Chat now with support
Chat with Support

Coexistence Manager for GroupWise 1.7 - User Guide

About the CMG documentation suite Introduction CMG Directory Connector
Directory Connector overview Installation and configuration DC Management Console Connector Creation Wizard Connector Advanced Settings Running and stopping the Directory Connector service
CMG Mail Connector CMG Free/Busy Connector The Log Viewer Appendix A: Known limitations Appendix B: Troubleshooting Appendix C:Configuring CMG logging

Step 5: Start the Mail Connector

Be sure to prepare the CMG Mail Connector configuration and verify your settings for CMG logging (optional) before starting the CMG Mail Connector.

The CMG Mail Connector typically runs as a Windows service for long-term, continuous operation. However, it can also be run as a console application— usually for shorter-term uses, as in testing and diagnostics. In the event of a system reboot, the Mail Connector running as a Windows service would automatically restart. But when running as a console app, it will require a manual restart after a system reboot.

Multiple instances of CMG’s Mail Connector cannot run concurrently on a single workstation, because they would both require the same port.

Press Esc from the console window.

The CMG Mail Connector can also be started and stopped (as a Windows service) in the CMG Management Console, in the Common | Services screen.

CMG offers an optional "pass-through" mode that disengages CMG’s message- processing features while CMG continues to pass mail between the servers. This feature is off by default, but can be enabled by setting the <disableprocessing> boolean parameter value to true in the CMG Mail Connector configuration XML file. This parameter can only be set manually.

If left undefined, the pass-through feature defaults to false (the pass-through mode is disabled, so CMG processes messages normally).

Step 6: Reconfigure GroupWise and Exchange mail servers for CMG

IMPORTANT: These server reconfigurations should occur only after the CMG service is started, in the preceding step. Otherwise the mail servers would (at least briefly) be trying to send mail to a non-existent destination.

The CMG Mail Connector runs in conjunction with one or more Novell GroupWise and Microsoft Exchange servers, or with a local GroupWise server and a hosted Exchange environment. As such, the GroupWise and Exchange environments must be configured to recognize and route messages via CMG.

Configure GroupWise to direct Exchange-bound mail to CMG for processing:

For a single-namespace environment: Be sure to configure your GroupWise smart host. If necessary, see Email coexistence before and after CMG earlier in this chapter.
For a multi-domain or subdomains environment: Use MX records to change the destination server to the IP for CMG, and use MX priority designations for load balancing.

The CMG Mail Connector requires that GroupWise Default message encoding (on the SMTP/MIME tab of GWIA Properties) must be set to MIME, not Basic RFC-822.

If you want to configure GroupWise to accept Exchange mail to GroupWise distribution lists: In GWIA Properties, on the SMTP/MIME tab: Address Handling | Inbound Settings (Section), mark the checkbox for Expand distribution lists on incoming messages.

Configure Exchange to direct GroupWise-bound mail to CMG for processing:

For a single-namespace environment: Be sure to configure your Exchange smart host (Send Connector). In the Organization Configuration | Hub Transport | Send Connector tab | GroupWise Send Connector Properties | Network tab: Add the IP or the FQDN for CMG as a "smart host" through which to route mail. You may use MX priority designations for load balancing. If necessary, see Email coexistence before and after CMG earlier in this chapter.
For a multi-domain or subdomains environment: Use MX records to change the destination server to the IP for CMG, and use MX priority designations for load balancing.

Also: Check the Message Delivery Restrictions settings for any Exchange group to which you want GroupWise users to be able to send messages. Any such Exchange group must be of the universal distribution type to be mail-enabled. To change the settings, beginning in the Exchange Management Console:

Select the group under Recipient Configuration | Distribution Group, then double-click the group you want to edit.
Click the Mail Flow Settings tab, and highlight Message Delivery Restrictions, then click Properties above.
De-select (unmark) the check box for Require that all senders are authenticated.
Save, and then restart the MS Exchange transport service.

Step 7: Configure TLS/SSL encryption

CMG's Mail Connector supports the TLS encryption protocol (SSL 3.1). TLS support requires a valid server certificate, which must be installed on the CMG server, and selected in CMG's Mail Connector Management Console. A new screen has been added to the MC Management Console for this purpose. The GroupWise and Exchange servers must also be configured for TLS/SSL support.

To enable and configure TLS/SSL encryption with CMG's Mail Connector:

A new certificate is generated with information in a standardized CSR (Certificate Signing Request). GroupWise contains a GroupWise CSR Generator utility (GWCSRGEN.EXE) that will generate the CSR for you. To use GWCSRGEN.EXE:
Find and run the GWCSRGEN.EXE executable file in the Software Distribution Directory (SDD), in ADMIN\UTILITY\GWCSRGEN.
Choose a suitable Key filename, with a .KEY extension.
Use a .CSR extension for the CSR filename.
The Key password is case-sensitive.
Enter the full name of your Organization, and the Division of your organization that is requesting the certificate.
For Hostname of Server, enter the DNS name of the host server that will use this certificate.
Click Create.
Select menu option Tools | Issue Certificate.
For the Filename, enter the name of the CSR you created above, and click Next.
Specify Organizational Certificate Authority, and click Next.
On the Key Type screen, specify Custom for the Type, and select all three options under Key Usage. Then click Next to continue.
On the Summary screen, check your information and select Finish.
On the Save Certificate screen, select File in Base64 format and specify a certificate filename. Use the default extension of .b64. Don't use filenames longer than 8 characters for any certificates or key names.
Click the Enable TLS radio button.
In the Certificate Store drop-down list, select the location in your network where the certificate resides. If the certificate location does not appear in the list, you must copy the certificate to one of the listed locations using the Microsoft Certificates Management Console, into a LOCAL-SYSTEM account (not a personal account).
Remember to Save Configuration (on the File menu).
Click on Set Password and enter the case-sensitive password you chose when you created the key file.
Select Apply to save the POA properties.
From the GroupWise tab of the POA, select Network Address.
Select SSL Enabled for Local Intranet Client/Server.
Select SSL Enabled for Internet Proxy Client/Server.
Click OK to save changes and exit the POA properties screen.
NOTE: Both the Local Intranet Client/Server and Internet Proxy Client/Server fields have an SSL Required choice. The SSL Required option effectively disables all access from non-GroupWise clients and any GroupWise WebAccess Agents that don't have SSL enabled.
From the GroupWise tab select SSL Settings.
Click on Set Password and enter the case-sensitive password.
Click Apply to save the GWIA properties.
From the GroupWise tab for GWIA, select Network Address.
Select Enabled under SSL for SMTP.
Click OK to save the changes and exit the GWIA properties screen.
From the Microsoft Telnet> prompt, type:
(Replace with the registered host name of the SMTP server.) Then press Enter.
After a few seconds you should get a response with the identity of the host. Then issue the command EHLO. (Depending on your TELNET settings, the command you type may not be visible on the screen.)
You should get the response 250-STARTTLS to confirm the host supports TLS.
In Server Configuration | Hub Transport | Properties | Authentication: Mark the checkbox for Transport Layer Security (TLS), and also the checkbox for either Externally Secured (for the default receive connector) or Integrated Windows Authentication (for a client receive connector). (And then restart the Exchange Transport Service.)
(To disable TLS encryption for the receive connector by PowerShell, enter the same command substituting $false for $true. To disable it in the Exchange Management Console, unmark the same checkboxes.)
To enable: Get-sendconnector | set-sendconnector -requiretls $true
To disable: Get-sendconnector | set-sendconnector -requiretls $false

Management Console for Mail Connector

CMG includes a Management Console for configuring CMG components, including the Mail Connector. This chapter presents screen-by-screen field notes for the screens used to configure the Mail Connector. If necessary, see The CMG Management Console in User Guide chapter 1 for an introduction to basic operating concepts.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating