Conditional) If one or both sync agents are not yet running:
3a Start the GroupWise Sync Agent first.
3b Start the Device Sync Agent second.
The GroupWise Sync Agent accesses the GroupWise Address Book to obtain information needed by the Device Sync Agent.
4 (Conditional) If you encounter problems starting the sync agents, see the following troubleshooting resources:
Appendix A, “GroupWise Mobility Service Installation Troubleshooting,” on page 53
GroupWise Mobility Service Installation 33
“ GroupWise Mobility System Troubleshooting ” in the GroupWise Mobility Service 2014 R2
Administration Guide
“ Working with Log Files ” in the GroupWise Mobility Service 2014 R2 Administration Guide
5
Skip to Section 3.4, “Adding Users to Your Initial Mobility System,” on page 34
.
3.3.5
Uninstalling the Mobility Service
IMPORTANT: When you uninstall the Mobility Service software, certificate files are also deleted. If you have obtained commercially signed certificates for use in your Mobility system, back them up before you uninstall the Mobility Service software.
1 In a terminal window on the Mobility server, become root by entering su - and the root password.
2 Change to the following directory:
/opt/novell/datasync
3 Run the Mobility Uninstallation script:
./uninstall.sh
The Uninstallation script stops the Mobility Service, the sync agents, and the PostgreSQL database server It also uninstalls all Mobility Service RPMs, drops the Mobility Service
PostgreSQL database, and deletes the following directories and files from the Mobility server:
/opt/novell/datasync
/etc/init.d/rcgms
/etc/datasync
/var/lib/datasync
/var/log/datasync
/var/run/datasync
/var/lib/pgsql
4 Remove the Mobility Service repository from the Linux server.
IMPORTANT: If you do not remove the existing Mobility Service repository, you cannot successfully install the next version of the Mobility Service software.
4a In YaST, click Software > Software Repositories.
4b Select the Mobility Service repository, then click Delete.
5 (Conditional) If you encounter problems reinstalling the Mobility Service after uninstalling it, see
“A reinstallation of the Mobility Service software does not proceed normally” on page 55 .
3.4 Adding Users to Your Initial Mobility System
After you install the Mobility Service, use the Mobility Administration console to add users to your
Mobility system. Initially, add a small number of users for testing purposes. The initial users should be active GroupWise users.
1 In your web browser, access the Mobility Admin console at the following URL: https://mobility_server_address:8120
34 GroupWise Mobility Service 2014 R2 Installation Guide
Replace mobility_server_address with the IP address or DNS hostname of the server where the Mobility Service is installed.
2 Log in as the Mobility administrator (the LDAP Admin user that was set up during installation, or root
).
3
, click Users , then click Add Users.
4 Select the user source (LDAP or GroupWise).
5 In the Search field, type the first or last name of a specific user, then click Search.
or
Click Search to list the users in the user source that the Mobility Admin console has been configured to search.
6 Select one or more users to add to your Mobility system.
7 (Conditional) If you are using LDAP as the user source and if the user’s GroupWise user name is not the same as the user’s LDAP user name:
7a In the Default Name column, click the user name.
7b Enter the user’s GroupWise user name in the text box.
The Mobility Service uses default user names to match users who have different user names in GroupWise and in the LDAP directory.
8 Click Add to add the users to your Mobility system.
GroupWise Mobility Service Installation 35
The users appear on the Users page.
9 After you have tested your Mobility system, add the rest of your mobile device users.
For instructions, see “ GroupWise Mobility User Management ” in the GroupWise Mobility Service
2014 R2 Administration Guide .
10
Continue with Testing Your Initial Mobility System .
3.5 Testing Your Initial Mobility System
After you have added a few users to your Mobility system, you can watch the initial synchronization of their devices and send a few test messages.
Section 3.5.1, “Managing Initial Synchronization of Users,” on page 36
Section 3.5.2, “Helping Mobile Device Users Understand Synchronization,” on page 37
Section 3.5.3, “Testing Synchronization,” on page 38
3.5.1
Managing Initial Synchronization of Users
From your point of view as the Mobility administrator, initial synchronization means that GroupWise data has been synchronized from GroupWise to the Mobility System. This means that the data is ready to be synchronized to users’ mobile devices as soon as users configure their devices to connect to the Mobility system.
Initial synchronization provides the following synchronization of GroupWise items:
Contacts from all personal address books, excluding the Frequent Contacts address book
You can change this personal address book selection setting for users after installation in the
Mobility Admin console. For instructions, see “ Customizing a User’s Synchronization Settings ” in the GroupWise Mobility Service 2014 R2 Administration Guide . Users can also change their own synchronization settings on the Mobility Settings page in the Mobility Admin console. For more information, see the GroupWise Mobility User Quick Start .
The GroupWise Address Book cannot be synchronized to mobile devices. However, users can still access individual contacts in the GroupWise Address Book if their mobile devices can do a
Global Address List (GAL) lookup. As an alternative, users can create a personal address book that is a subset of the GroupWise Address Book to synchronize to their mobile devices.
Calendar items (appointments and reminder notes) from the last two weeks and all future calendar items
Shared calendars are synchronized only for the owners of the shared calendars. If shared calendars are very important to users, shared calendar owners can post them to the Internet. For more information, see Publishing Personal Calendars on the Internet in the GroupWise 2014 R2
Client User Guide .
After the owner publishes the calendar, other users can view the calendar URL in the web browser on their mobile devices.
36 GroupWise Mobility Service 2014 R2 Installation Guide
To provide this functionality, at least one Calendar Publishing Host must be set up in the
GroupWise system. For more information, see Setting Up the GroupWise Calendar Publishing
Host in the GroupWise 2014 R2 Installation Guide .
Email messages in the Mailbox folder for the last three days
If users want to receive more existing email messages on their devices, they can configure their mobile devices to request additional existing email messages.
Tasks with due dates in the last two weeks and all future tasks
Completed and uncompleted tasks are synchronized. Posted and group tasks are synchronized.
Tasks that originate as other GroupWise item types (such as emails or calendar items) are synchronized as tasks when they are dragged to the Tasklist, when they are displayed in the
Tasklist, or when they are changed to tasks.
The GroupWise Tasklist does not synchronize to mobile devices. You cannot create a tasklist on a mobile device that is associated with a GroupWise account.
Phone messages for the last three days
Folders in the Cabinet (but not items in folders until users request them by opening folders on their mobile devices)
Attachments if they do not exceed your Mobility system size limits
If an item has an attachment that does not synchronize, a message notifies the user. For more information, see “ Controlling Synchronization Size Limits ” in the GroupWise Mobility Service
2014 R2 Administration Guide .
When you add several users to your Mobility system at the same time, initial synchronization is performed for four users at a time. When it finishes with one of the four users, it starts on another user.
You can monitor the progress of initial synchronization in the Mobility Admin console. For instructions, see “ Monitoring User Status ” and “ Monitoring Device Status ” in the GroupWise Mobility Service 2014
R2 Administration Guide .
IMPORTANT: You should complete initial synchronization before you notify users to configure their mobile devices. Initial synchronization can take a substantial amount of time, depending on the amount of data to synchronize.
Occasionally, initial synchronization fails, and troubleshooting is required. For assistance, see
“ Device Troubleshooting ” in the GroupWise Mobility Service 2014 R2 Administration Guide .
3.5.2
Helping Mobile Device Users Understand Synchronization
To help your mobile device users get started efficiently, notify them of the following information:
Users must correctly configure their mobile devices in order to connect to the Mobility system.
For instructions, see the GroupWise Mobility User Quick Start . Ensure that you provide all the information about your Mobility system that users need in order to successfully configure their devices. To make this process easier, see “ Using Autodiscover to Simplify Device Setup ” in the
GroupWise Mobility Service 2014 R2 Administration Guide .
GroupWise Mobility Service Installation 37
IMPORTANT: Print the GroupWise Mobility User Quick Start and distribute it to your mobile device users, or email them the link to it ( http://www.novell.com/documentation/ groupwisemobility2/pdfdoc/gwmob2014r2_qs_user/gwmob2014r2_qs_user.pdf
), to help them configure their devices correctly.
For device-specific information, see the GroupWise Mobility Service Devices Wiki (http:// wiki.novell.com/index.php/GroupWise_Mobility_Devices) .
These two sources of information can help eliminate the need for mobile device users to contact you with functional and device-specific questions as they start synchronizing GroupWise data to their mobile devices.
3.5.3
Testing Synchronization
1 Test GroupWise data synchronization by logging in to your GroupWise mailbox and sending yourself an email message.
2 Reply to the message from your mobile device.
If the message synchronizes to your mobile device and the reply on your mobile device synchronizes back to GroupWise, your basic Mobility system is up and running.
3 (Conditional) If the message does not synchronize successfully, see the following troubleshooting resources:
In this GroupWise Mobility Service 2014 R2 Installation Guide:
“GroupWise Mobility Service Installation Troubleshooting” on page 53
In the GroupWise Mobility Service 2014 R2 Administration Guide :
“ Device Troubleshooting ”
“ Mobility Service Troubleshooting ”
“ GroupWise Sync Agent Troubleshooting ”
“ Device Sync Agent Troubleshooting ”
4 To customize and expand your Mobility system, see
Section 3.7, “What’s Next,” on page 41 .
3.6 Integrating with Mobile Device Management
Applications
The GroupWise Mobility Service can be used with several mobile device management (MDM) applications:
Section 3.6.1, “Novell ZENworks Mobile Management,” on page 39
Section 3.6.2, “BlackBerry Enterprise Service 10 and Other MDM Solutions,” on page 40
38 GroupWise Mobility Service 2014 R2 Installation Guide
3.6.1
Novell ZENworks Mobile Management
Novell ZENworks Mobile Management is a mobile device management solution that provides centralized management and control of mobile devices throughout your enterprise network. For complete information, see the ZENworks Mobile Management Documentation website (http:// www.novell.com/documentation/zenworksmobile28) .
When you configure ZENworks Mobile Management to work with your Mobility system, all of the powerful features of ZENworks Mobile Management are available for managing the mobile devices of your GroupWise users.
1 Configure ZENworks Mobile Management with information about your Mobility server:
1a Log in to the ZENworks Mobile Management Dashboard.
1b Click Organization > Administrative Servers > ActiveSync Servers to list your existing ActiveSync servers.
1c Click Add ActiveSync Server.
1d In the ActiveSync Server Name field, specify the DNS hostname of your Mobility server, such as gwmobility.
1e In the ActiveSyncServer Address field, specify the fully qualified hostname of your Mobility server, such as gwmobility.provo.novell.com.
1f In the ActiveSync Server Port field, specify 443 for a secure connection.
1g Select Use SSL.
1h In the Domain field, specify the Internet domain where your Mobility server is located, such as novell.com, then click Add.
1i Click Finish to save the information about your Mobility server.
1j
(Conditional) If you have multiple Mobility servers, repeat Step 1c through Step 1i
, providing information about each Mobility server.
1k (Conditional) If you have multiple ZENworks Mobile Management servers, configure additional servers with information about your Mobility server(s).
2 Ensure that your GroupWise mobile device users have been added to ZENworks Mobile
Management.
GroupWise Mobility Service Installation 39
3 Configure your Mobility system with information about ZENworks Mobile Management:
3a In the
Mobility Admin console , click Config .
3b On the General page, scroll down to the MDM Server field.
3c Specify the IP address of the ZENworks Mobile Management server where you provided information about your Mobility server.
3d (Conditional) If you configured multiple ZENworks Mobile Management servers with information about your Mobility server, specify the IP addresses in a comma-delimited list.
3e Click Save to save the new setting(s).
3f Restart the Mobility Service to put the new setting(s) into effect: rcgms restart
4 View the GroupWise mobile device users that have been added to ZENworks Mobile
Management:
4a From the ZENworks Mobile Management Dashboard, click Users.
4b Scroll horizontally to view various types of information about GroupWise users and their mobile devices, including the following:
Time of last synchronization
Phone number
Mobile device model
Mobile device operating system and version
5 Verify that the configuration is successful:
5a In the
Mobility Admin console , click Users
, then click a user who has a device to add.
5b Add the new device through ZENworks Mobile Management.
5c When the device appears on the User/Device Actions page, verify that it has _zmm appended to the device ID.
The _zmm on the device ID shows that the user connected the device to your Mobility system through ZENworks Mobile Management.
If you require existing mobile device users to re-add their devices through ZENworks Mobile
Management, they initially have two device IDs, one with _zmm and one without. This prevents ZENworks Mobile Management requests from conflicting with regular device requests. The old device ID disappears from the User/Device Actions page in about a month.
3.6.2
BlackBerry Enterprise Service 10 and Other MDM Solutions
Because GroupWise Mobility Service 2014 R2 supports ActiveSync 14.1, it can be used with the
BlackBerry Enterprise Service 10 device management and security platform, and with any other
MDM solution that supports ActiveSync 14.1. No special configuration of the GroupWise Mobility
Service is required to take advantage of these MDM solutions for monitoring and managing the mobile devices of GroupWise users.
40 GroupWise Mobility Service 2014 R2 Installation Guide
3.7 What’s Next
Section 3.7.1, “Managing Your Mobility System,” on page 41
Section 3.7.2, “Managing the GroupWise Sync Agent,” on page 41
Section 3.7.3, “Managing the Device Sync Agent,” on page 41
3.7.1
Managing Your Mobility System
After your Mobility system is running smoothly, see the following sections in the GroupWise Mobility
Service 2014 R2 Administration Guide for instructions on maintaining your Mobility system:
“ GroupWise Mobility Administration Console ”
“ GroupWise Mobility System Management ”
“ GroupWise Sync Agent Configuration ”
“ Device Sync Agent Configuration ”
“ GroupWise Mobility System Monitoring ”
“ GroupWise Mobility User Management ”
“ GroupWise Mobility Device Management ”
“ GroupWise Mobility System Security ”
“ GroupWise Mobility System Troubleshooting ”
3.7.2
Managing the GroupWise Sync Agent
After the GroupWise Sync Agent is successfully synchronizing data for the initial set of GroupWise users, see the following sections in the GroupWise Mobility Service 2014 R2 Administration Guide for instructions on customizing and maintaining the GroupWise Sync Agent:
“ Selecting GroupWise Items to Synchronize ”
“ Increasing GroupWise Sync Agent Reliability or Performance ”
“ Ignoring Old GroupWise Items ”
“ Clearing Accumulated GroupWise Events ”
“ Changing the GroupWise Sync Agent Listening Port ”
“ Enabling and Disabling SSL for POA SOAP Connections ”
“ Matching GroupWise Configuration Changes ”
“ Modifying or Preventing Synchronization of Specified Items by Using an XSLT Filter ”
3.7.3
Managing the Device Sync Agent
After the Device Sync Agent is successfully synchronizing data for the initial set of mobile device users, see the following sections in the GroupWise Mobility Service 2014 R2 Administration Guide for instructions on customizing and maintaining the Device Sync Agent:
“ Blocking/Unblocking All Incoming Devices ”
“ Enabling a Device Password Security Policy ”
“ Quarantining New Devices to Prevent Immediate Connection ”
“ Controlling the Maximum Number of Devices per User ”
GroupWise Mobility Service Installation 41
“ Removing Unused Devices Automatically ”
“ Controlling the Maximum Number of Devices per User ”
“ Binding to a Specific IP Address ”
“ Enabling a Device Password Security Policy ”
“ Changing the Address Book User ”
3.8 GroupWise Mobility Service Installation
Worksheet
Installation Field
Mobility Server Information
IP address
Hostname
User Source
GroupWise
LDAP
LDAP Information
LDAP server
IP address
Hostname
Secure LDAP Port?
Yes
Default port: 636
No
Default port: 389
LDAP server credentials
LDAP administrator DN
LDAP administrator password
LDAP containers
Users
Groups
Mobility Admin console credentials
Admin login DN
Admin password
Value for Your Mobility System For More Information, See
Section 3.1.2, “Selecting Mobility
Section 3.1.3, “Selecting the User
Source for Your Mobility System,” on page 18
Section 3.1.8, “Establishing Mobility
System Security,” on page 25 .
42 GroupWise Mobility Service 2014 R2 Installation Guide
Installation Field
Mobility Service Database
Database name: datasync
Database user: datasync_user
Database password
GroupWise Trusted Application
Trusted application name
Trusted application key file
GroupWise Post Office Agent
POA IP address or DNS hostname
POA SOAP port
Default port: 7191
Secure: Yes / No
Mobile Device Port:
Secure LDAP port: Yes
Default port: 443
Generate self-signed certificate?
Yes
No
Certificate file:
Secure LDAP port: No
Default port: 80
GroupWise Address Book User:
Value for Your Mobility System For More Information, See
Section 3.1.6, “Gathering Mobile
Device Information,” on page 24 .
“GroupWise Trusted Application” on page 21 .
“Mobile Device Port” on page 24
and “Server Certificate” on page 25 .
“GroupWise Address Book User” on page 23
.
Novell Customer Center
Registration:
Register later
Register now
Email address
Activation code root Access for Mobility Admin
Console
root password
Section 3.1.8, “Establishing Mobility
System Security,” on page 25 .
Section 3.1.8, “Establishing Mobility
GroupWise Mobility Service Installation 43
44 GroupWise Mobility Service 2014 R2 Installation Guide
4
GroupWise Mobility Service Update
The following sections provide information to help you update to GroupWise Mobility Service 2014
R2:
Section 4.1, “Updating to GroupWise Mobility Service 14.2,” on page 45
Section 4.2, “Registering for Automatic Updates Later,” on page 50
4.1 Updating to GroupWise Mobility Service 14.2
The update process pertains to either the following types of updates:
Any version of GroupWise Mobility Service to GroupWise Mobility Service 2014 R2.
Any version of the Novell Data Synchronizer Mobility Pack to GroupWise Mobility Service 2014
R2.
Complete the following steps to update to GroupWise Mobility Service 14.2:
Section 4.1.1, “Obtaining the GroupWise Mobility Service 14.2 ISO,” on page 45
Section 4.1.2, “Running GMSsslCheck,” on page 46
Section 4.1.3, “Upgrading GroupWise Mobility Service,” on page 46
Section 4.1.4, “Checking the Status of the Mobility Service after Update,” on page 49
Section 4.1.5, “Changing the User Source for Your Mobility System (Optional),” on page 49
4.1.1
Obtaining the GroupWise Mobility Service 14.2 ISO
You can obtain the GroupWise Mobility Service 14.2 ISO from these locations:
“Novell Customer Center” on page 45
“Novell Downloads Website” on page 46
Novell Customer Center
1 Log in to the Novell Customer Center (http://www.novell.com/customercenter) .
2 In the Organization drop-down list (next to your name in the upper-right corner), select your organization that is entitled to GroupWise Mobility Service.
3 Click Software.
4 In the Novell GroupWise section, locate Novell GroupWise Mobility Service 2014 R2, then click
to display the download page.
5 Follow the online instructions to download the GroupWise Mobility Service ISO and the
GMSsslCheck.tar
file to a convenient temporary directory on the Mobility server.
novell-groupwise-mobility-service-14.2.0-x86_64-build_number.iso
6
Continue to Running GMSsslCheck
.
GroupWise Mobility Service Update 45
Novell Downloads Website
1 On Novell Downloads (http://download.novell.com) , under Patches, click Search Patches to display Patch Finder.
2 In the Select a Product drop-down list, select GroupWise.
3 At the bottom of the GroupWise product list, click GroupWise Mobility Service 2014 R2 to list the available patches.
4 Click GroupWise Mobility Service 14.2.0, review the product description, then click Proceed to
Download .
5 Follow the online instructions to download the GroupWise Mobility Service ISO and the
GMSsslCheck.tar
file to a convenient temporary directory on the Mobility server.
novell-groupwise-mobility-service-14.2.0-x86_64-build_number.iso
6
Continue with Running GMSsslCheck
.
4.1.2
Running GMSsslCheck
Before you upgrade your Mobility system, the GMSsslCheck utility needs to be run to ensure that the
SSL settings on your GroupWise POA servers matches the setting in Mobility. Mobility no longer fails over between SSL and non SSL when communicating with the POAs. Follow the steps below to run the utility:
1 Open a terminal and extract the content of the GMSsslCheck.tar file to a temporary location on your GMS server using the following command: tar xvf GMSsslCheck.tar
2 In the terminal, browse to the folder where you extracted the files.
3 Run the following command to launch the utility: python sslcheck.pyc
4 In the menu prompt, select option 1.
The tool connects to all of your GroupWise POAs and checks their SSL settings against the
GMS settings. If the settings do not match those in GMS, the information is displayed so you can resolve the settings.
5
Continue with Upgrading GroupWise Mobility Service
4.1.3
Upgrading GroupWise Mobility Service
The update process includes installing the GroupWise Mobility Service 14.2 ISO file, and then running the Update script:
“Using Patch CD Update in YaST” on page 46
“Running the Mobility Service Update Script” on page 48
Using Patch CD Update in YaST
1 If you are updating from the Novell Data Synchronizer Mobility Pack, stop the Synchronizer services and verify that they have stopped:
46 GroupWise Mobility Service 2014 R2 Installation Guide
rcdatasync stop ps -eaf | grep datasync or
If you are updating from a previous version of GroupWise Mobility Service, stop the Mobility
Service and verify that it has stopped: rcgms stop rcgms status
2 Ensure that you know the location where the Mobility Service ISO was downloaded on the
Mobility server: novell-groupwise-mobility-service-14.2.0-x86_64-build_number.iso
3 On your Linux desktop, click Computer > YaST to open the YaST Control Center.
4 Enter the root password.
5 Under Groups, click Software, then click Patch CD Update.
NOTE: The Patch CD Update process pulls all updates in the channels that you have selected.
This might include updates in addition to the GroupWise Mobility Service.
6 Click Next to start the update.
7 On the Media Types page, select Local ISO Image, then click Next.
8 In the Repository Name field, specify a name for the repository that will hold the Mobility Service software, such as Mobility Service.
9 In the Path to ISO Image field, specify the full path name of the ISO file from
, then click
Next .
10 Accept the License Agreement, then click Next.
11 On the Migration Repositories page, click Next.
12 On the Distribution Upgrade Settings page, click Next.
13 In the Confirm Update dialog box, click Start Update.
14 (Conditional) If you have not already registered for the Mobility 2014 R2 Updates channel, select
Registration Code under Configure Now on the Novell Customer Center Configuration page, click Next, wait while the configuration takes place, then click OK when the configuration is complete.
This creates and enables the Mobility-2014 R2-Updates channel.
or
If you prefer not to configure the Mobility server for automatic updates now, click Configure Later, then click Next.
When you want to start receiving automatic updates, follow the instructions in Section 4.2,
“Registering for Automatic Updates Later,” on page 50
.
15 On the Installation Completed page, click Finish.
You do not need to restart the server after the update.
16
Continue with Running the Mobility Service Update Script
.
GroupWise Mobility Service Update 47
Running the Mobility Service Update Script
Running the Update script updates the Mobility Service database for use with the updated software.
NOTE: The process of updating to GroupWise Mobility Service 2014 R2 from versions of the Data
Synchronizer Mobility Pack earlier than 1.2.5 might take longer than previous Mobility Pack updates.
It is not unusual for the Update script to run for over an hour for a large database.
1 In a terminal window on the Mobility server, become root by entering su - and the root password.
2 Change to the following directory:
/opt/novell/datasync
3 Ensure that PostgreSQL is running: rcpostgresql status
4 Run the Mobility Service Update script:
4a Enter the following command:
./update.sh
You are prompted to confirm the update:
The update process may take some time. During this process, the GroupWise
Mobility Service will be shut down. Are you sure you want to update the
GroupWise Mobility Service now?
4b Enter yes to start the update.
The Update script prompts you:
Reset logging level for all GroupWise Mobility Services to Info?
The Info logging level provides sufficient logging for a typical Mobility system. If you have set the logging level to Debug in an earlier version, you can now set it to Info and still get the logging you need to manage your Mobility system.
IMPORTANT: Info is the default logging level and is strongly recommended because it balances the amount of data logged, the amount of disk space required for log files, and the load on the Mobility system.
For more information about logging levels, see “ Working with Log Files ” in the GroupWise
Mobility Service 2014 R2 Administration Guide .
4c Enter yes to reset the logging level to Info for the GroupWise Mobility Service.
The Update script prompts you:
Enable anonymous information to be automatically sent to Novell to improve your GroupWise mobile experience?
You can contribute to the gathering of anonymous usage data about your Mobility system to help improve the GroupWise Mobility Service product. For more information, see “ Providing
Anonymous Feedback about Your Mobility System ” in the GroupWise Mobility Service 2014
R2 Administration Guide .
4d (Optional) Enter yes to participate in the gathering of anonymous feedback.
The Update script now shuts down the Mobility Service, updates the Mobility Service database, then restarts the Mobility Service.
48 GroupWise Mobility Service 2014 R2 Installation Guide
For some version updates, the update process finishes quickly. However, the update process can take longer for a large database.
WARNING: Do not cancel this process, even if it takes a very long time. Cancelling the process before it finishes can cause damage to the Mobility Service database.
When the Update script finishes, your updated Mobility system is ready for use.
NOTE: The process of updating to GroupWise Mobility Service 2014 R2 from versions of the Data Synchronizer Mobility Pack earlier than 1.2.5 might take longer than previous
Mobility Pack updates. It is not unusual for the Update script to run for over an hour for a large database.
5
Continue with Checking the Status of the Mobility Service after Update
.
4.1.4
Checking the Status of the Mobility Service after Update
The Mobility Service Update script starts the Mobility Service for you. If the update proceeded normally, all components of the Mobility Service should be running.
1 In a terminal window on the Mobility server, become root by entering su - and the root password.
2 Use the following command to check the status of the Mobility Service: rcgms status
3 Use the following commands to manually start and stop the Mobility Service: rcgms start rcgms restart rcgms stop
4.1.5
Changing the User Source for Your Mobility System
(Optional)
For background information about the user source alternatives, see Section 3.1.3, “Selecting the
User Source for Your Mobility System,” on page 18 . For usage instructions, see “
Changing between
LDAP and GroupWise as the User Source ” in the GroupWise Mobility Service 2014 R2
Administration Guide .
The Data Synchronizer Mobility Pack created a Synchronizer system based on LDAP as the user source for user provisioning and, optionally, for device ion. In Synchronizer Web Admin, the ion Type setting on the Mobility Connector Settings page set the device ion method for your Synchronizer system. This setting automatically transferred to the ion setting on the User Source page in the
Mobility Admin console.
IMPORTANT: If you are comfortable with the configuration that you used for your Synchronizer system, there is no need to change it for your Mobility system.
If you want to start using GroupWise as the user source for provisioning, new mobile device users are added to your Mobility system based on their GroupWise location
(user_name.post_office_domain). Existing mobile device users are still associated with their LDAP context (cn=user_name,ou=organizational_unit,org=organization). On the Users page, you can determine the source of each user by mousing over it.
GroupWise Mobility Service Update 49
There is no direct way to change an existing user from being associated with LDAP to being associated with GroupWise. If it is important for you to do this, you must delete the user as an LDAP user, and then add the user as a GroupWise user. After this occurs, the best practice for data integrity is to have the mobile device user delete and re-add the email account on the device.
There is also no direct way to change from using an LDAP group to using a GroupWise group
(distribution list in older GroupWise systems). As with individual users, you must delete the LDAP group from your Mobility system (which deletes all the LDAP users in the LDAP group), and then add the GroupWise group (which adds all the users based on the GroupWise group). Again, the affected users should delete and re-add their email accounts on their devices.
You might want to accomplish this transition over time, a few users at a time. If you want to accomplish the transition all at once, you can create a new Mobility system, based entirely on
GroupWise provisioning and ion, and then switch from the old system to the new system, perhaps over night, without notifying your mobile device users. Most users will likely not notice the change.
You can then have those users that contact you about data integrity issues delete and re-add their email accounts in order to resynchronize the GroupWise data.
4.2 Registering for Automatic Updates Later
If you choose not to configure the Mobility server to receive automatic updates when you update to
GroupWise Mobility Service 14.2, you can perform the configuration at your convenience at a later time, perhaps when the next update becomes available.
Section 4.2.1, “Obtaining the GroupWise Mobility Service Activation Code,” on page 50
Section 4.2.2, “Registering to Receive the Update,” on page 50
Section 4.2.3, “Installing the Update,” on page 51
4.2.1
Obtaining the GroupWise Mobility Service Activation Code
1 Log in to the Novell Customer Center (http://www.novell.com/customercenter) .
2 In the Organization drop-down list (next to your name in the upper-right corner), select your organization that is entitled to GroupWise Mobility Service.
3 Click Software.
4 In the Novell GroupWise section, locate Novell GroupWise Mobility Service 2014 R2, click Keys to view the activation code and save it for future reference.
4.2.2
Registering to Receive the Update
1 In a terminal window on the Mobility server, enter the following command: suse_register -a regcode-mobility=registration_code
-a email=email_address -L /root/.suse_register.log
Replace registration_code with the GroupWise Mobility Service activation code that you
obtained from the Novell Customer Center in “Obtaining the GroupWise Mobility Service
.
Replace email_address with the email address that you used to log in to the Novell Customer
Center.
Notifications about future GroupWise Mobile Server updates will be sent to this email address.
You can then choose when to install each update.
50 GroupWise Mobility Service 2014 R2 Installation Guide
2 Enter the following command to verify that the Novell Update channel for the Mobility Service has been added on your Mobility server: zypper ca
This command lists all product-specific channels where you are registered to receive updates.
The following Mobility Service update channel should be listed:
Alias nu_novell_com:Mobility-2014 R2-Updates
Name
Mobility-2014 R2-Updates
4.2.3
Installing the Update
When you are notified that the next update is available:
1 Enter the following command: zypper up -r nu_novell_com:Mobility-2014 R2-Updates
2 Enter yes to start the update process.
GroupWise Mobility Service Update 51
52 GroupWise Mobility Service 2014 R2 Installation Guide
A
GroupWise Mobility Service
Installation Troubleshooting
“The GroupWise Mobility Service Installation program does not behave as documented” on page 53
“The GroupWise Mobility Service Installation program cannot communicate with the GroupWise
“The Mobility Service does not start” on page 54
“You cannot access the Mobility Admin console after installation” on page 55
“A reinstallation of the Mobility Service software does not proceed normally” on page 55
See also the following sections in the GroupWise Mobility Service 2014 R2 Administration Guide :
“ Device Troubleshooting ”
“ GroupWise Sync Agent Troubleshooting ”
“ Device Sync Agent Troubleshooting ”
“ Working with Log Files ”
The GroupWise Mobility Service Installation program does not behave as documented
Possible Cause: You are trying to install the GroupWise Mobility Service on 32-bit hardware.
Action: Install the GroupWise Mobility Service on 64-bit hardware that meets the system
requirements described in Section 2.1, “Mobility Server Requirements,” on page 11 .
The GroupWise Mobility Service Installation program cannot communicate with the LDAP server
Possible Cause: A firewall is blocking communication between the Installation program and the
LDAP server.
Action: Ensure that communication through the firewall is allowed on port 636 for a secure LDAP connection or port 389 for a non-secure LDAP connection.
Possible Cause: The LDAP server is not functioning correctly.
Action: Restart the LDAP server.
Possible Cause: You specified the LDAP server settings incorrectly.
Action: Double-check the LDAP server settings you entered in the Installation program.
GroupWise Mobility Service Installation Troubleshooting 53
The GroupWise Mobility Service Installation program cannot communicate with the GroupWise POA
Possible Cause: A firewall is blocking communication between the Installation program and the
POA server.
Action: Ensure that communication through the firewall is allowed on port 4500.
Possible Cause: The POA is not running.
Action: Start the POA.
Possible Cause: You specified the POA server settings incorrectly.
Action: Double-check the POA server settings you entered in the Installation program.
Possible Cause: There is a problem with the GroupWise trusted application key file.
Action: Re-create the GroupWise trusted application key file. You need to fill in only these three fields in the New Trusted App Key dialog box in the GroupWise
Admin console (or in the Create Trusted Application dialog box in ConsoleOne in older GroupWise systems): Name, Location for Key File, and Name of Key File.
Do not fill in any other fields.
The GroupWise Mobility Service Installation program cannot communicate with any required application
Possible Cause: The required port number is not open.
Action: Review the list of required port numbers in
Section 3.2.2, “Opening Required
Action: Use telnet to test whether ports are open.
1 Enter the following command in a terminal window: telnet application_host port_number
Replace application_host with the IP address or DNS hostname of the server where the application is running.
Replace port_number with the port number on which the Installation program is attempting to communicate with the application.
2 (Conditional) If the terminal windows goes blank, with the cursor in the upper-left corner, enter quit to exit the telnet session.
The port is open. The Installation program should be able to communicate with the application.
3 (Conditional) If a Connection failed message displays, open the port through the firewall to enable the Installation program to communicate with the application.
The Mobility Service does not start
Possible Cause: PostgreSQL is not running on the Mobility server.
Action: Check the status of PostgreSQL on the Mobility server, and start it manually if necessary.
rcpostgresql status rcpostgresql start
54 GroupWise Mobility Service 2014 R2 Installation Guide
You cannot access the Mobility Admin console after installation
Possible Cause: The date and time on the Mobility server does not match the date and time on the GroupWise server.
Action: Reset the time on the Mobility server to match the time on the GroupWise server.
This Mobility system requirement is listed in Section 2.1, “Mobility Server
.
A reinstallation of the Mobility Service software does not proceed normally
Possible Cause: The previous installation of the Mobility Service software was not completely uninstalled.
Action: The standard uninstallation procedure provided in
Section 3.3.5, “Uninstalling the Mobility Service,” on page 34
occasionally fails to completely uninstall the
GroupWise Mobility Service because of various server-specific issues. When the
Mobility Service software is not completely uninstalled, the next installation does not proceed normally. For example, you might encounter problems configuring
LDAP access during installation.
1 To ensure that the Mobility Service software has been completely uninstalled, perform the following checks:
In YaST, click Software > Add-On Products.
The GroupWise Mobility Service should not be listed. If it is still listed, select it, then click Delete.
In YaST, click Software > Software Repositories.
The GroupWise Mobility Service repository should not be listed. If it is still listed, select it, then click Delete.
In YaST, click Software > Software Management. In the Filters dropdown list, select Patterns.
Under the Primary Functions heading, the GroupWise Mobility Service should not be listed. If it is still listed, select it. Review the Packages list for any packages that were not successfully uninstalled and uninstall them.
In YaST, click Software > Software Management. In the Search field, specify datasync, then click Search.
The Packages list should be empty. If any Mobility Service packages are still listed, uninstall them.
Log in as root in a terminal window, then check for Mobility Service
RPMs: rpm -qa | grep datasync
If any Mobility Service RPMs are still installed, uninstall them: rpm -e rpm_name.rpm
Ensure that none of the following directories still exist on your server:
GroupWise Mobility Service Installation Troubleshooting 55
/opt/novell/datasync
/etc/datasync
/var/lib/datasync
/var/log/datasync
/var/run/datasync
/var/lib/pgsql
If any of these directories still exist, delete them.
2 After your performing these checks and making changes as needed, restart the Mobility server.
3 Remove the Mobility certificate from any workstations where you have run the Mobility Admin console.
For example, in Firefox, click Tools > Options > Advanced > Encryption >
View Certificates . Select the certificate named DataSync Web Admin, then click Delete.
56 GroupWise Mobility Service 2014 R2 Installation Guide

Public link updated
The public link to your chat has been updated.
Advertisement
Key features
- Synchronizes email, appointments, contacts, tasks, notes, and phone messages
- Supports the latest device operating systems
- Fast, reliable and scalable
- Provides data synchronization between GroupWise mailboxes and mobile devices
- Can be configured to communicate with one GroupWise system
- Can be configured to communicate with one GroupWise system
- Can be configured to communicate with one GroupWise system
- Can be configured to communicate with one GroupWise system
- Can be configured to communicate with one GroupWise system
- Can be configured to communicate with one GroupWise system