Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.
COURSE of the MONTH
10 days, 21 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Restoring GroupWise 7 emails
Posted on 2013-07-01
For purposes of legal discovery, I'm charged with restoring a GroupWise 7 server to a NetWare 6.5/OES server--having no experience with either! So I'm stumbling along and have gotten a lot farther than I had expected to at this point. But now I need to know more about what I'm doing.
The system as it now exists:
WS2003 server running:
* Backup Exec 11d for Windows
* NW Client for Windows.
* ConsoleOne with the GW snap-in
NetWare OES server running:
* NDS
* Backup Exec Agent for NetWare
* GroupWise 7
I have successfully restored what appears to be the GroupWise server and its data to it from backups, with only this Error reported by Backup Exec:
RKT would have been a user account; APPS is the volume that contains the GW server.
I have not restored the Directory at this time. One concern is that if I do so, the "admin" account will be overwritten and I won't know the credentials. Another is that the Directory was on a separate server. I don't know if I can redirect the Directory restore, or if it can run on the same server as GroupWise, or if I'd have to set up a 2nd NW server.
In any event, without the original Directory, it's not a big surprise that RKT permissions could not be restored. The other concern is that I don't know if it's necessary to restore the Directory and don't want to waste time if there's some way I can use the Directory I just set up.
Likewise, Tree & Context don't match the originals, mainly because I didn't know what they were at the time I set up the server<g>.
Objective here is to do as little as possible to get access to all messages in all mailboxes, preferably all from one account ("admin").
When I view the Domain & Post Office in ConsoleOne, I see a list of users. Anything I try to do with them, or pretty much anything in the GW snap-in, is met with a credentials prompt, which defaults to the original Tree. When I enter admin credentials in the current tree & context, I get this message:
What's the most efficient way to move past where I am? That can include starting over if that's what's needed, as long as I know what I should be doing along the way. And I know more than I did the first time, at least.
But if there's a way to make the data available to the current Tree's "admin" account, that would be ideal.
TIA
The system as it now exists:
WS2003 server running:
* Backup Exec 11d for Windows
* NW Client for Windows.
* ConsoleOne with the GW snap-in
NetWare OES server running:
* NDS
* Backup Exec Agent for NetWare
* GroupWise 7
I have successfully restored what appears to be the GroupWise server and its data to it from backups, with only this Error reported by Backup Exec:
Novell NetWare SMS errors were encountered.
Begin Novell SMS errors:
Fri Jun 21 14:51:10 2013
Trustee CN=RKT.O=HOUSTON<OldOrgNam
End Novell SMS errors.
Begin Novell SMS errors:
Fri Jun 21 14:51:10 2013
Trustee CN=RKT.O=HOUSTON<OldOrgNam
End Novell SMS errors.
RKT would have been a user account; APPS is the volume that contains the GW server.
I have not restored the Directory at this time. One concern is that if I do so, the "admin" account will be overwritten and I won't know the credentials. Another is that the Directory was on a separate server. I don't know if I can redirect the Directory restore, or if it can run on the same server as GroupWise, or if I'd have to set up a 2nd NW server.
In any event, without the original Directory, it's not a big surprise that RKT permissions could not be restored. The other concern is that I don't know if it's necessary to restore the Directory and don't want to waste time if there's some way I can use the Directory I just set up.
Likewise, Tree & Context don't match the originals, mainly because I didn't know what they were at the time I set up the server<g>.
Objective here is to do as little as possible to get access to all messages in all mailboxes, preferably all from one account ("admin").
When I view the Domain & Post Office in ConsoleOne, I see a list of users. Anything I try to do with them, or pretty much anything in the GW snap-in, is met with a credentials prompt, which defaults to the original Tree. When I enter admin credentials in the current tree & context, I get this message:
GroupWise View
An error occurred converting the GroupWise object to its eDirectory counterpart. <Domain>.<PO>.admin. Tree: <TreeName> Distinguished Name: admin.<OLDORGNAME>. The eDirectory counterpart of this object does not exist.
An error occurred converting the GroupWise object to its eDirectory counterpart. <Domain>.<PO>.admin. Tree: <TreeName> Distinguished Name: admin.<OLDORGNAME>. The eDirectory counterpart of this object does not exist.
What's the most efficient way to move past where I am? That can include starting over if that's what's needed, as long as I know what I should be doing along the way. And I know more than I did the first time, at least.
But if there's a way to make the data available to the current Tree's "admin" account, that would be ideal.
TIA
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
5
3
8 Comments
Let's start with the easy fix...credentials.
Your being prompted for credentials because the NGW properties for all of the objects, users, etc., are tied to the original tree. To fix that click on your organization object in the upper portion of Consoleone. Then using the tools menu, choose GroupWise utilities, GW-eDirectory and then Graft GroupWise objects.
First graft the domain, post office, gateways then go back and graft the user objects. You may have to specify contexts (containers) where the objects either already or or need to go. you'll see a message that says do you really want to graft the objects into xxxxx tree and your answer will be yes or OK.
Without some work, you won't be able to access everyone's account all at once with one admin account. The logged in admin user can change all of the GroupWise passwords (one at a time) and then access the GW account to find messages for the legal hold.
Let me know if the above helps get you going...
Scott
Your being prompted for credentials because the NGW properties for all of the objects, users, etc., are tied to the original tree. To fix that click on your organization object in the upper portion of Consoleone. Then using the tools menu, choose GroupWise utilities, GW-eDirectory and then Graft GroupWise objects.
First graft the domain, post office, gateways then go back and graft the user objects. You may have to specify contexts (containers) where the objects either already or or need to go. you'll see a message that says do you really want to graft the objects into xxxxx tree and your answer will be yes or OK.
Without some work, you won't be able to access everyone's account all at once with one admin account. The logged in admin user can change all of the GroupWise passwords (one at a time) and then access the GW account to find messages for the legal hold.
Let me know if the above helps get you going...
Scott
Thanks, Scott! I'll be back at this client site on Tuesday and hopefully will have some time to try this. Will report back, but sounds like this is what I need to move forward.
Hi Scott
Your steps were right on the money. Thanks!
I had to do this, first, probably because I didn't know what I was doing during setup... eDirectory schema not properly modified for GroupWise ...but the rest was as you described.
I've set the passwords for all the accounts, but when I launch the GroupWise 7 client, I'm told the password is not correct. It's a trivial password. I've triple-checked it; going so far as to type the password into Notepad, and then use the clipboard to enter the password in ConsoleOne and GW logon dialog to make sure I've got it right.
These are "GroupWise External Entities". I notice there is a "Convert External Entity to User" menu command; is that what I should be using on each Entity?
I'd just try it, but the stakes are kind of high; don't want to have to do another restore if I can avoid it.
Thanks!
Your steps were right on the money. Thanks!
I had to do this, first, probably because I didn't know what I was doing during setup... eDirectory schema not properly modified for GroupWise ...but the rest was as you described.
I've set the passwords for all the accounts, but when I launch the GroupWise 7 client, I'm told the password is not correct. It's a trivial password. I've triple-checked it; going so far as to type the password into Notepad, and then use the clipboard to enter the password in ConsoleOne and GW logon dialog to make sure I've got it right.
These are "GroupWise External Entities". I notice there is a "Convert External Entity to User" menu command; is that what I should be using on each Entity?
I'd just try it, but the stakes are kind of high; don't want to have to do another restore if I can avoid it.
Thanks!
Do you have the post office and the message transfer agent running on the server/computer where you restored to?
When you change a mailbox password in the ConsoleOne utility, an administrative message is generated by the C1 snapins and passed to the MTA which in turn passes it to the POA which in turn writes it to the user database so you can get into their mailbox with the password you've set.
If you've got a live GroupWise system somewhere on the network BE SURE to unplug the server where your restored copy/system is from the rest of the network. I think I mentioned this before, when I do this I use a 4-port switch to plug my restore server in along with a management workstation and these are isolated from the production network. Now, if you've restored to a Windows server/workstation (I've restored a whole system to a XP desktop) you can run the GW server agents along with C1 on the same box and leave it disconnect from the network.
Hope the second paragraph doesn't confuse you...
Scott
When you change a mailbox password in the ConsoleOne utility, an administrative message is generated by the C1 snapins and passed to the MTA which in turn passes it to the POA which in turn writes it to the user database so you can get into their mailbox with the password you've set.
If you've got a live GroupWise system somewhere on the network BE SURE to unplug the server where your restored copy/system is from the rest of the network. I think I mentioned this before, when I do this I use a 4-port switch to plug my restore server in along with a management workstation and these are isolated from the production network. Now, if you've restored to a Windows server/workstation (I've restored a whole system to a XP desktop) you can run the GW server agents along with C1 on the same box and leave it disconnect from the network.
Hope the second paragraph doesn't confuse you...
Scott
I'm usually at this client 3 days per week, but top priority has become setting up a new computer for the person I report to. You probably know how that goes...priorities<g>. Likely after that computer's done I can get back to GW. Anyway...
> Do you have the post office and the message transfer agent running on the server/computer where you restored to?
How do I determine that? If it helps, to the extent possible, I accepted all defaults for a new GW environment during setup.
> If you've got a live GroupWise system somewhere on the network<snip>
No worries; GroupWise has existed there only on DLT tape archives since early 2008!
> Do you have the post office and the message transfer agent running on the server/computer where you restored to?
How do I determine that? If it helps, to the extent possible, I accepted all defaults for a new GW environment during setup.
> If you've got a live GroupWise system somewhere on the network<snip>
No worries; GroupWise has existed there only on DLT tape archives since early 2008!
Hey Scott
Back on this project again. I ran GW Administrator setup, and found where the POA and MTA are installed as a separate process from the initial install. So, no, they were not installed.
Now they are, and I can see "MTA" in the right pane when I click the Domain in the left pane, and I can see "POA" in the right pane when I click the PO in the left pane. I assume that's a good thing!
After installing them and restarting the server, I changed the password again on a mailbox. But I'm still getting a message that the password is incorrect.
Back on this project again. I ran GW Administrator setup, and found where the POA and MTA are installed as a separate process from the initial install. So, no, they were not installed.
Now they are, and I can see "MTA" in the right pane when I click the Domain in the left pane, and I can see "POA" in the right pane when I click the PO in the left pane. I assume that's a good thing!
After installing them and restarting the server, I changed the password again on a mailbox. But I'm still getting a message that the password is incorrect.
Sorry for the delayed response, I was camping with 45,000 scouts and leaders last week at the National Scout Jamboree. It was great fun.
Make sure in the services control panel that you see the MTA and POA and that they are running. Both services need to be running in order for them to process password change messages into a user mailbox.
Scott
Make sure in the services control panel that you see the MTA and POA and that they are running. Both services need to be running in order for them to process password change messages into a user mailbox.
Scott
Hi Scott, thanks for your reply!
I was directed to this article, https://www.novell.com/support/kb/doc.php?id=3373106.
Since there's no production GW server, it was much simpler than the process described in the article. I set the PO to Direct Access & Client/Server using the existing .DB file and was able to open the "admin" mailbox and view spam from 2008<g>. That was the only mailbox that had a User Account; the rest were External Entities.
I created a new External Entity, converted it to a User, set its GW password, opened its mailbox, and verified I could convert it back to an External Entity, so I then knew it was a reversible change. Converted the other External Entities to Users, set their GW passwords, and could open their mailboxes.
Here's the kicker: Of 27 mailboxes, only 18 were backed up. I do not know why and the admin responsible was fired long ago. So I feel like Geraldo Rivera opening Al Capone's vault on live TV to find...nothing!
Many more backup tapes to check, just none designated as an "archive". Hopefully one of them will have what I'm looking for, now that I finally have access to the data!
Thanks for all your help. Marking your 2 July 2013 post as the Solution because it was certainly an important part of it.
I was directed to this article, https://www.novell.com/support/kb/doc.php?id=3373106.
Since there's no production GW server, it was much simpler than the process described in the article. I set the PO to Direct Access & Client/Server using the existing .DB file and was able to open the "admin" mailbox and view spam from 2008<g>. That was the only mailbox that had a User Account; the rest were External Entities.
I created a new External Entity, converted it to a User, set its GW password, opened its mailbox, and verified I could convert it back to an External Entity, so I then knew it was a reversible change. Converted the other External Entities to Users, set their GW passwords, and could open their mailboxes.
Here's the kicker: Of 27 mailboxes, only 18 were backed up. I do not know why and the admin responsible was fired long ago. So I feel like Geraldo Rivera opening Al Capone's vault on live TV to find...nothing!
Many more backup tapes to check, just none designated as an "archive". Hopefully one of them will have what I'm looking for, now that I finally have access to the data!
Thanks for all your help. Marking your 2 July 2013 post as the Solution because it was certainly an important part of it.
Featured Post
Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Novell released its latest version of GroupWise a few weeks ago. The version is 2012 and it only runs on Linux (SUSE Linux Enterprise Server 10/11 is the first choice and I'm not sure about other Linux distributions, such as Red Hat, Debian, etc.) …
Regular maintenance of GroupWise Mailbox keeps it running flawlessly. Sometimes, it is also seen that mailbox maintenance is needed for resolving various issues of mailbox and other Novell GroupWise database. By using the ‘Repair Mailbox’ feature, a…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers.
Hopes this gives you ideas on visualizing your data in new ways ~
Create a calculated field in a query:
…
Suggested Courses
Course of the Month10 days, 21 hours left to enroll
770 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.