PJ Velzeboer | 20 Dec 21:20 2014

Round Cube Mail - Request Check Failed

Hi all,

I’ve just upgraded from 3.1 to 3.3 on CentOS 6.5. Loving the Notes functionality over active-sync!

However when it came to round cube i had to disable the refer_check and use_secure_urls for it to allow me to logon.

I suspect that my apache config may be at fault, but has anyone had any experience with these options and willing to point me in the right direction?

Cheers PJ


_______________________________________________
users mailing list
users <at> lists.kolab.org
https://lists.kolab.org/mailman/listinfo/users
Sergio Talens-Oliag | 17 Dec 19:03 2014
Picon

Global addressbook access

Hello all,

I'm testing a kolab installation on a debian wheezy machine to integrate on our
current infrastructure (we are using nginx, dovecot, postfix, openldap and
dspam).

I have almost all what I want working (I'm not using the kolab-webadmin and
right now I haven't tried to make chwala work, as we don't want to use it) but I
have some doubts that maybe someone can answer me, so my plan is to ask on this
list and share my findings once I have my system working.

Now, my first question, ¿is it possible to share the Global Address Book (the
LDAP based one) through CardDAV and ActiveSync as a standard readonly
addressbook? Our user database is not big and it would be nice to be able to
share the addressbook as a standard one, but it looks that I can't do it right
now.

As far as I've seen iRony allows sharing the GlobalAddress Book using the
CardDAV Directory Gateway Extension, but I've tried to use it from an Android
Client (CardDAV-Sync) and I can't access it (probably it does not implement the
Directory Gateway Extension) , but looking at the code it looks that instead of
the current LDAPDirectory we could provide a LDAPContactsBackend that provides
the required functions to make LDAP behave like a readonly IMAP based address
boot... does it make sense? am I missing something?

At the same time it seems that there is no way to see the LDAP address book from
ActiveSync (I haven't looked at syncotron code, but the roundcube interface to
expose adressbooks only allows me to share IMAP based ones); to solve that
problem and the CardDAV one at the same time I've been thinking about the
possibility of *dumping* the LDAP Global Address book to a shared calendar
automatically (i.e. using the iRony code as a base I could dump the LDAP address
book and syncronize it to an IMAP based Address book that I can share with all
my users)... ¿has anyone done something like that? ¿would it make sense to you?

Thanks in advance for your answers,

  Sergio.

--

-- 
Sergio Talens-Oliag <sto <at> iti.es>               <http://www.iti.es/>
Key fingerprint = FF77 A16B 9D09 FC7B 6656 CFAD 261D E19A 578A 36F2
_______________________________________________
users mailing list
users <at> lists.kolab.org
https://lists.kolab.org/mailman/listinfo/users
Jan Kowalsky | 17 Dec 16:31 2014
Picon

chwala configuration - imapd on different host

Hi all,

I try to configure an roundcube instance which runs on an separate host.
While everything works chwala doesn't.

This is my kolab_files.inc.php:

<?php

// URL of kolab-chwala installation
$config['kolab_files_url'] = 'https://' . $_SERVER['HTTP_HOST'] .
'/chwala/';

// List of files list columns. Available are: name, size, mtime, type
$config['kolab_files_list_cols'] = array('name', 'mtime', 'size');

// Name of the column to sort files list by
$config['kolab_files_sort_col'] = 'name';

// Order of the files list sort
$config['kolab_files_sort_order'] = 'asc';

?>

Do I have to configure something special to get this working?
I can't find anything in the roundcube error log or console.

Thanks
Best Regards
Jan
Matt . | 15 Dec 17:51 2014
Picon

Auth only against exising ldap server

Hi All,

After some investigation it seems that running kolab on it's own ldap
server might be the best idea so far but with the capability to auth
against an existing ldap server.

Is this possible for now to do and how can we accomplish that ?

Cheers,

Matt
Matthias Albrecht | 14 Dec 22:34 2014

)

Jan,
everyone,

after having setup a test environment and working every step to secure Kolab and checking the /var/log/kolab-webadmin/errors as well as the function, I found that I had missed the full domain when setting the https://-URL for the Kolab-CLI. I.e. it was

sed -r -i \
      -e '/api_url/d' \
      -e "s#\[kolab_wap\]#[kolab_wap]\napi_url = https://sikolab.systematic-investments/kolab-webadmin/api#g" \
      /etc/kolab/kolab.conf


and should have been

sed -r -i \
      -e '/api_url/d' \
      -e "s#\[kolab_wap\]#[kolab_wap]\napi_url = https://sikolab.systematic-investments.de/kolab-webadmin/api#g" \
      /etc/kolab/kolab.conf

The .de was missing in "sikolab.systematic-investments.de". To answer Jans other questions: yes, both commands requested by you worked perfectly.

Well, I will work on my typing skills. To the knowing: is it thinkable to build a script which takes the names of the certificates as input and then automatically does the securing of Kolab?

Anyway, thank you a lot everyone,

Matthias

-------- Original-Nachricht --------
Betreff: Re: Kolab 3.3, Debian Wheezy (correction ;-))
Von: Jan Kowalsky <jankow <at> datenkollektiv.net>
An: Matthias Albrecht <matthias.albrecht <at> tigerbaer.de>, users <at> lists.kolab.org
Datum: 09.12.2014 21:25
Hi Matthias, Am 08.12.2014 um 11:47 schrieb Matthias Albrecht:
Franz, you certainly pointed me the right direction. This is from /var/log/kolab/pykolab.log and seems to show, that Kolab can't access the LDAP-Server any more. 2014-12-06 17:09:37,844 pykolab.conf WARNING Option ldap/auth_cache_uri does not exist in config file /etc/kolab/kolab.conf, pulling from defaults 2014-12-06 17:09:37,844 pykolab.conf WARNING Option does not exist in defaults. 2014-12-07 21:29:09,873 pykolab.imap WARNING Could not connect to Cyrus IMAP server 'imaps://localhost:993' 2014-12-07 21:29:18,392 pykolab.conf WARNING Option ldap/auth_cache_uri does not exist in config file /etc/kolab/kolab.conf, pulling from defaults 2014-12-07 21:29:18,392 pykolab.conf WARNING Option does not exist in defaults. 2014-12-07 23:38:35,415 pykolab.auth ERROR An error occured using _regular_search: SERVER_DOWN({'desc': "Can't contact LDAP server"},) 2014-12-07 23:38:35,416 pykolab.auth ERROR Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/pykolab/auth/ldap/__init__.py", line 2725, in _search secondary_domains File "<string>", line 10, in <module> File "/usr/lib/python2.7/dist-packages/pykolab/auth/ldap/__init__.py", line 2623, in _regular_search attrsonly=attrsonly File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 549, in search return self.search_ext(base,scope,filterstr,attrlist,attrsonly,None,None) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 541, in search_ext timeout,sizelimit, File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 99, in _ldap_call result = func(*args,**kwargs) SERVER_DOWN: {'desc': "Can't contact LDAP server"}
I think, you can ignore some of the warnings. But ldap and imap-Server are both not reachable. Try to check step by step, if they are accessible Have you configured the directory server also for ssl? If not, what does: /usr/lib/mozldap/ldapsearch -x -h localhost -p 389 -D 'cn=Directory Manager' -w SECRETPASSWORD -b dc=yourprimary,dc=domain '(objectClass=*)' says? can you connect to cyrus using cyradm: cyradm -u cyrus-admin localhost
And this is in /var/log/kolab-webadmin/errors: [07-Dec-2014 23:32:33 +0100](ham9u49ajk2cfg20g8fafq4b62): PHP Error: Login failed. Unable to decode response (POST) [07-Dec-2014 23:35:06 +0100](ham9u49ajk2cfg20g8fafq4b62): PHP Error: Login failed. Unable to connect to ssl://sikolab.systematic-investments:443. Error: php_network_getaddresses: getaddrinfo failed: Name or service not known (POST)
This looks a little bit strange for me. Where this ssl:// come from? Maybe a typo?
[07-Dec-2014 23:39:25 +0100](ham9u49ajk2cfg20g8fafq4b62): PHP Error: Login failed. Unable to connect to tcp://sikolab.systematic-investments:80. Error: php_network_getaddresses: getaddrinfo failed: Name or service not known (POST) Obviously, more than one thing went wrong when I secured Kolab. I then followed the section "Apache - Switch to own Certification Authority" in http://kolab.org/planet?page=1 since this said "Alter web-server configuration to require valid client certificate, but allow direct API calls from mail server (omit |internal error| when using |kolab-admin|).". But no change. Does anyone know help?
Regards Jan


_______________________________________________
users mailing list
users <at> lists.kolab.org
https://lists.kolab.org/mailman/listinfo/users
René van Dorst | 13 Dec 10:58 2014

Activesync: show shared and privat calanders sepred.

I am testing the latest kolab 3.3 on ubuntu 14.04.

I see that on my both smartphones (BB Z10 and Android with TouchDown) that all calendars are combined to one.
But is it possible to sync them as separate calendars?

Greats,

René van Dorst
_______________________________________________
users mailing list
users <at> lists.kolab.org
https://lists.kolab.org/mailman/listinfo/users
René van Dorst | 12 Dec 20:52 2014

Which ldap attribute to add for birthday field for GAL and Kolab users?

I see a lot a notes about the birthday calandar.
Is a good feature.
But I can't find any information howto or what ldap attribute I have to add to make it work.

So Which ldap attribute I have add as birthday field for GAL and Kolab users?

Greats,

René van Dorst
_______________________________________________
users mailing list
users <at> lists.kolab.org
https://lists.kolab.org/mailman/listinfo/users
Jan Kowalsky | 12 Dec 19:41 2014
Picon

Re: Kolab 3.3 install - multiple servers

Hi Trogdor,

I'll post it on the list again. Some other people seemed to are
interested in these usecases.

Am 11.12.2014 19:43, schrieb Trogdor Wasaman:
> Thanks, I've mostly got this. I'm using one server (maybe eventually a
> cluster) for each role. i.e. - one mysql server, one postfix server, one
> roundcube server, etc.
> 
> I'd like to split imap into frontends and backends - I'll consult the cyrus
> documentation for a murder configuration when I get to that point.
> 
> I've run into the issue where when setting up roundcube, it doesn't take
> the root password of the mysql database. Not sure what is going on there.

Yes, this is a little bit special. The setup routine only works if mysql
and roundcube is set up in the same step. But this is not what we want.

So you have to provide the mysql-settings by yourself:

after setting up mysql touch a file:

/tmp/kolab-setup-my.cnf

[mysql]
user=root
password='ROOT-PASSWORD'

This is the file kolab-setup provides for roundcube - but deletes it
after finishing the kolab-setup.

So do

setup-kolab mysql

vi /tmp/kolab-setup-my.cnf ...

setup-kolab roundcube

But as mentioned: at kolab 3.3 I got some problems installing roundcube
separately. On 3.2 it worked like descriebed.

> Have questions about which pieces go where:
> 
> Which server should the webadmin go on? Roundcube? MySQL?

There are many possibilities. Depends on your purpose. E.g. we have it
on the ldap-server, because ldap is inside our private network protected
through firewall. And we don't want to provide the kolab webadmin
public. We use an mysql-server on the ldap-server for the webadmin.
There is stored nothing else than the user-types. (The mysql-server for
roundcube we place on the same server as roundcube)

If all users shall have access to the kolab-webadmin frontend maybe the
server with roundcube is a good place - because you need only one apache
setup. At the moment we are setting up a second instance of webadmin on
the mailserver (roundcube, postfix, cyrus) - only with the  settings
module for edit user settings.

> Which server should kolabd be setup on?

We have it on the mailserver. It establishes a lot of imap connections.
Maybe the kolab experts have another proposal.

> Thank you again.

You're welcome

I think, it's time for a howto. I'll start one when I come through ...

> 
> Cheers!
> 
> On Tue, Dec 9, 2014 at 3:05 PM, Jan Kowalsky <jankow <at> datenkollektiv.net>
> wrote:
> 
>> Hi Trogdor,
>>
>> Am 09.12.2014 um 16:54 schrieb Trogdor Wasaman:
>>> Stupid question - what's the best way to remove individual components in
>>> CentOS? Or, reset everything and try the other method mentioned.
>>
>> I think both methods work. On a fresh installation I personally prefer
>> the one installing only the needed components.
>>
>> I'm not familiar with centos. But just remove the unused packages with yum.
>>
>> e.g.:
>>
>> yum remove kolab-webadmin
>>
>> On debian these meta-packages exist:
>>
>> kolab - Metapackage for Kolab Groupware Server
>> kolab-cli - Command-line utilities for Kolab
>> kolab-conf - Configuration management for Kolab
>> kolab-freebusy - Free/Busy for Kolab Groupware
>> kolab-imap - IMAP server for Kolab Groupware server
>> kolab-ldap - LDAP server for Kolab Groupware server
>> kolab-mta - MTA server for Kolab Groupware server
>> kolab-saslauthd - SASL Authentication Daemon for Kolab
>> kolab-schema - LDAP schema files for Kolab Groupware
>> kolab-server - Kolab Groupware Server
>> kolab-syncroton - ActiveSync for Kolab Groupware
>> kolab-telemetry - Kolab Telemetry Logging Capabilities
>> kolab-ucs - Additional UCS routines for integration
>> kolab-utils - Kolab Utils
>> kolab-webadmin - Kolab administration web interface
>> kolab-webclient - Webmail client for Kolab Groupware server
>> kolab-xml - Kolab XML format wrapper for pykolab
>>
>> So removing one of them doesn't remove the components - but in debian
>> there is a feature like:
>>
>> apt-get autoremove
>>
>> which removes the dependend packages from packages which are not
>> installed anymore. Sure somethin else for yum exists.
>>
>> Otherwise you have to remove the single packages by yourself: cyrus,
>> postfix, 389-ds ...
>>
>> Best regards
>> Jan
>>
>>> On Mon, Dec 1, 2014 at 7:07 PM, Jan Kowalsky <jankow <at> datenkollektiv.net>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> Am 24.11.2014 um 13:03 schrieb Trogdor Wasaman:
>>>>> To be clear, you are saying to do a single server install on each
>> server
>>>>> and then remove unnecessary services from the appropriate servers and
>>>> then
>>>>> modify the appropriate config files?
>>>>
>>>> Well, this is one aproach. The other one is to install on one server
>>>> e.g. only the ldap-server, than copy the kolab.conf to another server
>>>> (be aware of the rights) and install other components.
>>>>
>>>> You can setup each component with:
>>>>
>>>> setup-kolab COMPONENT and make a reference to the config-file:
>>>>
>>>> setup-colab -c /etc/kolab/kolab.conf COMPONENT ...
>>>>
>>>> e.g.:
>>>>
>>>> # first server (ldap-and kolab-webadmin)
>>>> # you need the packages: kolab-ldap kolab-schema kolab-conf
>>>> kolab-webadmin mysql-server (at least in debian)
>>>>
>>>>
>>>> setup-kolab mysql
>>>> setup-kolab ldap
>>>>
>>>> # second server (imap, postfix, roundcube)
>>>> # you need the packages: postfix kolab-conf kolab-imap kolab-mta
>>>> kolab-server kolab-utils kolab-webclient kolab-freebusy kolab-saslauthd
>>>> kolab-telemetry postfix postfix-ldap
>>>>
>>>> $TIMEZONE="Europe/Berlin"
>>>> setup-kolab --timezone=$TIMEZONE -c /etc/kolab/kolab.conf kolabd
>>>> setup-kolab --timezone=$TIMEZONE -c /etc/kolab/kolab.conf mysql
>>>> setup-kolab --timezone=$TIMEZONE -c /etc/kolab/kolab.conf imap
>>>> setup-kolab --timezone=$TIMEZONE -c /etc/kolab/kolab.conf mta
>>>> setup-kolab --timezone=$TIMEZONE -c /etc/kolab/kolab.conf php
>>>>
>>>> ###
>>>>
>>>> Of course you have to edit the kolab.conf and replace localhost with the
>>>> real hostname.
>>>>
>>>> With kolab 3.3 it didn't work to set up roundcube separately. There was
>>>> something wrong with setup of mysql.
>>>>
>>>> But it's not to hard to set it up by hand.
>>>>

Best Regards
Jan
v.glave | 11 Dec 19:42 2014

Fwd: Re: Syncroton Problem


I tried to specify in RoundCube 00.00 -> 23.00 as working hours but nothing.

The error appears only if I set an event from the smartphone that lasts exactly 10 hours. Not a minute less or more.

 

On Thu, 11 Dec 2014 18:20:41 +0000, Scott Damron wrote:

That is probably due to you having defined work hours in Roudcube, but not your device.  Try changing the work hours and see if it fixes it.

Scott


December 11 2014 12:19 PM, v.glave <at> pyx-is.comwrote:

 

Hello,

I have several devices that sync with the kolab calendar without any kind of problem. 

The only issue is that if I add from a mobile device (ios or android) a new event that is exactly 10 hours long, in outlook and roundcube I see this event marked as "all day". If it is 10 hours and 5 minutes or 9 hours and 55 minutes it is displayed correctly.

Why? Is it a bug? On the mobile device i correctly see the event marked as 10 hours and not "all day".

 

Thanks in advance

 

 

 

 
 
_______________________________________________
users mailing list
users <at> lists.kolab.org
https://lists.kolab.org/mailman/listinfo/users
v.glave | 11 Dec 19:19 2014

Syncroton Problem

Hello,

I have several devices that sync with the kolab calendar without any kind of problem. 

The only issue is that if I add from a mobile device (ios or android) a new event that is exactly 10 hours long, in outlook and roundcube I see this event marked as "all day". If it is 10 hours and 5 minutes or 9 hours and 55 minutes it is displayed correctly.

Why? Is it a bug? On the mobile device i correctly see the event marked as 10 hours and not "all day".

 

Thanks in advance

 
_______________________________________________
users mailing list
users <at> lists.kolab.org
https://lists.kolab.org/mailman/listinfo/users
Nikolai Maziashvili | 9 Dec 21:37 2014

getting ***UNCHECKED*** in subjects of received emails

Hi everyone, i'm running fresh KOLAB33 on CentoOS7 machine and getting 
***UNCHECKED*** in subjects of received emails. I assumed that clamav db 
was out of date and tried to refresh it by running freshclam, but to my 
surprise it was not on the system???
Clamav is not the one responsible for spam checking? Or should i install 
it manually (provided by clamav-update)? And if yes, should i keep 
anything specific in my mind, regarding kolab, when editing freshclam 
config file?
Thanks in advance,
Nikolai

Gmane