McAfee SIG3100 & JES Messaging

Similar Messages

• JES Messaging Server 6.0 will not accept mail alternate address

  JES Messaging Server 6.0 will not accept mail alternate address
  I have installed the Sun ONE Messaging server 6.0 as part of an evaluation of the Java Enterprise System. This was installed along with Directory Server 5.2 and Identity Server 6.1. During the installation I created a top level organization (o=internet) knowing that I would want to create multiple email domains within it and a default domain. After the installation was complete I used the User Management Utility (/opt/SUNWcomm/bin/commadmin) to create some users within the default domain. I provided each user with a primary email address ([email protected]) and an alternate email address (mailAleternateAddress = [email protected]).
  In testing the system I find that the Messaging Server will not accept messages sent to the alternate email address whether sent from the same server (via Messenger Express) or from an external server. It returns the error message: 550 5.1.1 unknown or illegal alias.
  In attempting to trouble shoot this problem I have watched the Directory Server's access log when such an email is sent. It shows a query using [email protected] even though the email message was sent to [email protected] In any event the DS finds the user, but the Messaging server rejects the message.
  [date_time] conn=120 op=11 msgId=12 - SRCH base="o=domain.com,o=internet" scope=2 filter="(mail=[email protected])" attrs="preferredLanguage mail mailEq
  uivalentAddress"
  [date_time] conn=120 op=11 msgId=12 - RESULT err=0 tag=101 nentries=1 etime=0
  [date_time] conn=120 op=12 msgId=13 - SRCH base="o=internet" scope=2 filter="(&(objectClass=sunManagedOrganization)(|(associatedDomain=host.domain.com)(sunPreferredDomain=host.domain.com)))" attrs=ALL
  [date_time] conn=120 op=12 msgId=13 - RESULT err=0 tag=101 nentries=0 etime=0
  Any suggestions to eliminate this problem would be appreciated.

  Both the primary and alternate email addresses are the same as the domain of the user.
  Here is what I want to do. Email is sent to a primary email server (not this machine). Mail for some users stays on that server to be read and mail for other users is moved to a geographically separate server (the one in question) by specifying that the mail be forwarded to the specific host: [email protected] > [email protected]
  On this second server I want to host two (or more) independent email domains. I do not want one of the domains to be a subdomain of the other. So during the installation I used o=internet as the root suffix and then used a different default domain (representing one of the registered internet domains). After installation I used the commadmin tool to create a second domain so now I have what looks something like this:
  o=internet,
  __ou=People
  __ou=Groups
  __o=domain1
  ____ou=People
  ____ou=Groups
  __o=domain2
  ____ou=People
  ____ou=Groups
  I then created some users under domain1 and some under domain2 so one user's dn is:
  uid=user, ou=people, o= domain1.com, o=internet.
  Mail sent locally to user@ domain1.com gets delivered correctly, but sending to [email protected] does not.
  host2.domain1.com is the fully qualified domain name of the server.

• JES Messaging patches for x86

  Hi,
  does anyone what the scoop is regarding patches for JES messaging on Solaris x86? On the sunsolve contract access page I can see that for SPARC patch 116568-53 was released on Sep/10/04 ,but that the latest x86 patch 116569-52 was released on Aug/13/04. Will there be a -53 release of the x86 patch that will bring it to parity with the currently released SPARC patch?
  Thanks,
  William Hathaway

  -53 is on sunsolve:
  http://sunsolve.sun.com/pub-cgi/pdownload.pl?target=116569-53&method=h
  -55 is "released", but not yet there.

• How to set smarthost in JES messaging 6.0

  I want to forward outbound mail to smarthost for scan virus. Please help me how to set smarthost in JES?

  It's the same as in 5.2
  imta.cnf
  look for "section II, channel block"
  find your outbound channel, usually "tcp_local"
  Add to the end of the long second line,
  daemon virus_scanner_host_name
  where "virus_scanner_host_name" is the fqdn of your machine that does the virus scanning
  after you've saved the imta.cnf file, run
  imsimta cnbuild
  imsimta restart dispatcher

• Sun JES - Messaging

  I have a problem during configure messaging after finish installation (GUI interface). Under directory /opt/SUNWmsgr/sbin and to run ./configure, error messages came out as Hostname is not fully qualified. Btw, I already verify all the hosts, domain name, default router and nodename but I still fail to cont. the messaging configure.

  check also the nsswitch.conf for the hosts: entry it should be change to dns files from files dns.
  Also check the search order and domain entry at resolv.conf, if that file is not then create it based on this format
  domain abc.com (your domain name)
  nameserver 192.168.0.1 (ip for first DNS server)
  nameserver 192.168.0.2 (ip for second DNS server)
  search abc.com cde.com (domains you want to have search for)

• Cannot download McAfee. Error message: Javascripts not running. BUT it is enabled...

  Not sure why this is an issue. Have run PC clean up, made sure to run everything by book. Download goes through to very last and then says Javascripts not enabled/working. I have already double checked settings. Javascripts IS selected to run, so where do you think my issue is?

  Solved the problem.

• AM/IDM with Sun JES Messaging

  Is there any information about using IDM and AM to control access, do SSO (for MessengerExpress/CalendarExpress/CommunicationsExpress, etc.), and automatically provision new users?
  If anyone currently uses these tools to do this, what does the architecture look like?
  To what extent does this framework exist in a default install (based on single-host deployment example), e.g. is a policy agent installed?
  Thanks,
  s7

  starman7 wrote:
  Is there any information about using IDM and AM to control access, do SSO (for MessengerExpress/CalendarExpress/CommunicationsExpress, etc.), and automatically provision new users?IDM offers a communications services resource adaptor:
  http://docs.sun.com/source/820-0821/Sun_Comm_Services.html
  This allows you to provision accounts for users by provisioning the account in LDAP (which is what delegated administrator also does). You will need to make sure that the appropriate AM attributes are added to the users entries.
  To what extent does this framework exist in a default install (based on single-host deployment example), e.g. is a policy agent installed?There is no policy agents installed by default. For Comm-Suite-5 you can configure AM support with UWC and enforce AM logins using the following steps:
  http://msg.wikidoc.info/index.php/AM_redirection_using_Policy_Agent
  Regards,
  Shane.

• SunONE / SunJES Messaging server

  Hi,
  Just a general question regarding the SunONE / SunJES messaging server.
  We've got a HA-clustered messaging/messagestore environment
  From experience we know that on the message store, when you edit the {instanceroot}/imta/config/ims-ms_option file, it becomes active after about 15 minutes when the ims_master proces restarts itself. Any changes in number of threads can be easily spotted with prstat so therefore we know when it restarts it uses the new config.
  Now comes the question.
  When I would make any changes to the {instanceroot}/imta/config/imta.cnf file
  Does the tcp_smtp_server proces restart itself using the new config or does it keep on using the old 'current' configuration'
  Looking @ the proceslist I do notice that the processes restart because the STIME keep changing :)
  So just wondering does anybody know this So I do not have to schedule (unnessecary) outage for a restart to make the changes active.
  -Martin
  The versions we're using are :
  =======
  iPlanet Messaging Server 5.2 HotFix 2.02 (built Oct 21 2004)
  libimta.so 5.2 HotFix 2.02 (built 13:42:55, Oct 21 2004)
  SunOS goud 5.8 Generic_117350-20 sun4u sparc SUNW,Sun-Fire-880
  =======
  and the other cluster.
  =======
  Sun Java(tm) System Messaging Server 6.2 (built Dec 2 2004)
  libimta.so 6.2 (built 00:34:23, Dec 2 2004)
  SunOS chroom 5.9 Generic_118558-02 sun4u sparc SUNW,Sun-Fire-V890
  =======
  The two different versions are there, 'cause we're currently in a migration stage SunONE 5.2 to SunJES

  All of the MTA processes are "short lived", and get periodically restarted.
  ims-ms is restarted by the job_controller. You can "refresh" these manually, without users even nopticing.
  tcp_smtp_server processes are owned by the dispatcher process. They live for a time, or a maximum number of messages, and are started as needed. You can refresh them manually, too, with no user impact.
  to refresh the processes that are owned by the job_controller, give:
  imsimta restart job_controller
  for the ones owned by the dispatcher
  imsimta restart dispatcher
  None of the processes is designed to read configuration at any time other than startup, so if you change the configuration, first you need to "compile" that configuration:
  imsimta cnbuild
  and then you can either wait for the restart, or give one of the commands I put above.
  For messaging 5.x, you need to freeze the HA cluster before restartring, as the restart will trigger a failover. For JES messaging 6, the HA agents are much more sophisticated, and will understand what you're doing.

• JES on Solaris 10 ?

  Has the latest JES Messaging Server (and other software) been certified for use on Solaris 10 (clustered environment). The new zone feature has my interest. I know that zone failover won't be available until later this year. I'm just planning ahead.
  Thanks,
  Roger S.

  Apparently, I missed the train. :-) When did Sun start calling JES 2004Q2 et al, JES2 JES3 etc?
  Anytime fram on JES3?
  Thanks,
  Roger S.

• Some characters in UID break message delivery

  Hi,
  this is more a FYI rather than a question.
  We have a Netscape messaging fetching the userbase from a JES Directory Server. Multiple email domains are hosted there.
  In the past, realms were implemented appending !realm to the UID, so that uid uniqueness would be granted across the whole user tree. So, some communities have logins as:
  me!comm1
  me!comm2
  you!comm2
  I am now testing the migration to JES Messaging 6 (schema 1), slowly adding new domains to the test platform.
  I have been struggling for one day after a domain that would not accept mail, even if all the objectclasses and attributes were properly set (another working domain was taken as reference).
  With a deep debug run ( imsimta test -rewrite -debug [email protected] ) I found out that JES Messaging 6 (2004Q2) does not accept mail for addresses whose corresponding UID attribute contains:
  ! (exclamation point)
  @ (at)
  # (pound)
  * (star)
  $ (dollar sign)
  % (percent)
  The debug returns these lines before bailing out:
  09:57:18.12: Domain is active
  09:57:18.12: Mail domain is active
  09:57:18.12: Mail user status = active
  09:57:18.12: User is active
  09:57:18.12: User UID user!realm found.
  09:57:18.12: UID contains illegal character(s)
  I have not found any mention in the messaging documentation about allowed chars in the uid attribute, which is defined as "Directory String" and thus should accept those chars. See RFC2252, paragraph 6.10 for details.
  This Messaging requirement (?) breaks compatibility with existing trees and standard LDAP schema.
  Would a tech support call produce a patch?
  HTH,
  Paolo

  RELEASE NOTES!!! OMG!
  Thanks Jay!
  Too bad programmers were too lazy to escape those characters allowing in the UID field all the chars allowed by "uid" attribute syntax.
  As a side note, on Solaaris9 2004Q2 works fine if the support for "!" is added.

• Monitoring Messaging with SNMP, anyone?

  Hi,
  is there anyone (successfully) monitoring his/her Messaging Server through SNMP?
  I have 2004Q2 under Solaris 9. I successfully started the Master Agent (.../mps/serverroot/plugins/snmp/magt/magt -p 48472 CONFIG INIT), and an snmpwalk fails when it is stopped (so I am sure no other SNMP deamon is running on the server).
  I successfully start subagents following what is written in the SNMP chapter of the Messaging Admin Guide.
  An snmpwalk on the public community returns no "JES" MIBs, but only the standard ones.
  So, is someone monitoring a JES Messaging server through SNMP? If so, were extra configuration steps necessary?
  Thanks

  Thanks!
  I had everything set-up, but was missing the OID parameter in the snmpwalk query.
  For the records, adding "-m ALL" helps snmpwalk to resolve the dotted notation into somewhat meaningful strings, provided MIB files have been installed:
  snmpwalk -v 1 -m ALL -c public srvmsg01.csi.it mib-2.27
  snmpwalk -v 1 -m ALL -c public srvmsg01.csi.it mib-2.28
  ("-m ALL" is a quick solution, the single file might be specified for each MIB query, I think)
  I am having a look at Big Brother, altought my organization uses MRTG for basic performance monitoring.
  Paolo

• Someone take my VISA!!! Sun JES strategy and SMB ==   need support.

  Hello --
  I'm a VERY small company -- seven seats -- looking to license JES Communications Suite. Big thing: need official Sun support because components of JES 2005Q4 REQUIRE (!!!!!) tech support -only patches in order to operate with stability (reference: UWC threads in Messaging forum -- patches are required to product to work in production).
  I spoke with Sun inside sales: guess use-license is FREE as part of promotion, but support is an entirely different matter (100 seat min).
  Sun JES message: you can't get any Sun support on software unless you spend $5,000 (ie. 100 seat min -- JES Comm Suite with Standard suppot -- $50/head).
  Surely, someone @ Sun marketing & product mgmt has head up darkness by essentially pushing SMB customer to "dark side" of Microsoft. A ten user company is not going to spend $5,000 year on email system.... period (not including hardware and datacenter).
  Summary from Sun:
  "We'll give you the software for FREE -- but in order to run the software in production, you'll need to buy support for min of $5,000/year to get required patches."
  This strategy stinks. -GA
  ============ Info from inside sales.
  So, let me throw out some numbers:
  JES the entire package with support per year (minimum 100 employees)
  Standard support: $140 per employee
  Premium support: $150 per employee
  Java Communication Suite only with support per year (minimum 100 employees)
  Standard support: $50 per employee
  Premium support: $60 per employee
  There is no way to purchase support for under 100 employees, per the terms of the promotion for JES:
  **Customers who wish to purchase support can purchase a commercial license for the Java Enterprise System, which includes technical support, updates and maintenance. Minimum number of units (employees) licensed is 100 under the commercial license terms. (pricing per above)

  In addition to the subscription options, Sun also provides perpetual licenses for each individual component product. This might better meet your needs since you are using this for a very small deployment. If you expect your org to grow in size you could upgrade to a subscription model at a later date and take advantage of the unlimited RTU. Please contact Sun Sales to explore this option as well.

• Messaging Web access (http)

  Previous version iPlanet messaging 5.2, inside admin web has the deligated admin for/to create user id and mailbox. But now, I using SUN JES Messaging 6.0 and I cannot find the deligated admin installed or configure. How to created user via admin web rather than command line or directory server.

  Try posting this question to the messaging forum:
  http://swforum.sun.com/jive/forum.jspa?forumID=15
  Thanks
  Manish

• Config Message storage /partition isn't

  Hi, I'd installed JES Messaging Sever 6.0 (Schema 2). The messaging is started too.
  I'm trying to config storage for user,but the default message store partition is not created
  #ls /opt/SUNWmsgsr/data/store
  drwx------ 2 mailsrv bdf 512 Jan 12 15:34 session
  drwx------ 3 mailsrv bdf 512 Jan 12 15:05 mboxlist
  drwx------ 3 mailsrv bdf 512 Jan 7 16:41 dbdata
  I use de command :
  configutil -o store.partition.primary.path -v /opt/SUNWmsgsr/data/store/partition,
  it send "OK SET", I restart server storage; and the directory partiton is not created.
  (I 'd use the console,too)
  please can you help me?

  Please see my response in your later identical post.

• Can not login access manager

  mail server version is JES messaging Server 6 2005Q4 :
  My Access Manager:http://hostname:8080/amserver
  last week, i login access manager, under the web label or configuration label�F
  in "ldap" item�Ci add new dc=xx,dc=xx,dc=xx�C
  then save configuration.
  but after that i can not login access manager.
  when i user admin login,it print:"
  Authentication failed".
  what should i do to restore access manage?
  thanks!

  javatoall wrote:
  Hi,
  I login Access Manager, access sample "realm" -> Authentication->
  Advance Properties -> User profiles and then I choiced "Dynamic with user Alias".
  Then I only configure JDBC authentication with mysql database that I don't used ldapservice.
  When I created a one new user in MySQL, I can login into web application that i security as "sample.war" successfull but new user don't right access resource that i protected before.
  When i login access manager with amdmin user, I can not find user that i has been created it in MySQL database. t
  When the users are created through the dynamic profile, the default cn/sn are set to "default" , after creation you need to login to amconsole as amadmin and change/add proper values for these attributes.
  Alternatively you can set the protected resource's policy subject to Authenticated users. This will work but not sure will meet your requirement
  >
  When i login access manager console with new user, it login successful, and view Profile of new user that I has been created.
  Can you tell me How to manage new user that I has been new in MySQL by Access manager console ?
  I want to configure access proteced resourse for that user. How to configure that ?
  read above use the authenticated users subject
  Thank for every help.
  VinhND.