SUSE Conversations


Quickstart Guide for Installing Domino 7 on SLES 9



By: mbluteau

February 22, 2007 9:25 am

Reads:177

Comments:0

Rating:0

The purpose of this document is to provide a quick way for someone who wants to test-drive Domino on SUSE Linux Enterprise Server 9, for example for a lab pilot, etc. This document is not a comprehensive installation guide for Domino 7 on SLES 9, but I hope that it may save some time to others like me who needed a running Domino server fast, to eventually
tune it or use it together with other solutions like Novell Identity Manager.

If you are preparation for a deployment in production, or if you need in depth information on optimization, security, administration, and other topics, you should take a look at the IBM Redbook for Domino 6 on Linux:

http://www.redbooks.ibm.com/redbooks/pdfs/sg246835.pdf

At the time of this writing, there was no Redbook for Domino 7 on Linux.

I got my Domino version from the IBM web site, which is a 90-day eval. I got the server portion for Linux, and the client/admin portion for Windows. I will concentrate on the server side, since the client side is fairly trivial.

Other Suggestions:

  

The first step is to create a user and a group called notes on SLES.





Figure 1: Start YaST as root, and select Security and Users.





Figure 2: From the User and Group Administration screen, click Add.





Figure 3: Create a user called notes, and select a password.





Figure 4: You should now have a new user called notes.





Figure 5: Now select the Groups radio button, and click Add.





Figure 6: Create a group called notes, and add notes as a member.





Figure 7: You should now see the new group called notes.


Before we start the installation, we need to modify an X server parameter, otherwise the second portion of the installation, the graphical portion, will not launch properly.





Figure 8: in YaST, select the System category, then click on /etc/sysconfig Editor.





Figure 9: Expand the
Desktop, then the Display manager section, then select DISPLAYMANAGER_XSERVER_TCP_PORT_6000_OPEN and set its value to yes.


Now we are ready to launch the installation. You need to open a Terminal screen as root, and mount the installation CD or ISO.





Figure 10: If you try to launch the installation with a non-root user, you will get an error message like the above.





Figure 11: Switch to root using su, then launch the installation.





Figure 12: Launching the installation execuTable.





Figure 14: Domino Server Installation Welcome screen.





Figure 15: Press Tab to continue.





Figure 16: Press Tab to read the Software Agreement.





Figure 17: Software Agreement.





Figure 18: Press Tab to continue.





Figure 19: Press Tab if you agree with the terms.





Figure 20: Accept the default(No) by pressing Tab unless you only want the data directories.





Figure 21: Press Tab unless you don’t want the default of Domino Enterprise Server.




Figure 22: You could also select to install a Domino Messaging Server. To change the
selection, press the spacebar.




Figure 23: The third type of installation is Domino Utility Server.




Figure 24: Press Tab in order to accept the default which is to install all template files.




Figure 25: Press Tab if you are ready to accept the default of No.




Figure 26: You now have the opportunity to select the program directory. Press Tab to accept the default.




Figure 27: Next, you need to select the existing user and group for the installation.




Figure 28: Press Tab to accept the default of No if you do not want to run multiple servers.




Figure 29: You can change the default data directory, or press Tab to accept the default.




Figure 30: Press Tab to accept the default user which is notes.




Figure 31: Press Tab to accept the default group, which is notes.




Figure 32: Here you can accept the default, which is Manual Server Setup, but I decided to go for Local Server Setup in order to launch the setup tool automatically.




Figure 33: Once the configuration is complete, you are now ready to install the program.




Figure 34:
You have a last opportunity to review your configuration. Press Tab to install.




Figure 35: You should now see the progress bar for the installation.




Figure 36: Once the program installation portion is complete, the graphical setup tool should launch automatically.




Figure 37: If you get an error similar to the one above about the DISPLAY environment variable, it is because you did not configured the display manager as in Figure 9.

If you need to re-install, you can delete the 2 directories with rm -R as root, and restart the installation after configuring the display
manager.




Figure 38: Make sure that xdm is listening on port 6000 by using the netstat command.




Figure 39: Welcome screen for the graphical setup portion of the installation.




Figure 40: Select between first or additionnal server then click Next.




Figure 41: Select a server name, then type in a descriptive title. Click Next.




Figure 42: Type an organization name, and select a Certifier password. Click Next.




Figure 43: Select a Domino domain name, then click Next.




Figure 44: Select the administrator’s name, choose a password, then click Next.




Figure 45: Select the internet services you want, then click Next.




Figure 46: It is also possible to go into Advanced Domino Services for a more
granular list.




Figure 47: Select the network settings, then click Next.




Figure 48: You can modify the security settings. Click Next when you are done.




Figure 49: You have one last chance to review your settings. Click Setup when you are ready.



Figure 50: You should now see the Domino Server Setup progress screen. It took less than a minute on my system, which is a VMware machine.




Figure 51: You should get to this Setup summary screen after the setup portion is completed.

Before you start the Domino server, you may want to double check a few things.

The ownership for the files(program and data) should be set to notes:

chown -R -h notes:notes /opt/ibm/lotus
chown -R -h notes:notes /local/notesdata

And the permissions should be set properly:

chmod -R 550 /opt/ibm/lotus
chmod -R 700 /local/notesdata

Also, add the following line to /etc/ld.so.conf:

/opt/lotus/notes/latest/linux

You will also need to edit the .profile file for the notes user(under /home/notes) and add the following lines:

export LOTUS=/opt/lotus
export NOTES_DATA_DIR=/local/notesdata
export Notes_ExecDirectory=$LOTUS/notes/latest/linux
export PATH=$PATH:$NOTES_DATA_DIR:$Notes_ExecDirectory:$Notes_ExecDirectory/res/C

There is an issue with bindsock on my system, and i have seen many threads in newsgroups from people encountering the same issue. The Domino server gives an error about rights not being set properly, but I have not been able to overcome this issue yet on my system. I will update the article once I find a solution.

The official recipe seems to be:

chown root:notes /opt/ibm/lotus/notes/70000/linux/bindsock
chmod 4550 /opt/ibm/lotus/notes/70000/linux/bindsock

But on my system, this is not sufficient.

Now we are ready to start the Domino server for the first time. Logout and login as notes, or open a Terminal and su as notes. Then cd to /local/notesdata and type the following command:

/opt/ibm/lotus/bin/server

You should see the server starting:

Figure 52: Starting the Domino server.




Figure 53: Domino server console during startup.




Figure 54: Domino server console. You may be getting the error about bindsock like me. Also, there is an error about port 6400 being already in use, but this is not true.

I will try to revolve these errors and post a footnote for this article
later.

Now we are ready to test the server with a client running on Windows. If you have not done so already, you should install the client on a Windows machine.




Figure 55: Starting the Windows client for the first time.




Figure 56: Enter the name for the notes user, and the Domino server name. You will need either DNS resolution or an entry in hosts in order to make the connection.



Figure 57: Adding an entry in the Windows hosts file in order to resolve the Domino server name.




Figure 58: You may be getting a warning like the one above. It is not mandatory to have the same password as your Windows logon, which would provide you with a single sign-on.




Figure 59: Without single sign-on, you must enter the password for the notes user.




Figure 60: You will be presented with several optional configuration options like Instant messaging and Internet mail.




Figure 61: Setup screen for additional services.




Figure 62: Setup screen for Internet mail.




Figure 63: Once you are done with the configuration, you should see this
Welcome screen.




Figure 64: If you close the Welcome screen, you should be able to browse the domain information.



Figure 65: With Domino Administrator, you should be able to manage your servers and domain. Above is a Remote Console screen for our server.




Figure 66: You can access different pages like the one above which allows you to manage the services.



Figure 67: The above page is for managing the server’s document.

This is it for this quickstart guide for installing Domino 7 on SUSE Linux Enterprise Server 9. Hopefully, this simple guide will help you to get up to speed faster, and allow you to get a rough idea about the steps involved.

Feel free to send comments, feedback and questions to me.

Other Suggestions:

Ulf Barth

Thank you for your article. Helps me a lot

I found out some changes to run it on openSUSE 10

You get only a little mistake when he is searching for a SLES configuration. This error you can ignore.

Installation Domino Server 7.0.2 OpenSUSE 10

Login as root:

Open Firewall Port 1352, 8585 (Remote Setup)
Create User Notes 
Create Group Notes 

/.install

......

Before you start the Domino server, you may want to double check a few things. The ownership for the files(program and data) should be set to notes:

chown -R -h notes:notes /opt/ibm/lotus
chown -R -h notes:notes /local/notesdata

And the permissions should be set properly:

chmod -R 550 /opt/ibm/lotus
chmod -R 700 /local/notesdata

Also, add the following line to /etc/ld.so.conf:

/opt/lotus/notes/latest/linux

You will also need to edit the .profile file for the notes user(under /home/notes) and add the following lines:

export LOTUS=/opt/lotus
export NOTES_DATA_DIR=/local/notesdata
export Notes_ExecDirectory=$LOTUS/notes/latest/linux
export PATH=$PATH:$NOTES_DATA_DIR:$Notes_ExecDirectory:$Notes_ExecDirectory/res/C
yast
System / Runlevel editor
Stop postfix (or any other smtp that is blocking domino smtp - the bindsock problem)

From the 7.0.2 Release Notes

  1. Domino is started from a login session

    For this case, the default must be overridden by modifying the file /etc/security/limits.conf AND insuring it is respected by the login. Edit /etc/security/limits.conf using root and add or modify the lines:

    notes soft nofile 20000
    notes hard nofile 49152
    
    

    where “domsrvr” is an example of the user id that will run the Domino server. Specify the UNIX user name in the first column that is the owner of the notesdata directory specified during Domino installation. If more than one Domino partition exists on the same Linux for zSeries platform, repeat these lines for each user id. The “soft” value specifies the new default file descriptor limit (ulimit -n), and the “hard” value specifies the maximum file descriptor limit that may be set by the user.

    In order for these limits to be respected following logon, insure the following line is in the appropriate pam.d login file:

    session     required      /lib/security/pam_limits.so
    
    

    For example, if ssh login is used, this line must appear in /etc/pam.d/sshd
    If telnet is used, this line must appear in /etc/pam.d/login
    If rlogin is used, this line must appear in /etc/pam.d/rlogin

    The user id must login after the above changes are made and saved.

  2. Domino is automatically started through /etc/init.d

    Starting a Domino server automatically when Linux is booted is typically accomplished by executing a script which resides in the /etc/init.d directory (in a “runlevel”) . It is worth noting, however, that /etc/security/limits.conf settings are NOT respected when Domino is automatically started by a /etc/init.d script. Therefore, a line such as the following MUST appear in the “start” section of such a script:

    ulimit -n 20000

    Warning: Always make /etc/security/limits.conf change ( 1. above) in addition to modification of the “start” script. Otherwise, on the occasion that Domino is started from a login session, the file descriptor limit will be inadequate.

    chown root:notes /opt/ibm/lotus/notes/70020/linux/bindsock
    chmod 4550 /opt/ibm/lotus/notes/70020/linux/bindsock
    
    chown root:notes /opt/ibm/lotus/notes/70020/linux/tunekrnl
    chmod 4550 /opt/ibm/lotus/notes/70020/linux/tunekrnl
    
    

    Close Firewall Port 8585

    Now we are ready to start the Domino server for the first time. Logout and login
    as notes, or open a Terminal and su as notes. Then cd to /local/notesdata and
    type the following command:

    /opt/ibm/lotus/bin/server

You should see the server starting.

Martijn de Jong

As I didn’t really see any mention of it anywhere else, I though I’d just write this as a comment to your Quickstart guide to Domino 7 on Suse Linux.

If you chown notes:notes on /opt/ibm/lotus you need to put proper permissions back on 2(!) files:

  • chown root:notes /opt/ibm/lotus/notes/latest/linux/bindsock
  • chmod 4550 /opt/ibm/lotus/notes/latest/linux/bindsock
  • chown root:notes /opt/ibm/lotus/notes/latest/linux/tunekrnl
  • chmod 4550 /opt/ibm/lotus/notes/latest/linux/tunekrnl

You need to put proper permissions on tunekrnl to allow this file to change some of the system variables which are needed to give Domino a better performance.

Paul Kennett

Thanks for your extremely detailed and useful article that helped me achieve this for a client with little fuss.

After creating the notes user, run sux notes
as this initialises their gui environment, otherwise the server config still doesn’t run.

bindsock helper errors.

I found we needed to chmod 755 as notes and root need execute permission but root needs to own it. Even after this, you get “normal” instances of this error because of port clashes:

These can be with Postfix port 25, Apache port 80, NDS LDAP ports 389/636. Once we killed postfix and moved the Domino services to other ports, the errors vanishes.

Apache coexistence with Domino can be done by having Apache act as proxy as per:
http://www.ferdychristant.com/blog/archive/DOMV-5ZKPCQ

The biggest omission in the package though is the absence of start up scripts for Domino, so you have to log in as notes and run the Domino server manually. Luckily I found prewritten excellent scripts that did this for me: These are very easy to implement and means the Domino server starts from boot without a window. You can monitor and control the server from an SSH terminal or from your Administrator. the scripts are obtainable free on request from here:
http://www.nashcom.de/nshweb/pages/startscript.htm

Sascha Siekmann

An update to this article, suggested by Sascha Siekmann, is as follows:

The bindsock problem is self induced.

After you set

    chown - R - h notes:notes /opt/ibm/lotus

The bindsock application is not owned by root anymore and therefore unable to bind to a privileged port. You need to chown to root on
/opt/lotus/notes/60050/linux/bindsock/opt/lotus/notes/60050/linux/bindsock

Once that is done, you can restart smtp and the error message will disappear.

This is a longstanding and misleading display bug where port 6400 decimal is x1900 hex which when you byteswap it, becomes … port 25! You can read more about this in my
post to the Suse Domino list
http://lists.suse.com/archive/suse-domino/2004-Sep/0013.html.

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Categories: Uncategorized

Disclaimer: As with everything else at SUSE Conversations, this content is definitely not supported by SUSE (so don't even think of calling Support if you try something and it blows up).  It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.

Comment

RSS