Manual Installation

From Scalix Wiki
Revision as of 15:55, 17 April 2006 by Leah (Talk | contribs) (Configuring Scalix Ubermanager Admin Server)

Jump to: navigation, search

Important Note

Please note that these manual installation instructions only apply to Scalix CE Raw, not to any other Scalix edition. Installation of any Scalix edition other than CE Raw is only supported through the Scalix Installer. If you manually install any Scalix edition other than CE Raw, this may invalidate your ability to receive Scalix support for that software. Thank you for your understanding and compliance.

System Prerequisites

Available Hardware Platforms

Scalix Community Edition Raw software is currently available as an i386 build only. It will run on i386 and x86_64 Intel and AMD platforms.

Minimum System Requirements

  • Pentium 4 or better CPU
  • 512 MB RAM
  • 1 GB of free diskspace after OS Installation
  • Network Interface

Linux Distributions

  • Fedora Core 4
  • OpenSuSE Linux 10.0
  • Debian Sarge i386 (stable), Debian SID i386 (unstable)
  • Ubuntu 5.10 Breezy Badger

System Preparation

The following items may be helpful in preparing your system for Scalix Installation:

Network Configuration

  • Make sure you have at least one properly configured network interface.
  • It is best to use a static IP address; running a Scalix server on a machine using DHCP is not recommended.
  • Correct hostname resolution/DNS setup is vital. It is also best to use DNS in a Scalix/mail environment. File-based hostname resolution can be used (/etc/hosts). However, the following should always be true:
    • Your system should have a fully-qualified hostname, i.e. scalixraw.company.com or myraw.home.local
    • The "hostname" command should return the short hostname, while the "hostname --fqdn" command should return the fully-qualified hostname
    • Both the hostname and the fully-qualified hostname should resolve to the system's IP address (not the loopback 127.0.0.1 IP address).
      Note: RedHat and Fedora default installations setup /etc/hosts incorrectly. This must be changed manually after installation.
    • The special name "localhost" should resolve to 127.0.0.1
    • The IP address of the system should reverse-resolve to the fully-qualified hostname (not the short hostname or localhost)

Disk/File System Configuration

  • Scalix Software is installed in /opt. You need 200 MB in this directory
  • Scalix Data is kept in /var/opt/scalix. You need a minimum of 200 MB plus the size of any mailboxes. It is best to make /var/opt/scalix a separate file system
  • It is recommended that you put /var/opt/scalix on an LVM logical volume for online backup (this needs Snapshot functionality) and size management
  • Most Scalix systems are installed using an ext3 file system on Linux; however, most local file systems (XFS, Reiser) should work as well
  • For performance reasons (small, synchronous I/O operations), it is not recommended that you run Scalix off an NFS file system

Disabling Conflicting Services

Scalix comes with its own POP3, IMAP, LDAP and SMTP services. These might conflict with components already installed on the system.

  • To check for processes listening on the POP3 and IMAP ports, use the 
    lsof -i :110  or  netstat -anp|grep 110
    and 
    lsof -i :143  or  netstat -anp|grep 143
    commands. If you see any process/service running, shut it down and disable it from starting with system startup
  • To check for processes listening on the standard LDAP port, use the 
    lsof -i :389  or  netstat -anp|grep 389
    command. If you see any process/service running, use an alternate port number for Scalix LDAP. Please see below for details.
  • To check for processes listening on the standard SMTP port, use the 
    lsof -i :25  or netstat -anp|grep 25
    command. With Sendmail installed (required), it is normal that Sendmail listens on 127.0.0.1:25. However, it should not listen on your external IP address. If you see any process/service listening on the external IP address, reconfigure your MTA. If your current MTA is not Sendmail, retry after removing your current MTA and replacing it with Sendmail.

Software Selection

The following additional packages that come with the OS distribution are usually needed after base installation (all references to Debian package names are from the Sarge stable release; Ubuntu package search was based on the 5.10 Breezy Badger release).

Note: On Ubuntu, you will have to uncomment the universe repository configuration in /etc/apt/sources.list and run the 
apt-get update
command.
  • Apache Webserver 2.x
    • on Debian, SUSE and Ubuntu, this is the apache2 package
      • optionally for mod_jk, this is the libapache2-mod-jk package
    • on RedHat, this is the httpd package
  • Gnu AWK
    • on Debian, SUSE and RedHat, this is the gawk package
  • Kerberos (MIT Kerberos 5)
    • on Debian and Ubuntu, these are the krb5-config, krb5-doc, krb5-user, libkadm55 and libkrb53 packages
    • on SUSE, these are the krb5, krb5-apps-clients, krb5-apps-servers, krb5-client, krb5-server, and pam_krb5 packages
    • on RedHat, these are the krb5-libs and krb5-workstation packages
  • libglib2
    • on Debian and Ubuntu, this is the libglib2.0-0 package
    • on SUSE, this is the glib2 package
    • on RedHat, this is the glib2 package
  • libstdc++
    • on Debian and Ubuntu, this is the libstdc++2.10-glibc2.2 package
    • on SUSE(10.0), these are the libstdc++ and compat packages
    • on RedHat, this is the compat-libstdc++-296 package
  • libxml2
    • on Debian, RedHat and Ubuntu, these are the libxml2, sgml-base and xml-core packages
    • on SUSE, these are the libxml2, sgmltool, and xml-commons packages
  • SASL2 and modules for plain, crammd5 and gssapi (for MIT Kerberos)
    • on Debian and Ubuntu, these are the libsasl2-modules and libsasl2-gssapi-mit packages
    • on SUSE, these are the cyrus-sasl-plain, cyrus-sasl-digestmd5, cyrus-sasl, cyrus-sasl-saslauthd, cyrus-sasl-gssapi, and cyrus-sasl-crammd5 packages
    • on RedHat, these are the cyrus-sasl, cyrus-sasl-md5, cyrus-sasl-plain and cyrus-sasl-gssapi packages
  • Sendmail (possibly replacing default-install Postfix or Exim)
    • on Debian, SUSE, and RedHat, this is the sendmail package
  • text-based web browser
    • on Debian, RedHat and Ubuntu, this is the elinks package
    • on SUSE, the default is w3m, but you can use links if you like

Required 3rd Party Software

The following third party software is required to run a Scalix server:

  • Sun Java
    Scalix requires a Sun Java JRE or JDK version 1.5.0_04 or higher patch revision. On RPM-based systems, an appropriate RPM is available from Sun. Sun currently does not provide .deb packages. Decent instructions on how to generate a .deb package from Sun's download can be found here. It seems that the instructions provided for testing apply to Sarge stable; the control files mentioned were there. Note that if you use a JRE some of the commands will not be needed or look slightly different.
SUSE Note 
You can just install the java-1_5_0-sun package, if you have the SUSE java package repository enabled in YaST2 or the smart package manager.
  • Apache Tomcat
    Scalix requires an Apache Tomcat Application server of version 5.0.28. This is available from the Apache Tomcat project. For installation, you should just untar this under /opt (as /opt/jakarta-tomcat-5.0.28). You should then create a symbolic link called /opt/scalix-tomcat. You will then need to make some modifications to the system as detailed below.
    Note: Scalix plans to provide customized Tomcat packages in both rpm and deb formats in the near future.
    • Because we're using Java 1.5, you will need to remove one of the library files that ship with Tomcat 5.0: 
      rm /opt/scalix-tomcat/common/endorsed/xml-apis.jar
    • Add the following lines to the beginning of your /opt/scalix-tomcat/bin/setclasspath.sh file: 
      PATH=$PATH:/opt/scalix/bin
      JAVA_HOME=/usr/local/lib/jre              # Make this /usr/local/lib/jdk when using a JDK
      JAVA_OPTS="-server -Xms128m -Xmx128m"     # Make this 1/2 your RAM or 512 whichever is less
      export JAVA_HOME JAVA_OPTS
    • When using a JRE as opposed to a JDK, change the line reading
      if [ ! -x "$JAVA_HOME"/bin/java -o ! -x "$JAVA_HOME"/bin/jdb -o ! -x "$JAVA_HOME"/bin/javac ]; then
      to 
      if [ ! -x "$JAVA_HOME"/bin/java ]; then

Integrating Tomcat into system startup (Debian)

  • Integrate scalix-tomcat into your system startup. Create a /etc/init.d/scalix-tomcat script as per below, then execute:
chmod 755 /etc/init.d/scalix-tomcat
update-rc.d scalix-tomcat defaults 22
command. 
#!/bin/sh

set -e

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="Scalix Tomcat"
NAME=scalix-tomcat
CATALINA_HOME=/opt/scalix-tomcat; export CATALINA_HOME
DAEMON=/opt/scalix-tomcat/bin/startup.sh

# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0

#
#       Function that starts the daemon/service.
#
d_start() {
        $CATALINA_HOME/bin/startup.sh
} 

#
#       Function that stops the daemon/service.
#
d_stop() {
       $CATALINA_HOME/bin/shutdown.sh
}

case "$1" in
  start)
        echo -n "Starting $DESC: $NAME"
        d_start
        echo "."
        ;;
  stop)
        echo -n "Stopping $DESC: $NAME"
        d_stop
        echo "."
        ;;
  restart|force-reload)
        #
        #       If the "reload" option is implemented, move the "force-reload"
        #       option to the "reload" entry above. If not, "force-reload" is
        #       just the same as "restart".
        #
        echo -n "Restarting $DESC: $NAME"
        d_stop
        sleep 1
        d_start
        echo "."
        ;;
  *)
        echo "Usage: $0 {start|stop|restart|force-reload}" >&2
        exit 1
        ;;
esac

exit 0

Integrating Tomcat into system startup (RedHat/SuSE)

Integrate scalix-tomcat into your system startup. Create a /etc/init.d/scalix-tomcat script as per below, then execute the following commands to make the script executable and integrate it into automatic system startup: 

chmod 755 /etc/init.d/scalix-tomcat
chkconfig --add scalix-tomcat

#!/bin/sh
#
# chkconfig: 345 91 10
#
# description: \
# This is the init script for starting up the Jakarta Tomcat server.
#
# To install this script on a RedHat or SuSE Linux system, follow these steps:
#
#   (1) log in as root
#   (2) copy this script to /etc/init.d
#   (3) enter "chmod 755 /etc/init.d/scalix-tomcat"
#   (4) edit the script using vi or your favorite editor and ensure that
#       CATALINA_HOME points to the location of your Tomcat 4 or 5 (or later)
#       directory
#   (5) enter "chkconfig --add scalix-tomcat"
#
#       Tomcat will now be configured to start as a system service when the
#       machine boots.
#
#   (6) enter "/etc/init.d/scalix-tomcat start" to manually start Tomcat and
#       "/etc/init.d/scalix-tomcat stop" to manually stop Tomcat.
#


###### !! PLEASE CHANGE THE FOLLOWING 3 LINES TO MATCH YOUR ENVIRONMENT !! ######
CATALINA_HOME="/opt/scalix-tomcat"
###### !! YOU SHOULD NOT NEED TO CHANGE ANYTHING BELOW HERE !! ######

export CATALINA_HOME

# you do not need to change anything below here

# detect the distribution:
if [ -f /etc/redhat-release -o -f /etc/fedora-release ] ; then
    DISTRIBUTION="redhat"
elif [ -f /etc/SuSE-release ] ; then
    DISTRIBUTION="suse"
else
    echo "Error: unsupported distribution" >&2
    exit 1
fi

# Source function library.
[ "$DISTRIBUTION" = "redhat" ] && . /etc/init.d/functions
[ "$DISTRIBUTION" = "suse" ] && . /etc/rc.status


# test if network is up (redhat-only):
if [ "$DISTRIBUTION" = "redhat" ] ; then
    # Get config.
    . /etc/sysconfig/network

    # Check that networking is up.
    [ "${NETWORKING}" = "no" ] && exit 0
fi

startup=$CATALINA_HOME/bin/startup.sh
shutdown=$CATALINA_HOME/bin/shutdown.sh

# Where the Scalix server admin commands live (for Scalix server installed locally)
PATH=$PATH:/opt/scalix/bin; export PATH

# Functions

if [ "$DISTRIBUTION" = "redhat" ] ; then

start() {
        action $"Starting Tomcat service: "  $startup
        RETVAL=$?
}

stop() {
        action $"Stopping Tomcat service: " $shutdown
        RETVAL=$?
}

elif [ "$DISTRIBUTION" = "suse" ] ; then

start() {
        echo -n "Starting Tomcat service"
        $startup
        rc_status -v
}

stop() {
        echo -n "Stoppping Tomcat service"
        $shutdown
        rc_status -v
}

fi

restart() {
    stop
    start
}


[ "$DISTRIBUTION" = "suse" ] && rc_reset

# See how we were called.
case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  restart)
        restart
        ;;
  *)
        echo $"Usage: $0 {start|stop|restart}"
        exit 1
esac

[ "$DISTRIBUTION" = "suse" ] && rc_exit
exit 0

Creating a Scalix Group and User (optional)

Installation of the Scalix server package will automatically create a Unix group called "scalix" and a Unix user with the same name. The user id for this user will be automatically chosen and most files associated with Scalix data will be owned by this user. If you want to have control over the user id, you can create the user manually before installing the Scalix server package.

If you create the group and/or user manually, make sure the following applies:

  • The group must be called "scalix"
  • The user must be called "scalix"
  • The user must have a home directory of /var/opt/scalix
  • There should not be any files (profile files, etc.) copied to the user's home directory
  • The user should have it's primary group set to "scalix"
  • It is recommended to use /bin/true as the login shell for the "scalix" user so that the user cannot login to the system interactively. In addition, the password for the user should be locked.
  • If your OS offers the concept of a "server" or "service" user, the Scalix user should be created as one.

Setting up your user's environment

It is recommended to add the /opt/scalix/bin and /opt/scalix/diag directories to your admin user's (initially root!) PATH. It is also recommended to add /opt/scalix/share/man to your MANPATH to be able to access the reference man pages that come with Scalix server.


Downloading and Installing the Scalix Raw Packages

The Scalix Raw packages can be downloaded here. You will need packages for the following modules appropriate for your platform:

  • scalix-server-*: the actual Scalix Server software
  • scalix-swa-*: the Scalix Web Access webclient; this can be installed on the same machine as the Scalix server or on a separate webserver
  • scalix-sac-*: the Scalix Admin Server; if you want to use the Scalix Admin Console, this must be installed on the Scalix server machine
  • scalix-res-*: the Scalix Remote Execution Service; this is the management agent used by the Scalix Admin Server. This is required on all systems that are managed by a Scalix Admin Server. As Scalix CE Raw is limited to single server configurations, this must be installed on the single Scalix server machine.
  • libical: this is a Scalix adaption/compile based on an OpenSource implementation of a RFC-compliant ical library available from the Free Association project. The projects homepage is on SourceForge. Scalix provides source and binary packages in .rpm and .deb format on the Scalix CE Raw download site.

Copy all the .rpm or .deb files to a temporary directory location on your server. Then, install the packages using the standard OS tools.

Make sure you use the rpm's for your Linux distribution!

  • For rpm-based systems, use 
    rpm -ivh *.rpm
  • For deb-based systems, use 
    dpkg -i *.deb

In case of any missing dependencies or other errors, these should be resolved and the Scalix package installation retried before continuing.

Creating and Configuring the Initial Scalix Server Instance

The following assumes you have added /opt/scalix/bin to your PATH. If not, you must use absolute pathnames for all commands.

Initialize the Scalix Message Store

To initialize the Scalix message store, use the 
ommakeom
command. This creates an empty message store in /var/opt/scalix and also adds config file templates for all components into this directory tree. The process takes 3-15 minutes, depending on the speed of your system. Please check the screen output for any errors or problems during the process. A log of the message store creation is located in /var/opt/scalix/sys/install/log. In case of error, correct the problem and restart message store creation by using the 
ompatchom
command.

Set Generation Rules for Display Name, Login Name and Internet Address

Before creating any new user, set the default rules for generating the display name (shown in 'From' email headers and address book display), the login name (used to log in to Scalix clients) and the Internet address.

The following is a list of user attributes you can use in those rules:
G represents the given name in mixed/original casing
S represents the surname in mixed/original casing
I represents the middle initial(s) in mixed/original casing
C represents the common name/display name in mixed/original casing (this cannot be used in the display name generation)
g, s, i and c represent the first character of the given name/surname/initials/common name in lower case
f and l represent the full given name/last name in lowercase

    • To set up generation rules for the display name, use the 
      sxconfig --set -t general.usrl_cn_rule='<rule>'
      command, e.g. 
      sxconfig --set -t general.usrl_cn_rule='S, G'
      to set the display name generation rule to Last, First.

    • To set up generation rules for the login name, use the 
      sxconfig --set -t general.usrl_authid_rule='<rule>'
      command, e.g. 
      sxconfig --set -t general.usrl_authid_rule='gs@'
      to set the login name generation rule to use the initials of the user in lowercase. If you omit the @ character from this rule, the fully-qualified domain name of the server appends to the login name. This is useful in multi-server environments (which are not supported for Scalix CE Raw). Please see the 
      man omaddu
      for details.

    • To set up generation rules for the Internet address, use the 
      sxconfig --set -t orniasys.name_part_<n>='<rule>' -t orniasys.domain_part_<n>='<domain>'
      command, e.g. 
      sxconfig --set -t orniasys.name_part_1='"C" <G.S>' -t orniasys.domain_part_1='mycompany.com'
      to set the Internet address generation rule to generate addresses in the form "Last, First" <First.Last@mycompany.com> (provided that the display name generation rule is Last, First, as C maps to the display name). Please see 
      man omiam
      for details.

      Note: You can set up to five Internet address-generation rules for the system by specifying different values from 1 to 5 for <n>.

Creating the Default Mailnode

The mailnode is a organizational unit grouping users. This becomes important in multi-server setups supported for Scalix Enterprise Edition. For single-server systems, creating a single, default mailnode is usually sufficient. It is best to use the organization name (without any 8-bit or special characters) as the mailnode name. To create the initial mailnode and make it the default, use the 
omaddmn -m <mailnode>
command, e.g. 
omaddmn -m mycompany
.

Setting up a Non-Default LDAP Port Number

If the system already has some LDAP service using the standard LDAP TCP port (389), change to another port number now. Edit the /var/opt/scalix/sys/slapd.conf and change the port number to a different value. Scalix recommends using port 3890. The line to be changed should look like this: 
portNum          3890

Starting the Server Daemons

Before creating the first set of users, start the server daemons. To do this, use the 
omrc -n
command. The -n option prevents mail delivery and user signon services from starting because these are not usable at this time.

Creating the Default Admin User

To create a default admin account, use the 
omaddu -n <fullname>/<mailnode> --class <class> -c admin -p <password> <loginname>
command, e.g. 
omaddu -n sxadmin/mycompany --class limited -c admin -p secret sxadmin
Note 
Don't forget to quote if the name contains spaces, eg:
omaddu -n "Admin User/mynode" --class limited -c admin -p secret sxadmin

where

  1. sxadmin is the full name of the admin user as displayed in the address book
  2. mycompany is the default mailnode created in the previous step
  3. limited is either full or limited. When creating the admin user as a full user, this will use one of the 25 free premium mailboxes available in Scalix CE raw. However, if created as a limited user, the user won't be able to use Outlook to log in or access public folder information through SWA.
  4. -c admin sets full admin capabilities for the user
  5. secret is the users initial password
  6. sxadmin is the users login name

Configuring the Admin User

Set up the Admin user as "Postmaster" to receive system error messages: 
omconfenu -n "sxadmin/mycompany"
. This user is excluded from system-wide inbox quota checking: 
omlimit -u "sxadmin/mycompany" -o -i 0 -m 0

Creating the LDAP Query User

To allow the Scalix Admin Server and Admin Console to access user information through Scalix LDAP, create a system user as follows: 

omaddu -n sxqueryadmin/<mailnode> --class limited -c admin -p <passwd> sxqueryadmin@<fqdn>

This user's password can be anything, but the username (sxqueryadmin) and the user's login name must match the values provided where <fqdn> is the FQDN of your server as returned by the hostname --fqdn command. The user can always be created as a limited user because the only server he is allowed to log in to is LDAP, which does not require a premium user account.

Creating the Standard Scalix Admin Groups

Next, create the standard Scalix Admin groups for the Scalix Admin server. The names of these groups are fixed, so you must create them as follows: 

omadpdl -l ScalixUserAdmins/mycompany
omaddpdl -l ScalixGroupAdmins/mycompany
omaddpdl -l ScalixUserAttributesAdmins/mycompany
omaddpdl -l ScalixAdmins/mycompany

Adding Standard Tweak Settings

We recommend adding the following tweak settings to /var/opt/scalix/sys/general.cfg . For details on these settings, please refer to the Scalix Administration Guide.

#
# The CDA service (used for "type down" in some clients) is more
# efficient if it can check the directory change log before attempting
# to update the access tables that it uses.   One slow machines, it may
# also be worth uncommenting the CDA_CHECKTIME tweak to reduce the check
# interval from five minutes to an hour.
#
CDA_USE_CHANGE_LOG=TRUE
# CDA_CHECKTIME=60
#
# These tweaks limit the number and rate of IMAP connections to the
# server. The IMAP_CONNECTION_LIMIT simply restricts the total number of
# connections to the server. Note that many IMAP clients have several
# connections for each IMAP session. The IMAP_CONNRATE_LIMIT restricts
# the rate at which clients can connect to the server, in this case, at
# most 10 connections per second. If clients try to connect faster
# than that, the IMAP server simply slows down the rate at which it will
# accept new connections.
#
IMAP_CONNECTION_LIMIT=500
IMAP_CONNRATE_LIMIT=10
#
# The IMAP_IDLE_TIMEOUT tweak is the maximum time an IMAP connection
# will wait for a command before terminating the connection. The default
# setting, and the minimum required setting, is 30 minutes. Some
# clients "refresh" their connection once every thirty minutes
# exactly -- but if they are a little bit late, the server drops their
# connection. Setting a timeout of 31 minutes avoids this problem.
#
IMAP_IDLE_TIMEOUT=31
#
# This tweak arranges for Local Delivery to automatically create a
# message store for users created without one.
# Users added with the bulk-add mechanism used by the
# wizard do not have a message store. So setting this tweak allows
# them to receive mail before they are initially signed on.
#
LD_CREATE_MESSAGE_STORE=TRUE
#
# These three tweaks allow users to sign on using an alias. Only
# system-defined aliases are permitted and it the alias name is ignored
# for the purposes of message creation and so on.
# 
# Note that changing these settings normally requires restarting Scalix.
#
UAL_SIGNON_ALIAS=YES
UAL_SIGNON_ALIAS_CONFIG=SYS
UAL_USE_SIGNON_ALIAS=FALSE

Starting Scalix Services

As a final step, start all services now using the following command:
omon -s all

Configuring Scalix Web Applications

You will need to follow a few simple steps to integrate Scalix web applications into your Tomcat application server.

Integrating the Web Applications into Tomcat

If you set up Scalix and Tomcat as recommended above, you only need to copy the config files for the web applications: 

cp /opt/scalix/web/scalix-res.xml    /opt/scalix-tomcat/conf/Catalina/localhost
cp /opt/scalix/web/scalix-admin.xml  /opt/scalix-tomcat/conf/Catalina/localhost
cp /opt/scalix/web/scalix-caa.xml    /opt/scalix-tomcat/conf/Catalina/localhost
cp /opt/scalix/web/scalix-swa.xml    /opt/scalix-tomcat/conf/Catalina/localhost
cp /opt/scalix/web/scalix-webcal.xml /opt/scalix-tomcat/conf/Catalina/localhost

Configuring Scalix Web Access

Now, you must set up a number of parameters in /etc/opt/scalix/webmail/swa.properties: 

swa.email.domain=mycompany.com                                    # Add your main domain here
swa.email.imapServer=scalix.mycompany.com                         # FQDN of your Scalix server
swa.email.smtpServer=scalix.mycompany.com                         # FQDN of your Scalix server
swa.settings.rulesWizardURL=http://scalix.mycompany.com/Scalix/rw # FQDN of your Scalix server
swa.ldap.1.server=scalix.mycompany.com                            # FQDN of your Scalix server
swa.ldap.1.port=389                                               # The port number of your 
                                                                  # Scalix LDAP server; if you 
                                                                  # have changed this from the
                                                                  # default during server install,
                                                                  # this needs to be reflected
swa.ldap.2.server=scalix.mycompany.com                            # FQDN of your Scalix server
swa.ldap.2.port=389                                               # The port number of your 
                                                                  # Scalix LDAP server; if you 
                                                                  # have changed this from the
                                                                  # default during server install,
                                                                  # this needs to be reflected

Configuring Scalix Ubermanager Admin Server

Next, you must set up a number of parameters in /etc/opt/scalix/caa/scalix.res/config/ubermanager.properties : 

ubermanager.query.server=scalix.mycompany.com                # FQDN of your Scalix server
ubermanager.kerberos.mode=false                              # N/A for single server
ubermanager.kerberos.principalName=                          # "   "   "      "
ubermanager.kerberos.kdc=                                    # "   "   "      "
ubermanager.kerberos.realm=                                  # "   "   "      "
ubermanager.console.externalAuth=false                       # default value
ubermanager.console.allowExternalAuthChoice=false            # default value
ubermanager.console.maxListSize=100                          # default value
ubermanager.console.localDomains=mycompany.com               # Your email domain(s)
ubermanager.console.authDomains=                             # default value
ubermanager.console.modifySyncedAuthId=false                 # default value
ubermanager.query.server.port=389                            # Scalix LDAP port number
ubermanager.configured=true                                  # to indicate file has been touched

Also, create a file called /etc/opt/scalix/caa/scalix.res/config/psdata and put in the sxqueryadmin password. Make sure the file is only readable by root: 

cd /etc/opt/scalix/caa/scalix.res/config
echo "<sxqueryadmin-password>" >psdata
chown root:root psdata
chmod 400 psdata

Configuring Scalix RES Admin Agent

You will need to adjust a few parameters in /etc/opt/scalix/res/config/res.properties: 

res.kerberos.mode=                                           # Leave empty for single server
res.kerberos.kdc=                                            # "     "     "   "      "     
res.kerberos.realm=                                          # "     "     "   "      "     
res.kerberos.allowedclients=ubermanager/scalix.mycompany.com # FQDN of your Scalix server
res.ubermanager.host=scalix.mycompany.com                    # FQDN of your Scalix server
res.tomcat.tcp.port=8080                                     # http port number of Tomcat
res.configured=true                                          # to indicate file has been touched

Restarting Tomcat

After making all these changes, restart Tomcat with the following command: 
/etc/init.d/scalix-tomcat restart

Integrating the Web-based Scalix Rules Wizard into Apache

You will just need to link the Apache config file into your Apache config directory:

  • For debian and SUSE, execute 
    ln -s /opt/scalix/global/httpd/scalix-web-client.conf /etc/apache2/conf.d
    and restart apache using 
    /etc/init.d/apache2 restart
  • For Redhat, execute 
    ln -s /opt/scalix/global/httpd/scalix-web-client.conf /etc/httpd/conf.d
    and restart apache using 
    /etc/init.d/httpd restart

Testing Your Newly-Installed System

Installation is now complete. Before starting with the new system, run these tests:

  • Reboot your server. All services (Scalix Server, Tomcat and Apache) should come up on their own.
  • Check the output of omstat -a and omstat -s commands. Item Structure Server may display as stopped. All other daemons and services should be up and running.
  • Try to access Scalix Admin Console from a browser using the http://scalix.mycompany.com:8080/sac URL. Log in using your sxadmin login name and password. Create a new user.
  • Try to access Scalix Web Access from a browser using the http://scalix.mycompany.com:8080/webmail URL. Log in using your newly-created user. Try address book lookups. Send an email message to yourself. Try to access the Web-based Scalix Rules Wizard from your Extras menu.
  • Download and install the Outlook connector. Setup a premium user. Install the Outlook connector on a Windows PC. Set up an Outlook profile and access your Scalix mailbox from Outlook.

If all these work, your Scalix server is in good shape and you're ready to take it to the next level.

What's next?

  • Read the docs. Check out the Administration Guide and Administration Console Guide. If you need more information, manpages contain a lot of valuable data. Start with 
    man scalix-server
  • Integrate Apache with Tomcat using mod_jk for better performance and security. This is described in the Apache Technote.
  • Use mod_deflate with Apache to reduce the amount of data transmitted over the wire for SWA. This will further improve performance. This is also described in the Apache Technote.
  • Setup Tomcat to run as a non-root user for more security. This is described in the Tomcat Technote.
  • Setup your sendmail with correct Smarthost and routing information for outbound Internet email.
  • Setup fetchmail if your email is hosted with a provider
  • Setup stunnel if you require secure SSL communication for POP, IMAP, LDAP or SMTP
  • Setup Spam Assassin for better Spam protection
  • Setup ClamAV for good open-source virus protection
  • Integrate with an external LDAP directory such as OpenLDAP, eDirectory or Active Directory
  • Setup Online Backup using LVM Snapshots

... and lot's more. Stay tuned.

Retrieved from "https://www.scalix.com/wiki/index.php?title=Manual_Installation&oldid=1542"