Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation and Upgrades / Re: Liferay 6.1 bundle, Zentyal 2.0 LDAP auth
« on: March 15, 2012, 11:42:09 am »
I don't know 
Basically I didn't mess with this search filter.
Maybe instead, it would be better to have:
Authentication Search Filter: (uid=@user_id@)
Okay, so I just changed it to uid=@user_id@ and from what I can tell it works fine.
Generally speaking, the mail attribute is one of 5 required attributes for Liferay to auth against LDAP. The 5 attributes are: Screen Name, Password, Email Address, First Name, and Last Name.
Let me know your thoughts.
Andy
Basically I didn't mess with this search filter.Maybe instead, it would be better to have:
Authentication Search Filter: (uid=@user_id@)
Okay, so I just changed it to uid=@user_id@ and from what I can tell it works fine.
Generally speaking, the mail attribute is one of 5 required attributes for Liferay to auth against LDAP. The 5 attributes are: Screen Name, Password, Email Address, First Name, and Last Name.
Let me know your thoughts.
Andy
2
Installation and Upgrades / Liferay 6.1 bundle, Zentyal 2.0 LDAP auth
« on: March 14, 2012, 06:36:19 pm »
Document Goals:
1. zentyal 2.0 install configured as ldap slave (warning: passwords will be passed in the clear. both master and slave are on my local network, so i'm not too worried. However, I would never configure it this way on the internet, i would use a VPN tunnel to sync between master and slave, eventually, i'll configure the vpn and document it here)
2. liferay 6.1 bundle w/ ldap auth to localhost
Disclaimer:
My skill level is laughable at best as i spend most of my days quagmired heavy with confusion. I have patience, persistence and many people on IRC helping me, as well as many web and forum postings to guide me. The information in this document might be wildly incorrect.. but it's my roundabout way to get this shit working. I welcome any constructive criticism improving what I have. I appreciate learning. Hopefully this will be helpful to someone else.
references:
http://www.liferay.com/documentation/liferay-portal/6.1/user-guide
http://trac.zentyal.org/wiki/Documentation/Community/Installation/InstallationGuide
apologies, there should be more references here.
_breath life into new machine with kvm/libvirt_
create a volume big enough; name it after the machine.
sudo virt-install --name=portal --ram=4192 --vcpus=4 --cpuset=0-3 --os-variant=ubuntulucid --cdrom=ubuntu-10.04-server-amd64.iso --disk path=/dev/cleopatra/portal --network=bridge=br0,model=virtio --vnc
run through the install dialogs
select ssh server
finish the install, reboot
_run updates_
ssh into it.
sudo apt-get update && sudo apt-get upgrade
sudo apt-get install unzip
_install Zentyal 2.0_
sudo apt-get install -y python-software-properties && sudo add-apt-repository ppa:zentyal/2.0 && sudo apt-get update
sudo apt-get install zentyal
- at this point in my time, i like to keep the admin page on 4430 so i can ssl the regular website
open your browser
head over to https://portal:4430
accept self-signed security certificate
login to zentyal
select "skip install"
install the LDAP part of zenny:
once at the main dashboard, select 'software management' -> 'zentyal components' -> 'users and groups'; click 'install'; confirm the extra packages
configure the network:
eth0 is internal, so click 'next'
it gets a dhcp address, so click 'next'
Select the type of ldap server: "Advanced configuration (Master/Slave/AD Sync)", click next.
Click on "Save Changes"
configure module status:
at the dashboard, select 'Module Status'. Turn all the modules that can be turned on and select accept at each module dialog. Save changes.
configure firewall to allow ldap:
at the dashboard, select 'Firewall' -> 'Packet Filter' -> 'Internal networks to Zentyal'
Edit the 'LDAP' entry, change from 'Deny' to 'Accept'
_Configure LDAP as slave_
reset users and groups for whatever reason:
go to your terminal and run: sudo /usr/share/ebox-usersandgroups/ebox-usersandgroups-reinstall
after that is finished, go back to your browser, refresh the zentyal admin page and select 'users and groups', then 'mode'
From the "Mode" dropdown box select "Slave".
type the address of your master (i've been having to type in my actual ip address, not hostname for whatever reason... i'm pretty sure my dns is fine) and master password
go to the module, enable 'users and groups'
_Add the service and configure firewall for tomcat7/liferay_
add a service called tomcat7 on port 8080
From the Dashboard, select "Services" -> Add New:
Service Name: tomcat7
Description: tomcat7/liferay portal
Tick the internal checkbox.
Select Add.
Under "Editing Service":
Protocol: TCP
Source Port: Any
Destination Port: Single Port: 8080
Save Changes!
Now Select "Firewall" -> "Packet Filter" -> "Filtering rules from internal networks to Zentyal" -> "Add New"
Decision: ACCEPT
Source: Any
Service: tomcat7
Select "Add"
Save Changes
_install oracle java jdk v6_
wget http://download.oracle.com/otn-pub/java/jdk/6u31-b04/jdk-6u31-linux-x64.bin
for whatever reason it worked better for 'sudo -i' to begin with
chmod +x jdk-6u31-linux-x64.bin
./jdk-6u31-linux-x64.bin
sudo mkdir -p /usr/local/java
sudo mv jdk1.6.0_31 /usr/local/java/jdk1.6.0_31
sudo ln -s /usr/local/java/jdk1.6.0_31 /usr/local/java/latest
sudo mv /etc/environment /etc/environment.bak
sudo echo "JAVA_HOME=\"/usr/local/java/latest\"" > ~/environment
sudo echo "JRE_HOME=\"/usr/local/java/latest/jre\"" >> ~/environment
sudo echo "PATH=\"\$JAVA_HOME/bin:$PATH\"" | cat >> ~/environment
sudo mv ~/environment /etc/environment
sudo echo "export JAVA_HOME=\"/usr/local/java/latest\"" > /etc/profile.d/javaenv.sh
sudo echo "export JRE_HOME=\"/usr/local/java/latest/jre\"" >> /etc/profile.d/javaenv.sh
sudo echo "export PATH=\"\$JAVA_HOME/bin:$PATH\"" | cat >> /etc/profile.d/javaenv.sh
sudo chmod +x /etc/profile.d/javaenv.sh
again for whatever reason, i had to reboot to get this to work
_install mysql_
sudo apt-get install mysql-server
_create liferay mysql user and db_
mysql -p -u root
CREATE DATABASE lportal CHARACTER SET utf8;
CREATE USER 'lportal'@'localhost' IDENTIFIED BY 'lportal';
GRANT ALL PRIVILEGES ON *.* TO 'lportal'@'localhost' WITH GRANT OPTION;
_d/l liferay bundle_
wget "http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.0%20GA1/liferay-portal-tomcat-6.1.0-ce-ga1-20120106155615760.zip?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Flportal%2Ffiles%2FLiferay%2520Portal%2F6.1.0%2520GA1%2F&ts=1331124425&use_mirror=voxel" -O liferay-portal-tomcat-6.1.0-ce-ga1-20120106155615760.zip
_expand liferay into /opt/liferay_
sudo mkdir /opt/liferay
unzip liferay-portal-tomcat-6.1.0-ce-ga1-20120106155615760.zip
sudo mv liferay-portal-6.1.0-ce-ga1 /opt/liferay
_create config file_
sudo vim /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/webapps/ROOT/WEB-INF/classes/portal-ext.properties
put this in it:
#
# MySQL
#
jdbc.default.driverClassName=com.mysql.jdbc.Driver
jdbc.default.url=jdbc:mysql://localhost/lportal?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
jdbc.default.username=lportal
jdbc.default.password=lportal
_remove sevencogs-hook_
There is only one application included in the bundle that you need to remove. It's called sevencogs-hook. It's a Liferay plugin that copies the 7Cogs data into the database when Liferay is started. To remove it, all you have to do is undeploy it. The method for doing this differs by application server and that, of course, depends on the bundle you have chosen. For example, on Tomcat you delete the application from the [Tomcat Home]/webapps folder
sudo rm -rf /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/webapps/sevencogs-hook
keep the sevencogs-theme if you want, it might be useful.
_configure tomcat to be a service_
sudo vim /etc/init.d/tomcat7
# Tomcat auto-start
#
# description: Auto-starts tomcat 7
# processname: tomcat7
# pidfile: /var/run/tomcat.pid
export JAVA_HOME=/usr/local/java/latest
case $1 in
start)
sh /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/bin/startup.sh
;;
stop)
sh /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/bin/shutdown.sh
;;
restart)
sh /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/bin/shutdown.sh
sh /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/bin/startup.sh
;;
esac
exit 0
#eof
--
Change the mode of the file:
sudo chmod 755 /etc/init.d/tomcat7
create links in the rc.d
sudo ln -s /etc/init.d/tomcat7 /etc/rc1.d/K99tomcat
sudo ln -s /etc/init.d/tomcat7 /etc/rc2.d/S99tomcat
reboot to test
_check the tomcat log_
watch the machine come up, it may take a while, so be patient, it takes a coupla minutes on my machine.
sudo tail -f /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/logs/catalina.out
_configure the machine in the browser_
open your browser and head to http://portal:8080
finish off the install here.
_Configure LDAP_
After installed, login with: test@liferay.com / password
Control Panel -> Portal Settings -> Authentication -> LDAP:
Tick "Enabled" check box, hit save.
Under "LDAP Servers" click the "Add" button
Server Name: Local (arbitrary, i chose Local cause I'm boring)
At first I was confused by the "Default Values interface" but now I understand that it simply just resets the settings to match the which ever directory paradigm. You can simply ignore this.
Under "Connection"
Base Provider URL: ldap://localhost:1389 (please note, that port 389 is used to bind to the ldap master, and 1389 is used to bind onto the ldap slave, thank you exekias for your constant reminder, maybe one day, I'll remember)
Base DN: dc=zabulon,dc=casanueva,dc=com
Principal: cn=ebox,dc=zabulon,dc=casanueva,dc=com
Credentials: ZeeZecretPassword
Go ahead and test the connection
Under "Users"
Authentication Search Filter: (mail=@email_address@)
Import Search Filter: (objectClass=inetOrgPerson)
User Mapping:
Screen Name: uid
Password: userPassword
Email Address: mail (From what I remember, which is not to be trusted, I had to manually edit my Zentyal LDAP and add my mail address to the master, and i believe it propogates it to the slaves without a hitch - to edit i use jxplorer or luma (i can't remember which app i used specifically), this is something to be aware of when upgrading or re-installing the master from scratch.. something i have yet to do)
Full Name: <empty>
First Name: givenName
Middle Name: <empty>
Last Name: sn
Job Title: <empty>
Portrait: <empty>
Group: <empty>
UUID: <empty>
Go ahead and test the LDAP Users, see if it works; adjust the settings if needed.
Groups:
Import Search Filter: (objectClass=posixGroup)
Group Mapping:
Group Name: cn
Description: description (i don't know if this is needed.. but i kept it so far, seems fine, can't hurt)
User: memberUid
Test the Groups.
I left the whole Export section alone, I don't want to export from Liferay, as far as I can tell at this moment.
Click the "Save" button
Import / Export
I ticked the "Import Enabled" checkbox, i don't know if this is correct.
I left "Import on Startup Enabled" and "Export Enabled" unticked.
Password Policy
I ticked "Use LDAP Password Policy" checkbox.
Aight, that's it; good luck and happy authing.
1. zentyal 2.0 install configured as ldap slave (warning: passwords will be passed in the clear. both master and slave are on my local network, so i'm not too worried. However, I would never configure it this way on the internet, i would use a VPN tunnel to sync between master and slave, eventually, i'll configure the vpn and document it here)
2. liferay 6.1 bundle w/ ldap auth to localhost
Disclaimer:
My skill level is laughable at best as i spend most of my days quagmired heavy with confusion. I have patience, persistence and many people on IRC helping me, as well as many web and forum postings to guide me. The information in this document might be wildly incorrect.. but it's my roundabout way to get this shit working. I welcome any constructive criticism improving what I have. I appreciate learning. Hopefully this will be helpful to someone else.
references:
http://www.liferay.com/documentation/liferay-portal/6.1/user-guide
http://trac.zentyal.org/wiki/Documentation/Community/Installation/InstallationGuide
apologies, there should be more references here.
_breath life into new machine with kvm/libvirt_
create a volume big enough; name it after the machine.
sudo virt-install --name=portal --ram=4192 --vcpus=4 --cpuset=0-3 --os-variant=ubuntulucid --cdrom=ubuntu-10.04-server-amd64.iso --disk path=/dev/cleopatra/portal --network=bridge=br0,model=virtio --vnc
run through the install dialogs
select ssh server
finish the install, reboot
_run updates_
ssh into it.
sudo apt-get update && sudo apt-get upgrade
sudo apt-get install unzip
_install Zentyal 2.0_
sudo apt-get install -y python-software-properties && sudo add-apt-repository ppa:zentyal/2.0 && sudo apt-get update
sudo apt-get install zentyal
- at this point in my time, i like to keep the admin page on 4430 so i can ssl the regular website
open your browser
head over to https://portal:4430
accept self-signed security certificate
login to zentyal
select "skip install"
install the LDAP part of zenny:
once at the main dashboard, select 'software management' -> 'zentyal components' -> 'users and groups'; click 'install'; confirm the extra packages
configure the network:
eth0 is internal, so click 'next'
it gets a dhcp address, so click 'next'
Select the type of ldap server: "Advanced configuration (Master/Slave/AD Sync)", click next.
Click on "Save Changes"
configure module status:
at the dashboard, select 'Module Status'. Turn all the modules that can be turned on and select accept at each module dialog. Save changes.
configure firewall to allow ldap:
at the dashboard, select 'Firewall' -> 'Packet Filter' -> 'Internal networks to Zentyal'
Edit the 'LDAP' entry, change from 'Deny' to 'Accept'
_Configure LDAP as slave_
reset users and groups for whatever reason:
go to your terminal and run: sudo /usr/share/ebox-usersandgroups/ebox-usersandgroups-reinstall
after that is finished, go back to your browser, refresh the zentyal admin page and select 'users and groups', then 'mode'
From the "Mode" dropdown box select "Slave".
type the address of your master (i've been having to type in my actual ip address, not hostname for whatever reason... i'm pretty sure my dns is fine) and master password
go to the module, enable 'users and groups'
_Add the service and configure firewall for tomcat7/liferay_
add a service called tomcat7 on port 8080
From the Dashboard, select "Services" -> Add New:
Service Name: tomcat7
Description: tomcat7/liferay portal
Tick the internal checkbox.
Select Add.
Under "Editing Service":
Protocol: TCP
Source Port: Any
Destination Port: Single Port: 8080
Save Changes!
Now Select "Firewall" -> "Packet Filter" -> "Filtering rules from internal networks to Zentyal" -> "Add New"
Decision: ACCEPT
Source: Any
Service: tomcat7
Select "Add"
Save Changes
_install oracle java jdk v6_
wget http://download.oracle.com/otn-pub/java/jdk/6u31-b04/jdk-6u31-linux-x64.bin
for whatever reason it worked better for 'sudo -i' to begin with
chmod +x jdk-6u31-linux-x64.bin
./jdk-6u31-linux-x64.bin
sudo mkdir -p /usr/local/java
sudo mv jdk1.6.0_31 /usr/local/java/jdk1.6.0_31
sudo ln -s /usr/local/java/jdk1.6.0_31 /usr/local/java/latest
sudo mv /etc/environment /etc/environment.bak
sudo echo "JAVA_HOME=\"/usr/local/java/latest\"" > ~/environment
sudo echo "JRE_HOME=\"/usr/local/java/latest/jre\"" >> ~/environment
sudo echo "PATH=\"\$JAVA_HOME/bin:$PATH\"" | cat >> ~/environment
sudo mv ~/environment /etc/environment
sudo echo "export JAVA_HOME=\"/usr/local/java/latest\"" > /etc/profile.d/javaenv.sh
sudo echo "export JRE_HOME=\"/usr/local/java/latest/jre\"" >> /etc/profile.d/javaenv.sh
sudo echo "export PATH=\"\$JAVA_HOME/bin:$PATH\"" | cat >> /etc/profile.d/javaenv.sh
sudo chmod +x /etc/profile.d/javaenv.sh
again for whatever reason, i had to reboot to get this to work
_install mysql_
sudo apt-get install mysql-server
_create liferay mysql user and db_
mysql -p -u root
CREATE DATABASE lportal CHARACTER SET utf8;
CREATE USER 'lportal'@'localhost' IDENTIFIED BY 'lportal';
GRANT ALL PRIVILEGES ON *.* TO 'lportal'@'localhost' WITH GRANT OPTION;
_d/l liferay bundle_
wget "http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.0%20GA1/liferay-portal-tomcat-6.1.0-ce-ga1-20120106155615760.zip?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Flportal%2Ffiles%2FLiferay%2520Portal%2F6.1.0%2520GA1%2F&ts=1331124425&use_mirror=voxel" -O liferay-portal-tomcat-6.1.0-ce-ga1-20120106155615760.zip
_expand liferay into /opt/liferay_
sudo mkdir /opt/liferay
unzip liferay-portal-tomcat-6.1.0-ce-ga1-20120106155615760.zip
sudo mv liferay-portal-6.1.0-ce-ga1 /opt/liferay
_create config file_
sudo vim /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/webapps/ROOT/WEB-INF/classes/portal-ext.properties
put this in it:
#
# MySQL
#
jdbc.default.driverClassName=com.mysql.jdbc.Driver
jdbc.default.url=jdbc:mysql://localhost/lportal?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
jdbc.default.username=lportal
jdbc.default.password=lportal
_remove sevencogs-hook_
There is only one application included in the bundle that you need to remove. It's called sevencogs-hook. It's a Liferay plugin that copies the 7Cogs data into the database when Liferay is started. To remove it, all you have to do is undeploy it. The method for doing this differs by application server and that, of course, depends on the bundle you have chosen. For example, on Tomcat you delete the application from the [Tomcat Home]/webapps folder
sudo rm -rf /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/webapps/sevencogs-hook
keep the sevencogs-theme if you want, it might be useful.
_configure tomcat to be a service_
sudo vim /etc/init.d/tomcat7
# Tomcat auto-start
#
# description: Auto-starts tomcat 7
# processname: tomcat7
# pidfile: /var/run/tomcat.pid
export JAVA_HOME=/usr/local/java/latest
case $1 in
start)
sh /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/bin/startup.sh
;;
stop)
sh /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/bin/shutdown.sh
;;
restart)
sh /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/bin/shutdown.sh
sh /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/bin/startup.sh
;;
esac
exit 0
#eof
--
Change the mode of the file:
sudo chmod 755 /etc/init.d/tomcat7
create links in the rc.d
sudo ln -s /etc/init.d/tomcat7 /etc/rc1.d/K99tomcat
sudo ln -s /etc/init.d/tomcat7 /etc/rc2.d/S99tomcat
reboot to test
_check the tomcat log_
watch the machine come up, it may take a while, so be patient, it takes a coupla minutes on my machine.
sudo tail -f /opt/liferay/liferay-portal-6.1.0-ce-ga1/tomcat-7.0.23/logs/catalina.out
_configure the machine in the browser_
open your browser and head to http://portal:8080
finish off the install here.
_Configure LDAP_
After installed, login with: test@liferay.com / password
Control Panel -> Portal Settings -> Authentication -> LDAP:
Tick "Enabled" check box, hit save.
Under "LDAP Servers" click the "Add" button
Server Name: Local (arbitrary, i chose Local cause I'm boring)
At first I was confused by the "Default Values interface" but now I understand that it simply just resets the settings to match the which ever directory paradigm. You can simply ignore this.
Under "Connection"
Base Provider URL: ldap://localhost:1389 (please note, that port 389 is used to bind to the ldap master, and 1389 is used to bind onto the ldap slave, thank you exekias for your constant reminder, maybe one day, I'll remember)
Base DN: dc=zabulon,dc=casanueva,dc=com
Principal: cn=ebox,dc=zabulon,dc=casanueva,dc=com
Credentials: ZeeZecretPassword
Go ahead and test the connection
Under "Users"
Authentication Search Filter: (mail=@email_address@)
Import Search Filter: (objectClass=inetOrgPerson)
User Mapping:
Screen Name: uid
Password: userPassword
Email Address: mail (From what I remember, which is not to be trusted, I had to manually edit my Zentyal LDAP and add my mail address to the master, and i believe it propogates it to the slaves without a hitch - to edit i use jxplorer or luma (i can't remember which app i used specifically), this is something to be aware of when upgrading or re-installing the master from scratch.. something i have yet to do)
Full Name: <empty>
First Name: givenName
Middle Name: <empty>
Last Name: sn
Job Title: <empty>
Portrait: <empty>
Group: <empty>
UUID: <empty>
Go ahead and test the LDAP Users, see if it works; adjust the settings if needed.
Groups:
Import Search Filter: (objectClass=posixGroup)
Group Mapping:
Group Name: cn
Description: description (i don't know if this is needed.. but i kept it so far, seems fine, can't hurt)
User: memberUid
Test the Groups.
I left the whole Export section alone, I don't want to export from Liferay, as far as I can tell at this moment.
Click the "Save" button
Import / Export
I ticked the "Import Enabled" checkbox, i don't know if this is correct.
I left "Import on Startup Enabled" and "Export Enabled" unticked.
Password Policy
I ticked "Use LDAP Password Policy" checkbox.
Aight, that's it; good luck and happy authing.
3
Installation and Upgrades / Re: Zentyal ldap server and Timetrex ldap login
« on: December 15, 2011, 05:56:44 pm »
Figured it out, here's the setup:
Apache v2.2.14
Mysql v5.1.41-3
PHP v5.3.2-1
TimeTrex v3.7.0 from zip install (not bin)
Zentyal 2.2 w/ openldap directory server
TimeTrex settings to auth against Zentyal 2.2's LDAP:
LDAP Auth: Enabled w/ Local Fallback
Server: 192.168.122.110
Port: 389
Bind User Name: <blank>
Bind Password: <blank>
Base DN: ou=Users,dc=testdirectory01
Bind Attribute: uid
User Filter: <blank>
Login Attribute: <blank>
Andy
Apache v2.2.14
Mysql v5.1.41-3
PHP v5.3.2-1
TimeTrex v3.7.0 from zip install (not bin)
Zentyal 2.2 w/ openldap directory server
TimeTrex settings to auth against Zentyal 2.2's LDAP:
LDAP Auth: Enabled w/ Local Fallback
Server: 192.168.122.110
Port: 389
Bind User Name: <blank>
Bind Password: <blank>
Base DN: ou=Users,dc=testdirectory01
Bind Attribute: uid
User Filter: <blank>
Login Attribute: <blank>
Andy
4
Installation and Upgrades / Re: Zentyal ldap server and Timetrex ldap login
« on: December 12, 2011, 11:36:30 pm »
okay, thank you for the information. I will try this out.
5
Installation and Upgrades / Re: zentyal ldap server and Timetrex ldap login
« on: December 12, 2011, 10:28:57 pm »
Hi,
I've got the TimeTrex to communicate with the Zentyal's LDAP, I'm still confused about Bind and Login Attributes.
The Timetrex config examples on the page say this:
Bind Attribute: (For binding the LDAP user. ie: AD/openLDAP: userPrincipalName, Mac OSX: uid)
Login Attribute: (For searching the LDAP user. ie: AD: sAMAccountName, openLDAP:dn, Mac OSX: dn)
Any help would be appreciated.
Andy
I've got the TimeTrex to communicate with the Zentyal's LDAP, I'm still confused about Bind and Login Attributes.
The Timetrex config examples on the page say this:
Bind Attribute: (For binding the LDAP user. ie: AD/openLDAP: userPrincipalName, Mac OSX: uid)
Login Attribute: (For searching the LDAP user. ie: AD: sAMAccountName, openLDAP:dn, Mac OSX: dn)
Any help would be appreciated.
Andy
6
Installation and Upgrades / Re: Zarafa Resources, recommendation request
« on: October 20, 2011, 02:13:20 pm »
Okay, i diff'd the files that Stenneman posted vs the ones in my Zentyal 2.0.
A strange difference was that " 'objectClass' => 'zarafa-contact' " isn't inside the attribute array in my ZarafaLdapUser.pm for 2.0, and I don't know whether to add it or not, so I left it out, assuming that it's something they added in 2.2.
I made a 'van' account in Zentyal. After I made the changes that Stenneman mentioned, I tried to make the 'van' account a resource. I enabled the van's Zarafa account and this gave me an error:
Trace
Unknown error at EBox::ZarafaLdapUser::setHasAccount Referral received at /usr/share/perl5/EBox/Ldap.pm line 703
EBox::Ldap::_errorOnLdap('Net::LDAP::Search=HASH(0x7f678403dd48)', 'HASH(0x7f6784043438)') called at /usr/share/perl5/EBox/Ldap.pm line 342
EBox::Ldap::search('EBox::Ldap=HASH(0x7f678206d868)', 'HASH(0x7f6784043438)') called at /usr/share/perl5/EBox/ZarafaLdapUser.pm line 263
EBox::ZarafaLdapUser::setHasAccount('EBox::ZarafaLdapUser=HASH(0x7f67840432e8)', 'van', 1) called at /usr/share/perl5/EBox/CGI/Zarafa/ZarafaUserOptions.pm line 53
EBox::CGI::Zarafa::ZarafaUserOptions::_process('EBox::CGI::Zarafa::ZarafaUserOptions=HASH(0x7f6780cd7c08)') called at /usr/share/perl5/EBox/CGI/Base.pm line 262
EBox::CGI::Base::run('EBox::CGI::Zarafa::ZarafaUserOptions=HASH(0x7f6780cd7c08)') called at /usr/share/perl5/EBox/CGI/Run.pm line 120
EBox::CGI::Run::run('EBox::CGI::Run', 'Zarafa/ZarafaUserOptions', 'EBox') called at /usr/share/ebox/cgi/ebox.cgi line 35
ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0x7f6780eb4ab8)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0x7f6783fd6ad8)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0x7f6783fd6ad8)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0x7f6780eb4ab8)') called at -e line 0
eval {...} called at -e line 0
I'll keep trying.
Andy
A strange difference was that " 'objectClass' => 'zarafa-contact' " isn't inside the attribute array in my ZarafaLdapUser.pm for 2.0, and I don't know whether to add it or not, so I left it out, assuming that it's something they added in 2.2.
I made a 'van' account in Zentyal. After I made the changes that Stenneman mentioned, I tried to make the 'van' account a resource. I enabled the van's Zarafa account and this gave me an error:
Trace
Unknown error at EBox::ZarafaLdapUser::setHasAccount Referral received at /usr/share/perl5/EBox/Ldap.pm line 703
EBox::Ldap::_errorOnLdap('Net::LDAP::Search=HASH(0x7f678403dd48)', 'HASH(0x7f6784043438)') called at /usr/share/perl5/EBox/Ldap.pm line 342
EBox::Ldap::search('EBox::Ldap=HASH(0x7f678206d868)', 'HASH(0x7f6784043438)') called at /usr/share/perl5/EBox/ZarafaLdapUser.pm line 263
EBox::ZarafaLdapUser::setHasAccount('EBox::ZarafaLdapUser=HASH(0x7f67840432e8)', 'van', 1) called at /usr/share/perl5/EBox/CGI/Zarafa/ZarafaUserOptions.pm line 53
EBox::CGI::Zarafa::ZarafaUserOptions::_process('EBox::CGI::Zarafa::ZarafaUserOptions=HASH(0x7f6780cd7c08)') called at /usr/share/perl5/EBox/CGI/Base.pm line 262
EBox::CGI::Base::run('EBox::CGI::Zarafa::ZarafaUserOptions=HASH(0x7f6780cd7c08)') called at /usr/share/perl5/EBox/CGI/Run.pm line 120
EBox::CGI::Run::run('EBox::CGI::Run', 'Zarafa/ZarafaUserOptions', 'EBox') called at /usr/share/ebox/cgi/ebox.cgi line 35
ModPerl::ROOT::ModPerl::Registry::usr_share_ebox_cgi_ebox_2ecgi::handler('Apache2::RequestRec=SCALAR(0x7f6780eb4ab8)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
eval {...} called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 204
ModPerl::RegistryCooker::run('ModPerl::Registry=HASH(0x7f6783fd6ad8)') called at /usr/lib/perl5/ModPerl/RegistryCooker.pm line 170
ModPerl::RegistryCooker::default_handler('ModPerl::Registry=HASH(0x7f6783fd6ad8)') called at /usr/lib/perl5/ModPerl/Registry.pm line 31
ModPerl::Registry::handler('ModPerl::Registry', 'Apache2::RequestRec=SCALAR(0x7f6780eb4ab8)') called at -e line 0
eval {...} called at -e line 0
I'll keep trying.
Andy
7
Installation and Upgrades / Re: Zarafa Resources, recommendation request
« on: October 20, 2011, 03:25:36 am »
I just found this thread in the forum:
http://forum.zentyal.org/index.php?topic=7710.0
Looks like this guy is doing the same thing I want to do; cept it's in 2.2 ... looks like I have a hot lead with this.
http://forum.zentyal.org/index.php?topic=7710.0
Looks like this guy is doing the same thing I want to do; cept it's in 2.2 ... looks like I have a hot lead with this.
8
Installation and Upgrades / Re: Zarafa Resources, recommendation request
« on: October 19, 2011, 11:26:57 pm »zarafaSharedStoreOnly is not managed by Zentyal module, try to add the attrs you need there.
jsalaremo, thanks for the response. when you sayd 'try to add the attrs you need there' - where is 'there'?
9
Installation and Upgrades / Re: Zarafa Resources, recommendation request
« on: October 18, 2011, 09:55:26 pm »
With help from dihedral on IRC (#zentyal @ freenode) i conquered JXplorer and I can browse the ldap structure. I'm not sure what I'm looking for and I'm not seeing anything related to zarafa. I thought i might see the 'zarafaSharedStoreOnly' somewhere.
10
Installation and Upgrades / Re: Zarafa Resources, recommendation request
« on: October 18, 2011, 02:29:41 pm »
Okay, JXplorer has defeated me It was getting late last night anyway.
So I found some more information on the Zarafa forum: I only need to consider one of Zarafa's LDAP resource.. if I understand correctly.
ldap_nonactive_attribute = zarafaSharedStoreOnly
This attribute will configure a mailbox as a shared store. On shared stores you will not be able to login.
I think it needs to be assigned a "1"
I am assuming the process I should follow is:
I need to make a Zentyal account, give it a mailbox in Zarafa, edit Zarafa's LDAP config by modifying zarafaSharedStoreOnly=1, and then I can run zarafa-admin commands to auto-accept and deny if busy.
I need some re-assurance I'm heading in the correct direction.
Thank you,
Andy
It was getting late last night anyway.So I found some more information on the Zarafa forum: I only need to consider one of Zarafa's LDAP resource.. if I understand correctly.
ldap_nonactive_attribute = zarafaSharedStoreOnly
This attribute will configure a mailbox as a shared store. On shared stores you will not be able to login.
I think it needs to be assigned a "1"
I am assuming the process I should follow is:
I need to make a Zentyal account, give it a mailbox in Zarafa, edit Zarafa's LDAP config by modifying zarafaSharedStoreOnly=1, and then I can run zarafa-admin commands to auto-accept and deny if busy.
I need some re-assurance I'm heading in the correct direction.
Thank you,
Andy
11
Installation and Upgrades / Re: Zarafa Resources, recommendation request
« on: October 16, 2011, 07:37:48 pm »you can browse LDAP (DIT and schema) installing JXplorer on your client
Nice, I look forward to playing with JXplorer, thank you for the suggestion.
12
Installation and Upgrades / Re: Zarafa Resources, recommendation request
« on: October 16, 2011, 05:54:39 pm »
okay, i got some more info - in the Zarafa 6.4 Admin Manual, the end is Appendix B: LDAP Attribute Description
A few attributes look like it relates..
zarafaMrAccept: This attribute will configure auto-acception of meeting requests. This attribute is not used in the current
Zarafa versions.
zarafaMrDeclineConflict: This attribute will decline meeting requests when the calendar already contains appointments. This
attribute is not used in the current Zarafa versions.
zarafaResourceType: This attribute will configure the resource type of a shared store. The available options are Room or
"Equipment"
zarafaResourceCapacity: This attribute will number the rooms or equipment available.
Looks like the zarafaMr attributes aren't used in the 'current zarafa version' - again, this is from the 6.4 admin manual.
I wonder if this is helpful at all to resolve my issue. Sadly, I don't understand enough.
Andy
A few attributes look like it relates..
zarafaMrAccept: This attribute will configure auto-acception of meeting requests. This attribute is not used in the current
Zarafa versions.
zarafaMrDeclineConflict: This attribute will decline meeting requests when the calendar already contains appointments. This
attribute is not used in the current Zarafa versions.
zarafaResourceType: This attribute will configure the resource type of a shared store. The available options are Room or
"Equipment"
zarafaResourceCapacity: This attribute will number the rooms or equipment available.
Looks like the zarafaMr attributes aren't used in the 'current zarafa version' - again, this is from the 6.4 admin manual.
I wonder if this is helpful at all to resolve my issue. Sadly, I don't understand enough.
Andy
13
Installation and Upgrades / Re: Zarafa Resources, recommendation request
« on: October 15, 2011, 05:11:38 pm »
okay, so more specifically the ZCP manual says: ZCP supports automatic booking of resources. To create a
resource add a new non-active mailbox or select in OpenLDAP the resource user type.
And then it looks like i run those commands:
zarafa-admin -u <resource name> --mr-accept 1
zarafa-admin -u <resource name> --mr-decline-conflict 1
zarafa-admin -u <resource name> --mr-decline-recurring 1
ichat from IRC told me that to do this I would probably do some LDAP trickery. He also said that waiting for Chris would be a good thing As he is the LDAP guru.
ichat also mentioned installing webmin on the directory server to assist with the directory edits.
HOWTO: Webmin Install - http://forum.zentyal.org/index.php?topic=3852.0
Andy
resource add a new non-active mailbox or select in OpenLDAP the resource user type.
And then it looks like i run those commands:
zarafa-admin -u <resource name> --mr-accept 1
zarafa-admin -u <resource name> --mr-decline-conflict 1
zarafa-admin -u <resource name> --mr-decline-recurring 1
ichat from IRC told me that to do this I would probably do some LDAP trickery. He also said that waiting for Chris would be a good thing
As he is the LDAP guru.ichat also mentioned installing webmin on the directory server to assist with the directory edits.
HOWTO: Webmin Install - http://forum.zentyal.org/index.php?topic=3852.0
Andy
14
Installation and Upgrades / Re: Email Distribution List -- How to?
« on: October 12, 2011, 03:01:25 pm »
Yes, I'm doing what Christian is doing, here is the instructions for installing mailman posted in the forum:
http://forum.zentyal.org/index.php/topic,6671.0.html
http://forum.zentyal.org/index.php/topic,6671.0.html
15
Installation and Upgrades / Re: Zarafa Resources, recommendation request
« on: October 12, 2011, 12:01:40 am »
http://doc.zarafa.com/6.40/Administrator_Manual/en-US/pdf/Zarafa_Collaboration_Platform-6.40.0-Administrator_Manual-en-US.pdf
That's the link to the 6.40 manual and it's on page 107 that describes resouces.
That's the link to the 6.40 manual and it's on page 107 that describes resouces.