1 Topic by irma

  • irma
  • Member
  • Offline
  • Registered: 2018-07-17
  • Posts: 50

Topic: Sample LDIF file of SOGo resource for IRM LDAP

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): current
- Linux/BSD distribution name and version: CentOS 7.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? not yet
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi IRM Users and Admins!

We would like to use resources (e.g. meeting rooms) in IRM/SOGo.

I guess that I followed correctly the guide at http://wiki.sogo.nu/ResourceConfiguration when I copied

calentry.schema
calentry-schema.ldif
calresource.schema
calresource-schema.ldif

to /etc/openldap/schema and inserted the lines

include     /etc/openldap/schema/calentry.schema
include     /etc/openldap/schema/calresource.schema

to /etc/openldap/slapd.conf

Having restarted the slapd service, the objectClasses and attributes were available.

My question is now:

Is there an example ldif file of a SOGo resource for iRedMail LDAP server?

I would like to have the minimum set of objectClasses and attributeTypes, of course including all required enabledServices.

My current resource's ldif file looks like the attached.

Thank you very much!

BR
Irma

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by irma

  • irma
  • Member
  • Offline
  • Registered: 2018-07-17
  • Posts: 50

Re: Sample LDIF file of SOGo resource for IRM LDAP

Doesn't seem that the file has been attached.

This is the content:

########################################################################
dn: mail=meetingroom@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com
mail: meetingroom@mycompany.com
mailQuota: 1048576
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: mailUser
objectClass: shadowAccount
objectClass: amavisAccount
objectClass: person
objectClass: posixAccount
objectClass: top
storageBaseDirectory: /data/mboxes
enabledService: indexer-worker
enabledService: doveadm
enabledService: dsync
enabledService: shadowaddress
enabledService: displayedInGlobalAddressBook
enabledService: mail
enabledService: forwarding
enabledService: deliver
enabledService: lda
enabledService: lmtp
enabledService: smtp
enabledService: smtpsecured
enabledService: imap
enabledService: imapsecured
enabledService: imaptls
enabledService: managesieve
enabledService: managesievesecured
enabledService: sogo
enabledService: sieve
enabledService: sievesecured
enabledService: forward
enabledService: senderbcc
enabledService: recipientbcc
enabledService: internal
enabledService: lib-storage
amavisLocal: TRUE
accountStatus: active
shadowLastChange: 0
mailHost: localhost
cn: Meetingroom
gidNumber: 2104
homeDirectory: /data/mboxes/vmail1/mycompany.com/meetingroom/
mailMessageStore: vmail1/mycompany.com/meetingroom/
loginShell: /sbin/nologin
sn: Meetingroom
uid: meetingroom
uidNumber: 2104
userPassword: {CRYPT}$6$ncaXAOch$FuQ9weAfqMUvbKlsam2X/e13t0cIMrnvz/S7q/XqrWq4xyK
OigNGjMPYuvBvzVYrZRJPEUPatnFlHx5rhz74O1
displayName: Meetingroom

3 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,793

Re: Sample LDIF file of SOGo resource for IRM LDAP

irma wrote:

This is the content:

2 object classess were missing:

objectClass: CalendarResource
objectClass: calEntry

btw, How did you test the resource?

4 Reply by irma

  • irma
  • Member
  • Offline
  • Registered: 2018-07-17
  • Posts: 50

Re: Sample LDIF file of SOGo resource for IRM LDAP

Updated meetingroom's LDAP data set. Looks like this now:

#######################################################################
dn: mail=meetingroom@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com
mail: meetingroom@mycompany.com
mailQuota: 1048576
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: mailUser
objectClass: shadowAccount
objectClass: amavisAccount
objectClass: person
objectClass: posixAccount
objectClass: top
objectClass: calEntry
objectClass: CalendarResource
storageBaseDirectory: /data/mboxes
enabledService: indexer-worker
enabledService: doveadm
enabledService: dsync
enabledService: shadowaddress
enabledService: displayedInGlobalAddressBook
enabledService: mail
enabledService: forwarding
enabledService: deliver
enabledService: lda
enabledService: lmtp
enabledService: smtp
enabledService: smtpsecured
enabledService: imap
enabledService: imapsecured
enabledService: imaptls
enabledService: managesieve
enabledService: managesievesecured
enabledService: sogo
enabledService: sieve
enabledService: sievesecured
enabledService: forward
enabledService: senderbcc
enabledService: recipientbcc
enabledService: internal
enabledService: lib-storage
amavisLocal: TRUE
accountStatus: active
shadowLastChange: 0
mailHost: localhost
cn: Meetingroom
gidNumber: 2104
homeDirectory: /data/mboxes/vmail1/mycompany.com/meetingroom/
mailMessageStore: vmail1/mycompany.com/meetingroom/
loginShell: /sbin/nologin
sn: Meetingroom
uid: meetingroom
uidNumber: 2104
userPassword: {CRYPT}$6$ncaXAOch$FuQ9weAfqMUvbKlsam2X/e13t0cIMrnvz/S7q/XqrWq4xyK
OigNGjMPYuvBvzVYrZRJPEUPatnFlHx5rhz74O1
displayName: Meetingroom
Multiplebookings: 1
Kind: location

##########################################################################################

Creating an event inviting the meetingroom@mycompany.com on saving event the following error message occurs:
###############################################
Cannot access resource Meetingroom meetingroom@mycompany.com
###############################################

To fix the issue I'd appreciate, if any Admin having implemented successfully IRM with SOGo and Calendar resources, could provide an example LDIF file of a working resource (e.g. meeting room).

I would like to get rid of unnecessary objectClasses and attributes, repectively, and, of course to include all necessary attributes for an IRM/SOGo calendar resource to work properly.

Thank you very much!

BR
Irma

5 Reply by irma

  • irma
  • Member
  • Offline
  • Registered: 2018-07-17
  • Posts: 50

Re: Sample LDIF file of SOGo resource for IRM LDAP

I set the ACL for the meetingroom's calendar to be shared to all authenticated users. Now the "Cannot access..." error message didn't pop up anymore.

The event is being added to the meetingroom's personal calendar and it is auto-accepted.

BUT: If another user creates an event for overlapping times, he is not being notified that the meetingroom is already occupied! --> The FREE/BUSY for the meetingroom apparently are not configured correctly.

There's a great uncertainty about the 'multiplebookings' attribute in the meetingroom's LDAP entry.
I read about possible values '-1', '0' and '1'.
On some pages you read that '1' means 'enabled' and '0' means 'disabled'. Other sources state the '0' means 'unlimited' concurrent bookings possible and '1' means 'only one booking' at the same time possible. According to the SOGo help file, '-1' means 'no limit, but meetingroom will be displayed as BUSY having been booked at least once to the same time'.

What is more, there's also an attribute 'MultipleBookingsFieldName', according to SOGo manuel. BUT: The IRM LDAP server does not provide this attribute! So it is not possible to select it. Or does that 'attribute' refer not to an LDAP attribute but to a SOGo attribute which has to be configured somewhere in the SOGo config files?

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,793

Re: Sample LDIF file of SOGo resource for IRM LDAP

- You can use the schema file mentioned in SOGo wiki page. It's possible iRedMail offers a new attribute for this purpose.
- Not sure whether this is your thread in SOGo mailing list, but this post might be useful: https://lists.inverse.ca/sogo/arc/users … 00064.html

Also, the latest SOGo 4.0.4 (releases on Oct 23) fixes one free/busy related issue, maybe it will help a little?

7 Reply by irma (edited by irma 2018-10-31 05:27:22)

  • irma
  • Member
  • Offline
  • Registered: 2018-07-17
  • Posts: 50

Re: Sample LDIF file of SOGo resource for IRM LDAP

Hi Huangbin,

yes that's my thread in SOGo mailing list.

I assured that settings Christian mentioned are correct on my setup.

Didn't solve the issue.

You say that there's a new version of SOGo being released.

Updated to SOGo 4.0.4 by yum update. Installed SOGo version is now:

[root@myirmserver ~]# yum list installed | grep sogo
sogo.x86_64                           4.0.4.20181029-1.el7.centos     @SOGo
sogo-activesync.x86_64                4.0.4.20181029-1.el7.centos     @SOGo
sogo-ealarms-notify.x86_64            4.0.4.20181029-1.el7.centos     @SOGo
sogo-tool.x86_64                      4.0.4.20181029-1.el7.centos     @SOGo

Checked again FREE/BUSY times of Meetingroom. Result:

The occupied Meetingroom still is not being displayed as BUSY!

Best Regards,
Irma

8 Reply by irma (edited by irma 2018-10-31 05:29:50)

  • irma
  • Member
  • Offline
  • Registered: 2018-07-17
  • Posts: 50

Re: Sample LDIF file of SOGo resource for IRM LDAP

I cannot believe that there's nobody using calendar resources in an iRedMail/SOGo setup with OpenLDAP.

9 Reply by irma (edited by irma 2018-11-05 19:41:53)

  • irma
  • Member
  • Offline
  • Registered: 2018-07-17
  • Posts: 50

Re: Sample LDIF file of SOGo resource for IRM LDAP

Issue resolved by Huangbin.

Add these two lines to sogo.conf SogoUserSources LDAP configuration section, then resources' busy times are being indicated correctly:

KindFieldName = "Kind";
MultipleBookingsFieldName = "MultipleBookings";

Looks similar to this then:

SOGoUserSources = (
        {
            // Used for user authentication
            type = ldap;
            id = users;
            canAuthenticate = YES;
            isAddressBook = NO;
            displayName = "LDAP Authentication";

            hostname = "ldap://127.0.0.1:389";
            baseDN = "o=domains,dc=mycompany,dc=com";
            bindDN = "cn=vmail,dc=mycompany,dc=com";
            bindPassword = "bteebhsaebhnHthj&SWJH&R$SWZHJ";
            filter = "objectClass=mailUser AND accountStatus=active AND enabledService=mail AND enabledService=sogo";
            scope = SUB;

            // always keep binding to the LDAP server using the DN of the
            // currently authenticated user. bindDN and bindPassword are still
            // required to find DN of the user.
            // Note: with default LDAP acl configured by iRedMail, user doesn't
            //       have privilege to query o=domains,dc=mmlab,dc=de.
            //       so this doesn't work.
            //bindAsCurrentUser = YES;

            // The algorithm used for password encryption when changing
            // passwords without Password Policies enabled.
            // Possible values are: plain, crypt, md5-crypt, ssha, ssha512.
            userPasswordAlgorithm = ssha;

            CNFieldName = cn;
            IDFieldName = mail;
            // value of UIDFieldName must be unique on entire server
            UIDFieldName = mail;
            IMAPLoginFieldName = mail;
            MailFieldNames = (mail);
            bindFields = (mail);
        KindFieldName = "Kind";
            MultipleBookingsFieldName = "MultipleBookings";
        },


Please set ticket on SOLVED. Don't know how to perform that.