| |
 FirstClass Administrator Best Practices
Following these best practices should ensure smooth FirstClass operations and allow you to weather almost any disaster recovery scenario:
1. DO make regular and frequent backups of your FirstClass Network Store folder (or FCNS). DO make regular and frequent backups. DO make regular and frequent backups. We emphasize this since failure to make backups in any hardware/software environment on a regular basis means that a catastrophic failure could force you to start from scratch. Recent backups are also helpful for comparison purposes when troubleshooting certain issues. References to the Network Store in this document are also in reference to the FirstClass post office (or FCPO) on previous versions. Ensure that the server application is not running, or (if you wish to back up the mirror) that mirroring is paused while making a backup. For more details on the procedure, please see points 2 and 3 below. When making backups, use the VERIFY option of whatever tool you are
using to make the backup. The mirror is NOT a backup; the mirror's function is to give you a mirror copy of the running network store that you can 'pause' (where all open files are closed) and make a backup of and then 'continue' (where the mirror files are re-opened and updated with any changes that occurred on the network store while the mirror was paused).
2. DO NOT backup the FirstClass Network Store folder while the server application is running. Your backup will be useless and there is a chance that the production Network Store could be damaged. Do not move or copy Network Store content while the FirstClass Server application is running. Do not 'mix and match' Network Store content from or to backups. If you have multiple 'full use' volumes, ensure that you backup the FirstClass network store folders on each volume.
3. DO NOT backup the FirstClass Network Store mirror while the mirror is not paused. Pause the mirror and wait for the confirmation message on the server console before backing up the network store mirror. Remember that some items are not backed up by the mirror process (most important of these are the logfiles and RAD applications). If you have multiple 'full use' volumes, ensure that you mirror each one and backup each mirrored FirstClass Network Store folder.
4. DO test your disaster recovery procedure at least once every quarter. DO NOT wait for a real emergency in order to find out if your disaster recovery procedure works or not. Restore a backup to a test server and do some functionality testing on it to ensure viability. Use a monthly, weekly, daily backup tape procedure. Store some of your backups off site. If you are restoring from CD or DVD, ensure that you disable the read-only attribute for all files and sub-folders of the Network Store backup. As with any mission critical server, invest in an Uninterruptable Power Supply (UPS) for the FirstClass Server machine and monitor so that you can shutdown the server properly in case of a power failure. UPSs are relatively inexpensive and are practicaly a must in locations that encounter frequent brownouts. If the UPS does not have the
capabillity to shutdown the computer on it's own, ensure that the UPS provides you enough time to reach the server machine or to remotely log in to shut it down properly. On Windows systems, the FirstClass server application should be set up as a service so that it can be shutdown properly by the UPS. If you do not use a UPS, a power failure COULD cause catastrophic file corruption.
5. DO change the Admin password every month or so. Avoid using the Admin account, instead use subadmin accounts to administrate the server where possible. If you have remote access to the FirstClass Server set up, reset that password every month. On some occasions, FirstClass support services will require access to the Admin account for troubleshooting. In such cases, it is recommended that you supply this information but reset the password before and after such troubleshooting session.
6. DO NOT use a version of the FirstClass Client that is for a newer or older version of the server when using the Admin or a sub-admin account. For the 8.0 version of the server, use the 8.047 version of the client. For the 8.1 version of the server, use the 8.101 version of the client. For the 8.2 version of the server, use the 8.200 version of the client on Windows and the 8.101 client on Mac OSX. For the 8.3 version of the server, use the 8.315 version of the client. This is to ensure form and field compliance between the server and client when dealing with critical configuration areas.
7. DO educate your users on such things as message limits within the mailbox, storage limits, message expiries, etc. Create an SLA document that explains this to them simply, including what they should do if they have a question or if they have an emergency. If appropriate, this information should also be available via public website for users that can't log into their account. Define the differences between such events. Educate regarding archiving, such as the SUMMARIZE function. Other useful items would be a document that lists the network server information such as the domain name or IP, a standard .FC settings file for your site, and how to reach IT support. Please note that FirstClass support services does NOT support end users, so do not give your users FirstClass support services contact information.
8. DO protect yourself and the network. Run firewall software that effectively monitors traffic but does not become actively involved in protocol conversations. Run anti-virus gateway software on a server that is NOT running the FirstClass Server, as this can interfere with Network Store processes and cause the Network Store to become damaged (see point 9). Unless absolutely necessary (for versions 7.0 or older), set up Internet Services to Not Relay email. Restrict physical access to the FirstClass Server machine (i.e. lock it up in a server cage or server room).
9. DO NOT run active anti-virus scanning on the same machine as the FirstClass Server and Network Store. For more details, click here.
10. DO monitor the server from time to time by watching the FirstClass Server monitor and Internet Services monitor. Be watchful for 'red lights' on these monitors, which could indicate a problem. Also be watchful of error messages on the Server or Internet Services consoles, especially if you see multiple errors with the same numeric code.
11. DO keep a log of changes/updates that you or sub-admins have completed on the FirstClass Server software or hardware. This can be handy in troubleshooting issues and isolating causes.
12. DO maintain a high level of ethics. Lock out desktops from the subadmins. This will minimize the chances of invasion of privacy. Remember: Would you like someone to eavesdrop on your email? Or your phone calls? Or your snail mail? This is, in general, a good practice for any network or server administration.
13. DO NOT move privilege groups out of the Groups folder on the admin desktop or into a subcontainer within the Groups folder. Privilege groups function only when they are located in the root of the Groups folder on the admin desktop.
In addition to these best practices, please refer to the tuning recommendations for the platform that you are running the FirstClass server on:
| ||