SlideShare una empresa de Scribd logo

Installing & Configuring IBM Domino 9 on CentOS

Devin Olson
Devin Olson

Step-by-step guide to install CentOS, configure for Domino, and install Domino.

Software
1 de 21
Descargar para leer sin conexión
Installing & Configuring Domino 9 Social Edition on CentOS 6 Enterprise Linux Devin S. Olson
Table of Contents Introduction......................................................................................................3 CentOS Installation and Minimal Configuration..............................................4 1) Install 64 bit CentOS 6 Minimal. .............................................................4 2) Configure network .................................................................................. 4 3) Install the following packages................................................................. 5 Verify Services and Security........................................................................... 6 1) Verify the cron service is running, conditionally start.............................. 6 2) Turn off and disable SELinux (Domino Incompatible) ............................6 3) Enable and activate the time service...................................................... 6 4) Set up the RPM Forge Repository ......................................................... 6 Firewall Configuration..................................................................................... 7 1) Temporarily disable the firewall............................................................... 7 2) Ensure the ports required by the Domino server are open ....................7 3) [OPTIONAL] Edit the Hosts file and add the hostname .......................11 4) Make sure everything is up to date....................................................... 11 User Account & SSH Service........................................................................12 1) Create a Group......................................................................................12 2) Add the user.......................................................................................... 12 3) Create a password for the user.............................................................12 4) Start the SSH service............................................................................12 Domino Specific Configuration......................................................................13 1) Log in via SSH to verify user account .................................................. 13 2) Verify httpd service is stopped and disabled.........................................13 3) Verify sendmail service is stopped and disabled..................................13 4) Verify postfix service is stopped and disabled......................................13 5) Set File Handles.................................................................................... 14 6) Reboot the server..................................................................................14 7) Log in via SSH.......................................................................................14 8) Allow Domino to tune the Linux kernel..................................................14 9) Create the directory for your Domino server.........................................15 10) Create Installation Directory................................................................15 11) Get Install File......................................................................................15 12) Verify File and Unpack........................................................................ 15 Domino Installation & Setup..........................................................................16 1) Find and run the installation.................................................................. 16 2) Follow Prompts......................................................................................16 3) Switch user and launch server listen.....................................................17 4) Domino Remote Server Setup Utility.................................................... 17 STICKY BITS - IMPORTANT! ......................................................................18 Set Sticky-bit on Bindsock.........................................................................18 Launch Domino............................................................................................. 20 1) Restart the Server................................................................................. 20 2) Celebrate...............................................................................................20 ADDITIONAL RESOURCES.........................................................................21
Introduction In this document I will walk you through the necessary steps to perform a ground-up installation of 64-bit CentOS, minimal configuration of the Operating System, configuration specific for IBM Domino installation, and finally the installation of 64 bit IBM Domino 9 Social Edition. This document and it's accompanying videos are aimed at administrators who have some working knowledge / understanding of IBM Domino, but who may be unfamiliar or uncomfortable with Linux. The goal of this document is to demonstrate out the very minimal requirements for Domino on Linux, point out some potential pitfalls, and ultimately show that installing and running Domino on a Linux machine is much easier than you think. NOTE: I have noted 32 bit installation differences where they occur. Note on Fonts I am deliberately using larger fonts because they are easier for me to read. I realize they may appear gigantic on lower resolution displays, and for that I'm sorry for you. Typographic Conventions Throughout this document there are several different “types” of text. There is explanatory text, which appears in Helvetica. Example file content or lists of information appear in Consolas. Courier New is used for command-line content (stuff you should type). Console commands are orange bold Courier New. I use colors, italics, and bold fonts in various areas to help stuff stand out. You are a smart person, you will figure it out. "Linux" is a registered trademark of Linus Torvalds. “CentOS” is a registered trademark of the CentOS Project. “IBM”, “Domino”, and “Domino 9 Social Edition” are registered trademarks of Internation Business Machines, Incorporated. All other trademarks are property of their respective owners. All other content is Copyright @ 2013 by Devin S. Olson unless otherwise assigned". This document and it's accompanying videos are released under the Apache License, Version 2.0.
CentOS Installation and Minimal Configuration 1) Install 64 bit CentOS 6 Minimal. Latest versions available at www.centos.org. For this document, I used: CentOS-6.4-x86_64-bin-minimal.iso 2) Configure network check network interface ># ip a select the non-loopback device, and verify a config file exist for it (create a new one if need be) ># ls /etc/sysconfig/network-scripts/ifcfg-DEVICENAME use vi to edit the file: ># vi /etc/sysconfig/network-scripts/ifcfg-DEVICENAME *i <return> to insert text <esc> to finish inserting text *:wq <return> to save and quit. (DHCP EXAMPLE) DEVICE="DEVICENAME" HWADDR="MAC ADDRESS" NM_CONTROLLED="yes" ONBOOT="yes" # Interface enabled BOOTPROTO="dhcp" # Assigning IP from DHCP (STATIC EXAMPLE) DEVICE="DEVICENAME" HWADDR="MAC ADDRESS" NM_CONTROLLED="yes" ONBOOT="yes" # Interface enabled BOOTPROTO="static" # Assigning in static mode IPADDR=192.168.0.45 #IP address NETMASK=255.255.255.0 # Subnet Mask GATEWAY=192.168.0.1 # Default Gateway
verify the edits have been saved: ># cat /etc/sysconfig/network-scripts/ifcfg-DEVICENAME Start the network: ># service network start 3) Install the following packages • bind-utils: utilities to test and query Domain Name System (DNS) • file: File-type determination tool • gcc: GNU Compiler Collection front-ends for C, C++. Objective-C, Fortran, Java, Ada, and Go. • lsof: Lists open files • ntp: Network Time Protocol daemon • patch: File-patching tool (applies differences to a file) • rsync: file-difference transfer / synchronization utility • sg3_utils: SCSI command utilities • sudo: allows for single command line as the superuser (usually root) • traceroute: tool for tracing network routes • wget: Non-interactive command line tool for retrieving files using HTTP, HTTPS, and FTP. • yum-utils: a collection of tools and programs for managing yum repositories • zip: compression and file-packaging utility • unzip: decompression and file-package processing utility ># yum -y install bind-utils file gcc lsof ntp patch rsync sg3_utils sudo tracroute wget yum-utils zip unzip
Verify Services and Security 1) Verify the cron service is running, conditionally start ># service crond status ># service crond start 2) Turn off and disable SELinux (Domino Incompatible) ># cat /etc/selinux/config Look for line beginning with SELINUX= If this is anything other than "disabled", edit the file (using vi) and change it to SELINUX=disabled, then save the file. Set the SELinux enforcing mode to permissive (disabled). ># setenforce 0 3) Enable and activate the time service ># ntpdate pool.ntp.org ># chkconfig ntpd on ># service ntpd start 4) Set up the RPM Forge Repository Use the RPM command -i = Install -v = verbose explanation of what is happening -H = display hash marks during the installation Latest releases available at http://pkgs.repoforge.org/rpmforge-release/ ># rpm -ivH http://pkgs.repoforge.org/rpmforge-release/rpmforge-release- 0.5.3-1.el6.rf.x86_64.rpm NOTE: If you are installing on a 32 bit system, be sure to install the 32 bit version instead: ># rpm -ivH http://pkgs.repoforge.org/rpmforge-release/rpmforge-release- 0.5.3-1.el6.rf.i686.rpm
Firewall Configuration NOTE: THIS IS THE MINIMAL configuration. A complete set of firewall rules must be configured if your server will be publicly accessible - and is beyond the scope of this document. DO NOT RELY solely on this configuration. 1) Temporarily disable the firewall ># chkconfig iptables off ># service iptables stop 2) Ensure the ports required by the Domino server are open Common Ports: • 20 FTP (File Transfer Protocol transfer) • 21 FTPC (File Transfer Protocol Command) • 22 SSH (Secure SHell) • 389 LDAP (Lightweight Directory Access Protocol) • 636 LDAPS (Lightweight Directory Access Protocol over SSL) • 1352 NRPC (IBM Notes/Domino RPC) • 80 HTTP (Hypertext Transfer Protocol) • 443 HTTPS (Hypertext Transfer Protocol over SSL) • 25 SMTP (Simple Mail Transfer Protocol • 143 IMAP (Internet Message Access Protocol) -only if you will have IMAP mail clients • 220 IMAPV3 (Internet Message Access Protocol Version 3) -only if you will have IMAP mail clients • 993 IMAPS (Internet Message Access Protocol over SSL) -only if you will have IMAP mail clients • 110 POP3 (Post Office Protocol Version 3) - only if you will have POP3 mail clients • 995 POP3S (Post Office Protocol Version 3 over SSL) - only if you will have POP3 mail clients • 8585 Used by Domino Remote Server Setup This can be done either manually (not recommended), or by using a utility tool such as Webmin.
A) Manual Firewall Configuration 'nixCraft has a great article about iptable configuration: http://www.cyberciti.biz/tips/linux-iptables-examples.html Make a backup first ># cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak Edit the file using vi ># vi /etc/sysconfig/iptables Find the lines *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] Change default INPUT / FORWARD policies from ACCEPT to DROP :INPUT DROP [0:0] :FORWARD DROP [0:0] Find the line: -A INPUT -j REJECT --reject-with icmp-host-prohibited Add the following prior to that line. If that line doesn't exist then add this prior to the COMMIT line. # SSH -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT # LDAP -A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT # LDAPS -A INPUT -m state --state NEW -m tcp -p tcp --dport 636 -j ACCEPT # NRPC -A INPUT -m state --state NEW -m tcp -p tcp --dport 1352 -j ACCEPT # HTTP -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT # HTTPS -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT # SMTP -A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT # Domino Remote Server Setup -A INPUT -m state --state NEW -m tcp -p tcp --dport 8585 -j ACCEPT
If you want to only allow SSH from a specific IP address, change the SSH line to: -A INPUT -s your.allowed.ip.address/24 -m state --state NEW -p tcp --dport 22 -j A If you want to allow webmin clients to access, you will need to open a port: # WEBMIN -A INPUT -m state --state NEW -m tcp -p tcp --dport 10000 -j ACCEPT Save and close the file. You can use the cat command to verify your changes: ># cat /etc/sysconfig/iptables Enable and start the firewall ># chkconfig iptables on ># service iptables start
B) [OPTIONAL] Use Webmin to configure Firewall Latest releases available at http://www.webmin.com/download.html Configure to use the Webmin YUM repository. Start by creating a repository config file for webmin: ># vi /etc/yum.repos.d/webmin.repo Add the following content and save the file: [Webmin] name=Webmin Distribution Neutral #baseurl=http://download.webmin.com/download/yum mirrorlist=http://download.webmin.com/download/yum/mirrorlist enabled=1 Now create an installation directory for the developer's key, then download and install the key ># mkdir /install ># mkdir /install/jcameron ># cd /install/jcameron ># wget -v http://www.webmin.com/jcameron-key.asc ># rpm --import jcameron-key.asc Now use yum to install webmin: ># yum -y install webmin Use a web browser to connect to the Webmin Console at port 10000 URL:> your.server.ip.address:10000 Choose Networking > Linux Firewall, then edit the firewall rules as needed. When finished, make sure to hit the [Apply Configuration] button.
3) [OPTIONAL] Edit the Hosts file and add the hostname ># vi /etc/hosts Add the information for your server to the bottom of the file. Do not change the loopback 127.0.0.1 unless you really know what you are doing and have a very good reason to do so. Changing the loopback hosts entry can cause "very bad things" to happen with your server's network connections. 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 your.server.ip.address fully.qualified.host.name short name 4) Make sure everything is up to date. Use yum to update installed content. ># yum -y update
User Account & SSH Service 1) Create a Group ># groupadd groupname 2) Add the user -g initial group to which the user should be added -s shell for the user when signing in. User scripts are here. -d home directory -m make the user ># useradd -ggroupname -s/bin/bash -d/home/username -m username 3) Create a password for the user ># passwd username 4) Start the SSH service Use either the command line or Webmin ># service sshd restart
Domino Specific Configuration 1) Log in via SSH to verify user account Log in via SSH, then change to SuperUser (root). (tip: Find the server's ip address using the ip a command) ssh username@your.server.hostname -- OR -- ssh username@your.server.ip.address >$ su >$ enter password for root 2) Verify httpd service is stopped and disabled This may not be necessary if it wasn't automatically installed. ># service httpd stop ># chkconfig httpd off ># chkconfig httpd --del 3) Verify sendmail service is stopped and disabled This may not be necessary if it wasn't automatically installed. ># service sendmail stop ># chkconfig sendmail off ># chkconfig sendmail --del ># yum remove sendmail 4) Verify postfix service is stopped and disabled This may not be necessary if it wasn't automatically installed. ># service postfix stop ># chkconfig postfix off ># chkconfig postfix --del ># yum remove postfix NOTE: Blog O'Matty has a post on disabling unneeded CentOS services: http://prefetch.net/blog/index.php/2006/12/27/securing-centos-installations- by-disabling-unneeded-services/
5) Set File Handles Increase the number of file handles available for use, and make them permanent for username. ># ulimit -n 20000 ># vi /etc/security/limits.conf Add the following lines to the end of the file: username soft nofile 65535 username hard nofile 65535 NOTE: If you are installing on a 32 bit system, set these values: username soft nofile 20000 username hard nofile 49152 6) Reboot the server You need to reboot the server at this point. Use either of the following commands: ># /sbin/shutdown -r now -- OR -- ># reboot now 7) Log in via SSH After the server has rebooted, log in again via SSH and change to SuperUser (repeat DOMINO SPECIFIC CONFIGURATION step 1). 8) Allow Domino to tune the Linux kernel Use the export command to set operating system variable. ># export DOMINO_LINUX_SET_PARMS=1 Use either vi or the echo command to add the export command to the end of the /home/notes/.bashrc file: export DOMINO_LINUX_SET_PARMS=1 ># vi /home/username/.bashrc edit and save the file -- OR -- ># echo -e "nexport DOMINO_LINUX_SET_PARMS=1" >> /home/username/.bashrc
9) Create the directory for your Domino server ># mkdir /local ># mkdir /local/servername ># mkdir /local/servername/dominodata Verify the directory exists and make note of this directory, you will need it during installation. ># cd /directory path you just created 10) Create Installation Directory Create the directory from which to install domino, and change to that directory. ># mkdir /install/domino9 ># cd /install/domino9 11) Get Install File Download the Domino Installation file from wherever you have placed it. You must have previously retrieved the file from IBM, because the IBM Download site doesn't play well with wget. If you have it on a DVD, load the DVD into the drive. ># wget -v URL for Domino_Installation_file. -- OR -- ># cp /DVD MOUNT FOLDER/Domino_Installation_file /install/domino9/ Domino_Installation_file 12) Verify File and Unpack Use the tar command to check the file. -t Table of contents. List all the files contained in the tar file. -v Verbose output. -f Use the filename from the argument parameters. -x Extract or restore the file(s) ># tar -tvf Domino_Installation_file If there are problems with the file, you will need to delete it and download a clean one. If there are no problems, then go ahead and extract the file contents. ># tar -xvf Domino_Installation_file
Domino Installation & Setup 1) Find and run the installation Use the ls command (without the -l argument) to list the directory contents, then navigate down through the folders using the ls and cd command as needed until you see the install file displayed, then run the file: ># ./install 2) Follow Prompts Answer the questions as follows (pressing <enter> will accept the bracketed choice): • Do you want to continue installation in console mode? [Yes] • Welcome to the InstallShield Wizard. [1] • Read and agree to the license agreement. [1] • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Install Data Directories Only (out of scope for this document): [0] • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Program Files Directory Name [/opt/ibm/domino] • Partitioned Server (out of scope for this document): [No] • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Data Files Directory Name [/local/notesdata] ENTER THE DIRECTORY PATH YOU CREATED IN DOMINO SPECIFIC CONFIGURATION STEP 9 • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • User Name [root] ENTER THE USER NAME YOU CREATED IN USER ACCOUNT & SSH SERVICE STEP 2 • Group Name [root] ENTER THE GROUP NAME YOU CREATED IN USER ACCOUNT & SSH SERVICE STEP 1 • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Select Server Setup (Manual) [3] • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Choose the setup type: Domino Utility Server, Domino Messaging Server, Domino Enterprise Server, Customize Domino Server (Customize is out of scope for this document) • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Installation Summary: Press ENTER to read the text [Type q to quit] • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] The server installation will now begin. Once finished, you will be presented with a post-installation instructions page. • Press 3 to Finish or 4 to Redisplay [3]
3) Switch user and launch server listen Change back to the userid you used to log into the SSH session: ># exit Then change to the /local/servername/dominodata folder: >$ cd /local/servername/dominodata Launch the server and put it into listen mode for remote server setup access: >$ /opt/ibm/domino/bin/server -listen 4) Domino Remote Server Setup Utility On another Machine, start the Domino Remote Server Setup Utility Client. Enter the ip address of your server in the dialog box, and follow the prompts to configure your server. When you finish the configuration, a dialog will ask you if you want to shut down the listening server. Do so, then go back to the SSH console from which you launched the server. It should be back to a command prompt.
STICKY BITS - IMPORTANT! Set Sticky-bit on Bindsock When your Domino Server attempts to start any service that needs to bind to a socket (port); it does so by invoking the bindsock program. There is a problem with the installation / setup of IBM Domino 9 Server, in that it does not set the sticky-bit on the bindsock program file. In a Linux environment, a sticky-bit causes an executable file to be run using the credentials of the file owner instead of the invoking user. The proper term for this is Set User Identification Attribute, but everybody just calls it sticky-bit. The bindsock program must be run using the root user's credentials, and therefore must have this sticky-bit set. If you attempt to start your Domino server immediately after you finish configuring it using the remote server setup you will discover that your HTTP server cannot start, because it cannot bind to port 80. Fortunately, the solution to this is very simple. From the console, change to the Super User and enter the password: >$ su >$ enter password for root Change to the domino server program “root” directory: ># cd /opt/ibm/domino Use the find command to search for the bindsock program file. ># find -name 'bindsock' ./notes/90000/linux/bindsock Change to the containing the file: ># cd notes/90000/linux Now use the ls -l command to display the information about bindsock: ># ls -l bindsock -r-sr-xr-x 1 root bin 9880 Mar 9 02:41 bindsock This indicates that this bindsock file is owned by the root user, and the bin group. The block of text at the beginning (-r-sr-xr-x) indicates the type and permissions for the entry. The very first character “-” indicates the type of entry, in this case a normal file. There are several other possible characters with different meanings, such as “d” for directory, or “b” for block
device, but for now all we care about is the “-”. What follows after this first character are three sub-blocks of three characters each. Each sub-block defines which specific permissions are enabled for the entry, and the position of the sub-block defines for whom the permissions are to be applied. The first sub-block is for the owner of the entry, the second for the group, and the third for everybody else. There are three standard permissions: read, write, and execute. We can interpret the result of the ls-l command as follows: -r-sr-xr-x 1 root bin 9880 Mar 9 02:41 bindsock The first block “r-s” tells us that the owner of the entry (in this case root) is allowed to read the entry, is not allowed to write to the entry (no “w”), and can execute the entry using the owner's id (the “s” denotes that Set User Identification Attribute is in force). Normal executable files just have this set as “x”. The second block “r-x” tells us that the group for the entry (in this case bin) can read the entry, is not allowed to write to the entry (no “w”), and may execute the entry. The third block “r-x” tells us that everybody else (users who are neither the owner of the file nor a member of the group) can read the entry, cannot write to the entry (again, no “w”), and may execute the entry. These settings are entirely appropriate for most executable files. In this case however they are not correct, because the bindsock program makes changes to system resources (ports) that for security reasons are only allowed to be made by the root user. This is why the HTTP (and possibly LDAP, IMAP, SMTP, etc.) service is failing to start. To correct the problem, we need to add the stick-bit to bindsock. This is accomplished using the chmod utility, followed by an ls-l to verify our changes: ist it again to verify ># chmod +s bindsock ># ls -l bindsock -r-sr-sr-x 1 root bin 9880 Mar 9 02:41 bindsock This change will now cause all users who are neither the root user, nor members of the bin group, to execute the bindsock using the root user's credentials. Which means our Domino services can now be properly bound to a socket when starting up.
Launch Domino 1) Restart the Server Change back to the userid you used to log into the SSH session, then change to the /local/servername/dominodata folder: ># exit >$ cd /local/servername/dominodata Launch the the server, only this time do not add any parameters. >$ /opt/ibm/domino/bin/server 2) Celebrate Congratulations. Your server is now operational. A quick and simple test to verify is to type in the server's ip address in s browser URL window. You should see the new IBM Domino Start Page. Throw your feet up on the desk, pop open a bottle of your favorite beverage (I suggest anything from Spanky's Brewery), and call it a day. You have done well padawan.
ADDITIONAL RESOURCES Obviously there is a lot more configuration you need to do to make your server production ready. Do the appropriate research, read the appropriate blogs, etc. One incredibly useful resource is Daniel Nashed's blog and his wonderful Domino on Unix/Linux Start Script. http://www.nashcom.de/nshweb/pages/startscript.htm Other Sites worth checking out: • Devin Olson's (that's me!) LearningXPages site: www.learningxpages.com • Devin Olson's (that's me!) Blog site: www.devinolson.net • David Leedy's Notes in 9: http://notesin9.com • Bill Malchisky's BillMal Your Lotus Pal: http://www.billmal.com/billmal/billmal.nsf/ • Declan Lynch's Dec's Dom Blog: www.qtzar.com • Open NTF: www.openntf.org • Planet Lotus: http://planetlotus.org Hope this helps! -Devin.

Recomendados

Installing and Configuring Domino 10 on CentOS 7
Installing and Configuring Domino 10 on CentOS 7Installing and Configuring Domino 10 on CentOS 7
Installing and Configuring Domino 10 on CentOS 7Devin Olson
 
Domino9on centos6
Domino9on centos6Domino9on centos6
Domino9on centos6a8us
 
User management through administration process 2307
User management through administration process 2307User management through administration process 2307
User management through administration process 2307Hansraj Mali
 
HCL Domino V12 Key Security Features Overview
HCL Domino V12 Key Security Features Overview HCL Domino V12 Key Security Features Overview
HCL Domino V12 Key Security Features Overview hemantnaik
 
Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...
Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...
Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...BCC - Solutions for IBM Collaboration Software
 
60 Admin Tips
60 Admin Tips60 Admin Tips
60 Admin TipsGabriella Davis
 
Glusterfs 구성제안 및_운영가이드_v2.0
Glusterfs 구성제안 및_운영가이드_v2.0Glusterfs 구성제안 및_운영가이드_v2.0
Glusterfs 구성제안 및_운영가이드_v2.0sprdd
 
Daos
DaosDaos
DaosUlrich Krause
 

Recomendados

Installing and Configuring Domino 10 on CentOS 7
Installing and Configuring Domino 10 on CentOS 7Installing and Configuring Domino 10 on CentOS 7
Installing and Configuring Domino 10 on CentOS 7Devin Olson
 
Domino9on centos6
Domino9on centos6Domino9on centos6
Domino9on centos6a8us
 
User management through administration process 2307
User management through administration process 2307User management through administration process 2307
User management through administration process 2307Hansraj Mali
 
HCL Domino V12 Key Security Features Overview
HCL Domino V12 Key Security Features Overview HCL Domino V12 Key Security Features Overview
HCL Domino V12 Key Security Features Overview hemantnaik
 
Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...
Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...
Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...BCC - Solutions for IBM Collaboration Software
 
60 Admin Tips
60 Admin Tips60 Admin Tips
60 Admin TipsGabriella Davis
 
Glusterfs 구성제안 및_운영가이드_v2.0
Glusterfs 구성제안 및_운영가이드_v2.0Glusterfs 구성제안 및_운영가이드_v2.0
Glusterfs 구성제안 및_운영가이드_v2.0sprdd
 
Daos
DaosDaos
DaosUlrich Krause
 
instalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntu
instalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntuinstalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntu
instalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntuRis Fernandez
 
HCL Sametime V11 installation - tips
HCL Sametime V11 installation - tipsHCL Sametime V11 installation - tips
HCL Sametime V11 installation - tipsAles Lichtenberg
 
April, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesApril, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesHoward Greenberg
 
Engage.UG 2022 - Domino TOTP/2FA - Best Practices and Pitfalls
Engage.UG 2022 - Domino TOTP/2FA - Best Practices and PitfallsEngage.UG 2022 - Domino TOTP/2FA - Best Practices and Pitfalls
Engage.UG 2022 - Domino TOTP/2FA - Best Practices and PitfallsMilan Matejic
 
Domino policies deep dive
Domino policies deep diveDomino policies deep dive
Domino policies deep diveMartijn de Jong
 
Lotus Domino Clusters
Lotus Domino ClustersLotus Domino Clusters
Lotus Domino Clustersjayeshpar2006
 
TỰ HỌC LPI 1
TỰ HỌC LPI 1 TỰ HỌC LPI 1
TỰ HỌC LPI 1 Hoàng Đạt
 
TỰ HỌC LPI 2
TỰ HỌC LPI 2TỰ HỌC LPI 2
TỰ HỌC LPI 2Hoàng Đạt
 
IBM Notes Traveler Best Practices
IBM Notes Traveler Best PracticesIBM Notes Traveler Best Practices
IBM Notes Traveler Best Practicesjayeshpar2006
 
[FR] Présentatation d'Ansible
[FR] Présentatation d'Ansible [FR] Présentatation d'Ansible
[FR] Présentatation d'Ansible Armand Guio
 
First steps on CentOs7
First steps on CentOs7First steps on CentOs7
First steps on CentOs7Marc Cortinas Val
 
IBM Domino / IBM Notes Performance Tuning
IBM Domino / IBM Notes Performance Tuning IBM Domino / IBM Notes Performance Tuning
IBM Domino / IBM Notes Performance Tuning Vladislav Tatarincev
 
Building Responsive Applications Using XPages
Building Responsive Applications Using XPagesBuilding Responsive Applications Using XPages
Building Responsive Applications Using XPagesTeamstudio
 
Relax and Recover on POWER (Updated 05-2017)
Relax and Recover on POWER (Updated 05-2017)Relax and Recover on POWER (Updated 05-2017)
Relax and Recover on POWER (Updated 05-2017)Sebastien Chabrolles
 
Important tips on Router and SMTP mail routing
Important tips on Router and SMTP mail routingImportant tips on Router and SMTP mail routing
Important tips on Router and SMTP mail routingjayeshpar2006
 
IBM Notes Traveler administration and Log troubleshooting tips
IBM Notes Traveler administration and Log troubleshooting tipsIBM Notes Traveler administration and Log troubleshooting tips
IBM Notes Traveler administration and Log troubleshooting tipsjayeshpar2006
 
MES102 - Verse on Premises 2.0 Best Practices
MES102 - Verse on Premises 2.0 Best PracticesMES102 - Verse on Premises 2.0 Best Practices
MES102 - Verse on Premises 2.0 Best PracticesDylan Redfield
 
Real life challenges and configurations when implementing HCL Sametime v12.0....
Real life challenges and configurations when implementing HCL Sametime v12.0....Real life challenges and configurations when implementing HCL Sametime v12.0....
Real life challenges and configurations when implementing HCL Sametime v12.0....DNUG e.V.
 
Open Mic "Notes Federated Login"
Open Mic "Notes Federated Login"Open Mic "Notes Federated Login"
Open Mic "Notes Federated Login"Ranjit Rai
 
oVirt installation guide_v4.3
oVirt installation guide_v4.3oVirt installation guide_v4.3
oVirt installation guide_v4.3CheolHee Han
 
Becoming A Connections Administrator
Becoming A Connections AdministratorBecoming A Connections Administrator
Becoming A Connections AdministratorGabriella Davis
 
ISBG The 3 S's a guide to single sign on
ISBG The 3 S's a guide to single sign onISBG The 3 S's a guide to single sign on
ISBG The 3 S's a guide to single sign onGabriella Davis
 

Más contenido relacionado

La actualidad más candente

instalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntu
instalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntuinstalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntu
instalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntuRis Fernandez
 
HCL Sametime V11 installation - tips
HCL Sametime V11 installation - tipsHCL Sametime V11 installation - tips
HCL Sametime V11 installation - tipsAles Lichtenberg
 
April, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesApril, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesHoward Greenberg
 
Engage.UG 2022 - Domino TOTP/2FA - Best Practices and Pitfalls
Engage.UG 2022 - Domino TOTP/2FA - Best Practices and PitfallsEngage.UG 2022 - Domino TOTP/2FA - Best Practices and Pitfalls
Engage.UG 2022 - Domino TOTP/2FA - Best Practices and PitfallsMilan Matejic
 
Domino policies deep dive
Domino policies deep diveDomino policies deep dive
Domino policies deep diveMartijn de Jong
 
Lotus Domino Clusters
Lotus Domino ClustersLotus Domino Clusters
Lotus Domino Clustersjayeshpar2006
 
IBM Notes Traveler Best Practices
IBM Notes Traveler Best PracticesIBM Notes Traveler Best Practices
IBM Notes Traveler Best Practicesjayeshpar2006
 
[FR] Présentatation d'Ansible
[FR] Présentatation d'Ansible [FR] Présentatation d'Ansible
[FR] Présentatation d'Ansible Armand Guio
 
IBM Domino / IBM Notes Performance Tuning
IBM Domino / IBM Notes Performance Tuning IBM Domino / IBM Notes Performance Tuning
IBM Domino / IBM Notes Performance Tuning Vladislav Tatarincev
 
Building Responsive Applications Using XPages
Building Responsive Applications Using XPagesBuilding Responsive Applications Using XPages
Building Responsive Applications Using XPagesTeamstudio
 
Relax and Recover on POWER (Updated 05-2017)
Relax and Recover on POWER (Updated 05-2017)Relax and Recover on POWER (Updated 05-2017)
Relax and Recover on POWER (Updated 05-2017)Sebastien Chabrolles
 
Important tips on Router and SMTP mail routing
Important tips on Router and SMTP mail routingImportant tips on Router and SMTP mail routing
Important tips on Router and SMTP mail routingjayeshpar2006
 
IBM Notes Traveler administration and Log troubleshooting tips
IBM Notes Traveler administration and Log troubleshooting tipsIBM Notes Traveler administration and Log troubleshooting tips
IBM Notes Traveler administration and Log troubleshooting tipsjayeshpar2006
 
MES102 - Verse on Premises 2.0 Best Practices
MES102 - Verse on Premises 2.0 Best PracticesMES102 - Verse on Premises 2.0 Best Practices
MES102 - Verse on Premises 2.0 Best PracticesDylan Redfield
 
Real life challenges and configurations when implementing HCL Sametime v12.0....
Real life challenges and configurations when implementing HCL Sametime v12.0....Real life challenges and configurations when implementing HCL Sametime v12.0....
Real life challenges and configurations when implementing HCL Sametime v12.0....DNUG e.V.
 
Open Mic "Notes Federated Login"
Open Mic "Notes Federated Login"Open Mic "Notes Federated Login"
Open Mic "Notes Federated Login"Ranjit Rai
 
oVirt installation guide_v4.3
oVirt installation guide_v4.3oVirt installation guide_v4.3
oVirt installation guide_v4.3CheolHee Han
 

La actualidad más candente (20)

instalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntu
instalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntuinstalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntu
instalacion-y-configuracion-de-un-servidor-dns-bind-en-ubuntu
 
HCL Sametime V11 installation - tips
HCL Sametime V11 installation - tipsHCL Sametime V11 installation - tips
HCL Sametime V11 installation - tips
 
April, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesApril, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best Practices
 
Engage.UG 2022 - Domino TOTP/2FA - Best Practices and Pitfalls
Engage.UG 2022 - Domino TOTP/2FA - Best Practices and PitfallsEngage.UG 2022 - Domino TOTP/2FA - Best Practices and Pitfalls
Engage.UG 2022 - Domino TOTP/2FA - Best Practices and Pitfalls
 
Domino policies deep dive
Domino policies deep diveDomino policies deep dive
Domino policies deep dive
 
Lotus Domino Clusters
Lotus Domino ClustersLotus Domino Clusters
Lotus Domino Clusters
 
TỰ HỌC LPI 1
TỰ HỌC LPI 1 TỰ HỌC LPI 1
TỰ HỌC LPI 1
 
TỰ HỌC LPI 2
TỰ HỌC LPI 2TỰ HỌC LPI 2
TỰ HỌC LPI 2
 
IBM Notes Traveler Best Practices
IBM Notes Traveler Best PracticesIBM Notes Traveler Best Practices
IBM Notes Traveler Best Practices
 
[FR] Présentatation d'Ansible
[FR] Présentatation d'Ansible [FR] Présentatation d'Ansible
[FR] Présentatation d'Ansible
 
First steps on CentOs7
First steps on CentOs7First steps on CentOs7
First steps on CentOs7
 
IBM Domino / IBM Notes Performance Tuning
IBM Domino / IBM Notes Performance Tuning IBM Domino / IBM Notes Performance Tuning
IBM Domino / IBM Notes Performance Tuning
 
Building Responsive Applications Using XPages
Building Responsive Applications Using XPagesBuilding Responsive Applications Using XPages
Building Responsive Applications Using XPages
 
Relax and Recover on POWER (Updated 05-2017)
Relax and Recover on POWER (Updated 05-2017)Relax and Recover on POWER (Updated 05-2017)
Relax and Recover on POWER (Updated 05-2017)
 
Important tips on Router and SMTP mail routing
Important tips on Router and SMTP mail routingImportant tips on Router and SMTP mail routing
Important tips on Router and SMTP mail routing
 
IBM Notes Traveler administration and Log troubleshooting tips
IBM Notes Traveler administration and Log troubleshooting tipsIBM Notes Traveler administration and Log troubleshooting tips
IBM Notes Traveler administration and Log troubleshooting tips
 
MES102 - Verse on Premises 2.0 Best Practices
MES102 - Verse on Premises 2.0 Best PracticesMES102 - Verse on Premises 2.0 Best Practices
MES102 - Verse on Premises 2.0 Best Practices
 
Real life challenges and configurations when implementing HCL Sametime v12.0....
Real life challenges and configurations when implementing HCL Sametime v12.0....Real life challenges and configurations when implementing HCL Sametime v12.0....
Real life challenges and configurations when implementing HCL Sametime v12.0....
 
Open Mic "Notes Federated Login"
Open Mic "Notes Federated Login"Open Mic "Notes Federated Login"
Open Mic "Notes Federated Login"
 
oVirt installation guide_v4.3
oVirt installation guide_v4.3oVirt installation guide_v4.3
oVirt installation guide_v4.3
 

Destacado

Becoming A Connections Administrator
Becoming A Connections AdministratorBecoming A Connections Administrator
Becoming A Connections AdministratorGabriella Davis
 
ISBG The 3 S's a guide to single sign on
ISBG The 3 S's a guide to single sign onISBG The 3 S's a guide to single sign on
ISBG The 3 S's a guide to single sign onGabriella Davis
 
Domino Security - not knowing is not an option (2016 edition)
Domino Security - not knowing is not an option (2016 edition)Domino Security - not knowing is not an option (2016 edition)
Domino Security - not knowing is not an option (2016 edition)Darren Duke
 
A Technical Guide To Deploying Single Sign On
A Technical Guide To Deploying Single Sign OnA Technical Guide To Deploying Single Sign On
A Technical Guide To Deploying Single Sign OnGabriella Davis
 
The Sametime Mobile Experience
The Sametime Mobile ExperienceThe Sametime Mobile Experience
The Sametime Mobile ExperienceGabriella Davis
 
IBM Traveler Management, Security and Performance
IBM Traveler Management, Security and PerformanceIBM Traveler Management, Security and Performance
IBM Traveler Management, Security and PerformanceGabriella Davis
 
Domino in the Back, Party In The Front
Domino in the Back, Party In The FrontDomino in the Back, Party In The Front
Domino in the Back, Party In The FrontGabriella Davis
 
The SSL Problem and How to Deploy SHA2 Certificates
The SSL Problem and How to Deploy SHA2 CertificatesThe SSL Problem and How to Deploy SHA2 Certificates
The SSL Problem and How to Deploy SHA2 CertificatesGabriella Davis
 
Upgrading to Sametime 9.0.1
Upgrading to Sametime 9.0.1Upgrading to Sametime 9.0.1
Upgrading to Sametime 9.0.1Gabriella Davis
 
Simplifying The S's: Single Sign-On, SPNEGO and SAML
Simplifying The S's: Single Sign-On, SPNEGO and SAMLSimplifying The S's: Single Sign-On, SPNEGO and SAML
Simplifying The S's: Single Sign-On, SPNEGO and SAMLGabriella Davis
 
Benefits and Risks of a Single Identity - IBM Connect 2017
Benefits and Risks of a Single Identity - IBM Connect 2017Benefits and Risks of a Single Identity - IBM Connect 2017
Benefits and Risks of a Single Identity - IBM Connect 2017Gabriella Davis
 

Destacado (12)

Becoming A Connections Administrator
Becoming A Connections AdministratorBecoming A Connections Administrator
Becoming A Connections Administrator
 
ISBG The 3 S's a guide to single sign on
ISBG The 3 S's a guide to single sign onISBG The 3 S's a guide to single sign on
ISBG The 3 S's a guide to single sign on
 
Domino Security - not knowing is not an option (2016 edition)
Domino Security - not knowing is not an option (2016 edition)Domino Security - not knowing is not an option (2016 edition)
Domino Security - not knowing is not an option (2016 edition)
 
A Technical Guide To Deploying Single Sign On
A Technical Guide To Deploying Single Sign OnA Technical Guide To Deploying Single Sign On
A Technical Guide To Deploying Single Sign On
 
The Sametime Mobile Experience
The Sametime Mobile ExperienceThe Sametime Mobile Experience
The Sametime Mobile Experience
 
IBM Traveler Management, Security and Performance
IBM Traveler Management, Security and PerformanceIBM Traveler Management, Security and Performance
IBM Traveler Management, Security and Performance
 
Domino in the Back, Party In The Front
Domino in the Back, Party In The FrontDomino in the Back, Party In The Front
Domino in the Back, Party In The Front
 
The SSL Problem and How to Deploy SHA2 Certificates
The SSL Problem and How to Deploy SHA2 CertificatesThe SSL Problem and How to Deploy SHA2 Certificates
The SSL Problem and How to Deploy SHA2 Certificates
 
Upgrading to Sametime 9.0.1
Upgrading to Sametime 9.0.1Upgrading to Sametime 9.0.1
Upgrading to Sametime 9.0.1
 
Domino Adminblast
Domino AdminblastDomino Adminblast
Domino Adminblast
 
Simplifying The S's: Single Sign-On, SPNEGO and SAML
Simplifying The S's: Single Sign-On, SPNEGO and SAMLSimplifying The S's: Single Sign-On, SPNEGO and SAML
Simplifying The S's: Single Sign-On, SPNEGO and SAML
 
Benefits and Risks of a Single Identity - IBM Connect 2017
Benefits and Risks of a Single Identity - IBM Connect 2017Benefits and Risks of a Single Identity - IBM Connect 2017
Benefits and Risks of a Single Identity - IBM Connect 2017
 

Similar a Installing & Configuring IBM Domino 9 on CentOS

unixtoolbox.pdf
unixtoolbox.pdfunixtoolbox.pdf
unixtoolbox.pdfqqlove2
 
unixtoolbox.pdf
unixtoolbox.pdfunixtoolbox.pdf
unixtoolbox.pdfsptlove
 
unixtoolbox.pdf
unixtoolbox.pdfunixtoolbox.pdf
unixtoolbox.pdfsptlove
 
Quick-Start Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
Quick-Start Guide: Deploying Your Cloudian HyperStore Hybrid Storage ServiceQuick-Start Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
Quick-Start Guide: Deploying Your Cloudian HyperStore Hybrid Storage ServiceCloudian
 
Install nagios
Install nagiosInstall nagios
Install nagioshassandb
 
Install nagios
Install nagiosInstall nagios
Install nagioshassandb
 

Similar a Installing & Configuring IBM Domino 9 on CentOS (20)

Unixtoolbox
UnixtoolboxUnixtoolbox
Unixtoolbox
 
unixtoolbox.pdf
unixtoolbox.pdfunixtoolbox.pdf
unixtoolbox.pdf
 
unixtoolbox.pdf
unixtoolbox.pdfunixtoolbox.pdf
unixtoolbox.pdf
 
 
unixtoolbox.pdf
unixtoolbox.pdfunixtoolbox.pdf
unixtoolbox.pdf
 
unixtoolbox.pdf
unixtoolbox.pdfunixtoolbox.pdf
unixtoolbox.pdf
 
 
Unixtoolbox
UnixtoolboxUnixtoolbox
Unixtoolbox
 
unixtoolbox.pdf
unixtoolbox.pdfunixtoolbox.pdf
unixtoolbox.pdf
 
 
 
Develop
DevelopDevelop
Develop
 
unixtoolbox.pdf
unixtoolbox.pdfunixtoolbox.pdf
unixtoolbox.pdf
 
 
Unixtoolbox
UnixtoolboxUnixtoolbox
Unixtoolbox
 
Quick-Start Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
Quick-Start Guide: Deploying Your Cloudian HyperStore Hybrid Storage ServiceQuick-Start Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
Quick-Start Guide: Deploying Your Cloudian HyperStore Hybrid Storage Service
 
KCC_Final.pdf
KCC_Final.pdfKCC_Final.pdf
KCC_Final.pdf
 
Jana treek 4
Jana treek 4Jana treek 4
Jana treek 4
 
Install nagios
Install nagiosInstall nagios
Install nagios
 
Install nagios
Install nagiosInstall nagios
Install nagios
 

Más de Devin Olson

Paired with an Idiot: Things that sabotage success
Paired with an Idiot: Things that sabotage successPaired with an Idiot: Things that sabotage success
Paired with an Idiot: Things that sabotage successDevin Olson
 
Resolving Cached Design Element Corruption Issues in the IBM Notes Client
Resolving Cached Design Element Corruption Issues in the IBM Notes ClientResolving Cached Design Element Corruption Issues in the IBM Notes Client
Resolving Cached Design Element Corruption Issues in the IBM Notes ClientDevin Olson
 
Do you have a website? Do you want to get sued?
Do you have a website? Do you want to get sued?Do you have a website? Do you want to get sued?
Do you have a website? Do you want to get sued?Devin Olson
 
IBM Traveler and Verse: Device Security and Administration Overview
IBM Traveler and Verse: Device Security and Administration OverviewIBM Traveler and Verse: Device Security and Administration Overview
IBM Traveler and Verse: Device Security and Administration OverviewDevin Olson
 
Website Accessibility Workshop
Website Accessibility WorkshopWebsite Accessibility Workshop
Website Accessibility WorkshopDevin Olson
 
Raw Iron to Enterprise Server: Installing Domino on Linux
Raw Iron to Enterprise Server: Installing Domino on LinuxRaw Iron to Enterprise Server: Installing Domino on Linux
Raw Iron to Enterprise Server: Installing Domino on LinuxDevin Olson
 
Curing the Headaches: How to Deal with Bad Developers
Curing the Headaches: How to Deal with Bad DevelopersCuring the Headaches: How to Deal with Bad Developers
Curing the Headaches: How to Deal with Bad DevelopersDevin Olson
 
Accessibility for the Visually Impaired with IBM Lotus Domino
Accessibility for the Visually Impaired with IBM Lotus DominoAccessibility for the Visually Impaired with IBM Lotus Domino
Accessibility for the Visually Impaired with IBM Lotus DominoDevin Olson
 
Countdown to Domino 10
Countdown to Domino 10Countdown to Domino 10
Countdown to Domino 10Devin Olson
 
Pink Slip Time: Turning a Job Loss into a Career Win
Pink Slip Time: Turning a Job Loss into a Career WinPink Slip Time: Turning a Job Loss into a Career Win
Pink Slip Time: Turning a Job Loss into a Career WinDevin Olson
 
XPages Development 2
XPages Development 2XPages Development 2
XPages Development 2Devin Olson
 
XPages Development 1
XPages Development 1XPages Development 1
XPages Development 1Devin Olson
 
Countdown to Domino 2025
Countdown to Domino 2025Countdown to Domino 2025
Countdown to Domino 2025Devin Olson
 
Big Data with Graph, IBM Domino, and the OpenNTF API
Big Data with Graph, IBM Domino, and the OpenNTF APIBig Data with Graph, IBM Domino, and the OpenNTF API
Big Data with Graph, IBM Domino, and the OpenNTF APIDevin Olson
 
Customer Story: Next Level Coding
Customer Story: Next Level CodingCustomer Story: Next Level Coding
Customer Story: Next Level CodingDevin Olson
 
Countdown to Domino 2025 - Preparing for the NOW
Countdown to Domino 2025 - Preparing for the NOWCountdown to Domino 2025 - Preparing for the NOW
Countdown to Domino 2025 - Preparing for the NOWDevin Olson
 
Extreme Development: Pair Programming
Extreme Development: Pair ProgrammingExtreme Development: Pair Programming
Extreme Development: Pair ProgrammingDevin Olson
 
Ad104 build a bean workshop
Ad104 build a bean workshopAd104 build a bean workshop
Ad104 build a bean workshopDevin Olson
 

Más de Devin Olson (18)

Paired with an Idiot: Things that sabotage success
Paired with an Idiot: Things that sabotage successPaired with an Idiot: Things that sabotage success
Paired with an Idiot: Things that sabotage success
 
Resolving Cached Design Element Corruption Issues in the IBM Notes Client
Resolving Cached Design Element Corruption Issues in the IBM Notes ClientResolving Cached Design Element Corruption Issues in the IBM Notes Client
Resolving Cached Design Element Corruption Issues in the IBM Notes Client
 
Do you have a website? Do you want to get sued?
Do you have a website? Do you want to get sued?Do you have a website? Do you want to get sued?
Do you have a website? Do you want to get sued?
 
IBM Traveler and Verse: Device Security and Administration Overview
IBM Traveler and Verse: Device Security and Administration OverviewIBM Traveler and Verse: Device Security and Administration Overview
IBM Traveler and Verse: Device Security and Administration Overview
 
Website Accessibility Workshop
Website Accessibility WorkshopWebsite Accessibility Workshop
Website Accessibility Workshop
 
Raw Iron to Enterprise Server: Installing Domino on Linux
Raw Iron to Enterprise Server: Installing Domino on LinuxRaw Iron to Enterprise Server: Installing Domino on Linux
Raw Iron to Enterprise Server: Installing Domino on Linux
 
Curing the Headaches: How to Deal with Bad Developers
Curing the Headaches: How to Deal with Bad DevelopersCuring the Headaches: How to Deal with Bad Developers
Curing the Headaches: How to Deal with Bad Developers
 
Accessibility for the Visually Impaired with IBM Lotus Domino
Accessibility for the Visually Impaired with IBM Lotus DominoAccessibility for the Visually Impaired with IBM Lotus Domino
Accessibility for the Visually Impaired with IBM Lotus Domino
 
Countdown to Domino 10
Countdown to Domino 10Countdown to Domino 10
Countdown to Domino 10
 
Pink Slip Time: Turning a Job Loss into a Career Win
Pink Slip Time: Turning a Job Loss into a Career WinPink Slip Time: Turning a Job Loss into a Career Win
Pink Slip Time: Turning a Job Loss into a Career Win
 
XPages Development 2
XPages Development 2XPages Development 2
XPages Development 2
 
XPages Development 1
XPages Development 1XPages Development 1
XPages Development 1
 
Countdown to Domino 2025
Countdown to Domino 2025Countdown to Domino 2025
Countdown to Domino 2025
 
Big Data with Graph, IBM Domino, and the OpenNTF API
Big Data with Graph, IBM Domino, and the OpenNTF APIBig Data with Graph, IBM Domino, and the OpenNTF API
Big Data with Graph, IBM Domino, and the OpenNTF API
 
Customer Story: Next Level Coding
Customer Story: Next Level CodingCustomer Story: Next Level Coding
Customer Story: Next Level Coding
 
Countdown to Domino 2025 - Preparing for the NOW
Countdown to Domino 2025 - Preparing for the NOWCountdown to Domino 2025 - Preparing for the NOW
Countdown to Domino 2025 - Preparing for the NOW
 
Extreme Development: Pair Programming
Extreme Development: Pair ProgrammingExtreme Development: Pair Programming
Extreme Development: Pair Programming
 
Ad104 build a bean workshop
Ad104 build a bean workshopAd104 build a bean workshop
Ad104 build a bean workshop
 

Último

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 

Último (20)

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 

Installing & Configuring IBM Domino 9 on CentOS

  • 1. Installing & Configuring Domino 9 Social Edition on CentOS 6 Enterprise Linux Devin S. Olson
  • 2. Table of Contents Introduction......................................................................................................3 CentOS Installation and Minimal Configuration..............................................4 1) Install 64 bit CentOS 6 Minimal. .............................................................4 2) Configure network .................................................................................. 4 3) Install the following packages................................................................. 5 Verify Services and Security........................................................................... 6 1) Verify the cron service is running, conditionally start.............................. 6 2) Turn off and disable SELinux (Domino Incompatible) ............................6 3) Enable and activate the time service...................................................... 6 4) Set up the RPM Forge Repository ......................................................... 6 Firewall Configuration..................................................................................... 7 1) Temporarily disable the firewall............................................................... 7 2) Ensure the ports required by the Domino server are open ....................7 3) [OPTIONAL] Edit the Hosts file and add the hostname .......................11 4) Make sure everything is up to date....................................................... 11 User Account & SSH Service........................................................................12 1) Create a Group......................................................................................12 2) Add the user.......................................................................................... 12 3) Create a password for the user.............................................................12 4) Start the SSH service............................................................................12 Domino Specific Configuration......................................................................13 1) Log in via SSH to verify user account .................................................. 13 2) Verify httpd service is stopped and disabled.........................................13 3) Verify sendmail service is stopped and disabled..................................13 4) Verify postfix service is stopped and disabled......................................13 5) Set File Handles.................................................................................... 14 6) Reboot the server..................................................................................14 7) Log in via SSH.......................................................................................14 8) Allow Domino to tune the Linux kernel..................................................14 9) Create the directory for your Domino server.........................................15 10) Create Installation Directory................................................................15 11) Get Install File......................................................................................15 12) Verify File and Unpack........................................................................ 15 Domino Installation & Setup..........................................................................16 1) Find and run the installation.................................................................. 16 2) Follow Prompts......................................................................................16 3) Switch user and launch server listen.....................................................17 4) Domino Remote Server Setup Utility.................................................... 17 STICKY BITS - IMPORTANT! ......................................................................18 Set Sticky-bit on Bindsock.........................................................................18 Launch Domino............................................................................................. 20 1) Restart the Server................................................................................. 20 2) Celebrate...............................................................................................20 ADDITIONAL RESOURCES.........................................................................21
  • 3. Introduction In this document I will walk you through the necessary steps to perform a ground-up installation of 64-bit CentOS, minimal configuration of the Operating System, configuration specific for IBM Domino installation, and finally the installation of 64 bit IBM Domino 9 Social Edition. This document and it's accompanying videos are aimed at administrators who have some working knowledge / understanding of IBM Domino, but who may be unfamiliar or uncomfortable with Linux. The goal of this document is to demonstrate out the very minimal requirements for Domino on Linux, point out some potential pitfalls, and ultimately show that installing and running Domino on a Linux machine is much easier than you think. NOTE: I have noted 32 bit installation differences where they occur. Note on Fonts I am deliberately using larger fonts because they are easier for me to read. I realize they may appear gigantic on lower resolution displays, and for that I'm sorry for you. Typographic Conventions Throughout this document there are several different “types” of text. There is explanatory text, which appears in Helvetica. Example file content or lists of information appear in Consolas. Courier New is used for command-line content (stuff you should type). Console commands are orange bold Courier New. I use colors, italics, and bold fonts in various areas to help stuff stand out. You are a smart person, you will figure it out. "Linux" is a registered trademark of Linus Torvalds. “CentOS” is a registered trademark of the CentOS Project. “IBM”, “Domino”, and “Domino 9 Social Edition” are registered trademarks of Internation Business Machines, Incorporated. All other trademarks are property of their respective owners. All other content is Copyright @ 2013 by Devin S. Olson unless otherwise assigned". This document and it's accompanying videos are released under the Apache License, Version 2.0.
  • 4. CentOS Installation and Minimal Configuration 1) Install 64 bit CentOS 6 Minimal. Latest versions available at www.centos.org. For this document, I used: CentOS-6.4-x86_64-bin-minimal.iso 2) Configure network check network interface ># ip a select the non-loopback device, and verify a config file exist for it (create a new one if need be) ># ls /etc/sysconfig/network-scripts/ifcfg-DEVICENAME use vi to edit the file: ># vi /etc/sysconfig/network-scripts/ifcfg-DEVICENAME *i <return> to insert text <esc> to finish inserting text *:wq <return> to save and quit. (DHCP EXAMPLE) DEVICE="DEVICENAME" HWADDR="MAC ADDRESS" NM_CONTROLLED="yes" ONBOOT="yes" # Interface enabled BOOTPROTO="dhcp" # Assigning IP from DHCP (STATIC EXAMPLE) DEVICE="DEVICENAME" HWADDR="MAC ADDRESS" NM_CONTROLLED="yes" ONBOOT="yes" # Interface enabled BOOTPROTO="static" # Assigning in static mode IPADDR=192.168.0.45 #IP address NETMASK=255.255.255.0 # Subnet Mask GATEWAY=192.168.0.1 # Default Gateway
  • 5. verify the edits have been saved: ># cat /etc/sysconfig/network-scripts/ifcfg-DEVICENAME Start the network: ># service network start 3) Install the following packages • bind-utils: utilities to test and query Domain Name System (DNS) • file: File-type determination tool • gcc: GNU Compiler Collection front-ends for C, C++. Objective-C, Fortran, Java, Ada, and Go. • lsof: Lists open files • ntp: Network Time Protocol daemon • patch: File-patching tool (applies differences to a file) • rsync: file-difference transfer / synchronization utility • sg3_utils: SCSI command utilities • sudo: allows for single command line as the superuser (usually root) • traceroute: tool for tracing network routes • wget: Non-interactive command line tool for retrieving files using HTTP, HTTPS, and FTP. • yum-utils: a collection of tools and programs for managing yum repositories • zip: compression and file-packaging utility • unzip: decompression and file-package processing utility ># yum -y install bind-utils file gcc lsof ntp patch rsync sg3_utils sudo tracroute wget yum-utils zip unzip
  • 6. Verify Services and Security 1) Verify the cron service is running, conditionally start ># service crond status ># service crond start 2) Turn off and disable SELinux (Domino Incompatible) ># cat /etc/selinux/config Look for line beginning with SELINUX= If this is anything other than "disabled", edit the file (using vi) and change it to SELINUX=disabled, then save the file. Set the SELinux enforcing mode to permissive (disabled). ># setenforce 0 3) Enable and activate the time service ># ntpdate pool.ntp.org ># chkconfig ntpd on ># service ntpd start 4) Set up the RPM Forge Repository Use the RPM command -i = Install -v = verbose explanation of what is happening -H = display hash marks during the installation Latest releases available at http://pkgs.repoforge.org/rpmforge-release/ ># rpm -ivH http://pkgs.repoforge.org/rpmforge-release/rpmforge-release- 0.5.3-1.el6.rf.x86_64.rpm NOTE: If you are installing on a 32 bit system, be sure to install the 32 bit version instead: ># rpm -ivH http://pkgs.repoforge.org/rpmforge-release/rpmforge-release- 0.5.3-1.el6.rf.i686.rpm
  • 7. Firewall Configuration NOTE: THIS IS THE MINIMAL configuration. A complete set of firewall rules must be configured if your server will be publicly accessible - and is beyond the scope of this document. DO NOT RELY solely on this configuration. 1) Temporarily disable the firewall ># chkconfig iptables off ># service iptables stop 2) Ensure the ports required by the Domino server are open Common Ports: • 20 FTP (File Transfer Protocol transfer) • 21 FTPC (File Transfer Protocol Command) • 22 SSH (Secure SHell) • 389 LDAP (Lightweight Directory Access Protocol) • 636 LDAPS (Lightweight Directory Access Protocol over SSL) • 1352 NRPC (IBM Notes/Domino RPC) • 80 HTTP (Hypertext Transfer Protocol) • 443 HTTPS (Hypertext Transfer Protocol over SSL) • 25 SMTP (Simple Mail Transfer Protocol • 143 IMAP (Internet Message Access Protocol) -only if you will have IMAP mail clients • 220 IMAPV3 (Internet Message Access Protocol Version 3) -only if you will have IMAP mail clients • 993 IMAPS (Internet Message Access Protocol over SSL) -only if you will have IMAP mail clients • 110 POP3 (Post Office Protocol Version 3) - only if you will have POP3 mail clients • 995 POP3S (Post Office Protocol Version 3 over SSL) - only if you will have POP3 mail clients • 8585 Used by Domino Remote Server Setup This can be done either manually (not recommended), or by using a utility tool such as Webmin.
  • 8. A) Manual Firewall Configuration 'nixCraft has a great article about iptable configuration: http://www.cyberciti.biz/tips/linux-iptables-examples.html Make a backup first ># cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak Edit the file using vi ># vi /etc/sysconfig/iptables Find the lines *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] Change default INPUT / FORWARD policies from ACCEPT to DROP :INPUT DROP [0:0] :FORWARD DROP [0:0] Find the line: -A INPUT -j REJECT --reject-with icmp-host-prohibited Add the following prior to that line. If that line doesn't exist then add this prior to the COMMIT line. # SSH -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT # LDAP -A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT # LDAPS -A INPUT -m state --state NEW -m tcp -p tcp --dport 636 -j ACCEPT # NRPC -A INPUT -m state --state NEW -m tcp -p tcp --dport 1352 -j ACCEPT # HTTP -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT # HTTPS -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT # SMTP -A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT # Domino Remote Server Setup -A INPUT -m state --state NEW -m tcp -p tcp --dport 8585 -j ACCEPT
  • 9. If you want to only allow SSH from a specific IP address, change the SSH line to: -A INPUT -s your.allowed.ip.address/24 -m state --state NEW -p tcp --dport 22 -j A If you want to allow webmin clients to access, you will need to open a port: # WEBMIN -A INPUT -m state --state NEW -m tcp -p tcp --dport 10000 -j ACCEPT Save and close the file. You can use the cat command to verify your changes: ># cat /etc/sysconfig/iptables Enable and start the firewall ># chkconfig iptables on ># service iptables start
  • 10. B) [OPTIONAL] Use Webmin to configure Firewall Latest releases available at http://www.webmin.com/download.html Configure to use the Webmin YUM repository. Start by creating a repository config file for webmin: ># vi /etc/yum.repos.d/webmin.repo Add the following content and save the file: [Webmin] name=Webmin Distribution Neutral #baseurl=http://download.webmin.com/download/yum mirrorlist=http://download.webmin.com/download/yum/mirrorlist enabled=1 Now create an installation directory for the developer's key, then download and install the key ># mkdir /install ># mkdir /install/jcameron ># cd /install/jcameron ># wget -v http://www.webmin.com/jcameron-key.asc ># rpm --import jcameron-key.asc Now use yum to install webmin: ># yum -y install webmin Use a web browser to connect to the Webmin Console at port 10000 URL:> your.server.ip.address:10000 Choose Networking > Linux Firewall, then edit the firewall rules as needed. When finished, make sure to hit the [Apply Configuration] button.
  • 11. 3) [OPTIONAL] Edit the Hosts file and add the hostname ># vi /etc/hosts Add the information for your server to the bottom of the file. Do not change the loopback 127.0.0.1 unless you really know what you are doing and have a very good reason to do so. Changing the loopback hosts entry can cause "very bad things" to happen with your server's network connections. 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 your.server.ip.address fully.qualified.host.name short name 4) Make sure everything is up to date. Use yum to update installed content. ># yum -y update
  • 12. User Account & SSH Service 1) Create a Group ># groupadd groupname 2) Add the user -g initial group to which the user should be added -s shell for the user when signing in. User scripts are here. -d home directory -m make the user ># useradd -ggroupname -s/bin/bash -d/home/username -m username 3) Create a password for the user ># passwd username 4) Start the SSH service Use either the command line or Webmin ># service sshd restart
  • 13. Domino Specific Configuration 1) Log in via SSH to verify user account Log in via SSH, then change to SuperUser (root). (tip: Find the server's ip address using the ip a command) ssh username@your.server.hostname -- OR -- ssh username@your.server.ip.address >$ su >$ enter password for root 2) Verify httpd service is stopped and disabled This may not be necessary if it wasn't automatically installed. ># service httpd stop ># chkconfig httpd off ># chkconfig httpd --del 3) Verify sendmail service is stopped and disabled This may not be necessary if it wasn't automatically installed. ># service sendmail stop ># chkconfig sendmail off ># chkconfig sendmail --del ># yum remove sendmail 4) Verify postfix service is stopped and disabled This may not be necessary if it wasn't automatically installed. ># service postfix stop ># chkconfig postfix off ># chkconfig postfix --del ># yum remove postfix NOTE: Blog O'Matty has a post on disabling unneeded CentOS services: http://prefetch.net/blog/index.php/2006/12/27/securing-centos-installations- by-disabling-unneeded-services/
  • 14. 5) Set File Handles Increase the number of file handles available for use, and make them permanent for username. ># ulimit -n 20000 ># vi /etc/security/limits.conf Add the following lines to the end of the file: username soft nofile 65535 username hard nofile 65535 NOTE: If you are installing on a 32 bit system, set these values: username soft nofile 20000 username hard nofile 49152 6) Reboot the server You need to reboot the server at this point. Use either of the following commands: ># /sbin/shutdown -r now -- OR -- ># reboot now 7) Log in via SSH After the server has rebooted, log in again via SSH and change to SuperUser (repeat DOMINO SPECIFIC CONFIGURATION step 1). 8) Allow Domino to tune the Linux kernel Use the export command to set operating system variable. ># export DOMINO_LINUX_SET_PARMS=1 Use either vi or the echo command to add the export command to the end of the /home/notes/.bashrc file: export DOMINO_LINUX_SET_PARMS=1 ># vi /home/username/.bashrc edit and save the file -- OR -- ># echo -e "nexport DOMINO_LINUX_SET_PARMS=1" >> /home/username/.bashrc
  • 15. 9) Create the directory for your Domino server ># mkdir /local ># mkdir /local/servername ># mkdir /local/servername/dominodata Verify the directory exists and make note of this directory, you will need it during installation. ># cd /directory path you just created 10) Create Installation Directory Create the directory from which to install domino, and change to that directory. ># mkdir /install/domino9 ># cd /install/domino9 11) Get Install File Download the Domino Installation file from wherever you have placed it. You must have previously retrieved the file from IBM, because the IBM Download site doesn't play well with wget. If you have it on a DVD, load the DVD into the drive. ># wget -v URL for Domino_Installation_file. -- OR -- ># cp /DVD MOUNT FOLDER/Domino_Installation_file /install/domino9/ Domino_Installation_file 12) Verify File and Unpack Use the tar command to check the file. -t Table of contents. List all the files contained in the tar file. -v Verbose output. -f Use the filename from the argument parameters. -x Extract or restore the file(s) ># tar -tvf Domino_Installation_file If there are problems with the file, you will need to delete it and download a clean one. If there are no problems, then go ahead and extract the file contents. ># tar -xvf Domino_Installation_file
  • 16. Domino Installation & Setup 1) Find and run the installation Use the ls command (without the -l argument) to list the directory contents, then navigate down through the folders using the ls and cd command as needed until you see the install file displayed, then run the file: ># ./install 2) Follow Prompts Answer the questions as follows (pressing <enter> will accept the bracketed choice): • Do you want to continue installation in console mode? [Yes] • Welcome to the InstallShield Wizard. [1] • Read and agree to the license agreement. [1] • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Install Data Directories Only (out of scope for this document): [0] • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Program Files Directory Name [/opt/ibm/domino] • Partitioned Server (out of scope for this document): [No] • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Data Files Directory Name [/local/notesdata] ENTER THE DIRECTORY PATH YOU CREATED IN DOMINO SPECIFIC CONFIGURATION STEP 9 • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • User Name [root] ENTER THE USER NAME YOU CREATED IN USER ACCOUNT & SSH SERVICE STEP 2 • Group Name [root] ENTER THE GROUP NAME YOU CREATED IN USER ACCOUNT & SSH SERVICE STEP 1 • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Select Server Setup (Manual) [3] • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Choose the setup type: Domino Utility Server, Domino Messaging Server, Domino Enterprise Server, Customize Domino Server (Customize is out of scope for this document) • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] • Installation Summary: Press ENTER to read the text [Type q to quit] • Press 1 for Next, 2 for Previous, 3 to Cancel or 4 to Redisplay [1] The server installation will now begin. Once finished, you will be presented with a post-installation instructions page. • Press 3 to Finish or 4 to Redisplay [3]
  • 17. 3) Switch user and launch server listen Change back to the userid you used to log into the SSH session: ># exit Then change to the /local/servername/dominodata folder: >$ cd /local/servername/dominodata Launch the server and put it into listen mode for remote server setup access: >$ /opt/ibm/domino/bin/server -listen 4) Domino Remote Server Setup Utility On another Machine, start the Domino Remote Server Setup Utility Client. Enter the ip address of your server in the dialog box, and follow the prompts to configure your server. When you finish the configuration, a dialog will ask you if you want to shut down the listening server. Do so, then go back to the SSH console from which you launched the server. It should be back to a command prompt.
  • 18. STICKY BITS - IMPORTANT! Set Sticky-bit on Bindsock When your Domino Server attempts to start any service that needs to bind to a socket (port); it does so by invoking the bindsock program. There is a problem with the installation / setup of IBM Domino 9 Server, in that it does not set the sticky-bit on the bindsock program file. In a Linux environment, a sticky-bit causes an executable file to be run using the credentials of the file owner instead of the invoking user. The proper term for this is Set User Identification Attribute, but everybody just calls it sticky-bit. The bindsock program must be run using the root user's credentials, and therefore must have this sticky-bit set. If you attempt to start your Domino server immediately after you finish configuring it using the remote server setup you will discover that your HTTP server cannot start, because it cannot bind to port 80. Fortunately, the solution to this is very simple. From the console, change to the Super User and enter the password: >$ su >$ enter password for root Change to the domino server program “root” directory: ># cd /opt/ibm/domino Use the find command to search for the bindsock program file. ># find -name 'bindsock' ./notes/90000/linux/bindsock Change to the containing the file: ># cd notes/90000/linux Now use the ls -l command to display the information about bindsock: ># ls -l bindsock -r-sr-xr-x 1 root bin 9880 Mar 9 02:41 bindsock This indicates that this bindsock file is owned by the root user, and the bin group. The block of text at the beginning (-r-sr-xr-x) indicates the type and permissions for the entry. The very first character “-” indicates the type of entry, in this case a normal file. There are several other possible characters with different meanings, such as “d” for directory, or “b” for block
  • 19. device, but for now all we care about is the “-”. What follows after this first character are three sub-blocks of three characters each. Each sub-block defines which specific permissions are enabled for the entry, and the position of the sub-block defines for whom the permissions are to be applied. The first sub-block is for the owner of the entry, the second for the group, and the third for everybody else. There are three standard permissions: read, write, and execute. We can interpret the result of the ls-l command as follows: -r-sr-xr-x 1 root bin 9880 Mar 9 02:41 bindsock The first block “r-s” tells us that the owner of the entry (in this case root) is allowed to read the entry, is not allowed to write to the entry (no “w”), and can execute the entry using the owner's id (the “s” denotes that Set User Identification Attribute is in force). Normal executable files just have this set as “x”. The second block “r-x” tells us that the group for the entry (in this case bin) can read the entry, is not allowed to write to the entry (no “w”), and may execute the entry. The third block “r-x” tells us that everybody else (users who are neither the owner of the file nor a member of the group) can read the entry, cannot write to the entry (again, no “w”), and may execute the entry. These settings are entirely appropriate for most executable files. In this case however they are not correct, because the bindsock program makes changes to system resources (ports) that for security reasons are only allowed to be made by the root user. This is why the HTTP (and possibly LDAP, IMAP, SMTP, etc.) service is failing to start. To correct the problem, we need to add the stick-bit to bindsock. This is accomplished using the chmod utility, followed by an ls-l to verify our changes: ist it again to verify ># chmod +s bindsock ># ls -l bindsock -r-sr-sr-x 1 root bin 9880 Mar 9 02:41 bindsock This change will now cause all users who are neither the root user, nor members of the bin group, to execute the bindsock using the root user's credentials. Which means our Domino services can now be properly bound to a socket when starting up.
  • 20. Launch Domino 1) Restart the Server Change back to the userid you used to log into the SSH session, then change to the /local/servername/dominodata folder: ># exit >$ cd /local/servername/dominodata Launch the the server, only this time do not add any parameters. >$ /opt/ibm/domino/bin/server 2) Celebrate Congratulations. Your server is now operational. A quick and simple test to verify is to type in the server's ip address in s browser URL window. You should see the new IBM Domino Start Page. Throw your feet up on the desk, pop open a bottle of your favorite beverage (I suggest anything from Spanky's Brewery), and call it a day. You have done well padawan.
  • 21. ADDITIONAL RESOURCES Obviously there is a lot more configuration you need to do to make your server production ready. Do the appropriate research, read the appropriate blogs, etc. One incredibly useful resource is Daniel Nashed's blog and his wonderful Domino on Unix/Linux Start Script. http://www.nashcom.de/nshweb/pages/startscript.htm Other Sites worth checking out: • Devin Olson's (that's me!) LearningXPages site: www.learningxpages.com • Devin Olson's (that's me!) Blog site: www.devinolson.net • David Leedy's Notes in 9: http://notesin9.com • Bill Malchisky's BillMal Your Lotus Pal: http://www.billmal.com/billmal/billmal.nsf/ • Declan Lynch's Dec's Dom Blog: www.qtzar.com • Open NTF: www.openntf.org • Planet Lotus: http://planetlotus.org Hope this helps! -Devin.