setup sogo on ubuntu 10.04 using apache/mysql/ldap/postfix ... · pdf fileusing...
TRANSCRIPT
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 1/12
Setup SoGo on Ubuntu 10.04 Using Apache/MySQL/LDAP/Postfix/Bind9
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 2/12
Synopsis
Synopsis ................................................................................................................................ 2 Introduction ........................................................................................................................... 3 1 Third party component installation....................................................................................... 4 1.1 MySQL ..................................................................................................................... 4 1.2 OpenLDAP................................................................................................................. 4 1.3 Apache (Not Mandatory, but usefull to manage Databases)..................................................... 5 1.4 phpmyadmin ............................................................................................................. 5 1.5 Phpldapadmin............................................................................................................ 6
2 Sogo installation.............................................................................................................. 7 2.1 Get the files.............................................................................................................. 7 2.1.1 Configure APT ..................................................................................................... 7
3 Sogo configuration ........................................................................................................... 8 3.1 Introduction .............................................................................................................. 8 3.2 Basic configuration...................................................................................................... 8
4 Configure LDAP for SoGo.................................................................................................... 9 4.1 OpenLDAP configuration ............................................................................................... 9 4.1.1 Backend configuration ........................................................................................... 9 4.1.2 Frontend configuration ......................................................................................... 10
4.2 SOGo Configuration .................................................................................................... 10 5 Configure MySQL for SoGo ................................................................................................. 11 5.1 Create user and database............................................................................................. 11
6 Configure the web interface .............................................................................................. 11 7 Provision the users on SOGo LDAP Database ........................................................................... 12 7.1 Admin user .............................................................................................................. 12 7.2 normal user.............................................................................................................. 12
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 3/12
Introduction
On Ubuntu 10.04 it’s preferred to use “service” command rather than /etc/init.d On this installation, we’ll install all the components for Sogo on the same server.
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 4/12
1 Third party component installation
Before installing any package, don’t forget to update the repository list:
user@sogo:~$ sudo apt-get update
1.1 MySQL
To install MySQL, use the following command:
user@sogo:~$ sudo apt-get install mysql-server ... The following NEW packages will be installed libdbd-mysql-perl libdbi-perl libhtml-template-pe rl libmysqlclient16 libnet-daemon-perl libplrpc-perl mysql-client-5.1 mysql-client-co re-5.1 mysql-common mysql-server mysql-server-5.1 mysql-server-core-5.1 ... Do you want to continue [Y/n]? Y ... During the setup, a root password will be asked. Enter it twice, and keep this password carefully, you’ll need it for admin access to MySQL. Then, verify that the server is correctly running:
user@sogo:~$ sudo service mysql status mysql start/running, process 2751 Then, try to verify that you’re able to connect to your MySQL server using root account, using the root password:
user@sogo:~$ mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 40 Server version: 5.1.41-3ubuntu12.6 (Ubuntu) Type 'help;' or '\h' for help. Type '\c' to clear t he current input statement. mysql> If you see the above output, that mean you’ve successfully installed MySQL on your server. We’ll see configuration for SoGo later on this document.
1.2 OpenLDAP
To install OpenLDAP, use the following command:
user@sogo:~$ sudo apt-get install slapd ldap-utils ... The following NEW packages will be installed libdb4.7 libltdl7 libperl5.10 libslp1 odbcinst od bcinst1debian1 slapd unixodbc ldap-utils Do you want to continue [Y/n]? Y Then, verify that the server is correctly running:
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 5/12
user@sogo:~$ sudo service slapd status OpenLDAP is running If you see the above output, that mean you’ve successfully installed OpenLDAP on your server. We’ll see configuration for SoGo later on this document.
1.3 Apache (Not Mandatory, but usefull to manage Databases)
To install apache, use the following command:
user@sogo:~$ sudo apt-get install apache2 ... The following NEW packages will be installed apache2 apache2-mpm-worker apache2-utils apache2. 2-bin apache2.2-common libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-lda p ssl-cert ... Do you want to continue [Y/n]? Y
Then, verify that the server is correctly running:
user@sogo:~$ sudo service apache2 status Apache is running (pid 3794). If you see the above output, that mean you’ve successfully installed Apache on your server. We’ll see configuration for SoGo later on this document. If you want to doublecheck, then open a web browser, and type in the URL the ipaddress:port of your server. You should see a webpage telling:
It works! This is the default web page for this server. The web server software is running but no content h as been added, yet.
1.4 phpmyadmin
To install phpmyadmin, use the following command:
user@sogo:~$ sudo apt-get install phpmyadmin ... The following NEW packages will be installed dbconfig-common fontconfig-config javascript-comm on libfontconfig1 libgd2-xpm libjpeg62 libjs-mootools libmcrypt4 libt1-5 libxpm4 php5-gd php5-mcrypt php5-mysql phpmyadmin ttf-dejavu-core wwwconfig-common ... Do you want to continue [Y/n]? Y
The phpmyadmin contained on the Lucid Lynx package will ask you which HTTP Server you want to automatically configure. Choose Apache and do “OK”. Then you can configure automatically the database setting on Phpmyadmin (during the setup, it will be asked if you want to use dbconfig-common package to setup the database on phpmyadmin) It is not mandatory to do it that way, but because we’re setting up the server from scratch, there’s no issue to use it. So, fill the passwords as asked, and validate. Then, try the following address on a web browser : http://<ip-server:>/phpmyadmin/
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 6/12
You should be able to see phpmyadmin login page. We’ll see configuration for SoGo later on this document.
1.5 Phpldapadmin
To install phpldapadmin, use the following command:
user@sogo:~$ sudo apt-get install phpldapadmin ... The following packages will be REMOVED apache2-mpm-worker The following NEW packages will be installed apache2-mpm-prefork libapache2-mod-php5 php5-comm on php5-ldap phpldapadmin ... Do you want to continue [Y/n]? Y
Then, try the following address on a web browser : http://<ip-server:>/phpldapadmin/ You should be able to see phpldapadmin main page. We’ll see configuration for SoGo later on this document.
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 7/12
2 Sogo installation
2.1 Get the files
2.1.1 Configure APT
Add the repository to APT source list. Edit etc/apt/sources.list and add the following line for stable versions: deb http://inverse.ca/ubuntu lucid main For the nightly builds, add the following instead of above line: deb http://inverse.ca/ubuntu-nightly lucid main Then, update APT and install via the following line:
user@sogo:~$ sudo apt-get install sogo ... The following NEW packages will be installed autotools-dev avahi-daemon consolekit dbus gnuste p-base-common gnustep-base-runtime gnustep-common gnustep-make libavahi-client3 libava hi-common-data libavahi-common3 libavahi-compat-libdnssd1 libavahi-core6 libck-conn ector0 libdaemon0 libeggdbus-1-0 libevent-1.4-2 libgnustep-base1.19 libmemcached2 li bnss-mdns libobjc2 libpam-ck-connector libpolkit-gobject-1-0 libsope-appserver4. 9 libsope-core4.9 libsope-gdl1-4.9 libsope-ldap4.9 libsope-mime4.9 libsope-xml4.9 libx slt1.1 memcached sogo sope4.9-gdl1-mysql sope4.9-libxmlsaxdriver tmpreaper ... Do you want to continue [Y/n]? y Then Sogo is successfully installed. You may see this error message, as far as you didn’t do configuration yet:
* Starting SOGo sogo <0x0x9f85070[SOGoStartupLogger]> No configuration f ound. SOGo will not work properly.
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 8/12
3 Sogo configuration
3.1 Introduction
During Sogo installation, a new user has been created, “sogo” and will be used for configuration. Furthermore, the whole parameters for SoGo configuration will be contained on his home file: /home/sogo
3.2 Basic configuration
First of all, login with sogo user:
user@sogo:/home/sogo$ sudo su - sogo [sudo] password for user: sogo@sogo:~$ Then, Do the following to create the basic configuration file for sogo:
defaults write sogod SOGoTimeZone "Europe/Paris" defaults write sogod SOGoMailDomain "ketzaldev.org" defaults write sogod SOGoLanguage English defaults write sogod SOGoAppointmentSendEMailNotifi cations YES defaults write sogod SOGoFoldersSendEMailNotificati ons YES defaults write sogod SOGoACLsSendEMailNotifications YES
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 9/12
4 Configure LDAP for SoGo
4.1 OpenLDAP configuration
4.1.1 Backend configuration
Add additionnal schemas :
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/ schema/cosine.ldif sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/ schema/nis.ldif sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/ schema/inetorgperson.ldif
Create a directory to put your configuration scripts for Slapd :
user@sogo:/etc$ sudo mkdir /etc/ldap/scripts
In the script directory, edit a new file (you can name it with your domain name : backend.ketzaldev.org.ldif) Here is the configuration for MY SERVER, adapt the configuration for yours:
# Load dynamic backend modules dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulepath: /usr/lib/ldap olcModuleload: back_hdb # Database settings dn: olcDatabase=hdb,cn=config objectClass: olcDatabaseConfig objectClass: olcHdbConfig olcDatabase: {1}hdb olcSuffix: dc= ketzaldev ,dc= org olcDbDirectory: /var/lib/ldap olcRootDN: cn=admin,dc= ketzaldev ,dc= org olcRootPW: ldapPass olcDbConfig: set_cachesize 0 2097152 0 olcDbConfig: set_lk_max_objects 1500 olcDbConfig: set_lk_max_locks 1500 olcDbConfig: set_lk_max_lockers 1500 olcDbIndex: objectClass eq olcLastMod: TRUE olcDbCheckpoint: 512 30 olcAccess: to attrs=userPassword by dn="cn=admin,dc =ketzaldev ,dc= org " write by anonymous auth by self write by * none olcAccess: to attrs=shadowLastChange by self write by * read olcAccess: to dn.base="" by * read olcAccess: to * by dn="cn=admin,dc= ketzaldev ,dc= org " write by * read
then, execute this file with the ldapadd command:
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f ketzaldev. org.ldif
After this, you should be able to connect to the LDAP server via the phpldapadmin interface. Open it in your Web Browser, and click on login. Then, use the following credentials:
Login DN: cn=admin,dc= ketzaldev ,dc= org Password: ldapPass You should be able to connect to the LDAP server.
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 10/12
4.1.2 Frontend configuration
In the script directory, edit a new file (you can name it with your domain name: frontend.ketzaldev.org.ldif) Here is the configuration for MY SERVER, adapt the configuration for yours:
# Create top-level object in domain dn: dc= ketzaldev ,dc= org objectClass: top objectClass: dcObject objectclass: organization o: Ketzaldev Organization dc: ketzaldev description: Ketzaldev LDAP Server # Admin user. dn: cn=admin,dc= ketzaldev ,dc= org objectClass: simpleSecurityObject objectClass: organizationalRole cn: admin description: LDAP administrator userPassword: ldapPass
Then, add the entries to the LDAP Directory:
sudo ldapadd -x -D cn=admin,dc=ketzaldev,dc=org -W -f frontend.ketzaldev.org.ldif
Don’t forget to modify the following file with you domain to be able to use correctly the PHPldapadmin interface. Replace all the “domain/com” by your all domain (in my case: ketzaldev/org)
/etc/phpldapadmin/config.php
4.2 SOGo Configuration
Login into sogo user. Then use the following command to configure your Server with LDAP for authenticating:
defaults write sogod SOGoUserSources '({ CNFieldName = cn; IDFieldName = uid; UIDFieldName = uid; IMAPHostFieldName = mailHost; baseDN = "ou=accounts,dc=ketzaldev,dc=org"; bindDN = "uid=sogadmin,ou=accounts,dc=ketzaldev,dc= org"; bindPassword = qwerty; canAuthenticate = YES; displayName = "Shared Addresses"; hostname = "localhost"; id = public; isAddressBook = YES; port=389})'
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 11/12
5 Configure MySQL for SoGo
5.1 Create user and database
Use the following commands to create a database and user for SOGO in MySQL:
mysql -u root -p Enter password: mysql> CREATE DATABASE `sogo`; mysql> CREATE USER 'sogo'@'localhost' IDENTIFIED BY 'sogop asswd'; mysql> GRANT ALL PRIVILEGES ON `sogo`.* TO 'sogo'@'localho st' WITH GRANT OPTION; mysql> FLUSH PRIVILEGES; mysql> exit
Then, add the following configuration to Sogo Login to sogo user
defaults write sogod OCSFolderInfoURL "mysql://sogo:sogopasswd@localhost:3306/sogo/sogo_f older_info" defaults write sogod SOGoProfileURL "mysql://sogo:sogopasswd@localhost:3306/sogo/sogo_u ser_profile"
Start or restart SOGo:
/etc/init.d/sogod restart
6 Configure the web interface
Ajout des modules:
sudo a2enmod headers sudo a2enmod proxy_connect sudo a2enmod proxy sudo a2enmod proxy_balancer sudo a2enmod proxy_scgi sudo a2enmod proxy_http sudo a2enmod proxy_ftp sudo a2enmod proxy_ajp
then restart apache using the command
sudo service apache2 restart
Ketzaldev Technical Document _________________________________________________________________________________________________
Page 12/12
7 Provision the users on SOGo LDAP Database
7.1 Admin user
Login as a sogo user and create a new folder on Sogo directory to put your personnal scripts:
mkdir /home/sogo/scripts
then edit a new file: admin.ldif
dn: ou=accounts,dc=ketzaldev,dc=org objectClass: organizationalUnit ou: accounts dn: uid=sogadmin,ou=accounts,dc=ketzaldev,dc=org objectClass: top objectClass: inetOrgPerson objectClass: person objectClass: organizationalPerson uid: sogadmin cn: SOGo Administrator mail: [email protected] sn: Administrator givenName: SOGAdmin and add the user with the command ldapadd
ldapadd -f admin.ldif -x -W -D cn=admin,dc=ketzalde v,dc=org
A password will e asked, this is the one of your LDAP admin. Then, put the pass for the user
ldappasswd -h localhost -x -W -D cn=admin,dc=ketzal dev,dc=org uid=sogadmin,ou=accounts,dc=ketzaldev,dc=org -s qwe rty
7.2 normal user
Add the new script on the script file: usr_add_ketzaldev.ldif:
dn: uid=ketzaldev,ou=accounts,dc=ketzaldev,dc=org objectClass: top objectClass: inetOrgPerson objectClass: person objectClass: organizationalPerson uid: ketzaldev cn: Louis Brunet mail: [email protected] sn: Brunet givenName: Louis and add the user with the command ldapadd
ldapadd -f usr_add_ketzaldev.ldif -x -W -D cn=admin ,dc=ketzaldev,dc=org
then put the password for the user
ldappasswd -h localhost -x -W -D cn=admin,dc=ketzal dev,dc=org uid=ketzaldev,ou=accounts,dc=ketzaldev,dc=org -s