Community Home
Installation and configuration HowTo of open-XChange™ 0.8.0 on SLES 9
From Stephan Schulz famous Howto, tested by Pascal,Yuri ('Towaritsch Kernel-Hack') et Timon :-)for SLES 9
Version:1.0| Design-Update | 20.04.2005 | 8:00 | by Michelle |
| 25.04.2005 | Automatically create filespool folder for uploaded files | New!./correctfilespool is obsolete ;-) | by Timon | 15:00 |
Reference | Installation of necessary packages | Installation of Open-Xchange™ | Configuration OX/LDAP | Database | Tomcat | Apache | User | Start | Tipps und Tricks | WebDAV | Adressbook | Example-Files | Stuff for OX :-) | Addon | make | Coming soon :-) | Do not forget this.. | Postgresql | Installation errors | Create new moduls | Alternative email address |
Note:
This is an example installation. I do not take responsibility and no adhesion in relation to the instructions printed here! I do not tidy up also your dwelling if the server exploded...EVERYTHING ON OWN DANGER AND WITHOUT GUARANTEE!
This howto describes an installation by open-Xchange™ on SLES 9 pro with the consideration an external IMAP server is used. This installation does not describe an update of an older version!
As example a server with the IP: 192.168.1.121 and the example-Domain ox-server.de. OX is installed under /data/ox/. These data and the password "YOURPASSWORD" must be adapted with your installation! And please the goal listing to linux-file-system to point leave. Furthermore this configuration is appropriate only for a test operation, because e.g. passwords are not yet coded in the files. When You do all the showing steps here,the installation and all the feature from OX will works for You. A 'Newbie' must execute this installation-guide step by step. For a 'profi' is the time less than 1 hour.
Be sure the installation for OX on SLES9 it can be very 'tricky'...but is not funny and sometimes very strange..You need many cigarettes and coffee. Read the Howto very carefully...and no panic, when something goes wrong... This howto describe only a basic installation for OX on SLES9..have a look to the example-files for LDAP (slapd.conf)..all is possible ;-)
The installation steps must be implemented as root!
There are further assistance in Open-Xchange-Forum, in the Wiki and in the Mailinglisten.
Have a lot of fun with OX :-) and a real OS...
This is an example installation. I do not take responsibility and no adhesion in relation to the instructions printed here! I do not tidy up also your dwelling if the server exploded...EVERYTHING ON OWN DANGER AND WITHOUT GUARANTEE!
This howto describes an installation by open-Xchange™ on SLES 9 pro with the consideration an external IMAP server is used. This installation does not describe an update of an older version!
As example a server with the IP: 192.168.1.121 and the example-Domain ox-server.de. OX is installed under /data/ox/. These data and the password "YOURPASSWORD" must be adapted with your installation! And please the goal listing to linux-file-system to point leave. Furthermore this configuration is appropriate only for a test operation, because e.g. passwords are not yet coded in the files. When You do all the showing steps here,the installation and all the feature from OX will works for You. A 'Newbie' must execute this installation-guide step by step. For a 'profi' is the time less than 1 hour.
Be sure the installation for OX on SLES9 it can be very 'tricky'...but is not funny and sometimes very strange..You need many cigarettes and coffee. Read the Howto very carefully...and no panic, when something goes wrong... This howto describe only a basic installation for OX on SLES9..have a look to the example-files for LDAP (slapd.conf)..all is possible ;-)
The installation steps must be implemented as root!
There are further assistance in Open-Xchange-Forum, in the Wiki and in the Mailinglisten.
Have a lot of fun with OX :-) and a real OS...
Installation of necessary packages:
The minimum installation was selected and installed by SLES9.
By means of Yast the following packages and their dependence are after-installed.
apache2-2.0.46-27.23.3
apache2-prefork-2.0.49-27.24.3
apache2-jarkarta-tomcat-connectors-5.0.19-29.1
jakarta-tomcat-5.0.19-29-1
postgres-7.4.2-36.3
postgresql-server-7.4.2-36.3
postgresql-libs-7.4.2-36.3
postgresql-devel-7.4.2-36.3
postgresql-jdbc Do not use the jdbc form SuSE! Download it..
jikes-1.19-18
(+ java)
per default is on a SLES9 system:
IBMJava2-JRE,IBMJava2-SDK;
change it to:java2-SDK-1.4.2-129.7 and java2-jre-1.4.2-129.7
openldap-2.2.6-37.22
openldap2-client-2.2.6-37.22
openldap2-devel-2.2.6-37.22
perl-IO-Socket-SSL-0.95-28 otherwise You will have an error like this:Premature end of script headers...
perl-Authen-SASL-2.06-26
perl-Convert-ASN1-0.18-66.1
perl-XML-LibXML-1.57-32
perl-libxml-perl-0.07-478
perl-CGI-Application-3.22-26
perl-ldap*-0.29-132-1
unzip-5.50-345.1
autoconf-2.59-75.1
automake-1.8.3-23.1
gcc-3.3.3-43-24
gcc-c++-3.3.3-43-24
After installing these packages if necessary patches implement with Yast-online-update to install.
Further packages are needed from the internet:
jaf:
Download from: http://java.sun.com/products/javabeans/glasgow/jaf.html
Unpack and copy the file activation.jar to: /usr/lib/java/lib/
Xerces-J-bin:
Download from: http://apache.kgt.org/xml/xerces-j/
Unpack and copy the file xercesImpl.jar to: /usr/lib/java/lib/
JavaMail:
Download from: http://java.sun.com/products/javamail/downloads/index.html
Unpack and copy the file mail.jar to: /usr/lib/java/lib/
jdom-1.0:
Download from: http://www.jdom.org/dist/binary/ Unpack,change into /jdom-1.0 and execute: ./build.sh
You must sure that the build-process was successful otherwise You will found in /build the origine jdom.jar from the developper..does not works for You:-(
execute:cd build
cp jdom.jar /usr/lib/java/lib/
Postgres JDBC driver:
Download pg74.215.jdbc3.jar from: http://jdbc.postgresql.org/download.html
Rename it to: postgresql.jar and copy to: /usr/lib/java/lib/. Make sure that the file has following rights: rwxr-xr-x owner:root group:root
The minimum installation was selected and installed by SLES9.
By means of Yast the following packages and their dependence are after-installed.
apache2-2.0.46-27.23.3
apache2-prefork-2.0.49-27.24.3
apache2-jarkarta-tomcat-connectors-5.0.19-29.1
jakarta-tomcat-5.0.19-29-1
postgres-7.4.2-36.3
postgresql-server-7.4.2-36.3
postgresql-libs-7.4.2-36.3
postgresql-devel-7.4.2-36.3
postgresql-jdbc Do not use the jdbc form SuSE! Download it..
jikes-1.19-18
(+ java)
per default is on a SLES9 system:
IBMJava2-JRE,IBMJava2-SDK;
change it to:java2-SDK-1.4.2-129.7 and java2-jre-1.4.2-129.7
openldap-2.2.6-37.22
openldap2-client-2.2.6-37.22
openldap2-devel-2.2.6-37.22
perl-IO-Socket-SSL-0.95-28 otherwise You will have an error like this:Premature end of script headers...
perl-Authen-SASL-2.06-26
perl-Convert-ASN1-0.18-66.1
perl-XML-LibXML-1.57-32
perl-libxml-perl-0.07-478
perl-CGI-Application-3.22-26
perl-ldap*-0.29-132-1
unzip-5.50-345.1
autoconf-2.59-75.1
automake-1.8.3-23.1
gcc-3.3.3-43-24
gcc-c++-3.3.3-43-24
You must now after installing this packages 'logout,login' from the system,because than the 'changes' will works for You ;-)
After installing these packages if necessary patches implement with Yast-online-update to install.
Further packages are needed from the internet:
jaf:
Download from: http://java.sun.com/products/javabeans/glasgow/jaf.html
Unpack and copy the file activation.jar to: /usr/lib/java/lib/
Xerces-J-bin:
Download from: http://apache.kgt.org/xml/xerces-j/
Unpack and copy the file xercesImpl.jar to: /usr/lib/java/lib/
JavaMail:
Download from: http://java.sun.com/products/javamail/downloads/index.html
Unpack and copy the file mail.jar to: /usr/lib/java/lib/
jdom-1.0:
Download from: http://www.jdom.org/dist/binary/ Unpack,change into /jdom-1.0 and execute: ./build.sh
You must sure that the build-process was successful otherwise You will found in /build the origine jdom.jar from the developper..does not works for You:-(
execute:cd build
cp jdom.jar /usr/lib/java/lib/
Postgres JDBC driver:
Download pg74.215.jdbc3.jar from: http://jdbc.postgresql.org/download.html
Rename it to: postgresql.jar and copy to: /usr/lib/java/lib/. Make sure that the file has following rights: rwxr-xr-x owner:root group:root
postgres-database
Edit /etc/sysconfig/postgresql and set:
POSTGRES_OPTIONS="-i"
Execute:
rcpostgresql start
Edit /var/lib/pgsql/data/pg_hba.conf
and make sure that the entries are not deactivated:
BUT BE CAREFUL DO NOT THIS ON A REAL-TIME-SYSTEM: HACKERS FROM THE INTERNET LOVE THIS ;-)..IS NOT SECURE!!!! ;-))
But deactivate the line with ::1 as IP address for IPv6!
Edit /var/lib/pgsql/data/postgresql.conf and make sure that the line is not deactivated:
tcpip_socket = true BE SURE THAT YOU SET THIS,BECAUSE THIS WILL AVOID SOME 'UGLY' ERROR MESSAGES ;-)and than postgres will work for You....
Execute:
rcpostgresql restart
Execute:
su postgres
If still no user 'openexchange' for the database exists then:
createuser --pwprompt
Enter name of user to add: openexchange
Enter password for new user: YOURPASSWORD
Enter it again: YOURPASSWORD
Shall the new user be allowed to create databases? (y/n) y
Shall the new user be allowed to create more new users? (y/n) n
createdb -O openexchange -E UTF-8 openexchange
This is important,because You can avoid in ./configure and make,that the database will not found..
exit
Edit /etc/sysconfig/postgresql and set:
POSTGRES_OPTIONS="-i"
Execute:
rcpostgresql start
Edit /var/lib/pgsql/data/pg_hba.conf
and make sure that the entries are not deactivated:
| TYPE | DATABASE |
USER |
IP-ADDRESS |
IP-MASK |
METHOD |
| host | all |
all |
127.0.0.1 |
255.255.255.255 |
trust |
| local | all |
all |
trust |
BUT BE CAREFUL DO NOT THIS ON A REAL-TIME-SYSTEM: HACKERS FROM THE INTERNET LOVE THIS ;-)..IS NOT SECURE!!!! ;-))
But deactivate the line with ::1 as IP address for IPv6!
Edit /var/lib/pgsql/data/postgresql.conf and make sure that the line is not deactivated:
tcpip_socket = true BE SURE THAT YOU SET THIS,BECAUSE THIS WILL AVOID SOME 'UGLY' ERROR MESSAGES ;-)and than postgres will work for You....
Execute:
rcpostgresql restart
Execute:
su postgres
If still no user 'openexchange' for the database exists then:
createuser --pwprompt
Enter name of user to add: openexchange
Enter password for new user: YOURPASSWORD
Enter it again: YOURPASSWORD
Shall the new user be allowed to create databases? (y/n) y
Shall the new user be allowed to create more new users? (y/n) n
createdb -O openexchange -E UTF-8 openexchange
This is important,because You can avoid in ./configure and make,that the database will not found..
exit
Installation of Open-Xchange
Download Open-Xchange™ from: here
(e.g.: with 'wget http://mirror.open-xchange.org/download/open-xchange-0.8.0-RC1.tar.bz2')
- unpacking into a folder
Implement of OX: (do not forget to adapt request to the own data!)
In many cases to avoid the following funny warning: configure:WARNING: 'missing' script is too old or missing
You have to change in OX_src/config/missing against the missing-script from /usr/share/automake-1.9/missing before execute the script ./configure funny? ;-)
./configure --prefix=/data/ox \
--with-mailjar=/usr/lib/java/lib/mail.jar \
--with-activationjar=/usr/lib/java/lib/activation.jar \
--with-jdomjar=/usr/lib/java/lib/jdom.jar \
--with-xercesjar=/usr/lib/java/lib/xercesImpl.jar \
--with-jsdkjar=/usr/share/common/lib/servletapi.jar \!!!! VERY IMPORTANT!!!!
--with-jdbcjar=/usr/lib/java/lib/postgresql.jar \
--with-dbpass=YOURPASSWORD \
--with-domain=ox-server.de \
--with-basedn=dc=ox-server,dc=de \
--with-rootdn=uid=mailadmin,dc=ox-server,dc=de \
--with-organization="OX Server" \
--with-runuid=wwwrun \
--with-rungid=tomcat \
--enable-webdav \
--enable-doc
make
Some "Semantic warning" You can ignore it...
Sometimes You get following error:
cd . && \
automake-1.7 --gnu Makefile
/bin/sh: line 1: automake-1.7: command not found
make: *** [Makefile.in] Error 127
Solution:
in OX-sources-folder:edit Makefile
... MAKEFILE= ${SHELL}......automake-1.7 change this version,which that what You have
make install
cd /data/ox
cp share/perl/* /srv/www/cgi-bin/
cp share/openxchange.schema /etc/openldap/schema/
mkdir -p /srv/www/htdocs/cfintranet/webmail/
cp -r share/groupware/data/css share/groupware/data/images
share/groupware/data/javascript /srv/www/htdocs/cfintranet/
You must write it in one line in the console. Do not forget this step,otherwise You have a 'nice' OX outfit in the browser ;-)...looks like not very funny
cp -r share/webmail/data/css share/webmail/data/images
share/webmail/data/javascript /srv/www/htdocs/cfintranet/webmail
cd etc/webmail/
ln -s /etc/openldap/ldap.conf IMPORTANT! Do not forget this step
ln -s /etc/mime.types
cd ../groupware
ln -s /etc/openldap/ldap.conf IMPORTANT! Do not forget this step
ln -s /etc/mime.types
Second part of database: initialize the OX-database
su postgres
psql -U openexchange openexchange < /data/ox/share/init_database.sql
exit
Execute:
/data/ox/sbin/dbinit_ox
Execute:
rcpostgresql restart
Download Open-Xchange™ from: here
(e.g.: with 'wget http://mirror.open-xchange.org/download/open-xchange-0.8.0-RC1.tar.bz2')
- unpacking into a folder
For
tying up the external IMAP server, if the Login on the IMAP server is
in the kind testuser@domain.com, now two files must be edited.
Is the login only 'testuser' then can this setting ignored!
For the Webmail: line 1242: src/com/openexchange/webmail/Management.java
change in:
wdic.setUsername(wus.getUsername()+"@"+wus.getDomain());
For the portal side and if necessary the e-Mail-Popup: line 148: src/com/openexchange/tools/MailHandle.java
change in:
this.store.connect(imap,user+"@ox-server.de",password);
All accounts must then on the IMAP server: xyz@ox server.de!
Implement of OX: (do not forget to adapt request to the own data!)
In many cases to avoid the following funny warning: configure:WARNING: 'missing' script is too old or missing
You have to change in OX_src/config/missing against the missing-script from /usr/share/automake-1.9/missing before execute the script ./configure funny? ;-)
./configure --prefix=/data/ox \
--with-mailjar=/usr/lib/java/lib/mail.jar \
--with-activationjar=/usr/lib/java/lib/activation.jar \
--with-jdomjar=/usr/lib/java/lib/jdom.jar \
--with-xercesjar=/usr/lib/java/lib/xercesImpl.jar \
--with-jsdkjar=/usr/share/common/lib/servletapi.jar \!!!! VERY IMPORTANT!!!!
--with-jdbcjar=/usr/lib/java/lib/postgresql.jar \
--with-dbpass=YOURPASSWORD \
--with-domain=ox-server.de \
--with-basedn=dc=ox-server,dc=de \
--with-rootdn=uid=mailadmin,dc=ox-server,dc=de \
--with-organization="OX Server" \
--with-runuid=wwwrun \
--with-rungid=tomcat \
--enable-webdav \
--enable-doc
make
Some "Semantic warning" You can ignore it...
Sometimes You get following error:
cd . && \
automake-1.7 --gnu Makefile
/bin/sh: line 1: automake-1.7: command not found
make: *** [Makefile.in] Error 127
Solution:
in OX-sources-folder:edit Makefile
... MAKEFILE= ${SHELL}......automake-1.7 change this version,which that what You have
make install
cd /data/ox
cp share/perl/* /srv/www/cgi-bin/
cp share/openxchange.schema /etc/openldap/schema/
mkdir -p /srv/www/htdocs/cfintranet/webmail/
cp -r share/groupware/data/css share/groupware/data/images
share/groupware/data/javascript /srv/www/htdocs/cfintranet/
You must write it in one line in the console. Do not forget this step,otherwise You have a 'nice' OX outfit in the browser ;-)...looks like not very funny
cp -r share/webmail/data/css share/webmail/data/images
share/webmail/data/javascript /srv/www/htdocs/cfintranet/webmail
cd etc/webmail/
ln -s /etc/openldap/ldap.conf IMPORTANT! Do not forget this step
ln -s /etc/mime.types
cd ../groupware
ln -s /etc/openldap/ldap.conf IMPORTANT! Do not forget this step
ln -s /etc/mime.types
Second part of database: initialize the OX-database
su postgres
psql -U openexchange openexchange < /data/ox/share/init_database.sql
exit
Execute:
/data/ox/sbin/dbinit_ox
Execute:
rcpostgresql restart
Configuration of Open-Xchange
Edit /etc/init.d/ldap and change:
SLAPD_URLS="ldap://192.168.1.121/ ldap://127.0.0.1/" !!!!VERY IMPORTANT!!!!
Execute:
rcldap restart
Edit /data/ox/share/init_ldap.ldif and change all entries of the kind dc=example,dc=org into your Domain.
Examine now again conscientiously the files:Have a look for it in the example files,too
/etc/openldap/ldap.conf
/etc/openldap/slapd.conf
/data/ox/etc/admintools.conf
in all files must the same BINDDN and/or rootdn,BINDPW. That is the most frequent error cause!
In the folder /etc/openldap/ create with the command 'touch acl_ox.conf'. This is merged of slapd.conf and contains the ACLs for OX.(Example-files)
LDAP data initialize:
slapadd -l /data/ox/share/init_ldap.ldif
If error to be returned here,there is something wrong with admintools.conf and ldap configuration files! Examine then all entries.
If it no errors appears: rcldap restart
The script ./correctfilespool is now obsolete! ;-)
But You need the filespool-directory,because in this folder will created automatically the folders for the uploaded files.
If the filespool listing have not the rights for wwwrun.tomcat then execute the following:
chown wwwrun.tomcat /data/ox/var/filespool -R
chmod g+w /data/ox/var/filespool -R
Copy the start-script (openexchange) in the system-folder (etc/init.d/) and merge the programs into the starting process:
cp -a /data/ox/etc/init.d/openexchange /etc/init.d/
chkconfig apache2 on
chkconfig tomcat5 on
chkconfig ldap on
chkconfig postgresql on
chkconfig openexchange on
Edit /etc/init.d/ldap and change:
SLAPD_URLS="ldap://192.168.1.121/ ldap://127.0.0.1/" !!!!VERY IMPORTANT!!!!
Execute:
rcldap restart
Edit /data/ox/share/init_ldap.ldif and change all entries of the kind dc=example,dc=org into your Domain.
Examine now again conscientiously the files:Have a look for it in the example files,too
/etc/openldap/ldap.conf
/etc/openldap/slapd.conf
/data/ox/etc/admintools.conf
in all files must the same BINDDN and/or rootdn,BINDPW. That is the most frequent error cause!
In the folder /etc/openldap/ create with the command 'touch acl_ox.conf'. This is merged of slapd.conf and contains the ACLs for OX.(Example-files)
LDAP data initialize:
slapadd -l /data/ox/share/init_ldap.ldif
If error to be returned here,there is something wrong with admintools.conf and ldap configuration files! Examine then all entries.
If it no errors appears: rcldap restart
The script ./correctfilespool is now obsolete! ;-)
But You need the filespool-directory,because in this folder will created automatically the folders for the uploaded files.
If the filespool listing have not the rights for wwwrun.tomcat then execute the following:
chown wwwrun.tomcat /data/ox/var/filespool -R
chmod g+w /data/ox/var/filespool -R
Copy the start-script (openexchange) in the system-folder (etc/init.d/) and merge the programs into the starting process:
cp -a /data/ox/etc/init.d/openexchange /etc/init.d/
chkconfig apache2 on
chkconfig tomcat5 on
chkconfig ldap on
chkconfig postgresql on
chkconfig openexchange on
Tomcat
cd /srv/www/tomcat5/base/
mkdir -p webapps/servlet/WEB-INF/lib
mkdir -p webapps/servlet/WEB-INF/classes
cd /data/ox
cp share/servlets/*.class /srv/www/tomcat5/base/webapps/servlet/WEB-INF/classes/
cp lib/* /srv/www/tomcat5/base/webapps/servlet/WEB-INF/lib/
From the sources_OX-folder/system/servlet the web.xml copy to
/srv/www/tomcat5/base/webapps/servlet/WEB-INF/
cp /usr/share/doc/packages/mod_jk-ap20/workers.properties /etc/tomcat5/base/
Edit the file for your settings or use the example file workers.properties . workers.properties
Edit /etc/tomcat5/base/tomcat-users.xml and set: 'user username="Your Admin-user" password="Your password" roles="manager,admin" '
Tomcat must be started again: rctomcat5 restart
Call up now with a Browser
http://ox-server.de:8080/manager/html/
and upload ('deploy') the files 'umin.war' and 'servlet.war' (from the directory of OX under lib).
After a Login page (see for the login-values the tomcat-user.xml), You can see in the browser the 'Application Manager' and there now should appear servlet "/umin" and "/servlet".
This procedure can naturally also via simple copy the files to take place,however thus to have we become acquainted Tomcat a little...;-))!
A description for a secure connection from Tomcat and 'Autodeploy' will comes in a following HowTo :-) That's will be funny..isn't it ;-)
Under /srv/www/tomcat5/base/webapps/servlet/WEB-INF/lib/ the following files must be there:
activation.jar, comfiretools.jar, intranet.jar, jdom.jar, mail.jar, nas.jar, postgresql.jar and webdav.jar
and all files must have the rights of Tomcat and the postgresql.jar must have following rights(rw-r--r--):
chown tomcat.tomcat /srv/www/tomcat5/base/webapps/servlet/WEB-INF/ -R
Restart of Tomcat:
rctomcat5 restart
cd /srv/www/tomcat5/base/
mkdir -p webapps/servlet/WEB-INF/lib
mkdir -p webapps/servlet/WEB-INF/classes
cd /data/ox
cp share/servlets/*.class /srv/www/tomcat5/base/webapps/servlet/WEB-INF/classes/
cp lib/* /srv/www/tomcat5/base/webapps/servlet/WEB-INF/lib/
From the sources_OX-folder/system/servlet the web.xml copy to
/srv/www/tomcat5/base/webapps/servlet/WEB-INF/
cp /usr/share/doc/packages/mod_jk-ap20/workers.properties /etc/tomcat5/base/
Edit the file for your settings or use the example file workers.properties . workers.properties
Edit /etc/tomcat5/base/tomcat-users.xml and set: 'user username="Your Admin-user" password="Your password" roles="manager,admin" '
Tomcat must be started again: rctomcat5 restart
Call up now with a Browser
http://ox-server.de:8080/manager/html/
and upload ('deploy') the files 'umin.war' and 'servlet.war' (from the directory of OX under lib).
After a Login page (see for the login-values the tomcat-user.xml), You can see in the browser the 'Application Manager' and there now should appear servlet "/umin" and "/servlet".
This procedure can naturally also via simple copy the files to take place,however thus to have we become acquainted Tomcat a little...;-))!
A description for a secure connection from Tomcat and 'Autodeploy' will comes in a following HowTo :-) That's will be funny..isn't it ;-)
Under /srv/www/tomcat5/base/webapps/servlet/WEB-INF/lib/ the following files must be there:
activation.jar, comfiretools.jar, intranet.jar, jdom.jar, mail.jar, nas.jar, postgresql.jar and webdav.jar
and all files must have the rights of Tomcat and the postgresql.jar must have following rights(rw-r--r--):
chown tomcat.tomcat /srv/www/tomcat5/base/webapps/servlet/WEB-INF/ -R
Restart of Tomcat:
rctomcat5 restart
Configuration Apache
Edit /etc/sysconfig/apache2 and change the lines:
APACHE_SERVERADMIN="webmaster@ox-server.de"
APACHE_SERVERNAME="ox-server.de"
At the end of the line of APACHE_MODULES set: jk .
APACHE_MODULES="access actions .... jk"
Edit /etc/apache2/mod_mime-defaults.conf and change and/or add the line:
AddDefaultCharset UTF-8
Execute:
SuSEconfig
Provide under /etc/apache2/conf.d/ the file jk.conf. jk.conf.
Edit /etc/hosts and add IP and Domainnamen
192.168.1.121 ox-server. de ox-server
Edit /etc/sysconfig/apache2 and change the lines:
APACHE_SERVERADMIN="webmaster@ox-server.de"
APACHE_SERVERNAME="ox-server.de"
At the end of the line of APACHE_MODULES set: jk .
APACHE_MODULES="access actions .... jk"
Edit /etc/apache2/mod_mime-defaults.conf and change and/or add the line:
AddDefaultCharset UTF-8
Execute:
SuSEconfig
Provide under /etc/apache2/conf.d/ the file jk.conf. jk.conf.
Edit /etc/hosts and add IP and Domainnamen
192.168.1.121 ox-server. de ox-server
OX-User
cd /data/ox/sbin
./adduser_ox --username=mmustermann \
--passwd=maxmuste \
--name=Max \
--sname=Mustermann \
--maildomain=ox-server.de
--ox_timezone=Europe/Berlin
--inetmail=TRUE
--write_global_address=TRUE
And:
./addgroup_ox --group=[Your group]
./addusertogroup_ox --user=[Your user] --group=[Your group]
Thus OX knows which IMAP server it for the user to access:
./changeuserattr_ox --username=mmustermann --attrib=imapServer --value=imap.ox-server.de
If You don't do this..You will not have a popup-windows for new incoming emails..;-)
cd /data/ox/sbin
./adduser_ox --username=mmustermann \
--passwd=maxmuste \
--name=Max \
--sname=Mustermann \
--maildomain=ox-server.de
--ox_timezone=Europe/Berlin
--inetmail=TRUE
--write_global_address=TRUE
And:
./addgroup_ox --group=[Your group]
./addusertogroup_ox --user=[Your user] --group=[Your group]
Thus OX knows which IMAP server it for the user to access:
./changeuserattr_ox --username=mmustermann --attrib=imapServer --value=imap.ox-server.de
If You don't do this..You will not have a popup-windows for new incoming emails..;-)
Start
rcldap restart
rcpostgresql restart
rcapache2 restart
rctomcat5 restart
/etc/init.d/openexchange start
Login:
http://ox-server.de/cgi-bin/login.pl
rcldap restart
rcpostgresql restart
rcapache2 restart
rctomcat5 restart
/etc/init.d/openexchange start
Login:
http://ox-server.de/cgi-bin/login.pl
Tipps and Tricks:
Icons: Nice Icons You can find here: OX Crystal Icons and here: OX Zenith Icons
Installation:
tar -xvzf ox_zenith_iconset-0.1.tar.gz
cd ox_zenith_iconset/
cp -a top/* /srv/www/htdocs/cfintranet/images/top/EN/
cp -a top/* /srv/www/htdocs/cfintranet/images/top/DE/
Password: If the users are not to be allowed to change the password (because e.g. this must be used for the IMAP server), then in acl_ox.conf to add.
access to attr=userPassword
by dn="uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de" write
by anonymous auth
by * none
LDAP troubleshooting: If the installation of OX in first time does not work because e.g. different LDAP of entries in different files was located recommends:
rcldap stop
/etc/init.d/openexchange stop
everything below /var/lib/ldap delete naturally only if not still different data LDAP data are stored here!!!)(
rcldap start
Then again the LDAP data initializes with: slapadd -l /data/ox/share/init_ldap.ldif
and
rcldap restart
/etc/init.d/openexchange start
.
imap A login problem to the IMAP-server can come also from the value "mail.smtp.auth=true" into /data/ox/etc/webmail/webmail.properties. For your IMAP-configuration: You can comment- or uncomment this value and execute /etc/init.d/webmail restart.
Create automatically IMAP folders:
If You want to create automatically IMAP folders,edit PREFIX/etc/webmail/webmail.properties:
The default in OX for that feature is user.default.folder.autocreate = false
Change it to: user.default.folder.autocreate = true
Hide the internal system user:BIG BROTHER CAN'T WATCHING YOU
You don't want to show the internal system user :-):
Execute:psql -U openexchange openexchange
Execute a sql-statement:
sql-statement:SELECT fname FROM oxfolder_tree;
Now,You can see the value: system_ldap
BUT YOU MUST REMEMBER THE VALUES of the row BEFORE YOU DELETE THEM! WRITE IT ON A PAPER ;-)..maybe You need it later..
Delete the row of fname(system_folder):
DELETE FROM fname WHERE.....
Alternative email-address:
Execute the script:./addusersql_ox --username=[Your user] --lang=[Your language e.g. DE]...
Default Login language:
If You want to change the default language in the Login-windows,go into the folder:/srv/www/cgi-bin/login.pm
Edit the line 172 and set:
my $default_lang = 'DE'
Create new external moduls:here a google-search You can create some 'own' moduls and implement them in OX:
Create a folder called 'external' in /data/ox/.Then write in a txt-file:e.g. my_modul.txt
In my_modul.txt there is following code for your modul in OX:this will create a 'google'-buttom and a search-field
<form action="http://www.google.de/search" name=f target="inMain">
<input type=hidden name=hl value=en>
<input type=hidden name=ie value="UTF-8">
<table style="padding:5">
<tr>
<td><input maxLength=256 size=20 name=q style="border: 1px #A8B1C4 solid;"></td>
</tr>
<td>>input type=submit value="Google-Search" name=btnG style="color:#415582; font-weight: bold; border:1px #A8B1C4 slid; background-color:#d3d8e1"></td>
</tr>
<tr>
<td><small>Space for your slogan :-)</small></td/
</tr>
</table>
</form>
And now in /data/etc/groupware/external.conf set the following values:
# You can add new areas to the left/right frame which
# will be displayed under the existing entries
<externalElement>
<element status="open"/>
<element title="SEARCH INTERNET" language="DE"/>
<element title="Search" language="EN"/>
<content src="/opt/ox/external/my_content.txt"/>
6lt;/externalElement>
Icons: Nice Icons You can find here: OX Crystal Icons and here: OX Zenith Icons
Installation:
tar -xvzf ox_zenith_iconset-0.1.tar.gz
cd ox_zenith_iconset/
cp -a top/* /srv/www/htdocs/cfintranet/images/top/EN/
cp -a top/* /srv/www/htdocs/cfintranet/images/top/DE/
Password: If the users are not to be allowed to change the password (because e.g. this must be used for the IMAP server), then in acl_ox.conf to add.
access to attr=userPassword
by dn="uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de" write
by anonymous auth
by * none
LDAP troubleshooting: If the installation of OX in first time does not work because e.g. different LDAP of entries in different files was located recommends:
rcldap stop
/etc/init.d/openexchange stop
everything below /var/lib/ldap delete naturally only if not still different data LDAP data are stored here!!!)(
rcldap start
Then again the LDAP data initializes with: slapadd -l /data/ox/share/init_ldap.ldif
and
rcldap restart
/etc/init.d/openexchange start
.
imap A login problem to the IMAP-server can come also from the value "mail.smtp.auth=true" into /data/ox/etc/webmail/webmail.properties. For your IMAP-configuration: You can comment- or uncomment this value and execute /etc/init.d/webmail restart.
Create automatically IMAP folders:
If You want to create automatically IMAP folders,edit PREFIX/etc/webmail/webmail.properties:
The default in OX for that feature is user.default.folder.autocreate = false
Change it to: user.default.folder.autocreate = true
Hide the internal system user:BIG BROTHER CAN'T WATCHING YOU
You don't want to show the internal system user :-):
Execute:psql -U openexchange openexchange
Execute a sql-statement:
sql-statement:SELECT fname FROM oxfolder_tree;
Now,You can see the value: system_ldap
BUT YOU MUST REMEMBER THE VALUES of the row BEFORE YOU DELETE THEM! WRITE IT ON A PAPER ;-)..maybe You need it later..
Delete the row of fname(system_folder):
DELETE FROM fname WHERE.....
Alternative email-address:
- Connect to LDAP
- dc=...,dc=...
- ou=OxObjects
- ou=Users
- uid=[Your user]
- «Add attrbute» create the value 'alias' ('alias'-fields are not limited)
- [Your alternativ email-address]
ou=OxObjects:
ou=Users uid=[Your user]:
Add attrbute:
And now,in the webmail-module,You can change between this 'alias' and your old email-address ;-)
Execute the script:./addusersql_ox --username=[Your user] --lang=[Your language e.g. DE]...
Default Login language:
If You want to change the default language in the Login-windows,go into the folder:/srv/www/cgi-bin/login.pm
Edit the line 172 and set:
my $default_lang = 'DE'
Create new external moduls:here a google-search You can create some 'own' moduls and implement them in OX:
Create a folder called 'external' in /data/ox/.Then write in a txt-file:e.g. my_modul.txt
In my_modul.txt there is following code for your modul in OX:this will create a 'google'-buttom and a search-field
<form action="http://www.google.de/search" name=f target="inMain">
<input type=hidden name=hl value=en>
<input type=hidden name=ie value="UTF-8">
<table style="padding:5">
<tr>
<td><input maxLength=256 size=20 name=q style="border: 1px #A8B1C4 solid;"></td>
</tr>
<td>>input type=submit value="Google-Search" name=btnG style="color:#415582; font-weight: bold; border:1px #A8B1C4 slid; background-color:#d3d8e1"></td>
</tr>
<tr>
<td><small>Space for your slogan :-)</small></td/
</tr>
</table>
</form>
And now in /data/etc/groupware/external.conf set the following values:
# You can add new areas to the left/right frame which
# will be displayed under the existing entries
<externalElement>
<element status="open"/>
<element title="SEARCH INTERNET" language="DE"/>
<element title="Search" language="EN"/>
<content src="/opt/ox/external/my_content.txt"/>
6lt;/externalElement>
WebDAV:
Documents:
in the Konqueror either
http://testuser@ox-server.de/servlet/webdav.documents
or better:
webdav://testuser@ox-server.de/servlet/webdav.documents
in the M$-Explorer as new Web-folder
http://ox-server.de/servlet/webdav.documents
Calendar:
In 'Kontact' as calendar:
Select as source: "calendar in file on foreign computers" select.
in 'download from' und 'upload to' set:
webdav://ox-server.de/servlet/webdav.ical
or http://ox-server.de/servlet/webdav.ical
Note: Since OX the calendar dates in the GMT time belt stores must in Kontact the time belt accordingly is unfortunately adapted, so that the times are correct!
In other calendar programs also merge this line:
http://ox-server.de/servlet/webdav.ical
Documents:
in the Konqueror either
http://testuser@ox-server.de/servlet/webdav.documents
or better:
webdav://testuser@ox-server.de/servlet/webdav.documents
in the M$-Explorer as new Web-folder
http://ox-server.de/servlet/webdav.documents
Calendar:
In 'Kontact' as calendar:
Select as source: "calendar in file on foreign computers" select.
in 'download from' und 'upload to' set:
webdav://ox-server.de/servlet/webdav.ical
or http://ox-server.de/servlet/webdav.ical
Note: Since OX the calendar dates in the GMT time belt stores must in Kontact the time belt accordingly is unfortunately adapted, so that the times are correct!
In other calendar programs also merge this line:
http://ox-server.de/servlet/webdav.ical
Adressbook:
Reading accesses to the personal directory:
Enter the line of the kind in the Konqueror:
ldap://uid=mmustermann,ou=Users,ou=OxObjects,dc=ox-server,
dc=de@192.168.1.121:389uid=mmustermann,ou=Users,
ou=OxObjects,dc=ox-server,dc=de?l,cn,description,
facsimileTelephoneNumber,sn,displayName,givenName,jpegPhoto,
mail,mobile,o,pager,homePhone,postalCode,st,street,telephoneNumber,title,
uid?sub?(objectclass=inetorgperson)?x-dir=base,x-ver=3
After a password inquiry the queried LDAP entries should appear.
Under KDE 3.4 and Kontact selects 'LDAP under contacts as new source'.
Set your setting like in the screen-shot
User: uid=mmustermann,ou=Users,ou=OxObjects,dc=ox-server,dc=de
DN: ou=addr,uid=mmustermann,ou=Users,ou=OxObjects,dc=ox-server,dc=de
The name 'ldapkio', change in ' OX-Adressbook'.
The password is the LDAP password for mmustermann.
Reading access to the global adressbook:
The same attitudes as however for the personal adressbook but:
DN: o=AddressBook,ou=OxObjects,dc=ox-server,dc=de
Stuff for OX:
phpLADPadmin:
You can find the download site here: phpLDAPadmin
Installation:Follow the ReadMe-file or here a 'quick' and 'dirty' way
The packet php4-ldap must be there..
Look in /etc/sysconfig/apache2..in the file apache2 there is line: APACHE_MODULES="access...php4..."
You must set in this line:php4
phpLDAPAdmin:Edit the config.php
$servers[$i]['name'] = 'Your name for LDAP-Server';
$servers[$i]['host'] = 'localhost';
$servers[$i]['base'] = 'dc=[Your value],dc=[Your value]';
$servers[$i]['port'] = 389;
$servers[$i]['auth_type'] = 'session';
$servers[$i]['login_dn'] = 'uid=Mailadmin,dc=[Your value],dc=[Your value]';
$servers[$i]['login_pass'] = 'Your passwd';
LDAP Browser Softerra:
English/german-version (only for browsing!!): LDAP Browser Softerra
Edit: /etc/init.d/ldap:
Restart the LDAP server
LDAP Browser java-based:
English version:LDAP Browser Java-based or LDAP Browser jxplorer (english/german)
Reading accesses to the personal directory:
Enter the line of the kind in the Konqueror:
ldap://uid=mmustermann,ou=Users,ou=OxObjects,dc=ox-server,
dc=de@192.168.1.121:389uid=mmustermann,ou=Users,
ou=OxObjects,dc=ox-server,dc=de?l,cn,description,
facsimileTelephoneNumber,sn,displayName,givenName,jpegPhoto,
mail,mobile,o,pager,homePhone,postalCode,st,street,telephoneNumber,title,
uid?sub?(objectclass=inetorgperson)?x-dir=base,x-ver=3
After a password inquiry the queried LDAP entries should appear.
Under KDE 3.4 and Kontact selects 'LDAP under contacts as new source'.
Set your setting like in the screen-shot
User: uid=mmustermann,ou=Users,ou=OxObjects,dc=ox-server,dc=de
DN: ou=addr,uid=mmustermann,ou=Users,ou=OxObjects,dc=ox-server,dc=de
The name 'ldapkio', change in ' OX-Adressbook'.
The password is the LDAP password for mmustermann.
Reading access to the global adressbook:
The same attitudes as however for the personal adressbook but:
DN: o=AddressBook,ou=OxObjects,dc=ox-server,dc=de
Stuff for OX:
phpLADPadmin:
You can find the download site here: phpLDAPadmin
Installation:Follow the ReadMe-file or here a 'quick' and 'dirty' way
The packet php4-ldap must be there..
Look in /etc/sysconfig/apache2..in the file apache2 there is line: APACHE_MODULES="access...php4..."
You must set in this line:php4
phpLDAPAdmin:Edit the config.php
$servers[$i]['name'] = 'Your name for LDAP-Server';
$servers[$i]['host'] = 'localhost';
$servers[$i]['base'] = 'dc=[Your value],dc=[Your value]';
$servers[$i]['port'] = 389;
$servers[$i]['auth_type'] = 'session';
$servers[$i]['login_dn'] = 'uid=Mailadmin,dc=[Your value],dc=[Your value]';
$servers[$i]['login_pass'] = 'Your passwd';
LDAP Browser Softerra:
English/german-version (only for browsing!!): LDAP Browser Softerra
Edit: /etc/init.d/ldap:
.....
SLAPD_URLS="ldap://[Your IP-Address]/ ldap://127.0.0.1/"
.....
Restart the LDAP server
LDAP Browser java-based:
English version:LDAP Browser Java-based or LDAP Browser jxplorer (english/german)
Suggestions, references, etc. ask on: ox at ox-server. de
As soon as possible,we will create an 'Addon' here for:
Any suggestions are 'welcome' :-)
As soon as possible,we will create an 'Addon' here for:
- Tomcat over secure connection
- Autodeploy for *.war files
- Websieve integrated modul in OX and Websieve over the web (for a stable version of OX)
- Admintools for creating the users: Imap/Cyrus and OX as integrated modul for OX (for a stable version of OX)... but only when we have the time for it...
- HowTo for SeLinux on SLES 9 :-)
Any suggestions are 'welcome' :-)
Example-files
Contents of: /etc/apache2/conf.d/jk.conf
<IfModule mod_jk.c>
JkWorkersFile /etc/tomcat/base/workers.properties
JkLogFile /var/log/apache2/mod_jk.log
# Log level to be used by mod_jk
JkLogLevel warn
# webdav
JkMount /servlet/* ajp13
JkMount /servlet/webdav.contacts/* ajp13
JkMount /umin/* ajp13
JkMount /servlet/webdav.documents/* ajp13
# The following line makes apache aware of the location of
# the /servlet
Alias /servlet "/srv/www/tomcat/base/webapps/servlet"
Alias /webdav.documents "/srv/www/tomcat/base/webapps/servlet"
<Directory "/srv/www/tomcat/base/webapps/servlet">
Options Indexes FollowSymLinks
allow from all
</Directory>
#<Directory "/srv/www/tomcat/base/webapps/servlets-examples">
# Options Indexes FollowSymLinks
# allow from all
#</Directory>
# The following line prohibits users from directly accessing WEB-INF
<Location "/servlet/WEB-INF/">
AllowOverride None
deny from all
</Location>
</IfModule>
Contents of: /etc/tomcat/base/workers.properties
workers.tomcat_home=/usr/share/tomcat
#
# workers.java_home should point to your Java installation. Normally
# you should have a bin and lib directories beneath it.
#
workers.java_home=/usr/lib/java
[uri:/servlet/*]
worker=ajp13:localhost:8009
[uri:/servlet/webdav.contacts/*]
worker=ajp13:localhost:8009
[uri:/umin/*]
worker=ajp13:localhost:8009
#
# You should configure your environment slash... ps=\ on NT and / on UNIX
# and maybe something different elsewhere.
#
ps=/
#
#------ DEFAULT worket list ------------------------------------------
#---------------------------------------------------------------------
#
#
# The workers that your plugins should create and work with
#
# Add 'inprocess' if you want JNI connector
worker.list=ajp12, ajp13
# , inprocess
#
#------ DEFAULT ajp12 WORKER DEFINITION ------------------------------
#---------------------------------------------------------------------
#
#
# Defining a worker named ajp12 and of type ajp12
# Note that the name and the type do not have to match.
#
worker.ajp12.port=8007
worker.ajp12.host=localhost
worker.ajp12.type=ajp12
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
# ----> lbfactor must be > 0
# ----> Low lbfactor means less work done by the worker.
worker.ajp12.lbfactor=1
#
#------ DEFAULT ajp13 WORKER DEFINITION ------------------------------
#---------------------------------------------------------------------
#
#
# Defining a worker named ajp13 and of type ajp13
# Note that the name and the type do not have to match.
#
worker.ajp13.port=8009
worker.ajp13.host=localhost
worker.ajp13.type=ajp13
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
# ----> lbfactor must be > 0
# ----> Low lbfactor means less work done by the worker.
worker.ajp13.lbfactor=1
#
# Specify the size of the open connection cache.
#worker.ajp13.cachesize
#
#------ DEFAULT LOAD BALANCER WORKER DEFINITION ----------------------
#---------------------------------------------------------------------
#
#
# The loadbalancer (type lb) workers perform wighted round-robin
# load balancing with sticky sessions.
# Note:
# ----> If a worker dies, the load balancer will check its state
# once in a while. Until then all work is redirected to peer
# workers.
worker.loadbalancer.type=lb
worker.loadbalancer.balanced_workers=ajp12, ajp13
#
#------ DEFAULT JNI WORKER DEFINITION---------------------------------
#---------------------------------------------------------------------
#
#
# Defining a worker named inprocess and of type jni
# Note that the name and the type do not have to match.
#
worker.inprocess.type=jni
#
#------ CLASSPATH DEFINITION -----------------------------------------
#---------------------------------------------------------------------
#
#
# Additional class path components.
#
worker.inprocess.class_path=$(workers.tomcat_home)$(ps)lib$(ps)tomcat.jar
#
# Setting the command line for tomcat.
# Note: The cmd_line string may not contain spaces.
#
worker.inprocess.cmd_line=start
# Not needed, but can be customized.
#worker.inprocess.cmd_line=-config
#worker.inprocess.cmd_line=$(workers.tomcat_home)$(ps)conf$(ps)server.xml
#worker.inprocess.cmd_line=-home
#worker.inprocess.cmd_line=$(workers.tomcat_home)
#
# And this is for jdk1.1.X
#
#worker.inprocess.jvm_lib=$(workers.java_home)$(ps)bin$(ps)javai.dll
#
# Setting the place for the stdout and stderr of tomcat
#
worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout
worker.inprocess.stderr=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stderr
Contents of: /etc/openldap/ldap.conf
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
BASE dc=ox-server,dc=de
HOST 192.168.1.121
TLS_REQCERT allow
Contents of: /etc/openldap/sldap.conf for SLES9
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/inetorgperson.schema
#include /etc/openldap/schema/rfc2307bis.schema
include /etc/openldap/schema/openxchange.schema
include /etc/openldap/schema/yast.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have working directory
# service AND an understanding of referrals
#referrals ldap://root.openldap.org
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
# Load dynamic backend modules:
modulepath /usr/lib/openldap/modules
# moduleload back_ldap.la
# moduleload back_meta.la
# moduleload back_monitor.la
# moduleload back_perl.la
#Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple_bind=64
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# ROOT DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DESs:
# Allow self write access to user password
# Allow anoymous users to authenticate
# Allow read access to implement policy:
# access to dn.base=""
# by * read
# access to dn.base="cn=subschema"
# by * read
# access to attr=userPassword,userPKCS12
# by self write
# by * auth
# access to attr=shadowLastChange
# by self write
# by * read
# access to *
# by * read
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
#######################################################################
# bdb database definitions
#######################################################################
# allow bind_v2
loglevel 5
TLSCertificateFile /etc/ssl/servercerts/servercert.perm
TLSCertificatePath /etc/ssl/certs
TLSCertificateFile /etc/ssl/servercerts/serverkey.pem
database bdb
checkpoint 1024 5
cachesize 10000
suffix "dc=ox-server,dc=de"
"uid=mailadmin,dc=ox-server,dc=de"rootdn
rootpw "YOURPASSWORD"
directory /var/lib/ldap
index objectClass,uidNumber,gidNumber eq
index member,mail eq,pres
index cn,displayname,uid,sn,givenname sub,pres
index uid,mailEnabled,cn,sn,givenname,InetMailAccess,alias,loginDestination eq,sub
index objectClass eq
index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub
include /etc/openldap/acl_ox.conf
Contents of: /etc/openldap/acl_ox.conf
access to dn.base="" by * read
access to dn.base="cn=Subschema" by * read
# protect the userPassword attribute
access to attr=userPassword
by self =w
by anonymous auth
# global address book
access to dn.subtree="o=AddressBook,ou=OxObjects,dc=ox-server,dc=de"
by group.exact="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=ox-server,dc=de" write
by users read
# personal address book
access to dn.regex="^ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,dc=ox-server,dc=de)$" attrs=children
by dn.exact,expand="$1" write
access to dn.regex="^uid=([^,]+),ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,dc=ox-server,dc=de)$" attrs=entry
by dn.exact,expand="$2" write
# default rule allowing users full access to their own entries
access to *
by self write
by users read
Contents of: /etc/hosts You have to deactivate ALL IPV6 VALUES
127.0.0.1 localhost
192.168.1.121 ox-server.de ox-server
Contents of: /data/ox/etc/admintools.conf
#!/bin/sh
#
# (c) 2004-2100 ;)
# Author: cutmasta AT netline-is D0T de
#
# OX-SCRIPTS - CONFIGURATION PARAMETER :)
#
############## GENERAL CONFIG STUFF ###############
# Your Company Name
# To which Organisation new User belong!
ORGA="OX Server"
# OXBASE
OXBASE=`grep -v '^#' /data/ox/etc/groupware/ldap.conf | grep -i BASE | head -n 1 | awk {'print $2'}`
# LDAP Server
LDAPHOST=`grep -v '^#' /data/ox/etc/groupware/ldap.conf | grep -i HOST | head -n 1 | awk {'print $2'}`
# LDAP Admin
BINDDN="uid=mailadmin,dc=ox-server,dc=de"
# LDAP Admin Passwd
BINDPW="YOURPASSWORD"
# OX LDAP Leaf, where is the "OxObjects" leaf?
OX_LEAF="ou=OxObjects,$OXBASE"
# Default Language
DEFAULT_PREF_LANG="EN"
# Default mail is enabled
DEFAULT_MAIL_ENAB="OK"
# Default the user can send mail to the internet
DEFAULT_INET_MAIL="TRUE"
# Default days of displaying appointments
DEFAULT_OX_APP_DAYS=5
# Default days of displaying tasks
DEFAULT_OX_TASK_DAYS=5
# default the user can write in the global adressbook
DEFAULT_WRITE_GLOBAL_ADDR="TRUE"
# The used Tools - should work on most Systems!
LDAPADD_BIN="ldapadd"
LDAPDELETE_BIN="ldapdelete"
LDAPMODIFY_BIN="ldapmodify"
LDAPSEARCH_BIN="ldapsearch"
GREP_BIN="grep"
SED_BIN="sed"
EXPR_BIN="expr"
SORT_BIN="sort"
HEAD_BIN="head"
TAIL_BIN="tail"
AWK_BIN="awk"
SQL_BIN="psql"
##################################################
#################### SQL Stuff #####################
DEFAULT_SQL_HOST="localhost"
DEFAULT_SQL_DB="openexchange"
DEFAULT_SQL_USER="openexchange"
DEFAULT_SQL_PASS="YOURPASSWORD"
# Default Table where we store the Rights
RIGHTS_TABLE="usr_general_rights"
# Default Template Table where the template is stored!
TEMPLATE_TABLE="sys_gen_rights_template"
# Default Template for creating Users.
# Must exist in the DB
DEFAULT_TEMPLATE_NAME="default_template"
####################################################
####################### LDAP #######################
# Where are the OX Users
USER_BASEDN="ou=Users,$OX_LEAF"
# Where are the OX Groups
GROUP_BASEDN="ou=Groups,$OX_LEAF"
# Where are the OX Resources
RESOURCES_BASEDN="ou=Resources,ou=ResourceObjects,$OX_LEAF"
# Where are the OX Resource Groups
RESOURCE_GROUPS_BASEDN="ou=ResourceGroups,ou=ResourceObjects,$OX_LEAF"
# Where is the Global Adressbook
GLOBAL_ADDRESSBOOKDN="o=AddressBook,$OX_LEAF"
# where are the adressbook admins
GLOBAL_ADDRESSBOOK_ADMINSDN="cn=AddressAdmins,$GLOBAL_ADDRESSBOOKDN"
# TEMPORARY FILE
TMPDIF="/data/ox/var/temporary_ldap_scripts.ldif"
####################################################
####################################################
HOME_DIR="/home/"
DEFAULT_USR_SHELL="/bin/bash"
SHADOW_EXPIRE=0
SHADOW_MIN=0
SHADOW_MAX=9999
SHADOW_WARN=7
STD_GID=500
MIN_UID=501
MIN_GID=500
####################################################
Contents of: /data/ox/share/init_ldap.ldif
dn: dc=ox-server,dc=de
objectClass: dcObject
objectClass: organization
dc: ox-server
o: OX Servers
dn: ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: OxObjects
dn: ou=Users,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: Users
dn: ou=Groups,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: Groups
dn: ou=ResourceObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: ResourceObjects
dn: ou=ResourceGroups,ou=ResourceObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: ResourceGroups
dn: ou=Resources,ou=ResourceObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: Resources
dn: ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: AdminObjects
dn: ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: SMTPObjects
dn: ou=DNSObjects,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: DNSObjects
dn: o=AddressBook,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organization
o: AddressBook
dn: cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: groupOfNames
cn: AddressAdmins
member: uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de
dn: cn=users,ou=Groups,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: posixGroup
cn: users
userPassword: YOURPASSWORD
gidNumber: 500
dn: cn=OXSMTPAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: groupOfNames
member: uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de
cn: OXSMTPAdmins
dn: cn=OXUserAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: groupOfNames
member: uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de
cn: OXUserAdmins
dn: cn=OXGroupAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: groupOfNames
cn: OXGroupAdmins
member: uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de
dn: cn=OXDNSAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: groupOfNames
cn: OXDNSAdmins
member: uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de
dn: cn=OXResourceAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: groupOfNames
cn: OXResourceAdmins
member: uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de
dn: cn=OXIMAPAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: groupOfNames
member: uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de
cn: OXIMAPAdmins
dn: ou=Administration,ou=Groups,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: Administration
dn: uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: shadowAccount
objectClass: posixAccount
objectClass: person
objectClass: inetOrgPerson
objectClass: OXUserObject
OpenLDAPaci: 1#entry#grant;r,w,s,c;cn,initials,mail,title,ou,l,birthday,description,street,postalcode,st,c,oxtime
zone,homephone,mobile,pager,facsimiletelephonenumber,telephonenumber,labeleduri,jpegphoto,loginDestination,sn,giv
enname,;r,s,c;[all]#self#
uidNumber: 501
homeDirectory: /home/mailadmin/
loginShell: /bin/bash
mailEnabled: OK
gidNumber: 500
mailDomain: ox-server.de
ou: Administration
uid: mailadmin
sn: Admin
preferredLanguage: DE
mail: mailadmin@ox-server.de
o: Example Organization
smtpServer: localhost
imapServer: localhost
alias: postmaster@ox-server.de
alias: root@ox-server.de
givenName: Admin
cn: Admin Admin
shadowMin: 0
shadowMax: 9999
shadowWarning: 7
shadowExpire: 0
userPassword: YOURPASSWORD
OXAppointmentDays: 5
OXGroupID: 500
OXTaskDays: 5
OXTimeZone: Europe/Berlin
dn: ou=addr,uid=mailadmin,ou=Users,ou=OxObjects,dc=ox-server,dc=de
ou: addr
objectClass: top
objectClass: organizationalUnit
dn: ou=MailTransports,ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: MailTransports
dn: smtpDomain=ox-server.de,ou=MailTransports,ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
smtpDomainTransportNexthop: smtp:192.168.32.134
smtpDomain: ox-server.de
objectClass: top
objectClass: OXMailTransportObject
cn: example transport map entry
dn: ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: AvailableServers
description: List of available Servers for OX
dn: ou=directoryServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: directoryServer
dn: ou=webmailServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: webmailServer
dn: ou=smtpServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: smtpServer
dn: ou=SharedFolder,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: SharedFolder
dn: ou=imapServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: imapServer
dn: domainName=ox-server.de,ou=DNSObjects,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: OXVDomainObject
MTALocaldomain: TRUE
domainName: ox-server.de
dn: ou=groupwareServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=ox-server,dc=de
objectClass: top
objectClass: organizationalUnit
ou: groupwareServer
Contents of: /etc/init.d/ldap For access to your LDAP server
....
SLAPD_URLS="ldap://[Your IP-Address]/ ldap://127.0.0.1/"
....