 |
Building the Lotus Workplace Messaging demo
by
Tara
Hall
Level: All
Works with: Lotus Workplace Messaging
Updated: 05/01/2003
Inside this article:
Hardware
How the LWM demo works
Configuring the LWM system
Upgrading the demo
Related links:
The Lotus Workplace Messaging demo
John Banks-Binici on Lotus Workplace Messaging
Michael Harer on Lotus Workplace Messaging
Lotus Workplace Messaging documentation
Get the PDF:
 (172 KB)
|
 |
Have you registered for your Lotus Workplace Messaging (LWM) account yet? Perhaps you created an account, sent and received some email messages, and took advantage of some of the other features of the LWM demo. Now that you've tested the latest messaging solution from Lotus and found out how easy it is to use, you may be wondering how we implemented this messaging system on the LDD site. As you may already know, Lotus Workplace Messaging is based on WebSphere technology and uses DB2 as a back-end data store. Our demo also incorporates Domino for directory services. In this article, we give you a technical overview of our demo from the hardware we used to host the various servers to the configurations required to implement the system to how we upgraded from Beta software to the Gold release of Lotus Workplace Messaging 1.0.
Server infrastructure
The number of servers needed to implement a Lotus Workplace Messaging system varies from organization to organization depending on the number of users you intend to support. You can, for instance, install the entire system—DB2 database, WebSphere servers, and LDAP directory—on one machine, but for production purposes, this isn't practical or recommended. The LDD demo uses three machines to host six servers.
DB2 Universal Database Enterprise Edition 7.2 with Fix Pack 7
DB2 Universal Database is a relational database management system used by LWM to store all data for each email account (messages, contacts, and attachments). We installed the DB2 server on a separate machine to provide better performance.
WebSphere Application Server 5.0 (Base Server Edition), WebSphere Application Server 5.0 (Network Deployment Edition), and IBM HTTP Server
WebSphere Application Server (WAS) is a J2EE-compliant application server needed to run LWM; WebSphere Network Deployment is a J2EE-compliant application server that offers advanced Web services and management features for deploying Web applications. WebSphere Network Deployment is needed to support LWM components, like the LWM Administrative Console that we talk about later in this article, and it provides additionally security. The IBM HTTP Server is a Web server based on the Apache open-source framework. It provides the HTTP service required to access the LWM mail files via a Web browser. (LWM mail files can also be accessed via a POP3 client if the protocol is enabled on the LWM server.)
We installed these three servers on one machine for our deployment, but in a larger deployment you may want to install the three servers on separate machines for better performance. We also dedicated these machines to the demo (that is, we are not running any other DB2 or WAS applications on these servers); however, dedicating machines to your LWM deployment is not required. In your deployment, you can share these servers with other DB2 and WAS applications without affecting the LWM system.
Lotus Domino 5.0.12
Domino 5.0.12 serves as an HTTP and LDAP directory server. Lotus Workplace Messaging supports several LDAP directories, including IBM Directory Server and Sun ONE Directory Server (formerly iPlanet Directory Server).
In addition to those servers (all of which require a separate installation, so check the documentation for each one), we installed Lotus Workplace Messaging on the WebSphere and DB2 servers. You do not need to install Lotus Workplace Messaging on the LDAP directory server; you only need to connect your Lotus Workplace Messaging servers to the LDAP server.
Lotus Workplace Messaging components
There are many services provided by the different servers that comprise the LWM system. Let's take a closer look at what LWM provides. When you install Lotus Workplace Messaging, you have several components to choose from. Installation of Lotus Workplace Messaging is covered in the product documentation, so we won't repeat that information here. But it may help you to know which components are available to you. Note that in the following table, you can choose to install all components, except the database scheme which is installed automatically.
| Component | Description |
| LWM DB2 data store/ database scheme | The database scheme is installed on the DB2 server; the scheme creates the data store for LWM mail accounts. |
| Mail services | LWM supports SMTP for inbound and outbound messaging services. However, you can configure LWM to relay mail messages through another SMTP server, like Domino. You can also enable or disable inbound SMTP. In our deployment, we use the native LWM SMTP service to route mail messages. |
| POP3 | LWM supports POP3 to enable you to connect your LWM account through a POP3 client, like Lotus Notes or Microsoft Outlook. We did not enable this option in our configuration. |
| Task scheduler | The task scheduler offers six different administrative tasks for managing your LWM accounts. You can configure the tasks through the LWM Administrative Console. We talk more about the LWM tasks later in this article. |
| LWM Administrative Console | The LWM Administrative Console is installed on the WebSphere Network Deployment server; it is a plug-in for the WebSphere Administrative Console and lets you configure and manage LWM through the use of policies and other configuration documents. |
| LWM messaging client application | A client used to access LWM mail accounts; supported clients include Web browsers and POP3 clients, like Lotus Notes or Microsoft Outlook. |
Hardware
When planning our deployment, our goal was to support a workload comparable to the LDD iNotes Web Access demo—approximately 1,000 accounts per day (peak)—so we chose our hardware accordingly. The following table shows the hardware configuration for each of our three machines. As the table shows, all of our machines run Windows 2000 Server; however, LWM also supports the AIX platform. For software and hardware requirements, refer to the Lotus Workplace Messaging Release Notes.
| Server | Operating system | Hardware |
| DB2 Universal Database Enterprise Edition 7.2 with Fix Pack 7 | Windows 2000 Server with Service Pack 3 | x330, 2-way
1.26 GHz processor
2 GB RAM |
| WebSphere Application Server 5.0, WebSphere Network Deployment, IBM HTTP Server | Windows 2000 Server with Service Pack 3 | x360, 4-way
1.6 GHz processor
4 GB RAM |
| Domino 5.0.12 | Windows 2000 Server with Service Pack 3 | Dell Dimension XPS B800 800 MHz processor
256 MB RAM |
You may be wondering why we chose a server with four processors if our intention was to support a load of only 1,000 accounts per day. Is LWM that processor intensive? Not at all. We have plans for future deployment of other WAS applications. In addition, we plan to upgrade our DB2 server from a two processor to four processor machine to support more DB2 applications.
Scalability and availability are just two of the features that make LWM appealing to large organizations. LWM has carrier-grade scalability to support many thousands of users on one machine. Another appealing feature of this system is automated administration, including auto-provisioning and automated removal of orphan accounts (we talk more about both in the next section). After you set up LWM, there's minimal administrative overhead in terms of creating and deleting accounts as users come and go.
How the LWM demo works
Now that you know what our infrastructure includes, let's look at how the different servers work together from a user's perspective.
When you register for an LWM account on LDD, you access the Domino HTTP/LDAP server through a Web browser. The registration form that you are presented with is a Domino application. When you submit your registration, Domino creates a Person document in the Domino Directory and refreshes the views in the directory to keep it up-to-date. Next, Domino returns your registration information and a URL for logging into your LWM account.
When you open that URL, you access the LWM/WAS server. When you enter your user name and password, LWM authenticates with the Domino LDAP server. After authenticating, if your mail account already exists, it opens immediately. If no mail account exists yet, then the LWM server generates an account automatically. This is known as "just in time" provisioning or auto-provisioning.
After the account is created, you can begin using the account right away. Our demo supports HTTP access via supported Web browsers. (See the Lotus Workplace Messaging documentation for a list of supported Web browsers.) We installed SSL certificates on the IBM HTTP Server to ensure secure authentication with the Domino Directory, so each time you log in to your account, your credentials are encrypted. When you send mail, you do so using the LWM SMTP service. And when you compose mail, you can perform a name lookup using the Domino LDAP directory. We talk more about different LDAP directory configurations later in this article, but when you perform a name lookup in the LWM demo, the primary LDAP directory listed in the Select Person or Group dialog box is the same directory used to authenticate you.
Finally, after 48 hours, a scheduled agent in the Domino Directory copies your Person document to an archive database and removes your Person document from the directory. When the Administrator task—a scheduled LWM task—no longer finds your Person document, the Compact task—another LWM scheduled task—deletes your email account on the LWM/DB2 server.
The Administrator, Compact, and other tasks
So what are the Administrator and Compact tasks? They are part of the task scheduler component that you can install when you install LWM. The task scheduler is a set of six administrative tasks similar to Domino agents that help you manage your Lotus Workplace Messaging system. The following table describes each task.
| Task | Description |
| Administrator | Synchronizes user accounts with the LDAP directory. |
| Attachment Cleanup | Marks orphan file attachments for deletion. |
| Compact | Deletes all items marked for deletion. |
| Quota Management | Warns the user when his mail file is about to meet the specified disk space quota for all accounts. (In our deployment, we allot 2 MB per mail file.) This task also lets you specify when to expire a mail account. For our demo, all accounts, with the exception of persistent accounts, expire after 48 hours. |
| Reconcile | Marks items for deletion when they meet certain criteria, like an expiration date. |
| Trash Collection | Marks items in trash for deletion if the item is older than the time specified in the configuration. |
By default, all tasks are scheduled. We left all defaults as they are specified by LWM:
- The Administrator task runs every hour.
- The Attachment Cleanup task runs every three hours.
- The Compact task runs every three hours.
- The Quota Management task runs every two hours.
- The Reconcile task runs every two hours.
- The Trash Collection task runs every hour.
The follow screen shows the Lotus Workplace Messaging Tasks:
Tasks like Quota Management are configured through policies. There are default policies that ship with LWM, including a policy that allows us to create persistent accounts (which all members of the LDD team have). On a side note, when we first configured LWM and determined that all accounts would expire after 48 hours, we forgot to ensure that our Administrator account remain persistent. As a result, our Administrator account expired along with all the other accounts which shut down LWM and made it appear to the user as though the system had failed! Other than that incident, we haven't had a single server failure yet.
Configuring the LWM system
Now that you understand how our demo works from a user perspective, let's assume an administrator perspective to look at how we configured the servers to communicate with one another. Configuration of all servers is a process beyond the scope of this article, but to give you an idea of what we did to implement the LWM system, here's an overview of the tasks that we performed to configure the system:
- First, we installed Domino 5.0.12 on a separate machine and configured the Domino LDAP and HTTP services. For purposes of our demo, we didn't configure any other services; however, you can use the Domino SMTP service with LWM. We talk more about the LWM SMTP service later in this article. (For now, if you need information about configuring the Domino LDAP and HTTP services, see the Domino Administrator help.) In addition, we also deployed a custom Domino self-registration application and designed an account expiration agent.
- Next, we installed the DB2 server on a separate machine; installed Fix Pack 7, which is required; then installed LWM on the same server. Installing LWM on the DB2 server installs the database scheme needed to create user mail accounts. The following screen shows the LWM database scheme as it appears in the DB2 Control Center.
- Then we installed the WebSphere Application Server, WebSphere Network Deployment server, and IBM HTTP Server on the same machine.
- After installing these three servers, we configured the WebSphere Application Server for LDAP and for global security. This included adding a WAS Administrator Person document in the Domino Directory. Note that when you first install WAS, no security settings are created. Before you set security on that server, make sure to create an administrator account in the LDAP directory and to test the connectivity between the WAS and LDAP servers.
- Next, we enabled single sign-on (SSO) on WAS. If we ran multiple WAS applications, then you could access those applications after signing in only once; however, we don't use this feature because LWM is our only installed WAS application so far.
- With our WebSphere servers and IBM HTTP Server installed, we then installed a DB2 client on WAS. This is necessary for the WAS and DB2 servers to communicate if the two servers do not reside on the same machine. If you install both DB2 and WAS on the same machine, you can skip this step.
- After installing the DB2 client, we installed LWM and the LWM Administrative Console on WAS. The LWM Administrative Console requires WebSphere Network Deployment Manager, so if you install WAS and WebSphere Network Deployment server on separate machines, install the administrative console on the WebSphere Network Deployment server. See the earlier section "Lotus Workplace Messaging components" for more information about the LWM Administrative Console.
- With all the servers installed, we then began tweaking the system. We installed SSL certificates on the IBM HTTP Server for secure authentication with the Domino Directory.
- Lastly, we connected WAS to the IBM HTTP Server. Remember that the IBM HTTP Server supplies the HTTP service needed to access the LWM/WAS server via a Web browser.
Configuring LWM
That covers configuration of the various servers in the LWM system, but we weren't done yet. We still needed to configure LWM for our demo. Because we wanted to provide auto-provisioning, we enabled automatic account creation to allow users to register for an account. (You can also create accounts manually.) Then, we created a custom Welcome message for all new users. These two tasks are done through configuration documents in the LWM Administrative Console. For our demo, we kept many of the default configurations, but we enabled the LWM SMTP inbound and outbound service, set properties—like maximum disk space storage per account—in our policies that help us to manage the accounts, and modified some LWM tasks.
In addition, there are other tasks that you can perform for your LWM system, including configuring filters for inbound SMTP to accept or reject mail messages from specified connections and specifying a smart host for mail routing. Also, the LDD demo uses only one directory for authentication and registration, but LWM supports the use of multiple directories. So you can configure a secondary directory to provide a name lookup service for all LWM accounts, allowing your primary directory to be used only for authentication. These tasks and more are covered in the Lotus Workplace Messaging documentation.
Upgrading the demo
Since we began the LWM demo on LDD, the LWM development team reached a new milestone—Gold build of the first release! We have been upgrading our demo with early builds as they became available, and the Gold release is no different. We upgraded our demo and ensured that all persistent accounts remained available after the upgrade. We used a custom development tool that allowed us to update the database scheme without loss of data. Unfortunately, this tool is for internal use only and is not available with release 1.0. However, as the tool matures, expect it to be available in a future release that will enable you to upgrade from 1.0 to the next release.
And the demo goes on
While your LWM account may only last 48 hours, our LWM demo will remain on our site for a long time to come. As more early releases of LWM become available, we will upgrade our demo so that you can continue to test the latest features. To date, more than 1,000 accounts have been created and expired, and we are averaging 200 new accounts per day. We hope you enjoy our LWM demo and find the information in this article useful in your deployment. Check back again because we will update this article with new information as we update our demo. |
|