在Windows Server 2003中,终端服务没有被默认安装,需要我们进行手动添加:
依次单击“开始→控制面板→添加或删除程序”,在“添加或删除程序”对话框中单击“添加/删除Windows组件”选项卡。然后勾选“组件”列表中的“终端服务器”选项。这时可能会弹出一个关于IE安全配置的警告对话框,单击“是”按钮将其关闭并依次单击“下一步”按钮。
在打开的“为应用程序兼容性选择默认权限”对话框中,系统给出了两种安装模式,即“完整安全模式”和“宽松安全模式”。我们选择“完整安全模式”并单击“下一步”按钮。无需插入安装光盘,文件复制完毕单击“完成”按钮即可。
■ 配置终端服务器
1. 赋予用户权限
默认情况下只有系统管理员组用户(Administrators)和系统组用户(SYSTEM)拥有访问和完全控制终端服务器的权限,另外远程桌面用户组(Remote Desktop Users)的成员只拥有访问权限而不具备完全控制权。而在很多时候,默认的权限设置往往并不能完全满足我们的实际需求,因此我们还需要赋予某些特殊用户远程连接的权限:
依次单击“开始→管理工具→终端服务配置”,在打开的“终端服务配置”对话框中双击右侧窗格中的“RDP-Tcp” 连接。打开“RDP-Tcp属性”对话框。然后切换到“权限”选项卡下,单击“添加”按钮,在“输入对象名称来源”编辑框中填入准备赋予权限的用户名(如 hanjiang)并单击“确定”按钮。
返回“RDP-Tcp属性”对话框后,在“组和用户名称”列表中单击刚刚添加的用户“hangjiang”,然后根据需要勾选权限列表框中的复选框。例如我们勾选允许“来宾访问”、“用户访问”复选框(如图1)。
2. 限制并发连接数量
默认情况下,终端服务对远程连接不限制数量,并且只允许两个并发管理远程桌面连接。考虑到节约服务器系统资源问题,我们可以对并发连接数量加以限制,以保证服务器保持较高的性能。设置方法如下:
在“RDP-Tcp属性”对话框中切换至“网卡”选项卡。在“网卡”下拉列表中选中使用RDP-Tcp协议的网卡,然后点选“最多连接数”单选框,并在右侧的微调框中调整并发连接数值(例如:20)。
3. 设置客户端可用的本地资源
在“RDP-Tcp属性”对话框中切换至“客户端设置”选项卡,可以勾选“禁用下列项目”区域中的项目以限制对客户端资源的使用。例如在勾选“音频映射 ”复选框后,服务器端的声音将不能通过客户端的声卡播放。而有时用户的需求恰恰相反,比如必须使用本地的打印机。那么这时必须保证“Windows打印机映射”和“LPT端口映射”两项是非选中状态(如图2)。
■ 连接终端服务器
1. 安装客户端
用户要想远程连接到终端服务器,首先需要安装客户端。假设Windows Server 2003的系统目录在C盘,那么可以在“C:WindowsSystem32ClientTsclientWin32”目录下找到客户端安装程序。通过“ 网上邻居”或其他方式将客户端安装程序分发给客户机并完成安装。
2. 远程连接
在客户机上依次单击“开始→所有程序→远程桌面连接”,在打开的对话框中单击“选项”按钮切换至详细的登录对话框。在“计算机名”编辑框中键入终端服务器的IP地址,在“用户名”编辑框中键入“hanjiang”并单击“连接”按钮。出现Windows登录对话框后键入已授权的用户名的密码即可完成连接。
小提示:当然要想成功连接到终端服务器,必须保证允许进行“远程桌面”连接:右击“我的电脑”→执行“属性”→切换至“远程”选项卡→勾选“允许用户远程连接到您的计算机”复选框。
■ 应用实例
假设用户“hanjiang”不在单位,但是需要在单位服务器的Windows Server 2003环境下运行某一应用程序。这时他就可以在本地机安装终端服务器客户端,然后通过“远程桌面连接”连接至单位的终端服务器进行操作
2008年11月26日星期三
win2003 安装 UF 852 安装注册错误解决办法
win2003 安装 UF 852 安装注册错误解决办法
复制C:\Program Files\Common Files\System\ado下的
msadox.dll 和 msadomd.dll到c:\windows\system32
运行
regsvr32 msadox.dll
regsvr32 msadomd.dll
修复u852重新启动server
复制C:\Program Files\Common Files\System\ado下的
msadox.dll 和 msadomd.dll到c:\windows\system32
运行
regsvr32 msadox.dll
regsvr32 msadomd.dll
修复u852重新启动server
2008年11月21日星期五
Set up LDAP
LDAP ports
By default the LDAP task listens for LDAP client requests over TCP/IP port 389, but the LDAP service can also listen for requests over an SSL port, usually port 636.
Run directory tree verification manually
You Can run directory tree verification manually, for example if you've added document to a directory since you last started the LDAP service.
Tell Ldap VerifyDIT
Note:
If you organization uses more than one Global Domain document, you must select "Yes" in the Use as default Global domain" field of the Global Domain document you want to use LADP service forms.
A DNS domain name retrieved from the OS of the machine on which the LDAP service runs.
The syntax is: user's hierarchical name%notesdomain@hostname
For example Randin Boweker/Marketing/East/Acme%Acme@acme.com
Prevent the LDAP service on the administration server
DA->Configuration->All server documents->select server->edit server->Ports->Internet Ports->Directory
Disable "SSL port status"
Disable "TCP/IP port status"
Save & Close
run restark task LDAP
Disable LDAP service
Add Notes.ini setting "DisableLDAPOnAdmin=1"
Remove LDAP from the Server Tasks on Notes.ini setting
Change LDAP service port and security configuration
DA->Configuration->All server documents->select server->edit server->Ports->Internet Ports->Directory
Enforce server access settings:
Yes to apply the "Access server" and "Not access server" settings set in the server access section on the security tab of this server document to authenticated LDAP clients connecting to the LDAP service over the TCP/IP port.
No (Default) to specify that the LDAP service ignore the Server Access settings.
Save & Close
Run restart task LDAP
Full-text index directories serverd by LDAP
DA->Configuration->LDAP->Settings (If you see the prompt "Unable to locate a server configuration document for this domain. Would you like to create one now?" Click Yes->LDAP tab->Edit LDAP settings->"Automatically FUll Text Index Domino Directory?"
Yes to enable the LDAP service to create and update full-text indexes automatically.
No (default) to prevent the LDAP service from creating and updating full-text indexes automaticlly.
Click Save&Close
Note: If you select No to disable this feature, you must delete manually any full text index(s) which you want to remove.
Choose which method to use
When you use the Domain Configuration Settings document to allow or deny access to an attribute, the access applies to all entries that contain the attribute. However, when you use the database ACL/Extended ACL, you can deny access to an attribute contained in entries at a particular branch of the directory tree.
Use the Domain Configuration settings document to customize anonymous LDAP search access to a directory
DA->Configuration->LDAP->Settings (If you see the prompt "Unable to locate a server configuration document for this domain. Would you like to create one now?" Click Yes->LDAP tab->Edit LDAP settings->"Choose fields that anonymous users can query via LDAP "Select Attribute Types"
Add/Remove attributes on the field.
Click OK ->Save & Close
Enable/Disable LDAP write access
DA->Configuration->LDAP->Settings (If you see the prompt "Unable to locate a server configuration document for this domain. Would you like to create one now?" Click Yes->LDAP tab->Edit LDAP settings->"Allow LDAP user write access"
Yes to allow directory change
No (default) to prevent directory changes via LDAP
Save & Close
Restart Domino server
Rules to follow when this directory is the primary directory and there are multiple matches on the distinguished name being compared/modified
″Don’t modify any″ (default):
Prevents the operation from occurring. The LDAP service returns an error, and you can investigate the duplicate names/naming rules.
″Modify first match″:
v Carries out the LDAP modify, delete, or compare operation on the first entry encountered in a directory enabled for LDAP write operations that matches the distinguished name specified in the operation.
v Carries out the LDAP add operation in the Domino Directory configured in directory assistance database that is enabled for LDAP write operations and has the most specific matching rule and the lowest search order
″Modify all matches″
v Carries out the LDAP modify, delete, or compare operation on all the entries encountered that match the distinguished name specified in the operation.
v Carries out the LDAP add operation in all the Domino Directories configured in the directory assistance database with a matching rule that most specifically matches the distinguished name specified in the add operation, and that are enabled for LDAP write operations.
Timeout
The maximum time, in seconds, allowed for LDAP client searches; default is 0.
Maximum number of entries returned
The maximum number of directory entries the LDAP service returns to LDAP clients as search results; default is 0, meaning that there is no limit. For example, specify 100.
Minimum characters for wildcard search
The minimum number of characters that must precede the first wildcard in a search filter when the wildcard is combined with a substring; default is 1.
Enable LDAP alternate language search
Allow Alternate Language Information documents Yes
DN Required on Bind
Yes to require distinguished names as LDAP client logon names for name-and-password security
No (default) to not require distinguished names for client logon names.
Configuring character encoding for LDAP V2 clients
To support LDAP V2 clients that don’t use UTF-8, you can change the default encoding to prevent the LDAP service from using UTF-8 character encoding for V2 clients. If you prevent the use of UTF-8 character encoding for LDAP V2 clients, then the LDAP service may sometimes be unable to return results containing international characters to V2 clients that use UTF-8.
Note: The LDAP service always uses UTF-8 character encoding when returning results with international characters to LDAP V3 clients, for example, Microsoft Outlook Express clients and Notes clients.
Encode results in UTF8 for LDAPV2 clients
Yes (default) to use UTF-8 character encoding for LDAP V2 clients.
v No to prevent the use of UTF-8 character encoding for LDAP V2 clients.
Add Alternative language for users
DA->People & Groups->Open select people->edit person->Action->Add Alternate Language
Use desktop policy to automate setup of LDAP account for the LDAP service.
DA->People & Groups->Policy->New policy->Desktop Policy->Account
Inherit Default Accounts Settings from Parent
Select to inherit default account settings from parent
Enforce Default Accounts Settings in Children
Select to enforce default account settings in children
Account Names
A descriptive name for the LDAP service account; users see this name in the list of directories the client can search. If you specify more than one account -- for example, an account for another Internet service -- separate account names with commas (,).
Server Addresses
The host name of the server running the LDAP service -- for example, ldap.acme.com.
Protocols
LDAP
Use SSL Connection
Yes to use SSL; otherwise, No.
Show current LDAP service configuration
Tell ldap showconfig
To show the status of LDAP service configuration as well as the status of the LDAP service settings controlled through the NOTES.INI file,
Tell ldap showconfig debug
By default the LDAP task listens for LDAP client requests over TCP/IP port 389, but the LDAP service can also listen for requests over an SSL port, usually port 636.
Run directory tree verification manually
You Can run directory tree verification manually, for example if you've added document to a directory since you last started the LDAP service.
Tell Ldap VerifyDIT
Note:
If you organization uses more than one Global Domain document, you must select "Yes" in the Use as default Global domain" field of the Global Domain document you want to use LADP service forms.
A DNS domain name retrieved from the OS of the machine on which the LDAP service runs.
The syntax is: user's hierarchical name%notesdomain@hostname
For example Randin Boweker/Marketing/East/Acme%Acme@acme.com
Prevent the LDAP service on the administration server
DA->Configuration->All server documents->select server->edit server->Ports->Internet Ports->Directory
Disable "SSL port status"
Disable "TCP/IP port status"
Save & Close
run restark task LDAP
Disable LDAP service
Add Notes.ini setting "DisableLDAPOnAdmin=1"
Remove LDAP from the Server Tasks on Notes.ini setting
Change LDAP service port and security configuration
DA->Configuration->All server documents->select server->edit server->Ports->Internet Ports->Directory
Enforce server access settings:
Yes to apply the "Access server" and "Not access server" settings set in the server access section on the security tab of this server document to authenticated LDAP clients connecting to the LDAP service over the TCP/IP port.
No (Default) to specify that the LDAP service ignore the Server Access settings.
Save & Close
Run restart task LDAP
Full-text index directories serverd by LDAP
DA->Configuration->LDAP->Settings (If you see the prompt "Unable to locate a server configuration document for this domain. Would you like to create one now?" Click Yes->LDAP tab->Edit LDAP settings->"Automatically FUll Text Index Domino Directory?"
Yes to enable the LDAP service to create and update full-text indexes automatically.
No (default) to prevent the LDAP service from creating and updating full-text indexes automaticlly.
Click Save&Close
Note: If you select No to disable this feature, you must delete manually any full text index(s) which you want to remove.
Choose which method to use
When you use the Domain Configuration Settings document to allow or deny access to an attribute, the access applies to all entries that contain the attribute. However, when you use the database ACL/Extended ACL, you can deny access to an attribute contained in entries at a particular branch of the directory tree.
Use the Domain Configuration settings document to customize anonymous LDAP search access to a directory
DA->Configuration->LDAP->Settings (If you see the prompt "Unable to locate a server configuration document for this domain. Would you like to create one now?" Click Yes->LDAP tab->Edit LDAP settings->"Choose fields that anonymous users can query via LDAP "Select Attribute Types"
Add/Remove attributes on the field.
Click OK ->Save & Close
Enable/Disable LDAP write access
DA->Configuration->LDAP->Settings (If you see the prompt "Unable to locate a server configuration document for this domain. Would you like to create one now?" Click Yes->LDAP tab->Edit LDAP settings->"Allow LDAP user write access"
Yes to allow directory change
No (default) to prevent directory changes via LDAP
Save & Close
Restart Domino server
Rules to follow when this directory is the primary directory and there are multiple matches on the distinguished name being compared/modified
″Don’t modify any″ (default):
Prevents the operation from occurring. The LDAP service returns an error, and you can investigate the duplicate names/naming rules.
″Modify first match″:
v Carries out the LDAP modify, delete, or compare operation on the first entry encountered in a directory enabled for LDAP write operations that matches the distinguished name specified in the operation.
v Carries out the LDAP add operation in the Domino Directory configured in directory assistance database that is enabled for LDAP write operations and has the most specific matching rule and the lowest search order
″Modify all matches″
v Carries out the LDAP modify, delete, or compare operation on all the entries encountered that match the distinguished name specified in the operation.
v Carries out the LDAP add operation in all the Domino Directories configured in the directory assistance database with a matching rule that most specifically matches the distinguished name specified in the add operation, and that are enabled for LDAP write operations.
Timeout
The maximum time, in seconds, allowed for LDAP client searches; default is 0.
Maximum number of entries returned
The maximum number of directory entries the LDAP service returns to LDAP clients as search results; default is 0, meaning that there is no limit. For example, specify 100.
Minimum characters for wildcard search
The minimum number of characters that must precede the first wildcard in a search filter when the wildcard is combined with a substring; default is 1.
Enable LDAP alternate language search
Allow Alternate Language Information documents Yes
DN Required on Bind
Yes to require distinguished names as LDAP client logon names for name-and-password security
No (default) to not require distinguished names for client logon names.
Configuring character encoding for LDAP V2 clients
To support LDAP V2 clients that don’t use UTF-8, you can change the default encoding to prevent the LDAP service from using UTF-8 character encoding for V2 clients. If you prevent the use of UTF-8 character encoding for LDAP V2 clients, then the LDAP service may sometimes be unable to return results containing international characters to V2 clients that use UTF-8.
Note: The LDAP service always uses UTF-8 character encoding when returning results with international characters to LDAP V3 clients, for example, Microsoft Outlook Express clients and Notes clients.
Encode results in UTF8 for LDAPV2 clients
Yes (default) to use UTF-8 character encoding for LDAP V2 clients.
v No to prevent the use of UTF-8 character encoding for LDAP V2 clients.
Add Alternative language for users
DA->People & Groups->Open select people->edit person->Action->Add Alternate Language
Use desktop policy to automate setup of LDAP account for the LDAP service.
DA->People & Groups->Policy->New policy->Desktop Policy->Account
Inherit Default Accounts Settings from Parent
Select to inherit default account settings from parent
Enforce Default Accounts Settings in Children
Select to enforce default account settings in children
Account Names
A descriptive name for the LDAP service account; users see this name in the list of directories the client can search. If you specify more than one account -- for example, an account for another Internet service -- separate account names with commas (,).
Server Addresses
The host name of the server running the LDAP service -- for example, ldap.acme.com.
Protocols
LDAP
Use SSL Connection
Yes to use SSL; otherwise, No.
Show current LDAP service configuration
Tell ldap showconfig
To show the status of LDAP service configuration as well as the status of the LDAP service settings controlled through the NOTES.INI file,
Tell ldap showconfig debug
安装配置MRTG
一:安装网络流量监视[默认5分钟采集一次]
切换到超级用户:
sudo -sH
安装软件:
apt-get install apache2
apt-get install mrtg
apt-get install snmpd
编辑snmpd:
vim /etc/snmp/snmpd.conf
查找到类似的行,修改为如下所示:(仅仅修改屏蔽或放开)
# sec.name source community
# com2sec paranoid default public # kommentieren
com2sec readonly default public # <- auskommentieren
#com2sec readwrite default private
重启snmpd服务:
/etc/init.d/snmpd restart
重新生成mrtg的配置文件:
cfgmaker public@localhost > /etc/mrtg.cfg
(注意)如果仅仅监视一个IP地址采用如下命令:
cfgmaker public@192.168.0.1 >> /etc/mrtg.cfg
生成mrtg的主页:
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
二安装CPU负载监视[默认5分钟采集一次]
切换到超级用户:
sudo -sH
安装软件:
apt-get install sysstat
建立CPU脚本:
mkdir /opt/mrtg
vim /opt/mrtg/mrtg.cpu
#!/bin/bash
cpuusr=`/usr/bin/sar -u 1 3 | grep Average | awk '{print $3}'`
cpusys=`/usr/bin/sar -u 1 3 | grep Average | awk '{print $5}'`
UPtime=`/usr/bin/uptime | awk '{print $3""$4""$5}'`
echo $cpuusr
echo $cpusys
echo $UPtime
hostname
使脚本可以执行:
chmod +755 /opt/mrtg/mrtg.cpu
修改 /etc/mrtg.cfg 在文件最后加入cpu项目
Target[cpu]: `/opt/mrtg/mrtg.cpu`
MaxBytes[cpu]: 100
Options[cpu]: gauge, nopercent, growright
YLegend[cpu]: CPU loading (%)
ShortLegend[cpu]: %
LegendO[cpu]: CPU us;
LegendI[cpu]: CPU sy;
Title[cpu]: CPU Loading
PageTop[cpu]:
CPU Loading
重新生成索引页面:
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
三安装WWW连接数监视[默认5分钟采集一次]
切换到超级用户:
sudo -sH
建立WWW脚本:
mkdir /opt/mrtg
vim /opt/mrtg/mrtg.www
#!/bin/bash
all=`netstat -a | grep www|awk '{print $5}'|sort | wc -l|awk '{print$1 - 1}'`
user=`netstat -a | grep www|awk '{print $5}'|cut -d":" -f1|sort| uniq |wc -l | awk '{print $1 - 1}'`
if [ "$all" = "-1" ]; then
echo 0
else
echo $all
fi
if [ "$user" = "-1" ]; then
echo 0
else
echo $user
fi
UPtime=`/usr/bin/uptime | awk '{print $3 " " $4 " " $5}'`
echo $UPtime
hostname
使脚本可以执行:
chmod +755 /opt/mrtg/mrtg.www
修改 /etc/mrtg.cfg 在文件最后加入www项目
Target[www]: `/opt/mrtg/mrtg.www`
MaxBytes[www]: 500
Options[www]: nopercent, growright
YLegend[www]: Online Users
ShortLegend[www]: %
LegendI[www]: Connect :
LegendO[www]: Online :
Title[www]: WWW Connect
PageTop[www]:
WWW Connect
重新生成索引页面:
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
访问:
http://localhost/mrtg/
四安装内存使用监视[默认5分钟采集一次]
切换到超级用户:
sudo -sH
建立RAM脚本:
mkdir /opt/mrtg
vim /opt/mrtg/mrtg.ram
#!/bin/bash
# run this script to check the mem usage.
totalmem=`/usr/bin/free |grep Mem |awk '{print $2}'`
usedmem=`/usr/bin/free |grep Mem |awk '{print $3}'`
UPtime=`/usr/bin/uptime | awk '{print $3""$4""$5}'`
echo $totalmem
echo $usedmem
echo $UPtime
hostname
使脚本可以执行:
chmod +755 /opt/mrtg/mrtg.ram
修改 /etc/mrtg.cfg 在文件最后加入ram项目
Target[ram]: `/opt/mrtg/mrtg.ram`
#Unscaled[ram]: dwym
MaxBytes[ram]: 2048000
Title[ram]:Memory
ShortLegend[ram]: &
kmg[ram]:kB,MB
kilo[ram]:1024
YLegend[ram]: Memory Usage :
Legend1[ram]: Total Memory :
Legend2[ram]: Used Memory :
LegendI[ram]: Total Memory :
LegendO[ram]: Used Memory :
Options[ram]: growright,gauge,nopercent
PageTop[ram]:
Memory
重新生成索引页面:
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
访问:
http://localhost/mrtg/
五安装FTP连接数监视[默认5分钟采集一次]
切换到超级用户:
sudo -sH
建立FTP脚本:
mkdir /opt/mrtg
vim /opt/mrtg/mrtg.ftp
#!/bin/bash
all=`netstat -a | grep ftp|awk '{print $5}'|sort | wc -l|awk '{print$1 - 1}'`
user=`netstat -a | grep ftp|awk '{print $5}'|cut -d":" -f1|sort| uniq |wc -l | awk '{print $1 - 1}'`
if [ "$all" = "-1" ]; then
echo 0
else
echo $all
fi
if [ "$user" = "-1" ]; then
echo 0
else
echo $user
fi
UPtime=`/usr/bin/uptime | awk '{print $3 " " $4 " " $5}'`
echo $UPtime
hostname
使脚本可以执行:
chmod +755 /opt/mrtg/mrtg.ftp
修改 /etc/mrtg.cfg 在文件最后加入ftp项目
Target[ftp]: `/opt/mrtg/mrtg.ftp`
MaxBytes[ftp]: 500
Options[ftp]: nopercent, growright
YLegend[ftp]: Online Users
ShortLegend[ftp]: %
LegendI[ftp]: Connect :
LegendO[ftp]: Online :
Title[ftp]: FTP Connect
PageTop[ftp]:
FTP Connect
重新生成索引页面:
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
访问:
http://localhost/mrtg/
六安装CPU温度监视[默认5分钟采集一次]
切换到超级用户:
sudo -sH
安装软件:
apt-get install mbmon
建立CPU温度脚本:
mkdir /opt/mrtg
vim /opt/mrtg/mrtg.temp
#!/bin/bash
/usr/bin/mbmon -c 1 -i -T 4 -u -n
exit 0
使脚本可以执行:
chmod +755 /opt/mrtg/mrtg.temp
修改 /etc/mrtg.cfg 在文件最后加入cpu项目
Target[temp]: `/opt/mrtg/mrtg.temp`
MaxBytes[temp]: 100
Title[temp]: CPU Temperature
PageTop[temp]:
CPU Temperature
Options[temp]: gauge,absolute,unknaszero,growright
YLegend[temp]: Temperature(C)
ShortLegend[temp]: (C)
Legend1[temp]: CPU Temperature
Legend2[temp]: M/B Temperature
LegendI[temp]: CPU Temp.
LegendO[temp]: M/B Temp.
重新生成索引页面:
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
访问:
http://localhost/mrtg/
七硬盘读写监视[默认5分钟采集一次]
切换到超级用户:
sudo -sH
建立硬盘读写脚本:
mkdir /opt/mrtg
vim /opt/mrtg/mrtg.disk
#!/bin/bash
hd=sda
disk=/dev/$hd
UPtime=`/usr/bin/uptime |awk '{print $3""$4""$5}'`
KBread_sec=`iostat -x $disk|grep $hd |awk '{print 8$}'`
KBwrite_sec=`iostat -x $disk|grep $hd |awk '{print 9$}'`
echo $KBread_sec
echo $KBwrite_sec
echo $UPtime
hostname
使脚本可以执行:
chmod +755 /opt/mrtg/mrtg.disk
修改 /etc/mrtg.cfg 在文件最后加入硬盘读写
Target[disk]: `/opt/mrtg/mrtg.disk`
Title[disk]: Disk HDA I/O Utilization Report
#Unscaled[disk]: dwym
MaxBytes[disk]: 10240000
PageTop[disk]:
Disk I/O Utilization Report
kmg[disk]: KB,MB,GB
LegendI[disk]: Disk I/O KBread/sec
LegendO[disk]: Disk I/O KBwrite/sec
Legend1[disk]: Disk I/O KBread/sec
Legend2[disk]: Disk I/O KBwrite/sec
YLegend[disk]: Megabytes
ShortLegend[disk]: &
Options[disk]: growright,gauge,nopercent
重新生成索引页面:
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
访问:
http://localhost/mrtg/
八:磁盘使用
切换到超级用户:
sudo -sH
建立磁盘使用脚本:
mkdir /opt/mrtg
vim /opt/mrtg/mrtg.df
#!/usr/bin/perl
foreach $filesystem (`df -kl | grep -v "Filesystem"`)
{
@df = split(/\s+/,$filesystem);
$total += $df[1];
$usage += $df[2];
}
print "$total\n";
print "$usage\n";
hostname
使脚本可以执行:
chmod +755 /opt/mrtg/mrtg.df
修改 /etc/mrtg.cfg 在文件最后加入
Target[disk]: `/opt/mrtg/mrtg.df`
Title[disk]: Disk Space
Unscaled[disk]: dwym
MaxBytes[disk]: 465247550
kmg[disk]: KB,MB,GB
LegendI[disk]: Total Disk Space
LegendO[disk]: Used Disk Space
Legend1[disk]: Total Disk Space
Legend2[disk]: Used Disk Space
YLegend[disk]: Megabytes
ShortLegend[disk]: &
Options[disk]: growright,nopercent
PageTop[disk]:
Disk Space
重新生成索引页面:
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
访问:
http://localhost/mrtg/
九:交换分区
切换到超级用户:
sudo -sH
建立交换分区脚本:
mkdir /opt/mrtg
vim /opt/mrtg/mrtg.swap
#!/bin/bash
# This script to monitor the swap usage.
totalswap=`/usr/bin/free |grep Swap |awk '{print $2}'`
usedswap=`/usr/bin/free |grep Swap |awk '{print $3}'`
echo "$totalswap"
echo "$usedswap"
使脚本可以执行:
chmod +755 /opt/mrtg/mrtg.swap
修改 /etc/mrtg.cfg 在文件最后加入
Target[swap]: `/opt/mrtg/mrtg.swap`
MaxBytes[swap]: 2048000
Title[swap]:Memory State of Server
ShortLegend[swap]: &
kmg[swap]:kB,MB
kilo[swap]:1024
YLegend[swap]: Swap Usage
Legend1[swap]: Total Swap
Legend2[swap]: Used Swap
LegendI[swap]: Total Swap
LegendO[swap]: Used Swap
Options[swap]: growright,gauge,nopercent
PageTop[swap]:
Swap
重新生成索引页面:
indexmaker /etc/mrtg.cfg > /var/www/mrtg/index.html
访问:
http://localhost/mrtg/
汉化就是在conf文件里加一个language=chinese或者其它的什么吧,在windows里是这样的,linux下没试过
2008年11月19日星期三
Set up Domino Directroy
The following information is stored on the primary Domino server
Person
Group
Mail-in Database
Resource
Any custom documents you add
Domino Configuration
The configuration server only stores the Domino Configuration information
Change a configuration Directory to a primary Domino directory
DA->Files->open Names.nsf->File->Replication->Options for this application->Space Savers->Select "All Fields" on Include field->Deselect "Documents that meet a selection formula"->OK->make replicate with Domino server.
Restart Domino server
Change a primary Domino to a configuration Directory
DA->Files->open Names.nsf->File->Replication->Options for this application->Space Savers->Select "Configureation Document only" on Include field->Deselect "Documents that meet a selection formula"->OK->make replicate with Domino server.
Note
You can't change the user register server to a configuration server .
Prevent use a Domino Directory as a remote primary
DA->Configuration->server->Current server->Basic->Deselect "Allow this directory to be used as a remote primary directory for other servers"->Save & close
Use Administrator field to control access to individual document
DA->Files->Open names.nsf->open the document which you want to control->Administrator (In the Administrator field, enter the namesof individual administrator or the name of a group of administrators who can edit this document)->Save & Close
Categorize a user by corporatre hierarchy
DA->People & Groups->Select people->edit Person document->Work/Home->Below Hirarchy1, enter categories in the "Leve 0" field by which to sort the user's name (You can add 7 level at most)->Save & Close
Customize the Directory profile
DA->File->open Names.nsf->Action->Edit Directory profile
Change the proper field which you need.
[Domain defined by this Domino Directory
The name of the Domino domain for this directory. Domino completes this field automatically as part of first server setup.
Condensed server directory catalog for domain
The file name for a condensed Directory Catalog used by servers in the domain. As an alternative to using this field, you can specify the file names for individual condensed Directory Catalogs in the ″Directory catalog database name on this server″ field in the Basics section of Server documents. Setting up a directory catalog is optional.
Sort all new groups by default
Choose one:
v Yes to display the members of a new group in alphabetical order.
v No (default) to display members of a group in the order in which you add them. If you select No, you can still override this option and alphabetize members of a specific group.
Use more secure Internet Passwords
Choose one:
v Yes (default) to use strong encryption for Internet passwords.
v No to use less secure encryption available with previous releases of Domino.
Allow the creation of Alternate Language Information documents
Choose one:
v Yes (default) to allow you to create Alternate Language Information documents that enable LDAP clients to search for user information in an alternate language.
v No to prevent the creation of Alternate Language Information documents.
List of administrators who are allowed to create Cross Domain Configuration documents in the Administration Process Requests database
Enter the names of users who can create Cross Domain Configuration documents to allow the Administration Process to submit requests between Domino domains. Scheduling replication of the Domino]
Person
Group
Mail-in Database
Resource
Any custom documents you add
Domino Configuration
The configuration server only stores the Domino Configuration information
Change a configuration Directory to a primary Domino directory
DA->Files->open Names.nsf->File->Replication->Options for this application->Space Savers->Select "All Fields" on Include field->Deselect "Documents that meet a selection formula"->OK->make replicate with Domino server.
Restart Domino server
Change a primary Domino to a configuration Directory
DA->Files->open Names.nsf->File->Replication->Options for this application->Space Savers->Select "Configureation Document only" on Include field->Deselect "Documents that meet a selection formula"->OK->make replicate with Domino server.
Note
You can't change the user register server to a configuration server .
Prevent use a Domino Directory as a remote primary
DA->Configuration->server->Current server->Basic->Deselect "Allow this directory to be used as a remote primary directory for other servers"->Save & close
Use Administrator field to control access to individual document
DA->Files->Open names.nsf->open the document which you want to control->Administrator (In the Administrator field, enter the namesof individual administrator or the name of a group of administrators who can edit this document)->Save & Close
Categorize a user by corporatre hierarchy
DA->People & Groups->Select people->edit Person document->Work/Home->Below Hirarchy1, enter categories in the "Leve 0" field by which to sort the user's name (You can add 7 level at most)->Save & Close
Customize the Directory profile
DA->File->open Names.nsf->Action->Edit Directory profile
Change the proper field which you need.
[Domain defined by this Domino Directory
The name of the Domino domain for this directory. Domino completes this field automatically as part of first server setup.
Condensed server directory catalog for domain
The file name for a condensed Directory Catalog used by servers in the domain. As an alternative to using this field, you can specify the file names for individual condensed Directory Catalogs in the ″Directory catalog database name on this server″ field in the Basics section of Server documents. Setting up a directory catalog is optional.
Sort all new groups by default
Choose one:
v Yes to display the members of a new group in alphabetical order.
v No (default) to display members of a group in the order in which you add them. If you select No, you can still override this option and alphabetize members of a specific group.
Use more secure Internet Passwords
Choose one:
v Yes (default) to use strong encryption for Internet passwords.
v No to use less secure encryption available with previous releases of Domino.
Allow the creation of Alternate Language Information documents
Choose one:
v Yes (default) to allow you to create Alternate Language Information documents that enable LDAP clients to search for user information in an alternate language.
v No to prevent the creation of Alternate Language Information documents.
List of administrators who are allowed to create Cross Domain Configuration documents in the Administration Process Requests database
Enter the names of users who can create Cross Domain Configuration documents to allow the Administration Process to submit requests between Domino domains. Scheduling replication of the Domino]
2008年11月10日星期一
Set up the Administration Process
Automates tasks of Administration Process
Name management tasks:
Such as rename person/group, delete person/group/server name, re certify users, and store Internet certificate.
Mail file management tasks:
Such as delete mail file and move mail file.
Server document-management tasks:
Such as store CPU count, Store platform, and place network protocol information in server document.
Roaming user management:
Such as roaming user setup, move roaming users to other servers, upgrade a nonroaming user to roaming status, and downgrade roaming user to nonroaming users
User mail file management tasks:
Such as performing ACL changes and enabling agents.For example, the "Out of Office" agent is enabled and disabled by Notes client users.
Person document management tasks:
Such as storing the user's Notes version and client platform information.
Replica management tasks:
Such as create replica, move replica, or delete all replicas of a database.
Control the size of Administration requests database
DA->File->Select admin4.nsf->right click->Properties->Replication settings->Space saver->
Modify the "Remove document not modified in the last # days" (The default value is 7 days)
Suspend administration request process
DA->Configuration->All Server Documents->Select server->Server task->Administration Process
Suspend admin Process at:
Enter the time of administration requests stops
Restart Admin process at:
Enter the time of administration requests starts
click Save and Close
Force an administration process request to run:
Tell adminp process new/Tell adminp p ne
(Processes request schedule as immediate or interval)
Tell adminp process immediate/ Tell adminp p im
(Processes request schedule as immediate )
Tell adminp process interval / Tell adminp p in
(Processes request schedule as interval)
Tell adminp process daily/ Tell adminp p da
(Processes request schedule as daily)
Tell adminp process delayed/ Tell adminp p de
(Processes request schedule as delayed)
Tell adminp process mail policy/ Tell adminp p ma
(Applies mail policy to affected user's mail file)
Check errors of ADMIN4.NSF
DA->Server->Analyses->Administration requests->All errors by date/All errors by server
Delete errors: "Remove from view"
Reprocess error requests: "Reprocess Select Requests"
Schedule Administration Process requests:
DA->Configuration->All Server Documents->Select server->Server task->Administration
Fill the proper fields
Maximum number of threads:
[Default is 3. You must restart adminp if you have changed the number]
Interval
[The number of minutes that pass between the processing of name-management requests -- rename, delete, and recertify. The default is 60 minutes.]
Execute once a day requests at
[The time when updates to Person documents occur and ″Rename person in unread lists″ requests run. The default is 12 AM.]
Interval between purging mail file and deleting when using object store
[The number of days that pass between running the Object Collect task against a mail file that uses shared mail and deleting the mail file. The default is 14 days.]
Start executing on
[The day on which Updates to Authors and Readers fields in a database and discovery of shared and private design elements for a deleted person occur. The default is Sunday. ]
Start executing at
[The time when the updates to Authors and Readers fields in a database and discovery of shared and private design elements for a deleted person occur. The default is 12 AM.]
Mail file moves expire after
[The number of days during which the Notes client will update mail-related changes. The default is 21 days. Valid values are 7 to 60, inclusive.]
Store Admin Process log entries when status of no change is recorded
[Logs a ″No change″ status entry in the Administration Process log each time a database is scanned to determine whether an administration request requires a change to that database and no change is made. The default is No. Keeping this field set to ″No″ may greatly reduce the size of the Administration Request database.
For more information controlling the size of the Administration Requests database, see the topic ″Controlling the size of the Administration Requests database.″]
Suspend Admin Process at
[(Optional) Time when the Administration Process stops processing requests. To conserve server resources, suspend the Administration Process during peak computer hours.
For more information on suspending the Administration Process, see the topic ″Suspending administration request processing.″]
Restart Admin Process at
[(Optional) Time when the Administration Process starts processing requests again. To conserve server resources, set the Administration Process to restart during non-peak computer usage hours. For more information on suspending the Administration Process, see the topic ″Suspending administration request processing.″]
Add/remove administration server /person:
DA->open "names.nsf"->File->Application->Access control->Extended Access ->Select user /server ->In the Access field , in the allow column, click Administer
Remove
DA->open "names.nsf"->File->Application->Access control->select user/server->Remove
Name management tasks:
Such as rename person/group, delete person/group/server name, re certify users, and store Internet certificate.
Mail file management tasks:
Such as delete mail file and move mail file.
Server document-management tasks:
Such as store CPU count, Store platform, and place network protocol information in server document.
Roaming user management:
Such as roaming user setup, move roaming users to other servers, upgrade a nonroaming user to roaming status, and downgrade roaming user to nonroaming users
User mail file management tasks:
Such as performing ACL changes and enabling agents.For example, the "Out of Office" agent is enabled and disabled by Notes client users.
Person document management tasks:
Such as storing the user's Notes version and client platform information.
Replica management tasks:
Such as create replica, move replica, or delete all replicas of a database.
Control the size of Administration requests database
DA->File->Select admin4.nsf->right click->Properties->Replication settings->Space saver->
Modify the "Remove document not modified in the last # days" (The default value is 7 days)
Suspend administration request process
DA->Configuration->All Server Documents->Select server->Server task->Administration Process
Suspend admin Process at:
Enter the time of administration requests stops
Restart Admin process at:
Enter the time of administration requests starts
click Save and Close
Force an administration process request to run:
Tell adminp process new/Tell adminp p ne
(Processes request schedule as immediate or interval)
Tell adminp process immediate/ Tell adminp p im
(Processes request schedule as immediate )
Tell adminp process interval / Tell adminp p in
(Processes request schedule as interval)
Tell adminp process daily/ Tell adminp p da
(Processes request schedule as daily)
Tell adminp process delayed/ Tell adminp p de
(Processes request schedule as delayed)
Tell adminp process mail policy/ Tell adminp p ma
(Applies mail policy to affected user's mail file)
Check errors of ADMIN4.NSF
DA->Server->Analyses->Administration requests->All errors by date/All errors by server
Delete errors: "Remove from view"
Reprocess error requests: "Reprocess Select Requests"
Schedule Administration Process requests:
DA->Configuration->All Server Documents->Select server->Server task->Administration
Fill the proper fields
Maximum number of threads:
[Default is 3. You must restart adminp if you have changed the number]
Interval
[The number of minutes that pass between the processing of name-management requests -- rename, delete, and recertify. The default is 60 minutes.]
Execute once a day requests at
[The time when updates to Person documents occur and ″Rename person in unread lists″ requests run. The default is 12 AM.]
Interval between purging mail file and deleting when using object store
[The number of days that pass between running the Object Collect task against a mail file that uses shared mail and deleting the mail file. The default is 14 days.]
Start executing on
[The day on which Updates to Authors and Readers fields in a database and discovery of shared and private design elements for a deleted person occur. The default is Sunday. ]
Start executing at
[The time when the updates to Authors and Readers fields in a database and discovery of shared and private design elements for a deleted person occur. The default is 12 AM.]
Mail file moves expire after
[The number of days during which the Notes client will update mail-related changes. The default is 21 days. Valid values are 7 to 60, inclusive.]
Store Admin Process log entries when status of no change is recorded
[Logs a ″No change″ status entry in the Administration Process log each time a database is scanned to determine whether an administration request requires a change to that database and no change is made. The default is No. Keeping this field set to ″No″ may greatly reduce the size of the Administration Request database.
For more information controlling the size of the Administration Requests database, see the topic ″Controlling the size of the Administration Requests database.″]
Suspend Admin Process at
[(Optional) Time when the Administration Process stops processing requests. To conserve server resources, suspend the Administration Process during peak computer hours.
For more information on suspending the Administration Process, see the topic ″Suspending administration request processing.″]
Restart Admin Process at
[(Optional) Time when the Administration Process starts processing requests again. To conserve server resources, set the Administration Process to restart during non-peak computer usage hours. For more information on suspending the Administration Process, see the topic ″Suspending administration request processing.″]
Add/remove administration server /person:
DA->open "names.nsf"->File->Application->Access control->Extended Access ->Select user /server ->In the Access field , in the allow column, click Administer
Remove
DA->open "names.nsf"->File->Application->Access control->select user/server->Remove
2008年11月7日星期五
用花生壳建立多个邮件域收发邮件实例
用花生壳建立多个邮件域收发邮件实例
1)建立两个Domino域
一个建立在可以连接到internet得主机上可以作为gateway服务器使用。此Domino服务器为
Name: D1
Domain: AAA.net
IP: 192.168.1.2
第二个服务器可以建立在内网任何可以连接到D1的地方. 此服务器为
Name: D2
Domain:BBB.cc
IP:192.168.30
2)D1与D2进行交叉认证
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2点击右边屏幕"工具"--"验证字"--"交叉验证"
3选择您自己的cert.id或server.id,输入其口令
4选择被验证的对方的cert.id或server.id,点击按钮"交叉验证"
5 把D2的names.nsf 复制到 D1的data目录下改名为d2-names.nsf
6 在notes.ini中添加Names=names.nsf,D2-names.nsf
3)建立两个连接 (Domino Administrator->Messaging->Connection)
D2->D1
D1->D2
把上面连接文档的源和目的进行交换
把relpication/Router下的replication task禁用
4)在D1和D2上分别建立 adjacent 域(Domino Administrator->Messaging->Domain)
D1->D2
D2->D1
5)在D1建立global Domino (Domino Administrator->Messaging->Domain)
1 建立 AAA.net
2 建立 BBB.cc
操作如上图把AAA.net改为BBB.cc就可以了.
6)在D2上设置relay host 为192.168.1.2
Domino Administrator->Configuration->server->Configurations->select server->Basic->
"relay host for messages leaving the local internet domain"
在D1上设置允许外部邮件通过该主机
Domino Administrator->Configuration->server->Configurations->select server->Restrictions & controls ->SMTP inbound Controls->"Allow messages only from the following the ineternet hosts to be sent to external internet Domain"
设置为192.168.1.30
7)
在花生壳的主页http://www.oray.net/注册一个花生壳护照;
申请两个域名AAA.net 和 BBB.cc
激活域名
在D1安装并启用一个花生壳客户端,比如花生壳2008;
这样就可以同过D1向外发送和接收邮件了
邮件地址分别为
user@AAA.net (D1所在的域)
user@BBB.cc (D2所在的域)
2008年11月5日星期三
如何为大量用户定制自动安装并配置Lotus Notes客户端的方法(转自lotusfans)
作为优秀的群件系统,Lotus Notes在国内有着很广泛的应用。但是对Notes初学者来说,安装和配置它并不是一件简单的事情,特别是在企业内部,如果有很多用户需要安装它,那将是一件很棘手的事情。本文就提供一种为大量用户定制安装并配置Lotus Notes客户端的方法。
一、生成通用的客户端配置文件
虽然Lotus Notes的客户端需要定制安装和配置,但是其中的大部分配置信息是通用的,比如连接方式、指定连接的服务器等。因此我们可以生成一个基本配置,然后在其基础上根据不同用户稍加改动进行定制。我们可以选择一台标准配置的终端进行安装配置(选择企业内部普遍使用的机型和操作系统,这里要求企业内部的电脑配置要一致,最好是一样的)。
安装单个Notes客户端,作为一个Notes管理员应该不是问题,这里不作详细说明。缺省情况下启动后你看到的Notes工作界面有点杂乱无章:很多个工作台标签、在第一个工作台上排列着很多个数据库图标,可是实际情况可能是这样的,我们基于Lotus Notes开发办公系统专门为用户设计了新的界面(比如以某个数据库的导航器作为应用的主导航器),将各种功能进行了新的包装,并不需要用户去直接访问那些“个人邮箱”和“通讯录”等数据库。于是我们可以作如下一些设置:设置运行后直接进入某个数据库的导航器;安排工作台页面;为新邮件到来作提示等等很多个性化的设置(想象一下,如果这些都要手把手的教给每一个最终用户自己去配置,那是一件多么繁琐的事情)。所有这些,我们通过管理员事先的一次标准化配置,都记录在相应的配置文件当中。
最终我们将得到的三个有用的配置文件是,在/notes/data/目录下的:
desktop.dsk
names.nsf
以及在C:/windows目录下的:
notes.ini
有了这三个文件,为其他用户的安装配置就方便多了。当然,我们可以根据需要生成几套不同的配置文件,以针对不同部门或级别的用户安装。当然,个别信息需要针对每个不同的用户来配置,但至少这已经帮助我们减少了很多工作。
二、自动响应安装
实际上Lotus Notes提供税沧翱突Ф说淖远δ埽ㄏ昙镏K幸桓鲎远沧拔募篒NSTNOT.RSP,你可以在它的安装盘目录中找到。该文件中主要内容如下。(每个参数的含义都有英文说明,下文添加了一些中文注释以利表述)
[User Registration]
; 这一段参数用于指定最终用户的基本信息
UserName = AnyUser
CompanyName = MyCompany
[General Information]
; 这一段参数用于指定安装的类型和最终生成的程序组名称
InstallType = 1
ProgramGroup = 某企业办公系统
StartmenuFolder = 某企业办公系统
[NOT]
; 这一段参数用于指定Notes的目录信息,本示例中的参数均指定安装在C盘。
BASEDIR = c:\lotus
NOTDIR = c:\Notes
NOTWORKDIR = c:\Notes\Data
SizeOfInstall = 3
[CustomizeNOT]
; 这一段参数是当前面的SizeOfInstall = 3,即选择自定义安装类型后的具体描述
NOTESPROGRAM = 1
NOTESINTLDIC = 0
NOTESPDATA = 1
NOTESTEMPLATE = 0
NOTESDOCUMENT = 0
NOTESHELP = 0
NOTESHELPLITE = 0
NOTESVIEWER = 0
NOTESBROWSER = 0
NOTESBROWSERSUPPORT = 0
我们可以把这个文件作一个备份,然后根据需求定制它,还可以根据企业中的不同用户群定制多个响应文件以自动完成不同种类的安装配置,分别把它们命名为INSTNOT1.RSP 、INSTNOT2.RSP等,如何使用这些定制好的文件呢,它的注释已经说的很清楚了:
\install.exe /A
实际上在Notes安装目录中还有一个更为具体的定制安装文件,例如指定不安装某个模板文件,或者增加一个新的模板文件。这个文件就是 NOTNODE.INF,它需要和安装目录的另一个文件Install.lst配合使用。这两个文件的使用方法本文不作具体描述,详见该文件内容以及联机帮助“为共享安装而定制安装文件”部分。
最后还需注意的是,把安装目录中的许可文件License.txt改名,这样,在安装开始的时候就不会出现许可协议的提示了。
三、批量生成用户标识符
通常情况下管理员可以用“分别注册新用户”方式为某个用户生成标识符,但是当需要生成大量用户标识符时,这可不是一件轻松的事情。好在 Notes依然为我们提供了批量生成的方法。我们可以使用文本编辑器创建一个文本文件register.txt,包含用于每个用户的下列格式的标识符信息,一个用户一行:
Lastname;Firstname;MiddleInitial;organizational unit; password;IDfiledirectory;IDfilename; homeservername;mailfiledirectory;mailfilename;location;comment;forwarding address;profile name;local administrator
于是,我们可以为一个用户作如下注册定义:
张三;;;信息处;password;c:/notes/data/userid;zhangsan.id;domino/Harbin;;zhangsan.nsf;办公室;;;用户配置简要表1;
文件注册的方法是,从管理面板上,单击“个人”图标并选择“从文件注册”。详情可以参阅联机帮助Domino管理帮助部分的“从文本文件注册一组用户”一节。需要注意的是,在每个用户的注册信息中不要有换行符和回车符的存在。用户标识符生成以后,以适当的途径分发给每个用户。
四、一个简单的自动安装配置程序的实例
有了以上的准备,我们就可以利用各种编程手段(如VB)方便快速的制作一个自动安装配置程序。下面给出一个用DOS批处理命令写的简单的安装程序,旨在阐明具体思路。
假定满足以下条件:用户均在一个企业内部网中,Lotus Notes的安装程序已经放在一台FTP服务器的Notes目录下,该目录中同时包含有前面事先生成的三个配置文件。所有用户都有权访问该服务器。每个用户的标识符user.id均已发到手中。
程序清单如下:
@ECHO OFF
PATH C:\;C:\WINDOWS;C:\WINDOWS\COMMAND;%PATH%
CLS
ECHO ********************************
ECHO 帮助者办公软件安装程序(http://www.oshelper.com/)
ECHO ********************************
ECHO.
ECHO 1. 本安装程序适用于WINDOWS95或98,如果是NT请与管理员联系;
ECHO 2. 软件安装于C盘,需40M空间,安装过程还需暂时占用45M空间。
ECHO.
CHOICE " 如果满足以上条件并且您同意安装在C:盘,请按Y键,否则按 N键:"
IF ERRORLEVEL 1 GOTO NEXT1
GOTO QUIT
:NEXT1
ECHO 创建临时文件夹
MD MYTEMP>NUL
CD MYTEMP>NUL
ECHO anonymous>setup.dat
ECHO aa@bb>>setup.dat
ECHO user anonymous>>setup.dat
ECHO aa@bb>>setup.dat
ECHO cd notes>>setup.dat
ECHO prompt>>setup.dat
ECHO binary>>setup.dat
ECHO mget *.*>>setup.dat
ECHO quit>>setup.dat
ECHO.
ECHO 开始下载安装文件,需要约*分钟时间,如果出错会有提示,请耐心等待....
FTP -v -s:setup.dat ftpserver>NUL
IF NOT EXIST INSTALL.EXE GOTO END1
ECHO.
ECHO 开始安装,请稍候....
INSTALL.EXE /A INSTNOT.RSP
OOP
ECHO.
CHOICE /C:Y " 注意:安装程序没有完成请不要干预!!! 完成后按 Y键:"
IF ERRORLEVEL 1 GOTO NEXT2
GOTO LOOP
:NEXT2
SET ERRORLEVEL = 0
REM 此处为用户进行缺省配置
COPY NAMES.NSF C:\NOTES\DATA\NAMES.NSF>NUL
COPY DESKTOP.DSK C:\NOTES\DATA\DESKTOP.DSK>NUL
COPY NOTES.INI C:\WINDOWS\NOTES.INI>NUL
REM 如果当前执行批处理命令的目录下有用户标识符文件
REM 则将用户标识符文件拷贝到用户数据目录下
IF EXIST ..\*.ID COPY ..\*.ID C:\NOTES\DATA>NUL
IF ERRORLEVEL 1 GOTO END2
ECHO.
ECHO 安装成功!
GOTO END
:END1
ECHO.
ECHO 网络没有连通,下载安装文件失败,请与管理员联系。
GOTO END
:END2
ECHO.
ECHO 安装已完成,但初始化配置失败,请与管理员联系。
:END
ECHO.
IF NOT EXIST ..\MYTEMP\*.* GOTO QUIT
ECHO 删除临时文件夹
ECHO Y|DEL *.*>NUL
CD ..
RD MYTEMP
UIT
ECHO.
ECHO 结束!
通过以上安装程序,用户不必进行任何干预,喝杯咖啡的功夫,打开的工作台界面就等着他操作了。
一、生成通用的客户端配置文件
虽然Lotus Notes的客户端需要定制安装和配置,但是其中的大部分配置信息是通用的,比如连接方式、指定连接的服务器等。因此我们可以生成一个基本配置,然后在其基础上根据不同用户稍加改动进行定制。我们可以选择一台标准配置的终端进行安装配置(选择企业内部普遍使用的机型和操作系统,这里要求企业内部的电脑配置要一致,最好是一样的)。
安装单个Notes客户端,作为一个Notes管理员应该不是问题,这里不作详细说明。缺省情况下启动后你看到的Notes工作界面有点杂乱无章:很多个工作台标签、在第一个工作台上排列着很多个数据库图标,可是实际情况可能是这样的,我们基于Lotus Notes开发办公系统专门为用户设计了新的界面(比如以某个数据库的导航器作为应用的主导航器),将各种功能进行了新的包装,并不需要用户去直接访问那些“个人邮箱”和“通讯录”等数据库。于是我们可以作如下一些设置:设置运行后直接进入某个数据库的导航器;安排工作台页面;为新邮件到来作提示等等很多个性化的设置(想象一下,如果这些都要手把手的教给每一个最终用户自己去配置,那是一件多么繁琐的事情)。所有这些,我们通过管理员事先的一次标准化配置,都记录在相应的配置文件当中。
最终我们将得到的三个有用的配置文件是,在/notes/data/目录下的:
desktop.dsk
names.nsf
以及在C:/windows目录下的:
notes.ini
有了这三个文件,为其他用户的安装配置就方便多了。当然,我们可以根据需要生成几套不同的配置文件,以针对不同部门或级别的用户安装。当然,个别信息需要针对每个不同的用户来配置,但至少这已经帮助我们减少了很多工作。
二、自动响应安装
实际上Lotus Notes提供税沧翱突Ф说淖远δ埽ㄏ昙镏K幸桓鲎远沧拔募篒NSTNOT.RSP,你可以在它的安装盘目录中找到。该文件中主要内容如下。(每个参数的含义都有英文说明,下文添加了一些中文注释以利表述)
[User Registration]
; 这一段参数用于指定最终用户的基本信息
UserName = AnyUser
CompanyName = MyCompany
[General Information]
; 这一段参数用于指定安装的类型和最终生成的程序组名称
InstallType = 1
ProgramGroup = 某企业办公系统
StartmenuFolder = 某企业办公系统
[NOT]
; 这一段参数用于指定Notes的目录信息,本示例中的参数均指定安装在C盘。
BASEDIR = c:\lotus
NOTDIR = c:\Notes
NOTWORKDIR = c:\Notes\Data
SizeOfInstall = 3
[CustomizeNOT]
; 这一段参数是当前面的SizeOfInstall = 3,即选择自定义安装类型后的具体描述
NOTESPROGRAM = 1
NOTESINTLDIC = 0
NOTESPDATA = 1
NOTESTEMPLATE = 0
NOTESDOCUMENT = 0
NOTESHELP = 0
NOTESHELPLITE = 0
NOTESVIEWER = 0
NOTESBROWSER = 0
NOTESBROWSERSUPPORT = 0
我们可以把这个文件作一个备份,然后根据需求定制它,还可以根据企业中的不同用户群定制多个响应文件以自动完成不同种类的安装配置,分别把它们命名为INSTNOT1.RSP 、INSTNOT2.RSP等,如何使用这些定制好的文件呢,它的注释已经说的很清楚了:
\install.exe /A
实际上在Notes安装目录中还有一个更为具体的定制安装文件,例如指定不安装某个模板文件,或者增加一个新的模板文件。这个文件就是 NOTNODE.INF,它需要和安装目录的另一个文件Install.lst配合使用。这两个文件的使用方法本文不作具体描述,详见该文件内容以及联机帮助“为共享安装而定制安装文件”部分。
最后还需注意的是,把安装目录中的许可文件License.txt改名,这样,在安装开始的时候就不会出现许可协议的提示了。
三、批量生成用户标识符
通常情况下管理员可以用“分别注册新用户”方式为某个用户生成标识符,但是当需要生成大量用户标识符时,这可不是一件轻松的事情。好在 Notes依然为我们提供了批量生成的方法。我们可以使用文本编辑器创建一个文本文件register.txt,包含用于每个用户的下列格式的标识符信息,一个用户一行:
Lastname;Firstname;MiddleInitial;organizational unit; password;IDfiledirectory;IDfilename; homeservername;mailfiledirectory;mailfilename;location;comment;forwarding address;profile name;local administrator
于是,我们可以为一个用户作如下注册定义:
张三;;;信息处;password;c:/notes/data/userid;zhangsan.id;domino/Harbin;;zhangsan.nsf;办公室;;;用户配置简要表1;
文件注册的方法是,从管理面板上,单击“个人”图标并选择“从文件注册”。详情可以参阅联机帮助Domino管理帮助部分的“从文本文件注册一组用户”一节。需要注意的是,在每个用户的注册信息中不要有换行符和回车符的存在。用户标识符生成以后,以适当的途径分发给每个用户。
四、一个简单的自动安装配置程序的实例
有了以上的准备,我们就可以利用各种编程手段(如VB)方便快速的制作一个自动安装配置程序。下面给出一个用DOS批处理命令写的简单的安装程序,旨在阐明具体思路。
假定满足以下条件:用户均在一个企业内部网中,Lotus Notes的安装程序已经放在一台FTP服务器的Notes目录下,该目录中同时包含有前面事先生成的三个配置文件。所有用户都有权访问该服务器。每个用户的标识符user.id均已发到手中。
程序清单如下:
@ECHO OFF
PATH C:\;C:\WINDOWS;C:\WINDOWS\COMMAND;%PATH%
CLS
ECHO ********************************
ECHO 帮助者办公软件安装程序(http://www.oshelper.com/)
ECHO ********************************
ECHO.
ECHO 1. 本安装程序适用于WINDOWS95或98,如果是NT请与管理员联系;
ECHO 2. 软件安装于C盘,需40M空间,安装过程还需暂时占用45M空间。
ECHO.
CHOICE " 如果满足以上条件并且您同意安装在C:盘,请按Y键,否则按 N键:"
IF ERRORLEVEL 1 GOTO NEXT1
GOTO QUIT
:NEXT1
ECHO 创建临时文件夹
MD MYTEMP>NUL
CD MYTEMP>NUL
ECHO anonymous>setup.dat
ECHO aa@bb>>setup.dat
ECHO user anonymous>>setup.dat
ECHO aa@bb>>setup.dat
ECHO cd notes>>setup.dat
ECHO prompt>>setup.dat
ECHO binary>>setup.dat
ECHO mget *.*>>setup.dat
ECHO quit>>setup.dat
ECHO.
ECHO 开始下载安装文件,需要约*分钟时间,如果出错会有提示,请耐心等待....
FTP -v -s:setup.dat ftpserver>NUL
IF NOT EXIST INSTALL.EXE GOTO END1
ECHO.
ECHO 开始安装,请稍候....
INSTALL.EXE /A INSTNOT.RSP
OOPECHO.
CHOICE /C:Y " 注意:安装程序没有完成请不要干预!!! 完成后按 Y键:"
IF ERRORLEVEL 1 GOTO NEXT2
GOTO LOOP
:NEXT2
SET ERRORLEVEL = 0
REM 此处为用户进行缺省配置
COPY NAMES.NSF C:\NOTES\DATA\NAMES.NSF>NUL
COPY DESKTOP.DSK C:\NOTES\DATA\DESKTOP.DSK>NUL
COPY NOTES.INI C:\WINDOWS\NOTES.INI>NUL
REM 如果当前执行批处理命令的目录下有用户标识符文件
REM 则将用户标识符文件拷贝到用户数据目录下
IF EXIST ..\*.ID COPY ..\*.ID C:\NOTES\DATA>NUL
IF ERRORLEVEL 1 GOTO END2
ECHO.
ECHO 安装成功!
GOTO END
:END1
ECHO.
ECHO 网络没有连通,下载安装文件失败,请与管理员联系。
GOTO END
:END2
ECHO.
ECHO 安装已完成,但初始化配置失败,请与管理员联系。
:END
ECHO.
IF NOT EXIST ..\MYTEMP\*.* GOTO QUIT
ECHO 删除临时文件夹
ECHO Y|DEL *.*>NUL
CD ..
RD MYTEMP
UITECHO.
ECHO 结束!
通过以上安装程序,用户不必进行任何干预,喝杯咖啡的功夫,打开的工作台界面就等着他操作了。
2008年11月4日星期二
毗邻域建立,与互发邮件的设置
(一)交叉验证
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2点击右边屏幕"工具"--"验证字"--"交叉验证"
3选择您自己的cert.id或server.id,输入其口令
4选择被验证的对方的cert.id或server.id,点击按钮"交叉验证"
否则会出现以下错误提示:
Error connecting to server LT/mail: Server error: You are not authorized to use the server
Or
Router: Unable to open mailbox file mail.box: You are not authorized to use the server on remote server
(二)创建连接文档
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2选择"服务器"视图下的"连接"子视图,点击按钮"添加连接"
3选择连接类型,
如果是局域网,或是利用VPN或DDN组成的局域网。
连接类型选择 Local Area Connection.
需要注意的是域名
源域 (Source Domain) 一定要使你创建服务器时使用的那个域名.
否则会报 连接没有使用的错误
Router: Connection from server NL/NDM not used; Server not in local domain.
目标域的域名 一定要与 下一步建立的adjacent Domain 的名字相同.
不然邮件会在Mail.box里面形成死信.
(三)创建相邻的网络域文档
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2选择"消息"视图下的"网络域"子视图,点击按钮"添加网络域"
3网络域类型:选择"adjacent Domain"
相邻的网络域名称:输入你创建连接的 目标域的域名
4保存关闭该文档
注
所有的这些操作都是在刚刚完成的Domino服务器上执行的,并没有启用SMTP相关服务
现在你能够通过user@acme.com 这种形势相对方域用户法邮件了.
如果起用了SMTP.
则需要Domino Administrator->Configuration->Configurations->Router/SMTP->SMTP Allowed with the local internet Domain.
选择MIME message only.
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2点击右边屏幕"工具"--"验证字"--"交叉验证"
3选择您自己的cert.id或server.id,输入其口令
4选择被验证的对方的cert.id或server.id,点击按钮"交叉验证"
否则会出现以下错误提示:
Error connecting to server LT/mail: Server error: You are not authorized to use the server
Or
Router: Unable to open mailbox file mail.box: You are not authorized to use the server on remote server
(二)创建连接文档
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2选择"服务器"视图下的"连接"子视图,点击按钮"添加连接"
3选择连接类型,
如果是局域网,或是利用VPN或DDN组成的局域网。
连接类型选择 Local Area Connection.
需要注意的是域名
源域 (Source Domain) 一定要使你创建服务器时使用的那个域名.
否则会报 连接没有使用的错误
Router: Connection from server NL/NDM not used; Server not in local domain.
目标域的域名 一定要与 下一步建立的adjacent Domain 的名字相同.
不然邮件会在Mail.box里面形成死信.
(三)创建相邻的网络域文档
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2选择"消息"视图下的"网络域"子视图,点击按钮"添加网络域"
3网络域类型:选择"adjacent Domain"
相邻的网络域名称:输入你创建连接的 目标域的域名
4保存关闭该文档
注
所有的这些操作都是在刚刚完成的Domino服务器上执行的,并没有启用SMTP相关服务
现在你能够通过user@acme.com 这种形势相对方域用户法邮件了.
如果起用了SMTP.
则需要Domino Administrator->Configuration->Configurations->Router/SMTP->SMTP Allowed with the local internet Domain.
选择MIME message only.
2008年11月3日星期一
个domino域的用户互发邮件的问题 (转自chinaunix.net)
如何在两台服务器之间设置复制路由和邮件路由?
两个不相关的服务器分别属于不同的组织,不同的网络域,您可以按照以下步骤来设置它们的用户互相收发邮件:
(一)交叉验证
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2点击右边屏幕"工具"--"验证字"--"交叉验证"
3选择您自己的cert.id或server.id,输入其口令
4选择被验证的对方的cert.id或server.id,点击按钮"交叉验证"
(二)创建连接文档
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2选择"服务器"视图下的"连接"子视图,点击按钮"添加连接"
3选择连接类型,在原服务器和原网络域中输入您的服务器的层次结构名称和Notes网络域名称,在目的服务器和目的网络域中输入对方的服 务器的层次结构名称和Notes网络域
名称,保存关闭该文档
(三)创建相邻的网络域文档
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2选择"消息"视图下的"网络域"子视图,点击按钮"添加网络域"
3网络域类型:选择"相邻的网络域"
相邻的网络域名称:输入对方的Notes网络域名称
4保存关闭该文档
(四)创建层叠的通信录
1将对方的通信录数据库在自己的服务器上创建一个复本,例如names1.nsf
2编辑服务器的notes.ini文件
names=names.nsf,names1.nsf
3重新启动服务器
注意:双方都应该完成以上四步 。
两个不相关的服务器分别属于不同的组织,不同的网络域,您可以按照以下步骤来设置它们的用户互相收发邮件:
(一)交叉验证
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2点击右边屏幕"工具"--"验证字"--"交叉验证"
3选择您自己的cert.id或server.id,输入其口令
4选择被验证的对方的cert.id或server.id,点击按钮"交叉验证"
(二)创建连接文档
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2选择"服务器"视图下的"连接"子视图,点击按钮"添加连接"
3选择连接类型,在原服务器和原网络域中输入您的服务器的层次结构名称和Notes网络域名称,在目的服务器和目的网络域中输入对方的服 务器的层次结构名称和Notes网络域
名称,保存关闭该文档
(三)创建相邻的网络域文档
1启动Administrator软件,连接到您的服务器,点击"配置"标签.
2选择"消息"视图下的"网络域"子视图,点击按钮"添加网络域"
3网络域类型:选择"相邻的网络域"
相邻的网络域名称:输入对方的Notes网络域名称
4保存关闭该文档
(四)创建层叠的通信录
1将对方的通信录数据库在自己的服务器上创建一个复本,例如names1.nsf
2编辑服务器的notes.ini文件
names=names.nsf,names1.nsf
3重新启动服务器
注意:双方都应该完成以上四步 。
订阅:
博文 (Atom)
