Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: berdie on September 15, 2005, 10:24:55 PM
-
I would like to announce a howto for the installation of the collaboration-suite Open-Xchange.
Thanks a lot for Vincent Filali-Ansary, who contributes this brillant work in a few rpm's.
Note: This is for SME 6.01-01 only, it doesn't work for the SME 7 !
http://no.longer.valid/phpwiki/index.php/Howto%20install%20Open-Xchange%20for%20SME%206.01-01
Rgds.
Dietmar
-
all we need now is the tool to create users and group in the server manager and the TB connect for the contacts.
-
Hi Dietmar,
I followed your How-To and also created a group and a user as this tutorial suggests:
http://e-smith.dyndns.org/ox/
Be careful with usernames and passwords: they should be exactly the same like your users and passwords at the SME-Server!
Do I need to create each of my users by hand?
Is this tutorial incomplete?
-
Do I need to create each of my users by hand?
Is this tutorial incomplete?
Hi Stuntshell,
at the moment there is no way to create und change the users with a panel in the server-manager. So it's right, you need to create them by hand.
But you could create a little script with all users in it and one line per user. A line of this script should look like this:
/usr/local/open-xchange/sbin/adduser_sme_ox --username="michael" --passwd="sme4711" --name="Michael" --sname="Walter" --maildomain="walter.com" --lang="EN" --ox_timezone="Europe/Berlin" --write_global_address="TRUE" --uid=5100 --gid=5100
Rgds.
Dietmar
-
But you could create a little script with all users in it and one line per user. A line of this script should look like this:
/usr/local/open-xchange/sbin/adduser_sme_ox --username="michael" --passwd="sme4711" --name="Michael" --sname="Walter" --maildomain="walter.com" --lang="EN" --ox_timezone="Europe/Berlin" --write_global_address="TRUE" --uid=5100 --gid=5100
If you create a script in /etc/e-smith/events/user-create, it will get called as users are created from the server-manager. The username will be passed as the second argument (the first is the event name). The user-create-unix script is probably a good basis for a user-create-openxchange.
Similarly, if you create a script in /etc/e-smith/events/user-modify, it will get called as users are modified from the server-manager. Your script could check whether the Open-Xchange user exists, and create it if not.
Most of the other data you need is already available as properties of the user in the accounts database. Try "/sbin/e-smith/db accounts show michael" and you'll see you've got almost all that you need.
And finally, link a script into user-delete to handle the deletion case.
-
Certainly a nice way to integrate Gordonr, but my biggest consideration would be about the existing users and their passwords, and the fact that once they change their password through regular steps it does not reflect on Open-Xchange.
I've been throught these before, with the jabber contrib, proxy-users and chpasswd.cgi.
Thanks,
-
Certainly a nice way to integrate Gordonr,
Not just a nice way, it's the SME Server design :-)
but my biggest consideration would be about the existing users and their passwords, and the fact that once they change their password through regular steps it does not reflect on Open-Xchange.
I've been throught these before, with the jabber contrib, proxy-users and chpasswd.cgi.
Thanks,
There is a "password-modify" event which gets called when someone modifies their password. However, it does not currently provide a method by which subsystems can get the unencrypted password, as it is called after the new password has been set in /etc/shadow and /etc/smbpasswd. These passwords are set by library functions which are careful not to pass the password on the command line, or similar.
If these subsystems can use /etc/shadow, /etc/smbpassd, PAM or CVM to authenticate, they don't need to do anything more. I'd be really surprised if you can't use one of those methods to check passwords.
If you really need the password to be available in the password-modify event so it can be hashed into yet another password scheme (I hope not), please raise a bug in the 7.0 SourceForge bug tracker, providing details and we'll have a look at it.
Note that there is no way to recover a user's existing password. That is by design, and an important part of a secure password system. So, existing users will need to reset their password when a new subsystem is added, if that new subsystem needs another password scheme.
Again, I'd be surprised if you couldn't use one of the existing methods to authenticate users against either /etc/shadow or /etc/smbpasswd via PAM or CVM. It's usually just a matter of configuring the subsystems in the correct way.
-
Certainly a nice way to integrate Gordonr,
Not just a nice way, it's the SME Server design :-)
yep
but my biggest consideration would be about the existing users and their passwords, and the fact that once they change their password through regular steps it does not reflect on Open-Xchange.
I've been throught these before, with the jabber contrib, proxy-users and chpasswd.cgi.
Thanks,
I have make a automated system to create all the present users in the system, but for the password i make by default the name of the acount.
There is a "password-modify" event which gets called when someone modifies their password. However, it does not currently provide a method by which subsystems can get the unencrypted password, as it is called after the new password has been set in /etc/shadow and /etc/smbpasswd. These passwords are set by library functions and are careful not to pass the password on the command line, or similar.
[/quote]
that right, i have make a ugly modification to the useraccount.pm to send the password with the account name to resolve this.
If these subsystems can use /etc/shadow, /etc/smbpassd, PAM or CVM to authenticate, they don't need to do anything more. I'd be really surprised if you can't use one of those methods to check passwords.
for Openxchange it's use a LDAP {crypt} password for the security.
If you really need the password to be available in the password-modify even so it can be hashed into yet another password scheme (I hope not), please raise a bug in the 7.0 SourceForge bug tracker, providing details and we'll have a look at it.
i think about.
Note that there is no way to recover a user's existing password. That is by design, and an important part of a secure password system. So, existing users will need to reset their password when a new subsystem is added, if that new subsystem needs another password scheme.
that right.
Again, I'd be surprised if you couldn't use one of the existing methods to authenticate users against either /etc/shadow or /etc/smbpasswd via PAM or CVM. It's usually just a matter of configuring the subsystems in the correct way.
for who don't know me, i have made all the rpms for OX.
ps: i going to integrate all OX on sme 7 beta2.
-
I'd be surprised if you couldn't use one of the existing methods to authenticate users against either /etc/shadow or /etc/smbpasswd via PAM or CVM. It's usually just a matter of configuring the subsystems in the correct way.
Which is the place where some java-knowledge would be nice. I'll look into this, since it is the reason why my efforts on Open-Xchange aren't going anywhere fast.
Speaking of which, vinc28, you might want to take a look at the source rpm of my latest release (http://"http://mirror.contribs.org/smeserver/contribs/misc/open-xchange/SRPMS/e-smith-open-xchange-0.5-1.src.rpm") to see if you're able to use anything...
-
on my site you could find the panels intégration of openxchange
it's sme-openexchange-conf
all this work is under heavy beta....
vincent
-
all this work is under heavy beta....
vincent
...but it goes !!
I have tested it today and I think, this is a brillant work, Vincent!
1. When installing his brandnew rpm, all existing users are also ox_users. For the synchronization of the passwords the users have to recreate their passwords.
2. Creating new SME-users after installing Vincent's rpm brings us also new ox_users. With the first time of creating the passwords for the new users the synchronization with the ox_passwords goes perfectly.
So, this could be a real "Killer-Application" for the 6.01-01 people.
While this is not for using with the new centos-based 7.0 B4, we hope for a special version for it...
Once again, thanks for the work, Vincent!
Rgds.
Dietmar
-
Anyone tried this on 6.5 RC1 by chance?
Geoffrey
-
if you want to try follow this link
http://e-smith.dyndns.org/ox/ox7
save all the files in a dir and : rpm -iUvh *
good luck
vincent
8-)
-
Anyone tried this on 6.5 RC1 by chance?
Geoffrey
I've tried and it worked almost out of the box.
All you have to do before following this excellent Howto is to install perl module MIME-Lite (i found version 2.117) and It works fine !
Don't forget to change passwords for existing users or to create new users to trigger the update of OX Ldap.
-
Thanks... The install went pretty easy. I do have a question though. Does anyone know if the Outlook Plugin from Open-Xchange works with this rpm?
I downloaded beta version of Outlook OXtender, and it doesn't appear to work.
-
in the rpm sme-openexchange-conf you have the latest version of oxlook in the
../../Primary/files/openexchange/windows :lol:
vincent
-
Installed with the greatest of ease on a 6.01 server. Brilliant !
Apparently I had aspell already installed and I forgot to run /usr/local/open-xchange/bin/initall_ox to start with but after that it all seems OK.
One question - I cannot seem to get Thunderbird address book to view LDAP contacts ? I really like the global contacts and would like to be able to access them.
I have the following settings :
Name : test
host : 192.168.0.48
Base DN : dc=mynet,dc=com
Port 389
Bind DN - empty
If I go to the advanced tab and run 'Download now' I get a login box but nothing comes down.
I have read around but am lost.
Any ideas ?
-
Hi ReetP
I have Thunderbird Installed and the way I do it is:
Name: (What ever you want to call it)
HostName: myweb.net.au
Base DN: dc=global,dc=myweb,dc=(com or net),dc=au(if required)
Port: 389
Bind DN: (Blank)
If you wnat local addreses then just change global to local.
Hope this helps,
Tib
-
I followed step by step the tutorial, everything went fine. Created the user (already on SME) by:
[root@sme root]# /usr/local/open-xchange/sbin/adduser_sme_ox --username=test --passwd=test --name=test --sname=User --maildomain=smebr.homeunix.net --shell=/bin/bash/ --lang=EN --organisation=Informatica --street=Test --city=Poa --phone=99999999 --department=Informatica --mail_enabled=OK --inetmail=TRUE --ox_appointment_days=5 --ox_task_days=5 --ox_timez
one=America --write_global_address=TRUE --uid=5000 --gid=5000
which returns:
LDAP Success
SQL Success
But when I tried to access, I get an error:
ERROR: Authentification failed
and:
Sep 30 00:19:48 sme slapd[4657]: conn=5 op=1 BIND dn="UID=TEST,OU=USERS,OU=OXOBJECTS,DC=SMEBR,DC=HOMEUNIX,DC=NET" method=128
Sep 30 00:19:48 brio slapd[4657]: conn=5 op=1 RESULT tag=97 err=49 text=
What am I doing wrong? :hammer:
-
Try and run /usr/local/open-xchange/bin/initall_ox.
I had the same problem, ran the script above and it just works! There has been an addition that is mentioned in Step 4. If you have downloaded the files in the last week, it should be part of the download.
Darin
-
It works!!! :-)
Thanks much!
But for every user I add to the system I need to rerun this command?
This seems to be the part where I was failing. I built a machine with 6.5 just for testing this contrib and there was no users before install, then I created new users.
I also noticed that this app uses a lot of CPU resources, I'm testing on a celeron with 600MHz and it tops 100% when I use OX.
Great Work!
-
But for every user I add to the system I need to rerun this command?
I don't think so. If you have the OX panel in the server-manager, then when you add a new user using the user panel, i think it will create the OX user as well. If not, then the OX panel will allow you to create the user without having to drop out to the command line.
Killer App, now we can take Micro$oft for a run!!
Darin
-
Hi Tib,
Thanks for the help, but unfortunately it doesn't cure it !
If I use
dc=mynetwork,dc=com
I have discovered that I can access both local and global contacts.
If I use
dc=global[or local],dc=mynetwork,dc=com
or
dc=global[or local],dc=testmachine,dc=mynetwork,dc=com
I get zip !
Any bright ideas ? I have tried various things to no avail.
I am using T-Bird 1.06 on Debian if that makes any difference. I will try it on a windoze box later.
It's not vital, but would be handy too differentiate.
B. Rgds
John
PS - I assume from what I can see that this is read only and you cannot add contacts from Thunderbird ? Or have I missed something as this would be extremely useful.
-
if you want to try follow this link
http://e-smith.dyndns.org/ox/ox7
save all the files in a dir and : rpm -iUvh *
good luck
vincent
8-)
Hi - Has this been tested as working on 7beta4. During the rpm installation on a pristine installation - I get the following error when rpm creates existing SME users.
Undefined ERROR - LDAP CODE
See Server Log for Details!
ERROR
I just get authentication errors when trying to log in.
-
I'm getting hammered with these messages since install:
Oct 2 23:48:22 sme slapd[5679]: conn=281 op=1 BIND dn="" method=128
Oct 2 23:48:22 sme slapd[5679]: conn=281 op=1 RESULT tag=97 err=0 text=
Oct 2 23:49:22 sme slapd[1557]: conn=281 op=2 BIND dn="" method=128
Oct 2 23:49:22 sme slapd[1557]: conn=281 op=2 RESULT tag=97 err=0 text=
Oct 2 23:50:24 sme slapd[5679]: conn=281 op=3 BIND dn="" method=128
Oct 2 23:50:25 sme slapd[5679]: conn=281 op=3 RESULT tag=97 err=0 text=
Oct 2 23:50:26 sme slapd[1557]: conn=281 op=4 UNBIND
Oct 2 23:50:27 sme slapd[1557]: conn=-1 fd=9 closed
Oct 2 23:47:23 sme slapd[1348]: daemon: conn=281 fd=9 connection from IP=127.0.0.1:3369 (IP=0.0.0.0:389) accepted.
Are they normal? Please advise!
-
Stuntshell,
I think that they are LDAP query messages - address lookup results. I guess they are from Open-Xchange itself, but I am not 100% sure on that.
I don't think that they are a problem - unless like me you are trying to find out how to query the addressbook from a mail program...........
It would be better if they were dumped to slapd.log or similar as they sure as hell fill up /var/log/messages.
Or is there a --quiet option ?
-
If I use
dc=mynetwork,dc=com
I have discovered that I can access both local and global contacts.
If I use
dc=global[or local],dc=mynetwork,dc=com
or
dc=global[or local],dc=testmachine,dc=mynetwork,dc=com
I get zip !
Any bright ideas ?
I am using T-Bird 1.06
PS - I assume from what I can see that this is read only and you cannot add contacts from Thunderbird ? Or have I missed something as this would be extremely useful.
I was having a similar problem but I stumbled across
http://no.longer.valid/mantis/bug_view_page.php?bug_id=131
Which led me to look at server manager Directory page which states
The LDAP server provides a network-available listing of the user accounts and groups on your server, and can be accessed using an LDAP client such as the Address Book feature in Netscape Communicator. Configure your LDAP client with the local IP address of your server, port number 389, and the server root parameter shown below.
Server root dc=mydomain,dc=com
Instead of local ip of my server, I used www.mydomain.com, which also worked.
The missing link, written in the bug tracker is that in the address book client you need to search for the addresses on the LDAP - they are not listed by default. On Thunderbird, put a space bar in the search box & press return.
Like you, I would like to discover how to make the LDAP address book world writeable at the client end. Anyone?
-
The space bar tip is a nice one.
Still can't get it to differentiate between local and global address books though. The following syntax should be correct but doesn't work for me :
dc=global[or local],dc=mynetwork,dc=com
or
dc=global[or local],dc=testmachine,dc=mynetwork,dc=com
I need to try my Windoze version to see if that works differently from the linux one that I use.
Tib, you said that you could differentiate global from local addresses. What version of Thunderbird do you use ?
I would love to know how to write addresses from Thunderbird. That would be the final clincher for me. Personally (and from conversations with clients) I think that the centralised contacts is THE most important thing.
I stil think that this is one of the best contribs so far. Well done all you people.
B. Rgds
John
-
I came across this link in the OX wiki. Its for a GUI to administer OX user accounts
http://atfrogs.berlios.de./
Has anyone tried it in SME?
-
ReetP
I'm running Thunderbird ver 1.0 on Suse 9.3 and Ver 1.5 Beta on windows.
Also I'm running SME 6.0.1-01 with a heap of mods as well as the phpldapadmin mod ... maybe it's this mod the enables the global and local settings ... ot sure.
I also have the smeserver-ldap-contacts-0.3.1-01hm.install.sh loaded from hmuhammad in the contribs section.
Maybe one of these did the trick ... not sure as I didn't test ldap with a clean install of SME.
my setup for ldap is ... dc=local,dc=mydomain,dc=net or dc=global,dc=mydomain,dc=net
Ragards,
Tib.
-
Thanks Tib. I'll have a look at this and see what happens if I install the mods.
-
Hello all,
First i would like to say THANKS for all the great people here on this board who have taught me so much and helped me resolve so many issues with SME.
I have SME 6.5RC1 installed + AV + spam + Horde 3 upgrade contribs. I recently installed OPenXchange using Vincent's easy to follow howto. Everything seemed to go fine except i cannot log on through the OX terminal, i get an 'ERROR: Authentification failed'. I tried using the default post-install user=password, also reset user passwords from SME server-manager, and created a new user using 'adduser_ox', all to no avail. I also added a user through the server-manager and the user shows up in the server-manager OX config panel but no luck logging on.
I went back and reviewed the post-installation log and i found the following lines, not sure if they have anything to do with my problem.
when i ran initall_ox i got:
WARNING------WARNING------WARNING------WARNING------WARNING
This action destroy all the open-xchange database and the ldap base
if it's your first installation of open-xchange it's the first step
type <yes> or <no> : yes
build all the databases.
Stoping all
Shutting down SESSIOND [ done ]
Shutting down OX [ done ]
Shutting down OXWebmail [ done ]
Stopping : tomcatUsing CATALINA_BASE: /usr/local/tomcat
Using CATALINA_HOME: /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME: /usr/local/java
Created MBeanServer with ID: 4413ee:1088efda943:-8000:server.mydomain.com:1
Stopping slapd: [ OK ]
Creating LDIF dump:
slapadd: could not parse entry (line=6)
Starting slapd: [ OK ]
DROP DATABASE
DROP USER
CREATE DATABASE openexchange ENCODING 'UNICODE' TEMPLATE template0;
CREATE DATABASE
You are now connected to database "openexchange" as user "postgres".
CREATE USER openexchange WITH ENCRYPTED PASSWORD 'openexchange' CREATEDB CREATEUSER;
CREATE USER
psql:/usr/local/open-xchange/share/init_database.sql:1103: NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "attachments_pkey" for table "attachments"
psql:/usr/local/open-xchange/share/init_database.sql:1675: NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "links_pkey" for table "links"
psql:/usr/local/open-xchange/share/init_database.sql:1758: NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "syncml_principals_pkey" for table "syncml_principals"
psql:/usr/local/open-xchange/share/init_database.sql:1768: NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "syncml_anchors_pkey" for table "syncml_anchors"
psql:/usr/local/open-xchange/share/init_database.sql:1778: NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "syncml_ids_pkey" for table "syncml_ids"
psql:/usr/local/open-xchange/share/init_database.sql:1785: NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "syncml_softdeleted_pkey" for table "syncml_softdeleted"
psql:/usr/local/open-xchange/share/init_database.sql:1804: NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "syncml_datastores_pkey" for table "syncml_datastores"
psql:/usr/local/open-xchange/share/init_database.sql:1812: NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "syncml_rxprefs_pkey" for table "syncml_rxprefs"
psql:/usr/local/open-xchange/share/init_database.sql:1820: NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "syncml_txprefs_pkey" for table "syncml_txprefs"
psql:/usr/local/open-xchange/share/init_database.sql:1828: NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "syncml_tempguids_pkey" for table "syncml_tempguids"
/usr/local/open-xchange/share/rebuild_db.sh: exec: add_syncml_db.sh: not found
Added Group XXX to LDAP
...
adding all users to LDAP + SQL goes without any errors. then i run the command 'scan_users.sh' and i get
---------> recreate the ldap database.
Stopping slapd: [ OK ]
Creating LDIF dump:
sed: file /usr/local/open-xchange/share/sed.in line 5: Unknown option to 's'
Starting slapd: [ OK ]
---------> scan all the users.
Added Group XXX to LDAP
...
and everything else continues fine, no errors.
Does anyone know why i cannot log on? Any help would be greatly appreciated.
Thanks for your time.
Riff
-
Hello again,
This might have everything to do with my problems.
I noticed that on the howto page that that the contrib was for SME 6.01,
and on the actual download page - http://smeserver.free.fr/ox/ - the files are for any version of SME 6.x.
Anyone have any luck installing on 6.5RC1?
Thanks,
Riff
-
Hi all.
I have this installed and running on SMR 6.0.1 with the SME-Plus RPMs installed. I thought I'd share this little snippet of code that will allow the userpanel password changer to change the OX password at the same time.
Open /etc/e-smith/web/functions/userpanel-password in VI or pico or whatever, and go all the way down to the end of the file. Immediately before the line:
system("/sbin/e-smith/signal-event", "password-modify", "${acct}") == 0
or die ("Error occurred while modifying password for ${acct}.\n");
insert the following line:
system('/usr/local/open-xchange/sbin/changeuserattr_ox --username="'.$acct.'" --attrib=userPassword --value="'.$newpass.'"') == 0
or die ("Error occurred while modifying OpenXchange password for ${acct}.\n");
Now, whenever all of the prerequisites are passed for changing the user's password, the OX password will change too.
-
Hi guys, I installed OX, and followed the information on this forum and the how to. I am using SME v6.
I get the login screen, and can authenticate my users using it, but they are directed to a page that doesn't exist (404 error).
This is the address login is directed to http://servername.com/servlet/intranet?SITE=beforeAuth&sessionID=4b0285174e022289f72e98e6bd33d04b
Can anyone help me? Does anyone else have this problem?
-
if you want to try follow this link
http://e-smith.dyndns.org/ox/ox7
save all the files in a dir and : rpm -iUvh *
The URL doesn't work. Anyone know where these files are?
Ed Form
-
http://smeserver.free.fr/ox/ox7/