Post on 30-Jan-2016
Examining the GroupWise® Rollout at Auburn University
Brian AndersonIT Manager, Auburn Universityanderbr@auburn.edu
Jeff StallworthIT Manager, Auburn Universitystalljb@auburn.edu
Greg WhiteNetwork and Systems Specialist Novell Inc. gwhite@novell.com
© March 9, 2004 Novell Inc.2
one Net: Information without boundaries…where the right people are connected with the right information at the right time to make the right decisions.
The one Net vision
Novell exteNd™
Novell Nsure™
Novell Nterprise™
Novell NgageSM
:
:
:
:
© March 9, 2004 Novell Inc.3
The one Net vision
Novell Nterprise is an innovative family of products which gives you the power to enable and manage the constant interaction of people with your business systems — regardless of who they are or where they are.
Novell Nterprise™
Novell exteNd™
Novell Nsure™
Novell Nterprise™
Novell NgageSM
:
:
:
:
© January 20, 2004 Novell Inc.4
Agenda
• Who is Auburn University
• Our Initial Email System
• Why we wanted to make a change
• What products did we evaluate?
• Why Auburn Seleted GroupWise®?
• Issues encountered along the way
• Special features (GW Extranet, Use of AMP and SDK components for Webaccess, Ichain)
• Current enhancements and future plans for Auburn
© January 20, 2004 Novell Inc.5
Overview
Auburn UniversityLocated deep in the rolling hills of East Alabama, Auburn University is one of the South's premier land grant institutions. In 1856 the university first opened its doors for 80 students and a faculty of six.
Today Auburn is the largest university in Alabama, with an enrollment of approximately 22,000. Students hail from all 50 states and nearly 100 foreign countries.
© January 20, 2004 Novell Inc.6
Overview
Auburn University
© January 20, 2004 Novell Inc.7
Overview
Auburn University “WAR EAGLE!”The Auburn University mascot, a golden eagle named “War Eagle VI” (affectionately known as “Tiger”), was given the honor of participating in the opening ceremony for the 2002 Winter Olympic Games right here in Salt Lake City, UT.
Tiger has the second largest aviary for a single bird. She weighs about 10 pounds and has a wingspan of a little over 6 feet. Her talons have the gripping strength of 459 psi, which is the equivalence of 9-10 times the gripping strength of an adult human male.
© January 20, 2004 Novell Inc.8
Overview
Brian Anderson• Over 6 years experience in GW administration and support
• Responsible for account maintenance and desktop support
• Development of tools to assist in migration & user acceptance
© January 20, 2004 Novell Inc.9
Jeff Stallworth• I have worked with NetWare® from 2.x. I
became an ECNE in 1993 and an MCNE in 1995. I have been with Auburn University since 1996. We have used GroupWise from version 4.
• I am currently the IT Manager for the NetWare/GroupWise servers group at Auburn.
• My main responsibilities include the specification, implementation, maintenance and daily operatorations of all NetWare/GroupWise servers.
Overview
© January 20, 2004 Novell Inc.10
Why we wanted a change...
Existing system was outdated• Built 12-15 years ago• Was not scaling well as built• Feature set not current• Web interface was add-on – not integrated
Contributing factors• Designating email as an official means of
communication• Ever increasing 'SPAM' volume• General increase in use of email as
teaching tool
© January 20, 2004 Novell Inc.11
Considered Products...
• Exchange
• Mirapoint
• Commercial Sendmail
• NetMail® ( Solaris )
• GroupWise®
© January 20, 2004 Novell Inc.12
Why We Chose GroupWise...
• Security• Reliability• Ease of Desktop config – no
local files/settings• Feature set• Ease of Administration• Granualar Administrative
control of features• Leveraged existing expertise• Cost effective
© January 20, 2004 Novell Inc.13
The Initial System...
Initial Faculty/Staff GroupWise System • All servers are NetWare 6 sp3 and GroupWise 6.0 ep3 • 4000-5000 users and an additional 10,000 external users in the address
book. This included all faculty, staff and student employees. We had 3 Domains with 2 WebAccess machines and two GWIAs for IMAP,POP and SMTP. Users are spread across 8 post office Servers.
• We were using Guinevere and SPAM assassin for content and virus scanning.
• We had purchased and were setting up an Iron Mail appliance to do all port 25 filtering and virus scanning.
Initial Student Email System• 25,000 users on sendmail/UW imap using Pine, Webmail and various
other 3rd party windows POP amd IMAP clients.
© January 20, 2004 Novell Inc.14
WORKGROUP
Initial GroupWise System
3 Domains
AUBURN
ACES
Groupwise 1 running Auburn MTA (current primary) gw1rdr POA @ 1677
PO1
PharmPO
ADCBSCPO
PO3
PO2
GWWWEB2 Secondary Webaccess
Primary GWIA/POP/IMAP
Groupwise_2, GWRDR2 @ 1677 & Workgroup MTA
WG1PO
WG7PO
WG4PO
WG3PO
GWWWEB1 Pri Webaccess
GWACES1 ACESPO1 & ACES
MTA
GWAACES2 GWIA
© January 20, 2004 Novell Inc.15
The Proposed System...
• The 25,000+ student users will be added to 10 post offices in 2 new student domains .
• The student users will have a 50MB mailbox quota. • Two of the ten post offices will have elevated privileges
for Grad students.• We will be supporting native, WebAccess and 3rd party
clients. Full GW clients will be used in our labs. • The end result will be 30,000+ full GroupWise users in
our Campus address book with very few external users. Mailing lists will be managed in GroupWise to take advantage of the common message store.
• All this and EDIR with the possibility of DIRXML to tie up LDAP,AD,EDIR sync at a later date.
© January 20, 2004 Novell Inc.16
Primary Concerns for a 30,000+ User GroupWise System...
• Number of concurrent IMAP/POP for third party clients using the GWIA
• Max SSL WebAccess application connections (nw 6.x /apache). The vast majority of users will use webaccess as their primary client.
• Distribution lists - Max recipients, effect on address book performance - Any difference using edir groups as DL's. We could have lists with 20,000 members. Many with 3-5000
• Realistic max POA connections given hardware & policies ( 50 meg quota, size restrictions ) We are sizing for 750 app connections
• How will PO's with 2000-3000 users perform? Will be have have problems with large message databases maintenance
© January 20, 2004 Novell Inc.17
Basis for Proposed Expansion...
We have more than 6 years experience with GroupWise and nearly 10 with NDS. This proposal is based on personal experience, GroupWise best practices as well as these resources
•The Definite Guide to GroupWise Webaccess on Apache/Tomcat – Jim Michael•GroupWise 6.5 Best Practices - Tay Kratzer, Ira Messenger, Eric Raff •GroupWise 6.5 Upgrade Guide - Tay Kratzer, Danita Zanre', Eric Raff •http://www.novell.com/coolsolutions/gwmag/basics.html
•http://www.novell.com/coolsolutions/gwmag/
•http://www.novell.com/coolsolutions/gwmag/trenches/kratzer.html
© January 20, 2004 Novell Inc.18
Users Domain and Post Office StructureAdditionsThese are the student domains. A mail container was created to hold all new objects. Sub OUs users (all new users), servers (all new servers) , agents (Webaccess and GWIAs,POs and Domains)All students will be in tmdom1 and tmdom2 (3000 per Post Office). These users will have no file or print access through NetWare.
New Server Types and Roles
Post office serverDell 2650 Dual 2.4 Ghz zeon with 2 GB memory, Dual Gb NICs, 3 146GB drives @ Raid 5. We have had good luck with traditional NWFS volumes.
Gateway ServerGWIA,ichain, webaccessDell 2650 Dual 2.4 Ghz zeon with 2 GB memory, Dual Gb NICs, 2 36GB drives @ Raid 1
TMDOM1
MTA
SP01 Post Office
SP02 Post Office
SP03 Post Office
SP04 Post Office
SP05 Post Office
TMDOM2
MTA
SP06 Post Office
SP07 Post Office
SP08 Post Office
SP09 Post Office
SP10 Post Office
© January 20, 2004 Novell Inc.19
Message Flow
We are currenly using static routes from the mail forwarders to our inbound GWIAs.
GWIAs
After content and virus scanning mail goes through the unix mail forwarder where it is sent to its final destination user@smtp1,smtp2...mail system .
Internet
GWAI1 GWAI2 GWAI3
Border Router
Load Balancer
Ironmail Spam & Virus
scanning appliance
Solaris Mail Forwarder
Ironmail Spam & Virus
scanning appliance
Solaris Mail Forwarder
© January 20, 2004 Novell Inc.20
Webaccess Infrastructure
WebAccess Infrastructure using a Local Director (L4 switch) and Ichain 2.2
Web Access Agent Webacc8
Web Access Agent Webacc5
Web Access Agent Webacc7
Web Access Agent Webacc6
Web Access Agent Webacc4
Tigermail.auburn.edu cname points to the L4 virtual server and is redirected to ichain1 where the connection is SSLized and passed to a webserver. Each webserver has a default agent. web1app uses web4 agent, web2 app to web5, web3 to web6, These agents are set to 500 max connections, They all use web7 as a secondary provider and 8 as a third. Currently the backup ichain is offline until we work out the session cookie cache issues.
Ichain 2.2 for SSLand Load
Balancing – not Auth
Ichain 2.2 Backup
Load Balancer for the
tigermail.auburn.edu
webserver1/app
webserver2/app
webserver3/app
© January 20, 2004 Novell Inc.21
WebAccess Customization
http://tigermail.auburn.edu/
© January 20, 2004 Novell Inc.22
Challengating large # of accounts is short tomplying with information release requests
© January 20, 2004 Novell Inc.23
Challengating large # of accounts is short tomplying with information release requests
© January 20, 2004 Novell Inc.24
Challengating large # of accounts is short tomplying with information release requests
© January 20, 2004 Novell Inc.25
http://tigermail.auburn.edu/
GWExtranet Calendar Integration
© January 20, 2004 Novell Inc.26
Provisioning the System
Challenges• Creating a large number of accounts in a short
time• Managing account turn-over • Keeping information syncronized with student and
HR systems• Complying with information release policies
Solution– Internal applications using ActiveX and
AdminAPIs
© January 20, 2004 Novell Inc.27
Challenges• What to do with existing data? (address book)• Deploying client to labs and student computers• Intergating existing information into web
interface
Solutions– GroupWise Client ( to access existing IMAP
mail )– GW ObjectAPI for address book
conversions– SetupIP and internally developed launcher
( LDAP & GW ObjectAPI ) for accts with visibiliy 'None'
– NAMP & partner products ( php, GWExtranet )
Deploying the System
© January 20, 2004 Novell Inc.28
LDAP Resolver for Win32 Client
Challengating large # of accounts is short tomplying with information release requests
© January 20, 2004 Novell Inc.29
Questions
Challengating large # of accounts is short tomplying with information release requests
© January 20, 2004 Novell Inc.31
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Novell, Inc., makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.