Mitel V5 User's Manual
Contents
1. If you wish to change the service domain name you can do so using this panel by entering your new name and clicking the Update button If the domain you want is not available you will be notified and will be able to choose another name Service domain changes take effect immediatly after the next synchronization with the NOC Warning The change of service domain takes place upon the next synchronization of your server with the NOC and your previous service domain will be completely removed This includes entries for any hosts that you may have been publishing for the previous service domain Mitel Networks Corporation does not guarantee the availability of a domain name and reserves the right to refuse to register any domain name All ServiceLink users publishing DNS domains must adhere to regulations and rules provided by ICANN and our registrar 13 4 IPSEC VPNs 88 Through the PartnerZone interface to our NOC your Mitel Networks Corporation partner is able to very simply and easily create a secure IPSEC VPN between your server and other ServiceLink enabled servers This provides an economical way of creating a private network between different offices without having to pay for expensive VPN equipment of dedicated connections Each location just needs a connection to the Internet and a ServiceLink enabled server A VPN can be established between just two offices or between a wide number of offices All communication occurs using the ex2. 121 Chapter 19 Additional Software In the process of developing the SME Server V5 with ServiceLink we found it necessary to include some additional open source software While Mitel Networks Corporation does not provide direct technical support for this additional software its availability on the server may be of benefit to advanced users Warning Use of this software is at your own risk and should not be attempted unless you know what you are doing Mitel Networks Corporation does NOT provide support for this software MySQL MySQL is a free open source database management system It provides a fully functional relational database similar to that provided by many commercial database vendors We use it here as the back end for our webmail application More information about MySQL can be obtained at http www mysql com PHP PHP is a web scripting language that has become popular because it easily allows developers to create dynamically generated web pages Additionally it includes commands that allow for easy interaction with databases particularly MySQL The PHP language resembles C or perl and is actually embedded in the actual HTML pages on the web server If you are familiar with Microsoft s Active Server Pages PHP works in a similar manner We have installed it on the server because it is needed as part of our webmail application To learn how to use PHP in your own web pages please read the PHP FAQ at http www php net
3. 1 613 555 1234 Using the same analogy a non routable address is the equivalent of an office extension If your server is assigned a non routable address it cannot directly receive incoming Internet connections which limits the services that it can provide to your site 4 3 Arranging connectivity with your ISP If you are going to be using your server in server and gateway mode you will need to arrange for a connection to the Internet Your ISP will help you connect your site and provide you with services that enable you to take advantage of the Internet e g e mail delivery To some extent the type of connection used determines the services needed Therefore we guide you first through arranging connectivity and then direct you to the appropriate list of services for each type of connection The terms used in the following sections are defined at the end of this chapter To connect your site to the Internet you not only need to arrange your physical connection modem DSL etc but you also need to ensure that your server can locate the appropriate devices at your ISP s site Your ISP will give you this information e g IP addresses for their devices which must eventually be entered into your server console a straightforward process covered in a later chapter Many ISPs use a DHCP server which can directly configure your server with some or all of these parameters 4 3 1 Ordering a corporate ADSL or other commercial dedicated connec
4. 123 Appendix B Dynamic DNS Services If your IP address is assigned dynamically you may find it helpful to use a dynamic DNS service A dynamic DNS service provides you with an automated way to notify them whenever your IP address changes so that they can immediately publish new DNS records for your domain Without dynamic DNS you would have to contact your ISP to have them change your DNS records and your web site and other services would be unavailable for several days until the change was processed You can easily enable the usage of a dynamic DNS service by selecting it on your server console A dynamic DNS service can be a great solution when used with a dedicated connection With a typical dialup connection your IP address changes much more frequently possibly every time your server connects and because the server only connects intermittently there is a delay in informing the dynamic DNS service of the change This means that the risk of misdirected information is much greater with a dialup connection For this reason we recommend and support the use of dynamic DNS services only for dedicated connections Mitel Networks Corporation has tested four dynamic DNS services of which two are free services and two are commercial services yi org free dyndns com commercial tzo com commercial and dyndns org free For simplicity we have preprogrammed the server to work with these services including pre installing their client software
5. A static IP address never changes It is permanently assigned to your server by your ISP Note Static IP addressing is preferable to dynamic IP addressing because it makes it easier for users on the Internet to connect to your services Dynamic IP address assignment means that your IP address is assigned to you only temporarily and may be changed by your ISP This makes it more difficult to ensure continuity of service to your network Consider again our telephone number analogy When your telephone number changes you are able to place outgoing calls However until your new phone number is registered with Directory Services other people are unable to look up your new number and place calls to you Similarly whenever your IP address changes a record associating your server with its new IP address must be published with the equivalent of Directory Services known as Domain Name Service or DNS before incoming traffic can find you If your IP address is dynamically assigned and you have a dedicated connection to your ISP for example with a typical cablemodem you may find it helpful to use a dynamic DNS service We strongly recommend you review Appendix B Dynamic DNS services for more information about this worthwhile option 4 2 2 Routable versus non routable IP addresses If an IP address is analogous to your phone number then a routable IP address is the equivalent of a full telephone number complete with country code and area code such as
6. If you have arranged dynamic IP address assignment from your ISP and you wish to use one of these services all you need to do is visit the appropriate web site to sign up for service and enable that particular function in the server console In pre configuring the server for this particular service we in no way interfere with nor prevent you from using another dynamic DNS service if you wish To do so however would require some customized configuration on your part Mitel Networks Corporation has tested the functionality of these services with our software However we accept no liability for any breach of service on their part A failure on the part of your dynamic DNS service can result in your network becoming temporarily unreachable from the Internet During these times your e mail may be undeliverable If your IP address is assigned dynamically and you intend to receive all your e mail directly rather than having it stored at an ISP and retrieving it via POP or IMAP but you decide not to use a dynamic DNS service you should implement multidrop e mail as your e mail solution as this will ensure that no e mail is misdirected to another IP address See Some important notes on Service list D multidrop mail in Chapter 3 Note Dynamic DNS services are not perfect They merely point hostnames to IP addresses If your system receives an IP address via DHCP or PPPoE it will automatically update the dynamic DNS service each time it comes online
7. Revision 1 134 150 Metcalfe Street Suite 1500 Ottawa Ontario K2P 1P1 Canada 1 613 564 800 1 613 564 7739 info e smith com Table of Contents 1 Welcome to your SME Server V5 with ServiceLink sscccsssssscsssscsssssssesssscssesscssscsssssesesssssssesscsesesseseessssesssnesessessssesseseseesosees 6 VL cAbOUt This Guide sisser taaa ENI S TEIA SEENE EESE SPAT AESA E SEE EEE Sonesutguesntedebutgaceuredepstess 1 2 Software Licensing Terms and Conditions 1 3 About Our Test Company The Pagan Vegan DAs What Ss NE Westies acbecsadexsset o A ARARA REE TEISE AR E EEIE IT S AENA SOAN ST A A TARS 2 The role of the SME Server V5 a 3 ServiceLink ccccscccssssssssees 11 4 Your Internet Service Provider ISP sscssscsssscssscsssscssssssssssssesssssssescescssesssssscessssesssssssssesessesssssssesessessssesessesessesssseseesesseseses 14 4 1 Dedicated versus dialup Connectivity ee ceccecececeeceeceeccecceceeseeseecceseeceeseeseeseeseeseeseesecsecseeseeseeseesseseeseeseeseeseesecsecsecaeeaesaeeae 14 AD The TP address c scssceicoscesesidestctech ces ccbecstchseiivhsestedcendehcstedconde dee seeds E E seeds E A A E o EEEE E E 14 4 3 Arranging connectivity with your ISP ecseri iraro EEEN EA NR AEAN aA A aAA SATAA OEA AEE A AEE 15 44 Atrangine Services From Your ISP rorarii eneee E E E NENE E A a A A aR E AA AEA AEA AAA A N 19 5 Hardware Requirements of the SME Server V5 with S
8. is a modified version of PPP that is used over some high speed ADSL connections to the ISP Secondary Mail Server A secondary mail server receives e mail for your domain if your server is unavailable and reattempts delivery later Subnet Mask or netmask A subnet mask or a netmask has four numeric segments each between 0 and 255 and looks like an IP address It enables your computers to deduce what network they are on Your ISP provides the netmask for the external network between the ISP and your server Chapter 5 Hardware Requirements of the SME Server V5 with ServiceLink Host Computer The hardware requirements of the SME Server V5 with ServiceLink are modest compared with other server software available today However because of its critical role in your office selecting an appropriate host computer is important The hardware requirements of the host computer depend on such things as the number of users on your network whether you plan to use the proxy server on the server and the speed of your Internet connection Because the SME Server V5 with ServiceLink software relies upon your computer meeting the hardware standards noted in this section Mitel Networks Corporation cannot support a server installed on hardware that does not meet these standards Before you consider the requirements defined below please be aware of the following notes e The server ships with the remote access services disabled by default Enabling webma
9. you can also access the information stored on your server If you wish to enable VPN access you must decide how many individual PPTP clients you will allow to connect to your server simultaneously and enter that number here The simplest method is to enter the total number of remote PPTP clients in your organization Alternatively if you have a slow connection to the Internet and do not want all of those PPTP clients to connect at the same time you can enter a lower number here For instance if you have five users who from time to time use PPTP to connect remotely entering 5 here would allow all of them to connect at any time Entering 2 would only allow two users to connect at any given time If a third user tried to connect he or she would receive an error message and would not be able to connect until one of the other users disconnected If on the other hand you entered 0 no PPTP connections would be allowed After you enter a number and press Save the server should be ready to accept PPTP connections To connect using PPTP the protocol must be installed on each remote Windows client Typically this is done through the Network Control Panel you may need to have your original Windows installation CD available After it is installed a reboot of your Windows system may be needed you can create new connections through the Dial Up Networking panel by entering the external IP address of the server you wish to connect to Once you re fini
10. 255 255 255 0 gateway IP address Enter the IP address for the server or in the case If you are running in server and gateway mode of server only mode enter the IP address for your server is your local network s gateway your network s gateway e g the firewall or Enter its IP address here the default is network router 192 168 1 1 If you are running in server only mode enter the IP address for the device interfacing with your external network IP addresses of your Manually enter this information Normally you would just add the IP address for domain name servers your server the default used in the server console is 192 168 1 1 If you have a firewall other than your server that restricts internal queries to Internet DNS servers you may need to enter additional DNS servers here It is critical that every computer on your network has a unique IP address and that you don t assign two computers the same address In enabling DHCP service in the server console you designated a range of IP addresses for DHCP assignment You also allocated a block of IP addresses for manual assignment If you accepted the defaults pre configured into the server console IP addresses 192 168 1 2 through 192 168 1 64 will have been set aside for manual entry To avoid duplication use only those IP addresses when manually assigning IP addresses to your computers Chapter 8 Configuring the Computers on Your Network TCP IP Properties 21x Bind
11. Click here to create a new hostname for this March Networks Server Click here to create a new hostname for a local host Click here to create a new hostname for a remote host Current list of hostnames for tofu dog com The March Networks SME Server with ServiceLink DNS configuration and hosting service provides the ability to automatically make hostnames available throughout the Internet To activate this server for ServiceLink click on the Status panel This host represents your system name and cannot be modified or removed Suppose for example your company s web site was hosted at some other location such as on your ISP s web servers If you wanted www mycompany xxx to point to your ISP s server you would modify the entry here by clicking the Modify link next to www The image below shows the screen in which you would perform the task 73 Chapter 11 Configuration Modify hostname Select whether this hostname is to refer to Self this March Networks Server Local another server on your local network or Remote a server outside your local network If you select Self the only other relevant field is whether to publish the hostname globally The locallP ethernet address and global IP addresses are all ignored since the March Networks server already knows those values If you select Local all fields are relevant If you select Remote the relevant fields are
12. E eee ete 99 KESKIR n A or DAE AE E T E EEE E E EA 100 16 4 An i bay Used as a Customer Site The Miles Gabriel Art Exposition sesessessssessssssessersrstsrsrrsssisrstersrstseeerertrisrersene 101 16 5 An i bay Used as a Shared Network Drive wo cece sssseseseeseseesceeeseesscsccsececsceaescescsecacsecseeecseeecseaeseeacaeeeseasaeesaeeesaeed 16 6 An i bay Used as an Intranet The Pagan Vegan Vegemite z 16 7 An i bay Used to Expedite Processes Samson s Farms ccccssssssssesceesseeseseeeceeeseseesesessceecseeecseeesseeseseeseaseeseesseeesaeeesaee 16 8 An i bay Used as Your Customer Download Site ecceesseeseseeeeseeesscescseeecsesseseescsecsceecseecseeessesseseeacaeeesanaeeesaeeesaeed 17 User File Storage on the SME Server V5 with ServiceLink aa 171 WADCOWS earen RA A AAAA EAEE EA EE E i ENE A RER A ER TD MACINtOS OS 4053 5 an en REE aa eina ARa ea Ra E E E ANE E E E AA A E SEENA ET 18 Webmail sscccsscssssssssscsssscsssscsscsssssssssesssssessscessscessssessscssnssesescessssesseseseessscesessessssesessesessescasssessessesasosenseseeseseesssessessesseseseeseseee 18 1 Enabling Webmail On Your System dcire V A E ohne tal deh URAL ie eee 18 2 Starting Webmail sessur fee leeasderi cae Gasser eae ee ee ee At het NNE VSB LOG SiS hisa a ss Heed Seta Seca See ace OE ORS See RE SRST RE he eben cae 18 4 Viewing The INnbOX sce GA ases a tines E eee de a She era bee eee ea ee 18 5 Logging Outiof Webmail ociisss
13. FAQ php and the manual at http www php net manual Procmail procmail is an open source mail processing tool that can run on the server to preprocess incoming mail messages perform actions such as filtering them into folders More information about procmail can be found at http www procmail org Additionally members of our developer community have contributed HOWTO documents that show how to use procmail on our server See http www e smith org docs howto for links to those documents Taper taper is a open source tape backup program provided for those who wish an alternative to the flexbackup program used by default in the server manager More information about taper can be found at http www e survey net au taper 122 Appendix A Introduction to the Ethernet Local Area Network LAN A local area network LAN is the system of wires and other hardware that connects the computers within your office and allows them to communicate with one another An ethernet LAN is the most common type Ethernet refers both to a kind of connection and to a protocol for how Internet data packets travel around your network The hub a common component of an ethernet serves as a point of interface between computers on the network Each computer on your network is connected to the hub using an ethernet network cable Different hubs operate at different speeds slower hubs operating at 10 MB sec are suitable for small networks faster hubs operating
14. From A Previous Versin erea aeee aea eiaa a ae aaa E A a EE EEEE EE E 33 6 4 Installing th SoftWare eoan k NT TESE AOE cv vad AA AEA EAA EREN AEE 33 6 5 Configuring your SME Server V5 with ServiceLink cece essceeseeecsseeceesenecscecseseescsecsceecseeacsesessessesaesenesseeavaeeesseeeseeeaes 34 6 6 Setting Your Administrator Password cece iiiaio A E R E PEE O aa EA AAEE E EEEN 35 6 7 Configuring Your System Name and Domain Name u cecceseeeseescseeesseeseneescecseseescsecsceecseeseseeessesseseesenesseearseeesseeeseeeaes 35 6 8 Confisuring Your Local Netwotk 2 5 35 ce ses fool r saan aieetevees eit a TE e el erties athe sl Ll ati 36 6D Operation Vode lt thse than U ath SAM AEA S LoL ttt SO ath te ate tase Ret cea ta Jt i 38 6 10 Configuring Server and Gateway Mode ccc eescsessssesseseseeesseeseseecseeecscescsecscsecseseescsecsesesseeacseeessesacsaesenesaeearaeeesaeeesseeaes 40 6 11 Server and Gateway Mode Dedicated oo ce eeeeeeeseeeeeeneteeetseneens Al 6 12 Configuring the Server for Server and Gateway Mode Dialup ACCESS 0 ccccsseessseeeseeseeeseseeecseeseseescaeeeeetacesaeeesneeae 44 6 13 Configurins Your DHCP Server asisavas e e hides dee AA Sea a A a nce teen dee enced R bead 46 6 14 Further Miscellaneous Parameters sinanonco RAT ERa aa ET 48 7 The Server Consolle cssscssssssssssssssssscesssessscssssssssscsssssssesssssssssesssseesssssessessscessssesensessessscessssesessossssesseseseassssesess
15. However when your server disconnects from the Internet with most dynamic DNS services your server does not indicate that it is offline in any way to the dynamic DNS service If your system is offline for a period of time it is possible that someone else will be assigned your IP address by your ISP If this occurs with most dynamic DNS services this other system will now start receiving your e mail and web page requests until your server comes back online and updates the service with your new IP address There is not much you can do about this but you should be aware of this fact if there is any chance your system will be offline for a long period of time 124 Appendix C Proxy Servers The server comes with a proxy server called Squid which can proxy the web HTTP FTP and Gopher protocols Proxy servers temporarily store information from the Internet on the hard drive of the server allowing other users to access it directly from that hard drive For example when an employee visits a web page the web proxy server will store that web page Subsequent visitors to that web page will read it from your proxy server s hard drive rather than over the Internet This slightly reduces the network performance for the first visitor to that web page but can enhance the performance for subsequent visitors Many gateway systems require the use of proxy servers but with the server it is optional Networked applications such as web browsers will work perfec
16. Insert the CD ROM If your computer is an older model that is unable to boot from CD ROM you will also need to insert the boot floppy Most modern computers do not need to use a boot floppy Step 2 Review the warning screens and type accept to indicate your acceptance of Mitel Networks Corporation s legal terms and conditions and your acknowledgment that installation of the software will rewrite the host computer s hard drive Warning The installation or upgrade process formats and erases all attached hard drives If you have multiple hard drives be sure to back them up prior to starting the installation process Step 3 Read the software licensing terms and indicate your acceptance of the license Step 4 Choose whether you wish to Install on a single hard disk or use hardware mirroring Install on dual hard disks using software mirroring RAID1 support or Upgrade Step 5 Read the screen offering a final warning Type proceed and hit enter on the OK button to continue The installation process will now automatically proceed to install the necessary packages Step 6 Indicate whether you wish to create an emergency boot diskette This can be used in the future to boot the system in the event that you are unable to boot from the hard disk If you choose yes you will be prompted to insert a blank diskette We recommend that you do create an emergency boot floppy and put it in a safe place where you can easily retrieve it when nec
17. UNINTERRUPTED THE FOREGOING EXCLUSIONS AND DISCLAIMERS ARE AN ESSENTIAL PART OF THIS AGREEMENT AND FORMED THE BASIS FOR DETERMINING THE PRICE CHARGED FOR THE SERVICELINK SERVICES SHOULD ANY PART OF THIS DISCLAIMER NOT BE ALLOWED UNDER CERTAIN JURISDICTIONS THOSE PARTS MAY NOT APPLY TO YOU WHERE LAWFUL MITEL NETWORKS RESERVES THE RIGHT TO NOMINATE THE JURISDICTION OF ITS CHOICE UNDER WHICH THIS CONTRACT WILL BE ENFORCED EXCLUSION OF CONSEQUENTIAL AND OTHER DAMAGES MITEL NETWORKS AND ITS SUPPLIERS WILL NOT BE LIABLE TO USER OR ANY THIRD PARTY CLAIMANT FOR ANY DIRECT INDIRECT SPECIAL PUNITIVE CONSEQUENTIAL EXEMPLARY OR INCIDENTAL DAMAGES INCLUDING BUT NOT LIMITED TO LOST DATA LOST PROFITS OR SAVINGS LOSS OF BUSINESS OR OTHER ECONOMIC LOSS WHETHER BASED ON A CLAIM OR ACTION OF CONTRACT WARRANTY NEGLIGENCE STRICT LIABILITY OR OTHER TORT BREACH OF ANY STATUTORY DUTY INDEMNITY OR CONTRIBUTION OR OTHERWISE EVEN IF MITEL NETWORKS OR ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES SO THE LIMITATIONS OR EXCLUSIONS IN THIS AND THE FOREGOING PARAGRAPH MAY NOT APPLY TO YOU MITEL NETWORKS MAXIMUM LIABILITY UNDER THIS AGREEMENT IS LIMITED TO AN AMOUNT EQUAL TO THE FEES ACTUALLY PAID FOR THE SERVICELINK SERVICES UNDER THIS AGREEMENT FOR A PERIOD NOT TO EXCEED ONE YEAR INDEMNIFICATION You agree to indemnify and de
18. When someone sends an e mail his or her local mail server will look for the recipient s MX and send the e mail to it If the MX is unreachable due to a system or network outage the mail may be queued or it may bounce back to the sender The guaranteed e mail service provided to ServiceLink subscribers works by configuring the DNS to use the NOC as a secondary Mx Therefore if the primary MX is unreachable the sender s mail server will send the e mail to the secondary MX in this case the NOC All e mail collected in this fashion will be forwarded to your server as it becomes available again There is nothing that needs to be done to configure the guaranteed e mail service As soon as the NOC starts publishing your domain through the DNS service the NOC will be set up to act as an MX secondary and start guaranteeing the delivery of your e mail In addition to storing the e mail and eventually forwarding it the Mitel Networks NOC provides notification and reporting to your Mitel Authorized Partner This allows your Partner to identify potential server or network outages at your site and respond in a timely fashion DNS Services One of the components of a full Internet solution is a domain name Most businesses using the SME Server V5 with ServiceLink will want to register a domain name representing their business and will need a DNS host to make this domain name accessible to the world For reasons of security and reliability the ser
19. YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES 133
20. You would then enter both IP addresses in this screen in the Local IP and Global IP fields Note that this will only work if you are a ServiceLink subscriber as the server alone does not update public DNS information Note The Ethernet address field when creating a hostname pointing to a local host is only used for reserving IP addresses through DHCP as mentioned in the next section 11 5 2 Reserving IP Addresses Through DHCP Another task you can perform through this panel is to reserve an IP addresses for a given system based on its Ethernet address For instance you might have another intranet web server within your company that you want to always have the same IP address One method of assigning that address is to manually configure the client machine to have a static IP address The negative aspect of doing this is that if you later want to change the network settings for that machine you must manually go and configure that machine An example would be if one of your DNS servers changed its IP address Additionally you have to keep track somewhere of the fact that you have assigned a specific IP address to that machine Rather than configuring the machine manually you can reserve an IP address from the DHCP server for that specific machine This has the same result as manually configuring a static IP address but offers two benefits First you have one location to keep track of all assigned static address Second through the DHCP server
21. address For example the username for afripp tofu dog com is afripp If you choose POP3 e mail service Enable POP3 protocol Typically to enable the POP3 protocol for incoming e mail you click on the POP3 checkbox or select POP3 from a pull down menu in the section of your e mail application dedicated to the incoming e mail server Disable IMAP protocol To disable the IMAP protocol for outgoing mail not all e mail applications have IMAP protocol click the IMAP checkbox off Delete read e mail from server We recommend you configure your e mail application so e mail that has been read is not left on the server To do this click off the checkbox marked leave mail on server or click on the checkbox marked delete mail from server If you select IMAP e mail Enable IMAP protocol Typically to enable the IMAP protocol for incoming e mail note that not all e mail applications offer IMAP support you click on the IMAP checkbox or select IMAP from a pull down menu in the section of your e mail application 56 Chapter 8 Configuring the Computers on Your Network dedicated to the incoming e mail server Disable POP3 protocol To disable the POP3 protocol for outgoing mail click the POP3 checkbox off The images below show you the sequence in Netscape First you choose Preferences from the Edit menu and click on Mail Servers as shown in __ Category gt Appearance Mail Servers D Navigato
22. any further restrictions on the recipients exercise of the rights granted herein You are not responsible for enforcing compliance by third parties to this License 7 If as a consequence of a court judgment or allegation of patent infringement or for any other reason not limited to patent issues conditions are imposed on you whether by court order agreement or otherwise that contradict the conditions of this License they do not excuse you from the conditions of this License If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations then as a consequence you may not distribute the Program at all For example if a patent license would not permit royalty free redistribution of the Program by all those who receive copies directly or indirectly through you then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program If any portion of this section is held invalid or unenforceable under any particular circumstance the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public lic
23. be created on the server Chapter 11 Configuration 11 5 Hostnames and addresses When you installed your SME Server V5 with ServiceLink you were asked to provide a name for your system That name and several other standard names are automatically configured in your system s host table during the installation process This host table is consulted as part of the name resolution process The Hostnames and address web panel allows you to modify this table and specify different host names for each domain on your system as well as to control how those names resolve both for systems on your local network and also for systems on the larger Internet For instance when someone tries to connect to Www mycompany xxx they will be taken to wherever www has been set to point to As seen in the image below this screen in the server manager allows you to view these default settings and also to modify the configuration Using the Hostnames Panel with ServiceLink Throughout the screens linked to from the Hostnames panel you will find the text Publish globally with a checkbox next to it If you are a subscriber to ServiceLink you have the option of publishing these records through the ServiceLink DNS Configuration and Hosting service If you select this option the hostname and IP address information that you enter will be uploaded to the Mitel Networks NOC and published through the global DNS system Create remove or change hostnames
24. be resource intensive the server ships with webmail disabled by default To enable the use of webmail perform the following steps 1 Connect to the server manager and login as the admin user 2 Click on Other e mail settings and scroll down to the section where you have the option to Enable Disable Webmail You now have two options Enabled secure HTTPS access only Allows users to connect only through a secure SSL connection This is strongly recommended because a regular HTTP connection transmits your mail account password across the network or Internet in plain unencrypted text Enabled HTTP or HTTPS Allows your users to connect through a secure or an insecure web connection After you perform these steps your users should be able to connect and use webmail 113 Chapter 18 Webmail 18 2 Starting Webmail To use webmail a user first needs a valid user account and password on your server Next the user opens up a web browser and points it to your server using an address resembling the following URL https www tofu dog com webmail The https in the URL indicates this connection uses SSL encryption and provides a secure communication session Note The exact address used in the URL will depend on how you have configured your server In the example above www tofu dog com points to the server located at The Pagan Vegan and https indicates that they are using secure communication using SSL encryption If you
25. chapter The usual form assuming your domain is yourdomain xxx is de yourdomain dc xxx No spaces should be entered between the dc statements The Port Number is always 389 Once the address book has been created Netscape can display a list of all e mail accounts if you type an asterisk into the search field and press Enter 59 Chapter 9 On going Administration Using the server manager The server manager is a simple control panel that allows you to administer your network Using the server manager you perform such tasks as adding or deleting e mail addresses setting the system date and time and creating a starter web page The server manager is accessed through a web browser by visiting the URL http www yourdomain xxx server manager or more simply http www server manager The staff at The Pagan Vegan would access the server manager using the URL http www tofu dog com server manager We recommend you bookmark this address so that you can return to it whenever you wish to access the server manager Note For security reasons you are only able to access the server manager through a web browser on the local network Remote access is only possible using remote access tools such as ssh and PPTP File Edit View Go Communicator Help 3 a 2 ww z Back Forward Reload Home Search Netscape Prit Security Shop Stop 4 L T Bookmarks A Location http rww server manager 00O a What s Related MARCH
26. file directory for that user This directory is set aside for files that the user would like to store on the server hard drive It can only be accessed by the user To access the directory the user would naviagate to the server via Windows file sharing or AppleTalk 17 1 Windows For example in Windows the user would open Network Neighborhood In the Network directory you will see all machines accessible to you on your network The server should be one of them If it isn t viewable you may not be logged onto your network under the correct name password see the section below on this or your machine may not be in the same workgroup as the server Sa Network Neighborhood Iof x File Edit View Help Entire Network Jamus 1 object s selected pA When you click on the server you will see all i bays and directories available to you You will also see the Primary directory which houses the company web page information In the example below Kate Hedges is logged onto her local network as khedges her account name with her correct password When she enters the server she can see all the i bays mgabriel samfarms sharedfiles menus and intranet as well as her own user directory smith server OY x File Edit View Help Name Comment Of i Art Exposition by Miles Gabriel Home Directories i Fegan Vegan shared dive Primary Primary Site E menus E samfamms intranet samples of menus invitations etc Samsons Farms Th
27. have your server registration number ready when you contact us for support If you are having difficulty configuring another vendor s hardware or software we recommend you refer to the manual or contact the vendor for that product As the SME Server V5 is open source software Mitel Networks Corporation encourages users to freely share copies of our software However we can only provide technical support for customers who purchase products So if you receive a copy of the SME Server V5 software from another source it is not supported or warranted in any way Of course if you have an unsupported version of the SME Server V5 with ServiceLink we are glad you are using our product and would welcome your business You can purchase a subscription from any Mitel Networks Corporation Authorized Partner For a list of Partners in your area call 1 888 ESMITH 1 or 1 613 564 8000 or check our web site at http www e smith com e smith org Developers may wish to note that additional documentation including HOWTO documents and a FAQ can be found on our development web site http www e smith org There are also links there to other web sites relating to the server 126 Appendix E ServiceLink End User License Agreement The following are the terms and conditions for use of the March Networks ServiceLink services including associated software products collectively referred to as the ServiceLink Services from Mitel Networks Please rea
28. in most situations 46 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software If you have fewer than 180 machines on your local network and no reason to prefer one range of IP addresses over another you can simply accept the defaults for these screens If the defaults are not appropriate to your situation you may need a bit of background to understand how to configure this range For example if you entered the server address of 192 168 1 1 and subnet mask of 255 255 255 0 the default settings the configuration script will infer that your network is 192 168 1 0 and that valid addresses are from 192 168 1 1 to 192 168 1 254 If you entered some number such as 192 168 100 1 for the server the script will infer that your valid addresses will be 192 168 100 1 through 192 168 100 254 If you enter the number 192 168 202 65 as the beginning of DHCP address range as shown below the first computer served by the DHCP server would receive the IP address of 192 168 202 65 The second computer would receive the IP address of 192 168 1 66 and so on If you specify that the end of the range is 192 168 202 250 as shown below then the last computer able to receive DHCP service would be assigned the IP address 192 168 202 250 Once all the available IP addresses within that range are assigned your DHCP server will no longer serve IP addresses to new computers 6 13 2 Important issues about the DHCP address r
29. in prepayment of the provision of the ServiceLink Services 6 USER RESPONSIBILITIES AND OBLIGATIONS You shall not use the ServiceLink Services in a manner which violates any city state national or international law or regulation You shall not attempt to interfere in any way with the Mitel Networks network operations center or attempt to use the ServiceLink Services to gain unauthorized access to any computer system 7 COLLECTION OF INFORMATION You acknowledge and agree that Mitel Networks will be collecting and using customer identifiable information in order to provide the ServiceLink Services to you including without limitation for billing purposes to order provide and change service to resolve problems to gather server information or to create and inform you or your Authorized Integrator of additional products and services Mitel Networks will not sell trade or disclose any customer identifiable information derived from the registration or use of the ServiceLink Services to third parties other than your 127 Appendix E ServiceLink End User License Agreement 128 10 11 12 Authorized Integrator without your prior consent except as required by subpoena search warrant or other legal process or as a result of the assignment or transfer of this Agreement by Mitel Networks LIMITATION OF LIABILITY Mitel Networks and or its respective suppliers may make improvements and or changes in the ServiceLink Services at any
30. just to be used by a small group of users you can leave public access set to the default of None If you want others to be able to access the i bay via web or anonymous ftp you can choose to allow access to just the local network or the wider Internet You also can choose whether or not you wish to require a password Note If you choose one of the modes of Public access via web or anonymous ftp that requires a password public access will not be available until you set the i bay password from the main information bay panel in the server manager Once you do so users can access the i bay through their web browser or ftp by using the i bay name and i bay password rather than their own user name and password Execution of CGI scripts If you want to use CGI scripts to add functionality to your web site you can execute those scripts from the cgi bin directory of your i bay However for security reasons you must first choose enabled here to allow such scripts to be executed Once done filling out the form click the Create button and the server manager will create your i bay If you wish to change these settings at any later point you can click on Modify next to the i bay name in the information bays panel of the server manager 16 4 An i bay Used as a Customer Site The Miles Gabriel Art Exposition The Pagan Vegan TPV has found that customers like having access to a customized web page which summarizes all of the information pertaining
31. multiple client machines You manage your e mail on the mail server over the network You read your e mail over the network from your desktop but the e mail is not stored on your desktop machine rather it is permanently stored and managed on the server Benefits of IMAP Drawbacks of IMAP You can access all of your new and stored e mail from any If you are not connected to a network new and stored e mail machine connected to a network messages are not available to you Because all employee e mail is stored on the server backup of e mail is easily accomplished 8 4 Configuring Your E mail Application Each user s e mail application requires information about that user s account where to send outgoing e mail and pick up incoming e mail This information is usually entered in the preferences or options section Most e mail applications require you to enter the following information User s e mail address The user s e mail address is the user account as created in the server manager plus the domain name Typically it will be in the form of username yourdomain xxx e g afripp tofu dog com E mail server or outgoing e mail SMTP server This is the name of the e mail server from the server Normally you should just enter mail here If you prefer you should also be able to use the full domain name of mail yourdomain xxx e g mail tofu dog com E mail account name or user name this is the name before the in the e mail
32. names of the users who should be associated with that group 8l Chapter 12 Collaboration Warning When you create a group you are required to assign at least one user to that group If you fail to do so the group will not be created and you will receive an error message After you add or remove a user account from a group the user must log out and log back in for those changes to take effect Until the user does so he or she will still have their old group membership information For instance say that you create a new group sales and assign user ffrog Fred Frog to that group You then create a new i bay called salesinfo that only the sales group can access Fred Frog is still logged into a Windows PC and now tries to connect to the new i bay through Windows Explorer He will receive a permission denied error He must log out of windows he does not need to shut down or reboot just log out and login again Now he should be able to go through Windows Explorer and access the salesinfo i bay without any problem 12 3 Pseudonyms 82 Any user who has an account on your SME Server V5 with ServiceLink will be able to receive e mail sent to that user ID For instance if you have a user named Fred Frog with the user account ffrog his primary e mail address will be ffrog mycompany xxx Likewise when you create a group account that group account name functions as an e mail alias so that messages addressed to the grou
33. new information and click Update Contact In a similar fashion you can delete a contact by selecting the contact from the pop up menu and pressing the Delete Contact button As mentioned earlier if you entered the Contacts window from the link in the Compose window the three buttons Insert into To Insert into Cc and Insert into Bcc will allow you to transfer the contact information directly into the Compose window To search the company directory use the lower section of the Contacts window labeled LDAP Search You have the ability to search either the entire name field or just the surname Enter the text you are searching for in the entry box and choose how you want to 2 The search is called an LDAP search because the directory is queried using the Lightweight Directory Access Protocol LDAP one of the most common protocols used on the Internet for searching directories 119 Chapter 18 Webmail compare the text against the directory The default is to search for entries where the name is the text you enter which requires an exact match You may find it more useful to search for entries where the name contains the search text A search with contains will find names where the search text appears somewhere in the name After entering your text and choosing your search options press the Start Search button to query the directory As shown in the screen below your results will be returned in a new LDAP Results section of the sa
34. not Pseudonym name webmastel Select account or group ffrog Create 12 4 Information Bays The i bay information bay feature of the SME Server V5 with ServiceLink is a simple very flexible and powerful way for you to share information with others It is a rich enough feature that we ve devoted an entire upcoming chapter to discussing i bays 83 Chapter 12 Collaboration 12 5 Virtual Domains 54 When you are supporting multiple domains on a single server each domain being served is referred to as a virtual domain The strict definition of virtual domain is when a single IP address is shared between multiple domains When you create a virtual domain using this section of the server manager your SME Server V5 with ServiceLink will be able to receive e mail for that domain and will be able to host a web site for that domain To create a virtual domain fill in the domain name and a description of the site You then tell the server where to find the content for that domain it can be the same as your primary web site or you can create a new set of web pages and store them in one of your i bays Clicking the arrow in the Content field will show you a list of your current i bays and allow you to make a selection This feature allows you to host multiple web sites from a single server Be aware that you can point the virtual domain to either the primary web site or to one of the i bays You cannot point a virtual domain to a
35. out of the way place like a utility closet If you wish you can disconnect the keyboard and monitor Note that some computers may not operate correctly without an attached keyboard Chapter 2 The role of the SME Server V5 server only mode Internet gateway firewall More About Ethernets Appendix A Introduction to the Ethernet Local Area Network LAN briefly explains ethernets ethernet components and typical ethernet configuration 10 Chapter 3 ServiceLink With SME Server V5 with ServiceLink Mitel Networks Corporation has introduced a suite of integrated network services ServiceLink that extend and enhance the functionality of your server ServiceLink maximizes the security performance and reliability of your server through real time interaction with the Mitel Networks NOC You can register for ServiceLink by contacting any Mitel Networks Corporation Authorized Partner please see our website for the name of an Authorized Partner near you and choosing a subscription plan that meets your needs Until you register for ServiceLink the links to pages in the server manager will take you to panels that are not active If you would like to enable these services please visit http www e smith com Note If your server is behind an additional firewall that firewall will need to be configured to allow outbound SSH packets on TCP port 22 in order for ServiceLink to function ServiceLink provides the following servic
36. server Enable Disable Webmail With this option you can enable or disable the webmail component of your server More information can be found in the Webmail chapter 11 8 Review Configuration 78 This section of the server manager summarizes how your server is configured This is the data that you entered during the installation process and possibly changed later through the server console or the server manager As you can see from the screen below this is essentially a report that you can print out for your records You do not have the ability to make changes from this screen Review configuration This report summarizes the networking server and domain parameters on this March Networks server relevant to configuring the client computers on your network You may wish to print this page and use it as a reference Networking parameters Server Mode Local IP address subnet mask External IP address subnet mask DHCP server Beginning of DHCP address range End of DHCP address range Server names DNS server Web server Proxy server SMTP POP and IMAP mail servers Domain information Primary domain Virtual domains networks define jofu dog com No virtual domains defined ittpfAvww tofu dog com ittpottawal server manager Chapter 11 Configuration 79 Chapter 12 Collaboration 12 1 User Accounts User accounts should be set up for each person in your organization A user account includes separat
37. smith inc Available at http www e smith org docs manual 4 0 e July 2000 e smith server and gateway user s manual for version 4 0 published in print form by e smith inc PDF and PostScript versions also made available via FTP at ftp ftp e smith net pub e smith e smith 4 0 Primary author editor Ross Laver using StarOffice 5 1 Chapter 1 Welcome to your SME Server V5 with ServiceLink November 1999 e smith server and gateway user s manual for version 3 1 published in print form by e smith inc Primary author Kim Morrison using StarOffice 5 1 1 1 3 Endorsements This is the official documentation for SME Server V5 with ServiceLink and is endorsed by Mitel Networks Corporation 1 1 4 Acknowledgements Mitel Networks Corporation wishes to thank all of the developers in the open source community who continue to help us make our product better We also thank Craig Foster and Paul Miller for their help in documenting Macintosh connectivity 1 2 Software Licensing Terms and Conditions The SME Server V5 with ServiceLink is licensed for an individual server under the terms of the ServiceLink End User License Agreement found in Appendix E Acceptance of this agreement is required during the software installation The SME Server V5 with ServiceLink kit also includes software that is distributed under the terms of the GNU General Public License or other open source licenses SME Server V5 users may copy and redistribute this soft
38. support RAID 32 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software Level 5 disk striping with parity because of the poor performance and reliability of software implementations of RAIDS If you are seeking RAID5 support Mitel Networks Corporation recommends you consider one of the many hardware implementations which will provide both protection and performance 6 2 2 Hardware Mirroring With hardware mirroring you use a special RAID disk controller to perform the actual mirroring across multiple disks As mirroring is performed in hardware the performance can be significantly faster than software mirroring Additionally it can simplify configuration because to the operating system the entire RAID disk system looks like one single disk You should be able to use any RAID controller listed in the section in Chapter 4 on supported SCSI adapters If you are going to use hardware mirroring you should NOT choose Install Dual hard disk with software RAID 1 mirroring in the installation process Doing so will enable software mirroring Instead you should do a regular installation of the software Note Using one of the suggested hardware RAID controllers you will be able to upgrade from an earlier version of the server to version 5 0 using the standard upgrade process You should back up all your data and test carefully after installation 6 3 Upgrading From A Previous Version If you have previously inst
39. the ability to spell check the message in your language of choice or to cancel save a draft or send the message If you choose to save a draft your message will be saved in a folder called drafts You may later retrieve this message by using the popup menu in the upper left corner to switch to the drafts folder Below that are the familiar e mail fields for you to fill out At the bottom of the page the menu of commands is repeated for your convenience 18 7 Reading Messages To read a message click on the From or Subject fields of the message You should see a screen similar to the one below Mailbox INBOX 1 new O recent ve iE0x ie INBOX 1 of 2 Move Copy this message to C1 x Delete Reply Reply to all Forward Bounce Resume Save as BacktoInsox 4 D f inzox Date Fri 05 Jan 2001 09 02 49 0500 EST B From ssalmon tofu dog com g To ffrog tofu dog com Subject TPV Staff Meeting Tuesday 9am g Parts 225 Mesye Source ge Can you be prepared to talk about the project design requirements Sally Delete Reply Reply to all Forward Bounce Resume Save a5 BucktoInsox lt 4 D oen EE You now have several options You can e Delete the message 116 Chapter 18 Webmail Reply only to the sender Reply to all of the original recipients Forward the message to someone else Bounce the message to another person similar to Forward but without providing you the opportunity to commen
40. the administrative functions in the order in which they appear in the frame running down the left side of the screen The links are grouped together under four headings Security Configuration Collaboration and Miscellaneous Note As even one further layer of security you can also connect to the server manager using the secure HTTPS protocol This establishes an encrypted channel of communication between your browser and the server even on your local network To connect to the server manager in this manner use a URL prefix of https as in the example https www yourdomain xxx server manager 6l Chapter 10 Security 10 1 Password This screen lets you change your system password at any time To do so type the new password in the first field Verify the new password by entering it in the second field Your password can be any combination of printable characters including upper and lower case letters numbers and punctuation marks If you make a mistake click the Back button on your browser and try again Note that whenever you change your password the system will prompt you for the revised password as soon as you access another feature When you get the Authorization Failed message click OK enter the new password and press Enter Change system password Certain services on this March Networks server installation require a username and password for example this web page for the server manager application The usern
41. to prevent eavesdropping Note The specific program we use for webmail is the Internet Messaging Program IMP f you would like more information about IMP you can visit the project web site at http www horde org imp If you intend to enable webmail you should consider whether your users will use webmail exclusively or will use webmail part of the time for example when travelling and a regular e mail client the rest of the time If they plan to use webmail and another client they should make sure that the other client uses the IMAP protocol If they use POP3 their e mail messages will be pulled down from the server into their local e mail client and will therefore not be visible when the user logs into webmail If IMAP is enabled on the local client the messages will remain on the server and will be visible both from the local client and via webmail For more information on IMAP and POP3 read the earlier section in Chapter 7 A second issue is that using webmail will affect the performance of your server With many modern servers the impact may not be noticeable However if you are using a low end system as your server you may see a noticeable decrease in the performance of your system We recommend that you evaluate your server hardware if you plan to use webmail Note that webmail can always be disabled later if you find that your system is not performing well 18 1 Enabling Webmail On Your System Because the use of webmail can
42. using standard passwords no a You can allow PPTP access to your March Networks server You should leave this feature disabled by setting the value to number O unless you require PPTP access Number of PPTP clients You can also control FTP write access for the admin and user accounts on this server Write access is never permitted via anonymous FTP or via the information bay accounts We strongly recommend leaving this parameter set to private unless you have a specific reason to do otherwise FTP user account access Private 5 i Note this policy limits access to the FTP server and overrides other settings including those for individual information bays FTP access limits Normal usage You can also control telnet access to your March Networks server WARNING telnet is inherently insecure and should only be used in circumstances where no practical alternative exists You should leave this option set to no access and use the secure shell if remote access is required Telnet access No access 0O i Each of these remote access methods is described below 10 2 1 ssh If you need to connect directly to your server and login from a remote system belonging to you we strongly encourage you to use ssh instead of telnet In addition to UNIX and Linux systems ssh client software is now also available for Windows and Macintosh systems See the section below If you do not have any reason to allow remote access we sugge
43. visit httpJAvww e smith com servicelink To activate ServiceLink you will require a service account ID which can be obtained from your March Networks SME Server Authorized Partner If you have already obtained a service account ID please enter that ID now Service account ID Activate A mentioned above you will need to arrange with a Mitel Networks Corporation partner to subscribe to ServiceLink Once you are subscribed the Status page will change to show your current status As shown in the image below this panel also allows you to manually initiate a syncronization with the Mitel Networks NOC 85 Chapter 13 ServiceLink As the image shows if there is an issue with any of your services it will appear in red italics and you can follow a link to determine ServiceLink Status Information This web panel is used to provide updated ServiceLink status information for this March Networks SME Server Status information is downloaded from the Network Operations Center NOC to the server as part of the synchronization protocol The display includes information about your ServiceLink account the latest synchronization event status and a list of services available from ServiceLink for which this server is subscribed The display also includes the expiration date for each subscribed service and if applicable any error notice for that service Click on the notice for more detailed information If you wish to deactivate your ServiceLi
44. you will provide network settings If you wish to change those settings the change can be simply done on your server All DHCP clients will then receive those updated changes when they renew their DHCP provided addresses To reserve an IP address you must first determine the Ethernet address of your client system Windows NT 2000 users can type the command ipconfig all Windows 95 98 users can run the command winipcfg Linux UNIX users can type ifconfig Once you have determined the client s Ethernet address click on the link to create a new hostname for a local host Add the hostname of the target system the Ethernet address along with the desired IP address into the web panel From this point on specified IP address will only be provided to a client system with the matching Ethernet address 11 6 E mail Retrieval As shown below this section of the server manager allows you to specify the protocol used to retrieve e mail from your ISP and configure other settings regarding the retrieval of e mail 75 Chapter 11 Configuration 76 Change e mail retrieval settings The e mail retrieval mode can be set to standard for dedicated Internet connections ETRN recommended for dialup connections or multi drop for dialup connections if ETAN is not supported by your Internet provider Guaranteed e mail is only available as one of the benefits of March Networks ServiceLink To register for ServiceLink click on the Status panel E ma
45. 100 TX Embedded 10 100 TX PCI UTP 10 100 TX UTP Dual 10 100 TX PCI UTP Integrated 10 100 TX UTP ProLiant Integrated 10 100 Compex ReadyLink 100TX 2000 ENET100 VG4 D Link DE 530CT DFE500 Tx DFE540 Tx e Danpex EN 9400P3 DEC 21040 21041 e Davicom Ethernet 100 10 e Farallon PN9000SX e Fujitsu FMV 181 FMV 182 FMV 183 FMV 184 e General Instruments B1000 e Genius GF100TXR RTL8139 27 Chapter 5 Hardware Requirements of the SME Server V5 with ServiceLink Host Computer 28 If your adapter is not listed above it may be supported if it is based on one of the following chipsets check with Red Hat s web site HP J2585A J2585B J2970 J2973 IBM EtherJet PCI 10 100 adapter 182557 Intel 82556 82557 82865 Intel PCI EtherExpress Pro 10 Prol100 Prol00B Kingston EtherX KNE100TX KNE110TX KNE120TX KNE20T KNE30T KNT40T KNECB4TX Lite ON LNE100TX Lucent WaveLan Macronix MX98713 MX987x5 Microdyne Eagle NE10 100 182557 w DP83840 transceiver NDC Communications NE100TX E Netgear FA310TX 10 100 FA310TXC 10 100 GA620 Novell NE1000 NE2000 NE2100 NE2500 NE3210 NL 10000 Olicom OC 2183 OC 2325 OC 2326 Racal Interlan ES3210 Realtek 8029 Samsung Smartether100 SC1100 Sis 900 SMC 8432T 8432BT EtherPower EtherPower10 100 EZ 1208T EZ 1211TX 83C170QF LANEPIC Surecom EP 320X Symbios 83C885 Yellowfin G NIC Syskonnect Gigabit Ethernet Thomas Conrad TC5048 Znyx ZX312 EtherArray ZX314 Z
46. Arranging Services From Your ISP In each section on connectivity above we direct you to the appropriate list of services that should be ordered from your ISP 4 4 1 Service List A domain name set up and hosting publication of DNS address records for your web server FTP server and e mail server e publication of DNS mail MX records e secondary mail server optional Internet news server optional 19 Chapter 4 Your Internet Service Provider ISP 4 4 2 Service List B Services to order from ISP secondary mail server optional Internet news server optional Services From Dynamic DNS Service domain name depending on the service purchased your dynamic DNS service may restrict what your domain name can be publication of DNS address records for your web server FTP server and e mail server publication of DNS mail MX records 4 4 3 Service List C PPP dialup access with static IP domain name publication of DNS address records for your e mail server publication of DNS mail MX records secondary mail server ETRN must be supported Internet news server optional Your web and FTP servers are available to the external world only when your server is connected to the Internet DNS address records for web and FTP servers only need to be published if it is likely that someone external to your site will need to connect to them for a particular reason 4 4 4 Service List D Please read the impo
47. If you have a dialup connection the server allows you to control how frequently it fetches e mail from your ISP This is particularly useful in situations where you incur phone or Internet charges each time your system contacts your ISP The default settings are Chapter 11 Configuration every 15 minutes during standard office hours and every hour outside normal office hours on weekdays or on weekends The fields allow you to customize those settings Finally if you have multidrop mail service you need to select the sort method used by the server to decide which user each message should be delivered to Your server has a default method for this it examines various headers such as To and Resent To which works in most circumstances but is not suitable for certain purposes such as mailing list messages Some ISPs add a header to each e mail message which can help your server determine the correct recipient If your ISP does not add a header to multidrop e mail select the Default sort method and ignore the select sort header field If your ISP does add a header to multidrop e mail then select Specify below and enter the header tag provided by your ISP Because you will experience problems with mailing lists when using multi drop e mail we strongly recommend that you work with your ISP to have a special header added to each message The Default sort method should be only used as a last resort 11 7 Other E mail Settings This screen pre
48. MARCH SME Server V5 net w oF with SME Server V5 ServiceLink Security Password Remote access Local networks Welcome to the server manager To perform a system administration function click one of the links in the menu on the left of your screen If this is your first time using March Networks SME Server you should Configuration start by performing each of the functions in order rears This software comes with ABSOLUTELY NO WARRANTY unless you have purchased a ag supported copy from Mitel Networks Corporation or one of its Authorized Partners Please click here to view detailed support warranty and licensing information rinters Hostnames and addresses E mail retrieval Other e mail settings Review confiquration Collaboration User accounts Groups Pseudonyms Information bays Virtual domains ServiceLink Status Virus protection DNS services IPSEC VPN Administration Blades March Networks SME Server Copyright 2001 Mitel Networks Corporation All rights reserved Rackun nr restore i s 100 he es SPD When you arrive at the correct URL you ll be asked to enter your user name which is always admin and the password you created during the installation process Enter that information and click OK to be taken to the server manager It will look like the screen shown above 60 Chapter 9 On going Administration Using the server manager In the next four chapters we ll explain each of
49. SME Server V5 with ServiceLink User Manual Mitel Networks Corporation SME Server V5 with ServiceLink User Manual by Mitel Networks Corporation Published August 2001 Copyright 2001 by Mitel Networks Corporation Permission is granted to copy distribute and or modify this document under the terms of the GNU Free Documentation License Version 1 1 or any later version published by the Free Software Foundation with no Invariant Sections one Front Cover Text Not Endorsed by Mitel Networks Corporation and one Back Cover Text For the official SME Server V5 with ServiceLink manual visit http www e smith org docs manual http www e smith org docs manual Permission is granted for production of verbatim copies without the cover texts A copy of the GNU Free Documentation License is available on our web site at http www e smith org docs gfdl html http www e smith org docs gfdl html and from the Free Software Foundation at http www fsf org copyleft fdl html http www fsf org copyleft fdl html The Mitel logo and the terms information bay and i bay are trademarks or registered trademarks of Mitel Networks Corporation in the United States and other countries Linux is a registered trademark of Linus Torvalds The terms ssh and Secure Shell are trademarks of SSH Communications Security Corp Trend Micro is a registered trademark of Trend Micro Incorporated All other trademarks are the property of their respective holders
50. TA TATAA NN N A E EEE EENEI SEEE E EE T E TI Configuration scoissvsosssiasonsdascascasoastasdectesatoceonscmedasececteonsensensadseaseasansadseoeadenssonsdocubeameassnsecetasedssssedniesedsessiensssissssiseisstcstescss sncessssessieses Ls Set date arid time a REBAR IEE SEO 8 68 11 2 Workgroup ai TS TA DIKEKI N AE E E E E E E AONE A S VA SPY TSA STAEN EAER E Sashes E AEE A ET AIE EE E AT ATA TEO E A E AS EPRE TA Tis Hosames and ade SS E aa a a bebe aaa a aaa ea aaa a N E e E a eO dbubetbsssacbedsdescabssntedladesiee 72 TH 6 2B email Retrieval inen geste cece ten dsidevcaheaDewsdesevheete che cd dee Letecedabaceant teak dageeted taveddlasesebbadebedeoeces 75 P27 Other E mail Settinp susen iar a a a a e a e aad Eee tara e Neue aaee a e aerae 77 11 8 Review Configuration oercrneniiirisir iiaii EEs EEEE EEEE EEEE EE E a Eaa ESEESE EEEE EENEN Tiaa 78 N22 COllaDOR ALON OEE EE A T E ENA ENEE ETET O AAE EAEE 80 121 User ACCOUMUES 2 nnna au anan anaa ee RE i EE I BA ohh T RE a RR REA AG 80 12 2 GrOUP Sn a i E E E E TAE GRAE G A AA TAE A E aedeesdebdesceusesdesdesaesteseestevecseeiss 81 TP sSPSCUCOMYVINS 3 2 essccurssrvneterversssanradesnpstpeehadtanpssea E E T E E E A 82 12 4 InformatiGn Bays ss ssei SEEEN EEEE EEE ATE AE EE A E A EEEE EAEE NE E T EET 83 12 5 Virtual Domain S serta a a aan tah bach a a A E A 83 JEETS aa A B i1 EAEE AEE A I E EAEI IA A AE A AEE 85 D3 Te Stats ea a R RE A REE RBG RSE TE 85 13 22 Varits PEOCE COM EEEE EE EEEE REEE c ok
51. X315 ZX342 ZX344 ZX345 ZX346 ZX348 ZX351 mentioned above for confirmation Alteon AceNIC Gigabit Ethernet Compex RL2000 DEC Tulip KTI ET32P2 NetVin NV5000SC RealTek RTL8029 RTL8029AS RTL8129 8139 VIA Rhine VT86C926 Amazon Chapter 5 Hardware Requirements of the SME Server V5 with ServiceLink Host Computer e Winbond 89C940 5 6 Supported SCSI Adapters If the computer you plan to use for your server has a SCSI hard disk your SCSI adapter must be supported by Red Hat Linux 7 1 PLEASE NOTE Only PCI SCSI adapters are supported by the SME Server V5 with ServiceLink Furthermore they must contain a SCSI BIOS so that the PC can boot from the SCSI disk Note As SME Server V5 with ServiceLink is based on Red Hat Linux version 7 1 PCl based SCSI adapter that can work with Red Hat Linux 7 1 should also work with SME Server V5 with ServiceLink You can find an up to date searchable database at Red Hat s web site at http hardware redhat com redhatready cgi bin us db hcl cgi Choose Storage Device Controller from the Hardware Category menu Because there are a very large number of SCSI adapters supported the list below contains the overall categories of supported adapters If your adapter falls into one of these categories it is probably supported Please check with your Mitel Networks Corporation service representative to verify support for your card Be aware that your Mitel Networks Corporation service representativ
52. alled a server or an e smith server and gateway and now wish to upgrade to version 5 0 you can do so while preserving your configuration data To do so select Upgrade from the appropriate screen in the installation process While the upgrade should proceed smoothly we do recommend that you back up your system prior to performing this upgrade just to be safe Warning It is not possible to use the Upgrade option to add software mirroring RAID1 to an existing server If you previously installed software mirroring with server version 4 1 you should be able to upgrade without any problems However if you want to upgrade a version of the server server prior to 4 1 or an server 4 1 that was not installed with software mirroring to use software mirroring RAID1 support you should 1 perform a backup through the server manager 2 perform a fresh install selecting the software mirroring option 3 restore the backup through the server manager If you do choose to use software mirroring in version 5 0 we expect that you will be able to upgrade to future versions of the SME Server V5 with ServiceLink 33 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software 6 4 Installing the Software Note If you are configuring your system with RAID1 support notice that your step 4 below will be slightly different If you skipped the previous section on RAID it would be advisable to read it before proceeding Step 1
53. ally in Q2 kb Delete Undelete Hide Deleted Expunce J Logout Selectall Select none Move Copy Selected mail to TI Let s take a quick tour of the Inbox window In the top left corner is a pop up menu that shows the list of your available mail folders In your first webmail session the only folder choice will be INBOX As soon as you send an e mail message a folder called sent mail will be created and available in the menu You can also create additional mail folders at any time In the top center portion of the window is a status message indicating the folder you are in and the number of new or recent messages in that folder On the left side is a navigation menu allowing you to compose new messages modify contacts create folders modify preferences or logout of the webmail system In the main part of the window are the actual messages Each message has an icon denoting its status at the far left the date time of the message who it is from the subject and the size Messages may be sorted by clicking on the column heading You can read a message simply by clicking on the subject or sender of a specific message The envelope arrow icon that you can see in the status area of the second message in the image above indicates that this message is new We will describe the various functions in greater detail later in this chapter but this should be enough to get you started 18 5 Logging Out of Webmail Before we discuss the features of w
54. ame password connection policy This last item may be of special interest As shown in the screen below you can configure what type of policy you wish to have in place during typical work hours If you are in a small office and wish to share your phone line between your computer and phone or fax you may wish to minimize the time you are online This is also true if your ISP charges a fee on a per minute basis On the other hand if you have a separate phone line or unlimited time with your ISP you might want to have long connection times or a continuous connection Warning If you are using a dial on demand link to your ISP please be aware that you can incur very steep phone charges due to dialup connection attempts to the ISP We are aware of at least one case in which a failed modem link at the ISP resulted in several thousand connection attempts over a couple of days and a hefty phone bill If your telephone carrier charges you per call or per minute fees we suggest that you contact your ISP and ask whether it is willing to assume responsibility if a failure at their end results in a large phone bill After configuring this policy for work hours you can then configure the policy for time outside of office hours and additionally for the weekend Notice that you do have the choice of never which would allow you to restrict your system from connecting on weekends or during off hours The connection policy defines several choice
55. ame is always admin You can change the system password using the fields below New system password ji New system password verify i 10 2 Remote Access If you re an advanced user the SME Server V5 with ServiceLink provides several different ways to access the underlying operating system either from a computer on your internal network or from a computer outside your site on the Internet Additionally you have the ability to access your computer network securely from a remote computer All of these operations are configured from the screen shown below in the server manager 62 Chapter 10 Security Change remote access settings For each of the options below the private setting allows anyone from your local network to access your March Networks server The public setting allows access from anywhere on the Internet The no access setting disables access To understand the security implications of changing these options from the default settings you should read the user s guide section on remote access You can control secure shell openssh access to your March Networks server The public setting should only be enabled by experienced administrators for remote problem diagnosis and resolution We recommend leaving this parameter set to no access unless you have a specific reason to do otherwise Secure shell ssh access Public Allow administrative command line access over ssh yes O i Allow ssh access
56. ange The usual range maximum is 254 Normally the end of DHCP address range cannot exceed 254 If you have more than 253 computers on your network and would like to exceed this range maximum you can use a Class B or Class A non routable address for your network In this case the number entered in the end of range field needs to be calculated and entered a little differently If you fall into this category we recommend you contact Mitel Networks Corporation or a Mitel Networks Corporation partner for assistance Note that the default range maximum is 250 As explained below this is to allow a few static addresses at the end of the range The local IP address assigned to your server itself must fall outside of this range In other words you should not assign your server a non routable IP address that is also assignable by the DHCP service to another computer on your network If your server is 47 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software assigned the IP address of 192 168 1 1 then the lowest possible number in the DHCP range should be 2 We recommend that you leave a small pool of IP addresses that can be manually assigned Some of the computers or devices such as network printers on your network may not be able to accept DHCP service Therefore it is preferable to exclude some IP addresses from the DHCP range so they are available to be assigned manually to those computers For example using th
57. ascescaesacaetesvayes acestahctetgbetet sets NEEE RE AA A potas beek EAE RARR 18 6 Composing Messages ine 18 7 Reading MESSABES S J ornar iia ee e a aaa e ea a ao a e A E EEE E A EE EEE EAEE NAO EE EEEE Ea Eai Dieet 18 8 Deleting Messages vratane E R a e a a A A E eea EE SEE 18 9 Using Contacts ios nas Ee E EE E A EEA E A A UN A NAE 18 10 Changing Webmail Preferences assorsrntin eriein oean A a EAEE AAAS ER AE A EAEE EENE Eer 19 Additional Soft ware cssscsscscssssssssssssssssscssssssssecessscsssssssecsssessassesssssesesessesessessssesensessesesessessessesesenseseesseessseesessesseseseeseseese A Introduction to the Ethernet Local Area Network LAN B Dynamic DNS Services sccscccsscsssesssssesssscsssesessssseeeees C Proxy Servei S seceisccieldesccsecsescdsccasecncshessnstusseeucssucusscnscesecetesendssseesbccecsacsessonsessicsnsiantenscssenutsastecnscatessscsoscsddessessavascseustasessacencsdecsesensvosee D Technical Support cscccssscssssssssscsscesssssssscsssssessscssessssesssscessssesessessesessssescesesssssssesessessecsesseseasessasesseseseessssesessesessessesesensesoases E ServiceLink End User License Agreement sssccsssssscsssscssssssssssssscsesecssscesssscsescessssessecssssssessesscsessessssessssesessesessesscsescesesenes F GNU General Public License scscccssssssscssssssssscssesseseessscesssssessssscsesecsesessessesessesessesscssssssesessessesessessssesssseseasesessesscses
58. at 100 MB sec are suitable for larger networks Switching 10 100 MB hubs can operate at either speed and provide a good way to upgrade your network gradually An ethernet adapter also called an ethernet card or network interface card NIC connects each computer to the ethernet LAN An server with a dedicated Internet connection requires two ethernet adapters one connects it to your LAN and the other connects it to the external network that leads to your ISP If your server connects to your ISP using a modem it only requires one ethernet adapter A router ensures that Internet data packets e g e mail web page information etc reach the appropriate computers on your network Routing is one of the functions performed by the server in server and gateway mode ISP and on to the internet special phone line Router transfers traffic from server to ISP via a special phone line Some configurations require a ethernet hub in between server and router cable Two ethernet adapters NICs fel lt are installed on the server ethernet cable _ Ethernet adapters NICs connect a each computer to a network Allowing a third party such as a systems integrator or networking company to install your ethernet can be a good idea It can help you select procure and install the appropriate ethernet adapters hub and cables There are also various how to guides available in bookstores if you are committed to installing it on your own
59. ative password you will be in the server console From here you can change the server configuration access the server manager through a text browser or perform other server console tasks If you do enable ssh access you have two additional configuration options Allow administrative command line access over ssh This allows someone to connect to your server and login as root with the administrative password The user would then have full access to the underlying operating system This can be useful if someone is providing remote support for your system but in most cases we recommend setting this to No Allow ssh using standard passwords If you choose Yes the default users will be able to connect to the server using a standard user name and password This may be a concern from a security point of view in that someone wishing to break into your system could connect to your ssh server and repeatedly enter user names and passwords in an attempt to find a valid combination A more secure way to allow ssh access is called RSA Authentication and involves the copying of an ssh key from the client to the server This method is supported by your server but is beyond the scope of this manual and will eventually be covered by additional documentation on the e smith org web site Note By default only two user names can be used to login remotely to the server admin to access the server console and root to use the Linux shell Regular users are
60. ave a dynamically assigned IP address It is a simple affordable way to ensure continuity of service when your IP address changes Please read the next section on dynamic DNS for more information about dynamic DNS If you are using ADSL and need PPP over Ethernet choose Option 3 You will then be asked for the user name and password you use to connect to your ISP Note that some ISPs require you to enter their domain name as well as your user name What is PPPoE PPPoE is the Point to Point Protocol over Ethernet Essentially it is an implementation of the popular PPP protocol used for dialup connections only configured to run over an Ethernet connection Many ISPs that provide ADSL connections use PPPoE as the method of connecting their customers to the Internet over ADSL 43 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software If you have a static IP address and your ISP does not offer DHCP or PPPoE then your ISP will give you the static IP address subnet mask or netmask and the gateway IP address of the device that your server should connect to in order to communicate with the Internet Assuming you have this information on hand you can go ahead and select Option 4 Successive screens will prompt you to enter each parameter 6 11 4 Configuring Dynamic DNS If you choose either of the DHCP options or PPPoE you will be presented with an additional screen where you can choose which dynamic DNS servi
61. aveDraft Send Message f moz From Fred Frog lt ffrog tofu dog com gt To Bob Bass lt bbass e smith com gt chi Bee D D D VY Subject Attachment Browse araa ea w Fred Frog Sales Executive ffrogetofu dog com The Pagan Vegan http www tofu dog com D D In either case you will find yourself viewing a window that looks like the one below ontacts Close Window Address Nickname Fullname icma parecon uponecon Insert into To Insert iato Ce Insert nto Bec LDAP Search Searchthe Company Directory LI directory wherethe Name C3 can A LDAP search results will be listed here If this is the first time you have entered the Contacts window you will not see anything next to the Select button Normally though you will see a pop up menu with all of your contacts in it as seen in the window above where bob lt bbass e smith com gt appears To enter a new contact simply type the e mail address a nickname that will appear in the Contacts list and the full name of the person You must fill out all three fields Then click Add Contact To update a contact s information select the user s name address from the contacts pop up menu The information should automatically appear in the fields If it does not after selecting the entry from the pop up menu press the Select button next to the menu Enter the
62. ble or object code is made by offering access to copy from a designated place then offering equivalent access to copy the source code from the same place counts as distribution of the source code even though third parties are not compelled to copy the source along with the object code 4 You may not copy modify sublicense or distribute the Program except as expressly provided under this License Any attempt otherwise to copy modify sublicense or distribute the Program is void and will automatically terminate your rights under this License However parties who have received copies or rights from you under this License will not have their licenses terminated so long as such parties remain in full compliance 5 You are not required to accept this License since you have not signed it However nothing else grants you permission to modify or distribute the Program or its derivative works These actions are prohibited by law if you do not accept this License Therefore by modifying or distributing the Program or any work based on the Program you indicate your acceptance of this License to do so and all its terms and conditions for copying distributing or modifying the Program or works based on it 6 Each time you redistribute the Program or any work based on the Program the recipient automatically receives a license from the original licensor to copy distribute or modify the Program subject to these terms and conditions You may not impose
63. case you someday decide to link your server to another server using an IPSEC VPN When you do each server will need a unique name Using some type of theme such as location names may be an effective way to ensure unique names 6 8 Configuring Your Local Network 6 8 1 Selecting Your Local Ethernet Adapter An ethernet adapter also called an ethernet card or network interface card NIC is a special piece of hardware that serves as the interface between a computer and the ethernet network It connects your computer and the ethernet allowing the computer to communicate with other computers and devices on the network 36 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software A computer needs a special software program called an ethernet driver to use an ethernet adapter Which ethernet driver is required depends on which ethernet adapter is installed on your computer You will first need to select the appropriate driver for the ethernet adapter connected to your local network a shown in the screen below If you are using a PCI ethernet adapter that appears on our supported list it is likely that your server will be able to detect your hardware automatically and you will simply be able to choose option 1 Use xxxx for chipset yyyy where xxxx and yyyy are specific to your hardware If the software fails to detect it correctly you can manually select the appropriate driver for your eth
64. ce you wish to use The server is pre configured to operate with four dynamic DNS organizations yi org http www yi org dyndns com http www dyndns com dyndns org http www dyndns org and tzo com http www tzo com You can elect to use a different service but doing so would require some customization of the server Once the service is selected the subsequent two screens will prompt you to enter your account name and the password for your account These two parameters would be given to you by the service Note that the dynamic DNS service may place restrictions on which domain name you can use for your company Please read Appendix B on dynamic DNS for more information about whether a dynamic DNS is right for you 6 12 Configuring the Server for Server and Gateway Mode Dialup Access If you select dialup access successive screens will ask you for the following information information regarding the modem connection with your ISP including the serial port your modem is connected to 1 Your modem documentation may indicate which serial port is used by the modem You may also be able to visually identify which port your modem uses 44 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software modem initialization screen most users can simply leave this blank but with some particular modems additional information may need to be entered here e the dialup access phone number usern
65. ces that refer to this License and to the absence of any warranty and give any other recipients of the Program a copy of this License along with the Program You may charge a fee for the physical act of transferring a copy and you may at your option offer warranty protection in exchange for a fee 2 You may modify your copy or copies of the Program or any portion of it thus forming a work based on the Program and copy and distribute such modifications or work under the terms of Section 1 above provided that you also meet all of these conditions a You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change b You must cause any work that you distribute or publish that in whole or in part contains or is derived from the Program or any part thereof to be licensed as a whole at no charge to all third parties under the terms of this License c If the modified program normally reads commands interactively when run you must cause it when started running for such interactive use in the most ordinary way to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty or else saying that you provide a warranty and that users may redistribute the program under these conditions and telling the user how to view a copy of this License Exception if the Program itself is interactive but does not normally print such an announcement yo
66. choose to provide insecure access which we do not recommend the URL would begin with http instead of https You will need to provide your users with whatever URL will get them to your server Note that if your server is behind another firewall that firewall will need to allow traffic through on TCP port 443 in order for SSL connections to take place 18 3 Logging In Once connected a user will immediately be confronted with a login screen similar to that shown in the screen below From this screen you can read the help menu by clicking on the link for New User Introduction at the top of the page or login with your normal network user ID and password Note that IMP supports a wide variety of languages for users for whom English is not their native language Or who have some desire to have menus in a different language A Welcome to IMP Please login IMP Version 2 2 3 welcome to IMP Qrew User Introduction Usemame Language English login 18 4 Viewing The Inbox Once logged in you will see your inbox as shown in screen below 114 Chapter 18 Webmail Mailbox INBOX 1new 0 recent Di INBOX 1 2 of 2 Messages Sf Selectall Select none Move Copy Selected mail to EI f mox 2 Delete Undelete HideDeleted Expunce B Date E From E Subject size g a 09 05AM ssalmon tofu dog com TPV Staff Meeting Tuesday 9am 701 e a 3 09 05AM ssilmon tofu dog com Sales numbers increased dramatic
67. correctly Unfortunately the popular OnStream tape drives do not at the current time work with Red Hat Linux version 7 1 and hence are not supported by your SME Server V5 with ServiceLink We have tested the following tape drives and know that they work with the SME Server V5 with ServiceLink Table 5 9 Supported SCSI Tape Drives Vendor Model Revision Format HP35470A T603 DAT sony Sx 3000 0400 alr Table 5 10 Supported ATA IDE Tape Drives Vendor Model Revision Format STT20000A sas C S We have tested and verified that the following tape drives do not work with the SME Server V5 with ServiceLink Table 5 11 Unsupported ATA IDE Tape Drives Vendor Model Revision Format OnStream DI30 tr If you do not have one of the supported drives listed above you may want to check with http hardware redhat com for information about how well that drive will work with Red Hat Linux 7 1 Note If your tape drive is not listed at Red Hat s site you can visit http Awww linuxtapecert org to see if your tape drive vendor is participating with that tape drive certification effort Be aware that some of the solutions developed to get certain tape drives to work with Linux may require kernel modifications and only be attempted by experienced developers Please consult your Mitel Networks Corporation service representative for more information 30 Chapter 5 Hardware Requirements of the SME Server V5 wit
68. count locked out the user will not be able to access services on your server but the e mail will be delivered to the external e mail address 80 Chapter 12 Collaboration 12 1 1 Disabling User Accounts There may be times when you do not wish to delete a user account but instead merely want to disable it For instance when an employee leaves the company you may want to immediately remove their access to the server but still keep their files or e mail address active until the information can be examined To disable any user account on your server just click on the Lock Account link on the User Accounts web panel As soon as you click the link the account will be locked out The user will no longer be able to retrieve e mail or connect to any files or other resources on the server When an account is disabled e mail will still be received for that user name but the user will be unable to retrieve the e mail As noted above if a user account is set to forward e mail to an external e mail address the e mail will be forwarded to that external address To prevent this you will need to modify the properties for that user account To re enable the user account you need to reset the password using the link on the User Accounts web panel 12 1 2 Changing User Passwords Once they have an active account your users can set their own passwords by accessing the user password URL They do this through their web browsers by visiting the URL www y
69. d them carefully BY CHECKING THE I ACCEPT BOX YOU ARE STATING THAT YOU AGREE TO BE BOUND BY ALL TERMS AND CONDITIONS OF THIS AGREEMENT IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT YOU ARE NOT AUTHORIZED TO CONNECT TO THE SERVICES THE SERVICELINK SERVICES ARE OFFERED TO YOU ON THE CONDITION THAT YOU ACCEPT THE TERMS CONDITIONS AND NOTICES CONTAINED HEREIN WITHOUT MODIFICATION 1 MEMBER ACCOUNT PASSWORD AND SECURITY To register for the ServiceLink Services you must complete the registration process by providing your Mitel Networks Authorized Integrator with current accurate identification and address information Furthermore you are entirely responsible for any and all activities that occur under your account You agree to notify Mitel Networks immediately of any unauthorized use of your account or any other breach of security 2 NON EXCLUSIVE LICENSE FOR SERVICELINK SOFTWARE Mitel Networks hereby grants you a non exclusive license to use the ServiceLink Software solely for the purposes of utilizing the ServiceLink Services during the Subscription Period You may not 1 modify translate or create derivative works based on the ServiceLink Software or permit other individuals to do so 2 decompile disassemble or reverse engineer any client or server based component of the ServiceLink Software 3 rent lease sell or otherwise transfer rights to the ServiceLink Software 4 remove or allow to be removed any patent tradema
70. d to provide customers with access to this information online To accomplish this TPV created a download i bay called menus where customers can download the catalogue files themselves and view the contents on their desktop machines 107 Chapter 16 Information Bays i bays Create a new information bay The information bay name should contain only lower case letters numbers periods hyphens and underscores and should start with a lower case letter For example johnson intra and cust3 pri12 are all valid names but Sassociates John Smith and Bus Partner are not Information bay name menus Brief description samples of menus invitations etd Group Everyone og User access via file sharing or user ftp Write Group Read Group oq Public access via web or anonymous ftp Entire Internet no password required Execution of dynamic content CGI PHP disabled lt 1 Sl User access modes marked with an asterisk are not supported by the Macintosh file sharing component If you select one of those modes this i bay will not be available via Macintosh file sharing The public access mode password required outside local network is not supported by the FTP server component If you select this mode the FTP server will require a password both inside and outside the local network for this i bay Create TPV set the i bay for Administrator only write access viewable over the entire Internet
71. data files from a March Networks SME Server or e smith server tape backup The restore should be performed on a freshly installed March Networks SME Server Ensure that you have loaded the desired backup tape into the tape drive before proceeding After the restore completes you must reboot the server Restore From Tape 14 3 Reinstallation Disk Using this section of the server manager you can create a reinstallation diskette which will aid in the recovery process in the unlikely event that you encounter a system failure and are required to reinstall the software The reinstallation diskette will record system and network configuration data for your current system so that you will not need to re enter that information when you reinstall Warning Each time you alter your system configuration you MUST make a new reinstallation disk or overwrite your old one Otherwise your existing reinstallation disk will not contain your updated configuration data which means that after reinstalling the software you will not automatically see your most recent data Note Be aware that when you are performing this task the diskette must be in the server diskette drive NOT the diskette drive of your local desktop computer 93 Chapter 14 Administration Create reinstallation diskette This option will create a reinstallation boot diskette for your March Networks server This provides automatic configuration of the system and networkin
72. e 192 168 1 0 block of addresses the default beginning of DHCP address range is 192 168 1 65 This ensures that non routable IP addresses 192 168 1 2 through 192 168 1 64 are available to you if any computers on your network cannot accept DHCP service Additionally the default end of 192 168 1 250 leaves addresses 192 168 1 251 through 192 168 1 254 available 6 14 Further Miscellaneous Parameters 48 There are a few final connectivity related parameters that must be entered into your SME Server V5 with ServiceLink Master DNS server The first option is for a master or primary DNS server You should only configure this value if your server is behind a firewall and cannot perform direct queries to Internet DNS servers Most installations should leave this setting blank You do not need to configure your server to use your ISP s DNS servers Note Your SME Server V5 with ServiceLink contains a fully functional caching DNS server and in almost all cases you will not need to enter the address here for a DNS server However some corporate firewalls restrict DNS queries from internal DNS servers If that is the case you will need to supply the address for an external DNS server External proxy server The next screen allows you to configure your server so that the computers on your network will use a proxy server outside of your own network Some Internet Service Providers may require this Additionally if your server is behind an
73. e password protected e mail and file storage areas If this is the first time you are setting up user accounts for your organization you will need to establish what your naming convention will be Let s assume you ve decided that the account name should consist of first initial and last name So if you have an employee named Fred Frog Fred s user account would be ffrog Assuming your domain name is tofu dog com Fred s e mail address would be ffrog tofu dog com Fred s file directory on the server would also be named ffrog There are some basic rules built into the server as to what constitutes a valid account name The account name must contain only lower case letters and numbers and should start with a lower case letter not a number User account names are limited to twelve characters to maintain consistency with various versions of Windows Longer names can be created for e mail through the Pseudonyms panel For your information pseudonyms of firstname lastname and firstname_lastname are automatically created for each account Create remove or change user accounts Click here to create a user account You can modify lock or remove any account or reset the account s password hy clicking on the corresponding command next to the account If the account is marked as locked that means that the user s password needs to be reset Please note that newly created accounts are automatically locked until the password is cha
74. e you should go through this screen once and manually set the time to be correct and with the correct timezone After doing that go back to this panel and set the server to use a network time server 11 2 Workgroup If you are using a computer on a local network and you wish to access the server via Windows file sharing it is important that you are logged onto the same workgroup as your SME Server V5 with ServiceLink This screen allows you to enter the name of the Windows workgroup the server should appear in You should also enter the Windows server name In order that you may later connect multiple locations using IPSEC VPNs we suggest that you use a different name for each server If you wish you can change the workgroup name to correspond with an existing workgroup Macintosh users need only enter a server name or accept the defaults Change workgroup settings Enter the name of the Windows workgroup that this March Networks server should appear in Windows workgroup Inarch networks Enter the name that this March Networks server should use for Windows and Macintosh file sharing Server name ottawa Should this March Networks server be the domain master for your Windows workgroup Typically the answer should be yes unless a Windows server is already performing this role on your network Domain master Yes 0O Save Also in this section you can specify whether the server should be the domain master for your Windows workgro
75. e NTP server below Enable NTP Service I Save NTP Settings NTP server Instead of setting the time manually you can use a network time server A time server is a device on the Internet that keeps accurate time and is able to communicate the time to other computers over the Internet using the Network Time Protocol NTP Many organizations around the world provide Internet time servers for free 68 Chapter 11 Configuration Warning After you start using a network time server you should NOT set the time or date manually If you do so the network time synchronization will no longer function This screen in the server manager allows you to configure your server to connect regularly to a time server and synchronize the clock on the server with the time provided by the time server To do this simply check the box for Enable NTP Service add the domain name or IP address of the time server in the space provided and click Save NTP Settings Using a time server is optional but doing so can greatly increase the accuracy of your system For more information about using a network time server visit http www ntp org You can also find a list of publicly available time servers at http www eecis udel edu mills ntp servers htm You should always use a secondary time server also called a stratum 2 server to lighten the load on the primary time servers Tip In order to make sure the network time server is set to your timezon
76. e Pagan Vegan Intranet 7 abject s By clicking on her own user directory khedges she can see all of the work and personal files she has chosen to store on the server as shown in the image below 109 Chapter 17 User File Storage on the SME Server V5 with ServiceLink ff khedges on E smith server ol File Edit View Help H a 2 schedule doc old catalog pdf bus plan doc contacts x Is w budgetxls customerrec advertiing doc staff reviews l dD w A A w recruitment d thanks doc interest doc tepeat doc w v r vendor doc linux upgrad staff home s art al doc personal 17 obiectis 24 4KB Note that for users who are on a Windows network the user must be logged onto the network with the name and password associated with the server user account To do so open the Start menu Select Shut down Select Close all programs and log in as a new user Enter the username in our example above it would be khedges Enter the current password for that user on the server If you change the password on your server you must also change the password for admin on your PC To do this e Use the File Manager to search for the file admin pwl e Delete this file and simply log into Windows networking as above 17 2 Macintosh OS To use file sharing from a Macintosh computer you will need to be set up to use AppleTalk over Ethernet and to commun
77. e may not be able to support you if choose to use a SCSI adapter that is not on our supported hardware list Please consult your Mitel Networks Corporation service representative for more information Note n the list below the use of an x symbolizes a wildcard For example AHA 29xx indicates it applies for the AHA 2930 as well as the AHA 2940 and any other models beginning with AHA 29 Adaptec AIC 78xx AHA 29xx AHA 394x 29160 39160 AHA 1520B Advansys ABP510 ABP514x ABP930 40 ASC1200 AMI MegaRAID e Artop Electronic Corp AEC671x Dell PowerEdge RAID Controller 2 Expandable RAID Controller 2 3 Future Domain TMC 18C30 HP NetRAID 4M IBM ServeRAID ICP Raid Controller GDT 6xxx GDT 7xxx 1 Note that the firmware on this controller may need to be updated before it can work your server See http www e smith com faq for more information 29 Chapter 5 Hardware Requirements of the SME Server V5 with ServiceLink Host Computer e Initio Corp INI 940 INI 950 INI 9100 9100W 360P e Intel 80960RP e Mylex BusLogic FlashPoint Series MultMaster 01 10 e Symbios 53c1510 53c8xx e QLogic QLA10160 1080 1240 1280 2100 2200 12160 5 7 Supported Tape Drives If you intend to use the tape backup capabilities of the SME Server V5 with ServiceLink you must have a tape drive that will work with a Linux system We believe that most SCSI tape drives and many IDE tape drives will work
78. e opening screen of the SME Server V5 with ServiceLink server console will appear If you set the server console mode to login you will be given a login prompt After you enter the user name admin and your system password you will see the server console screen above Note Any time that you login to your system as the admin user you will see the server console This is true even when connecting to the server remotely using a tool such as ssh discussed later in the chapter on Remote Access The server console provides you with basic direct access to your server From the server console you can get the following information and perform the following tasks Option 1 Provides you with uptime information about your server Option 2 Allows you to view and modify the configuration information you entered during the original installation ethernet cards IP address information DHCP DNS domain names etc Option 3 Provides you with a summary of the configuration parameters entered into your server Option 4 Allows you to test your Internet access by sending a small test packet of information to a server on the Internet located at Mitel Networks Corporation which will confirm that your server is communicating on the Internet Option 5 Allows you to smoothly reboot or shut down your server Option 6 Provides you with a means to access the web based server manager using a text based browser This is the same interface to which y
79. e provider If you have a dedicated connection set E mail retrieval mode to Standard If you arranged ETRN support with your ISP choose that setting and then scroll down to the field that asks for the IP address or hostname of your ISP s secondary mail server This secondary mail server will provide temporary e mail storage when your server is not connected to the Internet If you arranged multidrop mail service from your ISP choose multidrop and then scroll down to the field that asks for the IP address or hostname of your ISP s secondary mail server This secondary mail server will receive all e mail for your domain and store it in a single POP mailbox Further down the screen you will need to specify the user account and password assigned by your ISP for this POP mailbox Your server will periodically fetch this mail and distribute it to individual POP mailboxes on the server Note that due to problems receiving mail for mailing lists we strongly encourage people to NOT use multi drop e mail Ifyou are a ServiceLink subscriber choose Guaranteed e mail in order to activate the guaranteed e mail services If you want to forward e mail to another mail server for processing enter the mail server IP address in the box marked Delegate mail server A common use for this is if your server is receiving inbound e mail from the Internet but you would like to pass that mail to a different mail server on your internal network
80. e virus The message itself will be quarantined in a special mailbox where the administrator can examine the message and determine what to do with it Virus pattern files contain the information required to accurately identify viruses As new viruses are detected anti virus software manufacturers update their pattern files Your server s virus scanning service automates the downloading and installation of new virus pattern files and ensures that the server is always capable of identifying the latest known threats Note The ServiceLink virus protection is limited to 100 users If you configure your system for more than 100 users virus protection will automatically be disabled The service can however be upgraded to support more than 100 users Please contact your partner for more information Il Chapter 3 ServiceLink 12 Guaranteed E mail This service provides a backup e mail service if a server becomes unreachable and cannot receive mail The most common reason for this is a temporary failure of the Internet connection provided by your ISP With ServiceLink mail that cannot be delivered to your server will be stored at the NOC Simultaneously notifications are sent to your Mitel Authorized Partner who can investigate the cause of the outage This service uses what is called an MX secondary Every domain name on the Internet has a record in the DNS which indicates which system should act as its primary mail exchanger MX for short
81. eadable source code which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange or b Accompany it with a written offer valid for at least three years to give any third party for a charge no more than your cost of physically performing source distribution a complete machine readable copy of the corresponding source code to be distributed under the terms of Sections and 2 above on a medium customarily used for software interchange or c Accompany it with the information you received as to the offer to distribute corresponding source code This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer in accord with Subsection b above The source code for a work means the preferred form of the work for making modifications to it For an executable work complete source code means all the source code for all modules it contains plus any associated interface definition files plus the scripts used to control compilation and installation of the executable However as a special exception the source code distributed need not include anything that is normally distributed in either source or binary form with the major components compiler kernel and so on of the operating system on which the executable runs unless that component itself accompanies the executable If distribution of executa
82. ebmail it is important to emphasize that you must always click on the Logout menu item when you are finished using webmail If you do not do so anyone else who uses your web browser on your computer until you exit your web browser or logout of shutdown your computer will be able to read your messages and send messages from your account After a successful logout you will see a message at the top of a webmail login screen similar to that in the image below Welcome to IMP Please login IMP Version2 2 3 welcome to IMP Youtave been logged out of IMP Thank you for using the system If you wish to log inagain please use the form below Verama Passrora Language English a 115 Chapter 18 Webmail 18 6 Composing Messages To compose a new message click on Compose in the menu on the left You should see a screen similar to that below Message Composition 0 new 0 recent Spell Checkin English C Cancel Message Save Draft Send Message Fred Frog lt ffrog tofu dog com gt To issalmon Celi Bec Subject Do we have the budget to send me to LinuxWorld Attachment Browse Options M contacts I think it would be an excellent opportunity for me to network Please let me know Thanks Fred Fred Frog Sales Executive ffrog tofu dog com The Pagan Vegan http www tofu dog com At the top of the compose screen your available options include
83. ecial privileges and access For example only machines connected to the local network can access the mail server on your server to send mail When you configured your server you provided it with sufficient information to deduce its own local network Machines on the network are automatically identified by the server as being eligible for these privileges and access Chapter 10 Security Add or remove local networks For security reasons several services on your March Networks server are available only to your local network However you can grant these local access privileges to additional networks by listing them below Most installations should leave this list empty Click here to add a local network No additional local networks on file If your company only has one network that is being serviced by the server you do not need to add any information here Some advanced users may wish to extend privileges to more than one network of computers If you would like your server to identify one or more additional networks for those privileges you will be asked to enter those network IDs and the subnet mask for each network here Note that depending on the architecture of your network infrastructure the instructions for configuring the client machines on that additional network may be different than the instructions outlined in the chapter in this manual If you have questions regarding adding another network you may wish to contact Mitel Networ
84. eesesoeres Chapter 1 Welcome to your SME Server V5 with ServiceLink Congratulations on choosing the SME Server V5 with ServiceLink as your communications server Companies all over the world are using the Internet to communicate more effectively and efficiently to a broader audience The SME Server V5 with ServiceLink is founded upon state of the art technologies such as the Linux operating system which have been mainstays in the infrastructure of larger organizations for several years Mitel Networks Corporation has customized these technologies to make them straightforward to use while still giving you local control over your Internet services The result is a cost effective Internet infrastructure that will reliably serve your organization as it grows and as its use of the Internet evolves In keeping with our commitment to open source software we encourage you to share this software with your friends and colleagues Mitel Networks Corporation and its Authorized Partners provide reasonably priced services including technical support to those organizations wanting the comfort of knowing that expert help is available when needed Contact us at 1 888 ESMITH 1 or 1 613 564 8000 or visit our website http www e smith com for a list of Authorized Partners and for more information about support options reseller programs and the worldwide community of server developers and customers 1 1 About This Guide This user s guide walks you ste
85. ense practices Many people have made generous contributions to the wide range of software distributed 132 Appendix F GNU General Public License through that system in reliance on consistent application of that system it is up to the author donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License 8 If the distribution and or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries so that distribution is permitted only in or among countries not thus excluded In such case this License incorporates the limitation as if written in the body of this License 9 The Free Software Foundation may publish revised and or new versions of the General Public License from time to time Such new versions will be similar in spirit to the present version but may differ in detail to address new problems or concerns Each version is given a distinguishing version number If the Program specifies a version number of this License which applies to it and any later version you have the option of following the terms and conditions either of that version or of any later version pub
86. ernet adapter from a list of drivers or from a list of ethernet adapter models After the appropriate driver is selected select OK and proceed to the next screen 6 8 2 Configuring Local Network Parameters Your SME Server V5 with ServiceLink needs information about your local network in order to communicate with the other computers on your network This includes the IP address and the subnet mask on your server s internal interface Because your server acts as a gateway and firewall these will differ from the IP address and subnet mask on the external interface If you plan to operate in server and gateway mode explained in greater detail below your server will act as a relay between your local network and the Internet Because no computer on your local network other than your server directly interacts with the external world the IP addresses assigned to those computers need only be unique with regards to your local network It doesn t matter if a computer on someone else s local network uses the same IP address because the two machines will not be in direct contact As a result we are able to use special non routable IP addresses for your local network including the internal interface of your server 37 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software If you have no reason to prefer one set of IP addresses over another for your local network your server will prompt you with default param
87. erviceLink Host Computer sssccssssssssssssssssssssscsssssssnsssscssssseseees 23 5 1 Hardware Requirements for a Category 1 Server oo cc ccccecsceessceseseeecseeecseesesecscecseeescsecscecseescseeessesseseesenesseeasaceesaeeesseeass 23 5 2 Hardware Requirements for a Category 2 Server cceeeceseeescsessceseseescseeeescesesesscecseseescsecscecseescseeessesasseeaeeesseearseeesseeeseeeaes 24 5 3 Hardware Requirements for a Category 3 Server wo cccceesesesseesseeseseescseeecscesesesscsecseseescsecscecseescseeessesacseeseeesssearaeeesseeeseeeaes 25 5 4 Hardware Requirements for a Category 4 Server oi cececsescsssessceseseeecseeecscescsecsesesseseescsecscsecseeacaeeessesaeseesesesssearaeeesaeeeseeeaee 25 3 9 Supported Ethernet Adapters crn ne e ene EE EERE EA sevens APEERE REA EAE 26 5 6 Supported SCSI Adapters a 5 7 Support ed Tape Drives mern te ive wee see ee reece etn Jee ieee cate A Se ol eld ts ol E ot bal aide eet a vets 6 Installing And Configuring Your SME Server V5 with ServiceLink Software ssccccscssssssssscssscssssscsscesssesssscessssessseeseeees 32 6 1 Licensing Terms and Coriditions 2 2 c c siecessessizendsnpeescasect ngensudecnhedgentesseeheseduvectessscdesevssebsucedesegudehcepgnvesdgnees aneedancedenaeriie 32 6 2 RAID Support Disk Mirroring s 23 sce adesesteseuzendisusscscerertenpentedsontedgensedseqnasedevecebsssusdessevsedsvsgbedesdehvesdgnvescanees geantdancbiesiceiie 32 6 3 Upgrading
88. es 24x7 Alerts and Reporting This service provides round the clock monitoring of your server and your Internet connection By default your server will synchronize with our NOC once each hour This can be customized by your Mitel Authorized Partner If the server fails to check in an alert is sent to your Authorized Partner and if desired your network administrator In addition Mitel Networks Corporation compiles monthly reports summarizing all ServiceLink activity for your Mitel Authorized Partner who in turn can share the information with you These reports include such details as network performance e mail delivery problems and viruses detected Among other things this information can help you and your partner assess the reliability and quality of your Internet connection It can also assist in analyzing the security of your network e Virus Protection This service provides automatic setup and configuration of e mail virus scanning services Your server includes special virus scanning software When you subscribe to ServiceLink your Authorized Partner will activate this special software Your server will then download the latest virus pattern files from the Mitel Networks NOC All e mail messages and attachments received from that point on will be scanned for viruses In the event that a virus is found the message will not be delivered Instead the sender all intended recipients and your Mitel Authorized Partner will be notified of th
89. esas ooh oad E a ass RT RE RE PRN 86 133 DINES E ta E AA E AEAEE TESSE ot basses thet deeb stata soo veh Saabs A pap ee ans ba Nea DR Bs Mohs 87 T3AGTPSEC V ENS EI E A A basco ach costo snc au eth E E E EEA A uke bbnts oes aie sas es ates eG noe ab eed apes Seas Re OR ARES 88 TA A AMINISEFATION sosssisscsscscescossesscsecicctsoseccesseccoobesscuceseecssosssauntosenesvaassousteceuesseanonscecossesbesecindesesnscstnesedecestecsecsss ccsecsucsessosscasecssesceasescnsees 90 4 Blades enna n a ee ee 90 142 Backup Or REStOre a e E a A aa A RA ER E E A Tao E RS 90 143 Reinsta llation Diskes ianen a E E E ERE T RENE A a R A ANAE 93 14 4 Mail Eog File Analysis aiie n aa aE ar aE Sele hace A sed N AEA ae eee ae eee 94 14 5 View Log Filess huess iinan a A a a aaa E EE eh ae oath E RE R 94 14 6 Reboot or SHUtdOw ni PEES E E A E ET EE E E E E ET TE 95 IEI E DETIT i AAEREN E EEE EEE AE AEE EE EET A O BEEE EE A 5342 Online manila PAA E E E ew A E E ENEE E E EDEN RE 15 2 Create Starter Web Siten airo s ar E OTO A A A A A A A 15 3 Support and Licensing oise ii a E EN GA en eet A bts RA ad EE E EA INA N 15 4 Other Administration Notes 16 Information Bays i bayS s sessssssssososessesosescesesososessosesosossssesesossesesesosossesesosossesososossesesossesosesossssosesossesesessssssesessssosesessssesesossesesesessess 16 1 a bay Directories sso iirc oron e e ata cee ated E A E a A A A R AR ee E 99 16 2 Accessing thei bays onae a E i a Gh O ESE E A
90. ese servers do not need to be configured into your server as the DNS server that is provided with your server will correctly resolve all local and Internet names DNS Publication of DNS Address Records The publication of DNS address information allows other DNS servers to look up your domain information Your ISP must publish DNS address records associating the name of your web server Www domain xxx FTP server ftp domain xxx and e mail server mail domain xxx with the IP address of your server 21 Chapter 4 Your Internet Service Provider ISP 22 DNS Publication of DNS Mail MX Records The publication of DNS mail MX records is the method used to inform Domain Name Services worldwide that all e mail to your domain yourdomain xxx should be delivered to your e mail server mail yourdomain xxx ETRN ETRN is a command used for dialup solutions in order to retrieve e mail temporarily stored at your ISP Gateway IP Address A gateway is the device on your network that forwards packets to and from the Internet The gateway IP address is the IP address for that device Internet News Service If you want access to Internet newsgroups your ISP will need to provide the IP address of an Internet news server The ISP will provide direction in configuring your web browser or other newsreading software PPP PPP refers to the Point to Point Protocol used when a modem connects to the ISP PPPoE PPP over Ethernet
91. essary Step 7 Finishing the installation is automatic and takes only a few minutes At the end of the process you will be prompted to remove the floppy diskette and CD and then to reboot your computer 6 5 Configuring your SME Server V5 with ServiceLink 34 Once your system has restarted so that it is no longer booting from the installation CD you are ready to configure your system If your ISP provided you with a summary of your configuration choices and network information we suggest that you keep it handy while completing the screens in the configuration section of the server console There are several types of configuration parameters that must be entered into your server the system password the type of ethernet adapters network interface cards or NICs that will be used by your server to communicate with the internal network and the Internet or external network Typically the server software will detect this information automatically Note that if you are connecting to the Internet with a dialup connection you only need one ethernet adapter configuration for the internal local network you must provide information about your internal network so that your server can communicate with other machines on your local network Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software operation mode you must select whether your server will operate in server and gateway mode or server onl
92. essesesssseseesesseseses 50 Fl Using the Text b sed Brow Ser 2 ss cesxedeese chen e os cova asd exe a sen istieed E ine dactnedaeeey cacedy cacgdh dededy enedht dadevi dabevtdaes 72 Accessing the Linux Rot Prompt sseicssceeccsessstevtedavcesdbdecsdee a a a e ods a a ae aa a 8 Configuring the Computers on Your Network z 81 What Order to do THM Sipen a EEEE E A E REA AA A EA deat eee 8 2 Configuring Your Desktop Operating System 0 sseesesseseescescseseescseescescsecseseescsecacsecsesessssesacseescecseesseessneseseesaeeeeaeed 52 8 3 IMAP Verstis POP3e2mall cacessscccsthevcstesgeeteeees tances cece tee Ces eRe eB OE aE NEVERENDER EER 55 8 4 Configuring Your E mail Application tes seesesssessesecscesesceessseessescscescssenssescsecscuassssaseseassesasseeseneesssessseesnerasseaeseeaeee 56 8 5 Configuring Your Web Browset cccsscsssesssssesesetecsecsesceseeesscssesceacseescsesacsecscsessesasaceecsenecseesenessssessesaesaeacaseeseaeaseesaseesaeeees 57 8 6 Configuring Your Company Directory c eccseseseeseeseeseeseeseescescescesceaceacesceaeeseesesseeseesecseeseeseesessessesseeseesecseeaeeaeeaeeaeeaeeaeeaees 58 9 On going Administration Using the server manager cccssssscscsssscsssscsscecssssssscesessesssssssssesessesssssssesssesssscesessessssesscsesenssseseses 60 LOS SOCCUPIEY E E E EE A O A AE E E A LOS OR ae ERSO Ko AEAEE EES E E AA AE EI PTE E T 10 2 Remote Access i 1033 TeOGal NETWOTKS ARAETA EA ANEE
93. est resolved with the vendors who support them for you 8 2 Configuring Your Desktop Operating System The dialog box where you configure your desktop differs from operating system to operating system and version to version In Microsoft systems desktop configuration occurs in the Properties dialog box associated with the TCP IP protocol for your ethernet adapter To get there go to the Control Panel and select Network If a TCP IP protocol is not yet associated with your ethernet adapter you may need to add one before you can configure its properties with the following information On Apple computers open the TCP IP Control Panel under the Apple Menu Note For a more complete example of configuring a Windows 95 client see our HOWTO document online at http Awww e smith org docs howto wintcpip howto html Item Description What to enter enable TCP IP protocol All your computers must communicate on the In Windows you add a TCP IP protocol In network using the TCP IP protocol Apple open TCP IP Control Panel disable non TCP IP Unless an application relies on a non TCP IP Turn off other networking protocols e g protocols protocol disable all other protocols NetBeui etc 52 Chapter 8 Configuring the Computers on Your Network item Description What to enter enable DHCP service See section below In Windows enable Obtain an IP address service automatically In Apple select DHCP server Note We s
94. eted Expunge Bl Date E From subject Wsize a 2001 01 09 To sales tafu dog com Meeting coming up on Thursday 1019 o eae TocpelesGitots dog cone Projections dusontHladnasday one of oranan Saliyane B zeenleel oar B Logout o 2 02 44AM Sally Salmon Staff entg Thursday 2pm 862 Delete Undelete Selectall Selectnone If you do not want to see the deleted messages you have two choices If you click on the Hide Deleted text button on the right side the messages will be hidden from view but will still be there and could be recovered with the Undelete button If you choose Expunge the messages will be permanently deleted 18 9 Using Contacts The server webmail system provides two means of keeping track of e mail addresses First you can have your own Contacts list Hide Deleted Expunge Move Copy Selected mail to EI Second you can easily access the company directory that lists all users and groups that have been created You can view and edit your contacts through two menu choices From the left menu you can choose Contacts This allows you to view or edit contacts but does not allow you to add a contact to an e mail list To add a contact you must open the Contacts window from the Contacts link in a Compose window as highlighted in the image below 118 Chapter 18 Webmail Message Composition 1 new 0 recent IMP V Compose amessage Wed 2001 ih 5 SoellCheckin English E Cancel Mesage S
95. eters that are probably appropriate in your situation Tip If you are installing servers at multiple sites within your organization you may find it useful for later troubleshooting to use different network addresses for each site Additionally if you ever want to establish an IPSEC VPN between the servers each server will need to use a different range of IP addresses Even if you are not planning to use a VPN right now it would be safest to use unique network addresses for each location If however you are operating your server in server only mode and there are already servers on your network you will need to obtain an unused IP address for your local network Next you will be prompted to enter the subnet mask for your local network If you are adding your server to an existing network you will need to use the subnet mask used by the local network Otherwise unless you have a specific need for some other setting you can accept the default setting 6 9 Operation Mode 38 After configuring your SME Server V5 with ServiceLink for your local network you will see the following screen This is where you select your server s operation mode Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software 6 9 1 Option 1 Server and gateway mode In server and gateway mode your server provides services such as e mail web services file and print sharing to your network and also acts as a gateway between your
96. event planning company The Pagan Vegan to demonstrate their capabilities 16 3 Creating an i bay No matter how you are going to use an i bay the process of creating an i bay starts by clicking on the Click here link at the top of the Information Bays panel in the server manager You will be presented with the form shown in the image below Create a new information bay The information bay name should contain only lower case letters numbers periods hyphens and underscores and should start with a lower case letter For example johnson intra and cust3 pri12 are all valid names but Sassociates John Smith and Bus Partner are not Information bay name I Brief description i Group Administrator User access via file sharing or user ftp Write Group Read Group oI Public access via web or anonymous ftp None Execution of dynamic content CGI PHP i 51 disabled 5 User access modes marked with an asterisk are not supported by the Macintosh file sharing component If you select one of those modes this i bay will not be available via Macintosh file sharing The public access mode password required outside local network is not supported by the FTP server component If you select this mode the FTP server will require a password both inside and outside the local network for this i bay Create You now need to fill out the form providing the information and making the choices descr
97. fend at your expense Mitel Networks including without limitation its suppliers and hold them harmless from any and all claims damages and expenses including reasonable attorney s fees and expenses arising out of your use of the ServiceLink Services and or any open source software with any third parties or from your negligent acts or omissions or willful misconduct You will reimburse Mitel Networks the full cost of any and all claims damages or losses your use or misuse of the ServiceLink Services may incur and you authorize Mitel Networks to recover such losses without prior notice by any means PROPRIETARY RIGHTS Title ownership rights and intellectual property rights in and to the ServiceLink Services including without limitation the ServiceLink Software and reports or documentation provided as part of the ServiceLink 13 14 15 16 17 Appendix E ServiceLink End User License Agreement Services shall remain with Mitel Networks or its suppliers and licensors You will not infringe and will take appropriate steps for the protection of such rights You will not remove obscure or alter any notice of patent copyright mask work trademark trade secret or other proprietary rights relating to or appearing anywhere on any of the ServiceLink Software documentation or associated with the ServiceLink Services MODIFICATIONS TO TERMS OF SERVICE AND OTHER POLICIES Mitel Networks reserves the right to change the ServiceLink Ter
98. forget to schedule your vacation time in advance If you ve signed up for shifts don t forget to find a replacement or Boris and Natasha will get you Click here for the vacation schedule Bowling League n Anyone interested in doing a TPV bowling league Email ay We Carine if ent f d vat 100 jh 2 oP we This particular newsletter was created using a desktop office application called StarOffice similar to Microsoft Office The files were created as typical word processing documents saved into html format and then transferred into the html directory of the intranet i bay using Windows file sharing Starting with just a blank document it took only about an hour to create the main page and the other pages that make up this newsletter 16 7 An i bay Used to Expedite Processes Samson s Farms Samson s Organic Farms delivers fresh produce to The Pagan Vegan every week Samson s and TPV use an i bay to improve the ordering and delivery process TPV has created an i bay for Samson s called samfarms It is accessible to the external Internet but password protected so that only staff at TPV and Samson s Farms can read it Anyone on TPV s local network can write to it 105 Chapter 16 Information Bays i bays Create a new information bay The information bay name should contain only lower case letters numbers periods hyphens and underscores and should start with a lower case letter For example ljohn
99. formation is accessible to other computers on the Internet Until it does incoming mail won t be able to find you and computers elsewhere on the Internet won t be able to contact your server using your domain name for example www yourdomain xxx However on your local network you should be able to connect to your server using the short names of www for web access and mail for e mail clients 8 3 IMAP versus POP3 e mail There are two common standards for e mail management IMAP and POP3 Your server supports both protocols You will need to select the protocol that is right for your organization POP3 is the earlier better known e mail protocol POP3 was designed to permit on demand retrieval to a single client machine E mail is stored on the mail server until you retrieve it at which time it is transferred over the network to your desktop machine and stored in your e mail box there 55 Chapter 8 Configuring the Computers on Your Network Benefits of POP3 Drawbacks of POP3 Even when you are not connected to your network you have POP3 was not originally intended to support users accessing access to the e mail stored on your desktop and managing their e mail from remote systems Because your e mail is stored on your desktop setting up remote access of your e mail when you are at a different computer can be complex IMAP e mail in contrast is designed to permit interactive access to multiple mailboxes from
100. g parameters to simplify recovery of the complete system from a previous backup Please note that you must boot from this diskette even if you originally installed by booting directly from CDROM When the reinstallation is complete you will be asked to reboot and remove the floppy and CDROM After the reboot you will be prompted to set the new administrator password and can quickly run through the configuration screens to verify all settings by choosing the keep option You can then restore a previous backup from the Backup or restore panel of this server manager To create a reinstallation diskette make sure that a blank write enabled diskette has been inserted into the diskette drive of the server not your desktop machine then click Create This operation takes several minutes to complete Note that this reinstallation disk serves a different purpose than the emergency boot disk you created as part of the original software installation process The emergency boot disk allows you to boot your server if you are unable to boot from the hard disk for some reason For instance this could occur due to a hardware error or through a mis configuration of the LILO boot loader during an advanced customization procedure The emergency boot diskette does not change your software or make any other adjustments to your system The reinstallation disk on the other hand will boot your system directly into the software installation proces
101. guring your server to operate in server and gateway mode you must select one of two Internet connection types a dedicated connection such as ADSL or cable modem or a dialup connection in which case you will be connecting to your ISP via a modem 40 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software The next step after selecting a connection type is to enter the specific parameters representing that connection 6 11 Server and Gateway Mode Dedicated How you configure your server s external interface depends on whether you are using a dedicated connection or a dialup connection Therefore if you configured your server for server and gateway mode dedicated connection you will be presented with very different configuration screens than if you configured the server for server and gateway dialup connection as discussed in the next section 6 11 1 Configuring Your External Ethernet Adapter As you did previously with your local ethernet adapter you need to configure the driver for your external ethernet adapter As before the software will attempt to detect the card If it correctly identifies the card you can proceed using Option 1 Keep current driver If it does not you will need to manually select the driver 4 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software 6 11 2 Assigning Your Ethernet Adapters to Network Connection To communicate s
102. h ServiceLink Host Computer 31 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software 6 1 Licensing Terms and Conditions In installing the SME Server V5 with ServiceLink software you are agreeing to the open source licensing terms and conditions associated with it You can read these terms and conditions in the introduction to this manual under the title Software Licensing Terms and Conditions Warning The computer on which you install this software will be totally dedicated to being your SME Server V5 with ServiceLink The hard drive of this computer will be erased and re written with the Linux operating system dramatically enhancing the reliability of your server over other operating systems However this means that while this computer is acting as your server you cannot use it for any other purpose Note If you have previously installed and configured a server and are reinstalling the software please be aware that you must use the Upgrade option in order to preserve your existing configuration and data Simply performing a new installation will erase all previously existing user accounts user directories i bay contents and web site and configuration parameters If you have not already done so you may wish to back up the contents of your server onto one of your desktop computers You can do so easily by selecting Backup or restore from the server manager as explained in the chapter on on going admin
103. h the three subdirectories of html files and cgi bin The items they were used to seeing before will now be found in the files directory 16 2 Accessing the i bays You can access the contents of an i bay using a web browser Windows file sharing AppleTalk or FTP accessing an i bay using a web browser via http To view an i bay using a browser enter www yourdomain xxx i bayname For example the URL for Samson s Farms i bay is www tofu dog com samfarms Assuming you are entitled to access this i bay you will see the index html page in the html directory in the Samson s Farms i bay If a password is required to see the contents of the i bay a password dialog box will appear before the contents of the i bay are served to the web browser 99 Chapter 16 Information Bays i bays accessing an i bay via Windows file sharing and AppleTalk To access the i bay using Windows file sharing or AppleTalk simply navigate to the server over your network browser in Windows this would be via Network Neighborhood and select the i bay you want to enter from those appearing You can only access an i bay in this way if you are on the local network accessing an i bay via the FTP server FTP File Transfer Protocol is a relatively easy way to transfer files over the Internet from one computer to another In the next few sections we will take a look at some examples of i bays that have been created by our hypothetical catering and
104. he URL www tofu dog com mgabriel As you can see Mr Gabriel has access to a summary of his event information He can check at any time to ensure the arrangements are correct For 102 Chapter 16 Information Bays i bays example at midnight tonight he can access his i bay to show his spouse the design used for his invitations 16 5 An i bay Used as a Shared Network Drive Having a shared network drive can be very helpful as a way of storing and sharing documents company wide TPV uses an i bay for a company wide network drive to hold documents to which all employees should have access All employees can read and write files to this directory The i bay is accessed via Windows file sharing AppleTalk or FTP To access using file sharing simply access the server over the network via Network Neighborhood and open the appropriate i bay You will see the files located in the files directory and can then open them or copy them to your system Note This is only true if the i bay has been set to allow public access via web or anonymous ftp If an i bay is set for no public access via web or anonymous ftp users connecting to the i bay through Windows or Macintosh file sharing will simply see the contents of the files directory However if the i bay settings are later changed to allow public access through web or anonymous ftp users will then see the top level directory of the i bay with the three subdirectories of html1 files and cgi bin The i
105. ibed below Note that the ftp access described below can be overridden by the FTP access limits setting on the Remote access panel of the server manager If you choose to Disable public FTP access there ftp access for individual i bays will not be allowed even though you will appear to be able to enable it from the 1 bay configuration screen Information bay name This is the short name of the i bay subject to the 12 character length restriction mentioned earlier The 100 i bay name will be what users will enter in the URL after the hostname to access the i bay from the web For instance if public access is enabled an i bay named intranet can be accessed by the Pagan Vegan staff at http www tofu dog com intranet Chapter 16 Information Bays i bays Brief description This text will appear in various administrative screens and can be a useful reminder of the i bay content e Group Ownership of the i bay content is assigned to an existing group The group ownership plays a role in the next setting for user access e User access You need to decide who will be able to add and modify content in the i bay and who will be able to read the content Note that in some of the access modes Macintosh users will not be able to access the i bay using normal Macintosh file sharing although they still could connect to it using ftp e Public access Here you set what type of public access you wish to have for the i bay If the i bay is
106. icate using TCP IP over Ethernet The first step is to choose your Ethernet adapter usually Built in Ethernet or just Ethernet from the AppleTalk Control Panel If everything is plugged in correctly the panel should quickly say that no zones were found If this takes a while the network cable or network card may not be working properly and you should see an Apple technician To use AppleTalk over TCP IP it is best that your Mac s network settings are configured via DHCP The server provides this service but it must be enabled via the server manager To enable it on your Mac choose DHCP Server in the TCP IP control panel If the control panel asks for a Client ID simply type in any unique title such as Design G4 or Reception 110 Chapter 17 User File Storage on the SME Server V5 with ServiceLink Note AppleTalk will work without TCP IP but will be slower than AppleTalk over TCP IP The next step is to choose a server to connect to via AppleTalk Click on the Chooser icon in your Apple Menu to bring up a list of file servers to connect to Oo Chooser E Select a file server AppleShare LaserWriter 8 Server IP Address OK Active GQ Inactive AppleTalk Double clicking on the server will bring up a list of all the volumes available for you to connect to whether or not you have sufficient priveleges to use them Your screen should now loo
107. iceLink software by logging in as the user root If your server is displaying the server console and not a login prompt you can press Alt F2 to switch to another screen with a login prompt To switch back press Alt F1 You should always ensure that you log out from the root account when you are finished and before you switch back to the server console The password for the root user is whatever password is currently set for the administrator of the server Note that this is the same password as that used by the admin user account Be aware that this ability to switch between the server console and a login prompt is only available when you have physical access to the server If you connect in remotely as the admin user and see the server console you will not be able to switch to a login prompt in that window You can however open up another remote connection to your server and login as the root user Note that remote administrative access is disabled by default and must be specifically enabled through the Remote Access panel of the server manager Note If you are not familiar with working from the Linux prompt you may be interested in trying a file management tool called Midnight Commander It allows you to perform many file operations through a menu driven interface Simply type mce at the command prompt Press the function key F1 for help and F10 to quit 51 Chapter 8 Configuring the Computers on Your Network 8 1 What Orde
108. icking on the Chooser your server and then other volumes to mount them as well Your desktop should now have icons for each successful volume such as the icons below MacOS 8 5 or above MacOS 7 5 to 8 1 Notice the wire at the bottom of the icon denoting a network volume Clicking on one of these icons should show you a window similar to the one below While you should not be able to add files or folders to this window you may do so in the files html or cgi bin folders permissions allowing o Primary HE x 4 items 1 49 GB available Note Some programs may not work well if run from the server Programs such as MYOB multi user accounting software rely on certain specific nuances to share the same file with multiple other Macs Test your applications with multiple users before relying on them in this situation 112 Chapter 18 Webmail If you wish you can configure your SME Server V5 with ServiceLink so that users can access their e mail via a web interface Once webmail is enabled users will be able to access their e mail from the local network or anywhere in the world via the Internet using any standard web browser provided it supports Javascript and tables which almost all browsers do For added security the server supports the use of Secure Socket Layer SSL connections When your users connect using SSL all communication between their browser and your web server is securely encrypted
109. il retrieval mode Standard a Your March Networks server includes a complete full featured e mail server However if for some reason you wish to delegate e mail processing to another system specify the IP address of the delegate system here For normal operation leave this field blank Delegate mail server i For ETAN or multi drop specify the hostname or IP address of your secondary mail server If using the standard e mail setup this field can be left blank Secondary mail server mail myisp x For ETAN or multi drop you can control how frequently this March Networks server contacts your secondary e mail server to fetch e mail More frequent connections mean that you receive your e mail more quickly but also cause Internet requests to be sent more often possibly increasing your phone and Internet charges During office hours 8 00 AM to 6 00 PM on i weekdays Every 5 minutes 4 Outside office hours 8 00 AM to 6 00 PM on i weekdays Every 30 minutes 5 During the weekend Not at all For multi drop e mail specify the POP user account and password If using standard or ETRN e mail these fields can be blank Also for multi drop you can either use the default March Networks server mail sorting method or you can specify a particular message header to use for mail sorting POP user account for multi drop jpopaccount Your choice of e mail retrieval mode will depend on the arrangements you made with your Internet servic
110. il will increase the resource requirements of your server in particular the memory requirement Other remote access services such as ssh and PPTP are also processor intensive You should consider a fast processor speed if you intend to make significant use of these services The server should work with any Pentium Celeron AMD or Cyrix processor that can run Red Hat Linux 7 1 e Fora dedicated connection in server and gateway mode your server requires two ethernet adapters also called network adapters or network interface cards For a dialup connection or server only mode one ethernet adapter is needed e SCSI Small Computer Systems Interface is a system for adding peripherals to a computer which enhances performance reliability and scalability If you are using a SCSI system you will need a specific adapter driver installed similarly to an ethernet adapter and will need to purchase SCSI enabled peripherals These tend to be more expensive than their non SCSI counterparts but the tradeoff is often worth it if the system will be under heavy loads Note Our hardware recommendations only apply to servers with up to 500 users This is not a technical limitation and the SME Server V5 with ServiceLink can provide services to more than 500 users In that case we suggest that you specify a custom system using our Category 4 requirements as the minimum starting point 5 1 Hardware Requirements for a Category 1 Server The following informat
111. ing of your SME Server V5 with ServiceLink and your Internet connection alerting you or your Authorized Partner when there are problems and compiling monthly performance reports Virus Protection Automates the downloading and installation of up to date virus pattern files and ensures that all e mail messages and attachments are scanned for the latest known threats Guaranteed E mail Should your Internet connection fail for any reason mail destined for your server will be held by our Network Operations Center NOC until such time as it can be delivered successfully DNS Services Allows users to publish up to date DNS records via the Mitel Networks NOC ensuring that their domain name remains accessible to the world IPSEC VPN Service Provides a fast easy way of linking multiple servers together into a larger network using the secure IPSEC standard Each of the services is described in more detail in the chapter entitled ServiceLink 1 4 2 Blades SME Server V5 with ServiceLink introduces support for blades a new way of customizing your server Blades allow you to easily install or remove software modules via the server manager The section in the Administration chapter on Blades describes this feature 1 4 3 Administration New manager panel for viewing log files allows you to easily view system log files and filter for specific information Private server and gateway mode this new server operation mode all
112. ing the browser to www tofu dog comAvebmail and logging in to their account Enable Disable Webmail Disabled Forwarding address for administrative notices The default address for administrative notices i e undeliverable mail backup notifications and other status error messages is admin If you d like those messages to be sent elsewhere enter the address here E mail to unknown users This field allows you to choose whether incoming messages to unknown users are bounced back to the sender or forwarded to the system administrator Some users prefer the latter setting because it allows them to catch and reroute e mail that was incorrectly addressed 77 Chapter 11 Configuration Internet provider s SMTP server Normally the server will send outgoing messages directly to their intended destination If however you have an unreliable connection or are using a residential Internet service it may be advisable to route e mail via your provider s SMTP server In that case you should enter the SMTP server s hostname or IP address here In fact if you have a temporary dial up connection to the Internet you may find that you need to use your ISP s mail server in order to deliver mail to some locations As a reaction to the huge volume of unsolicited commercial e mail spam many Internet sites are refusing direct SMTP connections from IP addresses that are known to be temporary dial up accounts For this reason you ma
113. ing this option is basically equivalent to creating a permanent or dedicated connection but only doing so through the use of a dial up connection and a modem One example of this use might be to set a Cont inuous connection policy during work hours and then some variable policy during off hours and the weekend Assuming that your ISP is okay with this arrangement and you can afford to do so financially these settings would give your users the fastest response time as the connection would always be online 6 13 Configuring Your DHCP Server You now will be prompted regarding DHCP service Your SME Server V5 with ServiceLink can be configured to provide DHCP service to your internal network The DHCP server can automatically configure the other computers on your internal network with such parameters as non routable IP address subnet mask and gateway IP address This reduces the risk of error and simplifies the process of configuring your network We recommend configuring your server to use DHCP to configure all of your network clients You should not do this if there is an existing DHCP server on your network as there should typically be only one DHCP server per network 6 13 1 Configuring the DHCP Address Range Before the DHCP server is able to assign IP addresses to the computers on your network you need to tell it what range of IP addresses it can safely distribute As above this section is pre configured with defaults that are appropriate
114. ings Advanced Nethlos DNS Configuration Gateway WINS Configuration IP Address An IP address can be automatically assigned to this computer If your network does not automatically assign IP addresses ask your network administrator for an address and then type it in the space below Obtain an IP address automatically Specify an IP address IP Address 192 168 1 2 Carcel After configuring the TCP IP parameters you may need to reboot your desktop computer to implement the configuration changes For example most Windows systems need to be rebooted after the TCP IP configuration has been changed Once the settings take effect your computer will be connected to the server and to the Internet 8 2 3 MS Windows workgroup configuration If you are using a Microsoft operating system you must ensure that your workgroup is the same as the workgroup name of your server The default workgroup name is your domain name In a subsequent chapter we ll explain how this can be changed using the web based server manager If you are using the default name go to the Control Panel select Network and then select Identification In the field for Workgroup type your domain name A word about domain names Once you ve set up your server there s typically a delay of one or more days before your ISP publishes your domain address records the domain name or names and the associated numerical IP address so that the in
115. internal network and the outside world The fact that it serves as a gateway means it has separate interfaces with each network and provides security and routing If you configure your server to operate in server and gateway mode your server will require either 1 two ethernet adapters one to communicate with the local network and the other to communicate with the external network Internet 2 one ethernet adapter for the local network and a modem for a dialup connection With server and gateway mode there are a number of extra parameters that will need to be configured These will be discussed in the next section 6 9 2 Option 2 Private server and gateway This mode is a variation of option 1 and provides the same functionality with the following differences Your web server is not visible to anyone outside of the local network Your mail server is not accessible from outside of the local network Additional firewall rules have been configured to drop packets for various services such as ping requests All services are available on the internal network The differences are entirely in how your server is seen by the external world You would select this mode only if you wish to use the server as a gateway but do not wish to publish any services to the external Internet 39 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software 6 9 3 Option 3 Server only mode Server only mode is a
116. ion outlines what we consider the minimum system that can give satisfactory performance as a basic file print server and network gateway Note that we do not believe such a system will provide satisfactory performance for features such as webmail remote access via PPTP and for ServiceLink offerings such as automatic virus protection and IPSEC VPNs Table 5 1 Definition of a Category 1 Server of Users webmail virus scanning or VPNs Light minimal use of remote access file sharing and other disk intensive activity No use of 23 Chapter 5 Hardware Requirements of the SME Server V5 with ServiceLink Host Computer Table 5 2 Hardware Requirements for a Category 1 Server 5 2 Hardware Requirements for a Category 2 Server Table 5 3 Definition of a Category 2 Server Up 1040 Light moderate use of remote access file sharing and other disk intensive activity Table 5 4 Hardware Requirements for a Category 2 Server SCSI adapter SCSI adapter must appear on the supported list only necessary for SCSI systems Ethernet adapters The ethernet adapters installed on your server must appear on the supported list Modem for dialup only Only modems that are Linux compatible may be used WinModems are not supported 24 Chapter 5 Hardware Requirements of the SME Server V5 with ServiceLink Host Computer CD ROM drive ATAPI or SCSI Floppy drive any Monitor any Graphics card any Mouse none required Sound card none
117. ist of blades Last updated Fri Aug 17 06 55 51 2001 e commerce 2 4 userguide 5 0 Web Content Filtering B Unsupported blades When blades are installed many of them will create a new panel in the server manager that allows you to configure the blade However some contributed blades may not be configurable through the server manager and may require use of the Linux command prompt Note that outside of blades you can still customize your server using Linux utilities from the command prompt However blades provides a much simpler and easier way to perform this customization 14 2 Backup or Restore You can easily back up the contents of your SME Server V5 with ServiceLink using one of two methods Both are controlled through 90 Chapter 14 Administration the web panel shown below Backup or restore server data The March Networks SME Server provides two ways to back up and restore your server using your local desktop or a tape drive The first method creates a copy of your server configuration and user data files and downloads it to your local desktop via your web browser Currently your configuration and data files total approximately 24Mb The Verify desktop backup file option can be used to check the integrity of a desktop backup file The tape backup method uses a software package called exbackup to back up your entire hard disk to tape every night This requires a supported tape drive and a tape that is not
118. istration of your server 6 2 RAID1 Support Disk Mirroring With SME Server V5 with ServiceLink you have the ability to set up disk mirroring also called RAID Level 1 In disk mirroring you basically write all of your data to two separate hard disks installed in your server One is the mirror of the other Should the primary disk experience a hardware failure the mirror disk will continue operations as if nothing had happened All of your data will be protected Disk mirroring can be accomplished through either software or hardware 6 2 1 Software Mirroring To enable software RAID1 support you must first have two disks that are either the same size or capable of having partitions of the same size They can be either SCSI or IDE drives They must both be installed in your system prior to installing the SME Server V5 with ServiceLink software Software RAID support can only be configured at the time you install the software If you choose not to configure RAID support on your server and later wish to do so you will need to reinstall the SME Server V5 with ServiceLink software Once you have two disk drives activating RAID support requires only a very slight change in the software installation process Note SME Server V5 with ServiceLink supports a software implementation of RAID Level 1 known as disk mirroring It does not support RAID Level 0 disk striping as that does not provide any protection of your data whatsoever It does not
119. k like the following picture wey Server Select the items you want to use Budget Labels Oo Home directory M MYOB Data oO Primary Checked items will be opened at system startup time Save My Name Only Q Save My Name and Password in the Keychain Cancer Co 3 8 6 The Primary volume is your default area set up by your server for sharing files and the company web site while Home directory points to the specific user s own space on the server viewable only by that user While other i bays may appear you may not be ale to use them as you must be a member of the group owning that i bay to use it The highlighted volumes are those you wish to connect to Any ticked volumes will attempt to mount every time you boot your Mac If you wish to save passwords in a keychain Mac OS 9 0 or above you should read the tutorial available from the help menu on your Mac Once you have chosen your volumes to mount whether or not they are ticked a dialog box will appear to allow you to log in 111 Chapter 17 User File Storage on the SME Server V5 with ServiceLink g Connect to the file server Server as Guest Registered User Password O Add to Keychain Clear Text Password Change Password 3 8 6 Use your server user name and password to connect This screen will pop up only once as the information typed in will be used for every subsequent login This includes cl
120. ks Corporation or a Mitel Networks Corporation Authorized Partner for technical support 67 Chapter 11 Configuration 11 1 Set date and time Accessing this section allows you to set the system date and time either manually or using a network time server Pull down menus for month and time zone ensure accurate entry The server manager will reset the time automatically during daylight savings time There are worldwide time zones with multiple selections for countries with multiple time zones including standard time zones states provinces and even cities This ensures that regional variations in time zones and daylight savings time are accurately reflected Date and time configuration This is where you configure the date and time of this March Networks SME Server You may use an existing network time server or manually set the date and time for your time zone Set Date and Time Warming if you have configured a network time server below do NOT manually set the time or date here Doing so wil break the network time synchronization Current setting Wednesday August 6 2001 7 30 45 AM US Eastem iver August B 2001 hanni 7 30 45 ANUP Mand time aM co US Eastern Save Date Time Settings Network Time Server The March Networks SME Server can periodically synchronize the system clock to a network time protocol NTP server To enable this service indicate so in the checkbox and enter the hostname or IP address of th
121. lished by the Free Software Foundation If the Program does not specify a version number of this License you may choose any version ever published by the Free Software Foundation 10 If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different write to the author to ask for permission For software which is copyrighted by the Free Software Foundation write to the Free Software Foundation we sometimes make exceptions for this Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally NO WARRANTY 11 BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE THERE IS NO WARRANTY FOR THE PROGRAM TO THE EXTENT PERMITTED BY APPLICABLE LAW EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND OR OTHER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION 12 INNO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER OR ANY OTHER PARTY WHO MAY MODIFY AND OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE BE LIABLE TO
122. lled in your system 65 Chapter 10 Security 10 2 3 FTP Another way to upload or download files to and from your server is to enable a protocol called FTP or file transfer protocol This screen enables you to set your policy for FTP Note that allowing liberal FTP access to your server does reduce your security You have two options that you can set here FTP user account access Private FTP access allows only people on your internal network to write files to your server Public FTP access allows users both inside and outside your local network to read or write files on your server provided they have an account and password If for example you want to be able to update your web site from home using FTP you would choose the Public setting We strongly recommend you leave this as Private unless you have a specific reason to do so FTP access limits This allows you to set an overall site wide policy for FTP access The setting you choose here will override all other FTP settings on your server For example if you choose Disable public FTP access here and then later configure an i bay to allow public FTP access from the Internet such access will be forbidden Note that one of the choices here allows you to completely disable any use of FTP 10 2 4 telnet telnet has traditionally been one of the tools used to login remotely to other systems across a network or the Internet This screen gives you the options to control the use of
123. me Contacts window As with the section at the top of the screen you choose your entry from the pop up menu or press the Se ect button if your entry is displayed already and the information should appear in the entry box below Assuming you entered Contacts from the link in the Compose window you can now insert this information into the To Cc or Bcc lines of the Compose window Note that you also have the option of inserting this entry directly into your Contacts list If you have a large company directory you may find this a useful way of ensuring that frequently used contacts are readily available Note Unlike your local Contacts list you cannot directly update entries that are in the company directory Instead those entries must be updated by the system administrator using the Directory panel in the server manager See the Directory section of Chapter 10 for more information Clear Select bob lt bbass e smith com gt Address Nickname Fullname saan Insert into To Insert into Ce Insert into Bec Date Contact Unite Cont LDAP Search Search the Company Directory LI directory wherethe Name CI contains Ci fred StartSearch oD LDAP Results Select Fred Frog lt ffrog tofu dog com 1 cali Taser fat To Ter ato Ge serene Be rset ae Cones 18 10 Changing Webmail Preferences By clicking on the Preferences link on the navigation menu
124. ministrator and everyone meaning all users whether on the local network or on the Internet user access via file sharing or FTP The administrator can also control who has the ability to save a file into or modify the contents of the files in the i bay write access and who has the ability to view the contents of the i bay read access The administrator can specify whether the entire group can write to the i bay or whether the administrator alone has the power to save files to the i bay Similarly the administrator can control whether group members only can read the contents of the i bay or whether the contents can be read by anyone password protection the administrator can specify whether a password is required to access an i bay from the Internet and what that password will be Note If you select Password Required users who connect to the i bay via FTP or HTTP will be prompted to supply that particular i bay s username and password The user name is always the name of the i bay and the password is whatever the administrator assigns to that i bay not the individual user s password Note that as with user accounts i bay accounts are locked out by default If a password is required users will not be able to access the i bay until the administrator sets the password i bays are simple to create and manage The Information bays section of the server manager shows all current i bays the name of each i bay and a description of it
125. ms each server connected in a VPN knows the public key of each of the other servers on Chapter 3 ServiceLink the network it uses that key to encrypt data intended for that server A private key on the receiving server is then used to decrypt the data One of the difficulties in setting up a VPN is securely exchanging the keys required to set up the VPN ServiceLink simplifies and automates this process via a trusted central exchange the Mitel Networks NOC In addition ServiceLink also secures and automates the renewal of encryption keys When you establish a VPN using ServiceLink one server is designated to act as the primary server the server whose user accounts will be accessible via the VPN The other servers in the VPN known as secondary servers will function as gateways for the users on their local networks 13 Chapter 4 Your Internet Service Provider ISP Your ISP is your connection to the Internet it routes Internet data packets to and from your server It also provides other essential services This section of the user s guide reviews what ISPs offer and what the implications are in choosing among the various options available to you While your ISP can also assist you in selecting and arranging the right Internet services for your organization it s important to know the general range of services available since not all ISPs offer all services Warning If you are operating the product in server only mode y
126. ms of Service Agreement at any time and to notify you by e mail and by posting an updated version of the Agreement on the Web site www e smith com You are responsible for regularly reviewing the ServiceLink Terms of Service Agreement Continued use of the ServiceLink Services after any such changes shall constitute your consent to such changes TERMINATION FOR DEFAULT Mitel shall have the right to terminate this Agreement immediately for default if you are in default with respect to any material provision of this Agreement including but not limited to the payment provisions or if a bankruptcy or insolvency proceeding is filed by or against you or if you make an assignment for the benefit of creditors In the event of termination you shall immediately remove any ServiceLink Software from your servers U S GOVERNMENT RESTRICTED RIGHTS The U S Government accepts ServiceLink Software and documentation as commercial computer software and or computer software documentation in accordance with the license terms set forth in this Agreement subject to the requirements of FAR 2 227 19 Computer Software Restricted Rights June 1987 or DFAR 227 7202 3 Rights in commercial computer software or commercial computer software documentation effective 6 30 95 For uses with the U S Government the Contractor Manufacturer is Mitel Networks Inc 205 Van Buren Street Suite 400 Herndon Virginia 22070 MISCELLANEOUS 16 1 Entire Agreement This Agreement super
127. n a Service Account ID for your server Once that number is entered into the Status panel on your server you will be subscribed to ServiceLink Your partner will enable ServiceLink services and they will begin to function Once subscribed your server will synchronize at a periodic interval the default is one hour with our NOC to retrieve updated information such as virus pattern files Be aware that one of the features of our NOC is that alerts can be established to notify your partner or any e mail address the partner sets when your server has missed a sync period when e mail is arriving at the NOC instead of your server and when viruses have been detected You will also be able to receive monthly reports from your partner detailing ServiceLink activity 13 1 Status Until ServiceLink is activated the Status panel will appear as shown in the image below ServiceLink Activation In addition to the standard features of this server software you can now take advantage of March Networks ServiceLink an integrated suite of network delivered services that enhance the security reliability and functionality of your March Networks SME Server ServiceLink delivers critical system management services including 24 x 7 monitoring and status reports virus protection with automatic updates point and click IPSEC Virtual Private Networks guaranteed e mail delivery and DNS services To read more about the benefits of March Networks ServiceLink please
128. n of adding hostnames in the special e smith net domain The hostnames you can create on this panel fall into three categories Additional names for your server For instance you might want to set up intranet mycompany xxx to point to your server All you do here is enter the hostname and if appropriate choose the domain for the hostname Chapter 11 Configuration Remote hosts As mentioned in the example earlier you might want to point a hostname such as www to a remote system While www is created by default you can create other names such as home research or any other appropriate name In the form you simply enter the hostname choose the domain and enter the remote IP address Local hosts This screen is a bit more complicated because you have more options At a basic level you can create a hostname in a domain that points to another computer on your local network To do this just type in the hostname and enter the IP address in the Local IP field For instance you might want research to point to a computer system inside your network Where this gets complicated is when you want research mycompany xxx to be accessible both inside and outside your local network The challenge is that your local IP addresses are only accessible inside your network For that reason the target computer system will need to have two network interface cards one connected to the internal network and one connected to the external network
129. net address in the Hostnames and addresses panel Note also that the server printing system does not perform any filtering and passes the print requests directly from the client computers to the printer in the raw or pass through machines For this reason the SME Server V5 with ServiceLink does not have a list of supported printers Most printers are supported as long as the appropriate driver is installed in the operating system on your client computers However there are some newer printers that only have a Windows driver available and rely heavily on that operating system to perform their print functions These printers cannot be used on the server If you are concerned about whether your printer will work with your server you can visit Red Hat s Hardware Compatibility List http hardware redhat com redhatready html us static hcl intel input output html or explore the information found at LinuxPrinting org http www linuxprinting org As a final item you should be aware that in order to use the printers available through your server a user must be logged in to their client system with a user name and password that is valid on the server For instance if a user is logged in as tturtle on their Windows desktop and that user account does not exist on the server the user will not be able to print to the printers managed by the server Either the user will have to logout and log back in as a valid user or the tturt le account will need to
130. nged Current List of User Accounts Reset password ssalmon Saly Salmon lodify Reset password In the User Accounts section of the server manager you will see a list of your current accounts If you haven t already created any accounts select Click here and fill in the requested information the account name the part of the e mail address that comes before the person s name address department company and phone number As a convenience the defaults that you entered in the Directory section of the server manager appear each time you create a new account You can if necessary modify the information for each user as you create the account From the list of user accounts you can easily modify or remove a user account by clicking on modify or remove next to the user name or set the user s password User accounts are locked out and cannot be used until you set the initial password for each account As a reminder of this user accounts appear in red until the password is changed In the example shown here the administrator has not yet changed the password for user Sally Salmon Note If you want someone to have an e mail address at your company but want the messages forwarded to another external e mail address you can create the user account but set the e mail delivery option in the user account to Forward to address below and enter the external address If you leave the user ac
131. nization with the Network Operations Center Note that this operation will completely remove your previous service domain including any hosts that you have already configured heonewyork e smith net Update DNS hosting The following is a list of domains on your system and those which are being published as part of your DNS subscription to March Networks SME Server with ServiceLink eonewyork beta teste smith net Domain is being published ofu dog com Domain has not been requested for publishin With ServiceLink changes you make in the Hostnames and addresses panel of the server manager will automatically be published to the global Internet A checkbox is available for each hostname that asks Publish globally If you check that box the record will be transferred to the NOC and from there published out to the larger Internet If as shown in the screen above there are domains that indicate they are not currently being published your partner can use the NOC to configure those domains to start publishing your information Be aware that it may require several business days for some domains to be registered and published 87 Chapter 13 ServiceLink The top part of the panel allows you to configure a service domain that is available to you after ServiceLink activation This domain takes the form of yourdomain e smith net and allows you to immediately start receiving e mail and connecting to your server using that domain
132. nk account please click here Your service account ID is 345659 Your descriptive server name is Ottawa Office The last sync completed successfully at Tue Aug 14 03 33 30 2001 Current ServiceLink subscription listing Virus protection Subscribed i IPSEC VPN service Subscribed the problem Note also that the expiration of your ServiceLink subscription appears 13 2 Virus Protection As soon as you are subscribed to ServiceLink and the Virus Protection service is enabled all of your inbound and outbound mail messages will be scanned for viruses The scanning software checks both the message body as well as all attachments If a virus is found on a message the message is quarantined in a special mail folder and notifications are sent out about the virus For an inbound message the recipient at your site the original sender and your Mitel Networks Corporation partner are notified For an outbound message only the sender at your location and your partner are notified In the server manager the configuration screen shown below only allows you to enable or disable the service While you can perform this action here we strongly recommend you let your partner do this action on our NOC ServiceLink Virus Protection The ServiceLink Virus Protection service is available This service will scan all incoming and outgoing e mail messages for your March Networks server including webmail Should scanning of e mail using this soft
133. not permitted to login to the server itself If you give another user the ability to login remotely to the server you will need to access the underlying Linux operating system and manually change the user s shell in etc passwd 10 2 1 1 ssh clients for Windows and Macintosh systems A number of different free software programs provide ssh clients for use in a Windows or Macintosh environment Several are extensions of existing telnet programs that include ssh functionality Two different lists of known clients can be found online at http www openssh com windows htm and http www freessh org A commercial ssh client is available from SSH Communications Security at http www ssh com products ssh download html Note that the client is free for evaluation academic and certain non commercial uses Chapter 10 Security 10 2 2 PPTP The Point to Point Tunnelling Protocol PPTP is used to create client to server Virtual Private Networks VPNs and was developed by the PPTP Forum an industry group which included Microsoft and several other companies A VPN is a private network of computers that uses the public Internet to connect some nodes PPTP allows users to connect to their corporate networks across the Internet Microsoft s PPTP implementation is widely used in the Windows world to provide remote access across the Internet If you have a remote Windows system for instance a laptop or a home computer that has access to the Internet
134. ntory and determines what should be ordered The assistant enters TPV s order directly onto the order sheet in the samfarms i bay using an HTML editor The day before delivery the chef reviews his assistant s order as shown in the image below using a web browser and makes any last minute adjustments Chapter 16 Information Bays i bays File Edit View Go Communicator Heip J sak Bookmarks Go To Samson s Organic Farms feos tofudag con sanfarxs http On line order sheet for The Pagan Vegan Last Delivery August 11 Samson s will fill and deliver this order on August 18 Order entry done by customer name Joe Date order entered August 17 Vegetables Fruit artichokes 8 idozen apples Mac beans H 10 lb black berries ilb blue berries 10 lb crab apples 20 fb grapes black oranges navel basil pur e 4 La aam On the day of delivery Samson s shipping staff accesses the i bay over the Internet prints out TPV s order from the samfarms i bay and fills it 16 8 An i bay Used as Your Customer Download Site When customers hire The Pagan Vegan to plan events they need to review a great deal of information menu options catalogues from various vendors for event stationary table setting rentals etc Often customers want several days to review it all TPV has only a limited number of catalogues for loan so it decide
135. o all existing users as well Existing users Leave as they are o Save In this section of the server manager you specify the default directory information for new accounts the user s department company street address city and phone number Each time you create an e mail account the fields will contain the information entered here as the default If you wish you can change the information for each user At any time in the future you can change the default information and have the new information apply to all new users or to all existing users as well The field to do this is located near the bottom of the screen Choosing update with new defaults is a convenient one click method of revising your directory when for example your company has moved to a new address 11 4 Printers Your SME Server V5 with ServiceLink enables all users on your network to easily share a printer The printer can be either locally attached to the parallel port of your server or can be a network printer All the server needs is some basic information the printer name which can be anything you want as long as it starts with a lower case letter and consists only of lower case letters and numbers with no spaces a brief description for example the printer down the hall and the location of the printer whether it s on the network or directly connected to your server 71 Chapter 11 Configuration 72 Create a new printer Please choose a uni
136. of day p hour min Fa 00 AMPM PM o Update Configuration Be aware that you must use a supported tape drive and that a tape must be inserted in the drive for the backup to work Note Reminder e mail messages for tape backups are automatically sent to the e mail address that is configured to receive administrative notices This is normally the user admin but you can change this by going to the Other e mail settings screen in the server manager 14 2 5 Restore From Tape If you are performing regular backups you can also restore user data and configuration settings by using the Restore From Tape option After you press the Perform button the system will read the files from tape and overwrite any currently existing files You must reboot your system after the restore for the changes to take effect Note that in order to restore data from tape you must have first checked off Enable Tape Backup and scheduled nightly backups If you have not done this you will not be able to restore from tape using the server manager 92 Chapter 14 Administration Warning Note that this restore procedure only restores user data and configuration information It does not restore system files If you experienced a serious system crash you should first re install the SME Server V5 with ServiceLink software and then perform a restore from tape Restore server configuration from tape backup This process will restore the configuration and user
137. on is automatic Warning Ideally you should use Restore from desktop on a freshly installed server Therefore if you are planning to do a restore you should first re install the SME Server V5 with ServiceLink software and then perform the Restore from desktop command 91 Chapter 14 Administration 14 2 3 Verify Desktop Backup File This option allows you to verify that the backup to disk was completed successfully In rare cases we have found that users ran out of disk space on their client PC while doing the backup to desktop This options allows you to verify whether or not the backup did in fact complete successfully 14 2 4 Configure Tape Backup The second type of backup involves configuring your system to perform a daily full system backup to a tape drive using a software package called flexbackup If you wish to activate this option check the box next to Enable Tape Backup and then specify the time at which you wish the backup to occur and the time at which reminder notices should be sent Enable Disable Nightly Tape Backup Select whether you wish to enable nightly backups Then indicate the desired times for the backup and the load tape reminder The tape backup requires a supported tape drive A warning message will be sent to the administrator at the designated reminder time if the tape drive is empty Enable tape backup d Tape backup time of day a p i hour min 2 00 AMPM AM O Load tape reminder time
138. ontracts for the International Sale of Goods or the United Nations Convention on the Limitation Period in the International Sale of Goods the application of which are expressly excluded 16 4 Any terms of this Agreement which by their nature extend beyond the Agreement termination remain in effect notwithstanding the termination or expiration of the Agreement and apply to the parties respective successors and assignees Definitions Agreement means this ServiceLink End User License Agreement Mitel Networks means Mitel Networks Inc in the United States and Mitel Networks Corporation elsewhere in the world ServiceLink Software means the Mitel Networks software including software that is licensed to Mitel Networks but excluding any software components that are open source which are subject to the General Public License or other open source licenses as identified in the user documentation 129 Appendix E ServiceLink End User License Agreement 130 that is downloaded to enable the subscription and use of the ServiceLink Service and any and all copies modifications upgrades enhancements and new releases thereof made or acquired by you Subscription Period begins on the initial date that you connect to the ServiceLink Service and ends on the last date of service as elected by you in the ServiceLink registration form completed with your Authorized Integrator including any renewals thereof You means the end user customer or its au
139. onvention for i bays that customers can easily remember first initial last name Because it contains important customer information only the site administrator can save files into this i bay To prevent others from accessing the customer s i bay a password is required to enter the site TPV created individual passwords and securely provided them to their customers File Edt View Go Communicator Heip T H7 Boormans A GoTo http wwv tofudog con mgabriel E B Mr Miles Gabriel Art Exposition The purpose of this website is to provide you with a centralized place for information about our catering of your event Event logistics Click here to see the event date time time that we will arrive etc Your menu and wine list Click here to see the menu and wine list you have selected Your accoutrements Click here to see the invitations you have purchased and the table accoutrements that you have selected for rental from Rent an Event The invitations are expected back from Art All Printers by September 1 1999 Pricing Click here to see our itemized price quotation to Mr Gabriel Questions If you have any questions your account manager is Kate Hedges khedges tofudog com 1 800 376 4841 fw toow a 2 oe 2 Miles Gabriel has contacted The Pagan Vegan to cater an art exposition The Pagan Vegan has created an i bay specifically for Mr Gabriel s account called mgabriel Mr Gabriel accesses the site with t
140. or employees to express themselves and share information Create a new information bay The information bay name should contain only lower case letters numbers periods hyphens and underscores and should start with a lower case letter For example johnson intra and cust3pri12 are all valid names but Sassociates John Smith and Bus Partner are not Information bay name intranet Brief description Pagan Vegan Intrane Group Employees Only 2 User access via file sharing or user ftp Write Group Read Group o Public access via web or anonymous ftp Local network no password required a Execution of dynamic content CGI PHP disabled ca SSI User access modes marked with an asterisk are not supported by the Macintosh file sharing component If you select one of those modes this i bay will not be available via Macintosh file sharing The public access mode password required outside local network is not supported by the FTP server component If you select this mode the FTP server will require a password both inside and outside the local network for this i bay Create In keeping with TPV s culture the newsletter is very casual The company has a high degree of trust in its employees and as a result employees are given full access to the contents of the intranet so anyone on staff can revise it A more typical company might 104 Chapter 16 Information Bays i ba
141. other firewall it may need to use the external proxy server If you have questions about whether to use a proxy server we recommend you read Appendix C on using a proxy server In most environments you can probably leave this blank Status reporting You will be asked to decide whether to enable status reporting to Mitel Networks Corporation Through status reporting Mitel Networks Corporation tracks the performance of its servers worldwide Every day your server would send a small packet of data containing up time information to Mitel Networks Corporation The information sent to Mitel Networks Corporation is minimal and is not shared with any other organization Console mode Next as shown below you select the security setting for the server console itself in other words whether users will require a password to access the server console If you choose the default auto the server console will be displayed on your server monitor In many small office or home office situations this is perfectly acceptable However doing so allows anyone with physical access to your server monitor and keyboard to make system wide changes If you are concerned about security in your situation you may wish to choose login This setting prevents users from accessing the server console unless they login as admin with the system password you set earlier in the process Note that this setting controls access to the server console only it does not control whethe
142. ou can connect from another system using a normal graphical browser This option merely allows you to perform these functions directly from the server console Option 7 Connects to http www e smith org docs manual to allow you to read the online version of this manual Option 8 Displays the GNU General Public License the license governing the distribution and use of SME Server V5 with ServiceLink software and information on how to contact Mitel Networks Corporation for support 50 Chapter 7 The Server Console 7 1 Using the Text based Browser For Option 6 Access server manager with text mode browser the server uses a text based browser called lynx to allow you to access the web based server manager from the server console Navigation is primarily with the arrow keys up and down to move through the page right arrow to follow a link left arrow to go back Lynx has a wide range of other commands which you can learn about through the online help available at http www lynx browser org Note that for security reasons some regular features of lynx are disabled when you are browsing from the server console such as the ability to specify an external URL Type q for quit to exit the text based browser 7 2 Accessing the Linux Root Prompt If you are an expert user and would like to do advanced modifications to the configuration of your server you can access the Linux operating system underlying the SME Server V5 with Serv
143. ou will need to review your gateway firewall documentation and perhaps consult with your ISP regarding your configuration For example depending on your plans for the server your ISP may need to publish DNS records associating your mail and or web servers with your firewall IP address You may also need to configure your firewall for port forwarding of services In server only mode the single Ethernet connection to the local network is trusted as being secure and packet filtering is disabled For that reason a server only server must always be behind a local firewall You should not directly connect such a system to the Internet via an Internet Service Provider 4 1 Dedicated versus dialup connectivity Connectivity also referred to as Internet access type refers to the physical connection between your site and your ISP How you connect to your ISP affects the speed of your Internet connection which in turn impacts such things as how quickly your web site is displayed to visitors Dedicated connectivity refers to a full time connection to your ISP Although they are more expensive than the alternative dedicated connections are generally faster and allow you to use the full range of services on your server There are several common types of dedicated connectivity ADSL provides relatively fast data transmission over phone lines A cable connection links you to your cable company which provides you with many though not all of the same ser
144. our Internet Service Provider ISP cable company cable Cablemodem transfers data from server to cable company ethernet cable your local network Note In the tables below please keep the following information in mind 1 ISPs often supply the items marked to your server by DHCP 2 Some ISPs block outgoing HTTP connections forcing you to use their proxy server This interferes in a few minor ways with your server e g the test for Internet connectivity will fail erroneously However using the ISP s proxy server will normally work fine 1 You receive a routable static IP address Information provided to you by your ISP e static IP address IP address of cablemodem or ADSL router gateway IP address e subnet mask Order services from Service List A 2 You receive a routable dynamically assigned IP address and you elect to use a dynamic DNS service We encourage you to review Appendix B Dynamic DNS Services for a discussion of dynamic DNS services Information provided to you by your ISP e gateway IP address subnet mask Information provided by dynamic DNS service 17 Chapter 4 Your Internet Service Provider ISP DNS service account name DNS service password Order services from Service List B 3 You receive a routable dynamically assigned IP address and you elect not to use a dynamic DNS service OR your IP address is non routable Information provided to you by you
145. ourdomain xxx user password where www yourdomain xxx is the web server name you entered into the server console The staff at The Pagan Vegan would visit the URL www tofu dog com user password To make the change a user would enter his or her account name the characters before the old password and the new password to ensure accuracy the screen asks for the new password twice Note that changing the password for a user in the server manager overrides any previous password entered by your user Therefore when a user forgets his password simply reset it in the server manager Note There is no way for the administrator to recover a forgotten password for a user All they can do is set a new password for the user 12 2 Groups This screen allows you to create remove or change user groups which are simply lists of people with a shared interest for example they work in the same department or are collaborating on a project The user group function serves two purposes in the SME Server V5 with ServiceLink it permits e mail to be sent conveniently to a group of users and it allows the system administrator to associate groups of users with a single information bay i bay Creating a new group is a simple three step process You enter the group name as with account names these should begin with a lower case letter and consist only of lower case letters and numbers followed by a brief description Finally check the boxes next to the
146. ows you to use the server s gateway functionality but not publish any public services Hostnames and addresses panel provides more options in the configuration of DNS and host entries Ability to disable user accounts you can now disable but not delete a user account to temporarily restrict access to that account server manager interface the web based server manager has been refreshed with a cleaner look Secure access to server manager you can now connect to the server manager using the secure HTTPS protocol e New URL for server manager The URL is now http www domainname xxx server manager instead of http www domainname xxx e smith manager e New URL for setting user passwords The URL is now http www domainname xxx user password instead of http www domainname xxx e smith password Ability to verify desktop backups you can now check the integrity of a backup to your desktop Chapter 2 The role of the SME Server V5 Your SME Server V5 with ServiceLink manages your connection to the Internet by routing Internet data packets to and from your network which allows all the computers on your network to share a single Internet connection and by providing security for your network minimizing the risk of intrusions When one of your local computers contacts the Internet or is contacted by an outside machine on the Internet the SME Server V5 with ServiceLink not only routes that connection but seamlessl
147. p ID will be sent to all members of the group If for example you create a group called sales messages to sales mycompany xxx will be distributed automatically to all members of that group As you add and remove members to the group your server automatically updates the e mail alias In addition to user and group accounts however your server also automatically creates several pseudonyms For instance for each user account the server creates two separate pseudonyms using the first and last names of the user These two pseudonyms are in the form of firstname lastname and firstname_lastname Hence when you create the user account ffrog for a user with the name Fred Frog he will also be able to receive e mail sent to fred frog mycompany xxx and fred_frog mycompany xxx Additionally your server creates a special pseudonym called everyone that includes all user accounts on the system Two other pseudonyms postmaster and mailer daemon are created pointing to the admin user If you wish to modify or remove any of these pseudonyms or create new ones you can use the web panel found under the Collaboration section as shown below Note The special pseudonyms of everyone postmaster and mailer daemon will only be visible after you have either added a user account to the system or have added a custom pseudonym Until that time these three pseudonyms are there but will not be visible on the Pseudonyms web panel Chap
148. p by step through the straightforward process of installing and configuring your SME Server V5 with ServiceLink The Appendices in the back of the guide provide background information on subjects related to networking and the Internet and are intended to supplement chapters in the main section of the user s guide 1 1 1 Production We created this user s guide using Docbook http docbook org on the Linux operating system Images were created using The GIMP http gimp org The HTML version of this manual was generated from DocBook XML using libxslt http www xmlsoft org XSLT with customized XSLT stylesheets More information about our documentation process is available at http www e smith org docs Most of the editing was done by Dan York and Kirrily Skud Robert using the vim http www vim org editor 1 1 2 History August 2001 First print edition of the SME Server V5 with ServiceLink user s guide published by Mitel Networks Corporation Also published online in HTML and DocBook XML SGML Available at http www e smith org docs manual 5 0 Primary author editor Dan York February 13 2001 e smith server and gateway user s manual for version 4 1 published online in HTML and DocBook SGML by e smith inc Available at http www e smith org docs manual 4 1 Primary author editor Dan York December 4 2000 e smith server and gateway user s manual for version 4 0 published online in HTML and DocBook SGML by e
149. panel allows you to view the log files generated by the services running on your March Networks server Choose a log file to view messages You may optionally specify a filter pattern to display only the lines from the log file which match this pattern If you leave this field blank all available lines of the log file will be displayed Filter Pattern optional You may also optionally specify a highlight pattern to mark in bold any lines from the log file which match the highlight pattern The highlight pattern is applied to any lines which have already matched the filter pattern Highlight Pattern optional i Please note that it may take quite some time to generate these reports View Log file You will probably find the log file of most interest to be messages where most of the system services write log messages If you enter any text in the Filter Pattern box only lines of the log file containing that text will be displayed If you enter any text in the Highlight Pattern box that text will be shown in bold Both options can be used together Be aware that the filter is case sensitive As an example if you were interested in messages relating to DHCP you could examine the log file messages with a filter pattern of DHCP This will show you all DHCP related messages If you further add a highlight pattern of DHCPACK the messages relating to DHCP acknowledgements will appear in bold 14 6 Reboot or Shutdown If yo
150. pped for a nicer appearance in your web page Leave a blank line whenever you want to start a new paragraph If you need to force a line break without starting a new paragraph for example after each line of a mailing address then type the four character sequence lt BR gt where you would like each line break Do not use this option if you have already customized your web site since it will overwrite the index htm and e smith pb gif files in your web site directory Company name The Pagan Vegart First header typically used for short phrases such as Leader in the field of textile manufacturing Healthy food with an irreverent twist Text following first header typically used for a paragraph of marketing information The Pagan Vegan was founded in 1991 by Kate Hedges and Laurie Belew who were the only vegetarians in their graduating class from the Cordon Bleu School of America Chastised by a professor for their pagan views on cuisine both chefs took this as a great compliment and the Pagan Yegan was born At any point in the future you can replace or revise your starter web page by replacing or revising the files in the html directory on your server The html directory for your web site can be accessed using Windows file sharing Ensure you are logged onto your network using the admin name and password and then use file sharing to go to the server Select the primary directory and then select the html directo
151. ppropriate if you do not wish to use the gateway capabilities of your server In this configuration your server connects only to the local network and does not connect directly to the outside world although it may connect indirectly through your firewall or another server Warning Because the server trusts the local network to be secure in server only mode it must be behind a firewall of some type Under no conditions should it be directly connected to the Internet Your network will resemble the image below external network or internet gateway for network v ethernet card connects server to network your DHCP server will give network parameters to local desktop computers If you have a connection to the Internet by way of another gateway or corporate firewall you can configure your server to provide services including e mail web services file and print sharing to your network In this instance you do not need your server to provide the gateway role because that role is fulfilled by your firewall If you select Option 3 Server only mode protected network your server will provide your local network with web e mail file and print sharing On the next configuration screen you should enter the IP address for the Internet gateway on your local network If you do not have an Internet connection simply leave this configuration screen blank 6 10 Configuring Server and Gateway Mode If you are confi
152. que name for the printer and enter a brief description The printer name should contain only lower case letters and numbers and should start with a lower case letter For example hplaser epsonip and canonbj are valid choices but HP Laser Jet Canon BubbleJet and HP JetDirect Printer are not Printer name hplaset Brief description HP LaserJet q Location Local printer port 0 LPT1 If your printer is on a local printer port leave the next two fields blank Hostname or IP address of network printer Network printer name enter raw if not sure jaw Create The next two fields can be left blank if your printer is on a local port If it s a network printer you will likely already have assigned it an IP address Enter that information where requested The next field asks for your network printer name Use the default setting Raw if you have no specific reason to do otherwise Raw is the name used by most network printers for their main print queues Note For maximum flexibility in making changes later we suggest that you enter the hostname for a network printer here and enter the IP address of the printer through the Hostnames and addresses panel of the server manager This allows you to have one central location listing IP addresses and allowing you to make changes Note that many modern network printers can be configured automatically To do so enter their hostname IP address and Ether
153. r E Incoming Mail Servers kentii mail default Mail Servers Newsgroups Servers Addressing amag To set server properties such as checking for Copies and Folders new messages automatically select a server Formatting and then click Edit E i Return Re ts os feed Outgoing Mail Server D Roaming User 5 Outgoing mail SMTP server D Composer igoa mal GTR peal Pinker Outgoing mail server user name i Use Secure Socket Layer SSL or TLS for outgoing messages A Never w If Possible w Always Local mail directory Directory snome e smith files usersittrog nsmail Choose OK Cancel If you have not configured a mail server yet you will need to press the Add button and enter information about your server Otherwise you will select the default mail server listed and click on the the Edit button This will bring up a screen where you enter the user name and choose whether you are using IMAP or POP3 General IMAP Advanced Server Name in Server Type IMAP User Name ffrog F Remember password F Check for mail every 5 minutes 1 Automatically download any new messages ase feces Netscape should now be ready to send and receive e mail 8 5 Configuring Your Web Browser Most browsers are configured using a dialog box called preferences network preferences or options Some browsers need to be configured to access the Internet either directly or via a proxy serve
154. r When required most desktop applications your web browser included should be configured as though they were directly accessing the Internet Although the server uses a security feature known as IP masquerading thereby creating an indirect connection to the Internet this is a transparent operation to most of your desktop applications Hence you should ensure that the Direct connection to the Internet check box is clicked on in your web browser Under certain circumstances using a proxy server can improve the perceived performance of your network The server includes HTTP FTP and Gopher proxy servers Normally we recommend these be disabled in your browser Appendix C on Proxy Servers 57 Chapter 8 Configuring the Computers on Your Network explores this issue If you decided that you do want to use proxy servers you will need to enter the IP address or domain name of the proxy server i e your server into the configuration screens of your web browser The port number you will need to enter to connect to the e smith proxy server is 3128 This information is the same for HTTP Gopher and FTP proxying The image below shows how a proxy server would be configured in Netscape Navigator You may configure a proxy and port number for each of the internet protocols that Netscape supports FTP Proxy weew e smith tofu dog com Port iza Gopher Proxy www e smith totu dog com Port 3128 HTTP Proxy www e smith tofu dag com Pa
155. r ISP IP address of cablemodem or ADSL router gateway IP address e subnet mask Order services from Service List D 4 3 3 Ordering a dialup connection It is typical for you to purchase and install your own modem for your dialup connection Be sure to use a Linux compatible modem WinModems will not work Your modem connects to your ISP over a conventional phone line If you require an additional phone line it is typical for you to arrange that yourself through ISP to Internet regular phone line Modem connects server directly to ISP There are two possible configurations with dialup service 1 Your ISP is able to meet all of the following three conditions e you receive a routable static IP address e your ISP will provide a secondary mail server for your domain which receives e mail when your server is not connected 18 Chapter 4 Your Internet Service Provider ISP e your ISP is able to accept the ETRN command This command is used by the server to retrieve the mail held by the ISP s secondary mail server Information provided to you by your ISP static IP address dialup access number dialup account name dialup account password Order services from Service List C 2 Your ISP is unable to meet all three of the above conditions Information provided to you by your ISP dialup access number dialup account name dialup account password Order services from Service List D 4 4
156. r than manually configuring the client computer To do so you will first need to determine the Ethernet address of the client computer usually through the network properties Next you will go to the Hostnames and addresses web panel of the server manager and enter the information there 53 Chapter 8 Configuring the Computers on Your Network Only One DHCP Server It is imperative that no other DHCP server is on your network If a former DHCP server configured your computers you should remove that DHCP server from your network Leave DHCP enabled and reboot each computer New IP addresses netmasks gateway IP addresses and DNS addresses will be assigned automatically by the server DHCP server 8 2 2 Manual entry for computers not using DHCP service 54 As noted above we strongly recommend that you perform all your client configuration using DHCP It is even possible to assign a static IP address through the Hostnames and addresses web panel of the server manager that will be distributed through your DHCP server However if your computers do not support DHCP you must manually enter the following information into your TCP IP properties Item Description What to enter IP address Manually enter this information see paragraph You must assign a different unique IP address below to computers not accepting DHCP see note below subnet mask or netmask Manually enter this number The default subnet mask or netmask is
157. r to do Things For efficiency we recommend you configure your desktop computers in the following order Step 1 First configure one of your desktop computers to work with TCP IP using the information in this chapter Step 2 With TCP IP up and running on one of your computers you can now access the server manager over the web and create your employees user accounts The next chapter On going Administration Using the e smith Manager explains this simple process Step 3 Once e mail accounts are created you can ensure that all the computers on your network are configured for TCP IP e mail web browsing and LDAP using the information in this chapter Note If you already have e mail accounts set up with your ISP you will need to do things in a different order to ensure continuous e mail service to your site See our online HOWTO document titled Transitioning From a Prior E mail System available at http www e smith org docs howto emailtransition howto html This chapter helps you configure software and hardware supplied by other companies and for that reason is not as specific as the rest of this guide Given the wide range of computers operating systems and software applications we cannot accurately explain the process of configuring each of them If your computers and applications came with manuals they might be useful supplements to this chapter Technical problems encountered in networking your desktop computers and applications are b
158. r would see the message coming from ffrog and going to sales but your name would not appear anywhere in the visible headers Compare that to a forward command where the recipient knows you are the person forwarding the message 117 Chapter 18 Webmail Mailbox INBOX 1 new 0 recent a INBOX 1 4of 4 Messages IE Selectall Select none Movel Copy Selected nail to I Delete Undelete Hide Deleted Expunge Bl Date B From Bl Swject Bisize a 2001 01 09 To sales tofu dog com Meeting coming up on Thursday 1019 a 2001 01 09 To sales tofu dog com Projections due on Wednesday 1006 0 02 30AM Sally Salmon XYZco sales call 921 B Logout oe oam sally Salmon Stott mtg Thursday 2pm 262 Delete Undelete Hide Deleted Expunge Selectall Selectnone Movel Copy Selectedmmail to 1 To do so check the box next to each message you wish to delete After that press the Delete text button directly above or below the list of messages on the left side You will now see a trash icon next to the checkbox and a line through the messages As an example in the image above our user ffrog wants to delete the second and third messages He can click on the checkbox next to each message and then click Delete This will produce a screen such as that below Mailbox INBOX Deleted 2 Messages 1 new recent INBOX 1 4of 4 Messages arri zi Selectall Select none Move Copy Selectedmail to I Delete Undelete Hide Del
159. r you or anyone else can administer your server using the web interface Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software Contact e mail address Finally you will have the option of providing a contact e mail address and name If you would like to be notified of security updates or new versions of software we strongly encourage you to provide at least your e mail address As the screen indicates we will only send you notices of updates and no other information Your contact information will not be shared The last screen asks you to confirm the changes you have made After the changes take effect you will see other services starting up When that is finished your server should be fully operational Congratulations you have configured your SME Server V5 with ServiceLink Afterward you may want to test your Internet access using the test option in the server console If you chose auto earlier the server console remains permanently up on your server Otherwise you would need to login as admin Most routine administration for example adding or deleting e mail addresses is done from your desktop computer using the web based server manager reviewed in a later chapter Therefore once it is up and running most users put their server in an out of the way place and turn off the monitor 49 Chapter 7 The Server Console When installation is complete and if you set server console mode to auto th
160. rent List of Information Bays Description Pagan Vegan Intranet Art Exposition by Miles Gabriel Samsan s Fartes 16 1 i bay Directories Each i bay has three directories html files and cgi bin The cgi bin directory is set aside to hold cgi scripts used for that i bay s web page CGI scripts are tools used in advanced web site creation and do not need to be discussed here the files directory This directory holds files that can be accessed either locally only or publicly It can be used for such things as a company download site a company wide file sharing server or a document sharing site for a specific customer the HTML directory When an i bay is accessed using a web browser via http the user will enter the HTML directory and the web browser will automatically open the index html file in that i bay In other words it will display the web page associated with that i bay This means you can have different web sites running on your server each associated with a specific i bay This can be very powerful and useful as you will see in the upcoming examples Note If an i bay is set for no public access via web or anonymous ftp users connecting to the i bay through Windows or Macintosh file sharing will see only the contents of the files directory However if the i bay settings are later changed to allow public access through web or anonymous ftp users will then see the top level directory of the i bay wit
161. required 5 3 Hardware Requirements for a Category 3 Server Table 5 5 Definition of a Category 3 Server Up 1040 Heavy heavy use of remote access file sharing and other disk intensive activity Table 5 6 Hardware Requirements of a Category 3 Server 25 Chapter 5 Hardware Requirements of the SME Server V5 with ServiceLink Host Computer 5 4 Hardware Requirements for a Category 4 Server Table 5 7 Definition of a Category 4 Server Up 10 500 Table 5 8 Hardware Requirements of a Category 4 Server PCI based Pentium class processor 5 5 Supported Ethernet Adapters Either one ethernet adapter in the case of dialup connectivity or server only mode or two ethernet adapters for dedicated connections in server and gateway mode must be installed on your SME Server V5 with ServiceLink This section describes which types of ethernet adapter can be used in the computer that will become your server There are no restrictions on the ethernet adapters in your other computers Any adapters installed on the server must appear on the following supported list Note that only PCI adapters are supported The PCMCIA adapters used in many laptops and the older ISA adapters are not supported Note Because SME Server V5 with ServiceLink is based on Red Hat Linux version 7 1 PCI ethernet adapters that can work with Red Hat 7 1 should also work with SME Server V5 with ServiceLink You can find an up to date searchable database a
162. rk copyright trade secret or other proprietary rights notice placed by Mitel Networks or its suppliers on any ServiceLink Software 3 SERVICELINK SERVICE Upon acceptance of this Agreement registration through your Authorized Integrator and payment of the applicable fees as well as taxes you are permitted to access and utilize the ServiceLink Service on a non exclusive basis in accordance with the terms of this Agreement For technical support for the ServiceLink Service please contact your Authorized Integrator 4 FEES AND PAYMENT You are required to pay the applicable fees and taxes for the ServiceLink Services We may change our fees for our ServiceLink Services from time to time However any fees already paid for the Subscription Period will be honored at the original price Our changes are effective after we provide you with at least thirty 30 days notice of the changes by posting the changes on our web site or by emailing you the changes If payment has not been made in a timely manner Mitel Networks shall have no obligation to provide the ServiceLink Services 5 SERVICE CANCELLATION BY CUSTOMER You may cancel your subscription to the ServiceLink Services prior to the expiration date of the Subscription Period upon the provision of no less than thirty days prior notice to your Authorized Integrator In the event of the cancellation of ServiceLink Services no fees will be refunded including without limitation any fees which were paid
163. rt 13128 Security Proxy www e smith tofu dog com Port B128 WAIS Proxy Port You may provide a list of domains that Netscape should access directly rather than via the proxy No Proxy for SOCKS Host Port 1080 OK Cancel 8 6 Configuring Your Company Directory 1 58 Your SME Server V5 with ServiceLink will automatically create a company directory and update it as you maintain your e mail accounts The next chapter explains how to configure this service Any client program that uses LDAP Lightweight Directory Access Protocol such as the address book in Netscape Communicator will be able to access the directory For example with Netscape look under the Communicator menu and choose Address Book Then look under the File menu and select New Directory You will see a dialog box similar to the one shown here Note that laptop users should disable proxy servers when working away from their local area networks Chapter 8 Configuring the Computers on Your Network Catering Dept Directory www e smith tofu dog com de tofudog de com You will need to enter the following information Enter the name you wish to give your company directory any name will do The LDAP server is the name of your web server in the form www yourdomain xxx The Server Root information can be found on the Directory screen in your server manager more information on this is available in the next
164. rtant notes below on the limitations of this configuration 20 PPP dialup access if you are using dialup connectivity POP mailbox with generous size limitation domain name route all mail for domain name to the single POP mailbox Internet news server optional Chapter 4 Your Internet Service Provider ISP Some Important Notes on Service List D Multidrop Mail Service list D is applied to configurations where the publication of DNS records is not practical either because your IP address changes frequently or because it is non routable Because there is no published address receiving incoming network connections this configuration does not allow you to host a web page or FTP site using your SME Server V5 with ServiceLink In this case e mail is handled using a method called multidrop which involves temporarily storing all e mail messages addressed to your domain in a POP mailbox at your ISP until your server connects and fetches them Your POP mailbox must be large enough to hold the e mail for your organization until it is fetched If your primary ISP cannot supply this you can use another ISP for your e mail hosting As e mail messages are delivered into the POP mailbox at your ISP some of the addressee information is removed To determine to whom the e mail message is addressed your server uses several heuristics This works very well for normal person to person e mail However messages from mailing lists and other source
165. ry If you are using FTP you can access the html directory by looking under files primary htm 96 Chapter 15 Miscellaneous 15 3 Support and Licensing This section allows you to review the support and licensing terms attached to your SME Server V5 with ServiceLink It also provides contact information for Mitel Networks Corporation and our Authorized Partners 15 4 Other Administration Notes Accessing administrative areas of your server via Windows file sharing To access administrative areas of your server using Windows file sharing you must be logged into your network as admin with the server system password This applies particularly to the NETLOGON share where you can edit the net logon bat file the Primary share where the main web site is stored and any i bays that are writable only by the user admin 97 Chapter 16 Information Bays i bays Information bays or i bays are a unique feature built into your SME Server V5 with ServiceLink i bays are a powerful simple flexible mechanism for creating distinct information sharing sites The network administrator can define several characteristics for each new i bay they create e write access the administrator can control access to the 1 bay by associating the i bay with a group All groups previously created in the groups section of the server manager will appear in the drop down menu under group in this section In addition two default groups will always appear ad
166. s and will completely reinstall the SME Server V5 with ServiceLink software It will however save you the steps of entering all the network configuration data and allow you to simply move through the configuration screens using the Keep option 14 4 Mail Log File Analysis 94 If you are using your SME Server V5 with ServiceLink to send and receive e mail there are now a number of reports available that can help you analyze your system s performance As shown in the image below the default setting provides basic statistics If you pop up the menu however you will see a range of other options If you suspect that there is a problem with the delivery of your e mail you can use these reports to see how your system is operating The information can also help you decide how best to optimize your system Mail Log File Analysis Analysing the mail system log files can aid both in understanding how your system is performing and in diagnosing delivery problems Several different reports are available Please note that it may take several minutes to generate these reports Choose a report type Basic statistics Generate Report Chapter 14 Administration 14 5 View Log Files This panel allows you to view the system log files on you server As shown in the image below you select the log file that you want to view and press the View Log File button Without any filter options you will see the entire log file View Log Files This
167. s contents In this section you can delete an i bay which will delete all contents of the i bay directory and if the i bay requires a password you can set it here As with your user account directory any i bay that requires a password will appear in red until that password has been changed from default the i bay for Samson s Farms in the following image is an example of this A note about i bay names When you create an i bay the name may be up to 12 characters long and may contain only lower case letters numbers periods and underscores The i bay name should also start with a lower case letter For example johnson sales and client3 prj8 are all valid names while 3associates John Smith and Bus Partner are not Finally an i bay cannot use the same name as an existing user or group account It must be unique Note that there are two special names primary and public which are in use by the system and cannot be used for an i bay name 1 This 12 character restriction ensures that the i bay can be shared correctly to all Windows machines 98 Chapter 16 Information Bays i bays Create remove or change information bays Click here to create a new information bay You can remove any information bay or reset its password by clicking on the corresponding command next to the information bay If the information bay shows up in red that means that the password has not yet been changed from the default and should be changed soon Cur
168. s including Short Medium or Long These specify how long the server should wait before disconnecting the dialup connection If your office only shares a single phone line the Short option minimizes the amount of connection time and frees up the phone line for later use The down side to this is that if someone is reading a long page on the web site or steps away from their computer for a brief moment when they want to then go to another web page the server will probably have disconnected and will need to redial and connect On the other hand setting the Long connection time will result in users experiencing fewer delays while waiting for the server to reconnect However the phone line will used for a larger amount of time 45 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software There are two separate timeout values configured by each choice One value is the length of time since the last HTTP web packet went through the server The other is a more general timeout for any other types of packets The difference is there because it is assumed that people reading a web page may take longer to go on to another web page whereas users connecting to another service such as ssh or POP3 to an external server probably will be more active than someone using a web browser The timeout values are shown in the table below HTTP Timeout Other Timeout Note that there is also the option for a Cont inuous dial up connection Choos
169. s where the user s account name is not present in the headers cannot be delivered Any e mail that cannot be delivered will be returned to the sender If the e mail cannot be returned to sender it will be directed to the system administrator Some ISPs add a header to each e mail message as it enters the POP mailbox to assist in determining the addressee One common header tag is X Delivered To If your ISP does this make note of the header tag used so that you can configure your server to look for it explained in a later section Because of the potential problems involved with delivery of e mail to multidrop mailboxes we strongly encourage you to consider other means of mail delivery before resorting to using multidrop Terms used in ordering connectivity and services ADSL or DSL ADSL is a type of high speed Internet access that uses regular phone lines and is available in many metropolitan areas Domain Name This refers to the unique name attached to your organization on the Internet For example tofu dog com or e smith com If you don t have a domain name your ISP can help you select one ensure it is available and register it DNS Domain Name Service DNS or Domain Name Service refers to the software and protocols involved in translating domain names to IP addresses Your server provides DNS lookup services for your local network and your ISP typically also provides you with the IP addresses of DNS servers Th
170. sedes and cancels any previous agreements or understandings whether oral written or implied heretofore in effect and sets forth the entire agreement between the parties with respect to the subject matter hereof If any provision of this Agreement is held to be unenforceable for any reason such provision shall be reformed only to the extent necessary to make it enforceable 16 2 Non Assignment The provision of the ServiceLink Service is personal to you and may not be transferred or assigned in whole or in part to another party This prohibition shall not apply in the event of a sale of all your assets or shares to another entity in which event you shall notify Mitel Networks of such sale within thirty days of the completion of such transaction Mitel Networks shall have the right to assign or transfer this Agreement 16 3 Governing Law This Agreement shall if you are a resident of the United States be governed by and construed in accordance with the laws of the Commonwealth of Virginia exclusive of its conflict of laws provisions and the federal laws of the United States applicable therein If you are a Canadian resident or a resident anywhere other than the United States then this Agreement shall be governed by and construed in accordance with the laws in force in the Province of Ontario exclusive of its conflict of laws provisions In no event shall this Agreement be construed or enforced under the provisions of the United Nations Convention on C
171. sents you with additional options for controlling how your system handles e mail Change other e mail settings Administrative notices generated by the March Networks server are normally e mailed to the admin account If you would like them to be e mailed elsewhere please enter the e mail address below Otherwise leave this field blank Forwarding address for I administrative notices Whenever the March Networks server receives a message to an unknown user it can be returned to the sender with an error message recommended practice or sent to your system administrator as an administrative notice E mail to unknown users Return to sender The March Networks server can deliver outgoing messages directly to their destination recommended in most cases or can deliver them via your Internet provider s SMTP server recommended if you have an unreliable Internet connection or are using a residential Internet service If using your Internet provider s SMTP server specify its hostname or IP address below Otherwise leave this field blank Internet provider s SMTP server You can control access to your POP and IMAP servers The private setting allows access only from your local network s and the public setting allows access from anywhere on the Internet POP and IMAP server access Private You can enable or disable webmail on this system Webmail allows users to access their mail through a regular web browser by point
172. server console It is extremely important that you choose a good password and keep that password secret Anyone who gains access to this password has the power to make any change to your server After you enter the password once you will be asked to type it again to confirm that the password was recorded correctly Note You can use any ASCII printable characters in the administrator password As this password gives someone total control over your server you should choose a password that cannot be guessed easily A good password should contain mixed upper and lower case letters numbers and punctuation yet also be easy to remember An example might be wme sS as in I want my e smith Server Please don t use this example as your password 35 Chapter 6 Installing And Configuring Your SME Server V5 with ServiceLink Software 6 7 Configuring Your System Name and Domain Name As shown below your next step is to enter the primary domain name that will be associated with your SME Server V5 with ServiceLink You can later configure other virtual domains that work with the server Next you need to provide a name for your server You should think carefully about this as changing it later may create additional work For instance Windows client computers may be mapping drives to your server using its name Those clients would need to remap the drive using the new name Tip You should make the system name as unique as possible in
173. shed you should be able to initiate a PPTP connection by double clicking the appropriate icon in the Dial Up Networking window When you then open up your Network Neighborhood window you should see your server workgroup listed there Note Your connection to the Internet needs to be established first before you initiate the PPTP connection This may involve double clicking one Dial Up Networking icon to start your Internet connection then double clicking a second icon to start the PPTP connection To shut down disconnect your PPTP connection first then disconnect from your ISP Warning To protect your network the SME Server V5 with ServiceLink enforces the use of 128 bit encryption for PPTP connections rather than the 40 bit encryption provided in earlier versions of Microsoft s PPTP software If you are unable to establish a PPTP connection to your server you should visit http windowsupdate microsoft com and download the appropriate update Due to the dynamic nature of Microsoft s web site the page may appear differently depending upon the version of Windows you are using In most cases you will want to look or search for Virtual Private Networking or a Dial Up Networking 128 bit encryption update You may need to install the 40 bit encryption update first and then install the 128 bit encryption update Note that with Microsoft s ActiveUpdate process if you are not presented with the choice for this update it is most likely already insta
174. son intra and cust3 pri12 are all valid names but Sassociates John Smith and Bus Partner are not Information bay name samfarms Brief description Samson s Farmd Group Employees Only 5 User access via file sharing or user ftp Write Group Read Group oI Public access via web or anonymous ftp Entire Internet password required outside local network 5 Execution of dynamic content CGI PHP A SSI disabled 5 User access modes marked with an asterisk are not supported by the Macintosh file sharing component If you select one of those modes this i bay will not be available via Macintosh file sharing The public access mode password required outside local network is not supported by the FTP server component If you select this mode the FTP server will require a password both inside and outside the local network for this i bay Create Here s how the process works 106 Each week Mr Samson updates his online order sheet to include only produce that will be ripe and ready for the next delivery date He saves it in html format and e mails it to The Pagan Vegan s administrator Upon receiving the e mail TPV s administrator saves the file directly into the html directory of the samfarms i bay The chef accesses the samfarms i bay reviews what produce will be available and plans menus The chef s assistant then reviews the menus checks against existing inve
175. st you set this to No access 63 Chapter 10 Security 64 ssh secure shell ssh secure shell provides a secure encrypted way to login to a remote machine across a network or to copy files from a local machine to a server Many people do not realize that many programs such as telnet and ftp transmit your password in plain unencrypted text across your network or the Internet ssh and its companion program scp provide a secure way to login or copy files The ssh protocol was originally invented by SSH Communications Security which sells commercial ssh servers clients and other related products The protocol itself has two versions SSH1 and SSH2 both of which are supported by most clients and servers today For more information about SSH Communications Security and its commercial products visit http www ssh com OpenSSH included with the SME Server V5 with ServiceLink is a free version of the ssh tools and protocol The server provides the ssh client programs as well as an ssh server daemon and supports both the SSH1 and SSH2 protocols For more information about OpenSSH visit http www openssh com Once ssh is enabled you should be able to connect to your server simply by launching the ssh client on your remote system and ensuring that it is pointed to the external domain name or IP address for your server In the default configuration you should next be prompted for your user name After you enter admin and your administr
176. subdirectory that you simply create inside of the primary web site file area You need to use an i bay instead Note When you are entering the name for the virtual domain you should supply the fully qualified domain name This is the full name of the domain including any extensions like com but without any prefixes like www or ftp For instance you can create a virtual domain by entering tofu bird com but not by entering tofu bird or www tofu bird com Once you have created a virtual domain your server will be automatically configured to answer to www domainname xxx and proxy domainname xxx It will also be configured to automatically accept e mail for your virtual domain as well Note In order for this to work outside of your local network you will need to work with your ISP or whoever controls the DNS entries for your virtual domain to have the appropriate DNS entries pointed to the IP address of your server For instance your ISP will need to configure an MX record for the domain in order for you to receive inbound e mail to that domain Chapter 13 ServiceLink Until you sign up for ServiceLink and your server is registered all of the panels in this section of the server manager will not be functional In order to subscribe to ServiceLink visit http www e smith com servicelink and find a partner near you The Mitel Networks Corporation partner will interact with the Mitel Networks NOC Network Operations Center to obtai
177. t Save As save the message to a text file By clicking on the Reply button you will be able to enter a reply window such as that shown below Notice that the original message text is quoted with a gt character in front of it At this point you can type more text or edit existing text add or delete recipients spell check the message and do anything else that you could do in a normal compose window Again you can choose to cancel the message save a draft or send the message Message Composition 1 new 0 recent IMP Version2 2 3 Reply Re TPY Staff Meeting Tuesday 9am Spal Checkin English C Cancel Message Save Draft send Message Feon Ffrogetofu dog com issalmon tofu dog com Subject Re TPV Staff Meeting Tuesday 9am mencat Z Options E contacts Quoting ssalmon tofu dog com gt Can you be prepared to talk about the project design requirements Yes I have all the necessary feedback I need and I should have the project spec ready by then Fred 18 8 Deleting Messages You can delete a message while reading it as mentioned previously or you can delete a message or a group of messages from the Inbox view 1 In fact the bounce command will send the message on to a third party without indicating that you were the one forwarding it So if ffrog sent a message to the sales group of which you are a member and you then bounced it to another user that use
178. t Red Hat s web site at http hardware redhat com redhatready cgi bin us db hcl cgi Choose Network Device Controller from the Hardware Category menu 26 Chapter 5 Hardware Requirements of the SME Server V5 with ServiceLink Host Computer If you need more information about how to install an Ethernet adapter please visit our HOWTO document on Installing an Ethernet Adapter in 11 Steps found online at http Awww e smith org docs howto nicinstall howto html Be aware that your Mitel Networks Corporation service representative may not be able to support you if choose to use an adapter that is not on our supported hardware list Please consult your Mitel Networks Corporation service representative for more information 5 5 1 Supported Ethernet Adapters Among the many Ethernet adapters supported by SME Server V5 with ServiceLink are the following 3Com 3C501 3C503 3C509 3C556 3C590 3C592 3C595 3C597 3Com 3C900 3C900B 3C905 3C905B 3C905C 3C980 3C985 3Com Megahertz 3CXES89D EC ET e Accton EN1203 EN1207 EN1207 B C D F EN2212 EtherDuo PCI SOHO BASIC EN220 Adaptec ANA6901 C ANA6911 TX ANA6911A TX ALFA GFC2206 AMD Allied Telesyn AT 2550 AT 2560 AMD 79c970 PCnet LANCE 79c978 HomePNA AT amp T GIS NCR 100VG C NET CNE 935 Cogent EM100 EM110 EM400 EM960 EM964 Quartet Compaq NetFlex 3 P Integrated NetFlex 3 P Compaq Netelligent 10 T PCI UTP 10 T 2 PCI UTP Coax 10
179. telnet as a means of connecting to your server Telnet can be useful in that it allows you to login remotely and diagnose problems or configure settings However when you use telnet all user names and passwords are transmitted without any kind of encryption dramatically reducing the security of your server For that reason we strongly recommend the use of ssh as described above Note Because telnet has been and continues to be widely used to date we are providing the ability to use telnet for remote access However as ssh usage increases it is our intention to remove telnet access from future releases of the server Telnet access This can be set to No Access Private or Public Because of the inherent security weakness mentioned above we strongly recommend that you leave this set to No Access the default and instead use ssh as described above If you do need to enable telnet access we suggest that you enable public or private telnet access only when absolutely necessary and disable such access when it is no longer required If public access is enabled a red warning will appear at the top of every server manager screen Note Because of these security concerns we do not allow administrative access connecting as root or admin using telnet Please use ssh instead 10 3 Local networks 66 Your SME Server V5 with ServiceLink provides services to machines on the local network and it gives machines on that network sp
180. tems they were used to seeing before will now be found in the files directory As an example when the staff of The Pagan Vegan goes into their Network Neighborhood they double click on E smith server as fa Network Neighborhood OP x i shown in File Edit View Help Entire Network daa ve Kevinl 1 object s selected ta They will then see a list of i bays accessible through Windows file sharing When they click on one of them called sharedfiles they see the three folders inside of the i bay sharedfiles on E smi A ES File Edit View Help 3 object s Obytes 4 When they go inside of files they will then see the list of documents provided there 103 Chapter 16 Information Bays i bays amp files File Edit View Help A A A complaint log expense tem recipes pdf A A A teferral form sls reimburse tm shifts xls timesheet te f travel vouch vacations vendor direct 11 objects D bytes z As you can see in this example The Pagan Vegan has several files in this directory for company use Providing a centralized location for company documents such as expense report templates ensures that everyone always has access to these documents and uses the most up to date version 16 6 An i bay Used as an Intranet The Pagan Vegan Vegemite The Pagan Vegan has created an i bay for its company newsletter intranet The company has found this to be a good way f
181. ter 12 Collaboration Create remove or modify pseudonyms Click here to create a pseudonym The March Networks Server automatically creates an e mail alias for each group If you want to define an e mail alias for a list of users simply create a group and the list will automatically be maintained by the server Pseudonyms allow you to create other names for existing users or groups For example you may wish to create a pseudonym webmaster for your webdevelopers group or a pseudonym joe for the user joseph The server automatically creates pseudonyms of the form firstname lastname and firstname_lastname for every user on the system and a pseudonym everyone which contains all users on the system You can modify or remove a pseudonym by clicking on the corresponding command next to the pseudonym Current List of Pseudonyms User or group Everyone local network only Administrator Administrator As noted on the screen below there are some restrictions on the text content of the names Pseudonyms can be linked to existing user or group accounts In the example shown a pseudonym for webmaster is being set to point to ffrog Create a pseudonym Pseudonyms should contain only lower case letters numbers period hyphen and underscore and should start with a lower case letter or number For example sales john holland 123 and email administrator are all valid pseudonyms but John Smith and Henry Miller are
182. thorized representative March Networks is a trademark of March Networks Corporation used under license Appendix F GNU General Public License TERMS AND CONDITIONS FOR COPYING DISTRIBUTION AND MODIFICATION 0 This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License The Program below refers to any such program or work and a work based on the Program means either the Program or any derivative work under copyright law that is to say a work containing the Program or a portion of it either verbatim or with modifications and or translated into another language Hereinafter translation is included without limitation in the term modification Each licensee is addressed as you Activities other than copying distribution and modification are not covered by this License they are outside its scope The act of running the Program is not restricted and the output from the Program is covered only if its contents constitute a work based on the Program independent of having been made by running the Program Whether that is true depends on what the Program does 1 You may copy and distribute verbatim copies of the Program s source code as you receive it in any medium provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty keep intact all the noti
183. time without obligation to notify any person or entity of such changes Mitel Networks does not represent or warrant that the ServiceLink Services including the ServiceLink Software and any open source software components will be uninterrupted or error free that defects will be corrected or that the Service Link Services or the server that makes it available or any open source software components are free of viruses or other harmful components Mitel Networks does not warrant or represent that the use or the results of the use of the ServiceLink Services or the materials made available as part of the ServiceLink Services or any open source software components will be correct accurate timely or otherwise reliable DISCLAIMER OF WARRANTIES THE SERVICELINK SERVICES AND ANY OPEN SOURCE SOFTWARE COMPONENTS ARE PROVIDED AS IS AND THERE ARE NO WARRANTIES CONDITIONS CLAIMS OR REPRESENTATIONS MADE BY MITEL NETWORKS OR ITS SUPPLIERS EITHER EXPRESS IMPLIED OR STATUTORY WITH RESPECT TO THE SERVICELINK SERVICES AND ANY OPEN SOURCE SOFTWARE COMPONENTS INCLUDING WARRANTIES OF QUALITY PERFORMANCE NON INFRINGEMENT MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE NOR ARE THERE ANY WARRANTIES CREATED BY COURSE OF DEALING COURSE OF PERFORMANCE OR TRADE USAGE MITEL NETWORKS DOES NOT WARRANT THAT THE SERVICELINK SERVICES AND OR OPEN SOURCE SOFTWARE COMPONENTS WILL MEET YOUR NEEDS OR BE FREE FROM ERRORS OR THAT THE OPERATIONS OF THE SERVICE WILL BE
184. tion Typically your ISP will arrange for and configure your external hub and router Alternatively you may be required to install that hardware yourself under their direction If a special phone line is required the ISP will typically arrange that It is most typical with 15 Chapter 4 Your Internet Service Provider ISP corporate service that you receive a routable static IP address In fact usually you will be allocated a block of routable static IP addresses for your corporation you will need only one for your server ISP and on to the internet phone line Router transfers traffic from Y server to ISP an external hub or cross over cable connects the server to the router ethernet cable your local network Information provided to you by your ISP e static IP address or block of addresses from which you choose one IP address of router gateway IP address e subnet mask Order services from Service List A 4 3 2 Ordering cablemodem or residential ADSL service Typically your cable company or ADSL provider will install a configured cablemodem or ADSL router at your site If you do not have cable access your cable company will install it for you ADSL connects to the ISP via a conventional phone line If you require an additional phone line it is typical for you to arrange that yourself There are three possible configurations when ordering cablemodem or residential ADSL services 16 Chapter 4 Y
185. tly without proxying due to the IP masquerading capability of the server In general we recommend that proxying be disabled in your network applications Using the proxy server can benefit the organization if you have a slow Internet connection and you ve installed your server software on a fast computer In this case reading from the hard drive will be faster than reading from the Internet Remember though that a proxy server benefits the second and subsequent visitors to a site but not the first visitor so this benefit only applies if your users tend to visit the same sites repeatedly A proxy server is generally not appropriate if you have a fast Internet connection and you ve installed your server software on a lower or mid level computer In this case reading from the hard drive of the computer may not be faster than over the Internet It also offers no benefit to your organization if employees at your site do not tend to visit the same web pages 125 Appendix D Technical Support If you are a Mitel Networks Corporation subscriber and are having technical difficulty please contact your local Mitel Networks Corporation Authorized Partner for support If you purchased your subscription directly from Mitel Networks Corporation please call 1 613 592 2122 in the United States and Canada call 1 866 472 9999 and ask for technical support or e mail us at support e smith com You can also visit our website http www e smith com Please
186. to their particular event The company finds it reduces the risk of miscommunication and improves its image and reputation The html files in the i bay s html directory are based on a template that TPV uses for each customer Creating each web site is a straightforward fill in the blanks process 101 Chapter 16 Information Bays i bays Create a new information bay The information bay name should contain only lower case letters numbers periods hyphens and underscores and should start with a lower case letter For example johnson intra and cust3 pri12 are all valid names but Sassociates John Smith and Bus Partner are not Information bay name myabriel Brief description Art Exposition by Miles Gabriel Group Everyone User access via file sharing or user ftp Write Admin Read Group 9 or access vie web OF anonymous Entire Internet password required Execution of dynamic content CGI i PHP SSI disabled 5 User access modes marked with an asterisk are not supported by the Macintosh file sharing component If you select one of those modes this i bay will not be available via Macintosh file sharing The public access mode password required outside local network is not supported by the FTP server component If you select this mode the FTP server will require a password both inside and outside the local network for this i bay Create TPV has chosen a naming c
187. tremely secure IPSEC protocol so no one can intercept and read your data as it travels across the Internet Note IPSEC VPNs can only be established between servers operating in server and gateway mode If you have a server operating in server only mode it will not be able to participate in an IPSEC VPN Once your partner has established a VPN the web panel shown below will show that your server is a member of a VPN and provide information about the other systems to which your server is connected ServiceLink IPSEC VPN The ServiceLink IPSEC VPN service allows one to configure a virtual private network between sites over the internet using a secure protocol When two or more March Networks servers with ServiceLink IPSEC YPN are configured into a VPN those servers are then able to share files as if each is a machine on the local network Your service account id is 345659 Current list of YPN partners ottawal tofu dog com Chapter 13 ServiceLink From a user perspective the major difference will be that when you open up on Windows your Network Neighborhood or My Network Places you will now see the servers at the other locations on your VPN Note that when you establish a VPN using ServiceLink one SME Server is designated to act as the primary server All user accounts are created on this primary server and users must login with those accounts to access network resources The other servers in the VPN known as secondary ser
188. trongly recommend that you configure all clients machines using DHCP rather than manually using static IP addresses Should you ever need to change network settings or troubleshoot your network later you will find it much easier to work in an environment where addresses are automatically assigned On a Windows 95 98 system the window will look like the image below TCPAIP Properties 27x Bindings Advanced Nemos DNS Configuration Gateway WINS Configuration IP Address An IP address can be automatically assigned to this computer If your network does not automatically assign IP addresses ask your network administrator for an address and then type it in the space below 8 2 1 Automatic DHCP Service Your server provides a DHCP server that assigns each of the computers on your network an IP address subnet mask gateway IP address and DNS IP address es For a more detailed explanation of DHCP consult the section in the Chapter 5 called Configuring Your DHCP Server Note In some rare cases you may want to use a static IP address for a particular client machine The typical approach is to manually enter this IP address into the network properties of the specific machine The negative side of this approach is that you cannot easily change or alter network settings without having to go in and modify the information on the client machine However it is possible to provide this static IP address directly through DHCP rathe
189. u need to shut down or reboot your server using this screen will ensure that the shutdown sequence occurs gracefully preserving all configuration and information on your server There is a similar function in the server console as well Note that this screen initiates the shutdown or reboot immediately after you click the Perform button 95 Chapter 15 Miscellaneous 15 1 Online manual This link will take you directly from the server manager to the online manual available at http www e smith org docs manual Note that you must be connected to the Internet to read the online manual 15 2 Create Starter Web Site If you already have a customized web site you should not use this section since it will overwrite your index htm file If you do not have a customized web site and wish to create your starter home page simply fill out the appropriate fields This will create an attractive basic home page that you can visit by entering your domain name for your site http www yourdomain xxx in your web browser Note that as previously explained there is typically a delay of one or more days before your ISP publishes your domain address records On your local network you can use http www to view your starter web site Create starter web site To create a simple web page for your company fill in the fields below and click on Create You can leave any field blank if you do not need it The text that you enter below will be line wra
190. uccessfully your server needs to know which ethernet adapter connects it to the internal network and which adapter connects it to the external network Internet Your server will make this designation automatically the first ethernet adapter in position ethO will normally be assigned to the local internal network and the second ethernet adapter in position eth1 will normally be assigned to the external network Internet In the event that this assumption is incorrect this screen allows you to easily swap that designation If you don t know which ethernet adapter is designated to ethO and which is designated to ethl we suggest you leave it in the default configuration while completing the rest of the screens You will later have the opportunity to Test Internet Access from the server console If your test fails at that time return to this screen swap the card assignment and retry the test Tip If you are using two different network interface cards you will see which driver is associated with ethO and which is associated with eth1 This information can help you determine which card is ethO and which is eth1 If you have two cards that use the identical driver you will see a screen such as the one above where the actual driver is not listed 6 11 3 Configuring Your External Interface With a dedicated connection in server and gateway mode you will be presented with the following screen 42 Chapter 6 Installing And Configuring Yo
191. up Most sites should choose Yes unless you are adding an server to an existing network which already has a domain master 69 Chapter 11 Configuration Warning If you have a Windows NT server or Windows 2000 server on your network that is functioning as a network server you should most likely answer no because that other server will act as the domain master If you do configure your system to be the domain master a special Windows share called NETLOGON is created with a DOS batch file called net logon bat This batch file is executed by Windows clients that have been configured to Logon to domain The netlogon bat file we provide by default does very little but advanced users can if they wish modify this script to set environment variables for their clients or provide automatic drive mappings As the NETLOGON share is only writable by the admin user you modify the netlogon bat script by logging on to a Windows system as admin connecting to the share and then modifying the script using a Windows text editor Be aware that the NETLOGON share will not be visible in Network Neighborhood or other similar tools As the admin user you will need to connect to the share or map a drive to it by using the specific path servername NETLOGON The sample file contains a few examples of setting the system time for each machine and also for mapping a common drive for all Windows client 11 3 Directory 70 Your SME Server V5
192. ur SME Server V5 with ServiceLink Software Your server must know three additional things to communicate on the Internet e its own unique IP address so that Internet data packets can reach it a subnet mask also called a netmask which looks like an IP address and allows other computers to infer your network address from your IP address the IP address of the external gateway for your server This is the IP address of the router on your server s external network It identifies the computer that your server should contact in order to exchange information with the rest of the Internet Normally you would need to know this information and enter it into the server console However most ISPs are capable of automatically assigning these configuration parameters to your server using a DHCP server or PPPoE If you have a static IP address and your ISP is configuring your server using DHCP or PPPoE select Option 1 2 or 3 depending upon how you will be connecting to your ISP When you first connect to your ISP your server will automatically be given its external interface configuration parameters If your ISP is providing you with a dynamic IP address the ISP will configure this through DHCP or PPPoE and your server will be re configured automatically whenever your IP address changes If you plan to use a Dynamic DNS service select Option 2 Otherwise select Option 1 There are some very good reasons to use a dynamic DNS service if you h
193. ur work based on the Program is not required to print an announcement These requirements apply to the modified work as a whole If identifiable sections of that work are not derived from the Program and can be reasonably considered independent and separate works in themselves then this License and its terms do not apply to those sections when you distribute them as separate works But when you distribute the same sections as part of a whole which is a work based on the Program the distribution of the whole must be on the terms of this License whose permissions for other licensees extend to the entire whole and thus to each and every part regardless of who wrote it Thus it is not the intent of this section to claim rights or contest your rights to work written entirely by you rather the intent is to exercise the right to control the distribution of derivative or collective works based on the Program In addition mere aggregation of another work not based on the Program with the Program or with a work based on the Program on a volume of a storage or distribution medium does not bring the other work under the scope of this License 3 You may copy and distribute the Program or a work based on it under Section 2 in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following 131 Appendix F GNU General Public License a Accompany it with the complete corresponding machine r
194. ver is not configured to publish DNS records by itself Any network server can be configured to act as a public DNS server but doing so can create a serious security vulnerability A properly administered DNS host needs to be stable and always on the Internet which is why a Network Operations Center such as that of Mitel Networks Corporation is ideally suited to the task The domain name hosting service provided by ServiceLink allows you to publish domain name records via our NOC In addition to any domain names you may have registered you will also be able to use the special e smith net domain This provides a low cost alternative for small businesses or home users who do not wish to pay registration fees for a com or other domain Users may register their server with a name such as mycompany e smith net IPSEC VPNs As discussed in the section on remote access your server provides support for client to server Virtual Private Networks VPNs using PPTP ServiceLink provides the additional ability to create server to server VPNs using the highly secure IPSEC standard This service allows you to link together servers in different physical locations to make one seamless virtual network Information sent via this network is encrypted to prevent snooping by others on the Internet To encrypt network traffic between servers the server uses the IPSEC protocol This system uses an encryption technique known as public key cryptography In simple ter
195. vers will function as gateways for the users on their local networks to access the VPN and Internet 89 Chapter 14 Administration 14 1 Blades Blades are a new feature in SME Server V5 with ServiceLink which allow you to easily install or remove software modules via the server manager Using this feature will allow easy customization of your server You can choose the options required for your particular needs without having to add unnecessary features If you have not registered for ServiceLink you will see a list of default blades that are available to be installed If however you have chosen to subscribe to ServiceLink your server will display a regularly updated list of available blades which can be installed simply by clicking on the Install link next to the desired item in the server manager Blades are developed and made available by Mitel Networks Corporation or by the open source developer community and are split into categories Supported blades have been verified by our development staff and ServiceLink subscribers will be able to obtain support for the installation and configuration of those blades Unsupported blades are typically those contributed by the open source community and for which no technical support is directly available from Mitel Networks Corporation Clicking on Blades in the server manager s navigation menu will show a list of available software blades which can be installed on your system Current l
196. vices as a traditional ISP The speed of transmission over a cable network can vary widely from quite fast to very slow based in part on the usage within your neighborhood If you have dialup connectivity your server is not permanently connected to the Internet Rather it connects to your ISP over a phone line using a modem Because your connection to the Internet is not permanent some of the services on your server cannot be provided to the outside world For example having your server host your external company web site would create a problem because whenever your server was not connected to the Internet the web site would not be available However it could certainly host an intranet web site because the local network would always be connected 4 2 The IP address An IP address is an identifying number assigned to all devices connected to the Internet and is used in routing information from one device to another Like your phone number your IP address enables other people to reach you In our standard configuration your ISP only needs to allocate one IP address for your network It is assigned to your server which will accept all the Internet data packets intended for your network and distribute them to the appropriate computer much like an office receptionist is able to accept incoming calls and direct them to the appropriate extension 14 Chapter 4 Your Internet Service Provider ISP 4 2 1 Static versus dynamic IP addressing
197. ware be enabled or disabled ServiceLink Virus Protection Enable 86 Chapter 13 ServiceLink To view the quarantined messages we recommend you login to webmail as the admin user You will be then able to view the messages without any code being executed Do not open the attachments as doing so can infect your system Note Administrators with Linux experience can also use ssh to the server and login as the root user to use the command line mail programs mutt or pine to view the messages Each time your server syncs with the NOC it will check to see if a new virus pattern file is available If a new file exists it will be downloaded and installed automatically 13 3 DNS Services During the ServiceLink subscription process your server will be enabled to publish DNS records through our NOC As shown below this panel in the server manager reports which domains you are publishing under the header DNS Services Note With ServiceLink you are able to publish domains in the top level domains of com org and net Other top level domains may be possible for an additional charge Note also that ServiceLink includes the publication of two domains More than two domains can be published for an additional charge Contact your partner for more details on either of these issues ServiceLink DNS services DNS services configuration You can change your service domain at any time The change will be reflected following the next synchro
198. ware The text of the GPL license may be found on the web at http www fsf org copyleft gpl html or in Appendix F The applicable license for each software module is specifically identified and can be seen by running the rpm qiv packagename command from the command line or is listed on our development web site at http www e smith org If you have acquired the March Networks SME Server V5 by means other than purchasing a Mitel Networks commercial offering through an Authorized Partner it is unsupported For further information and available options please contact an Authorized Partner A list of Authorized Partners can be found at http www mitel com sme 1 3 About Our Test Company The Pagan Vegan In this user s guide we use examples of a catering and event planning company The Pagan Vegan or TPV that configures administers and makes use of their server As far as we know no company of this name exists 1 4 What s New For the most complete list of information about changes that have been made in SME Server V5 with ServiceLink see the release notes that accompany your software Chapter 1 Welcome to your SME Server V5 with ServiceLink 1 4 1 ServiceLink With the release of SME Server V5 with ServiceLink Mitel Networks Corporation is also introducing ServiceLink a suite of network delivered services that extend the functionality of the server These include 24x7 Alerts and Reporting Provides round the clock monitor
199. whether to publish the hostname globally and the global IP address Whether inside or outside your local network the hostname points to the global IP address Hostname www Domain tofu dog com Location Sef o Local IP I Ethernet address i The March Networks SME Server with ServiceLink DNS configuration and hosting service provides the ability to automatically make this hostname available throughout the Internet To activate this server for ServiceLink click on the Status panel Publish globally J Global IP l Modify You would first change the location to Remote and then enter the IP address of your ISP s server in the field marked Global IP 11 5 1 Creating New Hostnames 74 Creating new hostnames simply involves selecting one of the links at the top of the Hostnames and addresses panel and filling out the appropriate fields As mentioned previously if you are a ServiceLink subscriber you can check Publish globally and your changes will be propagated to the global DNS system automatically Note that if your system is configured with any virtual domains you will have the choice of the domain in which you want to create the hostname This allows you for instance to have www tofu dog com pointing to one IP address and www mycompany xxx pointing to a completely separate IP address Note Beyond your primary domain and any virtual domains you may have configured ServiceLink subscribers will also have the optio
200. with ServiceLink provides an easy mechanism for creating a company directory Each time you create or delete an e mail account your directory will be automatically updated with the new information Chapter 11 Configuration Change LDAP directory settings The LDAP server provides a network available listing of the user accounts and groups on your March Networks server and can be accessed using an LDAP client such as the Address Book feature in Netscape Communicator Configure your LDAP client with the local IP address of your March Networks server port number 389 and the server root parameter shown below Server root de tofu dog dc com You can control access to your LDAP directory the private setting allows access only from your local network and the public setting allows access from anywhere on the Internet LDAP directory access Private These fields are the LDAP defaults for your organization Whenever you create a new user account you will be prompted to enter all of these fields they can be different for each user but the values you set here will show up as defaults This is a convenience to make it faster to create user accounts Default department Saleg Default company The Pagan Vegarl Default street address fh 23 Main Street Default city Ottawa Default phone number 1555 5555 You can either leave existing user accounts as they are using the above defaults only for new users or you can apply the above defaults t
201. with no password required A customer accesses the site using the FTP client in their web browser to login as the i bay user name by entering the URL ftp menus ftp tofu dog com This is what the customer sees File Edit View Go Communicator Help Bookmarks A Go To ftp menusetofudog coal 4 x Current directory is invitatio Fri Aug 13 17 07 00 1999 Portable Document Format invitatio Fri Aug 13 17 07 00 1999 Portable Document Format invitatio Fri Aug 13 17 07 00 1999 Portable Document Format menus asi Fri Aug 13 17 08 00 1999 Microsoft Word Document _menus mac Fri Aug 13 17 08 00 1999 Microsoft Word Document menus tra Fri Aug 13 17 08 00 1999 Microsoft Word Document menus veg Fri Aug 13 17 08 00 1999 Microsoft Word Document price lis Fri Aug 13 17 09 00 1999 Microsoft Word Document tablesett Fri Aug 13 17 07 00 1999 Portable Document Format tablesett Fri Aug 13 17 07 00 1999 Portable Document Format uniform g Fri Aug 13 17 11 00 1999 Portable Document Format Pa ao ov When the cursor is placed over a file name the full name of the file appears To download a particular file the customer simply clicks on the file name A browser window allows the customer to select a destination directory for the file on his or her local hard drive 108 Chapter 17 User File Storage on the SME Server V5 with ServiceLink When you create a user account on your server this not only creates an e mail account but also a
202. write protected The backup is performed automatically at the selected time every night with a reminder automatically e mailed to the administrator during the day Currently your hard disk contains 366Mb of data Both restore methods allow you to restore your configuration and user data files Ideally the restore should be performed on a freshly installed March Networks SME Server Backup configuration and status Tape backups are disabled Select an action Backup to desktop You have four actions you can perform each of which is described in the following sections 14 2 1 Backup To Desktop The first type of backup allows you to save a snapshot of your server configuration onto your desktop computer This will save all user accounts user directories i bay contents and web content as well as the configuration parameters entered using the server console and the server manager The web panel shows you the size of the backup file so that you can verify whether sufficient space exists on your desktop machine When you choose Backup to desktop a browser window will appear that will allow you to name the file and select the location on your desktop where the file will be saved 14 2 2 Restore From Desktop If you ever need to restore the original configuration and files to your server simply select Restore from desktop and a browser window will prompt you to select the backup file from your desktop Restoration of the informati
203. y interposes itself into the communication This prevents a direct connection from being established between an external computer on the Internet and a computer on your local network thereby significantly reducing the risk of intrusion onto your network Your server also provides services including e mail web access and a powerful file sharing and collaboration feature called i bays that allow you to communicate better internally and with the rest of the world using the Internet Throughout this user s guide the word gateway is used to mean the computer that acts as the interface between your local internal network and the external world server and gateway mode Internet hub aljaljalalal If you prefer you can also run your SME Server V5 with ServiceLink in server only mode In server only mode your server provides your network with services but not the routing and security functions associated with the role of gateway The server only mode is typically used for networks already behind a firewall In that configuration the firewall fulfills the role of gateway providing routing and network security Once installed your SME Server V5 with ServiceLink can be configured and managed remotely Routine administration is handled from your desktop using a web based interface so only on rare occasions will you require direct access to the server computer Once installation is complete most customers put the server in an
204. y mode e configuration for the external network Internet you must configure your server so that it can communicate with your ISP either by a dedicated connection or using a dialup connection only for server and gateway mode miscellaneous information there are several final items to configure such as whether to allow your users to use a proxy server whether to provide status reporting to Mitel Networks Corporation and whether you wish to secure the server console so that it can only be accessed using the administrator s password As you select a given configuration parameter you will be presented only with the screens necessary for your given configuration Each screen will provide you with a simple detailed explanation of the required information Note The Keep option As you move through the configuration screens you will notice that there is a Keep option which will allow you to keep the choices you may have made previously Obviously when you are configuring your system for the first time many of these choices will not have been made but if you later go back to re configure the system this option can save time 6 6 Setting Your Administrator Password As shown in the image below the first thing you will be asked to do is to set the system password This is the password you will enter to access the web based server manager Depending on how you configure the system you may also need to enter this password to access the
205. y need to use your ISP s mail server since it will have a permanent connection to the Internet POP and IMAP server access The options are Private and Public The former allows access only from your local network The latter allows access from anywhere on the Internet Think about this carefully On the positive side choosing Public access allows any of your users to retrieve their e mail via POP IMAP from anywhere on the Internet The negative side is that when you do this you are reducing your level of security as you will now have two more services POP and IMAP that are listening for connections across the Internet Both protocols also involve transmitting your password across the Internet in plain unencrypted text opening up the possibility that someone could intercept the packets and learn your username and password Allowing such access can be a great convenience to your users but if security is a concern you should consider using encrypted webmail instead IMPORTANT Even with POP and IMAP configured for public access users outside your local network are not able to send e mail using your server as their SMTP host Allowing this would open your server to abuse by spammers as a mail relay Users who are travelling should either a use the STMP server of their local ISP b use PPTP to connect to your internal network or c use webmail to read their mail Webmail provides your users with secure access to both read and send mail via your
206. you can modify preferences for your webmail session as shown in the screen below 120 Chapter 18 Webmail Message sent successfully 1 new Orecent Edit your signature Fred Frog Account Executive ffrog tofu dog com The Pagan Vegan http www tofu dog com a l Edit your fullname Fred Frog Edit your email From address Choose your preferred language English a Save preferences You have four preferences you can configure Signature You may include any text that you wish to appear by default at the bottom of your e mail messages Once configured it will always appear at the bottom of a Compose or Reply window when you enter that window You can however delete it for a specific message simply by editing the text in the Compose or Reply text window Full Name If you leave this blank all of your messages will appear to recipients as having come from your e mail address If you enter text here recipients will usually see that text first instead of your e mail address From Address By default your From address is your regular system e mail You do not need to set it here Enter an address here only if you want people to see a different reply address than your normal system generated e mail address Preferred Language This allows you to specify the language used in the menus When you are done modifying your preferences press the Save Preferences button at the bottom of the page
207. ys want the intranet to be created by a particular staff member and checked in by the administrator write access administrator only The intranet is of course viewable only from the internal network No password is required To access the intranet TPV employees use their web browsers to access the URL www tofu dog com intranet File Edit View Go Communicator Help Te Bootmans GoTo http vvv tofudog con intranet Ws A Aenne nd eedd The Vegemite Welcome to the Pagan Vegan Intranet Created maintained and read by TPV employees Company Picnic Don t forget our company picnic is coming up on September 10 4p m at HogsHead Park John is bringing a keg of cider Kate said that TPV will foot the bill for the food so come hungry Click here for directions Shifts Sign up early sign up often Sign up for the waiting bartending and kitchen shifts you d most like to work Click here for the shift schedule IMPORTANT NOTE Don will be out on personal leave for a few more days His shift for the August 10 Gabriel event is available If you want to work that shift let Kate know ASAP Speaking of Don Adrian is collecting donations for Don while they rebuild their home after the fire TPV is chipping in for a whole bunch of food yeah But if you have any clothing or household goods that you d like to donate let Adrian know Don says everyone is doing fine and thanks for the help Vacation Time Don t
Download Pdf Manuals
Related Search