More questions - AM integration, retain mailbox, GW migration tool and users with caching mailboxes

Hello,

during evaluation period of Retain in our company a couple more questions came up.

Most of these issues originate from trying to secure Retain, so I have to explain the setup first. I have modified the apache server to use our wildcard SSL certificate. All outside http connections are redirected to https. Internally, retain processes still communicate over http which is fine. The DNS hostname of the server is lets say retain.xxxxx.xx. From outside network it is accessible via mailarchive.xxxxx.xx. This is achieved with Access Manager. 

My questions:

1. Are there any instructions for opening specific Retain URL paths in OpenText Access Manager?
    Is it possible to restrict access to management side of web application from outside network?

2. Right now GW integration doesn't work when Retain URL is set to mailarchive.xxxxx.xx in the PO client options.
    Retain mobile application also can't connect to mailarchive.xxxxx.xx.

3. GW archive migration tool doesnt work over https. Is there anything I am missing or do I have to disable http->https redirection until all archives are migrated.

4. Retain needs a user on GW post office, which means it has a mailbox, which means 1 more license. Is there any way to prevent this?

5. Users with cached mailboxes cant perform external archive searches and view stubbed emails. Is this a known issue? Are there any solutions?

Thanks for potential answers,
Nik

Tags:

  • 0  

    Too many questions in one post Innocent.

    I go for one. You have to access server/RetainServer to access your retain server.

    In front of my network I use nginx. So I rewrite the link if RetainServer is missing:
    location / {
        # Fix the “It appears that your reverse proxy set up is broken" error.
        rewrite ^ /RetainServer/;
        proxy_pass http://x.x.x.x;
        proxy_read_timeout 90;
    }

    I assume you have to do a similar activity in your environment.


    Use "Verified Answers" if your problem/issue has been solved!

  • 0  

    Next one ...

    No, Retain does not need a user in my opinion. Where do you see it?

    Retain accesses GW via a trusted application feature.


    Use "Verified Answers" if your problem/issue has been solved!

  • 0  

    And finally I take the last one (5).

    As I remember you are right. Caching users cannot access external archives directly. Some time ago I had opened a case for this issue but support told me this is wad (working as designed).


    Use "Verified Answers" if your problem/issue has been solved!

  • 0 in reply to   

    I tried to find the text in the documentation, because I am sure I did not just make this up and create a user for no reason. Sadly, I cant find it again.

    As to where I see it, here is a screenshot from the RetainWorker log at the beginning of a job. Some time has passed since installation but if I remember correctly, I created the user because retain was trying to log in with the first user it found (one that started with letter "a"). When a user named "retain" exists, it will be perferred over the first user in the post office alphabetically. See the first line in the screenshot.

    And for completness, the user with a mailbox in the GW Post Office:

  • 0   in reply to 

    I cannot remember that I created an additional user for any of my Retain environments.

    Maybe you did some extra settings in GroupWise Module/SOAP/Redirection Tables ...

    Did you create a create a trusted application? And then you used this application key in your Module/Soap setting.


    Use "Verified Answers" if your problem/issue has been solved!