Topic: How to: Authenticate SOGO against SME

[kevinb]

Sogo groupware with SME authentication.

Sogo appears to be the most promising package to have Thunderbird/Linux replace Outlook/Exchange. I have not tested Sogo functionality so I cannot say how well it performs.

With the advent of the LDAP contrib (http://wiki.contribs.org/LDAP) I was able to get a Sogo (http://www.scalableogo.org) installation to authenticate against SME. This is the first step in getting Sogo to install on SME.

I have not tested this much (SME 7.4 and Centos installed on Vmware) and am looking to the community for advice and direction. Please give me your feedback.

The usual dire warnings apply about beta software.


On a fresh install of SME 7.4 install the wonderful LDAP contrib that makes this work

Code: [Select]

yum install -y e-smith-base+ldap e-smith-samba+ldap --enablerepo=smetest --enablerepo=smeupdates-testing
yum update -y
signal-event post-upgrade;  signal-event reboot; exit
 
# For testing I prefer simple passwords
/sbin/e-smith/db configuration setprop passwordstrength Users none

Install CentOS as a basic server using "install text".
Uncheck all packages, select "Customize" and unselect all those packages too.
Network: DHCP

Code: [Select]

yum update -y
yum install httpd mod_ssl postgresql-server man ntp nano wget -y
 
# Disable SELinux and Firewall
/usr/bin/system-config-securitylevel-tui

# Copy the MAC address from:
ifconfig

On the SME server add the Centos box to the hostname list with the MAC address. This effectively gives the Centos machine a static IP.

Back on Centos

Code: [Select]

reboot


Code: [Select]

# Setup Postgresql
service postgresql restart
su - postgres
createuser --no-superuser --no-createdb --no-createrole --encrypted
sogo
createdb -O sogo sogo
exit

nano /var/lib/pgsql/data/pg_hba.conf
# add:
local   sogo    sogo                    trust
host    sogo    sogo    127.0.0.1/32    trust
# add end
 
chkconfig postgresql on
service postgresql restart


Code: [Select]

# Setup Apache (should work without this)
nano /etc/httpd/conf/httpd.conf
#add:
ServerName sogo.<domain>.<tdl>:80
#add end
 
chkconfig httpd on
service httpd restart


Code: [Select]

# Setup Sogo

# Setup package repositories
nano /etc/yum.repos.d/SOGo.repo
#add:
[sogo-Centos5]
name=Inverse SOGo Repository
baseurl=http://inverse.ca/downloads/SOGo/CentOS5/$basearch
enabled=1
gpgcheck=0
#add end

yum install sogo sope49-gdl1-postgresql -y
 
# Set sogo user password. If not "sogo" must also be changed in the Sogo DB settings below.
passwd sogo sogo

su sogo

# Base config
defaults write sogod SOGoServerTimeZone "America/Phoenix"
defaults write sogod WOParsersUseUTF8 YES
defaults write sogod WOMessageUseUTF8 YES
defaults write sogod SOGoDefaultMailDomain "<domain>.<tdl>"
defaults write sogod NGUseUTF8AsURLEncoding YES
defaults write sogod WOUseRelativeURLs NO
defaults write sogod SOGoDefaultLanguage French
defaults write sogod SOGoAppointmentSendEMailNotifications YES
defaults write sogod SOGoFoldersSendEMailNotifications YES
defaults write sogod SOGoACLsSendEMailNotifications YES
defaults write sogod WOPort 20000
defaults write sogod WOApplicationRedirectURL http://sogo.<domain>.<tdl>
 
# Authentication
defaults write sogod SOGoAuthenticationMethod LDAP
defaults write sogod SOGoLDAPSources '({CNFieldName = cn; IDFieldName = uid; UIDFieldName = uid; baseDN = "ou=Users,dc=<domain>,dc=<tdl>"; bindDN = "uid=root,ou=Users,dc=<domain>,dc=<tdl>"; bindPassword = <SME root password>; canAuthenticate = YES; displayName = "Shared Addresses"; hostname = "<IP address of SME>"; id = shared; isAddressBook = YES; port=389})'
 
# DB
defaults write sogod SOGoProfileURL 'postgresql://sogo:sogo@localhost:5432/sogo/sogo_user_profile'
defaults write sogod OCSFolderInfoURL 'postgresql://sogo:sogo@localhost:5432/sogo/sogo_folder_info'
 
# SMTP
defaults write sogod SOGoMailingMechanism smtp
defaults write sogod SOGoSMTPServer <IP address of SME>
 
# IMAP
# defaults write sogod SOGoDraftsFolderName Drafts
# defaults write sogod SOGoSentFolderName Sent
# defaults write sogod SOGoTrashFolderName Trash
defaults write sogod SOGoDraftsFolderName INBOX.Drafts
defaults write sogod SOGoSentFolderName INBOX.Sent
defaults write sogod SOGoTrashFolderName INBOX.Trash
defaults write sogod SOGoOtherUsersFolderName "Other Users"
defaults write sogod SOGoSharedFolderName "Shared Folders"
defaults write sogod SOGoFallbackIMAP4Server <IP address of SME>
 
exit
 
chkconfig sogod on
service sogod restart

reboot


Test by pointing your browser to: http://sogo.<domain>.<tdl>/SOGo


Known issues:

• Sogo fails to send emails. SMTP server connection error. Can be worked around by using Centos sendmail to relay through the SME server.

Next steps:

• Secure Sogo and SME (is LDAP exposed to the world now?)
• Get Sogo to use the MySQL DB on SME (Sogo documentation is poor. Can Sogo use MySQL 4.X?)
• Install Sogo on SME (beyond my skill set)

[shawnbishop]

Maybe add a wiki entry for this?

[dadoudidon]

Very nice job, i'm very interested in this project.

[kevinb]

At this time I am looking into what it would take to back up and also what other issues there might be the new LDAP database.

I tried a direct install on SME but web access did not work. Trouble shooting this is beyond my skills at the moment. Anyone want to tackle this?

[girkers]

Just a suggestion wouldn't it be easier to try with SME 8 as from what I understand it will include LDAP as well as SOGO has a CentOS5 package that would probably integrate easier.

Anyway good luck interested to hear how it goes.

[Stefano]

Just a suggestion wouldn't it be easier to try with SME 8 as from what I understand it will include LDAP as well as SOGO has a CentOS5 package that would probably integrate easier.

I would agree with that.. I've tried to rebuild SOGo's rpms on centos4 but no way

Stefano