Chat now with support
Chat with Support

Coexistence Manager for GroupWise 1.7.1 - User Guide

About the Coexistence Manager for GroupWise documentation suite Introduction Coexistence Manager for GroupWise Directory Connector
Directory Connector overview Installation and configuration DC Management Console Connector Creation Wizard Connector Advanced Settings Running and stopping the Directory Connector service
Coexistence Manager for GroupWise Mail Connector Coexistence Manager for GroupWise Free/Busy Connector The Log Viewer Appendix A: Known limitations Appendix B: Troubleshooting Appendix C:Configuring Coexistence Manager for GroupWise logging

Directory Connector overview

The Quest Coexistence Manager for GroupWise Directory Connector (DC) updates directory information between the Novell Global Address Book and Active Directory (AD). Within the DC component, one or more individual connectors are defined, each to copy directory data in only one direction. A bidirectional update is accomplished by defining a pair of connectors to run sequentially in opposite directions.

Note that while Directory Connector is the name of the Coexistence Manager for GroupWise component as a whole, and of the Windows service that performs directory updates, the term connector also refers to the individual processes within the component, each defined to perform a particular directory update in just one direction. Think of the Directory Connector service as the engine that does the actual work, while the individual connectors are the instructions that tell the engine how to apply its capabilities. A connector definition tells the DC service the direction of the update, where the source objects reside, which object types to include, where within the target server the objects should be copied, access credentials to both servers, when to run updates, and so forth.

For each defined connector, the Coexistence Manager for GroupWise Directory Connector sends a query to the source directory (step 1 in both illustrations below, for GroupWise 8 and later), which then (2) replies by transmitting its object data back to the Directory Connector. The first illustration shows the process for a GroupWise-to-Exchange connector.

External contact objects in the Novell directory reside in a shared address book, reserved for Coexistence Manager for GroupWise use to keep contact records for external AD objects separate from Novell’s own local users, and thereby prevent directory loops between the two systems. In this first example, for a connector that updates AD with Novell objects, the Novell source data is drawn only from the Global Address Book.

The Directory Connector then (3) maps the attributes of the GroupWise source objects to the corresponding contact attributes in AD. If an object in the source already exists in the target, a configuration setting tells the connector whether data collected in the source should overwrite corresponding data in the target.

Finally (4), the DC passes the data to the reserved cn=cmg container within Active Directory. If a target container by that name does not already exist, Coexistence Manager for GroupWise will create it, within a target OU that you specify. The cn=cmg container thus is a subset of the specified target container ("ou=users" in the illustration).

When a connector is defined to run from Exchange to GroupWise, the process works approximately the same way in reverse. Coexistence Manager for GroupWise’s Directory Connector queries the source Active Directory (step 1 here), which then (2) replies by transmitting its object data back to the DC:

In an Exchange-to-GroupWise update as shown here (for GroupWise 8 and later), AD sends object records for its entire ou=users container, which in AD includes the contact records in cn=cmg, a subcontainer within ou=users. The Directory Connector therefore (3) filters (removes from the data) the objects that were in the source cn=cmg container, to prevent object looping, before finally (4) passing the filtered object data on to a shared address book in GroupWise. As noted above, the GroupWise shared address book is reserved for Coexistence Manager for GroupWise use, to keep external AD objects separate from Novell’s own local users, and prevent directory looping. As with target containers in AD, a separate GroupWise shared address book must be designated for each connector.

Each of the query–reply processes illustrated above is defined within the Coexistence Manager for GroupWise Directory Connector as one connector. Coexistence Manager for GroupWise’s DC lets you define as many connectors as you need to facilitate separate directory updates for different administrative entities or geographic locations, etc., and/or for updates among multiple directory servers on either or both sides.

The combination of the two, run sequentially in tandem, would configure an effective coexistence between GroupWise and a hosted AD.

IMPORTANT: Note also that a single DC connector cannot connect to a multi-tree Novell environment with multiple authentication credentials. As a result, a separate DC connector must be defined and configured for each set of authentication credentials required to extract data from each tree.

Individual DC connectors also can be configured to perform any number and combination of the Directory Connector’s three primary operations:

Provision: If no object in the target corresponds to an object in the source, the connector will create the new object in the target.
Update: If an existing object in the target corresponds to an object in the source but the object’s attribute data differs, the connector will overwrite target object data with corresponding source object data—or—will append source data to target data for some attribute(s) if so configured by the <AppendAttributes> parameter for the connector (as described in step 1 of the Installation and configuration instructions below).
Delete: If the connector sees no object in the source that had been in the source at the last connector update, it will delete the corresponding object in the target. For example, if User XYZ is copied from source to target, and then is deleted from the source, the next run of the same connector will remove User XYZ from the target.

Coexistence Manager for GroupWise’s Directory Connector provides a Connector Creation Wizard, which presents a short series of screens to configure each connector. Each connector is defined by specifying the source and target directories, the names and locations of object containers, and other pertinent information. A connector definition also specifies a schedule for its automatic execution, and lets you specify other DC connectors (previously defined) that must run prior to the execution of this connector. These features let you require a particular order of execution when two or more connectors are defined.

Coexistence Manager for GroupWise’s Directory Connector service is started manually, and once started it runs continuously. The DC service is idle most of the time except for periodic momentary checks to determine whether a defined connector is scheduled to run. If so, the service verifies that any prerequisite connectors have already run, and then launches the connector. When the connector finishes, the DC service returns to its idle state, waiting for the next scheduled connector.

Installation and configuration

The Coexistence Manager for GroupWise Directory Connector is installed by the same AutoRun installer that installs all components of the Quest Coexistence Manager for GroupWise product. If you have already installed one or more other components of this same Coexistence Manager for GroupWise version, just run the AutoRun installer again to install the Directory Connector. The AutoRun installer must be run on the computer where you want the Coexistence Manager for GroupWise component to reside.

Verify that every computer hosting any Coexistence Manager for GroupWise Directory Connector subcomponent(s) meets the current System Requirements as specified in the Release Notes, in the Quick-Start Guide, and in User Guide chapter 1.

For complete installation instructions, and important notes about upgrading from earlier versions of the Coexistence Manager for GroupWise Directory Connector, see the Getting Started section of either the Quick-Start Guide or the associated Release Notes.

Directory Connector configuration

Step 1: Devise a strategy for your directory updates

Coexistence Manager for GroupWise’s Directory Connector lets you define as many connectors as you need to facilitate separate directory updates among multiple directory servers on either or both sides, and/or for different administrative entities in your organization, or for different geographic locations, etc. If two or more connectors are defined for the same direction, you must direct them to copy their data to different, separate containers (in AD) or shared address books (in GroupWise).

Individual DC connectors can be configured to perform any number and combination of three primary operations:

Provision: If no object in the target corresponds to an object in the source, the connector will create the new object in the target.
Update: If an existing object in the target corresponds to an object in the source but the object’s attribute data differs, the connector will overwrite target object data with corresponding source object data—or—will append source data to target data for some attribute(s) if so configured by the <AppendAttributes> parameter for the connector (see below).
Delete: If the connector sees no object in the source that had been in the source at the last connector update, it will delete the object in the target. For example, if User XYZ is copied from source to target, and then is deleted from the source, the next run of the same connector will remove User XYZ from the target.

Think through your strategic options and decide now, before you define any connectors, how you want your directories to be updated. Decide in advance the number and scope of DC connectors you will need to accommodate your particular environment, circumstances and preferences, and the number and names of GroupWise shared address books and AD target OUs you will need.

Related Documents