Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - trysomething

Pages: [1]
1
Email and Groupware / Customizing Web Interface For Blind Users
« on: April 18, 2017, 01:08:55 am »
Greetings Zentyal Gang,
I've been out of the Zentyal loop for a minute now, but I'm working on getting a 100% blind accessible webmail client setup.  We've tested quite a few solutions and since I have more experience with Zentyal I figured I'd just stick with what I know.
I need to find the physical path to the webmail so that I can make a few changes that would make it more accessible.  Does anyone know where in the heck Zentyal hides it's Sogo webmail pages???

Mahalo,
Ryan

2
Email and Groupware / Send mail from multiple domains and IP's
« on: June 09, 2016, 01:30:54 am »
Greetings fellow beta testers,
I'm having an issue and I can't seem to solve it.  I have a Zentyal 4.2 box up and running with 3 different virtual domains on 3 different static public IP's
mydomain1.com on 99.99.100.99
mydomain2.com on 99.99.100.100
mydomain3.com on 99.99.100.101

I've figured out how to make a stub file using main.cf.mas to change the SMTP header for a single domain so that my messages don't show the local domain (i.e. mydomain1.lan) as the server but the virtual domain (i.e. mydomain1.com), which works great on a single domain system.
What I'm trying to do now is get it to where user1@mydomain1.com sends a message and it goes out over the 99.99.100.99 IP address so that the PTR matches up to the SMTP banner - which should be 220: mydomain1.com ESMTP instead of 220: mydomain1.lan ESMTP...

I've messed around with a lot of tutorials and haven't been able to get it to work yet.  Has anyone been able to get something like this to work? 

3
Email and Groupware / Openchange not reading stubs
« on: February 02, 2016, 07:35:52 pm »
I'm working on a Zentyal 4.2 server and Openchange/Samba/Sogo have all been testing my patience for a while now.  Most recently I reslved my Samba crashes and realized that Openchange was still being goofy so I deleted out my custom stub under /etc/Zentyal/stubs/openchange/apache-ocsmanager.conf.mas and restarted the server.  Ironically nothing changed, so I remembered that I'd made a backup of the original stub /usr/share/Zentyal/stubs, edited the original and then just copied the edited version over so I undid that and everything worked as expected.
Once I had that I figured that having the same file in both spots was maybe a problem so I just copied the original over to /etc/Zentyal/stubs/openchange and edited it directly leaving the original in pristine condition.  Restarting Openchange didn't make a difference so I restarted the whole server and still nothing changed.
I went into the original file /usr/share/Zentyal/stubs/openchange/apache-ocsmanager.conf.mas and made the changes, then restarted Openchange and it stuck this time.
I'm also having some authentication issues, when I setup an Outlook client I have to go into the settings and set Outlook to always prompt for logon credentials.  This works at about 75% of what it "should" be because I ended up having to configure the Send/Receive Groups in Outlook too.  These are all based on older posts, old bug reports with the "Solved" status and all of them are based on something that was previously fixed in an update.
My server is 100% up to date.
I even opened up all ports on my Zentyal Firewall and dropped the server into the DMZ last night to run some tests on it.  Somehow it seems like Openchange is just out to get me...
Anyone ever find anything like this happening?  If so did anyone ever come up with a fix for it?
Any help is super appreciated!

4
Hi All,
I have been very successfully running a 4.2 test server in a tiny test environment for months now.  We finally decided to "up the bet" and put our small organization on a full fledged Zentyal 4.2 server.  I've had a TON of Samba crashes, looks like after the most recent updates that's all worked itself out though.  Openchange was crashing here and there and again, updates fixed it (I think LoL).
Sogo has dropped out on us a few times too but I'm pretty sure that's because Outlook clients can't connect to the Openchange server so everyone's beating up ActiveSync.  Yeah, I know that's wrong, I really don't need that lecture, but it's driving me bonkers now.
I've gone through all kinds of stub files and config files on the currently in use server and the test server and haven't been able to find the culprit.  I've been neck deep in the logs (/var/logs/samba, /var/logs/apache2, /var/logs/ocsmanager, etc.) and haven't found much of anything.  There is on occasion a samba.log entry about user isn't mailbox owner, but in checking all of the permissions it all looks correct.
So now I'm at the point where I can connect Outlook 2013 and it says it's connected, I can even send messages.  I cannot receive them in Outlook though.  In addition I cannot really do much in the way of deleting messages, moving things to different folders or anything other than sending new messages.
The whole time outlook says it's connected and whatever folder I go into says it's synced, but it's not really working.
Anyone have any kind of clue on what I can do?  I kind of want to uninstall and reinstall Openchange but I know that usually goes over like a led balloon so I was hoping someone could hook me up with some knowledge here.
Thanks in advance!

5
Installation and Upgrades / Zentyal 4+ Without Tears
« on: December 12, 2015, 09:42:32 pm »
I made a guide based on my own notes and experience to help newbies.  This is all me, the Zentyal organization has nothing to do with it, I'm just trying to give a little help where I can.
Check it out and feel free to fix it up if you find something wrong.

6
Email and Groupware / Zentyal 4+ and syncing contacts/calendars
« on: December 09, 2015, 08:28:12 pm »
I've been Googling for days now and haven't found anything that solves my problem.  I have a Zentyal 4.2 server, well to be honest I'm beating a few of them up now getting ready to roll out a 100% no M.S. production environment.  The constant problem I've come across is that 100% of the time there is no contact syncing going on. 
All I can find are lots of posts around the web saying "I followed the Wiki" with no link to whatever Wiki, "and it worked after that".
The only Wiki I found just says (in a nutshell) do "sudo apt-get install sogo-activesync then go check the box in Mail>Openchange to turn activesync on" which is kind of a duh thing.
So I have Zentyal 4.2 all setup and configured and working.  I have the domain(s) inquestion in Zentyal DNS.  I have 100% access to my external DNS and can add any kind of DNS entry needed.  I have access to my router and I have a box wide open without a router or firewall in the way too.  My question is what do I need to do to ensure contacts will sync across devices along with calendars 100% of the time?
That's kind of a deal breaker if it's just a crap shoot thing.  Which is going to suck a lot for me since I was all sold on Zentyal and have pushed for moving a few different locations off of SBS 2003, 2007, 2011 and even MS Exchange.  I really don't want to hear "I told you so" and I sure as hell don't like the taste of eating crow, so any help on this is super welcome!
If anyone has any ideas on how the heck I can get activesync via sogo-activesync, z-push or anything else working I'd greatly appreciate it!!!

7
Installation and Upgrades / Zentyal 4.2 and SMTP Banner Problems
« on: October 31, 2015, 12:50:06 am »
Hello and happy Halloween fellow Zetyalians!!!!
It seems that my new 4.2 box is haunted and my SMTP banner was showing up as my local domain instead of my FQDN.  I had to copy /usr/share/Zentyal/stubs/mail/main.cf.mas to /etc/Zentyal/stubs/mail/main.cf.mas and edited a bunch of lines.  I'm 99% sure that it's the line that ends in "ESMTP" - it was kind of obvious after a ton of other messing around LoL.
I did find one line that read "my desitination = /etc/mailname" which was populated with my locan hostname/domain - I thought it'd be simple changing that to my FQDN but when Zentyal Mail module restarts the file gets overwritten and changes back.
Just thought I'd drop a note on here in the hopes that the next cat Googles and finds this page as opposed to the 100's of pages I poured through to not be able to fix it LoL.
Other than that 4.2 seems pretty rock solid with Outlook 2013/2016, Windows Phone 8.1/10 and iPhone (whatever the newest IOS is) - haven't dropped it onto anything Android yet but I'll see what I can come up with on that.

8
Installation and Upgrades / Outlook 2013 and Zentyal 4.1 Calendar
« on: September 14, 2015, 09:59:26 pm »
So I've got a test box up and running - works pretty darn good!  I've got 99% of the wrinkles ironed out and I've even got a small test group using it to see if it works for our production environment.
One thing I've noticed is that when I use autodiscover to connect it just sets the account up like an IMAP/SMTP account, not like an Exchange server.  For example if I connect to it using the computer I'm sitting at right now and I go into my Outlook 2013 > Calendar under the "My Calendars" it only has the option for "This Computer Only".
My guess is it's something in the wild world of OpenChange but there's honestly nowhere near enough documentation there yet so I'm pretty lost.
I don't know if anyone has had a similar issue and fixed it or if anyone has any advice on where to look, but I really hope so!!!

9
Installation and Upgrades / [HOWTO] Trusted SSL With Zentyal 4+
« on: August 20, 2015, 06:49:43 pm »
I have seen tons of requests for installing trusted SSL on Zentyal.  I have found a TON of tutorials on how to do it but somehow screwed them all up at one point of another.  Being a SBS refugee and having worked primarily on Windows for the last thousand years I have never gone this deep into a Linux server.
That being said I knew there had to be an easy way to get 3rd party SSL working on my test box.  All in all I am $15 into this (the cost of the cert basically) and it's working like a charm!  I am on Zentyal 4.1 so I cannot test upgrade survivability but I have rebooted my server several times to see if it would live on and it has.
One key point I need to make here is that in doing this you will have to split your web server and mail server up into seperate entities.  What I mean by that is if you create a vhost file for Apache using your domain TLD then your autodiscover will stop working from yourdomain.com/autodiscover/autodiscover.xml BUT it still works at hostname.yourdomain.com/autodiscover/autodiscover.xml so you have to redirect traffic usinge a CNAME or .htaccess or whatever works best for you.  In my case I just created a CNAME and it's working great!  An example would be if your Zentyal host name was 'mx' and your domain was 'example.com' you can redirect requestst for 'autodiscover.example.com' TO 'https://mx.example.com:443/autodiscover/autodiscover.xml' and it works like a champ for Outlook clients outside of the LAN/local domain.
Now that we have that sorted out we can get into the certificates.  These certs will ONLY work for Apache served websites, you will still need to install your Zentyal issued cert on any machine running an Outlook client wth autodiscover/Outlook Anywhere.  Like I said we are splitting web and mail traffic up, this is no big deal though because you really shouldn't have a problem with random people connecting to your mail server.  I just installed the CA cert from Zentyal into my "Trusted Root Authority" store and both services work with Outlook.  You will likely have to allow a website to configure your account, just check the box to not ask again and click allow and if you have your CNAME in place everything else should go super smooth.  Now to get that Apache cert all trusted and happy so people can come and see your site is all secure and such!
First things first - Apache 2.4 does NOT require you to put anything in the ports.conf file, this will only cause Apache to stop working.  This all just works from the vhost file.
Create a vhost file in /etc/apache2/sites-available named 'yourdomain.com.conf' (obviously change 'yourdomain.com' to suit your needs but don't forget the .conf at the end)  similar to:

 <VirtualHost *:443>
     SSLEngine On
     #Change the following 3 lines to suit your needs
     SSLCertificateFile /etc/apache2/ssl/yourdomain.com.crt
     SSLCertificateKeyFile /etc/apache2/ssl/yourdomain.com.key
     SSLCACertificateFile /etc/apache2/ssl/yourdomain.com.crt
     #Change ServerAdmin to suit your needs
     ServerAdmin info@yourdomain.com
     ServerName www.yourdomain.com
     #Change the DocumentRoot to suit your needs
     DocumentRoot /var/www/yourdomain.com/public_html/
     #change yourdomain.com to suit your needs
     ErrorLog /var/www/yourdomain.com/logs/error.log
     CustomLog /var/www/yourdomain.com/logs/access.log combined
</VirtualHost>
 

SSLCertificateFile - Comodo will likely send you a .crt name yourdomain_com.crt (in my case it was tiki7_com.crt

SSLCertificateKeyFile - This is created with your CSR and should be put in the same directory as your SSL Certificate.

SSLCACertificateFile - This one we need to make out of the other files Comodo issued with your SSL cert.

Upload the following 2 files and cd your way to the directory you upload them to.

•COMODORSADomainValidationSecureServerCA.crt
•COMODORSAAddTrustCA.crt
To make the necessary cert run:
sudo cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt  > yourdomain.ca.crt

Obviously change the yourdomain bit to suit your needs.
Technically the AddTrustExternalCARoot.crt file is not needed.  This file is required for older versions of Apache and it can be added into the above 'cat' command as the final argument before 'yourdomain.ca.crt'.
Now we run the following commands:
sudo a2ensite yourdomain.com
sudo service apache2 reload

Now for the fun part - open up a browser and go to 'https://yourdoman.com" and if you still see that stupid certificate warning refresh the page.  This is working like a champ in my little world and I've even got a second TLD working on Apache/OpenChange/autodiscover and so on using this setup.  Now I am super green in this whole thing but I got this all figured out using the Zentyal Wiki for creating vhost files and a couple of tutorials on installing SSL on Apache.  I would also like to add that I used the CSR generator tool on https://cheapsslsecurity.com to get my CSR and private key, not open-ssl.  If anyone sees a problem with my findings please let me know, like I said this is on my test box so I don't want to put a messy/unsecure box into production.  Hopefully this will help someone else from pullng tons of hair out and spilling coffee into their keyboard out of anger.

EDIT - on another post I'd put up about getting 3rd party SSL built-in someone mentioned STUBS and I found myself a better way!  The above IS required for additional domains (as far as I can tell), but if you only have a single domain this "should" even be upgrade proof!  The SSL cert stuff is all the same, but just do the following to get 3rd party SSL working on most everything in no time flat!!!!!

sudo mkdir /etc/zentyal/stubs
sudo mkdir /etc/zentyal/stubs/openchange
cp /usr/share/zentyal/stubs/openchange/apache-ocsmanager.conf.mas /etc/zentyal/stubs/openchange
sudo nano /etc/zentyal/stubs/openchange/apache-ocsmanager.conf.mas
Find the following lines:

% if ($ssl) {
    SSLEngine on
    SSLCertificateFile <% $certificate %>

Change SSLCertificateFile <% $certificate %> to the following 3 lines:
        SSLCertificateFile      /srv/certs/tiki7_com.crt
        SSLCertificateKeyFile /srv/certs/tiki7.key
        SSLCACertificateFile /srv/certs/tiki7.com.crt
Save it, close it and restart it and then watch the magic happen!!!  This route took me all of 5 minutes LoL.

EDIT - I also found out that if you keep buying Comodo SSL certs then you can keep using the CA cert made earlier in this post - you still need to get the yourdomain_com.crt and private key files uploaded to your server.  I can now have a vhost up, running and secure in less than 4 hours other than provisioning which takes about 8 hours total these days!

Pages: [1]