You are installing or you have already installed Symantec Mail Security for Domino - Multiplatform Edition version 3.2 or 8.0.x (for AIX). You're seeking additional information on how to setup replication if it's databases.
This document explains how to set up replication of the Symantec Mail Security for Domino - Multiplatform Edition Settings, Log, and AV Definitions databases.
The following topics are discussed:
For additional information, see the Symantec Mail Security for Domino - Multiplatform Edition Installation Guide or the online help.
Minimum Lotus Notes versions
Signing databases using some versions of Lotus Notes will corrupt the selective replication settings.
You must sign your SMSDOM-MPE databases using Lotus Notes version 6.0.4 or 6.5.2 and higher. (Refer to Domino SPR JMAZ5WVV7U)
About SMSDOM-MPE databases
To facilitate enterprise-wide management of Symantec Mail Security for Domino - Multiplatform Edition, the Symantec databases can be replicated to other servers running SMSDOM-MPE.
Replication of the SMSDOM-MPE databases allows the centralization of configuration settings, security risk incidents and statistics, and virus definitions.
The SMSDOM-MPE Settings database, savmpe.nsf, can be replicated to other Domino servers running SMSDOM-MPE. The SMSDOM-MPE server task (nntask) monitors savmpe.nsf for changes to the SMSDOM-MPE settings through replication, and reloads the settings on the local server.
The following subset of settings in the SMSDOM-MPE Settings database are replicated between Domino servers:
The SMSDOM-MPE Log database, savmpelog.nsf, stores server messages, reports of security risk incidents, and scan summaries. It also provides access to both quarantined and original documents that SMSDOM-MPE backs up before eliminating security risks.
Through replication, you can maintain a master SMSDOM-MPE Log that automatically includes security risk incidents and statistics reports from other Domino servers running SMSDOM-MPE.
The SMSDOM-MPE AV Definitions database, savmpedefs.nsf, stores updated virus definitions. The database can be replicated to other Domino servers running SMSDOM-MPE so that only a single LiveUpdate is required to maintain current protection on all servers.
Initial replication settings in Domino 6 and Domino 7
The Notes/Domino 6.x and 7.x environments do not correctly populate replicas containing selective replication formulas when manual replication is used.
The Symantec Mail Security for Domino - MPE Settings and Log databases use selective replication formulas.
To create replicas of these databases onto another server, the Domino Administration Process (AdminP) MUST be used.
When creating replicas with AdminP, push-only replication must be used to initially populate the replica.
Once the replica has been initially populated, you may use whatever replication topology you choose.
To create replicas using AdminP:
When using AdminP, the activities are carried out by the server, as opposed to by the user ID you are logged into when setting up the request.
However, the user ID is also evaluated to make sure that you are allowed to trigger the replication. This means that both your server AND logged on user must be allowed to "Create New Replicas" on the target server.
If the file already exists when you tell the server to create a replica, the server cannot delete the already-existing file. You must first delete the database using the Domino Administrator.
For more details on the AdminP process, see the Domino Administrator Client Help Topics. The help topics database is typically located in the data\help\ directory of your Notes client.
Specifying replica path names in a mixed-platform environment
When replicating SMSDOM-MPE databases in a mixed-platform environment, care must be taken to specify the correct database directory name when defining the replica path in the Domino Administrator.
When replicating to AIX, Linux, and Solaris, the replica path should be specified using the forward slash character ("/"), and the database directory name should be "sav".
When replicating to OS/400, the replica path should be specified using the forward slash ("/") character, and the database directory name should be "SAV".
If you do not use the correct syntax for the replica path name, SMSDOM-MPE database replication will not function correctly in a mixed-platform environment.
Preparing databases for replication (SMSDOM - MPE Settings and SMSDOM - MPE Log)
Generally, a specific machine is selected to host the master SMSDOM-MPE Settings and SMSDOM-MPE Log databases.
If desired, you do not have to select a machine to host a master SMSDOM-MPE database. With push-pull replication, SMSDOM - MPE Settings can be replicated among all servers
running the same version of SMSDOM-MPE. For the SMSDOM - MPE Log, however, you must select a machine to host the master log.
To prepare for SMSDOM - MPE Settings or SMSDOM - MPE Log replication:
The LocalDomainServers group should contain all of the servers to which you plan to replicate.
Any changes made to SMSDOM-MPE settings on any of the Notes servers are distributed to the other replicas when a manual or scheduled replication occurs.
After replication, the new SMSDOM-MPE settings are reloaded automatically.
For the SMSDOM - MPE Log, initiate push replication from the SMSDOM - MPE Log replicas to the master savmpelog.nsf. This will allow for centralized logging of security risk incidents across multiple Domino servers.
Remember that all replicas must be populated initially from the source server using push-only replication.
Replication of SMSDOM - MPE Settings when SMSDOM-MPE is already installed on replica servers
If SMSDOM-MPE is already installed on a Domino server to which the SMSDOM - MPE Settings or SMSDOM - MPE Log databases are being replicated, you must stop the SAV server task on that server before replicating the database.
Preparing the SMSDOM - MPE AV definitions database for replication
The Domino server on which the master savmpedefs.nsf is created should be the machine that downloads new virus definition updates through a scheduled LiveUpdate.
Use of the SMSDOM - MPE AV Defs database is only required if you plan to replicate updated virus definitions to separate physical servers.
Partitioned servers on the same physical server will share a single SMSDOM - MPE AV Defs database. Definitions will be updated within ten minutes of a new LiveUpdate download.
If you do not intend to replicate virus definitions, you do not need to create the definitions database.
To prepare for SMSDOM - MPE AV Definitions replication:
After the next scheduled LiveUpdate, any updated virus definitions are downloaded and a new savmpedefs.nsf document is created.
The updated definitions are distributed to the other replicas when a manual or scheduled replication occurs. The SMSDOM-MPE server task checks for a new virus definition set at 10-minute intervals.
Excluding Symantec template files from replication
SMSDOM-MPE template files are installed to the data directory, and are named savmpe.ntf, savmpelog.ntf, and savmpedefs.ntf.
If the SMSDOM-MPE template files (savmpe.ntf, savmpelog.ntf, and savmpedefs.ntf) are allowed to replicate to the master server, databases created from the replicated templates will appear to be replicas. If this occurs, SMSDOM-MPE will not operate properly.
For example, if the savmpedefs.ntf template is allowed to replicate to the master server, any definitions databases created from the replicated template will appear to be replicas. In this case, SMSDOM-MPE will not allow updated virus definitions to be attached to it.
To prevent the SMSDOM-MPE templates from being replicated:
If the Files/Directories to Replicate field is left blank, all database templates will be replicated between servers.