Idea Transcript
Administrator’s Guide Version 3.1 March 2009
Biscom, Inc. | 321 Billerica Rd. | Chelmsford, MA 01824 tel 978-250-1800 | fax 978-250-4449
Copyright 2009 Biscom, Inc. All rights reserved worldwide. Reproduction or translation of this publication (in part or whole, in any form or by any means) is forbidden without the express written permission of Biscom, Inc.
Notice Information furnished by BISCOM, Inc. is believed to be accurate and reliable. However, no responsibility is assumed by BISCOM, Inc. for its use, or any infringement of patents or other rights of third parties, which may result from its use. No license is granted by implication or otherwise under any patent or patent rights of BISCOM. BISCOM reserves the right to change hardware and software at any time without notice. Information provided in this manual is subject to change without notice.
Table of Contents Section 1: Introduction ..................................................................................................... 1 Topics .......................................................................................................................... 1 Conventions ................................................................................................................. 1 Section 2: Hardware and Software Requirements ................................................................ 3 Server Hardware ........................................................................................................... 3 Server Software ............................................................................................................ 3 Mail Server ................................................................................................................... 4 Client Software ............................................................................................................. 4 Section 3: Installing, Uninstalling, and Upgrading Biscom Delivery Server .............................. 5 Installing Biscom Delivery Server .................................................................................... 5 Installing the Web services interface ............................................................................... 9 Installing the Active Directory Connector ......................................................................... 9 Testing the Installation ................................................................................................ 10 Uninstalling Biscom Delivery Server .............................................................................. 11 Upgrading an existing Biscom Delivery Server instance ................................................... 12 Using IIS as your Web Server on Windows .................................................................... 14 Using SSL................................................................................................................... 16 Installing SSL on IIS for Windows ............................................................................. 16 Installing SSL on Apache 2 for Windows .................................................................... 20 Installing SSL on Apache 2 for Linux ......................................................................... 22 Troubleshooting SSL:............................................................................................... 23 Section 4: System and Application Configuration ............................................................... 25 System Configuration through fds.properties ................................................................. 25 Server Configuration through the Application ................................................................. 26 Section 5: Encryption Module .......................................................................................... 27 Encryption and Decryption ........................................................................................... 27 Keys and Key Management .......................................................................................... 27 Encryption Utililty ........................................................................................................ 27 Section 6: Licenses ......................................................................................................... 32 Licenses ..................................................................................................................... 32 Section 7: Starting and Stopping the Application ............................................................... 33 Starting the Application ............................................................................................... 33 Stopping the Application .............................................................................................. 34 Section 8: Signing In for the First Time ............................................................................ 35 First Sign In ............................................................................................................... 35 Section 9: System and User Administration ....................................................................... 36 v
Server Information ...................................................................................................... 36 Server Configuration ................................................................................................... 37 Server Configuration ................................................................................................ 37 Email and Notification Settings ................................................................................. 38 Microsoft Outlook Add-in Settings ............................................................................. 39 Outlook Add-in Configuration ................................................................................... 39 Delivery Settings ..................................................................................................... 40 Limited Sender Settings ........................................................................................... 41 Package Settings ..................................................................................................... 43 User Settings .......................................................................................................... 46 Contact and Group Settings...................................................................................... 48 Sign In and Password .............................................................................................. 49 User Registration..................................................................................................... 51 User Interface ......................................................................................................... 53 Manage Users ............................................................................................................. 54 Creating a New User ................................................................................................... 56 Modifying an Existing User ........................................................................................... 57 Inclusion and Exclusion Lists ........................................................................................ 59 Deleting a User ........................................................................................................... 60 Importing Users .......................................................................................................... 60 Manage Users with LDAP or Active Directory ................................................................. 61 Enabling Authentication Using LDAP ............................................................................. 62 Defining an Authentication Source ................................................................................ 62 Configuring the BDS Active Directory Connector ............................................................ 64 Assigning Roles using Groups ....................................................................................... 64 Viewing an Authentication Source................................................................................. 65 Section 10: Viewing Reports ............................................................................................ 66 Users activity .............................................................................................................. 66 Pending delivery notifications ....................................................................................... 68 System activity report ................................................................................................. 68 Monitor System Activity ............................................................................................... 69 Sorting Reports........................................................................................................... 70 Section 11: Compliance ................................................................................................... 71 Compliance Role ......................................................................................................... 71 View Packages ............................................................................................................ 71 View Deliveries ........................................................................................................... 72 View Users ................................................................................................................. 73 View System Activity ................................................................................................... 74 Section 12: Managing Processes ...................................................................................... 76 vi
Contact Synchronization .............................................................................................. 76 Delivery Notification .................................................................................................... 76 SMTP Input Handler .................................................................................................... 76 System Cleanup .......................................................................................................... 76 Section 13: Application Customization .............................................................................. 77 Customizing Look and Feel .......................................................................................... 77 Using your own CSS file ........................................................................................... 77 Changing the Logo .................................................................................................. 77 Customizing Text Labels .............................................................................................. 77 Editing Static Messages............................................................................................ 77 Editing Dynamic Messages ....................................................................................... 78 Customizing Online Help .............................................................................................. 79 Error Pages ................................................................................................................ 79 Section 14: Backing up the Application encoding="UTF-8"?> bds base trial d30 To install a new license, obtain the license XML file and place it in the license directory (as specified in the fds.properties configuration file). Open the fds.properties file and update the value for the licenseFile property by specifying the name and directory location of the license file. See the section on System and Application Configuration for more information on the fds.properties file. After copying the license to the proper license location, stop and restart the application server to enable the new license.
32
Section 7: Starting and Stopping the Application Starting the Application The installation scripts normally start up the applications upon completion or after a server reboot. But in cases where the application is not running, use the following steps to start the application. Windows: 1.
Log on to the computer with a user that has privileges to start and stop Windows services.
2.
Open the Windows Services manager by going to Start Menu > Control Panel. Double-click the Administrative Tools icon, and then double-click the Services icon.
3.
Start up the services in the following order if not already started: a.
content="text/html; charset=UTF-8"> Biscom Delivery Server not available 80
The server is currently unavailable. Please try again later. If you continue to have problems accessing the server, please contact your system administrator.
81
Section 14: Backing up the Application Data Directories and Files to Back Up Biscom Delivery Server stores files on the file system, users, deliveries, and package metadata in the database, and license, configuration, and log files on the file system. Any customizations are typically stored under the Web server document root. Back up all files and subdirectories under the directories specified or located in the locations listed below. Before backing up the BDS server, ensure that the application server has been shut down. Configuration Back up all configuration files from the config directory, including:
fds.properties
biscom.properties
db.properties
ldap.properties
log4j.properties
Files and license Open fds.properties to find the location where user files are stored: o docRoot o
protectedRecycleBinDir
o
licenseFile
Back up the license file. Database The database should be exported and saved to your backup location. Please refer to the MySQL documentation, or the database documentation of the database you are using if it is different than MySQL, for details on exporting the database. Windows: Create a Windows batch file. A sample batch file may look like: echo Biscom Delivery Server Database Backup "C:\Program Files\Biscom Delivery Server\components\mysql4.1\bin\mysqldump.exe" -u fds -password=fds bds > "C:\Program Files\Biscom Delivery Server\backup\db\bds-backup.sql" echo Batch file completed
82
This batch file can be called and run on a regular basis using the Windows control panel application Scheduled Tasks. Linux: Run the mysqldump command with the name of the application: $ mysqldump {app name} > bds-backup.sql Make sure the dump file, e.g. bds-backup.sql in this example, is backed up along with the other data. Log files The logs are stored in a directory that is specified by the properties file log4j.properties. The location of the log4j.properties file is specified in biscom.properties: o
logPropertiesFilename
Open the log4j.properties file and look for the following properties showing the name and location of the three log files: o
log4j.appender.bdsAllLog.File
o
log4j.appender.bdsRollingLog.File
o
log4j.appender.bdsDBRollingLog.File
Customization files If the application has been customized with a logo or cascading style sheet, back these files up as well. If you are unsure of the location, view the Server Configuration page to see the settings.
Restoring from a Backup Restoring BDS from a backup involves the following steps: 1.
Shut down the application server
2.
Copy any existing data files and the database to a new location
3.
Restore the database
4.
Copy user files from the backup location to the current file location
5.
Verify configuration files and edit if needed
Database Locate the exported database dump file. Navigate to the bin directory in the MySQL installation location, and run the following command (for both Windows and Linux) that has the following syntax: 83
mysql –h -u -p < Example: mysql –h localhost -u fds -p bds < bds-backup.sql User files Locate and copy the backup user files to the appropriate data and recycle bin directories. Customizations Update or apply any existing customizations.
Once the files and database are restored, restart the application server.
84
Section 15: Scalability and Server Tiers Scalability Scalability provides better performance and increased capacity to handle users by adding servers that run the Biscom Delivery Server application. Each additional server more evenly distributes the workload, thus making the application more responsive with larger numbers of users. We recommend that anyone who is looking to scale their system first conduct a network architecture and application usage review to better understand the requirements of the system and its users. Also, determining the bandwidth requirements based on expected usage can help ensure system responsiveness. Scabilitity is also tied into how the various application tiers are deployed. By default, Biscom Delivery Server installs on a single machine. Moving the Web, Application Server, File System, and Database tiers to separate machines can improve performance as well as provide additional security by storing user data in more secure locations on the network.
85
Server Tiers Web Server Tier The Web server tier is a lightweight process, and acts as the interface between client Web browsers and the application server. Requests from clients are relayed through the Web server to the application server layer to begin processing the request. Responses from the application layer is then returned to the client via the Web server. When deployed in an environment with heavy bandwidth issues, it is critical to size the network bandwidth appropriately to ensure an adequate response to file uploads and downloads. Deploying two or more Web servers with load balancing ensures that user sessions will not be interrupted even if one server becomes disabled. This configuration also allows for adding more web servers to handle load as the number of users on the system increases. Application Server Tier All business and application logic is contained in the application server tier – receiving and processing client requests, accesing back end resources such as the file system and database as needed. No user data is stored at the application server tier. Clustering the application servers provides redundancy as well as better processing performance. This is the most important tier in terms of increasing performance and capacity to handle simultaneous user sessions. Data Tier (File System and Database) File System The file system contains all the user data, including files that are part of packages. Biscom Delivery Server works with both local and network-based file systems. Default installation creates a data directory on the local server. To use a different data directory, which may reside on a separate server, simply update the docRoot value in fds.properties. The docRoot may be a local drive, a network drive, or a UNC path. Note that backslashes must be escaped with a backslash. Windows: docRoot = C:\\apps\\bds\\data or docRoot = \\\\dataserver\\data Linux: docRoot = /home/admin/bds/data or docRoot = /mount/dataserver/data 86
Database The database contains all the metadata, including user information, package and delivery information, as well as the relationships between users and the packages and deliveries. All user, package, and delivery transactions are stored in the database, and reports can be generated by running queries against the database. Separating the Web Server and Application Server Tiers The JK Connector is the mechanism that connects the Web server to the application server. This connector maps URL patterns to workers which can represent different application server instances. The configuration file for the connector is called workers.properties, and is usually located in: Windows: /components/apache-2.0/conf Linux: /etc/httpd/conf/workers.properties
Note: The location of the workers.properties file is defined in the web server’s configuration file httpd.conf using the property JkWorkersFile. All workers are listed in the workers list: worker.list=ajp12, ajp13, worker1, worker2,… Workers are defined using the following properties: # # Defining a worker named ajp13 and of type ajp13 # Note that the name and the type do not have to match. # worker.ajp13.port=8009 worker.ajp13.host=localhost worker.ajp13.type=ajp13 worker.worker1.port=8009 worker.worker1.host=192.168.0.101 worker.worker1.type=ajp13 The Apache Web server configuration file httpd.conf loads the JK module and maps the URL to the appropriate worker. #JK configuration LoadModule jk_module modules/mod_jk.so JkWorkersFile "/etc/httpd/conf/workers.properties" JkLogFile "/etc/httpd/logs/mod_jk.log" JkLogLevel info JkLogStampFormat "[%a %b %d %H:%M:%S %Y]" 87
JkMount JkMount JkMount JkMount
/bds ajp13 /bds/* ajp13 /bds2 worker1 /bds2/* worker1
The last four lines perform the URL mapping starting from the document root. Wildcards (*) can be used in the patterns. When the Web server sees the URL https://secure-server.biscom.com/bds/Login.do, the request will be redirected to the ajp13 worker, which points to the application server instance running on localhost on port 8009 in our instance. The URL https://secure-server.biscom.com/bds2/Login.do would match the second mapping to worker1. Worker1 points to an instance on the server specified by the IP address 192.168.0.101 on port 8009. The application server could be running on a physically separate machine.
Note: When changing the worker host property, ensure that the machine and port can accept TCP communications from the Web server. This may require configuration changes to your firewall. Separating the Application Server Tier and Database Tier The configuration file /config/db.properties can be modified to point to a database server running on a different machine. # Define values for a specific pool fdsPool.database = MYSQL fdsPool.url = jdbc:mysql://127.0.0.1/bds?useUnicode=true&charac terEncoding=UTF-8 The property fdsPool.url defines the JDBC URL on which the database resides. To use a database on the machine db.biscom.com, change the value from 127.0.0.1 to db.biscom.com: fdsPool.url = jdbc:mysql://db.biscom.com/bds?useUnicode=true&ch aracterEncoding=UTF-8 When changing the location of the database server, ensure that the database grants permission to the host name or IP of the server where the application server resides. GRANT ALL PRIVILEGES ON .* TO 'fds'@'' IDENTIFIED BY 'fds'; Or GRANT ALL PRIVILEGES ON .* TO 'fds'@'' IDENTIFIED BY 'fds'; Examples:
88
GRANT ALL PRIVILEGES ON bds.* TO 'fds'@'localhost' IDENTIFIED BY 'fds'; GRANT ALL PRIVILEGES ON bds.* TO 'fds'@'127.0.0.1' IDENTIFIED BY 'fds';
89
Section 16: API Development Extending Biscom Delivery Server If you purchased the Software Development Kit, you have the ability to extend Biscom Delivery Server to suit the needs of your business, such as working with your workflow or business process management, and integrating with and extending existing applications. Creating your own custom application from the ground up is possible using the BDS APIs. BDS supports a native Java API, a platform/OS/programming language neutral Web services API, as well as an easy-to-use SMTP API. Please refer to the SDK documentation for the API as well as sample code and other documentation. Java API The Java API provides both high level and low level API calls that support methods for user authentication, package and delivery creation and management, user and group management, and report generation. The Java SDK provides a comprehensive Application Programming Interface to the Biscom Delivery Server back end, allowing developers to build a custom secure delivery application. For more information, see the SDK documentation. Web Services API Web services uses an XML-based call structure when invoking the API and can be called from any language, operating system, platform, and development environment that supports XML web services calls. The WSDL file contains the available API calls and many development environments will be able to import and provide an easy way to access the API. BDS provides a both a pre-built Java client library wrapper as well as a .NET client library wrapper for development. Additional languages that support Web services can access the API as well, such as Ruby and Python. The Web services API requires an additional web application to process the API calls. This WAR file is deployed to the application server in the same manner the BDS application is deployed. SMTP API The SMTP API is an XML-based API that leverages the ease and simplicity of email to deliver files and messages securely. BDS can be configured to watch a designated mailbox and look for specially formatted messages. BDS messages consist of embedded XML commands for secure and notification, adding recipients, setting delivery options, and submitting files.
90
Section 17: Support and Troubleshooting Logs Biscom Delivery Server maintains several event logs to help identify potential problems and can be useful for troubleshooting problems and when talking to technical support personnel. The log files are stored in the log directory under the installation () location by default. However, the log file locations and names may be changed by updating the appropriate properties in the log4j.properties file. Logs will grow to a certain size before rolling over. The size and number of backup (rolled over) logs are set in the log4j.properties files as well and can be modified by adjusting the .MaxFileSize and .MaxBackupIndex properties. By default, these values are set to 100KB maximum size and 20 backups for each of the logs.
bdsRolling.log
The application log
bdsDBRolling.log
The database log
bdsAll.log
External system logs
Frequently Asked Questions Q.
I updated the fds.properties file, but why aren’t my changes appearing in the application?
A.
Changes to any of the properties files require restarting the application server to pick up the new changes.
Q.
How do I upgrade my license?
A.
License upgrades are performed by replacing your old license file with the new license file. The license file is an XML file that contains information on license expiration and restrictions such as the maximum number of Senders. Changing the XML content will invalidate the license. If the new license file is named differently than the old license file, you must update the licenseFile property in fds.properties. The application server must be restarted to recognize the new license.
Q.
Can I move the location of the files after installation?
A.
Yes, but special care must be taken when making any changes to the files system. 1.
Shut down the application server.
2.
Find the locations of the files and directories where user data is stored. 91
These locations can be found in the fds.properties files under the two properties docroot and protectedRecycleBinDir. 3.
Copy the files and directories to the new locations.
4.
Update the docroot and protectedRecycleBinDir properties in the fds.properties file with the new location of the files.
5.
Start the application server, and test the application.
6.
Once testing is complete, the old files may be deleted.
92
Appendix A: Biscom Delivery Manager (BDM) Biscom Delivery Manager Biscom Delivery Manager is a desktop application that communicates with the Biscom Delivery Server using the Web services API. BDM is designed to enhance the server by providing users with the ability to quickly and efficiently create packages, upload files, and download files. BDM runs as a Windows background service, and if it is in the process of uploading or downloading a file, will run even when no user is logged on to the machine. When uploading or downloading files, BDM supports file restart if network connectivity drops. When network connectivity is reestablished, BDM will gracefully continue the upload or download from the point of failure. Power failures that bring a desktop down while BDM is processing will also be handled gracefully by BDM – when power is restored and the machine restarts, the BDM service will restart and any pending uploads or downloads will resume from the point of failure.
Installing Web services The Web services application is axis2.war which can be found on your BDS CD or it may have been sent to you in a secure delivery. This application needs to be deployed to the application server. Deploying axis2.war:
Windows: 1.
Stop the application server Apache Tomcat through the Windows Computer Management utility.
2.
Copy axis2.war to the \components\tomcat-5.5\webapps directory.
3.
Start up the application server.
4.
Go to http://localhost:8080/axis2/ to ensure the Web services application is running. You should see the Apache Software Foundation logo as well as three links for Services, Validate, and Administration. Click the Services link and verify that all listed services have a Service Status of Active.
Linux: 1.
Stop the application server (e.g. /etc/init.d/tomcat stop).
2.
Copy axis2.war to the application server’s webapps directory, e.g. /usr/local/tomcat/webapps.
3.
Start up the applications (e.g. /etc/init.d/tomcat start).
4.
Go to http://localhost:8080/axis2/ to ensure the Web services application is running. You should see the Apache Software Foundation logo as well as three links for Services, Validate, and Administration. Click the Services link and verify that all listed services have a Service Status of Active.
93
Installing BDM Client Each user who wants to use the Biscom Delivery Manager must install the client on their desktop. Users must be registered BDS users and have the Sender role assigned. BDM comes packaged as a Windows installer which must be run from each desktop that wishes to run the client application. BDM installs as a Windows service, and also adds a shortcut to the BDM application in the Start menu.
Note: If an older version of BDM has already been installed on the desktop system, uninstall the older application before installing the newer application. You will see the following dialog boxes. You may update the location in which you install the Biscom Delivery Manager application.
94
95
Installation troubleshooting Some systems may have issues running the application as the Local System Account. If the application does not start up, or does not allow users to sign in, view the Computer Management application by right clicking My Computer > Manage.
96
Double click the Biscom Delivery Manager service to open the properties window.
Click on the Log On tab. If the Local System account is selected, choose the This account option and enter an account (e.g. the network logon credentials of the user who logs onto the PC regularly or a network administrator) that has permission to run the service.
97
Click OK. Stop and restart the Biscom Delivery Manager Service for the changes to take effect.
Configuring BDM Once installed, BDM will run using default configuration. However, BDM can be customized to change the look and feel of the application, or adjust the upload/download transfer rate. The following files located at /config can be modified:
bdm.properties uploadChunkSize = 614400 uploadChunkSize: this value can be changed for more efficient file transfers. For users on the internal network, a larger chunk size may increase transfer speeds. For users outside the network (i.e. communicating to a server over the Internet), the default chunk size will probably be most efficient. When making changes to this value, the BDM service must be stopped and restarted, and users must exit and restart the client application.
bdsc.properties logoFile = C:\\Program Files\\Biscom Delivery Manager\\images\\bds_logo.gif iconFile = C:\\Program Files\\Biscom Delivery Manager\\images\\bds-upload-16.ico windowBackgroundColor = eeeeee 98
Starting and Stopping the BDM Service From the Control Panel, start the Add/Remove Programs utility. Select Biscom Delivery Manager and press the Remove button. The application will be uninstalled.
Uninstalling BDM From the Control Panel, start the Add/Remove Programs utility. Select Biscom Delivery Manager and press the Remove button. The application will be uninstalled.
99
Appendix B: Microsoft Outlook Add-in Installing the Microsoft Outlook Add-in If you have the optional Outlook Add-in module installed, your users can take advantage of the Biscom Delivery Server Microsoft Outlook Add-in, which allows users to create express deliveries from within their email environment. To use the add-in, the following conditions must be met:
An email account on the mail server must be created and configured to be the recipient of message stubs. When a secure message is sent through BDS, a small email message is also created and sent to this email address, and contains the message and list of files attached. This email account should not be used for anything other than receiving Biscom Delivery Server messages with the proper data.
Each user who wants to use the Outlook Add-in must be running Microsoft Outlook 2003 or Outlook 2007, on Windows XP or Windows Vista.
Each user who wants to use the Outlook Add-in must have the Outlook Addin client installed on their machine with the proper configuration (mail server and email account properly defined).
Each user who wants to use the Outlook Add-in must have the Sender role assigned, and have the Allow Outlook Add-in checkbox checked in the Update User page (by default, this is not checked).
If using LDAP or Active Directory, any user who wishes to use the Outlook Add-in should be a member of a group that is assigned the Outlook Add-in role in the external source authentication definition.
Note: This takes precedence over the Allow Outlook Add-in checkbox in the user management page. How it works: 1.
When a user clicks the New Message button, a normal message form will open. Senders can add recipients as they would normally, enter a subject, and type in text in the memo field. To attach files, users can use the menu item Insert > File…, or users can simply drag and drop files from their desktop onto the memo field.
100
2.
Based on the settings in the server configuration, the different aspects may trigger the message to go out through BDS. For example, if the total size of the attachments exceeds the size limit defined in BDS, or a keyword matches the list of keywords defined, then the message will be delivered through BDS. Otherwise, the message will go out normally through the mail server.
101
3.
Users can change the delivery method in the toolbar on the Options ribbon. A drop down menu called Use BDS has three selectable values: Default, Yes, and No. The Default value (which is the default setting for users) will follow the policies defined by the BDS administrator. The Yes value will force sending the message securely through BDS. The No value will force the message to go through the regular mail server.
Note: The No value can be disabled by the administrator, so senders only have the choice of using the default settings or to force the message to go out securely. 4.
If the message meets the criteria for delivery through BDS, a stub message is sent to the mailbox defined by the administrator, containing the message in the memo field, and the names of the files delivered, but this message does not contain the actual files. A separate process will upload the files to the BDS server and create a delivery to be sent to the recipients listed in the message. Users can view the status of the file upload by going to the Sent folder, right clicking on the message and selecting the Status menu option. If the upload is still in progress, the user will see the progress meter of each file upload.
Enabling Users on the BDS Server You must enable your users to utilize the add-in. This is done differently for your LDAP/AD users and your non-LDAP/AD users. 1.
For non-LDAP/AD users, go to the Manage Users page under System and User Administration. When creating a new user, select the checkbox for Allow Outlook add-in. When updating an existing user, select the user from the Manage Users list, and select the Allow Outlook add-in checkbox. Note that the user must have the sender role assigned.
102
103
For LDAP/AD users, you enable the BDS add-in by adding the security groups that the user belongs to. So, if you have a group called domain senders who have the sender role assigned to them and will be using the add-in, simply add this group to the role mapping field Outlook Add-in.
104
Setting up Users with the Client End users can install the BDS Outlook add-in by simply double-clicking the Setup.exe file. The add-in can also be pushed out through Microsoft Group Policy if you are running Active Directory. Please contact Biscom technical support if you are interested in using Group Policy to distribute the BDS Outlook add-in. To install the add-in on a user’s desktop directly: 1.
Make sure the user’s Outlook client has been shut down.
2.
Double-click the Setup.exe file and follow the setup instructions. The first step is to install the Microsoft Office Primary Interop Assemblies as a requirement to run the BDS add-in.
3.
You will be prompted to start the installation of the BDS software. Click Next to start the installation.
105
4.
Select the installation directory.
5.
Click Next to perform the installation.
106
6.
Once installation is complete, you can close the installer.
7.
When a user first starts up Outlook, a BDS configuration form will be displayed. This configuration can also be viewed at any time afterwards by going to the Tools menu and selecting BDS Configuration. Each user must enter their username and password. If the other fields were not pre-populated, then the user must also enter the domain, server name, and SSL setting. For LDAP/AD users, in addition to the username and password fields, the proper domain must be entered. Non107
LDAP/AD users will leave the domain field blank.
8.
The add-in supports a direct internet connection or proxy server. The user can also try to have the add-in automatically detect the proxy settings.
108
Configuring Policies for the Add-in To configure the add-in behavior and policies, BDS administrators should open the Outlook Add-in Configuration page in Server Configuration.
109
1.
Enable Outlook add-in: Must be set to Yes to use the add-in
2.
Server email address: The mailbox on the mail server that receives the stub messages from each user
3.
Policy synchronization interval (in minutes): How often the add-in communicates with the BDS server to retrieve the policies. The default value is 60 minutes.
4.
Policies
5.
a.
Keywords (Subject line): One keyword or keyword phrase per line. If a phrase is used, it will be matched exactly, for example “social security”. This is not case sensitive. If a user enters a keyword or keyword phrase that is defined by an administrator, the message will be sent through BDS. Note, the email body and any attachments are not scanned for keywords. Keywords are also matched optimistically – so, if the keyword is “secure,” then the words “secure” and “securely” will match. But “security” will not match.
b.
Total attachment size (KB): Define the maximum attachment size limit that will trigger a secure delivery.
c.
Attachment name patterns: Enter the extensions that you want to trigger the add-in to re-route through BDS. Wildcards are supported, e.g. to specify all files with an “.exe” extension, you would enter “*.exe” in this field.
d.
Allow users to bypass policy: If set to Yes, senders can force a message that matches a BDS policy to be sent through the mail server. If set to No, senders will not see the option to disable sending through BDS in the Outlook client.
Delivery Settings a.
Notify when recipients access this delivery: Select whether to be notified the first time each recipient opens the secure delivery, or every time a recipient opens the delivery.
b.
Email addresses to notify: Specify one or more recipients to notify when a secure delivery is opened. Or, use the reserved word SENDER, to have notifications sent back to the original sender of the delivery.
Uninstalling the Microsoft Outlook Add-in To prevent a user from using the Outlook add-in, you can disable outlook by deselecting the Allow Outlook add-in checkbox when updating the user or removing the user from the LDAP/AD group mapped to the Outlook Add-in. To fully remove the add-in from a user’s Outlook client, follow these steps: 1.
Shut down the user’s Outlook client and confirm that no Outlook processes remain.
2.
Go to the Control Panel and open Add/Remove Programs (Windows XP) or Programs and Features (Windows Vista) and uninstall the add-in.
110
Upgrading the Microsoft Outlook Add-in Simply run the new Setup.exe file and the new add-in will upgrade the existing addin. All user values will be saved and will not have to be re-entered.
111
Appendix C: Time Zones
Africa/Abidjan
America/Nipigon
Atlantic/Jan_Mayen
Africa/Accra
America/Nome
Atlantic/Madeira
Africa/Addis_Ababa
America/Noronha
Atlantic/Reykjavik
Africa/Algiers
America/Panama
Atlantic/South_Georgia
Africa/Asmera
America/Pangnirtung
Atlantic/St_Helena
Africa/Bamako
America/Paramaribo
Atlantic/Stanley
Africa/Bangui
America/Phoenix
Australia/Adelaide
Africa/Banjul
America/Port_of_Spain
Australia/Brisbane
Africa/Bissau
America/Port-au-Prince
Australia/Broken_Hill
Africa/Blantyre
America/Porto_Acre
Australia/Darwin
Africa/Brazzaville
America/Puerto_Rico
Australia/Hobart
Africa/Bujumbura
America/Rainy_River
Australia/Lindeman
Africa/Cairo
America/Rankin_Inlet
Australia/Lord_Howe
Africa/Casablanca
America/Regina
Australia/Melbourne
Africa/Ceuta
America/Rosario
Australia/Perth
Africa/Conakry
America/Santiago
Australia/Sydney
Africa/Dakar
America/Santo_Domingo
Europe/Amsterdam
Africa/Dar_es_Salaam
America/Sao_Paulo
Europe/Andorra
Africa/Djibouti
America/Scoresbysund
Europe/Athens
Africa/Douala
America/Shiprock
Europe/Belfast
Africa/El_Aaiun
America/St_Johns
Europe/Belgrade
Africa/Freetown
America/St_Kitts
Europe/Berlin
Africa/Gaborone
America/St_Lucia
Europe/Bratislava
Africa/Harare
America/St_Thomas
Europe/Brussels
Africa/Johannesburg
America/St_Vincent
Europe/Bucharest
Africa/Kampala
America/Swift_Current
Europe/Budapest
Africa/Khartoum
America/Tegucigalpa
Europe/Chisinau
Africa/Kigali
America/Thule
Europe/Copenhagen
112
Africa/Kinshasa
America/Thunder_Bay
Europe/Dublin
Africa/Lagos
America/Tijuana
Europe/Gibraltar
Africa/Libreville
America/Tortola
Europe/Helsinki
Africa/Lome
America/Vancouver
Europe/Istanbul
Africa/Luanda
America/Whitehorse
Europe/Kaliningrad
Africa/Lubumbashi
America/Winnipeg
Europe/Kiev
Africa/Lusaka
America/Yakutat
Europe/Lisbon
Africa/Malabo
America/Yellowknife
Europe/Ljubljana
Africa/Maputo
Antarctica/Casey
Europe/London
Africa/Maseru
Europe/Luxembourg
Africa/Mbabane
Antarctica/Mawson
Europe/Madrid
Africa/Mogadishu
Antarctica/McMurdo
Europe/Malta
Africa/Monrovia
Antarctica/Palmer
Europe/Minsk
Africa/Nairobi
Antarctica/South_Pole
Europe/Monaco
Africa/Ndjamena
Arctic/Longyearbyen
Europe/Moscow
Africa/Niamey
Asia/Aden
Europe/Oslo
Africa/Nouakchott
Asia/Alma-Ata
Europe/Paris
Africa/Ouagadougou
Asia/Amman
Europe/Prague
Africa/Porto-Novo
Asia/Anadyr
Europe/Riga
Africa/Sao_Tome
Asia/Aqtau
Europe/Rome
Africa/Timbuktu
Asia/Aqtobe
Europe/Samara
Africa/Tripoli
Asia/Ashkhabad
Europe/San_Marino
Africa/Tunis
Asia/Baghdad
Europe/Sarajevo
Africa/Windhoek
Asia/Bahrain
Europe/Simferopol
America/Adak
Asia/Baku
Europe/Skopje
America/Anchorage
Asia/Bangkok
Europe/Sofia
America/Anguilla
Asia/Beirut
Europe/Stockholm
America/Antigua
Asia/Bishkek
Europe/Tallinn
America/Aruba
Asia/Brunei
Europe/Tirane
America/Asuncion
Asia/Calcutta
Europe/Vaduz
America/Barbados
Asia/Chungking
Europe/Vatican
113
America/Belize
Asia/Colombo
Europe/Vienna
America/Bogota
Asia/Dacca
Europe/Vilnius
America/Boise
Asia/Damascus
Europe/Warsaw
America/Buenos_Aires
Asia/Dubai
Europe/Zagreb
America/Caracas
Asia/Dushanbe
Europe/Zurich
America/Catamarca
Asia/Gaza
Indian/Antananarivo
America/Cayenne
Asia/Harbin
Indian/Chagos
America/Cayman
Asia/Hong_Kong
Indian/Christmas
America/Chicago
Asia/Irkutsk
Indian/Cocos
America/Cordoba
Asia/Ishigaki
Indian/Comoro
America/Costa_Rica
Asia/Jakarta
Indian/Kerguelen
America/Cuiaba
Asia/Jayapura
Indian/Mahe
America/Curacao
Asia/Jerusalem
Indian/Maldives
America/Dawson
Asia/Kabul
Indian/Mauritius
America/Dawson_Creek
Asia/Kamchatka
Indian/Mayotte
America/Denver
Asia/Karachi
Indian/Reunion
America/Detroit
Asia/Kashgar
Pacific/Apia
America/Dominica
Asia/Katmandu
Pacific/Auckland
America/Edmonton
Asia/Krasnoyarsk
Pacific/Chatham
America/El_Salvador
Asia/Kuala_Lumpur
Pacific/Easter
America/Ensenada
Asia/Kuching
Pacific/Efate
America/Fortaleza
Asia/Kuwait
Pacific/Enderbury
America/Glace_Bay
Asia/Macao
Pacific/Fakaofo
America/Godthab
Asia/Magadan
Pacific/Fiji
America/Goose_Bay
Asia/Manila
Pacific/Funafuti
America/Grand_Turk
Asia/Muscat
Pacific/Galapagos
America/Grenada
Asia/Nicosia
Pacific/Gambier
America/Guadeloupe
Asia/Novosibirsk
Pacific/Guadalcanal
America/Guatemala
Asia/Omsk
Pacific/Guam
America/Guayaquil
Asia/Phnom_Penh
Pacific/Honolulu
America/Guyana
Asia/Pyongyang
Pacific/Johnston
114
America/Halifax
Asia/Qatar
Pacific/Kiritimati
America/Havana
Asia/Rangoon
Pacific/Kosrae
America/Indianapolis
Asia/Riyadh
Pacific/Kwajalein
America/Inuvik
Asia/Saigon
Pacific/Majuro
America/Iqaluit
Asia/Seoul
Pacific/Marquesas
America/Jamaica
Asia/Shanghai
Pacific/Midway
America/Jujuy
Asia/Singapore
Pacific/Nauru
America/Juneau
Asia/Taipei
Pacific/Niue
America/La_Paz
Asia/Tashkent
Pacific/Norfolk
America/Lima
Asia/Tbilisi
Pacific/Noumea
America/Los_Angeles
Asia/Tehran
Pacific/Pago_Pago
America/Louisville
Asia/Thimbu
Pacific/Palau
America/Maceio
Asia/Tokyo
Pacific/Pitcairn
America/Managua
Asia/Ujung_Pandang
Pacific/Ponape
America/Manaus
Asia/Ulan_Bator
Pacific/Port_Moresby
America/Martinique
Asia/Urumqi
Pacific/Rarotonga
America/Mazatlan
Asia/Vientiane
Pacific/Saipan
America/Mendoza
Asia/Vladivostok
Pacific/Tahiti
America/Menominee
Asia/Yakutsk
Pacific/Tarawa
America/Mexico_City
Asia/Yekaterinburg
Pacific/Tongatapu
America/Miquelon
Asia/Yerevan
Pacific/Truk
America/Montevideo
Atlantic/Azores
Pacific/Wake
America/Montreal
Atlantic/Bermuda
Pacific/Wallis
America/Montserrat
Atlantic/Canary
Pacific/Yap
America/Nassau
Atlantic/Cape_Verde
America/New_York
Atlantic/Faeroe
115
Appendix D: Locale Language and Country Codes Locale languages and countries are two letter codes. The following are partial lists. For additional countries and languages not shown here, please visit:
http://www.loc.gov/standards/iso639-2/php/English_list.php and
http://www.iso.org/iso/country_codes/iso_3166_code_lists/english_country_names_and_code _elements.htm Language Bengali Chinese Czech Danish English Finnish French German Greek Hebrew Hindi Hungarian Irish Italian Japanese Korean Norwegian Polish Portuguese Punjabi Romanian Russian Swahili Swedish
Code bn zh cs da en fi fr de el he hi hu ga it ja ko no pl pt pa ro ru sw sv
116
Country names Afghanistan Albania Algeria Argentina Australia Austria Bangladesh Belgium Brazil Canada Cayman Islands Chile China Colombia Czech Republic Denmark Dominican Republic Ecuador Egypt El Salvador Finland France Georgia Germany Greece Hong Kong Hungary Iceland India Ireland Israel Italy Jamaica Japan Korea, Republic of Kuwait Kyrgyzstan Luxembourg Malaysia Mexico Monaco Mongolia
Code AF AL DZ AR AU AT BD BE BR CA KY CL CN CO CZ DK DO EC EG SV FI FR GE DE GR HK HU IS IN IE IL IT JM JP KR KW KG LU MY MX MC MN 117
Morocco Nepal Netherlands New Zealand Nicaragua Norway Pakistan Peru Philippines Poland Portugal Puerto Rico Romania Russian Federation Saudi Arabia Singapore South Africa Spain Sweden Switzerland Taiwan Turkey Ukraine United Arab Emirates United Kingdom United States Vatican City State Venezuela Viet Nam
MA NP NL NZ NI NO PK PE PH PL PT PR RO RU SA SG ZA ES SE CH TW TR UA AE GB US VA VE VN
118
Index API Development, 90 Application Customization, 77, 79 Installing, 5, 9 Licenses, 32 Logs, 91 SSL, 16 Starting, 33 Starting and Stopping, 33 Stopping, 34 Ungrading, 12 Uninstalling, 11 Application Customization, 77 Backing up the Application Data, 82 Conventions, 1 Data Backup, 82, 83 Defining an Authentication Source, 62 Frequently Asked Questions, 91 Installing, Uninstalling, and Upgrading Biscom Delivery Server, 5 Introduction, 1 Licenses, 32 Logon, 35 Managing Processes, 76 Microsoft Outlook Installing, 100 Uninstalling, 110, 111 Reports Users activity, 66, 68, 69 Scalability, 85, 86 Scalability and Server Tiers, 85 Server Configuration, 37 Information, 36 Signing In for the First Time, 35 Support and Troubleshooting, 91 System 119
Configuration – Application, 26 Configuration – fds.properties, 25, 27 Hardware Requirements, 3 Software Requirements, 3, 4 System and Application Configuration, 25, 27 System and User Administration, 36 System Processes Delivery notification, 62, 76 SMTP input handler, 76 System cleanup, 76 Users Creating, 56 Deleting, 60 Importing, 60 Inclusion and Exclusion Lists, 59 Manage, 54, 61 Modifying, 57 Resetting Password, 58
120