Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.



Table of Contents

HideElements
metastrue
commentstrue
breadcrumbtrue
childpagestrue
watchtrue
sharetrue
favoritetrue
likestrue

Introduction

A quick guide to get you up to speed regarding kopano with the (open)LDAP backend .for Kopano Groupware Core

Tested

This guide has been tested on Debian 7, 8 and Ubuntu 14.04 LTS

Installation

Please note : slapd uses the hostname to "guess" the organisation name for the LDAP.

...

For your setup you probably want to change this to something more useful.

Install

...

 

Code Block
languagebash
$ sudo apt-get install mysql-server libapache2-mod-php5

 

Enter the mysql password twice and write it down.

...

OpenLDAP


Code Block
languagebash
themeMidnight
$ sudo apt-get install slapd ldap-utils

...

Code Block
languagebash
themeMidnight
$ sudo slapcat
dn: dc=example,dc=local
objectClass: top
objectClass: dcObject
objectClass: organization
o: example.local
dc: example
structuralObjectClass: organization
entryUUID: 907f25dc-91f2-1032-97fa-b34646bf14f6
creatorsName: cn=admin,dc=example,dc=local
createTimestamp: 20130805081250Z
entryCSN: 20130805081250.289774Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=local
modifyTimestamp: 20130805081250Z
 
dn: cn=admin,dc=example,dc=local
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9dm1rV21GdmVPbVBXTnI4blhSbE5oeVVmTTVSWm4vV2U=
structuralObjectClass: organizationalRole
entryUUID: 907fc91a-91f2-1032-97fb-b34646bf14f6
creatorsName: cn=admin,dc=example,dc=local
createTimestamp: 20130805081250Z
entryCSN: 20130805081250.293957Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=local
modifyTimestamp: 20130805081250Z

 

 

Create the placeholder for our users.

Create a file called org.ldif containing:

...

Code Block
languagebash
themeMidnight
$ sudo ldapsearch -x -D cn=admin,dc=example,dc=local -W -b dc=example,dc=local

 

Download and install

...

Choose the version for your distribution from https://download.kopano.io/supported/core:/final//

We will be using https://download.kopano.io/supported/core:/final/Debian_8.0//

Note: The user and password are those of your Kopano portal account.

 

Code Block
languagebash
themeMidnight
$ sudo echo 'deb https://serial:<ENTERYOURSERIALHERE>@download.kopano.io/supported/core:/final/Debian_8.0/ ./' > /etc/apt/sources.list.d/kopano.list
 
$ sudo curl https://serial:<ENTERYOURSERIALHERE>@download.kopano.io/supported/core:/final/Debian_8.0/Release.key | apt-key add -
 
$ sudo apt update
$ sudo apt install kopano-server-packages

 

 

After the boot check if kopano is up and running.

Code Block
languagebash
themeMidnight
$ sudo kopano-admin -l

User list for Default(1):
	Username	Fullname	Homeserver	
	------------------------------------------
	SYSTEM		SYSTEM		kopano	

 

Kopano

Install Kopano Groupware Core using the Install How-to: Kopano Groupware Installation 


Add the kopano schema to our ldap

Code Block
languagebash
themeMidnight
$ sudo zcat /usr/share/doc/kopano/kopano.ldif.gz | ldapadd -H ldapi:/// -Y EXTERNAL

 

Add an kopano user to our ldap

Create a new ldif file called user.ldif containing the following. This user will have kopano admin rights:

Code Block
languagebash
themeMidnight
dn: uid=john,ou=People,dc=example,dc=local
objectClass: posixAccount
objectClass: top
objectClass: kopano-user
objectClass: inetOrgPerson
gidNumber: 1000
cn: John Doe
homeDirectory: /home/john
mail: john@example.local
uidNumber: 1000
kopanoAliases: j.doe@example.local
kopanoUserServer: kopano
uid: john
kopanoAccount: 1
kopanoAdmin: 1
sn: Doe
userPassword: john
kopanoQuotaOverride: 1
kopanoEnabledFeatures: imap
kopanoDisabledFeatures: pop3
kopanoQuotaWarn: 1000000000
kopanoQuotaSoft: 1100000000
kopanoQuotaHard: 1200000000
Code Block
languagebash
themeMidnight
$ sudo ldapadd -x -D cn=admin,dc=example,dc=local -W -f user.ldif

 

Verify the user anonymously.

...

Code Block
languagebash
themeMidnight
user_plugin             = ldap

 

|

Setup the ldap.cfg

Depending on the Kopano version (8.2.0 and higher) :

...

Edit /etc/kopano/ldap.cfgChange the line ldap_bind_user = cn=admin,cn=users,dc=kopano,dc=com into the following.

Add your LDAP bind user and password if you do not use anonymous bind;

Code Block
languagebash
themeMidnight
ldap_bind_user =
ldap_bind_password = 
Change the search base so it matches our organisation.
Code Block
languagebash
themeMidnight
ldap_search_base = dc=example,dc=local

...

Code Block
languagebash
themeMidnight
$ sudo kopano-admin --details john

Username:		john
Fullname:		John Doe
Emailaddress:		john@example.local
Active:			yes
Administrator:		yes
Address book:		Visible
Auto-accept meeting req:no
Mapped properties:
	PR_SURNAME		Doe	
	PR_EC_ENABLED_FEATURES	imap	
	PR_EC_DISABLED_FEATURES	pop3	
Current user store quota settings:
 Quota overrides:	yes
 Warning level:		953.67 MB
 Soft level:		1049.04 MB
 Hard level:		1144.41 MB
Current store size:	0.00 MB
Groups (1):
	Everyone

 

 

Ldap optimization

Create a file called optimize-index.ldif containing:

...

Ldap backup and restore using slapcat / slapadd

Backup

For the configuration use the the 0 since it is the first database.

...

Code Block
languagebash
themeMidnight
$ sudo slapcat -n 1 -l example.local.ldif

 

Restore

Make sure you have stopped slapd before doing this.

...

The owner should be openldap:openldap and the permissions 0600

Disable anonymous binding

If required you can disable anonymous binding.

Taken from http://serverfault.com/questions/325912/disallow-global-anonymous-bind-with-cn-config

Changing the default behaviour

Create a file disable_anon_backend.ldif

...

Code Block
languagebash
themeMidnight
$ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f disable_anon_frontend.ldif
$ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f disable_anon_backend.ldif

Testing if it works

After this the following should not be possible anymore.

...

Page properties
hiddentrue


Related issues 



Code Block
languagebash
themeMidnight
$ sudo ldapadd -x -D cn=admin,dc=example,dc=local -W -f user.ldif