GfE AdminGuide Domino

Good Mobile Messaging
for IBM Lotus Domino

TM
Wireless Enterprise Messaging and Data Access System
Administrators Guide
Server Version 4.5/Client Version 4.9
Good Mobile Messaging Administrators Guide

Last revised 02/28/07
Documentation complies with Good Mobile Messaging Server version 4.5.6/Client version 4.9.3
Copyright, trademark and patent information

Good Technology, Inc. 2001-2007. All rights reserved. Good, Good Technology, the
Good logo, Good Mobile Messaging, Good Mobile Intranet, Good Mobile Defense,
Good Mobile Application Services, GoodAccess, GoodInfo, GoodLink, and Powered
by Good are trademarks of Good Technology, Inc. VeriSign(R) is a registered trademark of VeriSign, Inc. All other trademarks and service marks contained herein are the
property of their respective owners. For example, Microsoft, Windows, Windows NT,
Exchange and Outlook are trademarks of Microsoft Corporation. RIM, Research in
Motion, RIM 950, RIM 957, and BlackBerry are registered trademarks or trademarks of
Research in Motion Limited. Mobitex is a trademark of the Swedish Telecommunications Administration that may be registered in some jurisdictions. Datalight is a registered trademark of Datalight, Inc. FlashFX(tm) is a trademark of Datalight, Inc.
Cingular, Cingular Wireless, the Cingular Icon, Xpress Mail, and Xpress Mail with
GoodLink are trademarks of Cingular Wireless, LLC. All rights reserved.
Some or all of the following notices may apply to portions of the software or documentation provided by Good Technology, Inc.: Outside InWireless Export 2001 Stellent
Chicago, Inc. All rights reserved. Copyright 1993-2001 Datalight, Inc., All Rights
Reserved. U.S. Patent Office 5,860,082. Code written by John Halleck is used with his
permission. This distribution contains executables of the Netscape Security Service
(NSS) and Netscape Portable Runtime (NSPR). You may obtain the source code for
these files from www.mozilla.org, which source files are subject to the Mozilla Public
License 1.1. Part of the software embedded in this product is eCos - Embedded Configurable Operating System, a trademark of Red Hat. Portions created by Red Hat are
Copyright (C) 1998, 1999, 2000 Red Hat, Inc. (http://www.redhat.com/). All Rights
Reserved. THE SOFTWARE IN THIS PRODUCT WAS IN PART PROVIDED BY RED
HAT AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED BY RED HAT. IN NO
EVENT SHALL RED HAT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. You may obtain a copy of the source code of the eCos
Original Code from http:// www.redhat.com. You may obtain a copy of source code of
Good Technology, Inc.'s Modifications that have been publicly released in Executable
form by sending an email to support@good.com. The source code of the eCos Original
Code and Good Technology, Inc.'s Modifications are subject to the Red Hat eCos Public License Version 1.1 (copy available at http://www.redhat.com/.)
Some or all of the following notices may also apply to portions of the software or documentation provided by Good Technology, Inc: ScriptEase(tm) Javascript/ECMAScript
interpreter developed by Nombas, Inc. All Rights Reserved. This product includes
software developed by the Apache Software Foundation (http://www.apache.org).
Copyright (c) 2000-2003, The Apache Software Foundation and/or Yves Piguet. All
rights reserved. Neither the name of Yves Piguet nor the names of its contributors may
be used to endorse or promote products derived from this software without specific
prior written permission. Licensed under the Apache License, Version 2.0 (the
License); you may not use this file except in compliance with the License. You may
obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0. Unless
required by applicable law or agreed to in writing, software distributed under the
License is distributed on an AS IS BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. Copyright (c)1999-
ii
2001 Dan Adler, 315 E72 St. NY, NY, 10021 USA. mailto: danadler@rcn.com All rights
reserved. The Jetty Package is Copyright Mort Bay Consulting Pty. Ltd. (Australia) and
others. Individual files in this package may contain additional copyright notices. The
javax.servlet packages are copyright Sun Microsystems Inc. Copyright (c) 1990-2003
Sleepycat Software. All rights reserved. You may obtain a copy of the source code for
the DB software from http://www.sleepycat.com. You may obtain a copy of source
code of Good Technology, Inc.s Modifications that have been publicly released in Executable form by sending an email to support@good.com. Copyright 1996-1999 Corporation for National Research Initiatives; All Rights Reserved. Copyright (c) 19952000 by the Hypersonic SQL Group. All rights reserved. Copyright (c) 2001-2002, The
HSQL Development Group. All rights reserved. Copyright 2002 (C) Nathaniel G.
Auvil. All Rights Reserved. Copyright (c) 1998-2000 World Wide Web Consortium
(Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved. Copyright (c) 2001
MX4J. All rights reserved. Copyright 1994-2004 Sun Microsystems, Inc. All Rights
Reserved. Copyright 1999,2000 Boris Fomitchev Copyright 1994 Hewlett-Packard
Company Copyright 1996, 97 Silicon Graphics Computer Systems, Inc. Copyright 1997
Moscow Center for SPARC Technology. THIS SOFTWARE IS PROVIDED BY THE
COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Good Technology, Inc. may have patents or pending patent applications, trademarks,
copyrights or other intellectual property rights covering this subject matter. The
software and documentation do not give you any license to these patents, trademarks,
copyrights, or other intellectual property rights except as expressly provided in any
written license agreement from Good Technology, Inc. The software and
documentation may be covered by one or more patents as set forth at http://
www.rim.net/patents which have been licensed by Research in Motion, Ltd. ("RIM") to
Good. RIM is not affiliated with, nor does RIM endorse the operability of, the products
or services described herein. Such patent license should not be construed as exhausting
RIM's rights to royalties or damages or other compensation or relief or the grant of any
express or implied license: (a) in relation to customer's use of third party products
(except to the extent that use of third party email applications arises as a direct result of
the customer using Good's products or services or the customer uses a third party
wireless personal digital assistant or network carrier services in conjunction with
Good's products or services); or (b) where customer or the supplier of the wireless
personal digital assistant or wireless network services asserts any intellectual property
rights against RIM notwithstanding the terms of clause (a) above, and RIM has
exercised its right to suspend all or a portion of the licenses granted to Good.
Disclaimer
No part of this document may be reproduced or transmitted in any form or by any
means, electronic or mechanical, for any purpose, without the express written
permission of Good Technology, Inc. Information in this document is subject to
change without notice. This publication could include technical inaccuracies or
iii
typographical errors. Good Technology may make improvements or changes in the

products or the programs described in this publication at any time.
Good Technology, Inc.
4250 Burton Drive
Santa Clara, CA, 95054
Tel. (408) 327-6000 Fax (408) 327-6001
Web site: www.good.com.
Be Good. Be Safe.
Please do not use while driving or engaged in any
other activity that requires your full attention.
iv
Contents
Quick Installation
Prerequisites
Pre-installation
Installing Good Messaging
Setting Up the Handheld 7

2
Overview
11
Wireless Synchronization
12
Good Security 13
Good System Security Architecture 13
Good Secure OTA Architecture 16
Managing an Account
17
Multiple Lotus Domino and Good Messaging Servers

Installation Concepts 20
Access Control List (ACL) 21
Good Management Server and Console
Good Messaging Server 23
Handheld Setup 23
Wireless Handheld Management 24
Wireless Handheld Setup 25
Wireless Global and Individual Policy
Synchronization 26
Wireless Handheld Software Upgrades
19
21
26
v
Custom Software for Wireless Distribution

3
Pre-installation
27
29
Checking Prerequisites and System Requirements 29

Good Secure WiFi: Prerequisites and System
Requirements 33
Network Setting Requirements for WiFi Handhelds
System Requirements for WiFi Connectivity 34
4
Installation
35
Installing Good Messaging Server
36
Installing Good Management Server

Setting Up Role-Based Administration
Setting Software Download Defaults
Installing Good Management Console
5
33
Preparing New Handhelds
48
52
56
60
63
Preparing for Handheld Setup 64

Wireless Setup Preparation 64
Setting Up the Handheld
Wireless Setup 66
66
Completing the Setup Process 69

Setting Up Multiple Handhelds (OTA)
Adding Custom Software (OTA)
Interaction with Wi-Fi (PPC)
74
Managing the Handhelds
77
72
74
Updating Handheld Software Wirelessly 78

Preview of Enabled Applications Status 81
Enabled Applications Status Details 82
Generating New User PINs 84
Customizing the OTA Setup Email Message 85
vi
Maintaining Role Based Administration
88
Removing a Handheld from Good Messaging Server

Transferring a Handheld to a New User
92
93
Checking Handheld Status 94

Using the Good Monitoring Portal Dashboard 94
Checking Connection Status 96
Viewing, Exporting, and Clearing Handheld Statistics 99
Exporting User and Server Information to a File Using
gmexportstats 104
Generating (Exporting) a List of Users
108
Changing a Users Good Messaging Server, Domino Server,

or User Name 109
Changing a Users Display Name, Short Name, or Email
Address 110
Moving a Handheld User to a Different Domino
Server 110
Moving a Handheld to a Different Good Messaging
Server 111
Exchanging a Users Handheld 111
Moving the Good Messaging Database 111
Changing Global User Policies 117
Using Compliance Management Policies
Changing Individual User Policies
124
135
Changing the Good Messaging OTA Setup Software

Package 137
Changing Software Package Defaults 138
Adding and Deleting Custom Applications from the
Software Package 141
Erasing and Disabling a Handheld Wirelessly
Data Storage and Aging
Notes on Synchronization
143
147
148
vii
Managing Good Messaging Server
149
Moving Good Messaging Server to a New Host
150
Moving Good Management Server to a New Host
152
Monitoring Good Messaging Servers 152

Server Dashboard (Good Monitoring Portal) 153
Server List 156
Server Statistics 157
Using Performance Monitor 159
Server Properties 161
User List 163
Server Logging 164
IP Range Tab 167
Server Software Policy Settings 168
The Configure Connection Item
169
Stopping Good Messaging Services

Error Messages
Troubleshooting
169
170
170
Best Practices 170

Deployment 170
Redundancy 171
8
Good Messaging Utilities and Console

Commands 173
GoodLinkAddUser
174
GoodLinkDeleteUser 176
GoodLinkQueryUser 178
XML file format 179
GMMConnectivity Tool 181
Usage Scenarios 182
Notes 185
UserProfilechkTool 186
Usage Scenarios 187
viii
Notes 189
Diagnostic Log Files
190
Good Messaging Domino Console Commands
190
Using Standby Good Messaging Servers
193
How the Microsoft Clustering Service Works 193

Hardware and Software Requirements 194
Network Requirements 195
Shared Disk Requirements 195
Good Messaging Server in a Clustered Environment
196
Installing the First Clustered Node 197

Installing Domino on the First Node 198
Configuring Domino on the First Node 199
Installing Primary Good Messaging into the Cluster 201
Notes on INI and Domino Service Configuration 205
Verifying the Domino Server Functionality 206
Verifying the Good Messaging Server Functionality 207
Installing the Second Clustered Node 207
Installing and Configuring Domino on the Second
Node 207
Installing Good Messaging on the Second Node 213
Configuring the Good Messaging Database Cluster
Resource 217
Installing and Configuring the Good Messaging Cluster
Tools 220
Installing an Existing Good Messaging Service into the
Cluster 224
Upgrading the Primary Server in a Good Messaging Cluster
224
Upgrading the Standby Server in a Good Messaging
Cluster 225
Uninstalling Good Messaging Cluster Servers
Permanently 227
ix
Good Messaging Cluster Resources 228

Good Messaging Server Resource 228
Good Management Server Resource 228
Good Messaging Cache Lock Resource 228
Good Messaging Drive Resource 228
Good Messaging Group Resource 229
Domino Server Messaging Group Resource 229
"Good Messaging Database" Resource 229
10
Uninstalling Good Messaging
231
Uninstalling Good Messaging Server 231

Uninstalling Good Management Server 232
Uninstalling Good Management Console
Uninstalling SQL
Index
233
234
237
1 Quick Installation
Welcome to Good Mobile Messaging, the behind-the-firewall,

wireless corporate email and data system from Good Technology,
Inc.
Good Mobile Messaging installation is simple and straightforward.
An experienced IBM Lotus Domino administrator should be able
to complete the process in less than an hour. This chapter outlines the
process.
No special wireless knowledge is required to perform the
installation. Chapter 2 provides an overview of the Good Mobile
Messaging system. Chapters 3 through 6 provide detailed installation
instructions, should you need them.
Prerequisites
You will be installing an additional IBM Lotus Domino server in your
production Domino domain, on the machine to host the new Good
Messaging Server. Youll install this new Domino server with the
Primary Domino Directory (recommended) option. This Domino
server should have the ability to connect to other Domino servers in
your Domino domain(s); required connection documents from this
Good Messaging Domino server to the other servers must be set up.
Your production Domino servers can be installed on any operating
Quick Installation
system, but the Domino server on which Good Mobile Messaging is

to be installed must be running Microsoft Windows.
Then you will be installing:
Good Messaging Servers, which synchronize user handhelds with

their Lotus Domino accounts. One Messaging Server can handle
hundreds of users.
Good Management Servers, which provide facilities for managing

Good Mobile Messaging users and their handhelds. One Good
Management Server is required; recommended is a Good
Management Server on each Messaging Server host machine, for
redundancy.
Good Management Consoles, which provide a front-end for the

Good Management Servers. Install on as many machines as
necessary for convenient administration.
Ensure that the machines that will host Good Messaging Server,
Good Management Server, and Good Management Console, and the
machine with installed Lotus Domino server for Good Mobile
Messaging, conform to the following prerequisites.
Good Messaging Server and Good Management Server host system
requirements:
Intel Pentium IV processor, 2GHz or higher

1 GB RAM (2 GB recommended)
8GB hard drive space free for the Good Messaging Servers and
Good Management Servers
These requirements for RAM and hard drive free space are based
on 200 users. For each additional user, add 1MB memory and 5MB
free disk space.
Users
50
RAM (GB)
Hard-Drive Free Space (GB)
1*
20
Prerequisites
Users
RAM (GB)
100
20
200
20
500
1.3
21.5
750
1.55
22.75
1000
1.8
24
* Minimum
If a virtual machine session is used for Good Messaging, the free

drive space and RAM requirements also apply.
Good Messaging is an I/O intensive application; consider this fact
when deciding which other applications are to run on the same
host machine. Good Messaging supports VMware ESX Server
2.1.2, 2.5.1, and 3.0.1.
Required minimum LAN speed for the servers: 100Mbps Note:

With the Good Messaging Domino server connection to other
Domino servers in your Domino domain, the speed of the
network connection must maintain a sustained minimum rate of
at least 100Mbps. Slower network connections between the
Domino server on which Good Messaging runs and other Domino
servers will cause increased message latency.
Active Directory (Good Management Server)

Lotus Notes client must not be installed on the Good Messaging
host machines.
SMTP Service should not be enabled on the Domino instance

running on the Good Mobile Messaging Server.
Good Messaging Server, Good Management Server, and Good
Management Console requirements:
Server host machine: Windows Server 2003 Service Pack 1

Quick Installation
Good Messaging Server and Good Management Server host

machines must have Internet access. They should be able to
connect to http port 443 (secure https). To check this, use a
browser with proxy settings disabled on the host machine to
connect to a secure remote location.
If you limit outbound HTTP and HTTPS on your firewall, you
should open the outbound IP ranges 216.136.156.64/27,
198.76.161.0/24, 66.45.60.0/24, and 12.146.186.0/23 for Good
Messaging to work properly.
Do not put the Messaging Server or Good Management Server in
the DMZ zone.
The host machine should not have an MSDE or SQL server

installed on it, unless you choose to create a database on an
existing Microsoft SQL 2005 server for use with Good Mobile
Messaging. To uninstall SQL if present, refer to Uninstalling
SQL on page 234.
Lotus Domino configuration requirements:
Lotus Domino Messaging Server 6.0 or higher

Install the Domino server as a Domino Messaging server.
The Domino server on which Good Messaging runs must be
installed with the Primary Domino Directory (recommended)
option.
The Domino server on which Good Messaging Server is to be

installed should be installed as a Windows service and should be
configured to run as a Windows service and not as a regular
application
The Domino server on which Good Messaging is to be installed

should not be installed as a partitioned server. Good Messaging
does not support and cannot be installed on a partitioned Domino
server.
The Domino server on which Good Messaging runs must have

read/write access with Delete Documents privileges on every
Prerequisites
user mail file in your organization. Usually the

LocalDomainServers group has these required rights. You may
not need to alter the Access Control List as long as this Domino
server (on which Good Messaging is being installed) is listed in
the LocalDomainServers group.
If the Domino server on which Good Messaging runs does not

have any rights to the users mail files and you are setting up the
ACL, this server requires Editor access or higher (such as Designer
or Manager access) with the following rights:
Create Documents
Delete Documents
Create personal folders/views
Read Public documents
Write public documents
Good Messaging Server uses the Lotus Domino server ID while

instantiating the Lotus Domino APIs and accessing Domino mail
databases on other servers in your Domino domain(s). It is
recommended that the server ID have the Server ID property
Don't prompt for a password from other Notes-based programs
checked/enabled.
If your Domino infrastructure has multiple domains:

- The Domino server on which Good Messaging runs must have
Directory Assistance enabled for every Domino domain in
your organization.

connection documents to the Domino servers in the other
Domino domains. The Good Messaging Domino server should
be a member of LocalDomainServers group in every Domino
domain.
- The necessary Cross certification, either per-server or perorganization level, must be established between the Domino
server on which you are installing Good Messaging and the
Quick Installation
mail and directory servers in other domains to which this

Domino server connects.
Pre-installation
Note the following:
Microsoft SQL Express will be installed and configured during the

installation of your initial Good Messaging Server.
Windows Installer 3.0 is required for installation of Good

Messaging Server. Windows Server 2003 with Service Pack 1 (SP1)
includes Windows Installer 3.0.

installed on it. To uninstall SQL if present, refer to Uninstalling
SQL on page 234.
In order to install the Good Messaging Server, you must log in as a

Windows Domain user listed as a member of the Administrators
group on that machine.
We recommend that you create a new Windows account for
installing and running Good Messaging services. After creating
the Windows account, assign it "Local Administrator" privileges,
then log on as the new Windows user and proceed with the
installation. If you do not have a Windows domain, you can use a
local administrative machine account; however in this case to
administer Good Servers you will have to physically log on to this
machine and use the Good Management Console on it. To
administer the Good Servers using Good Management Console
from a remote machine, the Good Services must be run as a
Windows Domain user.

We recommend against running BlackBerryTM Enterprise Server on
the same machine as a Good Messaging Server or Good Management
Server, when both are present.
1.
Download Good Messaging software as directed by your

authorized sales representative (typically, from http://
www.good.com/download), and after unpacking it, run
setup.exe. You use this utility for the Messaging Server, Good
Management Server, Good Management Console, and Good
Messaging client software installations.
Install one or more Messaging Servers (a single Messaging Server
can handle hundreds of users). At least one Good Management
Server is required. We recommend installing a Good Management
Server on every Messaging Server machine for purposes of
redundancy. A Good Management Console is installed
automatically on the Good Management Server host machine.
2.
Run Good Management Console and optionally create roles for

use of the console on different machines. (Roles for service
administrator, administrator, and helpdesk are packaged with the
console.)
Note: When launching Good Management Console, enter the
required login credentials in the format domain\user id, not user
id@domain.
3.
Install Good Management Console on the machines where it will

be used.
4.
Set up user handhelds as described in the following section.

You set up handhelds wirelessly (Over The Air or OTA distributed deployment model). For details, refer to Preparing New
Handhelds on page 63.
Quick Installation
To set up the handheld:

1.
Confirm with your service or sales representative that the Treo or

Pocket PC is a supported device type (visit http://
www.good.com/index.php/products_platforms_devices.html
for more information. It must have an active, supported network
data service, as well as Good Messaging service. Some supported
data services may not support roaming. In such cases, Good
Messaging, like the handhelds browser, will not work outside
service areas. Visit http://www.good.com for more information.
2.
Handhelds should have the following available memory:

Palm OS
14.5MB
Pocket PC
12MB*
Smartphone
12MB
Symbian
16MB
*14 MB for Treo 700WX
Contact your authorized service representative for additional
information on memory requirements.
3.
The handheld battery should be fully charged (an error message

will be displayed if the battery is below 25%).
4.
Use Good Management Console to set up and activate user

handhelds wirelessly (Palm and PPC handhelds):
a.
Right-click the Users folder and select New User.
b.
Select the user who will be assigned the handheld.
c.
Select OTA Setup and click OK.
d.
Click OK. An email is sent to the user's Lotus Notes account.

The email contains a PIN and URL. The handheld user connects to the URL and enters the PIN and from the site, Good
downloads the OTA Setup application. OTA Setup is a wizardGood Mobile Messaging Administrators Guide
like application that leads the user through a set of steps to

authenticate the user, download and install Good Messaging
Client software, and connect to Good Messaging Server to
wirelessly synchronize the user's Lotus Notes account. You can
set policies for PIN expiration and reuse (refer to Changing
Global User Policies on page 117). You can display the PIN
and URL information at the Console by going to the Details tab
in the users Properties window (select the user in the user list,
right-click and from the menu displayed, select Properties).
You can quickly check the connection status between Good
Messaging Servers and the Good Operations Center, and between the
Servers and the handhelds they service, using the Good Monitoring
Portal located at www.good.com/gmp. Like the Good Messaging
Console, the Monitoring Portal provides information about users,
their handheld types and service carriers, and much more.
Quick Installation
10
2 Overview
Good Messaging provides mobile users with a wirelessly

synchronized connection to their company servers, so they can
instantly access up-to-date corporate email, attachments, contacts,
calendar, journal, to-dos, public folders, and critical enterprise data
when away from their desks.
Good Messagings enterprise-class solutions are now available on a
variety of handhelds. Good Messaging is a complete, encrypted wireless
system for accessing corporate messaging and data from behind the
firewall on the mobile handheld.
The Good Messaging system includes:
The Good Messaging Client, supporting a growing number of

handhelds
The Good Messaging Server, an easy-to-install enterprise-class

application allowing for elegant fleet management/global policy
control and remote security enforcement of wireless
synchronization.
The Good Management Server and Console and the Good

Monitoring Portal, used to monitor and manage users and their
handhelds.
11
Overview
Wireless Synchronization
Good Messaging Server software provides automatic
synchronization of email, calendar, contacts, journal entries, and todo entries between the users Lotus Notes account and handheld.
FIGURE 1. Synchronizing Lotus Notes account and handheld

As shown in Figure 1, Good Messaging Server software monitors the
users mail database and forwards all account activity to the users
handheld via the Operations Center and your wireless network.
Similarly, changes made at the handheld travel over the wireless
network, and are returned from the Operations Center to Lotus
Domino via Good Messaging Server. The email arrives at both the
users desktop and handheld, available to be read, filed, and
12
Good Security
answered from either location. No inbound ports need be opened in

the corporate firewall.
Good Security
A complete discussion of Goods extensive security features is
beyond the scope of this overview. For details, refer to the Good
Messaging Security White Paper.
Good security can be divided into two areas:
Good System Security architecture

Good Secure OTA architecture
Good System Security Architecture
The Good System has been specifically designed to meet the security
needs of even the largest, most security-sensitive corporations. It
provides an end-to-end system designed to protect corporate
information at all timeswhile it is being transmitted over the
wireless network and while it resides on the handheld. The Good
System combines industry security standards, such as AES and FIPS
140-2, with Goods own patent-pending security technologies.
Installation of Good applications does not require any modifications
to the customers firewall, and allows you to leverage your existing
network security infrastructure.
Network Perimeter Security
Connections from the Good Messaging Server to the Good Security
Operations Center use HTTP and are protected by the Secure Sockets
Layer (SSL). Since the connection is established in the outbound
direction, there is no need to create an inbound opening in the
corporate firewall. Most corporate security policies allow this type of
traffic through port 443 without reconfiguring the firewall.
Connections to the Good Security Operations Center are used only
for sending data to and receiving data from handheld devices.
13
Overview
Perimeter security includes:
End-to-end encryption
AES
FIPS 140-2 validation
Reliable message delivery
Handheld Security
The handheld device can be configured with a password. When the
handheld device is locked, Good applications will not display any of
the users data, and the device operating system turns off access to
the serial (or USB) port, which could otherwise be used to download
data from the handheld device to a PC. Access can be restored only
by entering the correct password. If an unauthorized user tries to
guess the password too many times, the Good client software will
delete any Good application data stored on the handheld device.
The IT administrator can specify policies for the password provided
by the user. These policies are applied wirelessly.
If a users handheld device is lost or stolen, the IT administrator can
use the GMC to remotely disable the device and remove all Good
application data. If a handheld device is recovered, it can be set up
again as described in Preparing New Handhelds on page 63.
Authentication
The Good System provides a number of safeguards against
unauthorized access. The Good Messaging Server resides behind a
corporate firewall, and any handheld device attempting to contact it
requires a three-step authentication process among
the Good Operations Center and the Good Messaging Server

the handheld and the Good Operations Center
the handheld and the Good Messaging Server
14
Good Security
Administrative Security
The Good System offers Role-Based-Administration (RBA) features
that allow system-administration permissions to be customized
according to the needs and qualifications of each user. By controlling
users access according to their roles and the associated permissions,
RBA provides a tool for managing IT assets and increasing security.
Routine taskssuch as adding a new user or loading softwarecan
be delegated to a wider group of IT managers across multiple
locations. More sensitive permissions, such as those required for
setting global policy, can be restricted to a smaller group, increasing
the overall security of the system. RBA also encourages the most
efficient use of IT resources, since permissions can be based on skill
and job function.
Email Security
Preventing the spread of viruses is of increasing concern for IT
departments and end users. Viruses commonly infect a users system
by delivering executable code, such as .EXE files or Visual Basic
scripts, via an e-mail or an e-mail attachment, and getting the user to
run the code inadvertently. The Good Messaging application will not
run executable code within an e-mail or attachment and thus is less
vulnerable to viruses from e-mail. Good Messaging users can use
their handhelds to read e-mails or attachments without concern
about viruses. If the user suspects an e-mail to be malicious, he/she
can safely delete that e-mail from their Good Messaging device rather
than risk opening it from the laptop or desktop.
Additionally, using Good Messagings ability to distribute handheld
software OTA (refer to section on Secure OTA Architecture),
enterprises can enhance corporate compliance by ensuring that
employees are running the latest mobile security applications such as
Symantec AntiVirus for Handhelds.
Good Messaging also incorporates VeriSign technology for digitalID-signed e-mail, which serves as an electronic substitute for sealed
envelopes and handwritten signatures. This security feature enables
15
Overview
Good Messaging users to read messages which have been digitally

signed, even if the message body was not sent in clear text.
Good Secure OTA Architecture

OTA Deployment Security Considerations
Beginning with Good Messaging 4.0, Good provides Secure OverThe-Air (OTA) setup of Good Messaging, without ever giving the
handheld to IT. Good Secure OTA capability encompasses several
features, including deploying and upgrading Good Messaging,
installation of any handheld software, and handheld policy updates.
The high-level process flow for Good Secure OTA setup of handhelds
is detailed in the Good security white paper.
IT administrators must explicitly give permission for users to
provision OTA. Permission may be given for a group of users
selected from the Windows Directory. If the IT administrator has not
given permission for a user to provision OTA, the Good Security
Operations Center will prevent Good OTA Setup from
communicating with the Good Messaging Server behind the firewall.
As described previously, the Good System does not require any
inbound connections through the enterprise firewall. This advantage
is maintained for Good Secure OTA. All communications between
Good OTA Setup and the Good Messaging Server run through the
same outbound connection that Good Messaging normally uses.
Goods comprehensive OTA setup authentication is explained in
detail in the security white paper.
In order to protect all traffic between Good OTA Setup and the GLS,
all communication during the provisioning process runs over HTTP/
SSL. The package of provisioning information is further encrypted
using an AES key derived from the users OTA PIN. After the client
receives the package of provisioning information, it begins to use the
16
Managing an Account
normal end-to-end encryption capabilities that Good Messaging uses

after provisioning a handheld at the management console.
OTA Software Installation Security Considerations
The Good OTA software distribution system supports distribution of
three classes of software: Good applications, Good partner
applications, and custom applications provided by a customers
internal IT department. Security is maintained via the following:
Digital Signatures - Good software and partner software are

digitally signed using X.509v3 certificates.
Encryption - Before the custom software package is uploaded, it is

encrypted using a key generated by the GMC using Microsofts
CryptoAPI.
Software Versions - The GMC provides a policy for IT to specify

the version of client software which will be installed.
Mandatory Installation - IT can mark software packages as

mandatory or optional.
Off-Peak Downloads - When IT initiates a Good Messaging

upgrade or distribution of other handheld software on a global
basis, the Good Messaging client will begin the download at a
random time overnight.
Managing an Account
In order to monitor and update the Lotus Domino accounts of
handheld users, Good Messaging Server runs as a service under
Windows 2003.
Communications between the Lotus Domino server and Good
Messaging Server uses the NRPC (Notes Remote Procedure Calls).
17
Overview
FIGURE 2. Monitoring the users account

As shown in Figure 2, Good Messaging Server monitors activity in
the handheld users email, calendar, contacts, to-do entries, journal
entries, and other folders and relays all changes to the Operations
Center, where they are queued up and delivered to the handheld. In
the same way, handheld activity is passed along to the Lotus Domino
account. Synchronization is dynamic and real-time, not scheduled.
The messages cannot be viewed by anyone along the way because
they are encrypted. Data can be viewed only from the Lotus Notes
client and on the handheld.
You can quickly check the connection status between Good
Messaging Servers and the Good Operations Center, and between the
Servers and the handhelds they service, using the Good Monitoring
18
Multiple Lotus Domino and Good Messaging Servers
Portal located at www.good.com/gmp. Like the Good Messaging

Console, the Monitoring Portal provides information about users,
their handheld types and service carriers, and much more.
Multiple Lotus Domino and Good

Messaging Servers
Good Messaging Server can manage synchronization for accounts on
multiple Lotus Domino servers in an organization.
Good Messaging Server is installed on a host machine. At least one
Good Management Server is required; recommended is a Good
Management Server on each Good Messaging Server host machine,
for redundancy. In addition, Good Management Consoles are
installed on computers that are used to manage handhelds.
FIGURE 3. Handheld users on multiple Domino servers and

Domino Domains
19
Overview
Figure 3 shows Good Messaging Server maintaining user accounts on

multiple Lotus Domino servers. Good Management Server uses the
Public Address Book (PAB) to list, monitor, and manage handheld
users across sites. The console is used to assign handhelds to users
and to monitor and manage Good Messaging Servers.
If you have thousands of handheld users, you may need to install
additional Good Messaging Servers to handle the synchronization
tasks. Each new Good Messaging Server will need to be installed on a
separate machine. When configuring Good Messaging Server to
connect with a Lotus Domino server, the speed of the network
connection must be a sustained minimum rate of at least 10MB/s.
Although the figure does not explicitly demonstrate the fact, we
recommend that a Good Management Server be installed on the same
host machine as every Good Messaging Server.
Installation Concepts
This section provides an overview of the installation process. An
outline of the installation steps is provided in Chapter 1.
You will install one or more Good Messaging Servers on host
computers. Each Good Messaging Server will manage a set of user
accounts and handhelds that you specify. The accounts can be located
on any Lotus Domino servers in the Domino Organization, as long as
they appear in the Public Address Book and the Messaging Servers
have the necessary permissions to connect and access mail files on
the Domino mail servers in the organization. You will assign users to
a Messaging Server according to the organization scheme most
convenient to you and according to your capacity planning. No
special configuration is necessary to have multiple Messaging
Servers manage handhelds on multiple Lotus Domino servers.
20
Access Control List (ACL)

Each Good Messaging Server runs as a Windows service. Typically,
every user mail file lists the LocalDomainServers (Server Group) as
Manager. The Lotus Domino server on which Good Messaging
Server runs is listed in LocalDomainServers group. If the ACL on
every user mail file does not contain the LocalDomainServers group,
the Lotus Domino server on which Good Messaging Server runs
must be listed in any other group (preferred) which has read/write/
delete document privileges on every user mail file, or can be listed
separately per mail file (not recommended) with read/write/delete
access.
Good Management Server and Console

Good Management Console communicates with Good Management
Server. There must be at least one Good Management Server
installed. We recommend installing a Good Management Server on
each Good Messaging Server host for purposes of redundancy. A
Good Management Console can communicate with any Good
Management Server; a Console menu item allows you to specify
which.
You will use Good Management Console to assign handhelds to
users, to set up, monitor, and manage the handhelds, and to manage
the Good Messaging Servers.
Most of the handheld management tasks are initiated from the
consoles user-properties window. Figure 4 displays the properties
21
Overview
window, which is available in the console for every handheld added

to Good Messaging Server.
FIGURE 4. Good Management Console handheld management

You can use this window to install Good Messaging software on a
handheld, display ongoing handheld activity, erase data and disable
the handheld, and otherwise manage it.
You will use the Good Messaging setup program to install the
Management Server and console. You can limit access to Good
Messaging management facilities using role-based administration in
the console.
22
Good Messaging Server

With the proper ACL setup (discussed previously in Access Control
List (ACL) on page 21), you are ready to install Good Messaging
Server and Good Management Server. Installation consists of:
Checking system prerequisites

Installing Good Messaging Server and Good Management Server
Assigning usage roles for Good Management Console
Installing Good Management Console software
Handheld Setup
Handheld setup consists of adding the handheld to a Good
Messaging Server and downloading Good Messaging, optional Good
Partner, and Custom applications onto it.
Good Messaging and Good Partner software is made available from
Good Technology to your Good Management Servers.
Use Good Management Console to add handhelds to a Server and to
configure the software to be downloaded to the handhelds,
wirelessly.
Wireless download begins with the Good Management Console
sending email to the user whose handheld is to be set up. The email
contains a PIN and URL that the user will need to initiate the
download and setup. The user downloads OTA Setup from the URL
site and runs it to install the software, entering the PIN when
prompted. You can set policies for PIN expiration and reuse (refer to
Changing Global User Policies on page 117).
As prerequisites to setup, the handheld must have the proper amount
of available memory and have established phone and data services
running on it.
23
Overview
Wireless Handheld Management

Good Messaging allows supported handhelds to be set up and
managed wirelessly. This feature is referred to as OTA (Over The Air)
functionality.
Good applications, Good Partner applications, and Custom
applications can be downloaded to and updated on user handhelds.
Good applications are developed and distributed by Good
Technology. Good Partners applications are applications available on
a complimentary or trial basis from Good Technologys alliance
partners. Custom applications are applications that customers own or
license from others.
Policies governing security, synchronization, and software
applications can be set at the Good Management Console for global
24
and individual handheld use. These policies are synchronized

continuously.
FIGURE 5. Data Flow
Wireless Handheld Setup

Wireless setup of a handheld comprises the following general steps.
Refer to Figure 5 for a view of the interrelationship of the system
components involved.
At the Good Management Console, enable the user/handheld for

OTA Setup. This configures the user's Lotus Domino account and
authorizes the user for OTA setup in the Good Operations Center.
25
Overview
An OTA Setup email message is sent to the user. With the

information and PIN it contains, the user downloads the OTA
Setup application from the Operations Center.
The user follows the OTA Setup prompts. The users

authorization is verified at the Operations Center. With
authorization verified, OTA Setup downloads the correct software
versions as specified by the IT administrator. It then verifies that
the Good Messaging software is valid using Good's certificate.
With validation complete, the software installs and Good

Messaging starts and synchronizes the handheld with the users
mail account.
Wireless Global and Individual Policy Synchronization

The OTA feature provides continuous wireless synchronization of
global and individual user policies and implements policy changes as
soon as they are made:
When you configure or reconfigure global policies using Good

Management Console, the settings are applied for each user in
Good Messaging Server and stored in the Good Messaging
database.
Good Messaging Server monitors the user's mail file and/or the
database and forwards policy changes to the handheld along the
path shown in the figure.
The policy changes are then applied to the handheld.

When you configure or reconfigure individual user policies using
Good Management Console, the settings are applied for the user
and stored in the user's mail file and/or the Good Messaging
database.
Wireless Handheld Software Upgrades

You can update Good Messaging software policies wirelessly for an
individual handheld or the default policy for the handhelds of a
given handheld type on a specific Good Messaging Server. These
26
policies determine which versions of Good Messaging Client, Good

Partners software, and custom applications are to be downloaded to
the specified handhelds:
Use Good Management Console to set and change software

policies.
Policy changes are applied to each user/handheld by the Console.

Good Messaging Server forwards any software policy changes to
the handheld via the path shown in the figure.
On the handhelds, Good Messaging Client receives these policies

and schedules required software downloads or notifies the user of
the available new software applications that can be downloaded.
Good Messaging Client downloads the application from the Good

Operations Center.
With the application downloaded, the software is verified with the

software certificates for Good and Partner applications or
decrypted for Custom applications.
The software application is then installed on the handheld.

Custom Software for Wireless Distribution
Wireless handheld software upgrades can include custom
applications for a specific handheld type. Custom applications are
applications that you have appropriate licenses for and want to
distribute OTA. These can be made available to users on a specific
Good Messaging Server. Custom applications must first be added to
the specific Good Messaging Server and then appropriately enabled
as a software policy for the users.
The Good Management Console is used to add custom

applications for a specific Good Messaging Server.
An application is added by entering information about the

application (e.g., the name, version, and description of the
application) and then uploading the application to the Good
Operations Center.
27
Overview
The uploaded application then appears as a Custom application

for the handheld type, and can be made available to users in
encrypted form through the normal wireless handheld software
upgrade process.
28
3 Pre-installation
This chapter provides detailed instructions for preparing for

installation of Good Messaging Server, Good Management Server,
and Good Management Console.
Before doing the installation, you will need to perform the following
tasks. Each task is explained in detail in this chapter.
Check prerequisites; perform initial Good Messaging Server,

Good Management Server, and Good Management Console host
configuration
Install a new IBM Lotus Domino server in your production

Domino domain, on the machine to host Good Messaging Server.
Checking Prerequisites and System

Requirements
Ensure that the Good Messaging Server, Good Management Server,
and Good Management Console host machines, and your Domino
server, conform to the following prerequisites.
Good Messaging Server and Good Management Server host system
requirements:
Intel Pentium IV processor, 2GHz or higher

1 GB RAM (2 GB recommended)
29
Pre-installation
8GB hard drive space free for the Good Messaging Servers and
Good Management Servers
These requirements for RAM and hard drive free space are based
on 200 users. For each additional user, add 1MB memory and 5MB
free disk space.
Users
RAM (GB)
50
1*
20
100
20
200
20
500
1.3
21.5
750
1.55
22.75
1000
1.8
24
* Minimum
If a virtual machine session is used for Good Messaging, the free

drive space and RAM requirements also apply.
Good Messaging is an I/O intensive application; consider this fact
when deciding which other applications are to run on the same
host machine. Good Messaging supports VMware ESX Server
2.1.2, 2.5.1, and 3.0.1.
Required minimum LAN speed for the servers: 100Mbps Note:

With the Good Messaging Domino server connection to other
Domino servers in your Domino domain, the speed of the
network connection must maintain a sustained minimum rate of
at least 100Mbps. Slower network connections between the
Domino server on which Good Messaging runs and other Domino
servers will cause increased message latency.
30
Checking Prerequisites and System Requirements
Lotus Notes client must not be installed on the Good Messaging

host machines.
SMTP Service should not be enabled on the Domino instance

running on the Good Mobile Messaging Server.
Good Messaging Server, Good Management Server, and Good
Management Console requirements:
Server host machine: Windows Server 2003 Service Pack 1

Good Messaging Server and Good Management Server host
machines must have Internet access. They should be able to
connect to http port 443 (secure https). To check this, use a
browser with proxy settings disabled on the host machine to
connect to a secure remote location.
If you limit outbound HTTP and HTTPS on your firewall, you
should open the outbound IP ranges 216.136.156.64/27,
198.76.161.0/24, 66.45.60.0/24, and 12.146.186.0/23 for Good
Messaging to work properly.
Do not put the Good Messaging Server or Good Management
Server in the DMZ zone.
Good Messaging Server can service up to 1000 handhelds.

Windows Installer 3.0 is required for installation of Good
Messaging Server. Windows Server 2003 with Service Pack 1 (SP1)
includes Windows Installer 3.0.

installed on it, unless you choose to create a database on an
existing Microsoft SQL 2005 server for use with Good Mobile
Messaging. To uninstall SQL if present, refer to Uninstalling
SQL on page 234.
Before installing Good Messaging Servers and Good Management

Servers, ensure that the host machines time and date are set to
your network's correct time and date. Otherwise, errors such as a
Security Alert regarding a problem with the site's security
certificate may occur.
31
Pre-installation
Lotus Domino configuration requirements:
Lotus Domino Messaging Server 6.0 or higher

Install the Domino server as a Domino Messaging server.
The Domino server on which Good Messaging Server is to be
installed should be installed as a Windows service and should be
configured to run as a Windows service and not as a regular
application
The Domino server on which Good Messaging runs must be

installed with the Primary Domino Directory (recommended)
option.
The Domino server on which Good Messaging is to be installed

should not be installed as a partitioned server. Good Messaging
does not support and cannot be installed on a partitioned Domino
server.
The Domino server on which Good Messaging runs must have

read/write access with Delete Documents privileges on every
user mail file in your organization. Usually the
LocalDomainServers group has these required rights. You may
not need to alter the Access Control List as long as this Domino
server (on which Good Messaging is being installed) is listed in
the LocalDomainServers group.
If the Domino server on which Good Messaging runs does not

have any rights to the users mail files and you are setting up the
ACL, this server requires Editor access or higher (such as Designer
or Manager access) with the following rights:
Create Documents
Delete Documents
Create personal folders/views
Read Public documents
Write public documents
Good Messaging Server uses the Lotus Domino server ID while

instantiating the Lotus Domino APIs and accessing Domino mail
32
Good Secure WiFi: Prerequisites and System Requirements
databases on other servers in your Domino domain(s). It is

recommended that the server ID have the Server ID property
Don't prompt for a password from other Notes-based programs
checked/enabled.
If your Domino infrastructure has multiple domains:

Directory Assistance enabled for every Domino domain in
your organization.

connection documents to the Domino servers in the other
Domino domains. The Good Messaging Domino server should
be a member of LocalDomainServers group in every Domino
domain.
- The necessary Cross certification, either per-server or perorganization level, must be established between the Domino
server on which you are installing Good Messaging and the
mail and directory servers in other domains to which this
Domino server connects.
Good Secure WiFi: Prerequisites and

System Requirements
If you are deploying Good on WiFi-enabled handhelds in your
corporate environment, ensure that your access points conform to the
following guidelines.
Network Setting Requirements for WiFi Handhelds

Good uses UDP packets to transmit data to Good-enabled handsets.
Some enterprises block UDP packets at the firewall, even if TCP/IP
connections are allowed. In order to use Good over WiFi, the
following destination ports are required to be open:
33
Pre-installation
UDP Port 12000 - Used to pass outbound-initiated traffic to Good

once the Good client is installed on the handheld
TCP Port 80 - Used to redirect to secure port 443

TCP Port 443 - Used for secure access to Good webstore for OTA
distribution and download
TCP Port 21 - Used to FTP logs to Good Technical Support

(optional, but highly recommended)
UDP security
All connections to Good's NOC are device-initiated only (but require
bidirectional flow). From a security perspective, there are no
significant differences between using TCP and UDP for Good's
traffic. Good uses a sequenced and encrypted protocol over UDP
similar to TCP.
IP addressing
Good requires customers open a range of IP addresses (Class C IP
ranges 216.136.156.64/27, 198.76.161.0/24, 66.45.60.0/24, and
12.146.186.0/23).
System Requirements for WiFi Connectivity

NAT time-outs
To ensure that Good can remain up-to-date at all times, Good
requires that the NAT time-out be set to 9 minutes or longer. This will
keep users connected to the network while maximizing the battery
life performance on the device.
Server requirements
All provisioning and upgrading of Good on WiFi-only handhelds
will be performed via Good's Secure OTA process.
34
4 Installation
This chapter provides detailed instructions for installing Good

Messaging Server, Good Management Server, and Good
Management Console.
To get your users up and running, you will need to perform the
following tasks. Each task is explained in detail in this chapter.
Install Good Messaging Server and Good Management Server

Configure role-based administration (controlling the Good
Management Console features available to an individual or
group)
Set default OTA software policy for handheld families

Install Good Management Console software
With the installation complete, you will be ready to prepare
handhelds for use, as described in Preparing New Handhelds on
page 63.
Rerunning installation media allows you to select the Repair
option. Use this option to change installation settings.
35
Installation

Use the following procedure to install a Good Messaging Server.
Repeat the procedure for additional servers as needed. Each server
can manage hundreds of handhelds on multiple Domino servers. No
special preparations are necessary. You assign handhelds to Good
Messaging Servers according to the organizational scheme most
convenient to you.
The Good Messaging Server host machine must be configured as
described in Checking Prerequisites and System Requirements on
page 29. Use a secure host (the machine should be located in a secure
location and the proper permissions should be set to control access to
the machine).
Note the following:

Install Good Messaging Server before Good Management Server.
Microsoft SQL Express will be installed and configured during the
installation of the first Good Messaging Server, unless you choose
to use an existing SQL Express server.
If you choose to use an existing SQL 2005 server, youll need to

create a database on that server. You can use any name (we
recommend goodlinkdb) and any login (SQL username and
password) for the database. You should have Database Owner
rights on goodlinkdb or the created database.

installed on it if you choose to have SQL Express installed. To
uninstall SQL if present, refer to Uninstalling SQL on page 234.
In order to install the Good Messaging Server, you must log in as a

member of the Administrators group on that machine.
We recommend that you create a new Windows account for
installing and running Good Messaging services. After creating
the Windows account, assign it "Local Administrator" privileges,
then log on as the new Windows user and proceed with the
36
installation. If you do not have a Windows domain, you can use a

local administrative machine account; however in this case to
administer Good Servers you will have to physically log on to this
machine and use the Good Management Console on it. To
administer the Good Servers using Good Management Console
from a remote machine, the Good Services must be run as a
Windows Domain user.
We recommend against running BlackBerryTM Enterprise Server

on the same machine as Good Messaging Server, when both are
present.
We recommend against installing the Lotus Notes Client on the

same machine as Good Messaging Server. If such a client is
present, it must reside on a different drive than the Domino server
on the machine.
To change settings later that you enter during this installation, use
the repair option available in the installation media.
1.
Begin by logging in with any Windows Domain Administrator

account.
37
Installation
2.
Execute setup.exe from the Good distribution media.
3.
Click Add/Remove for Good Messaging Server.

If an earlier version of Good Messaging Server is detected, you
will be prompted to upgrade it. If the same version of Good
Messaging Server is detected, you will be prompted to delete or
repair it (change installation settings).
The program checks for the presence of required Windows and
Domino components, as listed in Checking Prerequisites and
System Requirements on page 29. You may be informed that files
are being updated.
Otherwise, installation files are extracted from the Good
distribution media.
38
The installation wizard is launched to guide you through the rest

of the setup process.
An initial installation window is displayed.
Click Next to begin the installation.
A License Agreement window opens.
4.
To proceed with the installation, you must accept the terms of the
Good Technology software license agreement by clicking Yes.
A server registration screen is displayed.
5.
Enter the Good Messaging serial number and site license key.
In some cases, both serial number and license key are contained in
email sent to you by your sales representative. Otherwise, follow
this procedure to obtain the key:
a.
Record the serial number and code number sent to you by

email.
b.
Go to http://www.good.com/gmp (Good Monitoring Portal)

to obtain the license key for your Good Messaging Server. If
39
Installation
you do not have an existing account, click on the "New Users"

link and follow the steps to create a new one in order to log in.
c.
Log in and click on "Obtain a server license key under Common Tasks." Enter the serial number (s/n) and code from the
email you received.
Once you've entered the necessary information, Good will register your Good Messaging Server. The server license key will
be displayed at this time (only) in the Good Service Center and
it will be emailed to the email address you specify.
d.
6.
When prompted during Server installation, enter this license

key. If you've previously installed and uninstalled Good Messaging Server on this machine, the previous values that you
entered are displayed (if you preserved settings when uninstalling).
Enter a name for Good Messaging Server (Grizzly in the

example).
This is the name that will appear in Good Management Console.
The name can be up to 16 characters long. No spaces allowed.
Enter a descriptive name of your choice.
40
7.
Click Next.
A screen is displayed asking whether this is the first or an

additional server. Click the radio button for a first server.
Additional servers are not supported in this release.
8.
Click Next.
The installation program contacts the Operations Center,
confirming the ability of the host to make the connection, and then
validates the license key and serial number that you have
provided.
A Good Messaging Server Installation Location screen is
displayed.
9.
Accept the default location for Good Messaging Server software

or browse to select a different location. If the default folder does
not exist, the wizard will ask you if it should be created.
10. Click
Next when done.
A Choose Log Directory screen is displayed.
41
Installation
11. Accept
the default location for the Good Messaging log or browse

to select a different location. If the folder does not exist, the wizard
will ask you if it should be created. This directory should be
secure.
This log file records the servers Domino/handheld
synchronization activity for messages and events.
Synchronization error and event messages are recorded in the
Windows Event Viewer Application log.
For better performance, you can locate the directory on the fastest
local disk. Click Next when done.
Important: Exclude this directory from anti-virus and backup
software, to prevent file contention and performance issues.
A Choose Cache Directory screen is displayed.
12. Accept
the default location for the Good Messaging Server cache

or browse to select a different location. If the folder does not exist,
the wizard will ask you if it should be created. For better
performance, you can locate the directory on the fastest local disk.
Specify a local disk, not a network share. This directory should be
secure.
Warning: If you are reinstalling or upgrading, you must specify
the same cache-file directory location that you did for the original
installation. If you specify a different cache-file directory location,
all handhelds will need to be set up again, causing all email/
drafts to be cleared from the handhelds.
13. Click
42
Next.
A Server proxy screen is displayed.
You can use an approved proxy server to communicate with Good

Messaging Operations Center if you are unable to grant access via
your firewall. The proxy server can be configured without
granting additional access on the firewall.
Note: HTTP/1.1 is required. HTTP/1.0 is not supported. The
Good Messaging Servers and Good Management Servers have
been tested for use with the Squid 2.4 proxy server and a
NetCache 3100 proxy server (NetApp Release 5.2.1R2) set with
basic configurations.
Proxy Address is the IP address or name of the proxy server to
use.
Proxy Port is the port of the proxy server to use.
User is the username to use with HTTP/1.1 Basic Authentication for authenticating to the Proxy.
43
Installation
Password is the password to use with HTTP/1.1 Basic Authentication for authenticating to the Proxy.
If you used the OverrideURL environment variable with pre-4.0
versions of Good Messaging to implement a proxy server, note
that uninstall does not remove or reset it.
To correct/change information entered on this screen, run this
setup program and use its repair option.
The proxy server must be configured to allow at least 5 minutes of
idle time before timing out Good Messaging Server or Good
Management Server connections.
The usernames and passwords for connecting to the proxy server
must not contain ':', '@' or '/' characters.
14. Click
Next.
A Windows Account Information screen is displayed.
44
15. In
the Login field, enter the domain and Windows account name.
For example: Domain\username. The name isnt case sensitive. The
current logged in user and domain are displayed as the default.
Enter the account password. The password is case sensitive. The
installation wizard tests the username and password that you
provide. If they dont work, you are warned.
16. Click
Next.
17. You
are given an option to choose an existing SQL Server 2005 or

have a new one installed.
If you want to use an existing SQL 2005 server, youll need to

create a database on that server. You can use any name (we
recommend goodlinkdb) and any login (SQL username and
password) for the database. You should have Database Owner
rights on goodlinkdb or the created database.
18. Click
Next.
45
Installation
19. Whether
you are using an existing SQL server and database or

having the install program create one for you, youll be prompted
for some database information.
The database address can be the IP address or the machine name

or machine\instance name, where the instance name is the SQL
instance name on that server.
If you choose to have SQL Express 2005 installed, it is installed in
dual authentication mode (SQL and Windows). However, Mobile
Messaging will use the Windows authentication alone.
20. Click
Next.
The setup program displays the information you have entered,

plus the Internet address of the Operations Center and other
relevant Good Messaging information.
21. If
46
the information is correct, click Next.
Good Messaging and Domino server software is installed.
With installation complete, the Domino server and Good

Messaging service are started.
22. Click
Finish.
Note that the Good Messaging Server database is saved

automatically to a \database\data\MSSQL.1\MSSQL\Backup
folder in the server installation directory. A full backup occurs daily
and, following the first full backup, a differential backup is
performed every hour. The line "Good Messaging: Begin full
database backup." in nGoodLink.log indicates the start time for the
new day, as supplied by Domino. If this time is other than midnight,
system time has changed since Domino installation or is incorrect.
47
Installation

Use the following procedure to install Good Management Server.
Youll need at least one Good Management Server. We recommend
installing Good Management Server on each Good Messaging Server
host machine, for purposes of redundancy. Good Management
Console is installed automatically on every Good Management
Server host machine, but can connect to any Good Management
Server.
The Good Management Server host machine must be configured as
page 29. This host should be secure (the machine should be located in
a secure location and the proper permissions should be set to control
access to the machine).
Install Good Messaging Server before installing Good Management
Server.
We recommend against running BlackBerryTM Enterprise Server on
the same machine as Good Management Server, when both are
present.
1.
48
Begin by logging on to the machine where the first Good

Management Server is to be installed, using the administrative
account that you used to install the Good Messaging Services.
2.
3.
Click Add/Remove for Good Management Server and Console.

The program checks for the presence of required Windows and
Domino components, as listed in Checking Prerequisites and
System Requirements on page 29. You may be informed that files
are being updated.
distribution media.
If an earlier version of Good Management Server is detected, you
will be prompted to upgrade it. If the same version of Good
Management Server is detected, you will be prompted to delete it.
49
Installation
When the process is complete, click Next.

4.
A Good Management Server Installation Location screen is
displayed.
5.
Accept the default location for Good Management Server software

or browse to select a different location. If the default folder does
not exist, the wizard will ask you if it should be created.
6.
Click Next when done.

A Choose Log Directory screen is displayed.
7.
Accept the default location for the Good Messaging log or browse
to select a different location. If the folder does not exist, the wizard
will ask you if it should be created. This directory should be
secure.
This log file records the administrative tasks performed by Good
Management Console. It contains auditing information about
when the tasks were performed and who performed them.
Synchronization error and event messages are recorded in the
Windows Event Viewer Application log.
For better performance, you can locate the directory on the fastest
local disk. Click Next when done.
50
A Windows Account Information screen is displayed.
8.
In the Login field, enter the user name and password to be used
when Good Management Server runs. For example:
Domain\GoodAdmin. The name isnt case sensitive. The current
logged in user and domain are displayed as the default.
Enter the account password you set up for the GoodAdmin
account. The password is case sensitive. The installation wizard
tests the username and password that you provide. If they dont
work, you are warned.
9.
Click Next.
The setup program displays the information you have entered.
10. If
the information is correct, click Next.
Good Management Server software is installed and the service is

started automatically.
11. Click
Finish.
51
Installation

Youll be installing and using Good Management Console to manage
the Good Messaging handhelds and servers. You can control and
limit the tasks performed by an individual or group using Good
Management Console. For example, you can configure the console so
that some individuals and groups can use it only to set up handhelds
and not to add or remove users from Good Messaging Servers. To do
so, youll create roles for different users and groups of users for Good
Management Console. The Console comes with several predefined
roles that you can use (roles for service administrator, administrator,
and helpdesk). You can also create additional roles now, before
installing the consoles on the machines where you will be using
them. Finally, you can create, delete, and reassign roles at any later
time as needed.
When you installed Good Management Server, a Good Management
Console was installed on the same machine. Use this console to create
the roles.
Note: The first time you launch the Console, you must be logged on
with the administrative account that you used to install the Good
Messaging Services. You can then use the Console to grant access to
other accounts using the Role Based Administration feature.
Roles that you create using a Good Management Console apply to all
Consoles that connect to the same Good Management Server.
To create the roles and limit access to Good Management Console
features, perform the following steps:
1.
52
Run the Good Management Console on the machine where you

installed Good Management Server.
2.
In the console tree, select Roles.
A list of all currently defined roles is displayed.

Default Roles
Administrator
Help Desk
Service
Administrator
Default Rights
Add user for OTA Setup, Delete user, Erase
handheld data, Set global policy, Set user policy,
View only administration
handheld data, View only administration
All rights: Add user for OTA Setup, Delete user,
Erase handheld data, View user OTA setup PIN,
Manage Servers*, Set global policy, Set user
policy, Manage roles, View only administration
* Manage Good Messaging Server: Clear Server statistics using the Console;
display Server license key in Server Properties window; Upload custom software;
Configure OTA Setup software download
3.
From the Action menu, select New Role; or right-click on any

existing role and from the drop-down menu select New Role.
53
Installation
A blank Role window opens.
4.
54
At the General tab, enter a name for the new role. Under Notes,
describe the purpose of the role. For example, if the role is to
provide the IT administrator with full rights for use of the console,
you might name the role Good Messaging Admin and in Notes
type This role grants full console rights to the IT administrator.
5.
At the Rights tab, click on Administrator to give this role full

rights in the console. Click on Custom and click on individual
rights to limit this roles use of the console.
6.
Click on Members to add or delete users or groups from the

Access Control List for the role.
7.
To remove a user or group from the access list for this role, select
the user or group in the list and click Remove.
55
Installation
8.
To add a user or group to the access list for this role, click Add. A
list of users and groups is displayed.
Select the domain containing the user or group you want to add.
To display the members of a group, select it and click Members (in
this window, you can add members to a group). To search for a
user or group by name, click Search.

You can ensure that 4.0 and higher versions of Good Messaging are
installed when performing wireless downloads to handhelds. Use the
Good Management Console installed with Good Management Server
to set the global policy defaults for wireless download for each
handheld family. This consists of specifying which version of the
applications should be downloaded to handheld types by default.
56
1.
To set the defaults, select the Good Messaging Servers folder in

the Console main window and select the server in the right-hand
pane that will be downloading software to the handhelds.
2.
From the right-click drop-down menu for the selected server,

choose Distribute Software.
If the defaults have not been selected for all handheld families, a
prompt to select them is displayed.
3.
Choose Yes to set the global default that the software packages for
all handheld families will contain the most recent versions of
client software.
Choose No to set the defaults yourself, choosing other software
versions.
57
Installation
The Distribute Software screen for the selected Server is

displayed.
Applications in the package are divided into three categories:

Good Technology, Good Partners (Documents To Go from
DataViz), and custom applications. Applications in the first two
categories cannot be deleted by the customer. The catalog is
maintained by Good Technology. You can add and delete Custom
applications, as described in Adding and Deleting Custom
Applications from the Software Package on page 141.
4.
58
To enable/disable specific applications by default at installation

or update, use the checkboxes placed next to each application for
this purpose. To update handhelds to a new version of an

application, disable the old version and enable the new version.
5.
To change the reminder schedule employed on user handhelds for

wireless software installation and upgrades, click the Reminders
button.
Use this button also to force installation of an application type
(Good, Good Partners, or Custom).
A Handheld Reminders dialog is displayed.
6.
Set the reminder policy and mandatory designations as desired.

Click OK.
Reminders are pop-up dialogs that appear periodically (according
to your specifications) on the handheld.
Mandatory software is downloaded in the handheld
background (during off-hours for global changes) without
previous notification to the user. If the user declines to install the
software when reminded, the installation is forced after the
specified number of reminders is completed.
The default for reminders is once a day for three days. The default
for mandatory installation is Good Technology and Good Partners
applications.
If the Mandatory options are not checked, the user is prompted to
install the software. If he/she defers the installation, the prompt is
not repeated until new software versions become available on
Good Messaging Server.
59
Installation
7.
Click OK to close the Reminders dialog.
8.
To override the default reminders that you have set, select a

software version and click the Options button.
9.
Use this screen to set reminder and mandatory settings for a

specific software item.
10. Click
OK to close the Distribute Software window.

Install Good Management Console on any computer you want to use
to manage the Good Messaging handhelds and servers.
The Good Management Console host machine must be configured as
page 29.
Use the following procedure to install the console.
1.
60
Begin by logging on to the machine where Good Management

Console is to be installed, using a Windows account with
administrative rights on the machine where the Good
Management Server is installed.
2.
3.
Click Add/Remove for Good Management Console.

If a console is detected, it will be upgraded.
distribution media.
61
Installation
4.
An Installation Location screen is displayed.
5.
Accept the default location or enter the name of the folder that
will contain the console. If it doesnt exist, youll be asked if it
should be created.
6.
Click Next.
The setup program displays the location where the console will be
installed.
7.
If the files are to be installed in the correct folder, click Next.

If the folder you specified does not exist, youll be prompted with
a Create New Directory screen for permission to create it.
Good Management Console is installed in the folder you
specified.
An Installation Complete screen is displayed.
8.
Click Finish to complete the installation. The initial installation

selection screen is redisplayed. You can continue from this screen
to install Good Messaging client software.
The first time that you run Good Management Console on a host
machine, youll need to specify the hostname of the Good
Management Server, unless it is the same as the console, in a
configuration screen displayed by the Microsoft Management
Console. To change the Good Management Server later, use the
Configure Connection option in the Action menu, with Good
Management Console highlighted in the Tree pane.
Note: When launching Good Management Console, enter the
required login credentials in the format domain\user id, not user
id@domain.
62
5 Preparing New
Handhelds
As the administrator responsible for the maintenance and

management of Good Messaging handhelds, you will need to set up
handhelds for new users. You can do this for one or more users at a
time wirelessly. This chapter explains how.
Each user/handheld is configured for setup and maintenance
wirelessly.
The OTA-only (wireless Over The Air) user will always use OTA to
complete setup of the handheld, and can later upgrade software on
the handheld wirelessly. The method offers IT the fastest and lowestcost means of setting up handhelds. Minimal steps are required by
the user.
Existing Good Messaging handhelds with pre-4.0 Client software are
updated automatically to wireless capability with the upgrade to this
version of Good Mobile Messaging.
If your installation includes WiFi-only handhelds, refer to Good
Secure WiFi: Prerequisites and System Requirements on page 33.
63
Preparing for Handheld Setup

This section describes how to set up a new handheld wirelessly, using
the Good Management Console. To set up multiple users at the same
time, refer to Setting Up Multiple Handhelds (OTA) on page 72.
When multiple handhelds are set up, the default global policy
settings and software package are used.
1.
Handhelds should have the following available memory:

Palm OS - 14.5MB
Pocket PC - 12MB*
Smartphone - 12MB
Symbian - 16MB
*14 MB for Treo 700WX
Contact your authorized service representative for additional
information on memory requirements.
The handheld battery should be fully charged (an error message will
be displayed if the battery is below 25%).
Wireless Setup Preparation

1.
Confirm with your service or sales representative that the

handheld is a supported type.
The handheld must have active, supported voice and network
data services. The user can make a call and browse the web with
the handheld to confirm the presence of these services. Note that
some supported data services may not support roaming; Good
Messaging, like the handheld browser, will not operate outside
the service area in these cases. If calling or browsing fails, contact
your wireless service provider to add the missing service to your
service plan.
Visit http://www.good.com for more information.
64
Preparing for Handheld Setup
An SD card is recommended for handhelds without flash memory,

to be used by the Good Messaging software for backup.
For GPRS devices, a SIM card is required.
2.
Users will be informed automatically by Good Management

Console when you perform the wireless handheld setup. The
Console will email instructions to the users mail file describing
how the user is to complete the setup wirelessly.
We recommend that you alert users in advance to expect these
Good Messaging email instructions and to fully charge their
handhelds before performing the setup. They will need to be in
radio coverage for the setup to complete successfully.
3.
Treo setup: Palm Desktop is not required for Good Messaging

setup, but if it is present on the users computer, the user should
set it to I have another PIM and/or existing 3rd party
synchronization software I would like to use. The user should
not set it to synchronize with Palm Desktop. If necessary, the user
should reinstall Palm Desktop with this setting.
Treo handhelds may require a ROM update. For more
information, go to http://www.good.com/gmp. (Youll be
required to log in to access the site.) Click on Documentation for a
note that explains how to check the Treos ROM version and how
to update it. Click on Software Downloads to download the
updater that you need.
4.
Before adding users to Good Messaging Servers for OTA setup,

the server software download policies must be set up as explained
in Setting Software Download Defaults on page 56. This is true
for adding users in Good Management Console using the New
User menu option, or using the Import facility or the commandline Good MessagingAddUser utility for download to the
handheld of the default software versions.
5.
You can position the Good Messaging client software on SD cards

or handhelds in advance. Later, when the handheld user
completes the Good Messaging setup, the client software will be
installed from this location.
65
a.
Modify the registry entry /System/CurrentConstrolSet/Services/GoodLinkServer/Parameters, changing the default values 'InstlFromLocalDir'=0 and 'SDLocalDir'="/
GoodPackages/" to 1 and to the path where you will locate the
client software.
b.
Download the client software package from http://

www.good.com/download.
c.
Transfer the client software to a mountable file system on the

handheld, such as a storage card, in the location that you specify when you edit the registry.
Palm - GLPkgPalm.prc
PPC2003 - GLPackage.exe
SP2003 - Smartphone.cab
PPC2005 - GLPackage2005.cab
SP2005 - Smartphone2005.cab

Wireless Setup
Setting up the handheld for the first time consists of:
Adding the handheld to the Good Messaging Servers and Good

Management Servers
Installing Good Messaging software wirelessly

Data exchange between the handheld and Domino
Generation of an encryption key
Activation with the Good Messaging Service
Wireless synchronization of the handheld with the users Domino
account
Downloading optional third-party applications
66
Note: If a users Domino profile changes between roaming and nonroaming, the users handheld will have to be set up again. This is, if
the profile changes to roaming, Good Messaging Server will use the
roaming databases for storage. If the handheld is not set up again,
Good Messaging Server will incorrectly continue to synchronize the
users address book and journal to the iNotes address book and
iNotes journal (in the users mail file). If a roaming user's journal
and/or address book cannot be accessed when the handheld is set
up, Good Messaging Server will synchronize the address book and/
or journal to the iNotes address book and/or iNotes journal.
To set up a new handheld Over The Air:
1.
Right-click the Users folder in Good Management Console.
2.
From the drop-down menu, click New User....

(To add multiple users at one time, refer to Setting Up Multiple
Handhelds (OTA) on page 72.)
The Address Book is displayed.
67
3.
Navigate to the users name and select it. With the user selected,
click OK.
A setup window is displayed.
4.
From the Server drop-down list, select the Good Messaging Server
that will manage the handhelds synchronization with the users
mail file.
5.
Security and Synchronization Policies: If you want the handheld

to inherit your global default Good Messaging policy settings,
continue to the next step.
To change the global default Good Messaging policy settings, refer
to Changing Global User Policies on page 117.
To change the Good Messaging policy settings for this single
handheld, refer to Changing Individual User Policies on
page 135.
6.
Software to be installed: If you want to install the Good

Messaging Servers default software package on the handheld,
along with the packages default Enabled/Disabled and
Mandatory settings, continue to the next step.
To change the applications and default settings in your Good
Messaging software package, refer to Changing Software
Package Defaults on page 138.
68
Completing the Setup Process
7.
Click OK to begin the wireless setup.
The handheld is added to the Good Messaging Server. At the same

time, the wireless handheld setup process, described in the following
section, commences.
OTA Setup Process
The following sequence completes the handheld setup. A detailed
description is provided in the Users Guide.
The Console sends an email message to the user. The message

contains a PIN and a link to the Good wireless software download
site (https://get.good.com).
You can display the PIN and URL information at the Console by
going to the Details tab in the users Properties window (select the
user in the user list, right-click and from the menu displayed,
select Properties). You can set policies for PIN expiration and
reuse (refer to Changing Global User Policies on page 117). If
the PIN has an expiration date/time, that date/time is included in
the email message to the user. The date/time are also displayed in
the Details tab in the users Properties window.
When the user goes to the download site and clicks Download
Now using the handheld browser, the site downloads the OTA
Setup executable to the handheld.
The user is prompted to save OTA Setup.

The user launches OTA Setup and follows the prompts to
complete Good Messaging software package installation. The user
enters his/her email address and the PIN during this installation.
Setup is completed automatically, wirelessly, as described in
Completing the Setup Process on page 69.

Once started, handheld setup occurs automatically over the air.
69
During this time:
The handheld is activated with the Operations Center. To become

fully operational, the handheld will send a message through the
wireless network, establishing a connection with the Good
Messaging Server managing the handheld.
User policies are downloaded from Good Messaging Server,

including password restrictions and Good Messaging software
versions to be used. Encryption keys are generated for wireless
communication.
Good Messaging software is downloaded to the handheld. (If

youve set the registry to install from SD card or a handheld
directory, and the required client file is present in that location,
the Good Messaging software is installed from there. If it isnt
found there, it is installed OTA.)
Lotus Notes and handheld data are synchronized between PC and

handheld. For initial setup, synchronization consists of importing
the data from the users mail file to handheld.
The following are synchronized from the users Domino Server
account:
- All contacts in the top level Contacts folder

- Calendar appointments beginning one week in the past, and all
future appointments including recurring events
- All uncompleted tasks. However, recurring tasks are not

supported. Only the first instance of a recurring task appears
on the handheld.
- Email folders, except for Outbox and Drafts. Sent Items

headers are synchronized only if you configure the user policy
to do so. During synchronization, the 100 most recent emails in
the Inbox and in Sent Items are sent to the handheld. For
emails older than 3 days, only the headers are sent.
- All notes (the first 4K of note bodies)
70
The handheld synchronizes information stored on the Domino

server. It does not synchronize information stored in local folders
on the users computer.
During this phase of setup, activity screens are displayed on the
handheld. Setup time varies depending upon the amount of user
data and coverage quality. Typically, handheld setup requires
about twenty minutes.
The user will be prompted to back up the Good Messaging

applications. The user clicks OK and provides a passcode when
prompted. The passcode must be at least 4 characters. All
characters are allowed.
Global mandatory OTA policies that are set for more than 5 users
are implemented in staggered fashion. The policies themselves are
sent to the handhelds immediately, as soon as there is activity on
the handhelds; however, when the user checks for scheduled time
of download, the time will range between 8 P.M. and 2 A.M.
When progress messages stop appearing, the handheld is fully

synchronized. Recharge it to full strength if necessary.
To test the handheld, you can send a message from the handheld
to your administrative account or from your account to the user.
Confirm that you receive the message from the handheld or that
the handheld receives your message to the user.
Warning: If the user for this handheld employs email filters to

automatically file new email into Inbox subfolders, the user may
want these subfolders also synchronized on the handheld.
To enable subfolder synchronization, so that new email filed to
them will automatically be available on the handheld, select
Preferences | Email Delivery on the handheld. Then bring up the
menu and select Add Folder. To display Inbox subfolders, select
Inbox, bring up the menu, and select Open. Select a subfolder to
be synchronized, bring up the menu, and choose Select.
As during setup, the user does not need cradle or cable to use the
handheld. All email and PIM synchronization occurs wirelessly.
71

You can set up multiple handhelds by importing user names from a
list. The handhelds will be set up using the current global policies
and software package. To set up multiple handhelds:
1.
Right-click the Users folder in the Good Management Console.
2.
From the drop-down menu, click Import....

An Open window is displayed.
3.
Select or enter the name of a .csv file containing a list of the

handheld users to be added. The list should be in the following
format. .
All parameters must be listed in the header, but the following
fields can be left blank for imported users when OTA Setup=Yes:
Serial Number, Handheld ID, Network ID, Phone Number,
Handheld Type.
Display Name,Alias Name,Serial No,Server
Name,Handheld ID,Network ID,Phone,Handheld
Type,OTA Setup,
UserDisplay,UserAlias,SN,GL_Server name,Handheld
ID,Network ID,Phone,Handheld Type,no,
72
UserDisplay,UserAlias,,,,,,,yes,
UserDisplay,UserAlias,SN,GL_Server name,Handheld
ID,Network ID,Phone,Handheld Type,no,
...
Required fields (the rest can be left blank):

UserDisplay is the display name of the handheld user. If the
display name has a comma in it, the name should be enclosed in
quotation marks. If no display name is defined, the comma alone
is included in the line.
UserAlias is the mail file name (alias) of the handheld user
GL_Server name is the name of the Good Messaging Server that is to
manage synchronization for the user/handheld.
OTA Setup is Yes.
You can add a # to the beginning of a line to enter a comment line.
Use the Export function on your Good Management Console to
generate a sample based on your current Good Messaging setup.
You can use Export or Export Statistics files as Import files.
Note: Earlier Good Management Console versions may not have
exports all required columns. If you want to use export files from
an earlier version, confirm that all columns shown above are
present. Edit the files to add missing columns if necessary.
4.
Click Open.
Handhelds for the users listed in the file are added to the Good
Messaging Server. The Good Messaging Server specified for each
user will manage synchronization with Domino for the users
handheld when the handheld is set up for use.
If there is an error in user name or Good Messaging Server name, the
error is logged in the applications portion of the Windows Event
Viewer.
73
The Good Management Console now sets up the handhelds for the
listed users wirelessly, as described in OTA Setup Process on
page 69.
Adding Custom Software (OTA)

To add or delete custom applications (Custom) to/from the
software package for a specific Good Messaging Server, refer to
Adding and Deleting Custom Applications from the Software
Package on page 141.

Depending on the type of networking supported by a handheld,
Good Messaging can use either a standard mobile phone network
(such as GPRS) or Wi-Fi to access the corporate network, synchronize
mail, and more. While standard mobile phone networks have broad
availability, Wi-Fi supports much higher data transfer rates.
For devices that support both standard and Wi-Fi connections:
Good Messaging stays connected when the user moves from a

standard connection to a Wi-Fi connection.
Some handhelds automatically switch between Wi-Fi and

standard connections which can impact connection speed and
battery life.
The user may not be able to connect using Wi-Fi if:
The corporate network doesnt allow users to connect to the

Internet via Wi-Fi.
The corporate network does not allow UDP connections to the

Internet.
The access point to the corporate network requires a VPN or other

types of filtering.
74
Note: If the Wi-Fi connection cannot be activated, the user may need
to turn off the Wi-Fi radio on the handheld and reconnect using a
standard mobile phone network.
For more information, review the Wi-Fi documentation included
with the handheld.
75
76
6 Managing the
Handhelds
Once the handheld is activated and in use, you may need to perform
the following tasks:
Updating handheld software wirelessly

Limiting access to Good Management Console facilities (RoleBased Administration)
Viewing current handheld operational status

Removing a handheld from Good Messaging Server
Transferring a handheld to a new user
Viewing, exporting, and clearing handheld statistics
Generating a list of users, serial numbers, and their Good
Messaging Servers
Changing a users name, Domino Server, or handheld

Performing Domino server maintenance
Changing user policies
Changing client software policies
Adding and deleting handheld software
Regenerating an encryption key
Clearing (removing all user data from) the handheld
77
Use the Good Management Console in the following procedures. Log

on with a Windows Domain Administrator account.
Limit access to Good Management Console facilities by using the
procedure described in Maintaining Role Based Administration on
page 88.
Updating Handheld Software Wirelessly

You can update the Good Messaging software package wirelessly for
an individual handheld or the default package for the handhelds of a
given type (that support wireless update) on a specific Good
Messaging Server.
This section describes how to:
Upgrade a handhelds Good Messaging software wirelessly

Change the reminder schedule for the handheld
Change which applications must be installed by the user upon
setup or update (mandatory install)
Customize the initial email message for setup that is sent to the
user
To update software and policies for all handhelds on a server
simultaneously, refer to Changing the Good Messaging OTA Setup
Software Package on page 137.
To update applications and/or change software policies on a
handheld:
1.
Select Users in the Good Management Console tree.
2.
In the right pane, right-click on the user whose handheld is to be

upgraded. Select Distribute Software.
78
A Distribute Software screen for the selected user is displayed.
79
Applications in the Servers software package are divided into

three categories: Good applications are developed and distributed
by Good Technology. Good Partners applications are applications
available on a complimentary or trial basis from Good
Technologys alliance partners. Custom applications are
applications that customers own or license from others.
Applications in the first two categories are included with the
product and cannot be deleted from the package by the customer.
They are added, removed, or updated on your Console remotely
by Good Technology. You can add and delete Custom
applications, as described in Adding and Deleting Custom
Applications from the Software Package on page 141.
Explanations of the status of applications, as listed in the Status
column in the preview window and using the Status Details
button, are provided in Preview of Enabled Applications Status
on page 81 and Enabled Applications Status Details on page 82.
3.
For Good and partner applications, check the latest version in the
list to enable it and disable older versions in the package.
4.
To set or modify the default reminder schedule employed on the

users handheld for wireless software installation and upgrades,
click the Reminders button.
(Good Messaging, Good Partners, or Custom).
A Reminders dialog is displayed.
80
5.
Set the reminder policy and mandatory checkbox as desired. Click

OK.
background (during off hours for global changes, staggered from
8 P.M. to 2 A.M. for more than 5 users) without previous
notification to the user. If the user declines to install the software
when reminded, the installation is forced after the specified
number of reminders is completed.
for mandatory installation is Good Technology applications.
6.
To override the handheld reminder policy and mandatory

designations set in the previous step, for a particular application,
select the application and click the Options button. In the window
that opens, adjust the settings for the application.
Use the Options button also to cause a particular partner or
custom application to be launched when it is downloaded.
7.
8.
Click OK to close the Distribute Software window.
The handheld user is notified of changes to the package, with

instructions on how to download and install updated applications
wirelessly on the handhelds. Any software policy changes are
employed.
Applications that have been deleted from the software package by
Good Technology are not deleted from the handheld if it has
previously been installed.
Preview of Enabled Applications Status

The preview list of enabled applications displays information about
software policies that are enabled for the selected user and specific
81
handheld family. The status column in this view provides a general

summary of the state of the application policy at the present time for
the users handheld. Each status includes several possible states, with
details available by selecting the state and selecting Status Details.
Following are possible values for those states:
Blank Status - The policy is in the process of being enabled and

will be committed when the OK button is selected.
Not Applied - The policy has been set but has not been applied to
the users handheld because the user has not yet completed
provisioning of the Good Messaging software on the handheld or
has not yet upgraded to 4.0 or higher.
In Progress - The policy has been received by the handheld and is

being processed by it.
Waiting on User - The policy has been received by the handheld

but is waiting for the user to take some action (e.g., freeing up
memory or pressing Install).
Success - The policy has been applied to the handheld.

Failed - There was an error which prevented processing of the
policy by the handheld.
Enabled Applications Status Details

More detailed information about an application status can be
displayed by selecting the policy and clicking the Status Details
button. Each general status summary can have several different
detailed statuses. Policy status is always time-stamped with the
change to the current state. Following are possible detailed statuses,
grouped by general status:
Not Applied
User not connected - The user has not connected to the Good
Messaging Server by setting up a handheld with the Good
Messaging software.
82
User has not upgraded Good Messaging Software to 4.0 (or

higher) version - The user needs to upgrade his/her handheld to
Good Messaging Software version 4.0 (or higher).
In Progress
Pending notification to handheld - The policy is waiting for the

Good Messaging Server to process the policy and notify the
handheld.
Notified handheld. Pending response from handheld. - Good

Messaging Server has notified the handheld of the policy and is
waiting for status update responses from the handheld.
Download in progress - The handheld is currently downloading

the application from Goods operation center.
File verification in progress - The handheld is verifying the

integrity of the downloaded application.
Install in progress - The handheld is currently installing the

application on the handheld.
Scheduled for download - The policy is scheduled for download

by the handheld at a later time. Policies that are globally applied
have this status.
Waiting on User
Waiting for user to download or accept policy - The policy has

been received by the handheld and the handheld is waiting for the
user to choose to download or accept the policy. Policies that are
Optional will have this state.
Download deferred - The user has deferred the application

download.
Waiting for user to install - The application has been downloaded

and is ready to be installed. The handheld is waiting for the user
to install the application.
Install deferred - The application has been downloaded and is

ready to be installed. The user has deferred installation.
83
Waiting for user to free memory - The user needs to free up

memory on the handheld for the policy to continue to be
processed.
Failed
Codesign verification failure - A problem occurred during the

verification of the application that was signed by a Good
Technology or a Good Technology Alliance partner.
Decryption failure - A problem occurred trying to decrypt the

downloaded application.
Insufficient handheld disk space - The handheld does not have

enough space to process the application policy.
Download failure - A problem occurred when attempting to

download the application from the Good Webstore.
Install failure - A problem occurred when attempting to install

the downloaded application.
Insufficient handheld memory - The handheld does not have

enough memory to process the application policy.
User cancelled - The user cancelled the processing of the policy.

File not found in Webstore - The policy being processed could
not be found on the Good Webstore.
Webstore determined that this application policy is

incompatible for the user's handheld type - The Good Webstore
prevented the download of the application because the
application is incompatible with the users handheld type.
Generating New User PINs

To set up a handheld for the first time wirelessly, users require a PIN
created by Good Messaging and provided to the users via email. You
can set a policy to cause this PIN to expire if it is not used within a
period of time that you specify, and to prevent reuse of the PIN once a
handheld has been set up successfully. Refer to Changing Global
84
User Policies on page 117 and Changing Individual User Policies

on page 135 for details.
To generate a new PIN for a user, follow this procedure:
1.
In the Good Management Console list of users, select the users for
whom new PINs are to be created.
2.
From the right-click menu, select Regenerate OTA PIN.

If the menu item is grayed out for a user, either the user is not
OTA-enabled or the user logged into the Management Console
does not have the Add User for OTA Setup or View User OTA
Setup PIN role rights.
The new PINs are generated. A prompt is displayed which gives you
the option of sending the new PINs to the users via email; the default
is not to send the email. To send the email at a later time, select
Resend OTA email from the menu.
Customizing the OTA Setup Email Message

You can edit the template for the OTA Setup email message that is
sent to users. This message provides information about the wireless
setup process, together with the PIN they will use when
downloading the software and the URL of the download site.
The OTA Setup email template is an XML file that is installed by
GMS in a location similar to the following:
c:\Program Files\Good Technology\Good Management
Server\etc\confs\otap_useremail_template.xml
This filepath is stored in a string value 'AirSetupEmailTemplateFile'

on the Good Management Server machine under the following
registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GoodLinkManagement\parameters
If this registry key is not present, GMS defaults to:

85
c:\Program Files\Good Technology\Good Management

Server\etc\confs\otap_useremail_template.xml
The following shows the skeleton of the

otap_useremail_template.xml file (using sample text; the text in your
product may be different):
<?xml version="1.0" encoding="utf-8"?>
<template>
<templateattributes type="text">
</templateattributes>
<subject>
Welcome to Good Messaging
</subject>
<body><![CDATA[
Your handheld has been activated for Good
Messaging. With Good Messaging, you can
wirelessly stay up to date
with all of Lotus Notes - email, contacts,
calendar, to do, and journal!
Login Information
-------------------------Email Address: ##PR_GOOD_MAIL_SMTP##
PIN: ##PR_GOOD_OTA_PROV_PWD##
..
1) Use the browser on your handheld to
download OTA Setup from ##GoodLinkStubUrlRoot##.
]]></body>
</template>
The text between <subject> and </subject> is the email subject. The
text between <body><![CDATA[ and ]]></body> forms the email
body. All the information in these sections is text and does not have
any formatting. The property enclosed in double ## is substituted by
Good Management Server when the email message is ready to be
sent out.
86
The following properties are currently supported:

##PR_GOOD_MAIL_SMTP##
- User's SMTP email address
##PR_GOOD_OTA_PROV_PWD## - Users PIN formatted in a

readable form
##GoodLinkStubUrlRoot##
- The website URL from which

OTA Setup files can be downloaded. This defaults to
https://get.good.com
##OTAPIN_EXPIRE_TIME_STR_LOCAL## - Time and date when

PIN expires
These properties can appear any number of times anywhere in the

subject or email body.
Steps to customize the Email template

Follow these steps on the Good Management Server machine:
1.
Create a directory outside C:\Program Files\Good Technology

(for example, C:\GoodCustom). Do this because during a Good
Management Server upgrade/uninstall, your customization file
will be overwritten by the Good Management Server installer.
2.
Copy the C:\Program Files\Good Technology\Good

Management Server\etc\confs\otap_useremail_template.xml file
to C:\GoodCustom.
3.
Use a text editor such as Notepad and load C:\GoodCustom\

otap_useremail_template.xml.
4.
Customize the text between the XML tags <subject> and </
subject>, and between <body><![CDATA[ and ]]></body>
5.
Save the file in Notepad and exit Notepad.
6.
Verify the XML syntax by loading the file into Internet Explorer
(File->Open->Browse and open the
C:\GoodCustom\otap_useremail_template.xml file.) If there are
any syntax errors, correct them. Otherwise exit from Internet
Explorer.
87
7.
Run REGEDIT and go to the following reg key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GoodLinkManagement\parameters
If the 'AirSetupEmailTemplateFile' key is present, update its value

to C:\GoodCustom\otap_useremail_template.xml.
If this registry key is not present, create a string key and assign the
value.
8.
Restart the 'Good Management Server' Service.
9.
Create a dummy OTA user and check the email to verify

everything is OK.
Note: If you uninstall Good Management Server and reinstall it,

perform steps 7-9. If you upgrade Good Management Server, no
action is required.

Role-based administration is an optional feature.
You use Good Management Console to manage the Good Messaging
handhelds and servers. You can control and limit the tasks performed
by an individual or group using Good Management Console. For
example, you can configure the console so that some individuals and
groups can use it only to set up handhelds and not to add or remove
users from Good Messaging Servers. To do so, youll create roles for
different users and groups of users for Good Management Console.
Roles for service administrator, administrator, and helpdesk are
packaged with the console.
Roles that you create using a Good Management Console apply to all
consoles that connect to the same Good Management Server.
To create the roles and limit access to Good Management Console
features, perform the following steps:
1.
88
Run the Good Management Console.

2.
In the console tree, select Roles.
A list of all currently defined roles is displayed.

Default Roles
Service
Administrator
Administrator
Help Desk
Default Rights
All rights: Add user for OTA Setup, Delete user,
Erase handheld data, View user OTA setup PIN,
handheld data, View user OTA setup PIN,
handheld data
* Manage Good Messaging Server: Clear Server statistics using the Console;
display Server license key in Server Properties window; Upload custom software;
Configure OTA Setup software download
3.
From the Action menu, select New Role.

(The right-click New Window From Here option is not
supported.)
89
A blank Role window opens.
4.
90
At the General tab, enter a name for the new role. Under Notes,
describe the purpose of the role. For example, if the role is to
provide the IT administrator with full rights for use of the console,
you might name the role Good Admin and in Notes type This
role grants full console rights to the IT administrator.
5.
At the Rights tab, click on Administrator to give this role full

rights in the console. Click on Custom and click on individual
rights to limit this roles use of the console.
6.
Click on Members to add or delete users or groups from the

Access Control List for the role.
7.
To remove a user or group from the access list for this role, select
the user or group in the list and click Remove.
91
8.
To add a user or group to the access list for this role, click Add. A
list of users and groups is displayed.
Select the domain containing the user or group you want to add.
To display the members of a group, select it and click Members (in
this window, you can add members to or delete member from a
group). To search for a user or group by name, click Search.
Removing a Handheld from Good

Messaging Server
You would remove a handheld from Good Messaging Server and
then add it again when an owners email address changes. Removing
a handheld from Good Messaging Server does not clear user data
from the handheld. Before assigning a handheld to a different user,
you can clear it as described in Erasing and Disabling a Handheld
Wirelessly on page 143.
92
To remove a handheld from Good Messaging Server:

1.
In Good Management Console, click the Users folder in the Tree

view. The contents of the Users folder are displayed.
2.
Right-click on the user to be deleted and from the drop-down

menu, select Delete. You will be warned that the handheld will be
disabled and removed from the network, and that you will have
to set it up before it can be used again. Click Yes to remove the
handheld.
3.
To remove more than one user at a time, select multiple users from
the list and from the right-click drop-down menu select Delete.
You will be prompted once to confirm the multiple deletions.
Important: You must remove a user from Good Messaging Server

using Good Management Console before the user is disabled,
expired, or removed from Active Directory and/or the Global
Address List. If a user is not removed from Good Management
Console and the users mail file still exists, messages can still be sent
to and from the handheld.
If a user is deleted from the Domino directory, the Good Messaging
directory cache is refreshed automatically (provided the replication
connection document is set up correctly between the Domino server
on which Good Messaging runs and any main/HUB server), and the
users will be automatically deleted from the Good Messaging system.

To transfer a handheld to a new user:
Retrieve the handheld from the former user.

Clear the handheld as described in Erasing and Disabling a
Handheld Wirelessly on page 143.
Remove the handheld from Good Messaging Server, as described

in Removing a Handheld from Good Messaging Server on
page 92.
93
For the new user:
Prepare the handheld as described in Preparing New

Handhelds on page 63.
Checking Handheld Status

You can use the Good Monitoring Portal and Good Management
Console to monitor handheld connection status to the Good
Messaging Server and to run diagnostic tests on the user mailbox.
Using the Good Monitoring Portal Dashboard

To quickly list and check the connection status of user handhelds, log
in to the Good Monitoring Portal at http://www.good.com/gmp.
When you log in, the GMP home page is displayed.
If the Good Server you are interested in isnt displayed in the

dashboard, refer to Adding a Server to the Dashboard on page 155.
94
The dashboard displays the number of users/handhelds currently

added to the Server. To display a list of the users, together with
information about their handhelds, click on the value displayed in
the Users column.
A user list with the following information for the user handheld is
displayed:
Connection status - In Coverage, Idle Coverage, Marginal

Coverage, Out of Coverage.
Email address
Handheld type
Serial number
Man/Phone number
Carrier
Search the list using the search bar at the top of the list. Sort the list by
clicking on the column headings. Export the list to a text file using the
button at the bottom of the page.
95
Checking Connection Status

To check a handhelds connection status to its Good Messaging
Server from the Console:
1.
In the list of handheld users in the Console, right-click on the mail

file with the handheld status to be displayed. From the dropdown menu select Properties....
2.
A Properties window for the handheld is displayed.
3.
Click the Sync Details tab.
96
Information about the handheld/Good Messaging Server

connection is displayed.
The Service Details tab provides additional information.
97
Flow Control Status: Flow Control is a process used by Good

Messaging Server to adjust data flow to the device, to ensure that
the device can handle the amount of incoming traffic. Flow
Control may be used when the device is not able to handle the
incoming flow of messages/data all at once, such as when a user
is out of data coverage or in slow or marginal coverage for a long
time. If a users status is Yes for Flow Controlled, the Good
Messaging Server is holding off outgoing traffic until the device
has caught up. All messages will then be delivered to the
handheld.
Paused state: The Good Messaging Server can pause a handheld
for a variety of reasons. This is normally a temporary condition
that arises when the Server is having trouble communicating with
the handheld user's mail file. When a handheld is Paused, it will
not receive incoming data. Pause intervals can be anywhere from
5 to 60 minutes depending upon the situation. After the first Pause
interval, the Good Messaging Server will re-attempt
communication. If the situation persists, it will pause the
handheld for another 5 to 60 minutes, and continue the pauses
until the situation is resolved. Then the handheld's incoming data
should flow with no messages lost. For detailed information, go to
http://www.good.com/faq/17221.html.
Not Connected: For each handheld, there are two Good
Messaging Server connection states ("Connected" or "Not
Connected") for each service type:
Admin (Overall Service)

Attachments (Email Attachments)
Calendar
Contacts
Email
PAB (Public Address Book)
Journal
Public Folders (Public Contacts Folders)
98
Viewing, Exporting, and Clearing Handheld Statistics
To Do
Connected - A user's Service Type will show as "Connected" if:
The user is Good Messaging-enabled for this service type.

The user is provisioned for this service type.
Not Connected - A user's service type will show as "Not
Connected" if:
The user is not Good Messaging-enabled for this service type.

The user is not set up for this service type.
For detailed information, go to http://www.good.com/faq/
17222.html.
Viewing, Exporting, and Clearing

Handheld Statistics
Use Good Management Console to view, write to a file (export), and
optionally clear a handhelds dynamic statistics. You might clear
statistics at the end of an administrative reporting period, for
example.
You can also export a list of users and their handheld statistics to a
file, for recovery or audit purposes. This section explains how to
export statistics using the Console. To export a simple list, refer to
Generating (Exporting) a List of Users on page 108. To export a list
with statistics for each user using a command-line utility, refer to
gmexportstats on page 104.
To view handheld statistics:
1.
In the list of handheld users in the console, right-click on the mail

file with the handheld statistics to be displayed. From the dropdown menu select Properties....
99
2.
3.
Click the Statistics tab.

A Statistics screen is displayed.
100
Values for the following statistics are displayed.
Total messages sent to and received from the handheld by

Good Messaging Server (messages can be any type, including
control)
Date of last messages sent to and received from the handheld

by Good Messaging Server (messages can be any type,
including control)
Total Email, Calendar, Contacts (Address Book), Journal, and

To Do messages sent to and received from the handheld by
control)
Date of last Email, Calendar, Contacts (Address Book), Journal,

and To Do messages sent to and received from the handheld by
control)
Total filtered (blocked) email for the handheld

Note that all statistics are accumulated by the server.
Since messages can be sent in batches, undisplayed messages (e.g.,
Mark Read) and control messages between handheld and server
are included in the statistics, these totals are useful mostly to
determine general activity levels.
4.
Click the Refresh button to update the list. Click Clear Stats to
return all cumulative values to zero or to default. Click Save to
write the statistics to a file.
To view a handhelds static properties:

1.
In the list of handheld users in the console, right-click on the mail

file with the handheld properties to be displayed. From the dropdown menu select Properties....
2.
Click the Details tab.
101
User Details window is displayed.
Note that for OTA PIN State, the following values are possible:
State
Valid
Expired
Description
PIN is valid and can be used.
PIN has expired. IT must generate a new PIN for any
new OTA setup.
Reuse exceeded At least one OTA setup has taken place on the handheld.
The PIN cannot be reused until it has been regenerated.
(Applicable if the Disallow PIN after first-time use
checkbox is checked on the OTA PIN policy tab.)
Expired and
The PIN has expired. The PIN cannot be reused until it
reuse exceeded has been regenerated.
Refer to Changing Global User Policies on page 117 for more on

PIN expiration and reuse.
You can generate a file containing all of the handheld statistics of all
of the users listed in the Good Management Console.
To generate the file:
1.
102
2.
From the drop-down menu select Export Statistics.

A Save As window is displayed.
3.
Select or enter the name of the file that will contain the list of
users.
4.
Click Save.
A csv file will be generated containing a list with the following
header, followed by data in order for each user:
Display Name,Short Name,Serial No,Server
Type,OTA,Good Messaging Client Version,Last message received,Last message sent,Email messages
sent,Email messages received,Last email message
received,Last email message sent,Filtered
email,Calendar messages sent,Calendar messages
received,Last Calendar message received,Last Calendar message sent,Address Book messages
sent,Address Book messages received,Last Address
Book message received,Last Address Book message
sent,Note messages sent,Note messages
received,Last Note message received,Last Note message sent,Task messages sent,Task messages
received,Last Task message received,Last Task mes-
103
sage sent,Messages sent,Messages received,Policy

inheritance,Handheld Policy State,Handheld
MAN#,DN,Domino Server,Domino Server Version,Good
Mobile Messaging Server Version,Handheld OS Version,Handheld ROM Version,Network Name,Firmware
Version,Good Messaging Enabled Time,Good Messaging
Provisioned Time,Provisioning state,OTA PIN
State,OTA Expire Time,Compliance Rule Error,Compliance Rule ErrorMsg
You can use this file later if necessary to import users.

Note that ROM version is exported as a number. For more
information on the ROM and handheld, refer to Supported
Devices in the Good Online Portal (Using the Good Monitoring
Portal Dashboard on page 94).

gmexportstats
You can export handheld user and server information to a file in CSV
format using the command-line utility gmexportstats, installed
with Good Messaging, for backup and audit use. You can use
Windows Scheduler to run the utility on an automated basis. You can
export the following information:
User statistics
User software policy settings and status
Server software policy settings
To export user or server information to a file:
1.
Open a command shell (CMD.EXE) on a Good Management

Server or Good Management Console host.
2.
Go to the Good Management Server or Good Management

Console installation directory.
3.
Run gmexportstats using the following syntax:
104
gmexportstats -gms hostname -file filepath

-autogenerate yes|no -clearstat yes|no [-exporttype type] [-gls Good Messaging Server name]
hostname is the required hostname (NetBIOS or fully qualified

domain name) of the Good Management Server. If the Server is
local, you can specify "" or the name.
filepath is the required full file path where the statistics file is to
created. If the file exists, it will be overwritten. If the autogenerate
parameter is no, a filename must be included in the path; if
autogenerate is yes, the path must not include a filename.
If the required -autogenerate value is specified as yes, a file is
created in the directory specified by filepath. The filename format
is 'YYYY-MM-DD.hh-mm-ss-mmmm.csv' and is based on local
time. If the autogenerate value is no, the filename that you
provide in filepath is used.
If the -clearstat value is specified as yes, the user statistics
counters will be reset after exporting. This parameter is required if
exporttype is specified as userstats. Otherwise, it is ignored.
Possible values for the optional exporttype parameter:
userstats - Exports user statistics.
usersoftware - Exports user software data.
serversoftware - Exports server data.
Good Messaging Server name: For exporttype usersoftware, this
optional parameter filters users only on the Good Messaging
Server specified.
Errors are logged with an .ERR extension in the directory where
the CSV file is created.
Column output:
userstats
Type,OTA Setup,Good Messaging Client Version,Last
message received,Last message sent,Email messages
sent,Email messages received,Last email message
105
received,Last email message sent,Filtered

email,Calendar messages sent,Calendar messages
received,Last Calendar message received,Last Calendar message sent,Address Book messages
sent,Address Book messages received,Last Address
Book message received,Last Address Book message
sent,Note messages sent,Note messages
received,Last Note message received,Last Note message sent,Task messages sent,Task messages
received,Last Task message received,Last Task message sent,Messages sent,Messages received,Policy
inheritance,Handheld Policy State,Handheld
MAN#,DN,Domino Server,Domino Server Version,Good
Messaging Server Version,Handheld OS Version,Handheld ROM Version,Network Name,Firmware Version,Good Messaging Enabled Time,Good Messaging
Provisioned Time,Provisioning state,OTA PIN
State,OTA Expire Time
usersoftware
Server Name,CurGLSServerVersion,Display Name,Short
Name,Serial No,Handheld Type,Handheld Type Family,Policy inheritance,Type,Enabled,Handheld Family,Application ID,GUID,Application
Name,Version,Status Time,Status,Low Level Error,
Message,Software Notes,Installation Mandatory,Launch After Download
serversoftware
Server Name,CurGLSServerVersion,Installed on
machine,Type,Enabled,Handheld Family,Application
ID,GUID,Application Name,Version,Description,Software Notes,Installation Mandatory,Launch After
Download,Display Reminder to User
Examples:
gmexportstats -gms "" -autogenerate no -file
c:\temp\export.csv -clearstat no
106
Exports user statistics to the file named export.csv using the local
Good Management Server. The user statistics are not cleared
during the export.
gmexportstats -gms localhost -autogenerate no file "C:\Statistics\GLS01 Users\userstats.csv" clearstat no
Exports user statistics to the file named userstats.csv using the

Good Management Server on the local host. The filename path is
quoted because it includes a space in the full file path. The user
statistics are not cleared during the export.
gmexportstats -gms GLS01 -autogenerate yes -file
c:\temp -clearstat yes
Exports user statistics to the directory C:\temp with an

automatically generated name using the Good Management
Server located on machine GLS01. The user statistics are cleared
during the export.
gmexportstats -gms GLS01 -file "C:\SWSettings\GLS01 Software\GLS01.serversoftware.csv" exporttype serversoftware
Exports the server software policy settings to the file named

GLS01.serversoftware.csv using the Good Management Server
located on machine GLS01.
gmexportstats -gms GLS01 -autogenerate yes -file
"C:\SWSettings\GLS01 Software\UserStates" -exporttype usersoftware -gls GLS01
Exports the user software policy settings and status to the

directory C:\SWSettings\GLS01 Software\UserStates with an
automatically generated name using the Good Management
Server located on machine GLS01. Filter only users who are set
up on the Good Messaging Server named GLS01.
107
Generating (Exporting) a List of Users

You can generate a file containing a list of all the handheld users in
the Domino site, together with their handheld serial numbers and the
name of the Good Messaging Server to which each handheld has
been added.
You can use this file with the Import command to add users to a
Good Messaging Server later. The file is also Excel-friendly.
To generate the file:
1.
2.
From the drop-down menu select Export....

A Save As window is displayed.
3.
Select or enter the name of the file that will contain the list of
users.
4.
Click Save.
A file will be generated containing a list in the following format:
108
Changing a Users Good Messaging Server, Domino Server, or User Name
Type,OTA,Good Mobile Intranet Server

UserDisplay,UserShortName,SN,GL_Server name,Handheld ID,Network ID,Phone,Handheld Type,Phone,Good
Intranet
Intranet
Intranet
...
UserDisplay is the display name of the handheld user. If the

display name has a comma in it, the name will be enclosed in
quotation marks. If no display name is defined, the comma alone
is included in the line.
UserShortName is the mail file name (short name) of the handheld
user
SN is the electronic serial number of the handheld.
GL_Server name is the name of the Good Messaging Server that is to
manage synchronization for the user/handheld.
Handheld ID is a value filled in during the setup process and used
by the Operations Center.
Network ID is a value filled in during the setup process and used
by the Operations Center.
Phone is the handhelds phone number.
Handheld Type is Treo, PPC.
You can add a # to the beginning of a line to enter a comment line.
Changing a Users Good Messaging

Server, Domino Server, or User Name
A users email name, short name, or address may change. In
addition, the users mail file may move to a different Domino server,
within the current Domino site or outside of it. Finally, you might
109
need to assign the handheld to a different Good Messaging Server.

The following sections describe how to manage these changes.
Changing a Users Display Name, Short Name, or Email

Address
If the display name for a mail file is changed in Domino, you do not
need to update Good Messaging Server to reflect the change. Good
Messaging Server will update automatically.
Set up replication connection documents to reflect any directory
changes to the Domino Server on which Good Messaging runs.
Replication frequency will determine when the changes will be
reflected in Good Messaging.
If a user mail file is deleted and recreated, remove the handheld from
Good Messaging Server, stop and restart the Server, and set up the
handheld again.
Moving a Handheld User to a Different Domino Server

If a user mail file is moved to a different Domino server within the
same Domino domain, no changes are necessary to maintain
handheld synchronization.
If a user mail file is moved to a Domino server in a different Domino
domain, create the necessary cross certifications between the Domino
server on the Good Messaging host and the Domino server in the
different domain.
In both the cases, necessary replication connection documents with
scheduled replication (between the Domino server on which Good
Messaging runs and your main/HUB Domino server) must exist.
Good Messaging Server looks into the local Domino directory. Until
the changes are replicated to the Domino server on which Good
Messaging runs, the Good Messaging Server uses the outdated
110
Moving the Good Messaging Database
information. This might result in errors and new messages may not
be delivered to the users device.
Moving a Handheld to a Different Good Messaging Server

To change the Good Messaging Server that will manage a handheld,
you will need to remove the handheld from the current Good
Messaging Server as described in Removing a Handheld from Good
Messaging Server on page 92 and set it up again with the new Good
Messaging Server as described in Preparing New Handhelds on
page 63.
Exchanging a Users Handheld

To provide a user with a handheld previously assigned to a different
user, follow the procedure described in Transferring a Handheld to
a New User on page 93.

When your first Good Messaging Server is installed, an SQL database
is installed with it. You can later move this SQL database to a
different machine. In addition, if you move the Good Messaging
Server, youll need to move the SQL database along with it. If you
have additional Good Messaging Servers, theyll be using that same
database. You can move those Servers without moving the database.
To move the SQL database:
1.
Stop the Good Messaging Server and Good Management Server

by issuing "tell goodlink quit" on the Domino console. Confirm
that the "Good Messaging Server" and "Good Management
Server" windows services have been stopped.
2.
Open the SQL Management Studio: Start > Programs > Microsoft
SQL Server 2005 > SQL Server Management Studio Express.
111
3.
In the Connect to Server login dialog, select

<YOUR_MACHINE>\GOODLINK as the Server Name and
choose Authentication as Windows Authentication.
112
4.
In the Object Explorer pane, expand the Databases node, rightclick goodlinkdb, select Tasks, and then Detach.
113
5.
After selecting 'Detach, select Drop Connections and click OK.
6.
Copy goodlinkdb.mdf and goodlinkdb_log.LDF from

Program Files\Good Technology\GoodLink
Server\database\data\MSSQL.1\MSSQL\Data"
7.
Attach goodlinkdb.mdf (including the goodlinkdb_log.LDF) to

your production SQL Server.
NOTE: Moving to SQL Server 2005 and higher versions is
supported. SQL Server 2000 is NOT supported.
8.
Once the database is attached to the production SQL Server, create

a user/login with db_owner privileges on goodlinkdb (preferably
with goodadmin as the name). Test the login to ensure that it
works correctly.
9.
On the Good Messaging Server, using the command prompt to

navigate to \Program Files\Good Technology\GoodLink
Server\bin.
114
10. Type:
testgmsdblib -p new_account_password
new_account_password is the password given to the new account

created in the SQL Server login.
11. The
program should return the encoded password as shown

below. Copy the encoded password.
12. On
the Good Messaging Server, using regedit navigate to
[HKEY_LOCAL_MACHINE\SOFTWARE\Good Technology\GoodLink Database]
a.
Change the value of "User" (String Value) to the account name

created in step 8.
b.
Add a new String Value named "Password", and set its value to
the encoded password from step 10.
c.
Change the host name field to the hostname or IP where the

SQL 2005 server is installed.
115
13. On
the Good Messaging Server, using the command prompt

navigate to
\Program Files\Good Technology\GoodLink
Server\bin.
14. Type:
testgmsdblib -c test
This should test the database connectivity and report any errors. If
the database connectivity is verified, the message "Status:
Connected to Good database" will be printed.
15. Once
the database connectivity is verified, start the Good

Messaging Server by issuing "load goodlink" on the Domino
Server console.
Once you have migrated the database, you can uninstall SQL Express
on the original machine if desired. From the Add Remove Programs
applet, uninstall Microsoft SQL Server 2005 first; this will uninstall all
the database components except the Microsoft SQL Server Native
Client (there is no harm in leaving this component on the machine).
You can uninstall or leave Microsoft .NET Framework 2.0 on the
machine; if the framework is to be uninstalled, it should be
uninstalled after all the SQL server components are uninstalled.
116
Changing Global User Policies

You can change the global default Good Messaging handheld policy
settings. There are policy settings available in the following
categories:
Handheld password
Optional handheld applications
Synchronization control
OTA PIN reuse and expiration
Compliance management (application control) on user handhelds
(available as an extension to Good Management Console)
Note: The console screens in this section include a Compliance Rules
tab. This tab is present only when the Good Messaging Compliance
Manager extension has been activated.
When you first set up a handheld, it will inherit these global default
settings automatically unless you specify different settings for the
handheld during setup. If you later change the global settings, you
are given the choice of applying your changes to all existing
handhelds that are currently configured to use the global settings, or
only to handhelds set up after the change is made.
To apply and enable password and application policy changes to
existing handhelds, you use a wireless OTA method. Wireless policy
changes take effect immediately.
Changes to synchronization control take place immediately. You
dont have to upgrade or reinstall software on the handheld.
To change global settings, perform the following steps.
1.
In Good Management Console, select the Users folder, right-click,

and from the pop-up menu select Global Policy.
117
A Handheld Policy screen is displayed.
2.
To change handheld password policies, click the Password tab.
3.
To require a password on handhelds, click the Require Password

checkbox.
If a password is already set on the handheld, when the handheld
user next starts Good Messaging, a prompt will require that the
password be entered. If restrictions are set on the password (see
below), the current password is checked; if it doesnt meet the new
restrictions, the user is instructed to enter a new password.
If no password is currently set on the handheld, a prompt will
require that the user enter a new password.
Note: For pre-4.0 Client software, once this password setting is
enabled, it is permanent. The password can be changed on the
handheld by the user but not disabled. The policy can only be
changed by setting up the handheld again (installing or
upgrading the Good Messaging software).
118
4.
Set the following for the required password:
Maximum Timeout - Enter the maximum allowed time that the

handheld can remain idle before a password must be entered
to reactivate it. Values range from 1 minute to 1 day. The user
can change the timeout value using the handheld Preferences
application, but only to a value less than the one you choose
here. The factory default is one hour.
Number of Attempts - Number of unsuccessful attempts at

password entry before user data is cleared from the handheld
and it must be set up again. Values range from 3 to 12 attempts.
Default is 10.
Expiration - Causes the password to expire after the selected

number of days (1, 2, 7, 10, 15, 20, 30, 40, 45, 50, 60, Never). The
default is Never. Expiration is calculated from the date the
password is created and saved. This date is not changed by a
policy change. Therefore, imposing or decreasing an expiration
value may cause the password to expire when the device
screen next locks.
Password History - Prevents repetition of a password over the

specified number of times (1 to 8). For example, if 8 is chosen, a
new password must differ from the previous 8 passwords set
on the device. The default is No Restriction (0).
Minimum length - Requires that the password be at least the

length you specify. The default is No Restriction (0).
Restrict repeated characters - Limits the number of times a

character can be used, consecutively or non-consecutively. The
default is No Restriction (0). Applies to Smartphones numeric
password as well as the Treo and PPC alphanumeric
passwords.
Required Format - Constrain the password to a particular

format by choosing the restrictions you want to impose on user
passwords. Defaults: Require both letters and numbers (Treo
and PPC only) (Unchecked); require both upper and lower case
(Treo and PPC only) (Unchecked); minimum length (Not
119
required); do not allow personal information (personal

information includes variations of user name, email address,
and X400 name) (Unchecked); cannot change more than once a
day (Unchecked); do not allow sequential numbers (that is, do
not allow more than two consecutive numbers in a row either
forwards, such as 5-6-7-8, or backwards, such as 9-8-7-6)
(Smartphone) (Unchecked).
5.
Click Apply. Youll be asked whether you want to apply the

changes to all handhelds or just those added later.
6.
To enable/disable optional applications on the handheld, click the

Applications tab.
7.
Enable optional applications on the handheld by clicking

checkboxes for the applications to be enabled.
Defaults: PAB Lookup (on); FIPS (off).
120
If an application is not available for a particular handheld type but

you enable it anyway, the setting is ignored.
8.
Enable FIPS-certified encrypted communications by checking the

Enable FIPS Security Tests checkbox. If this option is selected, the
client-side device cryptographic modules run in a mode that
conforms to the FIPS 140-2 Level 1 standard for Palm, and Pocket
PC devices.
9.
Click Apply. Youll be asked whether you want to apply the

10. To
set handheld synchronization policies, click the Sync Control

tab.
11. Click
checkboxes to enable the following:
Sync Sent Folder - The Sent Items folder is not synchronized by

default. If enabled, only the headers are synced to the
121
handheld. The body of the message is synchronized only if the

user chooses to display it.
Sync headers only or headers and bodies from email filtered to

folders other than the Inbox. If Mail rules are set to filter
messages to a folder other than the Inbox, this feature
determines whether only the header or both the header and
body of the message are synchronized to the handheld.
High Quality Attachment Download - Allows attachments to

load without simplified formatting when a capable viewer is
present on the handheld for the attachment. Specify the
maximum allowed size for high-quality attachments. If an
attachment exceeds this size, the user must choose to view the
attachment as a text file. Size values range from 25 KB to
unlimited. Factory default is 100 KB.
To filter specified types of high-quality attachments, such as
.PRC, .PDB, and .EXE files, so that handhelds cannot download
them (for example, to protect against viruses), enter the file
types to be filtered in the Restrict file extensions field,
separated by semicolons:
PRC;PDB;EXE
The default is an empty field with no filtering.

Note: Checking the Sync checkboxes will increase radio traffic
and decrease battery life for affected handhelds.
122
12. To
set global OTA PIN policies, click the OTA PIN tab.
When you enable a user for OTA, the user is sent an email
containing a PIN to use during wireless handheld setup. You can
set OTA PIN policy such that this PIN will expire after a specified
period of time. You can also prevent the PIN from being reused.
13. To
prevent reuse of the PIN, check the Disallow PIN after firsttime use checkbox.
This setting applies to attempts to set up a handheld that has
already been set up successfully. It does not apply to unsuccessful
setup attempts or to ongoing automatic OTA software updates to
the handheld.
14. To
limit the time that a PIN can be used, from the Expiration
dropdown menu select the length of time after which the PIN will
not work. The default is Never (the PIN never expires). The PIN
can remain effective from one to 60 days, or permanently.
123
The expiration clock starts when a new OTA user is created or

when a new PIN for the user is generated.
To generate a new PIN for one or more users, after their current
PINs have expired, refer to Generating New User PINs on
page 84.
15. Click
Apply. Youll be asked whether you want to apply the

Changes take effect immediately.
16. Click
OK when done.
Using Compliance Management Policies

Compliance management policies cause Good Messaging to check
user handhelds periodically for specified applications. If these
applications are not present, Good Messaging will be disabled on the
handheld.
Note: This feature is available only when the Good Messaging
Compliance Manager extension has been activated.
Activating Compliance Manager
Compliance Manager will appear as an added Compliance Rules
tab in the consoles policies window.
Activation will require:
An activation key, available from your authorized Good

Messaging representative
Set Global Policy rights for the console

Use the following procedure to cause the Compliance Rules tab to be
displayed:
1.
From the Good Management Console drop-down menu, select

Extensions.
124
An activation/deactivation window is displayed.
2.
Click Activate for Compliance Manager.
3.
When prompted, confirm the activation by clicking Yes.
4.
In the window that opens, enter your activation key number.
5.
Click OK to launch the activation.

When feature activation is complete, a console message will be
displayed telling you so.
If this feature has been used previously in the console and then
deactivated, any previous rules are removed.
6.
Restart all Good Messaging Servers to implement activation. You

may want to do this during off-peak hours.
All affected users will be updated.
Setting Compliance Management Policies

To set global compliance management policies:
1.
In Good Management Console, select the Users folder, right-click,

and from the pop-up menu select Global Policy.
A Handheld Policy screen is displayed.
2.
Click the Compliance Rules tab.

Good recommends that you try the following procedure using a
test handheld before implementing the global policy.
125
The Compliance Rules policy page is displayed.
Use this window to specify which applications must be present on

user handhelds.
Note: This feature is not for use with applications specified by the
Distribute Software feature for a Good Messaging Server or for
handheld ROM applications.
3.
From the Handheld Family dropdown, select the handheld family

to be checked for onboard applications.
4.
Application checks occur automatically on a handheld when it is

set up for the first time and whenever Good Messaging starts up
on it. To set up a schedule of additional applications checks on the
handheld, check Interval and specify the amount of time between
these checks.
5.
Some applications may be listed for the selected handheld type by

default.
126
To delete an application from the list, select it and click Remove.

The order that applications appear in this list is the order that
applications will be checked for on the handhelds.
Changes made in this window do not take effect until the OK
button is clicked.
The applications listed in this window for a handheld family are
specified in a rules file for that family. The file is located in the
consoles \etc\confs\rule directory. You can edit the file to specify
more advanced types of checking. Creating and editing rules files
is described in the following section.
6.
To add an application to the list for a handheld type, click Add.

The Add Compliance Rule page is displayed.
7.
Enter a descriptive application name (required). This can be up to

128 characters in length. Note that on some platforms, although
127
128 characters are allowed, fewer characters can be displayed (as

shown in the following screen).
8.
Enter a description of the application and how it will be checked

for (as defined in the following step) (not required). This can be
from 0 to 256 characters in length.
9.
Under Rule Definition, choose the method of checking for the

application.
a.
Click the radio button for Perform Check Using Executable

Name... if you want to enter the name of the application as it
appears on the handheld. This is the default.
For Palm, enter the exact Palm database name of the application (required). Maximum length is 31 characters. Use a thirdparty tool or contact the application manufacturer for information on how to obtain this name.
For PPC and Smartphone, enter the exact executable path or
name (required). Pathnames can begin with %xxx% or \ format. Simple filenames must be at root level on the handheld
(where xxx is PROGRAMFILES, MYDOCUMENTS, or WINDOWS). Maximum length is 256 characters. Use \ in pathnames. Invalid characters: <>:\/\\|?*. Valid characters:
^&@{}[],$=!-#()%.+~_.
b.
128
To check for an application by more advanced methods (for

example, by process name or registry entry), click the Perform
Extensive Checks... radio button. Then click the Import button
and select a rules file (an XML file) to use from the dialog that
is displayed. Click Open. This is an optional method.
Creating rules files and understanding their format is
described in the following section. Default rules files are stored
in the consoles \etc\confs\rule directory, but rules files that
you create should be stored elsewhere, so that they wont be
lost if you uninstall and reinstall the console.
When you select a rules file by clicking Open, the file is
checked to confirm that its XML is correct and that the basic
rules format is correct in it. The file is also checked to confirm
that its size plus the enabled rules file sizes for the handheld
family dont exceed 8KB.
If the file doesnt pass a check, youll be warned and given an
opportunity to edit the file. The warning will remain in place
until youve corrected the file in the window provided, or until
you click the Cancel button.
c.
To display the contents of the rules file that youve selected,

click the View button in the Add Application Rule window. A
window is opened that displays the contents of the rules file.
10. When
finished, click OK to close the Add Compliance Rule

window.
11. Click
OK in the Global Policy window.
You are given the choice of applying your changes to all existing
handhelds that are currently configured to use the global settings,
or only to handhelds set up after the change is made. If you
choose all existing handhelds, a notification is displayed on all
affected handhelds and the rules are enforced at this time.
12. Use
the user Details window to check handheld status.
Compliance rule errors and messages are also written to the

output file produced using Export Statistics.
129
Rule Files for Compliance Policies

To check for a specifically required application on a particular type of
handheld, a rules file is required. Default rules files are stored in the
consoles \etc\confs\rule directory, but rules files that you create
should be stored elsewhere, so that they wont be lost if you uninstall
and reinstall the console.
The following template rule files are included with Good
Management Server in \etc\confs\rule. Several files for specific
popular applications are also included. These files allow you to check
for the presence of applications by filename, process, and/or registry
entries. The files are XML in format.
Template for PPC Handhelds
<!-Sample Rule File for PocketPC Operating System Handhelds
-->
<?xml version="1.0" ?>
- <rules>
- <files>
<file name="" minsize="" maxsize="" version="" />
</files>
- <registries>
<registry path="" key="" type="" value="" />
</registries>
- <processes>
<process name="" />
</processes>
</rules>
where:
filename - The exact executable path or name (required).
Pathnames can begin with %xxx% or \ format. Simple filenames
must be at root level on the handheld. Maximum length is 256
characters. Use \ in pathnames. Invalid characters: <>:\/\\|?*.
Valid characters: ^&@{}[],$=!-#()%.+~_.
130
minsize - Minimum allowable size in bytes for the application

(optional)
maxsize - Maximum allowable size in bytes for the application
(optional)
version - Required application version
registry path - Registry path for the application entry
key - Key value for the application registry entry
type - The word Int or string
value - Type value
process name - Name of the application process (e.g., application
name without the extension)
Example using registries:
<!-Sample Rule File to check for Credant(tm) on
PocketPC Operating System Handhelds
-->
- <rules>
- <registries>
<registry path="HKEY_LOCAL_MACHINE\Software\Credant Technologies" key="Active" type="int"
value="1"/>
</registries>
</rules>
Template for Palm Handhelds

<!-Sample Rule File for Palm Operating System Handhelds
-->
- <rules>
- <dbs>
<db name="" type="" creator="" version="" minsize="" maxsize="" />
</dbs>
</rules>
131
where:
db name - The exact Palm database name of the application
(required). Maximum length is 31 characters. Use a third-party
tool or contact the application manufacturer for information on
how to obtain this name.
type - 4-character value for required application type. Use a thirdparty tool or contact the application manufacturer to obtain.
creator - 4-character value for required application creator. Use a
third-party tool or contact the application manufacturer to obtain.
version - Required application version.
(optional)
(optional)
Example using db name:
- <rules>
- <dbs>
<db name="ShieldLib" type="libr" creator="MGSH" version="" minsize="" maxsize=""/>
</dbs>
</rules>
Template for Smartphone

<!-Sample Rule File for Windows Mobile Smartphones
-->
- <rules>
- <files>
<file name="" minsize="" maxsize="" version=""
/>
</files>
132
- <registries>
<registry path="" key="" type="" value="" />
</registries>
- <processes>
<process name="" />
</processes>
</rules>
where:
filename - The exact executable path or name (required).
Pathnames can begin with %xxx% or \ format. Simple filenames
must be at root level on the handheld. Maximum length is 256
characters. Use \ in pathnames. Invalid characters: <>:\/\\|?*.
Valid characters: ^&@{}[],$=!-#()%.+~_.
(optional)
(optional)
version - Required application version
registry path - Registry path for the application entry
key - Key value for the application registry entry
type - Int (DWORD) or string
value - Type value
process name - Name of the application process (e.g., application
name without the extension)
Template for Symbian Handhelds
Example 1
<?xml version="1.0"?>
<rules lang="en">
<applications>
<application path="\sys\bin\aa.exe"
133
uid="0x12345678" sid="0x0000FFFF"
vid="0x10000000"/>
</applications>
<processes>
<process uid="0x12345678"/>
</processes>
</rules>
Example 2
<?xml version="1.0"?>
<rules lang="en">
<applications>
<application path="\\sys\\bin\\GoodMessaging.exe"
uid="0x10206802" sid="0x10206802"
vid="0x00000000"/>
</applications>
<processes>
<process uid="0x10206802"/>
</processes>
</rules>
Deactivating Compliance Manager

To deactivate Compliance Manager for all Good Messaging Servers,
use the following procedure. For example, you can deactivate
Application Control before uninstalling a Good Management Server
or Good Management Console. Deactivation causes the console to
clean up any rules and default rules files, so that they wont be
encountered by a fresh installation.
1.
From the Good Management Console drop-down menu, select

Extensions.
134
An activation/deactivation window is displayed.
2.
Click Deactivate for Compliance Manager.
3.
Click OK.
When feature deactivation is complete, a console message will be
displayed telling you so.
4.
Restart all Good Messaging Servers to complete deactivation. You

may want to do this during off-peak hours.
All affected users will be updated.

To change policy settings on an individual handheld:
1.
In Good Management Console, select the user whose handheld

policies are to be changed.
2.
Right-click and from the drop-down menu, select Properties.
135
3.
Click the Policy button.
The Compliance Rules tab is displayed only if the associated

extension has been activated, as described in Activating
Compliance Manager on page 124.
4.
The OTA PIN tab is displayed only for OTA-enabled handhelds.

The following settings are possible for the Handheld Policy State
field, found on the General tab page:
Pending to Handheld - Changes have been made to the

handhelds password and/or applications and/or OTA PIN
policies but the handheld has not yet acknowledged the
changes.
Applied to Handheld - Policies are up-to-date on the handheld.

Click Apply to accept the new policies and leave the window
open. Click OK to accept the new policies and close the window.
The new policies are communicated to a 4.x handheld OTA. Pre4.x handhelds are affected by the policy changes when Good
Messaging software is installed for the first time or upgraded.
136
Changing the Good Messaging OTA Setup Software Package
To change user policies, use the procedure described in Changing

Global User Policies on page 117. Warning: Installing for the first
time removes all user data.
Changing the Good Messaging OTA

Setup Software Package
The Good Management Console downloads the Good Messaging
software package that you set up to all handhelds being set up or
updated wirelessly. Each Good Messaging Server uses its own
software package definition. Handhelds are kept updated with
package changes on an ongoing basis.
You can customize the software package in the following ways:
Add and/or delete custom applications

Enable/disable applications by default upon handheld setup or
update (e.g., enable new versions and disable old versions)
Specify the default reminder schedule for handhelds being set up

or updated
Specify which applications must be installed by the user upon

setup or update by default (mandatory applications)
When setting up handhelds, Good Messaging and Good Partner
applications cannot be added to or deleted from the package, but the
default settings can be changed. Good Messaging client-application
and partner updates are posted by Good to your Good Management
Servers automatically. You can add/delete custom applications as
necessary.
Changes to the default software package take effect immediately.
However, downloads to handhelds affected by the change will occur
during off-hours. A user can override this download schedule using
Good Messaging Preferences > Applications on the handheld.
137
Changing Software Package Defaults

You can change the default settings for the following parameters in a
Good Messaging Servers software package:
Which applications are enabled/disabled for wireless setup and

upgrades (to enable new versions of applications and disable old
versions)
The reminder schedule for handhelds being set up or updated

Which applications must be installed by the user upon setup or
update
To edit these settings:
1.
Select Good Messaging Servers in the Good Management

Console tree.
2.
In the right pane, right-click on the Good Messaging Server for the
software package you want to change. From the drop-down
menu, select Distribute Software.
138
The Distribute Software screen for the selected Server is

displayed.
Applications in the package are divided into three categories:

Good Technology (Email, Calendar, etc.), Good Partners (Docs To
Go, etc.), and custom applications. Applications in the first two
categories are included with the product and cannot be deleted
from the package by the customer. They are added, removed, or
updated on your Console remotely by Good Technology. You can
add and delete Custom applications, as described in Adding and
Deleting Custom Applications from the Software Package on
page 141.
139
3.
To enable/disable specific applications by default at installation

or update, use the checkboxes placed next to each application for
this purpose. To update handhelds to a new version of an
application, disable the old version and enable the new version.
4.
To change the reminder schedule employed on user handhelds

for wireless software installation and upgrades, click the
Reminders button.
(Good Messaging, Good Partners, or Custom).
A Handheld Reminders dialog is displayed.
5.
Set the reminder policy and mandatory designations as desired.

Click OK.
background (during off-hours for global changes) without
previous notification to the user. If the user declines to install the
software when reminded, the installation is forced after the
specified number of reminders is completed.
for mandatory installation is Good Technology applications.
6.
140
7.
To set overrides for a specific application, select the application

and click the Options button. Configure the window that opens as
desired.
8.
Click OK to close the Distribute Software window.
All handheld users for the affected Good Messaging Server are
notified of changes to the package, with instructions on how to
download and install updated applications wirelessly on their
handhelds. (The notification is displayed when the user moves
between applications in Good Messaging.) As mentioned, mandatory
software is downloaded during off-hours without previous
notification. Any software policy changes are employed.
Applications that have been deleted from the software package by
Good Technology are not deleted from handhelds that already have
them installed.
Adding and Deleting Custom Applications from the Software

Package
To add and delete custom applications to/from the software package
for a specific Good Messaging Server or individual users on that
Server:
1.
Select Good Messaging Servers in the Good Management

Console tree.
2.
In the right pane, right-click on the Good Messaging Server for the
software package you want to change. From the drop-down
menu, select Add/Remove Custom Software.
141
An Add/Remove Custom Software dialog is displayed.
3.
From the Handheld Family drop-down, select the appropriate

handheld type.
4.
To delete a custom application from the package, select the

application in the directory pane and click Remove.
5.
To add a custom application to the package, click Add. An Open

dialog is displayed. Navigate to the application to be added, select
the application, and click Open. Enter values for the Name,
Version, and Description fields and then click on the Upload
button.
The application is added to the package. By default it is disabled.
Use the Distribute Software option to enable the application for
the default package or for individual users.
Restrictions on the custom software:
Name: 128 characters

Version: 32 characters
142
Description: 256 characters

Name, Version, and Description fields cannot be empty
Field properties cannot be changed after upload
Zero-length files cannot be uploaded
Single stand-alone applications only can be uploaded
If the file is greater than 5MB in size, a warning is displayed
but the upload proceeds. You can upload 1,000 files or up to a
total of 150MB of files, whichever comes first. To add more,
you must remove some of the existing files, to get below both
of these limits.
Note: Most Windows Smartphone handhelds have codesigning requirements. Applications that are not signed by
Mobile2Market (or by proprietary carrier certificates) may not
install properly.
6.
Click Done to exit the Upload window.
All handheld users for the affected Good Messaging Server are
notified when additions to the package are enabled using the
Distribute Software option, with instructions on how to download
and install the applications wirelessly on their handhelds.
To view information about the new software, click Properties.
Deleted applications are not deleted from handhelds that already
have them installed.
Erasing and Disabling a Handheld

Wirelessly
Erasing and disabling the handheld in most cases hard resets it,
removing all data and returning the device to its factory defaults. In
all cases it erases all Good data from the handheld. For Windows
Mobile devices, any SD card is also erased. To be used again, the
143
handheld must be set up wirelessly as described in Setting Up the

Handheld on page 66 (wireless).
Note: Do not disable the handheld until it has been erased. If you
remove the user and disable the handheld before the handheld
receives the Erase message, the Erase message will continue to try to
reach the handheld for approximately a day. After that, if the
handheld hasn't received the erase message, it will not be erased.
To erase and disable a handheld wirelessly, using Good Management
Console:
1.
In the Tree view, select (click on) the Good Management Console
folder.
2.
Click the Users folder in the Tree view (the left panel). The
contents of the Users folder are displayed in the right panel (a list
of all users currently added to the Good Messaging Server).
144
3.
This window displays the current user mail files with associated
handhelds, each handheld serial number, the Good Messaging
Server managing each handheld, and the mail file/handheld
users department.
4.
Right-click on the mail file with the handheld to be disabled. From

the drop-down menu select Properties....
145
5.
6.
Click the Erase Data button. (The Erase button will be grayed out
if the handheld is running an earlier version of Good Messaging
software that does not support this remote feature.)
7.
A warning dialog informs you that erasing the handheld will

remove all user data from it and disable it, and that you will need
to set it up before it can be used again. Erasing and disabling the
handheld in most cases hard resets it, removing all data and
returning the device to its factory defaults. In all cases it erases all
Good data from the handheld. For Windows Mobile devices, any
SD card is also erased.
The handheld and its radio must be turned on and in network
coverage to be erased.
The Erase message is carried out by the handheld in the order
received (that is, messages sent to the handheld before the Erase
message are received by the handheld first).
146
When the erase operation is completed successfully, an audit

message is written to the Windows Event Viewer Application log.
You can check the handhelds Erase state by using the Details
button in the users Properties window in the Good Management
Console.

Information and email on the users handheld are stored indefinitely,
subject to the following restrictions:
Each Good Messaging application is guaranteed a certain amount

of memory for data storage. The remainder of memory is available
for extra data storage by any of the applications.
If storage space is needed, calendar appointments and meetings

older than two months are removed from the handheld but are
not deleted from the users account. If more space is required,
calendar data older than three days is removed.
Email can contain a maximum of 5,000 messages. At minimum,

the Email application stores at least 250 messages (the
approximate number of messages that can fit in the Email
guaranteed space).
When email must be removed, messages older than two weeks in

the Deleted Items folder are removed first. If more space is
required, the oldest messages in any folder are removed, folder by
folder, day by day, until enough space is obtained. These
messages are not removed in Lotus Notes.
The Company History folder ages out items on a least-recentlyused basis, maintaining a minimum of 250 items in the folder.
The user can mark critical email messages so that they are not
removed. To mark the message, the user chooses Mark
Permanent from the context menu.
If space is needed, tasks older than one week are deleted.
147
If an application has used all of its guaranteed space and no other

space is available, incoming data for the application will be
stopped (refused). If the user deletes data on the handheld to free
up space, the stopped data will begin flowing again. No new
incoming data is lost. It is held by Good Messaging Server and
then sent when space becomes available.
Notes on Synchronization
The following are exceptions to synchronization between the email
server account and handheld:
Items removed from the handheld via aging to save space are not
deleted from the email server account.
Items in the Sent folder are not synchronized unless you explicitly
enable this synchronization using the management consoles
Policy feature.
New mail received on the handheld in folders other than Inbox

(set up by the user using Preferences | Email Delivery) will
include only the header or the header and body of the message,
depending upon which of these two options you have enabled for
the handheld using the management console Policy feature. If
only the header is delivered, the body of the message is
synchronized only if the user chooses to display it.
Items in the Drafts folder are not synchronized between handheld

and PC.
Items originally filtered into an unsynchronized email server

folder are synchronized if moved or copied to a synchronized
folder, subject to the rules in the following item.
For email messages older than three days that have built up while the
handheld was turned off (when the user was on vacation and out of
coverage, for example), only headers are sent to the handheld. The
body of the message is synchronized only if the user chooses to
display it. Email messages older than a month are not synchronized.
Email recipients in the To: field are limited to 32.

148
7 Managing Good
Messaging Server
In addition to setting up and maintaining handhelds, you will want

to monitor Good Messaging Server to ensure that handheld
synchronization is occurring normally.
Use the following resources to manage Good Messaging Server and
handheld synchronization:
Good Monitoring Portal

Good Messaging Server properties and statistics
User/handheld properties and statistics
Good Messaging logs
Configure Connection menu item
Error messages
Troubleshooting (FAQ)
Best Practices - Deployment, redundancy, backup, and recovery
Information about these resources is provided in the following
sections.
This chapter also describes how to move Good Messaging Server to a
new host.
149
Moving Good Messaging Server to a

New Host
If you are moving the Good Messaging Server to a different host in
the course of a Good Messaging upgrade, be sure to read the Good
Messaging Upgrade Note that comes with the new version.
Follow these steps to move Good Messaging Server to a new host.
1.
From the registry of the existing Good Messaging Server, record

the server name, serial number, license key, cache directory
(CacheDir), NT Login (domain\username), and Login key. (Note:
The Good Messaging Server name is usually the same as the
computer name.)
These parameters are located in the registry of Good Messaging
Server under HKEY_LOCAL_MACHINE/SOFTWARE/Good
Technology/GoodLink Install Parameters/.
2.
Prepare the new host with all Good Messaging Server

prerequisites.
This includes creating a "LoginKey" (String value) registry entry
under [HKEY_LOCAL_MACHINE/SOFTWARE/
GoodTechnology/GoodLink Install Parameters]. You will have to
create the "GoodTechnology"/"GoodLink Install Parameters"
hierarchy before adding the LoginKey.
3.
Uninstall Good Messaging Server (but not Good Management

Server or Good Management Console) from its current machine.
Accept the typical uninstall to retain user configurations when
you do so. You will need the saved files from this machine later.
4.
Copy the database files goodlinkdb.mdf and goodlinkdb_log.LDF

to a temp directory on the new machine. (Refer to steps 1 though 6
in Moving the Good Messaging Database on page 111.) This is
only required for a Good Messaging Server with its SQL database
currently on the same machine.
150
Moving Good Messaging Server to a New Host
Note: Make sure that the new Good Messaging Server has the
same host name as the old Good Messaging Server. The old Good
Messaging Server has to be removed from the network before
giving the new host the same name.
5.
On the new Good Messaging Server machine do the following:

a.
Log on as the domain\username recorded earlier.
b.
Copy the contents of the cache directory from the old machine
to the same place in the new machine. Note that the same
directory hierarchy has to be maintained under the cache directory as the old machine.
c.
Delete the file dbfiles.lck from the directory with the same
name as the server, as it exists in the cache directory. Typically
this will be similar to C:\Program Files\Good Technology\Good Messaging Server\cache\server name\dbfiles.lck.
d.
Install Good Messaging Server using the same serial number,

license key, Domino mail file, and server name as the old one.
You will probably need to override the default for server name.
Do not start the Good Messaging services.
Warning: If you do not enter the SAME Good Messaging
Server name, when the Good Messaging Service starts, the
Server will attempt to bind to the copied-over cache with a
name other than the previous Good Messaging Server name.
The copied-over cache will be corrupted. This will disconnect
handheld users and require their handheld(s) to be set up
again.
e.
When prompted for the cache-directory location, select the

cache directory that you copied from the old server.
f.
When prompted, choose not to start the Good Messaging Services automatically.
g.
Stop the SQL Server (GOODLINK) and SQL Server Browser

services.
h.
Copy the database files from the temp directory (from step 4)
to the folder
151
Program Files\Good Technology\GoodLink Server\database\data\MSSQL.1\MSSQL\Data
When prompted to replace the files choose Yes. Start the SQL
Server (GOODLINK) and SQL Server Browser services and
make sure goodlinkdb can be accessed via Microsoft SQL
Server Management Studio Express.
i.
Install Good Management Server.
j.
Start the Domino Server, which starts the Good Messaging Services. Once the Good Messaging services are started, launch
Good Management Console. Verify that all users with active
handhelds are listed in the user folder.
k.
After 40 minutes, verify that user handhelds are synchronizing

correctly.
Moving Good Management Server to a

New Host
To move Good Management Server to a new host, simply uninstall it
on the old host and install it on the new host. Use Configure
Connection (The Configure Connection Item on page 169) to
redirect Good Management Console to the new location.
Monitoring Good Messaging Servers

Good Messaging software provides tools that allow you to monitor
Good Messaging Server using Good Management Console and
Microsoft Windows 2003 on the server machines. You can display
information in the following categories:
Server dashboard - Server status, users, and pending messages

Server List
Server Statistics
User Performance Monitor
152
Server Properties
Server Logging
Server Dashboard (Good Monitoring Portal)
To quickly check the operating status of your Good Servers, along
with information about Server users and handheld message flow, log
in to the Good Monitoring Portal at http://www.good.com/gmp.
When you log in, the GMP home page is displayed.
If the Good Server you are interested in isnt displayed in the

dashboard, refer to Adding a Server to the Dashboard on page 155.
The dashboard displays current status information for each Good
Server:
Status - Connection status for the Server to the Good Operations

Center (OK, Not OK, Connect error, Not queried, Not OK [IP
address range check failed], Unreachable)
Users - All users currently added to this Server

153
Pending Messages - Number of messages (emails, calendar

events, etc.) that are waiting for transmission from the handheld
to the Server or vice versa. This should be zero or close to it. If the
Server is disconnected from the Operations Center, the number
will grow because messages are not being processed. If a
handheld is out of coverage, it's queue of undelivered messages
on the Server will grow as emails sent to the handheld are not
delivered.
For more information on a Servers current status, click the Server
name in the dashboard. A Server details screen is displayed.
The screen contains:
Server Information - Server name, serial number, license key,

Server version, number of users
Server Connection - Status of connection to the Operations Center,

IP address, last connection time, pending messages
Server History - Two histograms of the Server's recent connection

history with the Operations Center. The first histogram covers the
Server's connection history over the last 24 hours, and the second
154
histogram shows the Server's connection history over the last 4

hours. Red sections indicate times when the Server was not
connected, and green sections indicate when the Server was
connected. When operating normally, the histograms should be
green
For more information on displaying handheld/user status in the
Good Monitoring Portal, refer to Using the Good Monitoring Portal
Dashboard on page 94.
Adding a Server to the Dashboard
If the Server you want to check isnt listed on the dashboard, do the
following to add it:
1.
Click the Add a Server to your monitoring list link on the home
page. A page is displayed which allows you to specify the Server
that you want added to the dashboard.
2.
Enter the name you assigned to the Server when installing it.
Enter the serial number and license key that you obtained at the
time of purchase.
155
If you dont have the serial number or license key available, click
Manage Server Licenses in the sidebar to display them. You can
also display the values for these items in the Properties page for
the Server in the Good Management Console.
3.
Click Submit.
The Server is added to the dashboard.
Server List
To list the Good Messaging Servers in the Domino site:
1.
In the Tree view, select (click on) the Good Management Console
folder.
2.
Click the Good Messaging Servers folder in the Tree view. The
contents of the Good Messaging Servers folder are displayed.
156
3.
This window displays the current Good Messaging Servers

installed, the current status of each server (Unknown, Stopped, or
Running), the number of handhelds added to the server, and the
current status of each servers network connection.
4.
Right-click and select Refresh from the drop-down menu to

update the server list at any time.
Server Statistics
To display the statistics for a particular Good Messaging Server in the
Domino site:
1.
Select the Good Messaging Servers folder in the Tree view.
2.
Right-click on the server of interest. From the drop-down menu

select Properties. In the Properties window, select the Server
Statistics tab.
A statistics panel for the selected server is displayed.
157
Statistics include the following:
Email messages sent to handhelds - Total Email messages sent

to all handhelds from Good Messaging Server
Email messages received from handhelds - Total Email

messages received from all handhelds by Good Messaging
Server
Filtered Email for handhelds - Number of messages not sent to

handhelds due to filters set on handhelds (using the Blocked
Senders email option)
Messages sent to handhelds - Total Email, Calendar, Contact,

Note, and Task messages sent to all handhelds by Good
Messaging Server (includes control messages)
Messages received from handhelds - Total Email, Calendar,

Contact, Note, and Task messages received from all handhelds
by Good Messaging Server (includes control messages)
158
Last Email message received from handhelds - Date and time

received by Good Messaging Server
Last message received from handhelds - Date and time

received by Good Messaging Server
Last Email message sent to handhelds - Date and time sent by

Last message sent to handhelds - Date and time sent by Good

Messaging Server
Handhelds - Total number of handhelds added to Good

Messaging Server
Statistics are accumulated by Good Messaging Server.
Since messages can be sent in batches, and undisplayed messages
(e.g., Mark Read) are included in the statistics, these totals are
useful mostly to determine general current activity levels.
Click the Refresh button to update the table. Click Clear to reset
all counts to 0 except dates and active handhelds, which are
retained. The date when the statistics were last cleared is
displayed at the bottom of the window. Click Save to save the
statistics to a file.
Using Performance Monitor

You can use the Windows Performance Monitor to display Good
Messaging Server dynamic statistics. These are the statistics
described in Server Statistics on page 157.
To view server statistics using the Performance Monitor:
159
1.
From the Start menu on the server host, select Programs >
Administrative Tools (Common) > Performance Monitor.
2.
Click the Add Counter button.

The Add to Chart window is displayed.
3.
From the Object drop-down list, select Good Messaging Server.
4.
Select all counters in the list and click Add.
160
5.
Click Done.
The Good Messaging Server statistics are displayed dynamically
on the chart.
Server Properties
To display server properties, do the following. These properties
cannot be edited from this window.
1.
Open the Good Messaging Servers folder in the Tree view and
select the server of interest.
2.
Right-click on the server in the consoles right-hand pane. From

the drop-down menu select Properties.
161
A Server Properties tab and panel for the selected server is

displayed.
The Server Properties window displays the following information

for each Good Messaging Server:
Good Messaging Server name

Serial number
License key
Good Messaging host address - URL for the Operations Center
Software download host - Host that provides software updates
to the Good Management Server
Server Setup time - Date the server was installed

Version - Good Messaging Server version
162
Installed on machine - Name of the computer on which the

server is installed
Windows logon account

Log Upload URL - URL for the site that will receive any
diagnostic logs that you upload to your authorized support
representative.
User List
To display a list of the Good Messaging users currently on this Good
Messaging Server:
1.
Open the Good Messaging Servers folder in the Tree view and
select the server of interest.
2.
Right-click on the server in the consoles right-hand pane. From

the drop-down menu select Properties. Click the User List tab.
163
A User List tab and panel for the selected server is displayed.
The User List window displays the current list of users for the
Good Messaging Server, together with the email address of each
and current connection status. Only users who have completed
handheld setup and are actually running Good Messaging are
listed.
Server Logging
To monitor synchronization, Domino-Good Messaging issues, and
error conditions, use the Windows Event Viewer Application log and
Good Messaging Server log. A diagnostic log is also maintained by
164
Good Messaging Server; this encrypted log is for use by your

authorized support representative.
To upload the diagnostic log to your authorized support
representative, do the following.
1.
In the Good Management Console, select the server whose log is

to be uploaded and from the right-click menu select Properties.
2.
Select the Log Upload tab.

An upload screen is displayed.
Click the radio button for the Good Messaging Server or for the
Good Management Server for the current Good Messaging Server
selected. The appropriate log will be uploaded.
Select the time range for the portion of the log that you want
uploaded.
165
To include the System Event log and the Application Event log,
click the corresponding checkboxes.
3.
Click Upload.
The log data for the specified time range is uploaded to the Log
Upload URL listed in the Properties panel for the Server.
Windows Event Viewer Application Log

The Windows Event Viewer Application log displays successful and
unsuccessful server actions and provides information about the
success or failure.
Good Messaging Server Log
Every Good Messaging Server maintains a log containing a separate
line for every email message and event exchanged between mail file
and handheld via that server. Use the file to check account use.
The log is named servername.access and is located in the logs
directory for the server installation.
Each line in the server log includes the following entries, separated
by tabs:
Time - Date and time of the transaction

mm-dd-yyyy hh:mm:ss time_zone
Msg_id - The session ID of the message or event

ID_string
App - Service or application that sent or is receiving the message

or event. For example, note, task, admin.
application_name
Cmd - Command used by the issuing or receiving service or

application
command
166
IP - IP address of Good Messaging Server. Allows concatenation

of server log files.
nn.nn.nn.nn
mailbox - Display name of the mailbox involved in the transaction

name
Direction - Transaction direction (INBOUND = toward Domino)

INBOUND | OUTBOUND
Dest_conn_id - For use by Customer Service

nnnnnnnnnn
Num_byte - Size of the transaction, read or written

nnnn
Status - 0 = OK. Any other number or string indicates an error

condition, but is used by Customer Service only.
n
Good Messaging Diagnostic Log

Good Messaging Server maintains encrypted diagnostic logs. These
logs are turned on by default. 600MB of space is required. The
information in the logs is for use by your authorized support
representative.
To upload logs to your support representative, refer to Server
Logging on page 164.
IP Range Tab
If you limit outbound HTTP and HTTPS on your firewall, you should
open the outbound IP ranges 216.136.156.64/27, 198.76.161.0/24,
66.45.60.0/24, and 12.146.186.0/23 for Good Messaging to work
properly.
167
Good Messaging checks for proper access to the Good Operations

Center periodically. Open ranges are displayed on the IP Addresses
tab with a status of 0. The proxy column can be yes or no. If an
error condition occurs, a description will appear in the Description
column.
Any other entries on this tab indicate error conditions. If other entries
are displayed, open the ranges given above and check the tab again.
Work with your customer service representative when error
conditions persist.
Server Software Policy Settings

For information on displaying and changing Good Messaging
Software distribution settings, refer to Changing the Good
Messaging OTA Setup Software Package on page 137.
168

When the Good Management Console entry is selected in the Tree
panel of the console, the Action and right-click menus include a
Configure Connection item. This item is referenced in certain
procedures in this guide. For example, youll use Configure
Connection when you want to change the Good Management Server
that a Good Management Console is communicating with.
Otherwise, it is not recommended to use this menu item. Needed
functionality is provided in the other Good Management Console
windows.
Stopping Good Messaging Services

To stop a Good Messaging Server, stop the Good Messaging Service.
If the Server will be stopped for an extended period of time, notify
handheld users that synchronization will cease during the stoppage.
Use either of the following methods to stop the service.
Method 1
Issue the Domino console command tell goodlink quit. This stops
both the Good Messaging Server and Good Management Server (if
installed)
Method 2
If the Windows Control Panel is used to stop the service, it must also
be used to start the service.
1.
Open the Windows Control Panel.
2.
Open Administrative Tools.
3.
Open Services.
4.
Select and open Good Messaging Service.
169
5.
In the Properties window, on the General tab, click the Stop

button.
6.
Repeat for the Good Management Service.
Error Messages
Errors are returned in the following ways:
Written to Windows Event Viewer Application log

Displayed as dialog windows in Good Management Console
Displayed as dialogs during installation.
Troubleshooting
Support is available by contacting Good Support at www.good.com/
support.
Best Practices
As with any mission-critical application, you will want to make
provisions for optimal deployment, redundancy, backup, and
disaster recovery for Good Messaging. This section describes or
references procedures and rules for doing so.
Deployment
The following rules and generalizations apply to deployment of
Good Messaging:
We recommend against running BlackBerryTM Enterprise Server

on the same machine as Good Messaging Server, when both are
present.
170
Best Practices
We recommend against installing the Lotus Notes Client on the

same machine as Good Messaging Server. If such a client is
present, it must reside on a different drive than the Domino server
on the machine.
Redundancy
Application redundancy is important in configuring Good
Messaging to maintain services in the event of server failure. Contact
your authorized service representative for information on using
Microsoft clustering with Good Messaging.
171
172
8 Good Messaging
Utilities and Console
Commands
This chapter describes some of the Domino console commands, Good
Messaging utilities, and diagnostic logs available for use in Good
Messaging administration and troubleshooting. For more
information, contact your authorized Good Messaging service
representative.
Good Messaging utilities include:
GoodLinkAddUser - Adds a new user to Good Messaging Server.

GoodLinkDeleteUser - Deletes a user from Good Messaging
Server.
GoodLinkQueryUser - Provides essential information about

existing users.
GMMConnectivity Tool - Tests Good Mobile Message

connectivity with the Domino primary server and reports the time
taken for the Good Domino NRPC calls from the GMM server to a
specific Domino server (Primary servers).
UserProfilechkTool - Tests for user profile availability.

Diagnostic logs are described in Diagnostic Log Files on page 190.
Domino console commands include:
showstatus - Shows the Good Messaging database connectivity

status
173
Good Messaging Utilities and Console Commands
forcerefresh - Performs a directory refresh from scratch (to update

the Good Messaging directory cache)
refresh - Performs a directory refresh (to update the Good

Messaging directory cache)
showconfig - Shows the Domino directories that the Good

Messaging Server is using to build the Good Messaging Directory
Cache.
GoodLinkAddUser
GoodLinkAddUser adds a user to Good Messaging Server.
The utility is available on machines with Good Management Server
or Good Management Console installed on them.
Run the utility from the installed Server or Console bin directory.
The user or thread/process/CGI that launches this utility must have
Administrator rights in Console > Roles > Rights or must have Add
user for OTA Setup Provisioning rights for Good Messaging to add
anOTA Setup user. (To test, log on as the user with the necessary
rights and attempt to add a user from the Console). To add a user,
you must know at least the users abbreviated and short name, or
know the users cannonical name.
If the user is already registered for the Good Messaging Service with
Good Technology, you need provide only the serial number on the
command line. Otherwise, you need to provide all parameters
required by the Console New User option.
For a usage example, go to C:\Program Files\Good
Technology\Good Management Console\bin (or C:\Program
Files\Good Technology\Good Management Server\bin) and run
GoodLinkAddUser without any parameters specified.
174
GoodLinkAddUser
Syntax:
GoodLinkAddUser -GMS GMS Machine Name -GLS Good
Messaging Server Name [-ProvType Type] -UserDisplayName User Domino Abbreviated Name
-UserAlias User Short Name -UserDN User
Cannonical Name -LogFile Log File Path
GMS Machine
Name
The name of the machine where Good Management

Server is running. If empty, Good Management Server is
assumed to run on the current machine.
Type
OTA or CheckEnabled. Defaults to OTA. If OTA,
the values for handheld type, ID, phone number, and
handheld network should be empty. If CheckEnabled
is specified, the program checks whether user is Good
Messaging-enabled. All HHxxxx parameters can be
empty when this parameter is specified. The program
terminates with exit code 0 if the user is Good
Messaging-enabled. Otherwise it exits with an error
code. If the error code is
GDLINK_ERR_USER_NOT_GL_ENABLED (error code
0x80040951) (see server/gm/common/
goodlinkerrorcodes.h), the user is not Good Messagingenabled. Any other error code is an error in opening the
user's mailbox.
GoodLink Server
Name of the Good Messaging Server to add the user. If Name
GAS is included in the command line, this value cannot
be empty.
User Domino
Display name of the user as specified in the Person
Abbreviated Name document of the user in the Domino Directory. Example:
Julia Herlihy/Sales/East/Acme/US.
User Short Name ShortName or UserID of the user: The ShortName field
from the Person Document of the user in the Domino
Directory.
175
User Canonical
Name
User Canonical name is the DN or Distinguished Name

(the users User Name or the FullName field from the
Person Document of the user listed in the Domino
Directory). Example: CN=Julia Herlihy/OU=Sales/
OU=East/O=Acme/C=US
Common name (CN) - Corresponds to a user's name or a
server's name. All names must include a common name
component.
Organizational unit (OU) - Identifies the location of the
user or server in the organization. Domino allows for a
maximum of four organizational units in a hierarchical
name. Organizational units are optional.
Organization (O) - Identifies the organization to which a
user or server belongs. Every name must include an
organization component.
Log File Path
Country (C) - Identifies the country in which the

organization exists. The country is optional.
Errors and warnings are appended to this file. The file
will not be overwritten. A valid pathname is required.
The path cannot be a network path; it must be on the
local machine.
GoodLinkDeleteUser
This program deletes a user that was Good Messaging-enabled. All
errors are logged into a file. On successful completion, the program
will remove the user from the Good Management Console, and the
handheld will receive a disconnect message.
The command-line machine must have Good Management Server or
Good Management Console installed on it.
176
GoodLinkDeleteUser
The user or thread/process/CGI that launches this utility must have

Delete User rights for Good Messaging (to test, attempt to add a
user from the Console).
Syntax:
GoodLinkDeleteUser -GMS GMS Machine Name -UserDisplayName User Domino Abbreviated Name -UserAlias
User Short Name -UserDN User's Cannonical Name -LogFile
Log File Path
All parameters are case insensitive. All parameters must be specified

even if they are empty.
GMS Machine
Name
User Abbreviated
Name
User Short Name
The machine where Good Management Server is

running. If empty, the utility assumes that the Server
runs on the current machine.
Abbreviated name of the user as specified in the Person
document of the user in the Domino Directory. Example:
Julia Herlihy/Sales/East/Acme/US.
ShortName or UserID of the user: The ShortName field
from the Person Document of the user in the Domino
Directory.
177
User Canonical
Name
User Canonical name is the DN or Distinguished Name

(the users User Name or the FullName field from the
Person Document of the user listed in the Domino
Directory). Example: CN=Julia Herlihy/OU=Sales/
OU=East/O=Acme/C=US
Common name (CN) - Corresponds to a user's name or a
server's name. All names must include a common name
component.
Organizational unit (OU) - Identifies the location of the
user or server in the organization. Domino allows for a
maximum of four organizational units in a hierarchical
name. Organizational units are optional.
Organization (O) - Identifies the organization to which a
user or server belongs. Every name must include an
organization component.
Log File Path
Country (C) - Identifies the country in which the

organization exists. The country is optional.
Errors and warnings are appended to this file. The file
will not be overwritten.
Example:
GoodLinkDeleteUser -GMS "" -UserDisplayName "Test
User" -UserAlias tuser -UserDN "/o=OrgRoot/
ou=Site1/cn=Recipients/cn=tuser" -LogFile
c:\temp\GoodLinkDeleteUser.log
GoodLinkQueryUser
GoodLinkQueryUser takes an existing user's identity and outputs the
essential attributes for that user into a simple XML file.
The command-line machine must have Good Management Server or
Good Management Console installed on it.
178
GoodLinkQueryUser
The user or thread/process/CGI that launches this utility must have,

at the minimum, View only Administration rights for Good
Messaging.
Running the command-line tool without any options prints its usage.
Syntax:
GoodLinkQueryUser -GMS GMS Machine Name -UserDisplayName User Domino Abbreviated Name -UserAlias
User Short Name -UserDN User's Cannonical Name -EncodeString 0 or 1. Format in HTML -XMLOutFile XML Output File Path -LogFile Log File Path (all errors
logged)
The -EncodeString option (if set to 1) escapes non-alphanumeric

characters with % sign (e.g., %20 for the space character) as in the
HTML specification for string values in the output XML file. This
option can be used based on the type of XML parser that you will use.
We recommend setting this to 0.
If the program is run against a non-Good Messaging-enabled user,
the program terminates with an error
GDLINK_ERR_USER_NOT_GL_ENABLED code (error code
0x80040951).
XML file format

The format is simple, with a set of user properties under <user> tag.
The file can be parsed by the simplest XML parser.
Each property has a name, data type, and value. The data type is set
to "string."
Following is a sample output XML file for a user/handheld enabled
for OTA but not yet set up. -EncodeString is set to 0.
<user>
179
<UserDisplayName type="string">bhattreo600</User
DisplayName>
<UserAlias type="string">BhatTreo600</UserAlias>
<UserDN type="string">/o=Dev Eng Good Technology/
ou=Site1/cn=Recipients/cn=BhatTreo600</UserDN>
<UserEmail
type="string">BhatTreo600@de.qagood.com
</UserEmail>
<OTAEnabled type="string">1</OTAEnabled>
<OTAPin type="string">blb26lh1j37km2b</OTAPin>
<OTAURL type="string">https://good.com/ota</
OTAURL>
<GoodLinkServerName type="string">SBHATXP</
GoodLinkServerName>
<GoodLinkServerVersion type="string">4.5.0.0</
GoodLinkServerVersion>
<HHSlNo type="string"></HHSlNo>
<HHType type="string"></HHType>
<HHPhoneNo type="string"></HHPhoneNo>
<HHNetworkName type="string"></HHNetworkName>
<GoodLinkClientVersion type="string"></GoodLink
ClientVersion>
<UserDepartment type="string"></UserDepartment>
<GoodAccessServerName type="string">GA-SBHATXP</
GoodAccessServerName>
</user>
1.
If the -EncodeString is set to 1, the string value will be encoded

with HTML escaping rules. For example, in the above case, the
UserDN of
/o=Dev Eng Good Technology/ou=Site1/cn=Recipients/
cn=BhatTreo600
will look like

%2Fo%3DDev%20Eng%20Good%20Technology%2Fou%3DSite1
%2Fcn%3DRecipients%2Fcn%3DBhatTreo600
180
GMMConnectivity Tool
2.
OTAEnabled specifies whether the user is OTA enabled. If it is 1,

then the user is enabled. 0 means not enabled.
3.
OTAPin is the setup PIN. If the Windows user that executes the
utility does not have View user provisioning credentials rights
in GMC->Roles->Rights, this field will be empty.
4.
OTAURL is the location from which the Good Messaging OTA

setup stub can be downloaded.
5.
The HHxxxx properties are handheld properties. They will be

available once the handheld is fully set up.
GMMConnectivity Tool tests Good Mobile Message connectivity
with the Domino primary server and reports the time taken for the
Good Domino NRPC calls from the GMM server to a specific Domino
server (Primary servers).
Run the utility from the installed Server bin directory.
Syntax:
GMMConnectivity.exe -s Domino server name [-d
dbname.nsf] [-t n]
Optional switches are not case sensitive and can be entered in any
order or combination.
-s Domino server name - System IP address or fully qualified domain
name of the Domino server machine. The switch is not case sensitive.
-d - Checks accessibility to the User Notes file database dbname.nsf.
Default is log.nsf. Use the mail-file directory name, as shown in the
example below.
181
-t n - Reports access timings for NRPC calls to the database. n = 0 or 1.

0 disables the display NRPC call timings; 1 enables the display of
NRPC call timings.
Example:
GMMConnectivityTool -s 172.16.8.32 -d mail/log.nsf
-t 1
For help and usage details, run the command without parameters.
Usage Scenarios
Scenario 1: Using the tool without optional parameters to obtain
connectivity and Domino server availability status.
Syntax:
GMMConnectivity.exe -s Domino server name
Example:
GMMConnectivity.exe -s 172.16.8.32
182
172.16.8.32 - IP address of the server where Primary Domino Server is

running or name of the server (FQDN).
Scenario 2: Using the tool with optional parameter(s) to check the

User Notes database file availability.
Syntax:
GMMConnectivity.exe -s Domino server name/IP [-d
dbname.nsf]
Example:
GMMConnectivity.exe -s 172.16.8.32 -d log.nsf
The switch is not case sensitive.
183
log.nsf is used to check the Log database file. For example, to check
for a user with short name nk, replace "log.nsf" with "mail/nk.nsf"
Scenario 3: Using the tool with the optional parameter -t to check for
response time.
Syntax:
GMMConnectivity.exe -s Domino server name [-t n]
Example:
GMMConnectivity.exe -s 172.16.8.32 -d mail/nk.nsf
-t 1
The switch is not case sensitive.
184
Scenario 4: Changing the combination/order of optional parameters.

GMMConnectivity.exe -s 172.16.8.32 -t 1 -d mail/
nk.nsf
or
GMMConnectivity.exe -s 172.16.8.32 -d mail/nk.nsf
-t 1
Notes
If the Domino Primary is not accessible, the tool displays the
following message.
185
Possible Reasons: Domino primary server is down or path not found.

If the Domino Secondary server in down, the tool prompts for the
Primary Domino Server Admin Password.
UserProfilechkTool
UserProfilechkTool tests for user profile availability. It also displays
active profile type (Roaming or Inotes) with complete profile details.
It tests Journal/Contacts accessibility for both types. If more than one
user exists with the same short name (across Organizational Units)
under a domain, all such user details are reported.
Run the utility from the installed Server bin directory.
Syntax:
userProfilechkTool.exe -s Domino server IP address
-u user short name
Both parameters are mandatory. They can be used in any order.

-s Domino server name - System IP address or fully qualified domain
name of the Domino server machine. The switch is not case sensitive.
186
UserProfilechkTool
-u user short name - User short name as saved in the Domino server
user profile. The switch is not case sensitive.
Example:
UserProfileCheckTool -s 172.16.8.32 -u nk
For help and usage details, run the command without parameters.
Usage Scenarios
Scenario 1: Displaying user profile details
In this example, an iNotes user with short name nk.
187
Scenario 2: Displaying user profile details

In this example, a roaming user with short name rkanth.
188
UserProfilechkTool
Scenario 3: More than one users exist with the same name.
If more than one user exists in the server with the same name under a
domain across different OU's, all such user profile details are
displayed.
Notes
If a user doesn't exist, the tool displays the following message.
189
Diagnostic Log Files

The diagnostic log files that your service representative may ask you
to upload are created automatically by Good Messaging Server and
Good Management Server during Server operation.
The location of the Good Messaging Server diagnostic files is
specified under the value "AccessLogDir" inside the registry key
HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\GoodLinkServer\\Parameters\\
The location of the Good Management Server diagnostic files is

specified under the value "LogDir" insider the registry key
HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\GoodLinkManagementServer\\Parameters
Good Messaging Server diagnostic log files are named

server_namemm.diagnosticsdd-yy.hh-mm-ss.
Good Management Server diagnostic log files are named

GoodLinkManagement.diagnosticsmm-dd-yy.hh-mm-ss
The log files that you specified in the To and From fields will be
transferred.
All files transferred by default will be compressed in gzip format.
Good Messaging Domino Console

Commands
Issue the following commands at the Domino server console where
Good Messaging Server is installed, in the form:
tell goodlink command
190
Good Messaging Domino Console Commands
tell goodlink showstatus - Shows the Good Messaging database

connectivity status
tell goodlink forcerefresh - Performs a directory refresh from scratch
(to update the Good Messaging directory cache)
tell goodlink refresh - Performs a directory refresh (to update the
Good Messaging directory cache)
tell goodlink showconfig - Shows the Domino directories that the
Good Messaging Server is using to build the Good Messaging
Directory Cache.
191
192
9 Using Standby Good

Messaging Servers
This chapter describes how to create a standby configuration when

installing Good Messaging Server, using Microsoft Clustering.
Multiple Good Messaging Servers can be configured to run in a
clustered environment. Good Messaging Cluster Tools are used to
install and configure the integration of Good Messaging Servers into
the cluster.
It is recommended that the procedures provided in this document be
performed by an administrator experienced with Microsoft
Clustering and Good Messaging Servers. When setting up or moving
Good Messaging Servers to a clustered environment for the first time,
we recommend that the installing administrator first do a dry run
with a few users and primary and standby Good Messaging Servers
that have been given test names.
How the Microsoft Clustering Service

Works
This introduction is based on information provided at http://
www.microsoft.com/windows2000/techinfo/planning/server/
clustersteps.asp.
193
A server cluster is a group of independent servers running Cluster

service and working collectively as a single system. Server clusters
provide high-availability, scalability, and manageability for
resources and applications by grouping multiple servers running
Windows 2003 Advanced Server or Windows 2003 Datacenter
Server.
The purpose of server clusters is to preserve client access to
applications and resources during failures and planned outages. If
one of the servers in the cluster is unavailable due to failure or
maintenance, resources and applications move to another available
cluster node.
Hardware and Software Requirements

Two servers (see Checking Prerequisites and System
Requirements on page 29), preferably identical in hardware
configuration
- Each with 2 network cards

- Each with identical SCSI RAID controllers
- The internal disk configuration of each server can be either IDE
or SCSI
External SCSI disk array with two SCSI ports
We recommend that you purchase a cluster aware SCSI disk
array. As always, prior to purchasing hardware that will run
Microsoft system software, be sure to check the Microsoft
Hardware Compatibly List (HCL) (http://www.microsoft.com/
hcl/default.asp).
Windows 2003 Advanced Server Operating System or Windows

2003 Datacenter Operating System
(Windows 2003 Workstation and Windows 2003 Server do not
support Microsoft clustering)
194
How the Microsoft Clustering Service Works
Network Requirements
A unique NetBIOS cluster name.
Five unique, static IP addresses: two for the network adapters on
the private network, two for the network adapters on the public
network, and one for the cluster itself.
A domain user account for Cluster service (all nodes must be

members of the same domain).
Each node should have two network adaptersone for

connection to the public network and the other for the node-tonode private cluster network. If you use only one network adapter
for both connections, your configuration is unsupported. A
separate private network adapter is required for HCL
certification.
Shared Disk Requirements

All shared disks, including the quorum disk, must be physically
attached to a shared bus. Network drives (or Network Attached
Storage (NAS)) are not supported. Verify that disks attached to
the shared bus can be seen from all nodes. This can be checked at
the host adapter setup level.
SCSI devices must be assigned unique SCSI identification

numbers and properly terminated, as per manufacturer's
instructions.
All shared disks must be configured as basic (not dynamic).

All partitions on the disks must be formatted as NTFS.
While not required, the use of fault-tolerant RAID configurations
is strongly recommended for all disks. The key concept here is
fault-tolerant raid configurationsnot stripe sets without parity.
195
Good Messaging Server in a Clustered

Environment
Diagram of a standard Good Messaging Server cluster configuration:
Here, Good Messaging Servers are installed on Node 1 and Node 2.

The shared disk stores the Good Messaging Server database and the
cache directory. The Domino server on which Good Messaging
Server runs is clustered as well. The Domino server is clustered in
active-passive configuration; active-active configuration is not
supported by Good Messaging Server. A single license of the Domino
server is needed for the Domino clustering required by Good
Messaging Server. (Active-passive clustering does not require two
separate Domino Server licenses.)
The clustering service ensures that only one node is running the
Good Messaging service at a time. If a node fails, then the Good
Messaging service is started on the other node.
196
Installing the First Clustered Node
Good Management Servers have no shared resources. One Good

Management Server is required. We recommend installing a Good
Management Server on each Good Messaging Server host machine,
for redundancy.

To set up the first cluster, ensure that you have installed the
Microsoft Cluster Service onto all the nodes, and that the cluster
services are running. You should see a configuration similar to the
following when running the Microsoft Cluster Administrator.
Verify that the drive resource that will contain the Good Messaging
cache exists within the Cluster Group.
197
Installing Domino on the First Node

Make sure that the first node is the owner of the shared disk resource
that you want to use for this installation. You can verify this by
opening My Computer on the first node, which should allow you to
access the shared drive.
1.
Insert the Lotus Domino CD-ROM and start the Domino server
installation program as usual.
2.
Read and accept the license terms.
3.
Enter the user registration information.
4.
In the Lotus Domino Installation window, select the program and

data directories to be used for the Domino server. Domino
program files should be installed on a non-shared drive. To allow
the other nodes in the Windows 2003 cluster to access the data
files when the Domino server fails over, the Domino data
directory must be installed on a shared drive.
For example, the shared data drive for the Domino server is drive
Q: here:
198
The following discussion assumes an active-passive configuration

is being installed. Good Messaging does not support active-active
configurations
A good practice for data directory naming is to install the Domino
data files in the directory \lotus\Domino\data.
5.
Click Next.
6.
Select the type of setup you want by selecting either the Domino
Enterprise Server or the Domino Messaging Server radio button.
This procedure does not combine Domino clustering with MSCS,
so you do not need to install Domino Enterprise Server.
7.
Click Next and complete the Domino Server installation.
Configuring Domino on the First Node

After you have successfully installed the Domino server code, you
need to configure it:
1.
Start the Domino Server; when prompted to start as service or

application, choose the Run as Service radio button and Always as
service check-box option.
199
Make sure that you customize the port settings by disabling all
ports other than TCP/IP, as shown.
2.
Change the Net Address from the local machine host name to the
host name registered for the Domino server in DNS. If the Domino
200
server name is not registered in DNS, you can enter the explicit IP
address created for the virtual Domino server using Cluster
Administration instead. MSCS supports only the TCP/IP protocol
for failover, so there is no need to define other protocols. In the
figure above, test.lab is the DNS to the cluster and not to a specific
machine.
Installing Primary Good Messaging into the Cluster

1.
Install the primary Good Messaging Server and Good

Management Server following the instructions in Installing Good
Messaging Server on page 36 and Installing Good Management
Server on page 48. When installing Good Messaging Server,
make sure to select a directory on a shared cluster drive for the
Good Messaging cache.
2.
Move the Good Messaging database to the shared disk. (This step
is not needed if the Good Messaging database is to be hosted on a
separate SQL Server farm.)
a.
At the end of the install, do not choose to start the Domino

Server. Open the SQL Management Studio by navigating to
Start->Programs->Microsoft SQL Server 2005->SQL Server
Management Studio Express.
b.
In the Connect to server login dialog, select

<MACHINE_NAME>\GOODLINK as the Server Name and
201
Note: You should be a local administrator of the machine to

have access to the SQL Express server.
202
c.
In the Object Explorer pane, expand the Databases node, rightclick goodlinkdb, select Tasks and then Detach.
d.
After selecting Detach, select Drop Connections and click OK.
203
e.
Move goodlinkdb.mdf and goodlinkdb_log.LDF from the

folder Program Files\Good Technology\GoodLink
Server\database\data\MSSQL.1\MSSQL\Data to the shared
cluster drive, e.g. Q:\Program Files\Good Technology\GoodLink Server\database. (You will need to create the
folder database before moving the files.)
f.
Using the SQL Server Management Studio Express, attach the

moved database back to the SQL Server.
g.
Right click the databases node, choose Attach in the Attach

Databases dialog, click the Add button, and then choose the
database moved to the shared cluster drive. Click the OK button. Once the database is attached, make sure that goodlinkdb
is listed under the database node.
204
Notes on INI and Domino Service Configuration

There are at least two IP addresses active on the Windows 2003
server that will run Domino. These are the server's public IP
address and the virtual server's IP address, created as a cluster
resource and reserved for Domino server usage. You must
identify the second one in NOTES.INI to avoid user connections
through an incorrect IP address. If this is not done, and users
connect to the Domino server through the local machines' IP
address, those users cannot fail over to the other node if/when the
physical server fails.
To identify the correct IP address, add the following setting in
NOTES.INI:
TCPIP_TCPIPAddress=0,a.b.c.d:0
where TCPIP is the port name to be defined. The IP address is

represented by a.b.c.d. The last parameter is the Notes IP port
number, which should be left as zero, and equates to the default
port, which is 1352. If you choose to set the port number to
something other than 1352, you need to add the same definition to
each and every Notes client that will connect to the server.
Example:
TCPIP_TCPIPAddress=0,9.24.104.6:0
As both nodes in the cluster must have access to the same

NOTES.INI file, you should copy the NOTES.INI file from the
Domino program directory on the local drive to the Domino data
directory on the shared drive. You can use the following
command to do this:
c:\> copy c:\lotus\domino\notes.ini q:\lotus\domino\data\notes.ini
Also, you should update the Properties for the Lotus Domino
Server icon in the Start menu. The icon is normally located by
selecting Start -> Programs-> Lotus Applications -> Lotus Domino
Server.
205
Add the following parameter after the executable name:

=<path>\notes.ini
An example of the full command line is:

C:\Lotus\Domino\nserver.exe =q:\lotus\domino\data\notes.ini
The Domino service parameter ImagePath in the registry

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic
es\<Domino Service Name> must be updated to reflect the
notes.ini from the shared drive.
Verifying the Domino Server Functionality

When you start Domino, you can check the server's port status by
issuing the following command from the Domino server console:
>show port tcpip
TCP/IP Port Driver
Transport Provider: TCP
Notes Session Local Address Foreign Address
088200019.24.104.6:13529.24.106.246:1121
088300029.24.104.6:1352*:*
The output verifies that the Domino server is listening to the IP

address 9.24.104.6 and has an active session on TCP port 1352 with
foreign address 9.24.106.246, which in this case is the Domino
administration workstation used to run remote commands. If the
206
Installing the Second Clustered Node
local address appears as *.*:1352, you need to check NOTES.INI and

correct any errors.
Verifying the Good Messaging Server Functionality

Verify that the primary Good Messaging Server is working properly.
To do so, confirm that a handheld can send and receive messages.
Once the Good Messaging Server functionality is verified, shut down
the Domino Server.

With the first cluster node installed and functional, install the second
node.
Installing and Configuring Domino on the Second Node

After you have verified the Domino server functionality on the first
Windows 2003 cluster node, install the Domino program files on the
second cluster node. Follow these steps to install the Domino server
code on the second node:
1.
Stop the Domino server you have just installed.
2.
Move the resource group for the Domino server to the second
node in the cluster using the Cluster Administration tool.
3.
After moving the resource group, including the disk and the IP
address, switch to the second node and install the Domino server
code in exactly the same way that you did for the first node.
Be sure to specify the same directories for the Domino program
and Domino data directories as on the first server. If you fail to do
so, the Domino server cannot fail over from one node to the other.
4.
Copy the NOTES.INI file from the Domino data directory on the
shared drive to the Domino program directory on the local drive.
You can use the following command to do this:
207
c:\> copy q:\lotus\domino\data\notes.ini

c:\lotus\domino\notes.ini.
As both nodes in the cluster must have access to the same

NOTES.INI file, you should copy the NOTES.INI file from the
Domino program directory on the local drive to the Domino data
directory on the shared drive. You can use the following
command to do this:
c:\> copy c:\lotus\domino\notes.ini q:\lotus\domino\data\notes.ini
Also, you should update the Properties for the Lotus Domino
Server icon in the Start menu. The icon is normally located by
selecting Start -> Programs-> Lotus Applications -> Lotus Domino
Server.
Add the following parameter after the executable name:
=<path>\notes.ini
An example of the full command line is:

C:\Lotus\Domino\nserver.exe =q:\lotus\domino\data\notes.ini
The Domino service parameter ImagePath in the registry

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic
es\<Domino Service Name> must be updated to reflect the
notes.ini from the shared drive.
5.
Start the Domino server and test the functionality as described for
the first node.
>show port tcpip
TCP/IP Port Driver
Transport Provider: TCP
Notes Session Local Address Foreign Address
088200019.24.104.6:13529.24.106.246:1121
088300029.24.104.6:1352*:*
208
The output verifies that the Domino server is listening to the IP

address 9.24.104.6 and has an active session on TCP port 1352 with
foreign address 9.24.106.246, which in this case is the Domino
administration workstation used to run remote commands. If the
local address appears as *.*:1352, you need to check NOTES.INI
and correct any errors.
6.
Add the Domino server resource definition to the relevant

resource group, to complete the virtual server:
a.
Run the Cluster Administration tool and select File -> New ->
Resource from the menu bar.
b.
Enter the resource name Domino Server Resource for the Domino server that you want to run as a Generic Service in the Windows 2003 cluster.
c.
Set the resource type to Generic Service from the Resource type
drop-down list and select the correct group from the Group
drop-down list. Click Next.
209
d.
The Possible Owners dialog box is displayed. Both nodes

should be able to run Domino, which is the default. Click Next.
e.
Click Next and the Dependencies window is displayed:
f.
This dialog box allows you to specify those resources that must
be available (that is, active and online) before the Domino
server itself can be brought online. Select the physical disk,
Cluster Name, and Cluster IP address resources from the
210
Available resources list and add them to the Resource dependencies list.
211
g.
Click Next to display the Generic Service Parameters window.
h.
Enter the service name for the Domino server. The service
name must match the name for the Domino service, which can
be found in the Services window (opened by clicking Start ->
Settings ->Control Panel -> Administrative Tools -> Services).
The default name for the Domino service is Lotus Domino
Server, but it can vary, depending on the way you install Domino. If you look through the list of available services, the one
you need will be easy to find.
As we are creating an active-passive configuration, the
NOTES.INI file location is provided as the startup parameter.
If you are configuring a Domino server in an active-active Windows 2003 cluster, you will enter the name of the service for
the Domino server and leave the Start parameters field empty.
i.
Click Next to display the Registry Replication settings. You do

not need to add registry replications for Domino servers.
j.
Click Finish.
212
Installing Good Messaging on the Second Node

To install Good Messaging on the second node:
1.
Copy the LoginKey and its value found under

HKEY_LOCAL_MACHINE\SOFTWARE\Good
Technology\GoodLink Install Parameters from the registry of
node 1 to node 2. (You will need to create the registry hierarchy on
node 2.)
2.
Delete the lock file dbfiles.lck on the shared file server. By default
the file is found in installation_directory\cache\server_name\.
3.
Install the standby Good Messaging components following the

instructions in Installing Good Messaging Server on page 36
and Installing Good Management Server on page 48. Specify the
same cache directory as for the primary server.
At the end of the install, do not choose to start the Domino Server.
4.
Attach the Good Messaging database from the shared disk. (This
step is not needed if the Good Messaging Database is to be hosted
on a separate SQL Server farm.)
a.
Open the SQL Management Studio by navigating to Start>Programs->Microsoft SQL Server 2005->SQL Server Management Studio Express.
b.
In the Connect to server login dialog, select

<MACHINE_NAME>\GOODLINK as the Server Name and
213
Note: You should be a local administrator of the machine to

have access to the SQL Express server.
214
c.
In the Object Explorer pane, expand the Databases node, rightclick goodlinkdb, select Tasks and then Detach.
d.
After selecting Detach, select Drop Connections and click OK.
215
e.
Delete goodlinkdb.mdf and goodlinkdb_log.LDF from the

folder Program Files\Good Technology\GoodLink
Server\database\data\MSSQL.1\MSSQL\Data.
f.
Using the SQL Server Management Studio Express, attach the

moved database back to the SQL Server.
g.
Right click the databases node, choose Attach in the Attach

Databases dialog, click the Add button, and then choose the
database moved to the shared cluster drive. Click the OK button. Once the database is attached, make sure that goodlinkdb
is listed under the database node.
h.
Start the Domino server on the standby machine, which should

then start the Good Messaging services.
i.
Verify that the standby Good Messaging Server is working

properly. To do so, confirm that a handheld can send and
216
receive messages. For an installation with a large number of

users, this may take some time.
Configuring the Good Messaging Database Cluster

Resource
(This step is not needed if the Good Messaging Database is to be
hosted on a separate SQL Server farm.)
1.
Run the Cluster Administration tool and select File -> New ->
Resource from the menu bar.
2.
Enter the resource name Good Messaging Database for the

Domino server that you want to run as a Generic Service in the
Windows 2003 cluster.
3.
Set the resource type to Generic Service from the Resource type
drop-down list and select the correct group from the Group dropdown list. Click Next.
217
4.
The Possible Owners dialog box is displayed. Both nodes should

be able to run Domino, which is the default. Click Next.
5.
Click Next and the Dependencies window is displayed:
6.
This dialog box allows you to specify those resources that must be
available (that is, active and online) before the Domino server
itself can be brought online. Select the physical disk, Cluster
218
Name, and Cluster IP address resources from the Available

resources list and add them to the Resource dependencies list.
7.
Click Next to display the Generic Service Parameters window.
219
8.
Enter MSSQL$GOODLINK as the service name.
9.
Click Next to display the Registry Replication settings. You do not

need to add registry replications for Domino servers.
10. Click
Finish.
Installing and Configuring the Good

Messaging Cluster Tools
1.
Turn the standby Good Messaging Server host machine off to

move the resource controlling the Good Messaging cache drive to
the primary server.
2.
Start the primary machine.
3.
Start the standby machine.
4.
Using the Cluster Administrator, take the Good Messaging

Database and Domino Server Resource offline.
220
Installing and Configuring the Good Messaging Cluster Tools
5.
From the primary machine, delete the lock file dbfiles.lck. By

default the file is found in
installation_directory\cache\server_name\.
6.
Launch the Good Messaging Cluster Tools InstallShield

executable on the primary server (you will find the executable on
the distribution media in the tools directory - Good
MessagingClusterTools-version.exe).
The InstallShield program will install script files that are used to
configure the Good Messaging services and add support for
clustering Good Messaging. When the installation is complete,
you will see a shortcut on the desktop called Good Messaging
Cluster Setup.
7.
Double-click this icon on the primary server to integrate the Good

Messaging and Good Management services into the cluster.
A setup script is launched. You will see the following screen.
221
8.
If the Microsoft Cluster services are running, and Good

Messaging and Good Management services have been installed,
press the ENTER key to see the following screen:
Press 'Y' and ENTER key to install Good Management Server into
the cluster. The installation will proceed and the screen will
inform you when setup is complete.
The script will configure the Good Messaging and Good
Management services on the cluster nodes into the cluster
environment.
Now, when you run the Cluster Administrator, you will see
configurations similar to the following. The Good Management
Server resource is installed by default in the Cluster Group
containing the Cluster Name resource.
222
Installing and Configuring the Good Messaging Cluster Tools
9.
Double click Good Messaging Service in the dependencies tab,

click on the Modify' button, and add Domino Server Resource and
Good Messaging Database as the dependencies.
10. Repeat
the step above for Good Management Server and add

Domino Server Resource and Good Messaging Database as the
dependencies.
11. Using
the Cluster Administrator, perform the following steps to

bring the Good Messaging service and Good Management service
online. If any resource fails to run, check the Event Log for errors.
a.
In the Groups folder, select the group that contains the Good
Messaging service. If the service is offline, right-click the group
and select Bring Online.
12. In
the Groups folder, select the group that contains the Good
Management service. If the service is offline, right-click the group
and select Bring Online.
223
Installing an Existing Good Messaging

Service into the Cluster
If you have an existing Good Messaging service that is to be
clustered, with or without an existing standby server, do the
following:
1.
Set up the clustering machines.
2.
Uninstall Good Messaging Server and Good Management Server

from the primary and standby (if present) hosts. Important:
remember to use the "Typical" uninstall, or "Retain Users" if
"Custom" uninstall is selected.
3.
Move the cache directory with all the cache files to the shared
drive of the cluster.
4.
If the Good Messaging Database does not reside on an SQL 2005

server, you must move the Good Messaging Database
(goodlinkdb) to the shared drive of the cluster (Moving the Good
Messaging Database on page 111).
5.
Follow the instructions in the previous sections for Good

Messaging Server installation.
During installation, be sure to enter the same server name as you did
for the original Good Messaging Server, and select the cache
directory on the shared drive.
Upgrading the Primary Server in a Good

Messaging Cluster
To upgrade the primary server in a cluster:
1.
From the primary server host machine, launch the Microsoft

Cluster Administrator.
2.
Select the Cluster Group that contains the Good Messaging Drive
resource and the Good Messaging service resource.
224
Upgrading the Standby Server in a Good Messaging Cluster
3.
Right-click on each resource except the Good Messaging Database

(the Good Messaging Database resource is not needed if the
database is hosted on a separate SQL server) and choose Take
Offline, or for each resource from the File menu choose Take
Offline.
4.
Select the group that contains the Good Messaging service

resource.
5.
Right-click and choose Take Offline.
6.
Install the new version of Good Messaging Server and Good

Management Server. Do not start Good Messaging services when
prompted.
7.
From Start/Programs/Administrative Tools, launch the Services

program.
8.
Verify that the Good Messaging service and Good Management

service are not running and are set to manual.
9.
From the Cluster Administrator, select the Cluster Group that

contains the Good Messaging Drive resource and the Good
Messaging service resource. Right-click on the Cluster Group and
choose Bring Online.
10. Repeat
the previous step for the Good Management service

resource.
Upgrading the Standby Server in a

Good Messaging Cluster
To upgrade the standby server in a Good Messaging Cluster:
1.
From the standby server host machine, launch the Microsoft

Cluster Administrator.
2.
Select the Cluster Group that contains the Good Messaging Disk
resource and the Good Messaging Service resource.
3.
Right-click on each resource except the Good Messaging Database

(the Good Messaging Database resource is not needed if the
225
database is hosted on a separate SQL server) and choose Take

Offline, or for each resource from the File menu choose Take
Offline.
4.
Select the Cluster Group that contains the Good Messaging Disk
and Good Messaging Service resources and from the File menu
choose Move Group, to move ownership of the resources to the
standby server. Verify that ownership of all resources in the group
has been transferred to the standby server.
5.
Repeat the previous 3 steps for the Good Management service

resource.
6.
Install the new version of Good Messaging Server and Good

Management Server. Important: Choose the same cache directory
as used by the previous installation. A standby-server dialog will
be displayed if you provide the proper directory name.
7.
From Start/Programs/Administrative Tools, launch the Services

program.
8.
Verify that the Good Messaging service and Good Management

service are not running and are set to manual.
9.
From the Cluster Administrator, select the Cluster Group that

contains the Good Messaging Disk resource and the Good
Messaging Service resource. Right-click on the resources and
choose Take Offline.
10. From
the Cluster Administrator, select the group that contains the

Good Management service resource. Right-click on the resource
and choose Take Offline.
11. In
the Cluster Administrator, select the Cluster Group that

Messaging Service resource. From the File menu choose Move
Group to move ownership back to the primary server.
12. In
the Cluster Administrator, select the group that contains the

Good Management service resource. From the File menu choose
Move Group to move ownership back to the primary server.
13. Verify that ownership of all
resources has been transferred back to
the Primary server.

226
Uninstalling Good Messaging Cluster Servers Permanently
14. From the Primary server, delete the lock file dbfiles.lck. By
default
the file is found in installation_directory\cache\server_name\.
15. From
the Cluster Administrator, select the Cluster Group that

Messaging Service resource. Right-click on the Cluster Group and
16. From the
Cluster Administrator, select the group that contains the

Good Management Service resource. Right-click on the group and
Uninstalling Good Messaging Cluster

Servers Permanently
To permanently uninstall a Good Messaging clustered server:
1.
Using the Microsoft Cluster Administrator, transfer ownership of

the cluster resources to the standby server.
2.
Uninstall the standby server as you would a standalone Good

Messaging Server.
3.
From the primary server, transfer ownership of the Good

Messaging resources back to the primary server.
4.
Uninstall the primary server as you would a primary Good

Messaging Server (Uninstalling Good Messaging on page 231).
5.
Delete all the Good Messaging resources from the Cluster

resource groups.
a.
From the primary server, launch the Microsoft Cluster Administrator.
b.
Select a group containing a Good Messaging resource.
c.
For each Good Messaging service (e.g., Good Messaging service, Good Messaging Cache Lock, and Good Management service), right-click the resource and choose Offline. Then choose
Delete.
227
d.
Repeat a. through c. until all Good Messaging resources are

deleted.
Good Messaging Cluster Resources

The Good Messaging Cluster Tools setup will add several Good
Messaging resources to the cluster automatically. In addition, youll
add one or more resources manually during clustering setup. Below
is a description of each Good Messaging resource.
Good Messaging Server Resource

The Good Messaging Server is added to the cluster as a resource
named Good Messaging Service. The cluster service monitors this
resource and if the resource fails, the service is either restarted on the
same node or restarted on another node.
Good Management Server Resource

The Good Management Server is added to the cluster as a resource
named Good Management Service. The cluster service monitors
this resource and if the resource fails, the service is either restarted on
the same node or restarted on another node. This resource is
dependent on the Cluster Name Resource.
Good Messaging Cache Lock Resource

Before the Good Messaging service resource can be started, the cache
lock file must be deleted in order to allow the service to start
automatically. If the Good Messaging cache is on a shared drive, then
this resource is dependent on the shared drive resource.
Good Messaging Drive Resource

The setup scripts query the Good Messaging Server setup for the
location of the cache directory. If the cache directory is on a shared
228
Good Messaging Cluster Resources
drive, then the setup searches for an existing drive resource that
matches the cache directory drive. If such a resource is not found,
then a new resource for this drive is created called the Good
Messaging Drive Resource.
Good Messaging Group Resource

If the cache directory is on a preexisting drive resource, then the
Good Messaging resources are added to the resource group that
manages this drive resource. For example, if the cache directory is on
the Cluster Quorum drive, then the Good Messaging resources are
added to the Cluster Group. If the drive resource does not exist,
then a new resource group named Good Messaging Group is
created to manage the Good Messaging resources. The Good
Management Server resource is installed by default in the Cluster
Group containing the Cluster Name resource.
Youll add the following resources manually during clustering
setup.
Domino Server Messaging Group Resource

Good Messaging Server runs on top of a Domino server. This
resource is a prerequisite for the Good Messaging resource and the
Good Management resource.
"Good Messaging Database" Resource

Note: This resource is not needed if the Good Messaging Database is
to be hosted on a separate SQL Server 2005 farm.
If the Good Messaging Database does not reside on a separate SQL
server, this resource helps make the database available to the active
node. This resource is a prerequisite for the Good Messaging
resource and the Good Management resource.
229
230
10 Uninstalling Good
Messaging
Uninstalling Good Messaging Server

To uninstall Good Messaging Server software from its host machine,
use the following procedure. Note that the Domino server used by
the Good Messaging Server must be present on the host machine for
the uninstall to succeed.
1.
If a Good Messaging Server is being removed permanently (not

simply upgraded), move any handhelds managed by Good
Messaging Server to a different server, as described in Moving a
Handheld to a Different Good Messaging Server on page 111.
2.
If you will be uninstalling the software for all Good Messaging

Servers in a Domino site, first remove all Good Management
Servers and Consoles, as described in Uninstalling Good
Management Server on page 232 and Uninstalling Good
Management Console on page 233. Do not remove these if any
Good Messaging Servers are to remain operational in the site.
This step is not necessary if you plan to reinstall the server. If you
choose the "custom" uninstall, you will be given a chance during
uninstallation to retain user configurations ("Retain Users") for
reinstallation later. If you choose the "typical" uninstall, user
configurations will be retained automatically.
3.
Close all programs before proceeding with the uninstall. Confirm

that no applications are being run remotely (such as PerfMon) by
rebooting the server or by going to Start > Programs >
231
Administrative Tools > Computer Management and

disconnecting any drive/application shares currently in place.
4.
To uninstall the Good Messaging Server software from a

particular machine, go to the machines Control Panel window
and double-click Add/Remove Programs.
5.
From the list of programs, select Good Messaging Server and

click Add/Remove.
Youll be given the option to repair or uninstall the Server. Choose

to uninstall it, and when prompted, choose the typical uninstall.
Uninstalling Good Management Server

To uninstall Good Management Server software from its host
machine (for example, because you want to install a later version of
server software), use the following procedure.
1.
Close all programs before proceeding with the uninstall. Confirm

that no applications are being run remotely (such as PerfMon) by
rebooting the server or by going to Start > Programs >
232
Uninstalling Good Management Console
Administrative Tools > Server Manager and disconnecting any

drive/application shares currently in place.
2.
To uninstall the Good Management Server software from a

particular machine, go to the machines Control Panel window
and double-click Add/Remove Programs.
3.
From the list of programs, select Good Management Server and

click Add/Remove.
When prompted during program removal, choose Typical
Uninstall if handheld users are to continue using Good
Messaging without being set up from scratch again. (Refer to
Changing a Users Good Messaging Server, Domino Server, or
User Name on page 109 for information on moving the users to a
different server.)
Uninstalling Good Management

Console
To uninstall Good Management Console:
1.
Run setup.exe from the Good distribution media. From the

introductory installation screen click Add/Remove for the Good
Management Console snap-in.
If Good Management Console is detected, the required uninstall
files are unpacked from the Good distribution media.
The Uninstall Wizard prepares to run, and then guides you
through the uninstall process.
2.
Click Next to proceed.

You are prompted to confirm the uninstall.
3.
When prompted, click OK to confirm that you want to remove the

application and all of its components.
4.
Click Next.
A summary screen is displayed.
233
If the information it contains is correct, click Next to proceed with

the uninstall.
A progress bar is displayed as the console is removed. When the
uninstall is complete, a final screen is displayed.
5.
Click Finish.
Uninstalling SQL
Before installing Good Messaging Server software, confirm that the
host machine does not have an MSDE or SQL server installed on it. If
such a server is present, uninstall it using the following procedure.
Good Messaging installation software will return an error such as an
authentication error if such programs (e.g., Microsoft SQL Server
Management Studio Express) are encountered
1.
Close all running programs on the host machine.
2.
From the Windows Control Panel, run Add or Remove Programs.
234
Uninstalling SQL
3.
Select Microsoft SQL Server Management Studio Express and

select Remove.
The program is removed.
4.
Repeat for Microsoft SQL Server 2005.
5.
Repeat Microsoft .NET Framework 2.0.

Note: The programs must be removed in the order given.
235
236
Index
A
address, Good host 162
application control policies 124
application status details 82
C
cache directory location 42
changing
handheld user 93
handheld user name 109
user short name, display name, or
email address 110
users server 109
clearing
handheld statistics 99
cluster
tools 220
clustering
Good Messaging Servers 193
installing an existing Good
Messaging Service 224
installing the first clustered
node 197
installing the second clustered
node 207
prerequisites 194
resources 228
uninstalling cluster servers 227
upgrading the primary server in a
cluster 224
upgrading the standby server in a
cluster 225
command-line utilities 173
Compliance Manager 124
Configure Connection menu

item 169
console
installing Good Management
Console 60
overview 21
contacts, synchronized 70
Custom applications, adding and
deleting from the software
package 141
customizing OTA setup message 85
D
dashboard (Good Monitoring
Server) 153
adding a Server 155
database, moving 111
default user password 119
diagnostic log file 167
Diagnostic Log Files 190
disabling handheld
wirelessly 143
Domino server, moving handheld
to different 110
E
email address, changing 110
enabled application status
details 82
erasing handheld
wirelessly 143
errors
Windows Event Viewer
Application log 73
237
Index
event and error message

synchronization 42, 50
exceptions to synchronization 148
exchanging a users handheld 111
Export
syntax 103, 108
extensions
F
files, rules for application
control 130
G
global policies 68, 117
gmexportstats 104
Good
user list for a Good Messaging
Server 163
Good Management Console 21
installation 60
Good Messaging
software license agreement 39,
50, 62
utilities 173
Good Messaging host
prerequisites 29, 33
clustering 193
clustering resources 228
host address 162
installation 36
introduction 23
license key 39, 162
logging 164
managing 149
moving handheld to
different 111
name 39, 162
properties 161
serial number 39, 162
server list 156
statistics 157
stopping the service 169
uninstalling 231
Good Monitoring Portal 9, 11, 18,
149
adding a Server to dashboard 155
238
dashboard 94
server dashboard 153
user and handheld status 94
GoodAccess Server 24
GoodLinkAddUser 190
H
handheld
adding a list to server 72
changing server or user
name 109
changing user 93
exchanging a users 111
management 77
moving to different Domino
server 110
moving to different Good
Messaging Server 111
preparation 63
prerequisites 124
required applications 124
setup 66
transferring to new user 93
viewing and clearing statistics 99
wireless setup 71
host address, Good Messaging
Server 162
I
Import
syntax 72
installation 1, 29, 35, 231
concepts 20
Good Messaging Server name 39
license key 39
outline 29, 35
prerequisites 29, 33
serial number 39
steps 29, 35
tasks 29, 35
introduction
installation 20
multiple servers 19
wireless synchronization 12
IP range 167
K
key, license 39, 162
L
license agreement 39, 50, 62
license key 39, 162
list of handhelds, adding to Good
Messaging Server 72
location
cache directory 42
software 41, 42, 50
log file
diagnostic 167
Windows Event Viewer
Application Log 73
logging, Good Messaging
Server 164
M
mail accounts 20
mail files 20
managing
Good Messaging Servers 149
handhelds 77
with Performance Monitor 159
message, customizing OTA
setup 85
Microsoft clustering 193
moving handheld
to different Domino server 110
to different Good Messaging
Server 111
moving the SQL database 111
multiple mail and Good Messaging
Servers 19
N
name
Good Messaging Server 39, 162
user 109
O
Operations Center 12
OTA 8, 24, 63, 78
customizing setup message 85
OTA PIN 8, 23, 69, 84, 103, 123
Over The Air 8, 24, 63, 78
overview
installation 20
multiple servers 19
wireless synchronization 12
P
password, user (default) 119
Performance Monitor 159
PIN 8, 23, 69, 84, 103, 123
policies
application control 124
global 68, 117
user 68, 135
prerequisite applications for the
handheld 124
prerequisites 29
properties, Good Messaging
Server 161
R
range, IP 167
required applications for the
handheld 124
resources, clustering 228
Role Based Administration 52, 88
role-based administration 88
roles 52, 88
roles, Good Management
Console 88
ROM, handheld 104
rules for required handheld
applications 130
S
serial number
Good 162
server list, Good Messaging
Servers 156
server name (Good) 39, 162
setting up the handheld 66
setup
console 60
Good Messaging Server name 39
239
Index
license key 39
serial number 39
wireless (handheld) 71
setup message, customizing
OTA 85
setup time, server 162
site license key 39
software license agreement 39, 50,
62
SQL database, moving 111
statistics
handheld, viewing and
clearing 99
status
definitions for user OTA
application policies 81
enable applications details 82
stopping the Good Messaging
Service 169
synchronization 12
error and event messages 42, 50
exceptions 148
syntax
Export 103, 108
Import 72
utilities
Diagnostic Log Files 190
GoodLinkAddUser 190
utilities, Good Messaging 173
W
WiFi-only handhelds 33
Windows Event Viewer Application
Log 73
wireless 63
wireless handheld management 24
wireless handheld setup 25, 63, 78
wireless setup (handheld) 71
wireless synchronization 12, 26
T
tab
IP range 167
range, IP 167
template
OTA Setup email message 85
template, rule files 130
time, server setup 162
transferring handheld to new
user 93
U
uninstalling
user list for a Good Messaging
Server 163
user name, changing for
handheld 109
user password, default 119
user PIN 8, 23, 69, 84, 103, 123
user policies 68, 135
user short name, changing 110
240

GfE AdminGuide Domino

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

GfE AdminGuide Domino

Uploaded by

Copyright:

Available Formats

Good Mobile Messaging

for IBM Lotus Domino

Wireless Enterprise Messaging and Data Access System

Good Mobile Messaging Administrators Guide

Copyright, trademark and patent information

Good Mobile Messaging Administrators Guide

typographical errors. Good Technology may make improvements or changes in the

Installing Good Messaging

Setting Up the Handheld 7

Multiple Lotus Domino and Good Messaging Servers

Custom Software for Wireless Distribution

Checking Prerequisites and System Requirements 29

Installing Good Messaging Server

Installing Good Management Server

Preparing New Handhelds

Preparing for Handheld Setup 64

Completing the Setup Process 69

Interaction with Wi-Fi (PPC)

Managing the Handhelds

Updating Handheld Software Wirelessly 78

Good Mobile Messaging Administrators Guide

Maintaining Role Based Administration

Removing a Handheld from Good Messaging Server

Checking Handheld Status 94

Changing a Users Good Messaging Server, Domino Server,

Changing the Good Messaging OTA Setup Software

Good Mobile Messaging Administrators Guide

Managing Good Messaging Server

Moving Good Messaging Server to a New Host

Moving Good Management Server to a New Host

Monitoring Good Messaging Servers 152

Stopping Good Messaging Services

Best Practices 170

Good Messaging Utilities and Console

Good Mobile Messaging Administrators Guide

Good Messaging Domino Console Commands

Using Standby Good Messaging Servers

How the Microsoft Clustering Service Works 193

Installing the First Clustered Node 197

Good Messaging Cluster Resources 228

Uninstalling Good Messaging

Uninstalling Good Messaging Server 231

Good Mobile Messaging Administrators Guide

Welcome to Good Mobile Messaging, the behind-the-firewall,

Good Mobile Messaging Administrators Guide

system, but the Domino server on which Good Mobile Messaging is

Good Messaging Servers, which synchronize user handhelds with

Good Management Servers, which provide facilities for managing

Good Management Consoles, which provide a front-end for the

Intel Pentium IV processor, 2GHz or higher

Hard-Drive Free Space (GB)

Good Mobile Messaging Administrators Guide

Hard-Drive Free Space (GB)

If a virtual machine session is used for Good Messaging, the free

Required minimum LAN speed for the servers: 100Mbps Note:

Active Directory (Good Management Server)

SMTP Service should not be enabled on the Domino instance

Server host machine: Windows Server 2003 Service Pack 1

Good Messaging Server and Good Management Server host

The host machine should not have an MSDE or SQL server

Lotus Domino Messaging Server 6.0 or higher

The Domino server on which Good Messaging Server is to be

The Domino server on which Good Messaging is to be installed

The Domino server on which Good Messaging runs must have