Planning a New Domain

After you have your basic GroupWise system up and running, you might need to expand it by adding one or more domains. The GroupWise architecture lets you create a simple, single domain system, or a complex system that links dozens of domains across a campus, a city, or around the world.

This section provides the information you need in order to decide when, where, and how to set up a new domain. The Domain Worksheet lists all the information you need. You should print the worksheet and fill it out as you complete the tasks listed below.

After you have completed the tasks and filled out the Domain Worksheet, you are ready to continue with Setting Up the New Domain .


Determining When to Add a New Domain

How do you know when you should add a domain? The answer to this depends on your administration policies and on physical and logical network organization.

Although a single domain can contain as many post offices and users as you want to add, there are some conditions that indicate the need for a new domain:


Deciding Who Will Administer the New Domain

Any user who is an Admin equivalent can administer GroupWise. We recommend that whoever creates the new domain should be an Admin equivalent so that he or she has the necessary rights to create objects and directories. You can then assign a different user as a domain administrator and limit rights to other objects if necessary. For more information, see GroupWise Administrator Rights.

Depending upon the size, complexity, and layout of your eDirectory tree, you might choose a centralized administration model with one person administering both eDirectory and GroupWise, or you might choose a distributed administration model with the administration workload shared by two or more individuals. With a distributed administration model, each administrator obtains rights to the GroupWise objects and directory structures over which he or she has jurisdiction. If you want to restrict access to some network operations or to certain domains, you can limit access rights to domains the user should not administer.

The user assigned as the administrator must be able to create or modify objects in the domain and will receive an e-mail message whenever an agent encounters a problem. You can designate yourself, one or more other users, or a distribution list as an administrator.

WORKSHEET

Under Item 10: Domain Administrator, enter the ID of the user or distribution list that will administer this domain.

The items in the worksheet are listed in the order you will enter them when setting up your domain. This planning section does not follow the same order as the worksheet, but all worksheet items are covered.


Planning Post Offices in the New Domain

Before adding the new domain, you should plan the post offices that you want to belong to the domain. You should consider the following issues when planning post offices.

For more details, see Planning a New Post Office .


Determining the Context for the Domain Object

When deciding where to place the new Domain object in the eDirectory tree, you should consider how you can most easily administer GroupWise and how the domain and its associated post offices fit into the logical organization of your eDirectory tree.

Domains and their associated objects, including Post Offices, Users, Resources, and Distribution Lists, must be located in the same eDirectory tree. If you have multiple trees, you must create a separate domain in each tree. The domains can all belong to the same GroupWise system.

You can place the domain in any context in an eDirectory tree. The following diagrams provide some examples of how domains can be placed in the eDirectory tree:

WORKSHEET

Under Item 1: Tree Name, specify the name of the eDirectory tree where you plan to create the new domain.

Under Item 2: eDirectory Container, specify the name of the eDirectory container where you plan to create the new domain.


GroupWise Objects Reflect Physical Locations

The GroupWise system below focuses on the physical layout of the company. Because most mail traffic is probably generated by users in the same location, the mail traffic across the WAN is minimized. An organizational unit was created for each site. A domain was created under each organizational unit, corresponding to the city. The sites can be administered centrally or at each site. Administrator rights can be assigned at the domain level.


A GroupWise system following the company's physical organization


GroupWise Objects Reflect Company Organization

The following GroupWise system focuses on departmental organization, as does the eDirectory tree. GroupWise domains and post offices parallel eDirectory organizational units, placing the domains and post offices within the organizational units containing the users that will belong to them.


A GroupWise system following the company's departmental organization


GroupWise Objects Are Grouped with Servers

Because domains and post offices have directory structures on network servers, you could also choose to place the Domain and Post Office objects in the same context as the servers where the directories will reside, as shown in the following example.


A GroupWise system with the domains and post offices grouped with the servers


GroupWise Objects Are Located in a Separate GroupWise Container

Domains and post offices can also be created in their own organizational unit. Administratively, this approach makes it easier to restrict a GroupWise administrator's object and property rights to GroupWise objects only. For information about GroupWise Administrator rights, see Deciding Who Will Administer the New Domain.


Groupwise objects located in their own organizational unit


Choosing the Domain Name

The domain requires a unique name. The name is used as the Domain object's name in eDirectory. It is also used for addressing and routing purposes within GroupWise, and might appear in the GroupWise Address Book.

The domain name can reflect a location, company name or branch name, or some other element that makes sense for your organization. For example, you might want the domain name to be the location (for example, Provo) while the post office name is one of the company's departments (for example, Research). Name the new domain carefully. After it is created, the name cannot be changed.

The domain name can consist of one or more words. Use underscores (_) rather than spaces as separators between words to facilitate addressing across the Internet. Do not use any of the following invalid characters in the domain name:

ASCII characters 0-13

Comma ,

Asterisk *

Double quote "

At sign @

Extended characters

Braces { }

Parentheses ( )

Colon :

Period .

WORKSHEET

Under Item 3: Domain Name, specify the domain name.

Under Item 8: Domain Description, provide a description for the new domain.


Deciding Where to Create the Domain Directory

Logically, the Domain object resides in eDirectory and is administered through ConsoleOne®. Physically, the domain has a directory structure for databases, message queues, and other files. The domain directory structure can be created on NetWare® servers (NetWare 6.x, NetWare 5.x, NetWare 4.2, or NetWare 3.12), Linux servers (SUSE Standard or Enterprise Server 8, Red Hat* Enterprise Linux 3 ES or AS), or Windows servers (Windows 2000 or Windows NT*). The server where you create the domain directory structure can be in the same tree as the Domain object or in another tree.

Many different configurations are possible. When deciding where to create the domain directory, you should consider the following.

Choose an empty directory for the new domain. If you want, the directory can reflect the name of the domain, for example, res_dev for the Research and Development domain. On NetWare and Windows, use a maximum of 8 characters in the directory name. On Linux, use only lowercase characters in the directory name.

Choose the name and path carefully. After the domain directory is created, it is difficult to rename it. If the directory you specify does not exist, it will be created when you create the domain. Do not create the domain directory under another domain or post office directory.

WORKSHEET

Under Item 4: Domain Database Location, enter the full path for the domain directory.

Under Item 9: Network Type, enter the type of network in use at that location.


Deciding Where to Install the Agent Software

You must run a new instance of the MTA for each new domain. To review the functions of the MTA for the domain, see Role of the Message Transfer Agent. For complete installation instructions and system requirements, see "Installing GroupWise Agents" in the GroupWise 6.5 Installation Guide.

When planning the installation of the MTA, you need to consider how the new domain links to existing domains and how the new domain will link to its post offices. For an overview of link configuration, see Managing the Links between Domains and Post Offices.

The MTA requires direct network access to the domain directory and, depending on the link configuration, to each post office directory. Consider the following alternatives when selecting a location for the MTA relative to the domain and its post offices:

WORKSHEET

Under Item 11: Agent Location, indicate whether you plan to run the MTA on the same server where the domain directory is located, or on a different server.

Under Item 12: Agent Platform, enter the platform of the server where the MTA will run (NetWare, Linux, or Windows).


MTA Access to the New Domain: Local vs. Remote

Running the MTA locally on the same server where the domain and post offices reside simplifies network connections (no login is required), reduces network traffic, and protects database integrity. In the following diagram, the agent software is installed on the same server where the domain and post office reside.


Agent software on the same machine with the domain and post office

Running the MTA on a remote server allows you to place the heaviest processing load on your highest performing server. In the following diagram, the agent software is installed on a different server from where the domains and post offices reside.


Agent software on a different machine than the domain and post office

When you run the MTA on a different server from where its directory structures and databases are located, you need to provide adequate access.

  • If the NetWare® MTA needs direct network access to another NetWare server, you must add the /dn switch or the /user and /password switches to the MTA startup file to provide authentication information.
  • If the Linux MTA needs direct network access to another Linux server, you must mount the file system where the domain is located before you start the Linux MTA.
  • If the Windows MTA needs direct network access to another Windows server, you must map a drive to the other server before you start the Windows MTA.


MTA Access to New Post Offices: Mapped and UNC Links vs. TCP/IP Links

If the new domain will include multiple post offices, the post offices will probably reside on different servers from where the domain is located. If you plan to use mapped or UNC links between the domain and its post offices, the MTA requires the same access to the post office directories as it requires to the domain directory.


MTA access using mapped or UNC links
  • If the NetWare MTA needs access to a post office on another NetWare server, you must add the /dn switch or the /user and /password switches to the MTA startup file to provide authentication information.
  • If the Windows MTA needs access to a post office on another Windows server, you must map a drive to the other server before you start the Windows MTA.

NOTE:  The Linux MTA requires TCP/IP links to the POA.

To avoid these direct network access requirements between the MTA and its post offices, you can use TCP/IP links between the domain and its post offices.


MTA access using TCP/IP links

When using TCP/IP links, the MTA does not write message files into message queues in the post office directory structure. Instead, the MTA communicates the information to the POA by way of TCP/IP and then the POA uses its direct network access to write the information.


Cross-Platform Access Issues

In most cases, it is most efficient if you match the MTA platform with the network operating system where the domain resides. For example, if you create a new domain on a NetWare server, use the NetWare MTA.

If you decide not to run the MTA on the same platform as the domain, the MTA must still have direct network access to the domain directory so that it can write to the domain database (wpdomain.db). For example, you could set up the new domain on a NetWare server and run the Windows MTA on an Windows server to service it.


A domain on a NetWare server and the MTA on an NT/2000 server

However, the NetWare MTA could not service a domain located on an Windows server because Windows does not support the required cross-platform connection.

If you are using mapped or UNC links to post offices, the MTA must also have direct network access to the post office directories so that it can write messages files into the post office message queues. You could, for example, run the agents on an Windows server while domains and post offices were located on NetWare servers.


Agents on an NT/2000 machine and domains and post offices on a NetWare server

Again, the opposite combination of NetWare agents servicing domains and post offices on Windows servers is not an option because Windows does not support the required cross-platform connection.

To avoid these cross-platform access issues, use TCP/IP links between a domain and its post offices.

For more detailed information, see Cross-Platform Issues between Domains and Post Offices.


Deciding How to Link the New Domain

Domain links tell the MTAs how to route messages between domains. Properly configured links optimize message flow throughout your GroupWise system. For a review of link types, see Domain-to-Domain Links.

When you create the new domain, you link it to one existing domain. By default, this link is a direct link using TCP/IP as the link protocol, which means the new domain's MTA communicates with the existing domain's MTA through TCP/IP. If desired, you can configure the direct link to use a UNC path as the link protocol, which means the new domain's MTA transfers information to and from the existing domain by accessing the existing domain's directory

WORKSHEET

Under Item 7: Link to Domain, specify the existing domain that you want to link the new domain to, then specify the link protocol (TCP/IP or UNC path).

After you create the new domain, you can configure links to additional domains as needed. See Using the Link Configuration Tool.


Selecting the Domain Language

The domain language determines how times, dates, and numbers are displayed in the GroupWise client and determines the sorting rules for items in the GroupWise Address Book.

WORKSHEET

Under Item 5: Domain Language, specify the domain language.


Selecting the Domain Time Zone

When a message is sent from a user in one time zone to a user in another time zone, GroupWise adjusts the message's time so that it is correct for the recipient's time zone. For example, if a user in New York (GMT -05:00, Eastern Time) schedules a user in Los Angeles (GMT -08:00, Pacific Time) for a conference call at 4:00 p.m. Eastern Time, the appointment is scheduled in the Los Angeles user's calendar at 1:00 p.m. Pacific Time.

The domain time zone becomes the default time zone for each post office in the domain.

WORKSHEET

Under Item 6: Domain Time Zone, enter the time zone.