Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

HideElements
metastrue
commentstrue
breadcrumbtrue
childpagestrue
watchtrue
sharetrue
favoritetrue
likestrue

Introduction

A quick guide to get you up to speed regarding kopano with the (open)LDAP backend.

Tested

This guide has been tested on Debian 7, 8 and Ubuntu 14.04 LTS, 

Installation

Please note : slapd uses the hostname to "guess" the organisation name for the LDAP.

...

For your setup you probably want to change this to something more useful.

Install mysql and apache / php


 

Code Block
languagebash
$ sudo apt-get install mysql-server libapache2-mod-php5

...

Enter the mysql password twice and write it down.

Install OpenLDAP


Code Block
languagebash
themeMidnight
$ sudo apt-get install slapd ldap-utils

...

Code Block
languagebash
themeMidnight
$ sudo slapcat
dn: dc=example,dc=local
objectClass: top
objectClass: dcObject
objectClass: organization
o: example.local
dc: example
structuralObjectClass: organization
entryUUID: 907f25dc-91f2-1032-97fa-b34646bf14f6
creatorsName: cn=admin,dc=example,dc=local
createTimestamp: 20130805081250Z
entryCSN: 20130805081250.289774Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=local
modifyTimestamp: 20130805081250Z
 
dn: cn=admin,dc=example,dc=local
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9dm1rV21GdmVPbVBXTnI4blhSbE5oeVVmTTVSWm4vV2U=
structuralObjectClass: organizationalRole
entryUUID: 907fc91a-91f2-1032-97fb-b34646bf14f6
creatorsName: cn=admin,dc=example,dc=local
createTimestamp: 20130805081250Z
entryCSN: 20130805081250.293957Z#000000#000#000000
modifiersName: cn=admin,dc=example,dc=local
modifyTimestamp: 20130805081250Z




 

 

Create the placeholder for our users.

Create a file called org.ldif containing:

...

Code Block
languagebash
themeMidnight
$ sudo ldapsearch -x -D cn=admin,dc=example,dc=local -W -b dc=example,dc=local

 

Download and install kopano

Choose the version for your distribution from https://download.kopano.io/supported/core:/final//

...

Code Block
languagebash
themeMidnight
$ sudo zcat /usr/share/doc/kopano/kopano.ldif.gz | ldapadd -H ldapi:/// -Y EXTERNAL

 

Add an kopano user to our ldap

Create a new ldif file called user.ldif containing the following. This user will have kopano admin rights:

...

Code Block
languagebash
themeMidnight
$ sudo kopano-admin --details john

Username:		john
Fullname:		John Doe
Emailaddress:		john@example.local
Active:			yes
Administrator:		yes
Address book:		Visible
Auto-accept meeting req:no
Mapped properties:
	PR_SURNAME		Doe	
	PR_EC_ENABLED_FEATURES	imap	
	PR_EC_DISABLED_FEATURES	pop3	
Current user store quota settings:
 Quota overrides:	yes
 Warning level:		953.67 MB
 Soft level:		1049.04 MB
 Hard level:		1144.41 MB
Current store size:	0.00 MB
Groups (1):
	Everyone

 

 

Ldap optimization

Create a file called optimize-index.ldif containing:

...

Ldap backup and restore using slapcat / slapadd

Backup

For the configuration use the the 0 since it is the first database.

...

Code Block
languagebash
themeMidnight
$ sudo slapcat -n 1 -l example.local.ldif

 

Restore

Make sure you have stopped slapd before doing this.

...

The owner should be openldap:openldap and the permissions 0600

Disable anonymous binding

If required you can disable anonymous binding.

Taken from http://serverfault.com/questions/325912/disallow-global-anonymous-bind-with-cn-config

Changing the default behaviour

Create a file disable_anon_backend.ldif

...

Code Block
languagebash
themeMidnight
$ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f disable_anon_frontend.ldif
$ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f disable_anon_backend.ldif

Testing if it works

After this the following should not be possible anymore.

...