Examining the GroupWise ® Rollout at Auburn University Brian Anderson IT Manager, Auburn University [email protected] Jeff Stallworth IT Manager, Auburn

Examining the GroupWise® Rollout at Auburn University

Brian AndersonIT Manager, Auburn [email protected]

Jeff StallworthIT Manager, Auburn [email protected]

Greg WhiteNetwork and Systems Specialist Novell Inc. [email protected]

© March 9, 2004 Novell Inc.2

one Net: Information without boundaries…where the right people are connected with the right information at the right time to make the right decisions.

The one Net vision

Novell exteNd™

Novell Nsure™

Novell Nterprise™

Novell NgageSM

:

:

:

:

© March 9, 2004 Novell Inc.3

The one Net vision

Novell Nterprise is an innovative family of products which gives you the power to enable and manage the constant interaction of people with your business systems — regardless of who they are or where they are.

Novell Nterprise™

Novell exteNd™

Novell Nsure™

Novell Nterprise™

Novell NgageSM

:

:

:

:

© January 20, 2004 Novell Inc.4

Agenda

• Who is Auburn University

• Our Initial Email System

• Why we wanted to make a change

• What products did we evaluate?

• Why Auburn Seleted GroupWise®?

• Issues encountered along the way

• Special features (GW Extranet, Use of AMP and SDK components for Webaccess, Ichain)

• Current enhancements and future plans for Auburn


Overview

Auburn UniversityLocated deep in the rolling hills of East Alabama, Auburn University is one of the South's premier land grant institutions. In 1856 the university first opened its doors for 80 students and a faculty of six.

Today Auburn is the largest university in Alabama, with an enrollment of approximately 22,000. Students hail from all 50 states and nearly 100 foreign countries.


Overview

Auburn University


Overview

Auburn University “WAR EAGLE!”The Auburn University mascot, a golden eagle named “War Eagle VI” (affectionately known as “Tiger”), was given the honor of participating in the opening ceremony for the 2002 Winter Olympic Games right here in Salt Lake City, UT.

Tiger has the second largest aviary for a single bird. She weighs about 10 pounds and has a wingspan of a little over 6 feet. Her talons have the gripping strength of 459 psi, which is the equivalence of 9-10 times the gripping strength of an adult human male.


Overview

Brian Anderson• Over 6 years experience in GW administration and support

• Responsible for account maintenance and desktop support

• Development of tools to assist in migration & user acceptance


Jeff Stallworth• I have worked with NetWare® from 2.x. I

became an ECNE in 1993 and an MCNE in 1995. I have been with Auburn University since 1996. We have used GroupWise from version 4.

• I am currently the IT Manager for the NetWare/GroupWise servers group at Auburn.

• My main responsibilities include the specification, implementation, maintenance and daily operatorations of all NetWare/GroupWise servers.

Overview


Why we wanted a change...

Existing system was outdated• Built 12-15 years ago• Was not scaling well as built• Feature set not current• Web interface was add-on – not integrated

Contributing factors• Designating email as an official means of

communication• Ever increasing 'SPAM' volume• General increase in use of email as

teaching tool


Considered Products...

• Exchange

• Mirapoint

• Commercial Sendmail

• NetMail® ( Solaris )

• GroupWise®


Why We Chose GroupWise...

• Security• Reliability• Ease of Desktop config – no

local files/settings• Feature set• Ease of Administration• Granualar Administrative

control of features• Leveraged existing expertise• Cost effective


The Initial System...

Initial Faculty/Staff GroupWise System • All servers are NetWare 6 sp3 and GroupWise 6.0 ep3 • 4000-5000 users and an additional 10,000 external users in the address

book. This included all faculty, staff and student employees. We had 3 Domains with 2 WebAccess machines and two GWIAs for IMAP,POP and SMTP. Users are spread across 8 post office Servers.

• We were using Guinevere and SPAM assassin for content and virus scanning.

• We had purchased and were setting up an Iron Mail appliance to do all port 25 filtering and virus scanning.

Initial Student Email System• 25,000 users on sendmail/UW imap using Pine, Webmail and various

other 3rd party windows POP amd IMAP clients.


WORKGROUP

Initial GroupWise System

3 Domains

AUBURN

ACES

Groupwise 1 running Auburn MTA (current primary) gw1rdr POA @ 1677

PO1

PharmPO

ADCBSCPO

PO3

PO2

GWWWEB2 Secondary Webaccess

Primary GWIA/POP/IMAP

Groupwise_2, GWRDR2 @ 1677 & Workgroup MTA

WG1PO

WG7PO

WG4PO

WG3PO

GWWWEB1 Pri Webaccess

GWACES1 ACESPO1 & ACES

MTA

GWAACES2 GWIA


The Proposed System...

• The 25,000+ student users will be added to 10 post offices in 2 new student domains .

• The student users will have a 50MB mailbox quota. • Two of the ten post offices will have elevated privileges

for Grad students.• We will be supporting native, WebAccess and 3rd party

clients. Full GW clients will be used in our labs. • The end result will be 30,000+ full GroupWise users in

our Campus address book with very few external users. Mailing lists will be managed in GroupWise to take advantage of the common message store.

• All this and EDIR with the possibility of DIRXML to tie up LDAP,AD,EDIR sync at a later date.


Primary Concerns for a 30,000+ User GroupWise System...

• Number of concurrent IMAP/POP for third party clients using the GWIA

• Max SSL WebAccess application connections (nw 6.x /apache). The vast majority of users will use webaccess as their primary client.

• Distribution lists - Max recipients, effect on address book performance - Any difference using edir groups as DL's. We could have lists with 20,000 members. Many with 3-5000

• Realistic max POA connections given hardware & policies ( 50 meg quota, size restrictions ) We are sizing for 750 app connections

• How will PO's with 2000-3000 users perform? Will be have have problems with large message databases maintenance


Basis for Proposed Expansion...

We have more than 6 years experience with GroupWise and nearly 10 with NDS. This proposal is based on personal experience, GroupWise best practices as well as these resources

•The Definite Guide to GroupWise Webaccess on Apache/Tomcat – Jim Michael•GroupWise 6.5 Best Practices - Tay Kratzer, Ira Messenger, Eric Raff •GroupWise 6.5 Upgrade Guide - Tay Kratzer, Danita Zanre', Eric Raff •http://www.novell.com/coolsolutions/gwmag/basics.html

•http://www.novell.com/coolsolutions/gwmag/

•http://www.novell.com/coolsolutions/gwmag/trenches/kratzer.html

http://www.novell.com/coolsolutions/gwmag/basics.html


Users Domain and Post Office StructureAdditionsThese are the student domains. A mail container was created to hold all new objects. Sub OUs users (all new users), servers (all new servers) , agents (Webaccess and GWIAs,POs and Domains)All students will be in tmdom1 and tmdom2 (3000 per Post Office). These users will have no file or print access through NetWare.

New Server Types and Roles

Post office serverDell 2650 Dual 2.4 Ghz zeon with 2 GB memory, Dual Gb NICs, 3 146GB drives @ Raid 5. We have had good luck with traditional NWFS volumes.

Gateway ServerGWIA,ichain, webaccessDell 2650 Dual 2.4 Ghz zeon with 2 GB memory, Dual Gb NICs, 2 36GB drives @ Raid 1

TMDOM1

MTA

SP01 Post Office

SP02 Post Office

SP03 Post Office

SP04 Post Office

SP05 Post Office

TMDOM2

MTA

SP06 Post Office

SP07 Post Office

SP08 Post Office

SP09 Post Office

SP10 Post Office


Message Flow

We are currenly using static routes from the mail forwarders to our inbound GWIAs.

GWIAs

After content and virus scanning mail goes through the unix mail forwarder where it is sent to its final destination user@smtp1,smtp2...mail system .

Internet

GWAI1 GWAI2 GWAI3

Border Router

Load Balancer

Ironmail Spam & Virus

scanning appliance

Solaris Mail Forwarder

Ironmail Spam & Virus

scanning appliance

Solaris Mail Forwarder


Webaccess Infrastructure

WebAccess Infrastructure using a Local Director (L4 switch) and Ichain 2.2

Web Access Agent Webacc8





Tigermail.auburn.edu cname points to the L4 virtual server and is redirected to ichain1 where the connection is SSLized and passed to a webserver. Each webserver has a default agent. web1app uses web4 agent, web2 app to web5, web3 to web6, These agents are set to 500 max connections, They all use web7 as a secondary provider and 8 as a third. Currently the backup ichain is offline until we work out the session cookie cache issues.

Ichain 2.2 for SSLand Load

Balancing – not Auth

Ichain 2.2 Backup

Load Balancer for the

tigermail.auburn.edu

webserver1/app

webserver2/app

webserver3/app


WebAccess Customization

http://tigermail.auburn.edu/




Challengating large # of accounts is short tomplying with information release requests







GWExtranet Calendar Integration



Provisioning the System

Challenges• Creating a large number of accounts in a short

time• Managing account turn-over • Keeping information syncronized with student and

HR systems• Complying with information release policies

Solution– Internal applications using ActiveX and

AdminAPIs


Challenges• What to do with existing data? (address book)• Deploying client to labs and student computers• Intergating existing information into web

interface

Solutions– GroupWise Client ( to access existing IMAP

mail )– GW ObjectAPI for address book

conversions– SetupIP and internally developed launcher

( LDAP & GW ObjectAPI ) for accts with visibiliy 'None'

– NAMP & partner products ( php, GWExtranet )

Deploying the System


LDAP Resolver for Win32 Client



Questions



General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Novell, Inc., makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

Documents

Examining the GroupWise ® Rollout at Auburn University Brian Anderson IT Manager, Auburn University [email protected] Jeff Stallworth IT Manager, Auburn