6.2 Moving Messenger Agents to Linux

Moving the Messenger Agents to Linux includes installing the agents to the Linux server, copying the data stores, and providing updated configuration information in ConsoleOne.

6.2.1 Making a NetWare or Windows Server Visible from Linux

To make a NetWare or Windows server visible from Linux, you mount the directory you need access to as a Linux file system.

NetWare:

mount -t ncpfs NetWare_server_full_DNS_name
               /Linux_mount_location/mount_point_directory
               -o user=fully_qualified_username
               -o ipserver=NetWare_server_full_DNS_name

A NetWare server full DNS name has the format of mail2.provo.corporate.com. A fully qualified username has the format of Admin.Users.Corporate. A typical Linux mount location is /mnt.

Windows:

mount -t smbfs //Windows_server_name/sharename
               /Linux_mount_location/mount_point_directory
               -o username=Windows_username

To use this command, the WINS protocol must be functioning properly on your network. The specified Windows user must have sufficient rights to access the Messenger directories.

6.2.2 Copying the Startup Files

If you have made changes to the default startup files for Messenger, you need to copy the files to the Linux server before you install the Messenger system on Linux.

  1. Copy the Messaging Agent and Archive Agent startup files to the default Linux location.

    The default startup files are located in the following areas:

    NetWare:

    sys:\Novell\NM\agent\strtup.xx

    Windows:

    C:\novell\NM\agent\startup.xx

    Linux:

    /etc/opt/novell/messenger/strtup.xx

  2. From a terminal window on Linux, use the dos2unix program to convert the startup files to UNIX format by using the following commands:

    dos2unix /etc/opt/novell/messenger/strtup.ma

    dos2unix /etc/opt/novell/messenger/strtup.aa

  3. Make the following edits to the startup files:

    • Remove all paths from the startup files so they use the Linux default paths.

      or

      Change the paths to the correct location on Linux to use custom paths.

    • Change the IP address or hostname to the IP address or hostname of the Linux server.

    • Change the path to any certificates to the Linux path.

    • If you have made any other custom changes to your startup file, adjust those changes for the Linux paths.

6.2.3 Client/Server SSL Certificates

If the Linux server has a different IP address than the NetWare/Windows server, you need to generate new certificates. If the Linux server has the same IP address as the NetWare/Windows server, you can copy the SSL certificates to the Linux server. When you copy the certificates to the Linux server, make sure you copy the certificates to the path you specified in the startup files.

For instructions on how to create new SSL certificates, see Configuring the Linux Messenger Agents for SSL.

6.2.4 Trusted Root Certificates

If you want to use LDAP SSL to connect to your target eDirectory, then a copy of the target directory’s replica’s trusted root certificate must be made available to the Messenger installation program.

If you previously used LDAP SSL with Messenger, then a copy of the replica’s trusted root certificate should exist at sys:\novell\nm\certs for NetWare or c:\novell\nm\certs for Windows. If you are enabling LDAP SSL as part of the migration and the eDirectory replica is on NetWare, the trusted root certificate should already exist at sys:\public\RootCert.der. You need to be able to browse to this location from the Linux server. To do this, you must mount the NetWare or Windows server. For information on how to create a mount to a NetWare or Windows server, see Section 6.2.1, Making a NetWare or Windows Server Visible from Linux.

If the certificate does not exist, you can export a trusted root certificate by performing the following steps, which require the eDirectory ConsoleOne snap-ins:

  1. From the Linux server, run ConsoleOne and connect to the eDirectory replica server.

  2. Browse to the LDAP Server object in the tree, right-click the LDAP Server object, then select Properties.

  3. Click the SSL/TLS Configuration tab. The certificate name is displayed in the Server Certificate field.

  4. In the ConsoleOne tree, browse to the certificate that was displayed in the Server Certificate field.

  5. Right-click the certificate, then select Properties.

  6. Click the Certificate tab, then select Trusted Root Certificate.

  7. Click Export.

  8. Select No to not export the private key, then click Next.

  9. Select File in binary DER format.

  10. Specify the location and filename to save the certificate as, then click Next.

  11. Click Finish to export the trusted root certificate.

During the Messenger installation, you need to specify the path to the trusted root certificate to use LDAP SSL.

6.2.5 Installing the Messenger Agents on Linux

Before you can migrate your Messenger Agents to Linux, you must first install a Messenger system on Linux. During the configuration process of this installation, the startup files that you copied to the Linux server are read and the information from the startup files is included in the installation. For information on how to install a Messenger system on Linux, see Section 3.2.3, Installing and Setting Up a Messenger System on Linux.

If you use direct mode to access eDirectory, you must have eDirectory installed before you install the Messenger system.

When you have finished installing your Messenger system on Linux, do not start the agents. If you have already started your Messenger Agents, you can stop they by performing the following steps:

  1. At the Linux server, become root by entering su and the root password.

  2. Change to the /etc/init.d directory.

  3. To stop the Messaging Agent, enter the following command:

    ./novell-nmma stop

  4. To stop the Archive Agent, enter the following command:

    ./novell-nmaa stop

6.2.6 Enabling Messenger Agent Monitoring on Linux

There is no user interface for the Linux Messenger Agents. To monitor the Messenger agents and perform manual logging and archiving actions, you need to enable Web Console for both the Messaging Agent and the Archive Agent. For information on how to enable Web Console for your Messaging Agent, see Setting Up the Messaging Agent Web Console in the Novell Messenger 2.1 Administration Guide. For information on how to enable the Web Console for the Archive Agent, see Using the Archive Agent Web Console and GroupWise Monitor in the Novell Messenger 2.1 Administration Guide.