Administrator's Guide - TIC Software [PDF]

Administrator’s Guide Version 3.1 March 2009

Biscom, Inc. | 321 Billerica Rd. | Chelmsford, MA 01824 tel 978-250-1800 | fax 978-250-4449

Copyright  2009 Biscom, Inc. All rights reserved worldwide. Reproduction or translation of this publication (in part or whole, in any form or by any means) is forbidden without the express written permission of Biscom, Inc.

Notice Information furnished by BISCOM, Inc. is believed to be accurate and reliable. However, no responsibility is assumed by BISCOM, Inc. for its use, or any infringement of patents or other rights of third parties, which may result from its use. No license is granted by implication or otherwise under any patent or patent rights of BISCOM. BISCOM reserves the right to change hardware and software at any time without notice. Information provided in this manual is subject to change without notice.

Table of Contents Section 1: Introduction ..................................................................................................... 1 Topics .......................................................................................................................... 1 Conventions ................................................................................................................. 1 Section 2: Hardware and Software Requirements ................................................................ 3 Server Hardware ........................................................................................................... 3 Server Software ............................................................................................................ 3 Mail Server ................................................................................................................... 4 Client Software ............................................................................................................. 4 Section 3: Installing, Uninstalling, and Upgrading Biscom Delivery Server .............................. 5 Installing Biscom Delivery Server .................................................................................... 5 Installing the Web services interface ............................................................................... 9 Installing the Active Directory Connector ......................................................................... 9 Testing the Installation ................................................................................................ 10 Uninstalling Biscom Delivery Server .............................................................................. 11 Upgrading an existing Biscom Delivery Server instance ................................................... 12 Using IIS as your Web Server on Windows .................................................................... 14 Using SSL................................................................................................................... 16 Installing SSL on IIS for Windows ............................................................................. 16 Installing SSL on Apache 2 for Windows .................................................................... 20 Installing SSL on Apache 2 for Linux ......................................................................... 22 Troubleshooting SSL:............................................................................................... 23 Section 4: System and Application Configuration ............................................................... 25 System Configuration through fds.properties ................................................................. 25 Server Configuration through the Application ................................................................. 26 Section 5: Encryption Module .......................................................................................... 27 Encryption and Decryption ........................................................................................... 27 Keys and Key Management .......................................................................................... 27 Encryption Utililty ........................................................................................................ 27 Section 6: Licenses ......................................................................................................... 32 Licenses ..................................................................................................................... 32 Section 7: Starting and Stopping the Application ............................................................... 33 Starting the Application ............................................................................................... 33 Stopping the Application .............................................................................................. 34 Section 8: Signing In for the First Time ............................................................................ 35 First Sign In ............................................................................................................... 35 Section 9: System and User Administration ....................................................................... 36 v

Server Information ...................................................................................................... 36 Server Configuration ................................................................................................... 37 Server Configuration ................................................................................................ 37 Email and Notification Settings ................................................................................. 38 Microsoft Outlook Add-in Settings ............................................................................. 39 Outlook Add-in Configuration ................................................................................... 39 Delivery Settings ..................................................................................................... 40 Limited Sender Settings ........................................................................................... 41 Package Settings ..................................................................................................... 43 User Settings .......................................................................................................... 46 Contact and Group Settings...................................................................................... 48 Sign In and Password .............................................................................................. 49 User Registration..................................................................................................... 51 User Interface ......................................................................................................... 53 Manage Users ............................................................................................................. 54 Creating a New User ................................................................................................... 56 Modifying an Existing User ........................................................................................... 57 Inclusion and Exclusion Lists ........................................................................................ 59 Deleting a User ........................................................................................................... 60 Importing Users .......................................................................................................... 60 Manage Users with LDAP or Active Directory ................................................................. 61 Enabling Authentication Using LDAP ............................................................................. 62 Defining an Authentication Source ................................................................................ 62 Configuring the BDS Active Directory Connector ............................................................ 64 Assigning Roles using Groups ....................................................................................... 64 Viewing an Authentication Source................................................................................. 65 Section 10: Viewing Reports ............................................................................................ 66 Users activity .............................................................................................................. 66 Pending delivery notifications ....................................................................................... 68 System activity report ................................................................................................. 68 Monitor System Activity ............................................................................................... 69 Sorting Reports........................................................................................................... 70 Section 11: Compliance ................................................................................................... 71 Compliance Role ......................................................................................................... 71 View Packages ............................................................................................................ 71 View Deliveries ........................................................................................................... 72 View Users ................................................................................................................. 73 View System Activity ................................................................................................... 74 Section 12: Managing Processes ...................................................................................... 76 vi

Contact Synchronization .............................................................................................. 76 Delivery Notification .................................................................................................... 76 SMTP Input Handler .................................................................................................... 76 System Cleanup .......................................................................................................... 76 Section 13: Application Customization .............................................................................. 77 Customizing Look and Feel .......................................................................................... 77 Using your own CSS file ........................................................................................... 77 Changing the Logo .................................................................................................. 77 Customizing Text Labels .............................................................................................. 77 Editing Static Messages............................................................................................ 77 Editing Dynamic Messages ....................................................................................... 78 Customizing Online Help .............................................................................................. 79 Error Pages ................................................................................................................ 79 Section 14: Backing up the Application encoding="UTF-8"?> bds base trial d30 To install a new license, obtain the license XML file and place it in the license directory (as specified in the fds.properties configuration file). Open the fds.properties file and update the value for the licenseFile property by specifying the name and directory location of the license file. See the section on System and Application Configuration for more information on the fds.properties file. After copying the license to the proper license location, stop and restart the application server to enable the new license.

32

Section 7: Starting and Stopping the Application Starting the Application The installation scripts normally start up the applications upon completion or after a server reboot. But in cases where the application is not running, use the following steps to start the application. Windows: 1.

Log on to the computer with a user that has privileges to start and stop Windows services.

2.

Open the Windows Services manager by going to Start Menu > Control Panel. Double-click the Administrative Tools icon, and then double-click the Services icon.

3.

Start up the services in the following order if not already started: a.

content="text/html; charset=UTF-8"> Biscom Delivery Server not available 80

The server is currently unavailable. Please try again later. If you continue to have problems accessing the server, please contact your system administrator.

81

Section 14: Backing up the Application Data Directories and Files to Back Up Biscom Delivery Server stores files on the file system, users, deliveries, and package metadata in the database, and license, configuration, and log files on the file system. Any customizations are typically stored under the Web server document root. Back up all files and subdirectories under the directories specified or located in the locations listed below. Before backing up the BDS server, ensure that the application server has been shut down. Configuration Back up all configuration files from the config directory, including: 

fds.properties



biscom.properties



db.properties



ldap.properties



log4j.properties

Files and license Open fds.properties to find the location where user files are stored: o docRoot o

protectedRecycleBinDir

o

licenseFile

Back up the license file. Database The database should be exported and saved to your backup location. Please refer to the MySQL documentation, or the database documentation of the database you are using if it is different than MySQL, for details on exporting the database. Windows: Create a Windows batch file. A sample batch file may look like: echo Biscom Delivery Server Database Backup "C:\Program Files\Biscom Delivery Server\components\mysql4.1\bin\mysqldump.exe" -u fds -password=fds bds > "C:\Program Files\Biscom Delivery Server\backup\db\bds-backup.sql" echo Batch file completed

82

This batch file can be called and run on a regular basis using the Windows control panel application Scheduled Tasks. Linux: Run the mysqldump command with the name of the application: $ mysqldump {app name} > bds-backup.sql Make sure the dump file, e.g. bds-backup.sql in this example, is backed up along with the other data. Log files The logs are stored in a directory that is specified by the properties file log4j.properties. The location of the log4j.properties file is specified in biscom.properties: o

logPropertiesFilename

Open the log4j.properties file and look for the following properties showing the name and location of the three log files: o

log4j.appender.bdsAllLog.File

o

log4j.appender.bdsRollingLog.File

o

log4j.appender.bdsDBRollingLog.File

Customization files If the application has been customized with a logo or cascading style sheet, back these files up as well. If you are unsure of the location, view the Server Configuration page to see the settings.

Restoring from a Backup Restoring BDS from a backup involves the following steps: 1.

Shut down the application server

2.

Copy any existing data files and the database to a new location

3.

Restore the database

4.

Copy user files from the backup location to the current file location

5.

Verify configuration files and edit if needed

Database Locate the exported database dump file. Navigate to the bin directory in the MySQL installation location, and run the following command (for both Windows and Linux) that has the following syntax: 83

mysql –h -u -p < Example: mysql –h localhost -u fds -p bds < bds-backup.sql User files Locate and copy the backup user files to the appropriate data and recycle bin directories. Customizations Update or apply any existing customizations.

Once the files and database are restored, restart the application server.

84

Section 15: Scalability and Server Tiers Scalability Scalability provides better performance and increased capacity to handle users by adding servers that run the Biscom Delivery Server application. Each additional server more evenly distributes the workload, thus making the application more responsive with larger numbers of users. We recommend that anyone who is looking to scale their system first conduct a network architecture and application usage review to better understand the requirements of the system and its users. Also, determining the bandwidth requirements based on expected usage can help ensure system responsiveness. Scabilitity is also tied into how the various application tiers are deployed. By default, Biscom Delivery Server installs on a single machine. Moving the Web, Application Server, File System, and Database tiers to separate machines can improve performance as well as provide additional security by storing user data in more secure locations on the network.

85

Server Tiers Web Server Tier The Web server tier is a lightweight process, and acts as the interface between client Web browsers and the application server. Requests from clients are relayed through the Web server to the application server layer to begin processing the request. Responses from the application layer is then returned to the client via the Web server. When deployed in an environment with heavy bandwidth issues, it is critical to size the network bandwidth appropriately to ensure an adequate response to file uploads and downloads. Deploying two or more Web servers with load balancing ensures that user sessions will not be interrupted even if one server becomes disabled. This configuration also allows for adding more web servers to handle load as the number of users on the system increases. Application Server Tier All business and application logic is contained in the application server tier – receiving and processing client requests, accesing back end resources such as the file system and database as needed. No user data is stored at the application server tier. Clustering the application servers provides redundancy as well as better processing performance. This is the most important tier in terms of increasing performance and capacity to handle simultaneous user sessions. Data Tier (File System and Database) File System The file system contains all the user data, including files that are part of packages. Biscom Delivery Server works with both local and network-based file systems. Default installation creates a data directory on the local server. To use a different data directory, which may reside on a separate server, simply update the docRoot value in fds.properties. The docRoot may be a local drive, a network drive, or a UNC path. Note that backslashes must be escaped with a backslash. Windows: docRoot = C:\\apps\\bds\\data or docRoot = \\\\dataserver\\data Linux: docRoot = /home/admin/bds/data or docRoot = /mount/dataserver/data 86

Database The database contains all the metadata, including user information, package and delivery information, as well as the relationships between users and the packages and deliveries. All user, package, and delivery transactions are stored in the database, and reports can be generated by running queries against the database. Separating the Web Server and Application Server Tiers The JK Connector is the mechanism that connects the Web server to the application server. This connector maps URL patterns to workers which can represent different application server instances. The configuration file for the connector is called workers.properties, and is usually located in: Windows: /components/apache-2.0/conf Linux: /etc/httpd/conf/workers.properties

Note: The location of the workers.properties file is defined in the web server’s configuration file httpd.conf using the property JkWorkersFile. All workers are listed in the workers list: worker.list=ajp12, ajp13, worker1, worker2,… Workers are defined using the following properties: # # Defining a worker named ajp13 and of type ajp13 # Note that the name and the type do not have to match. # worker.ajp13.port=8009 worker.ajp13.host=localhost worker.ajp13.type=ajp13 worker.worker1.port=8009 worker.worker1.host=192.168.0.101 worker.worker1.type=ajp13 The Apache Web server configuration file httpd.conf loads the JK module and maps the URL to the appropriate worker. #JK configuration LoadModule jk_module modules/mod_jk.so JkWorkersFile "/etc/httpd/conf/workers.properties" JkLogFile "/etc/httpd/logs/mod_jk.log" JkLogLevel info JkLogStampFormat "[%a %b %d %H:%M:%S %Y]" 87

JkMount JkMount JkMount JkMount

/bds ajp13 /bds/* ajp13 /bds2 worker1 /bds2/* worker1

The last four lines perform the URL mapping starting from the document root. Wildcards (*) can be used in the patterns. When the Web server sees the URL https://secure-server.biscom.com/bds/Login.do, the request will be redirected to the ajp13 worker, which points to the application server instance running on localhost on port 8009 in our instance. The URL https://secure-server.biscom.com/bds2/Login.do would match the second mapping to worker1. Worker1 points to an instance on the server specified by the IP address 192.168.0.101 on port 8009. The application server could be running on a physically separate machine.

Note: When changing the worker host property, ensure that the machine and port can accept TCP communications from the Web server. This may require configuration changes to your firewall. Separating the Application Server Tier and Database Tier The configuration file /config/db.properties can be modified to point to a database server running on a different machine. # Define values for a specific pool fdsPool.database = MYSQL fdsPool.url = jdbc:mysql://127.0.0.1/bds?useUnicode=true&charac terEncoding=UTF-8 The property fdsPool.url defines the JDBC URL on which the database resides. To use a database on the machine db.biscom.com, change the value from 127.0.0.1 to db.biscom.com: fdsPool.url = jdbc:mysql://db.biscom.com/bds?useUnicode=true&ch aracterEncoding=UTF-8 When changing the location of the database server, ensure that the database grants permission to the host name or IP of the server where the application server resides. GRANT ALL PRIVILEGES ON .* TO 'fds'@'' IDENTIFIED BY 'fds'; Or GRANT ALL PRIVILEGES ON .* TO 'fds'@'' IDENTIFIED BY 'fds'; Examples:

88

GRANT ALL PRIVILEGES ON bds.* TO 'fds'@'localhost' IDENTIFIED BY 'fds'; GRANT ALL PRIVILEGES ON bds.* TO 'fds'@'127.0.0.1' IDENTIFIED BY 'fds';

89

Section 16: API Development Extending Biscom Delivery Server If you purchased the Software Development Kit, you have the ability to extend Biscom Delivery Server to suit the needs of your business, such as working with your workflow or business process management, and integrating with and extending existing applications. Creating your own custom application from the ground up is possible using the BDS APIs. BDS supports a native Java API, a platform/OS/programming language neutral Web services API, as well as an easy-to-use SMTP API. Please refer to the SDK documentation for the API as well as sample code and other documentation. Java API The Java API provides both high level and low level API calls that support methods for user authentication, package and delivery creation and management, user and group management, and report generation. The Java SDK provides a comprehensive Application Programming Interface to the Biscom Delivery Server back end, allowing developers to build a custom secure delivery application. For more information, see the SDK documentation. Web Services API Web services uses an XML-based call structure when invoking the API and can be called from any language, operating system, platform, and development environment that supports XML web services calls. The WSDL file contains the available API calls and many development environments will be able to import and provide an easy way to access the API. BDS provides a both a pre-built Java client library wrapper as well as a .NET client library wrapper for development. Additional languages that support Web services can access the API as well, such as Ruby and Python. The Web services API requires an additional web application to process the API calls. This WAR file is deployed to the application server in the same manner the BDS application is deployed. SMTP API The SMTP API is an XML-based API that leverages the ease and simplicity of email to deliver files and messages securely. BDS can be configured to watch a designated mailbox and look for specially formatted messages. BDS messages consist of embedded XML commands for secure and notification, adding recipients, setting delivery options, and submitting files.

90

Section 17: Support and Troubleshooting Logs Biscom Delivery Server maintains several event logs to help identify potential problems and can be useful for troubleshooting problems and when talking to technical support personnel. The log files are stored in the log directory under the installation () location by default. However, the log file locations and names may be changed by updating the appropriate properties in the log4j.properties file. Logs will grow to a certain size before rolling over. The size and number of backup (rolled over) logs are set in the log4j.properties files as well and can be modified by adjusting the .MaxFileSize and .MaxBackupIndex properties. By default, these values are set to 100KB maximum size and 20 backups for each of the logs. 

bdsRolling.log

The application log



bdsDBRolling.log

The database log



bdsAll.log

External system logs

Frequently Asked Questions Q.

I updated the fds.properties file, but why aren’t my changes appearing in the application?

A.

Changes to any of the properties files require restarting the application server to pick up the new changes.

Q.

How do I upgrade my license?

A.

License upgrades are performed by replacing your old license file with the new license file. The license file is an XML file that contains information on license expiration and restrictions such as the maximum number of Senders. Changing the XML content will invalidate the license. If the new license file is named differently than the old license file, you must update the licenseFile property in fds.properties. The application server must be restarted to recognize the new license.

Q.

Can I move the location of the files after installation?

A.

Yes, but special care must be taken when making any changes to the files system. 1.

Shut down the application server.

2.

Find the locations of the files and directories where user data is stored. 91

These locations can be found in the fds.properties files under the two properties docroot and protectedRecycleBinDir. 3.

Copy the files and directories to the new locations.

4.

Update the docroot and protectedRecycleBinDir properties in the fds.properties file with the new location of the files.

5.

Start the application server, and test the application.

6.

Once testing is complete, the old files may be deleted.

92

Appendix A: Biscom Delivery Manager (BDM) Biscom Delivery Manager Biscom Delivery Manager is a desktop application that communicates with the Biscom Delivery Server using the Web services API. BDM is designed to enhance the server by providing users with the ability to quickly and efficiently create packages, upload files, and download files. BDM runs as a Windows background service, and if it is in the process of uploading or downloading a file, will run even when no user is logged on to the machine. When uploading or downloading files, BDM supports file restart if network connectivity drops. When network connectivity is reestablished, BDM will gracefully continue the upload or download from the point of failure. Power failures that bring a desktop down while BDM is processing will also be handled gracefully by BDM – when power is restored and the machine restarts, the BDM service will restart and any pending uploads or downloads will resume from the point of failure.

Installing Web services The Web services application is axis2.war which can be found on your BDS CD or it may have been sent to you in a secure delivery. This application needs to be deployed to the application server. Deploying axis2.war:

Windows: 1.

Stop the application server Apache Tomcat through the Windows Computer Management utility.

2.

Copy axis2.war to the \components\tomcat-5.5\webapps directory.

3.

Start up the application server.

4.

Go to http://localhost:8080/axis2/ to ensure the Web services application is running. You should see the Apache Software Foundation logo as well as three links for Services, Validate, and Administration. Click the Services link and verify that all listed services have a Service Status of Active.

Linux: 1.

Stop the application server (e.g. /etc/init.d/tomcat stop).

2.

Copy axis2.war to the application server’s webapps directory, e.g. /usr/local/tomcat/webapps.

3.

Start up the applications (e.g. /etc/init.d/tomcat start).

4.

Go to http://localhost:8080/axis2/ to ensure the Web services application is running. You should see the Apache Software Foundation logo as well as three links for Services, Validate, and Administration. Click the Services link and verify that all listed services have a Service Status of Active.

93

Installing BDM Client Each user who wants to use the Biscom Delivery Manager must install the client on their desktop. Users must be registered BDS users and have the Sender role assigned. BDM comes packaged as a Windows installer which must be run from each desktop that wishes to run the client application. BDM installs as a Windows service, and also adds a shortcut to the BDM application in the Start menu.

Note: If an older version of BDM has already been installed on the desktop system, uninstall the older application before installing the newer application. You will see the following dialog boxes. You may update the location in which you install the Biscom Delivery Manager application.

94

95

Installation troubleshooting Some systems may have issues running the application as the Local System Account. If the application does not start up, or does not allow users to sign in, view the Computer Management application by right clicking My Computer > Manage.

96

Double click the Biscom Delivery Manager service to open the properties window.

Click on the Log On tab. If the Local System account is selected, choose the This account option and enter an account (e.g. the network logon credentials of the user who logs onto the PC regularly or a network administrator) that has permission to run the service.

97

Click OK. Stop and restart the Biscom Delivery Manager Service for the changes to take effect.

Configuring BDM Once installed, BDM will run using default configuration. However, BDM can be customized to change the look and feel of the application, or adjust the upload/download transfer rate. The following files located at /config can be modified: 

bdm.properties uploadChunkSize = 614400 uploadChunkSize: this value can be changed for more efficient file transfers. For users on the internal network, a larger chunk size may increase transfer speeds. For users outside the network (i.e. communicating to a server over the Internet), the default chunk size will probably be most efficient. When making changes to this value, the BDM service must be stopped and restarted, and users must exit and restart the client application.



bdsc.properties logoFile = C:\\Program Files\\Biscom Delivery Manager\\images\\bds_logo.gif iconFile = C:\\Program Files\\Biscom Delivery Manager\\images\\bds-upload-16.ico windowBackgroundColor = eeeeee 98

Starting and Stopping the BDM Service From the Control Panel, start the Add/Remove Programs utility. Select Biscom Delivery Manager and press the Remove button. The application will be uninstalled.

Uninstalling BDM From the Control Panel, start the Add/Remove Programs utility. Select Biscom Delivery Manager and press the Remove button. The application will be uninstalled.

99

Appendix B: Microsoft Outlook Add-in Installing the Microsoft Outlook Add-in If you have the optional Outlook Add-in module installed, your users can take advantage of the Biscom Delivery Server Microsoft Outlook Add-in, which allows users to create express deliveries from within their email environment. To use the add-in, the following conditions must be met: 

An email account on the mail server must be created and configured to be the recipient of message stubs. When a secure message is sent through BDS, a small email message is also created and sent to this email address, and contains the message and list of files attached. This email account should not be used for anything other than receiving Biscom Delivery Server messages with the proper data.



Each user who wants to use the Outlook Add-in must be running Microsoft Outlook 2003 or Outlook 2007, on Windows XP or Windows Vista.



Each user who wants to use the Outlook Add-in must have the Outlook Addin client installed on their machine with the proper configuration (mail server and email account properly defined).



Each user who wants to use the Outlook Add-in must have the Sender role assigned, and have the Allow Outlook Add-in checkbox checked in the Update User page (by default, this is not checked).



If using LDAP or Active Directory, any user who wishes to use the Outlook Add-in should be a member of a group that is assigned the Outlook Add-in role in the external source authentication definition.

Note: This takes precedence over the Allow Outlook Add-in checkbox in the user management page. How it works: 1.

When a user clicks the New Message button, a normal message form will open. Senders can add recipients as they would normally, enter a subject, and type in text in the memo field. To attach files, users can use the menu item Insert > File…, or users can simply drag and drop files from their desktop onto the memo field.

100

2.

Based on the settings in the server configuration, the different aspects may trigger the message to go out through BDS. For example, if the total size of the attachments exceeds the size limit defined in BDS, or a keyword matches the list of keywords defined, then the message will be delivered through BDS. Otherwise, the message will go out normally through the mail server.

101

3.

Users can change the delivery method in the toolbar on the Options ribbon. A drop down menu called Use BDS has three selectable values: Default, Yes, and No. The Default value (which is the default setting for users) will follow the policies defined by the BDS administrator. The Yes value will force sending the message securely through BDS. The No value will force the message to go through the regular mail server.

Note: The No value can be disabled by the administrator, so senders only have the choice of using the default settings or to force the message to go out securely. 4.

If the message meets the criteria for delivery through BDS, a stub message is sent to the mailbox defined by the administrator, containing the message in the memo field, and the names of the files delivered, but this message does not contain the actual files. A separate process will upload the files to the BDS server and create a delivery to be sent to the recipients listed in the message. Users can view the status of the file upload by going to the Sent folder, right clicking on the message and selecting the Status menu option. If the upload is still in progress, the user will see the progress meter of each file upload.

Enabling Users on the BDS Server You must enable your users to utilize the add-in. This is done differently for your LDAP/AD users and your non-LDAP/AD users. 1.

For non-LDAP/AD users, go to the Manage Users page under System and User Administration. When creating a new user, select the checkbox for Allow Outlook add-in. When updating an existing user, select the user from the Manage Users list, and select the Allow Outlook add-in checkbox. Note that the user must have the sender role assigned.

102

103

For LDAP/AD users, you enable the BDS add-in by adding the security groups that the user belongs to. So, if you have a group called domain senders who have the sender role assigned to them and will be using the add-in, simply add this group to the role mapping field Outlook Add-in.

104

Setting up Users with the Client End users can install the BDS Outlook add-in by simply double-clicking the Setup.exe file. The add-in can also be pushed out through Microsoft Group Policy if you are running Active Directory. Please contact Biscom technical support if you are interested in using Group Policy to distribute the BDS Outlook add-in. To install the add-in on a user’s desktop directly: 1.

Make sure the user’s Outlook client has been shut down.

2.

Double-click the Setup.exe file and follow the setup instructions. The first step is to install the Microsoft Office Primary Interop Assemblies as a requirement to run the BDS add-in.

3.

You will be prompted to start the installation of the BDS software. Click Next to start the installation.

105

4.

Select the installation directory.

5.

Click Next to perform the installation.

106

6.

Once installation is complete, you can close the installer.

7.

When a user first starts up Outlook, a BDS configuration form will be displayed. This configuration can also be viewed at any time afterwards by going to the Tools menu and selecting BDS Configuration. Each user must enter their username and password. If the other fields were not pre-populated, then the user must also enter the domain, server name, and SSL setting. For LDAP/AD users, in addition to the username and password fields, the proper domain must be entered. Non107

LDAP/AD users will leave the domain field blank.

8.

The add-in supports a direct internet connection or proxy server. The user can also try to have the add-in automatically detect the proxy settings.

108

Configuring Policies for the Add-in To configure the add-in behavior and policies, BDS administrators should open the Outlook Add-in Configuration page in Server Configuration.

109

1.

Enable Outlook add-in: Must be set to Yes to use the add-in

2.

Server email address: The mailbox on the mail server that receives the stub messages from each user

3.

Policy synchronization interval (in minutes): How often the add-in communicates with the BDS server to retrieve the policies. The default value is 60 minutes.

4.

Policies

5.

a.

Keywords (Subject line): One keyword or keyword phrase per line. If a phrase is used, it will be matched exactly, for example “social security”. This is not case sensitive. If a user enters a keyword or keyword phrase that is defined by an administrator, the message will be sent through BDS. Note, the email body and any attachments are not scanned for keywords. Keywords are also matched optimistically – so, if the keyword is “secure,” then the words “secure” and “securely” will match. But “security” will not match.

b.

Total attachment size (KB): Define the maximum attachment size limit that will trigger a secure delivery.

c.

Attachment name patterns: Enter the extensions that you want to trigger the add-in to re-route through BDS. Wildcards are supported, e.g. to specify all files with an “.exe” extension, you would enter “*.exe” in this field.

d.

Allow users to bypass policy: If set to Yes, senders can force a message that matches a BDS policy to be sent through the mail server. If set to No, senders will not see the option to disable sending through BDS in the Outlook client.

Delivery Settings a.

Notify when recipients access this delivery: Select whether to be notified the first time each recipient opens the secure delivery, or every time a recipient opens the delivery.

b.

Email addresses to notify: Specify one or more recipients to notify when a secure delivery is opened. Or, use the reserved word SENDER, to have notifications sent back to the original sender of the delivery.

Uninstalling the Microsoft Outlook Add-in To prevent a user from using the Outlook add-in, you can disable outlook by deselecting the Allow Outlook add-in checkbox when updating the user or removing the user from the LDAP/AD group mapped to the Outlook Add-in. To fully remove the add-in from a user’s Outlook client, follow these steps: 1.

Shut down the user’s Outlook client and confirm that no Outlook processes remain.

2.

Go to the Control Panel and open Add/Remove Programs (Windows XP) or Programs and Features (Windows Vista) and uninstall the add-in.

110

Upgrading the Microsoft Outlook Add-in Simply run the new Setup.exe file and the new add-in will upgrade the existing addin. All user values will be saved and will not have to be re-entered.

111

Appendix C: Time Zones

Africa/Abidjan

America/Nipigon

Atlantic/Jan_Mayen

Africa/Accra

America/Nome

Atlantic/Madeira

Africa/Addis_Ababa

America/Noronha

Atlantic/Reykjavik

Africa/Algiers

America/Panama

Atlantic/South_Georgia

Africa/Asmera

America/Pangnirtung

Atlantic/St_Helena

Africa/Bamako

America/Paramaribo

Atlantic/Stanley

Africa/Bangui

America/Phoenix

Australia/Adelaide

Africa/Banjul

America/Port_of_Spain

Australia/Brisbane

Africa/Bissau

America/Port-au-Prince

Australia/Broken_Hill

Africa/Blantyre

America/Porto_Acre

Australia/Darwin

Africa/Brazzaville

America/Puerto_Rico

Australia/Hobart

Africa/Bujumbura

America/Rainy_River

Australia/Lindeman

Africa/Cairo

America/Rankin_Inlet

Australia/Lord_Howe

Africa/Casablanca

America/Regina

Australia/Melbourne

Africa/Ceuta

America/Rosario

Australia/Perth

Africa/Conakry

America/Santiago

Australia/Sydney

Africa/Dakar

America/Santo_Domingo

Europe/Amsterdam

Africa/Dar_es_Salaam

America/Sao_Paulo

Europe/Andorra

Africa/Djibouti

America/Scoresbysund

Europe/Athens

Africa/Douala

America/Shiprock

Europe/Belfast

Africa/El_Aaiun

America/St_Johns

Europe/Belgrade

Africa/Freetown

America/St_Kitts

Europe/Berlin

Africa/Gaborone

America/St_Lucia

Europe/Bratislava

Africa/Harare

America/St_Thomas

Europe/Brussels

Africa/Johannesburg

America/St_Vincent

Europe/Bucharest

Africa/Kampala

America/Swift_Current

Europe/Budapest

Africa/Khartoum

America/Tegucigalpa

Europe/Chisinau

Africa/Kigali

America/Thule

Europe/Copenhagen

112

Africa/Kinshasa

America/Thunder_Bay

Europe/Dublin

Africa/Lagos

America/Tijuana

Europe/Gibraltar

Africa/Libreville

America/Tortola

Europe/Helsinki

Africa/Lome

America/Vancouver

Europe/Istanbul

Africa/Luanda

America/Whitehorse

Europe/Kaliningrad

Africa/Lubumbashi

America/Winnipeg

Europe/Kiev

Africa/Lusaka

America/Yakutat

Europe/Lisbon

Africa/Malabo

America/Yellowknife

Europe/Ljubljana

Africa/Maputo

Antarctica/Casey

Europe/London

Africa/Maseru

Europe/Luxembourg

Africa/Mbabane

Antarctica/Mawson

Europe/Madrid

Africa/Mogadishu

Antarctica/McMurdo

Europe/Malta

Africa/Monrovia

Antarctica/Palmer

Europe/Minsk

Africa/Nairobi

Antarctica/South_Pole

Europe/Monaco

Africa/Ndjamena

Arctic/Longyearbyen

Europe/Moscow

Africa/Niamey

Asia/Aden

Europe/Oslo

Africa/Nouakchott

Asia/Alma-Ata

Europe/Paris

Africa/Ouagadougou

Asia/Amman

Europe/Prague

Africa/Porto-Novo

Asia/Anadyr

Europe/Riga

Africa/Sao_Tome

Asia/Aqtau

Europe/Rome

Africa/Timbuktu

Asia/Aqtobe

Europe/Samara

Africa/Tripoli

Asia/Ashkhabad

Europe/San_Marino

Africa/Tunis

Asia/Baghdad

Europe/Sarajevo

Africa/Windhoek

Asia/Bahrain

Europe/Simferopol

America/Adak

Asia/Baku

Europe/Skopje

America/Anchorage

Asia/Bangkok

Europe/Sofia

America/Anguilla

Asia/Beirut

Europe/Stockholm

America/Antigua

Asia/Bishkek

Europe/Tallinn

America/Aruba

Asia/Brunei

Europe/Tirane

America/Asuncion

Asia/Calcutta

Europe/Vaduz

America/Barbados

Asia/Chungking

Europe/Vatican

113

America/Belize

Asia/Colombo

Europe/Vienna

America/Bogota

Asia/Dacca

Europe/Vilnius

America/Boise

Asia/Damascus

Europe/Warsaw

America/Buenos_Aires

Asia/Dubai

Europe/Zagreb

America/Caracas

Asia/Dushanbe

Europe/Zurich

America/Catamarca

Asia/Gaza

Indian/Antananarivo

America/Cayenne

Asia/Harbin

Indian/Chagos

America/Cayman

Asia/Hong_Kong

Indian/Christmas

America/Chicago

Asia/Irkutsk

Indian/Cocos

America/Cordoba

Asia/Ishigaki

Indian/Comoro

America/Costa_Rica

Asia/Jakarta

Indian/Kerguelen

America/Cuiaba

Asia/Jayapura

Indian/Mahe

America/Curacao

Asia/Jerusalem

Indian/Maldives

America/Dawson

Asia/Kabul

Indian/Mauritius

America/Dawson_Creek

Asia/Kamchatka

Indian/Mayotte

America/Denver

Asia/Karachi

Indian/Reunion

America/Detroit

Asia/Kashgar

Pacific/Apia

America/Dominica

Asia/Katmandu

Pacific/Auckland

America/Edmonton

Asia/Krasnoyarsk

Pacific/Chatham

America/El_Salvador

Asia/Kuala_Lumpur

Pacific/Easter

America/Ensenada

Asia/Kuching

Pacific/Efate

America/Fortaleza

Asia/Kuwait

Pacific/Enderbury

America/Glace_Bay

Asia/Macao

Pacific/Fakaofo

America/Godthab

Asia/Magadan

Pacific/Fiji

America/Goose_Bay

Asia/Manila

Pacific/Funafuti

America/Grand_Turk

Asia/Muscat

Pacific/Galapagos

America/Grenada

Asia/Nicosia

Pacific/Gambier

America/Guadeloupe

Asia/Novosibirsk

Pacific/Guadalcanal

America/Guatemala

Asia/Omsk

Pacific/Guam

America/Guayaquil

Asia/Phnom_Penh

Pacific/Honolulu

America/Guyana

Asia/Pyongyang

Pacific/Johnston

114

America/Halifax

Asia/Qatar

Pacific/Kiritimati

America/Havana

Asia/Rangoon

Pacific/Kosrae

America/Indianapolis

Asia/Riyadh

Pacific/Kwajalein

America/Inuvik

Asia/Saigon

Pacific/Majuro

America/Iqaluit

Asia/Seoul

Pacific/Marquesas

America/Jamaica

Asia/Shanghai

Pacific/Midway

America/Jujuy

Asia/Singapore

Pacific/Nauru

America/Juneau

Asia/Taipei

Pacific/Niue

America/La_Paz

Asia/Tashkent

Pacific/Norfolk

America/Lima

Asia/Tbilisi

Pacific/Noumea

America/Los_Angeles

Asia/Tehran

Pacific/Pago_Pago

America/Louisville

Asia/Thimbu

Pacific/Palau

America/Maceio

Asia/Tokyo

Pacific/Pitcairn

America/Managua

Asia/Ujung_Pandang

Pacific/Ponape

America/Manaus

Asia/Ulan_Bator

Pacific/Port_Moresby

America/Martinique

Asia/Urumqi

Pacific/Rarotonga

America/Mazatlan

Asia/Vientiane

Pacific/Saipan

America/Mendoza

Asia/Vladivostok

Pacific/Tahiti

America/Menominee

Asia/Yakutsk

Pacific/Tarawa

America/Mexico_City

Asia/Yekaterinburg

Pacific/Tongatapu

America/Miquelon

Asia/Yerevan

Pacific/Truk

America/Montevideo

Atlantic/Azores

Pacific/Wake

America/Montreal

Atlantic/Bermuda

Pacific/Wallis

America/Montserrat

Atlantic/Canary

Pacific/Yap

America/Nassau

Atlantic/Cape_Verde

America/New_York

Atlantic/Faeroe

115

Appendix D: Locale Language and Country Codes Locale languages and countries are two letter codes. The following are partial lists. For additional countries and languages not shown here, please visit:

http://www.loc.gov/standards/iso639-2/php/English_list.php and

http://www.iso.org/iso/country_codes/iso_3166_code_lists/english_country_names_and_code _elements.htm Language Bengali Chinese Czech Danish English Finnish French German Greek Hebrew Hindi Hungarian Irish Italian Japanese Korean Norwegian Polish Portuguese Punjabi Romanian Russian Swahili Swedish

Code bn zh cs da en fi fr de el he hi hu ga it ja ko no pl pt pa ro ru sw sv

116

Country names Afghanistan Albania Algeria Argentina Australia Austria Bangladesh Belgium Brazil Canada Cayman Islands Chile China Colombia Czech Republic Denmark Dominican Republic Ecuador Egypt El Salvador Finland France Georgia Germany Greece Hong Kong Hungary Iceland India Ireland Israel Italy Jamaica Japan Korea, Republic of Kuwait Kyrgyzstan Luxembourg Malaysia Mexico Monaco Mongolia

Code AF AL DZ AR AU AT BD BE BR CA KY CL CN CO CZ DK DO EC EG SV FI FR GE DE GR HK HU IS IN IE IL IT JM JP KR KW KG LU MY MX MC MN 117

Morocco Nepal Netherlands New Zealand Nicaragua Norway Pakistan Peru Philippines Poland Portugal Puerto Rico Romania Russian Federation Saudi Arabia Singapore South Africa Spain Sweden Switzerland Taiwan Turkey Ukraine United Arab Emirates United Kingdom United States Vatican City State Venezuela Viet Nam

MA NP NL NZ NI NO PK PE PH PL PT PR RO RU SA SG ZA ES SE CH TW TR UA AE GB US VA VE VN

118

Index API Development, 90 Application Customization, 77, 79 Installing, 5, 9 Licenses, 32 Logs, 91 SSL, 16 Starting, 33 Starting and Stopping, 33 Stopping, 34 Ungrading, 12 Uninstalling, 11 Application Customization, 77 Backing up the Application Data, 82 Conventions, 1 Data Backup, 82, 83 Defining an Authentication Source, 62 Frequently Asked Questions, 91 Installing, Uninstalling, and Upgrading Biscom Delivery Server, 5 Introduction, 1 Licenses, 32 Logon, 35 Managing Processes, 76 Microsoft Outlook Installing, 100 Uninstalling, 110, 111 Reports Users activity, 66, 68, 69 Scalability, 85, 86 Scalability and Server Tiers, 85 Server Configuration, 37 Information, 36 Signing In for the First Time, 35 Support and Troubleshooting, 91 System 119

Configuration – Application, 26 Configuration – fds.properties, 25, 27 Hardware Requirements, 3 Software Requirements, 3, 4 System and Application Configuration, 25, 27 System and User Administration, 36 System Processes Delivery notification, 62, 76 SMTP input handler, 76 System cleanup, 76 Users Creating, 56 Deleting, 60 Importing, 60 Inclusion and Exclusion Lists, 59 Manage, 54, 61 Modifying, 57 Resetting Password, 58

120