Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Installation and Upgrades / Re: [HOWTO] Trusted SSL With Zentyal 4+
« on: August 26, 2015, 09:41:17 am »
On Zentyal 4.1.3 system.
Here's a procedure to achieve ActiveSync including SSL/TLS support, using Openssl to convert the pfx file
Start of with Zentyal 4.1 system including the ActiveSync patch from Sogo.
Then , the SSL part......
I extracted a pfx file , using openssl , to a certificate.crt file and a keyfile.key file.
According to the method described in the 1st three commands here...
http://forum.hostek.com/showthread.php?599-How-do-I-install-a-SSL-Certificate-from-a-PFX-file-on-my-Linux-VPS
I downloaded a CA chain certificate from the Certificate Authority's website, Alphassl.
(https://www.alphassl.com/support/install-root-certificate.html)
I copied the certificate.crt file to /srv/certs
I copied the keyfile.key to /srv/certs
I copied the CAcertificatefile.crt to /srv/certs
Then....
sudo mkdir /etc/zentyal/stubs
sudo mkdir /etc/zentyal/stubs/openchange
cp /usr/share/zentyal/stubs/openchange/apache-ocsmanager.conf.mas /etc/zentyal/stubs/openchange
sudo nano /etc/zentyal/stubs/openchange/apache-ocsmanager.conf.mas
Find the following lines:
% if ($ssl) {
SSLEngine on
SSLCertificateFile <% $certificate %>
Change SSLCertificateFile <% $certificate %> to the following 3 lines:
SSLCertificateFile /srv/certs/certificatefile.crt
SSLCertificateKeyFile /srv/certs/keyfile.key
SSLCACertificateFile /srv/certs/CAcertificatefile.crt
I have not checked all possible circumstances and email client types, and not done any update from Zentyal yet.
On Android device 5+ ActiveSync email with SSL support (security type SSL/TLS) is provided and working fine .
Also tested on iOS 8 (Ipad mini)...working.
Here's a procedure to achieve ActiveSync including SSL/TLS support, using Openssl to convert the pfx file
Start of with Zentyal 4.1 system including the ActiveSync patch from Sogo.
Then , the SSL part......
I extracted a pfx file , using openssl , to a certificate.crt file and a keyfile.key file.
According to the method described in the 1st three commands here...
http://forum.hostek.com/showthread.php?599-How-do-I-install-a-SSL-Certificate-from-a-PFX-file-on-my-Linux-VPS
I downloaded a CA chain certificate from the Certificate Authority's website, Alphassl.
(https://www.alphassl.com/support/install-root-certificate.html)
I copied the certificate.crt file to /srv/certs
I copied the keyfile.key to /srv/certs
I copied the CAcertificatefile.crt to /srv/certs
Then....
sudo mkdir /etc/zentyal/stubs
sudo mkdir /etc/zentyal/stubs/openchange
cp /usr/share/zentyal/stubs/openchange/apache-ocsmanager.conf.mas /etc/zentyal/stubs/openchange
sudo nano /etc/zentyal/stubs/openchange/apache-ocsmanager.conf.mas
Find the following lines:
% if ($ssl) {
SSLEngine on
SSLCertificateFile <% $certificate %>
Change SSLCertificateFile <% $certificate %> to the following 3 lines:
SSLCertificateFile /srv/certs/certificatefile.crt
SSLCertificateKeyFile /srv/certs/keyfile.key
SSLCACertificateFile /srv/certs/CAcertificatefile.crt
I have not checked all possible circumstances and email client types, and not done any update from Zentyal yet.
On Android device 5+ ActiveSync email with SSL support (security type SSL/TLS) is provided and working fine .
Also tested on iOS 8 (Ipad mini)...working.
2
Installation and Upgrades / password exchange from ldap to external system
« on: October 11, 2014, 11:05:50 am »
I have an external system querying the zentyal (3.4 and 4.0) server for the ldap directory structure and users, which works fine.
For that I use an admin account for the bind authentication, type gss-negotiate.
This system also sends queries for user's passwords as it uses the ldap credentials for granting certain functionality.
But somehow the password exchange between zentyal and the external system is not working.
What are the requirements for this to work?
For that I use an admin account for the bind authentication, type gss-negotiate.
This system also sends queries for user's passwords as it uses the ldap credentials for granting certain functionality.
But somehow the password exchange between zentyal and the external system is not working.
What are the requirements for this to work?
3
Installation and Upgrades / Re: outgoing mail to external domain
« on: September 20, 2014, 07:53:02 am »
The reason the users in my domain could not send mail to other domains, was because my Internet Srervice Provider (ISP) blocks outgoing port 25 (from my perspective) to all destinations except theirs.
This is done in order to prevent spam mail being sent;
in this construction all spam - if any- has to be routed along their mail router.
To accomplish sending mail with this restriction and compatible with zentyal setup, the ISP (smtp.isp.com) is configured without authentication, as the screenshot shows...
Result is that any user in any domain receiving mail from my domain , reads my domain user as the sender, not the smarthost authentication account as pointed out in my first post.
This is done in order to prevent spam mail being sent;
in this construction all spam - if any- has to be routed along their mail router.
To accomplish sending mail with this restriction and compatible with zentyal setup, the ISP (smtp.isp.com) is configured without authentication, as the screenshot shows...
Result is that any user in any domain receiving mail from my domain , reads my domain user as the sender, not the smarthost authentication account as pointed out in my first post.
4
Installation and Upgrades / outgoing mail to external domain
« on: September 19, 2014, 10:03:34 pm »
hi !
I want to configure zentyal 3.4 to send mail to mail accounts in any domain .
I managed to fix this using the smarthost option in the mail server configuration in zentyal.
But this config results in the fact that the sender of mails (at the receiving end) is the smarthost authentication account configured .(see attachment)
Where I would like to have the zentyal account, let's say user@mydns.com ,as the originator of the outgoing email.
Is that possibel? And how?
I want to configure zentyal 3.4 to send mail to mail accounts in any domain .
I managed to fix this using the smarthost option in the mail server configuration in zentyal.
But this config results in the fact that the sender of mails (at the receiving end) is the smarthost authentication account configured .(see attachment)
Where I would like to have the zentyal account, let's say user@mydns.com ,as the originator of the outgoing email.
Is that possibel? And how?
5
Installation and Upgrades / Re: client access
« on: April 26, 2014, 02:48:11 pm »
thanks.
What about access to the mailbox, chat and collaboration from a smartphone?
In the android Play store , a zentyal cloud app is available.
I installed it , but only the username and password can be set, no server URL or IP!
Can this app be used for connection to servers in a private (home) cloud?
What about access to the mailbox, chat and collaboration from a smartphone?
In the android Play store , a zentyal cloud app is available.
I installed it , but only the username and password can be set, no server URL or IP!
Can this app be used for connection to servers in a private (home) cloud?
6
Installation and Upgrades / client access
« on: April 22, 2014, 06:57:29 pm »
Besides "user corner" for users being able to do some self service, I find no documents on the zentyal website on how a user can access zentyal's services, like mail/webmail.
How can a user access mail, collaborate etc. ?
Which client requirements (URL, fat client, IP, ports, operating systems??)
How can a user access mail, collaborate etc. ?
Which client requirements (URL, fat client, IP, ports, operating systems??)
7
Installation and Upgrades / "Could not bind to LDAP: Invalid credentials" message
« on: April 22, 2014, 06:50:04 pm »
Just installed zentyal server 3.4 on a VM .
All users trying logging in to the user corner (server port 8888), must immediately change their password on login.
1.Why is that ?
2. After giving in a new password and pressing CHANGE, why do they all get the message "Could not bind to LDAP: Invalid credentials" ? (see attachment)
All users trying logging in to the user corner (server port 8888), must immediately change their password on login.
1.Why is that ?
2. After giving in a new password and pressing CHANGE, why do they all get the message "Could not bind to LDAP: Invalid credentials" ? (see attachment)
Pages: [1]