# HOWTO: Open-Xchange on Gentoo

## bitwh0re

Good day all,

I've finished a rough draft outlining how to get OX installed on Gentoo using:

- Postfix / Cyrus / SASL

- OpenLDAP

- Apache 2 / Tomcat 5

- PostgreSQL

As I said, it's a rough draft, so I don't go into detail on each services but it should give you enough info to get the basics for OX up and running.  I welcome any comments, suggestions, fixes, and additions.  You can currently find it in PDF here:

http://www.mikefetherston.ca/OX/OX_Install.pdf

----------

## rojaro

Thanks for the tutorial. But one question: Is it really nessacary to use postgres? I would like to use MySQL instead.

----------

## bitwh0re

This is from the Open Xchange website:

```
Database

(The database server should provide JDBC functionallity

and should provide sub-selects, timestamps with timezones

and sequences. Tested successfully

with PostgreSQL.)
```

If MySQL can do that, then I don't really see a problem doing it.

----------

## nsahoo

Very nice.

It'd be useful if you can post it in text format along with link to pdf in the head post. That way even the console users can read it.

Cheers  :Smile: 

----------

## rojaro

 *bitwh0re wrote:*   

> 
> 
> ```
> Database
> 
> ...

 

Hmm ... i believe MySQL 4.1 provides all that, but it isnt in Portage yet :(

----------

## bitwh0re

 *nsahoo wrote:*   

> Very nice.
> 
> It'd be useful if you can post it in text format along with link to pdf in the head post. That way even the console users can read it.
> 
> Cheers 

 

Thanks!  It's currently in .pdf because I've been writing it in Word & Writer.  In the first page you'll see that I ask for help to convert the file to HTML readable by a text-based web browser.

----------

## HCPawel

Hi bitwh0re, nice tutorial - tomorrow, I will work it througt. Did you also try the installation with the open-xchange ebuild? This is what I've done, but it did not work.

----------

## bitwh0re

No, I'm aware of it from the other OX thread but didn't try it out.  I understand it's in a very early stage and only found out about it after I had started my HOWTO.

OX is a pretty neat program, I must say.  :Smile: 

----------

## HCPawel

I tried it and my experiences were not the best ...

The "emerge" was only thing that worked  :Wink:   :Laughing: 

I' m currently working with your tutorial and I will post my experience with it later.

----------

## playworker

Superb bit of documentation mate, very useful - Cheers!   :Very Happy: 

----------

## bitwh0re

Thanks playworker!  I plan to make it even better in the future.  You may have noticed the unfinished section at the end..  :Smile: 

Is there anything that you didn't see in the doc but would have like to have seen?

----------

## peace

emerge cyrus_imap-admin

should read:

emerge cyrus-imap-admin

i.e. dash - not underscore _

I'll post anything else I find.  It's taking awhile to get the deps installed.

Also, could you post a link to the .doc or whatever the source file is so someone, maybe me, can do an html version?

----------

## bitwh0re

Thanks for catching that.. somehow that error snuck back in because I can remember fixing that before!

----------

## peace

To anyone who might be hanging on the "rhino" emerge at the line:

```
compile:

    [javac] Compiling 109 source files to /var/tmp/portage/rhino-1.5_rc5/work/rhino1_5R5/build/classes
```

You will need to configure your JAVA_HOME and CLASSPATH env. vars using java-config.

See this thread for the rhino fix:

https://forums.gentoo.org/viewtopic.php?t=217097&highlight=rhino

See this for java-config docs:

http://www.gentoo.org/doc/en/java.xml

Don't forget to set your system classpath using --set-system-classpath further down in the java-config docs.  I just added all the packages available on my system to the classpath.  Probobly not nceccesary but, ya know.  also, make sure you install all the java deps first, e.g. java mail, etc.  Especialy the deps that require you to download specific versions from Sun and place the zip files in /usr/portage/distfiles.

There may need to be a step added to the OX docs where you configure the system java vm using java-config.

Kind Regards

----------

## peace

When ensuring entries in /etc/services, one entry that I needed to make was:

```
imap 143/tcp
```

The stock /etc/services lists imap2 as the service for port 143.  Either the OX docs should reflect the stock services or you will need to update services with the imap line above in order for the test to succeed.

netkit-telnetd is the ebuild for telnet, btw.

Kind Regards

----------

## peace

I think the lines:

```
chown ldap /usr/lib/openldap-data/*

chgrp ldap /usr/lib/openldap-data/*
```

should read:

```
chown ldap /var/lib/openldap-data/*

chgrp ldap /var/lib/openldap-data/*
```

Also, when moving the modules after extracting Fedora-Core-1-i386.tar.gz, might want to remove the /root from the beginning of the path incase the reader is not in root's home dir.

----------

## peace

Ox is installed and running!  Thanks for the HOWTO!

I needed to fix a syntax error (my own fault) in webapps/servlet/WEB-INF/web.xml that was causing the servlet start to fail with a huge catalina stack trace.  Once that was fixed everything ran perfectly.

Kind Regards

----------

## pjp

Moved from Documentation, Tips & Tricks.

----------

## verdandi

I just don't understand why you don't just use the ebuild in bugzilla.gentoo.org.

The ebuild is working and make uninstalling/updateing very easy. I would not say that it is in an early stage, it is as good as it gets for the moment. I have used it from OX version 0.7.1 with success every time.

----------

## playworker

Hmmm, I'm having some problems emerging all the required software, some packages require Ant which insists on pulling in Ant-tasks which in turn pulls in a package called Rhino, this fails to compile on my system   :Sad: 

It's not a waiting forever problem, it just crashes out with a blank compile error.

```
build.xml:51

toolsrc/build.xml:69

src_compile Line 35
```

Doesn't give any error details and there are no errors in the output, just a lot of semantic warnings.

Any ideas?

Also WRT the doc itself, should the line that you add to the OpenLDAP ebuild be

```
myconf="${myconf} --enable-aci"
```

and not

```
myconf="$(myconf) -enable-aci"
```

??

----------

## playworker

Alrighty, here's a quick rundown of my progress so far:

o New system bootstrapped with kernel 2.6.8 and nptl support (~x86)

o Added all the USE flags

o Changed the line in OpenLDAP ebuild as per my post above

o Berkeley DB is present

o emerged all packages as per your list but excluding ant-tasks as Rhino kept failing to build properly

o Grabbed all the Perl stuff

o Added all services to default runlevel

o Setup and started Postfix

o Setup and started Cyrus

o Setup SASL as per HOWTO but it won't start - message "Unknown Authentication Mechanism: ldap"   :Question:  FIXED: Re-emerged cyrus-sasl and it included the ldap stuff this time   :Rolling Eyes:   :Smile: 

o Added cyrus user but the cyradm command in the HOWTO just hangs   :Question:   FIXED: I wasn't using the full server name

o Setup LDAP as per HOWTO but it won't start - message "inetorgperson.schema: AttributeType not found "audio""  :Question:  FIXED: Had missed out cosine.schema  :Embarassed: 

o Initialised the LDAP tree but can't do the slapadd command because of the above error   :Question:   FIXED

o Setup and started Apache

o Setup and started PostgreSQL

o Setup and started Tomcat

o Configured and built Open-Xchange, seemed to build fine without ant-tasks package...

o Copied over the perl bits and now get an Open-Xchange login screen  :Smile: 

o Tried to add the open-xchange PostgreSQL user but to no avail, doesn't seem to be able to see the PostgreSQL service even though it is running   :Question:  FIXED: Your HOWTO is missing a "-" line should read "createuser --pwprompt"   :Razz: 

Installation is proceeding as planned now - I'll post again if I have any more ridiculously simple issues that I can solve myself  :Wink: 

Cheers!

Matt

----------

## peace

Thanks Playworker!  I will give the ebuild a try.  I saw the OX ebuild bug just after starting the install via the HOWTO here.  I figured I may as well finish the "manual" install as the HOWTO is really quite good and at the time the ebuild looked like it might be more trouble.

OX for gentoo is huge for us here.  We have been strugling with our groupware solution and hope that this can slot nicely into that role.  With a maintained ebuild present it looks like the right track.

Kind Regards

----------

## BlackEdder

 *bitwh0re wrote:*   

> Thanks!  It's currently in .pdf because I've been writing it in Word & Writer.  In the first page you'll see that I ask for help to convert the file to HTML readable by a text-based web browser.

 

Might be doable with:

*  app-text/pdf2html

      Latest version available: 1.4

      Size of downloaded files: 22 kB

      Homepage:    http://atrey.karlin.mff.cuni.cz/~clock/twibright/pdf2html/

      Description: Converts pdf files to html files

      License:     GPL-2

----------

## playworker

OX is now installed and running fine apart from the webmail bit, specifically there seems to be a problem with Open-Xchange talking to my Cyrus IMAP server, not sure what the issue is exactly but could someone confirm what the  relationship is between Open-Xchange users and the IMAP users?

Do I just need a mailbox for each OX user and if so what do they need to be called?

The error I get on the server is : Login only available under a layer

----------

## bitwh0re

 *Quote:*   

> OX is now installed and running fine apart from the webmail bit, specifically there seems to be a problem with Open-Xchange talking to my Cyrus IMAP server, not sure what the issue is exactly but could someone confirm what the relationship is between Open-Xchange users and the IMAP users?
> 
> Do I just need a mailbox for each OX user and if so what do they need to be called? 

 

Cyrus and OX both authenticate against LDAP but there needs to be a mailbox for the user.  Just make the mailbox name the same as the username.  You can automate this process, although I haven't tried it (yet), by reading this:

http://www.open-xchange.org/pipermail/user/2004-September/015492.html

Thanks to all for catching my silly mistakes!  They will be corrected and posted soon!

----------

## playworker

Okay, sorted the Cyrus-IMAP issues, for anyone interested the mailbox needs to be user.oxusername, so if you add a user to OX with the username jimbob you need a mailbox called user.jimbob.

You may want to update your HOWTO with this as at the moment it is a little misleading - you are adding a user to OX with username "john" and then creating a mailbox called "user.jsmith"   :Razz: 

If anyone else is getting "Login only under a layer" this is because you have the option "allowplaintext" set to "no" in imapd.conf, this needs setting to "yes" for the OX webmail to work properly! (Again this is missing from the HOWTO   :Very Happy:  )

Right, now that is out of the way OX appears to be working fine and I've even downloaded your cool icons   :Cool: 

Only thing is my Postfix server isn't delivering it's mail properly, anybody any ideas? I've got it configured exactly as in the HOWTO and mail clients can connect to the server and believe they've sent mail but it's not getting to the users   :Crying or Very sad: 

----------

## playworker

I've done a bit of digging and it turns out the mail is being received but Postfix is just putting it into queues because it can't access the lmtp socket/dir supplied in main.cf...

The line in main.cf reads:

```
mailbox_transport = lmtp:unix:/var/imap/socket/lmtp
```

This dir/socket or whatever it is does exist but the messages are sitting in queues waiting to be delivered with the message:

```
connect to /var/imap/socket/lmtp[/var/imap/socket/lmtp]: Permission Denied
```

Do I perhaps need to change the permissions on this object or is it something else causing this problem?

Any help appreciated!

Thanks, Matt   :Smile: 

----------

## phil

Thanks bitwh0re for this document.  I had 0.7.0 working, but it was rough, and I quickly lost interest.  The improvements on 0.7.3 made me want to try again, so I'd making a HOWTO Open-Xchange, using the ebuild that's currently in bugs.gentoo.org, on the Gentoo Wiki.  Here's my page so far:

http://gentoo-wiki.com/HOWTO_Open-Xchange

I just want to get the OX part down, since I have most of the backend working, save for Openldap now for some reason, and then expand the document to cover all of your steps.  Take a look, let me know what you think.  I'd like this to become the dumping ground for all OX knowledge on Gentoo so that eventually anyone can install it.

P

----------

## bitwh0re

Looks good so far phil!  I think what OX needs now is admin, maintenance, and configuration/customisation docs.  I have a section for that in my HOWTO but haven't been able to find the time to work on that yet.  I want to get the base of this HOWTO working good.

I've made some icons for the top menu and am working on some other icons for the rest of OX.  You can view them at my page for OX at:

http://www.mikefetherston.ca/OX/

----------

## bitwh0re

 *playworker wrote:*   

> I've done a bit of digging and it turns out the mail is being received but Postfix is just putting it into queues because it can't access the lmtp socket/dir supplied in main.cf...
> 
> The line in main.cf reads:
> 
> ```
> ...

 

I had that issue the first time around with Postfix.. right now I can't recall what it was... all I know is that I played with it long enough to get it working.  :Smile:   I know the second time doing this install, I didn't run into it.  Try these resources and see if any can help:

http://www.comedia.it/~bluca/postfix/CYRUS_README

http://www.cise.ufl.edu/depot/doc/postfix/LMTP_README

http://www.faqs.org/docs/Linux-HOWTO/Postfix-Cyrus-Web-cyradm-HOWTO.html

----------

## playworker

Cheers for the links!

Haven't tried it yet because I'm at home but the first link contains this line:

```
mailbox_transport=cyrus:unix:/var/imap/socket/lmtp
```

which is slightly different to the line in your HOWTO...

----------

## bitwh0re

That line was copied from my config file, so it should work.  Maybe check the permissions on lmtpd.  Mine are:

-rwxr-xr-x  1 root root 799668 Sep 10 09:13 /usr/cyrus/bin/lmtpd

and these are my permissions on the socket:

srwxrwxrwx  1 root root 0 Oct 13 07:53 /var/imap/socket/lmtp

You can try manually running the lmtpd daemon and see if that does anything.  On my other box.. the first OX config.. I have this in my main.cf:

lmtp_cache_connection = NO

As well, make sure that the 'local_recipient_maps = ' parameter is uncommented.

----------

## bitwh0re

Ok, all corrections from this topic have been added to the HOWTO.  I've republished the .pdf at:

http://www.mikefetherston.ca/OX

A note about the icons, they're not mine.  I've borrowed them from the Crystal theme for Gnome so the credit should go there.  I've just reworked them a bit so that they fit with the OX layout.  I've also added a new set that uses index transparency which plays better with IE at my OX page above.

----------

## lkraav

 *playworker wrote:*   

> Alrighty, here's a quick rundown of my progress so far:
> 
> o Setup SASL as per HOWTO but it won't start - message "Unknown Authentication Mechanism: ldap"   FIXED: Re-emerged cyrus-sasl and it included the ldap stuff this time   
> 
> 

 

I been messing with this all day. When you don't have cyrus-sasl installed and emerge it for the first time, then ldap doesn't get included no matter what you do. Then I noticed that after doing emerge cyrus-sasl and trying to compile the source myself while cyrus-sasl is installed gets ldap included just fine in the self made binary. After Matt's progress, I also just did a re-emerge, while another copy of cyrus-sasl was installed and now it finds the ldap stuff it needs, compiles saslauthd with ldap and replaces the previous emerge. What's up with that?

Also, I would like to add that it is preferred to emerge the 7.4.5 masked version of jdbc3-postgresql package, if you are having problems with groupware not acting right on data occasionaly and getting SET AUTOCOMMIT TO OFF not supported errors in groupware.log.

----------

## bitwh0re

 *lkraav wrote:*   

> 
> 
> I been messing with this all day. When you don't have cyrus-sasl installed and emerge it for the first time, then ldap doesn't get included no matter what you do. Then I noticed that after doing emerge cyrus-sasl and trying to compile the source myself while cyrus-sasl is installed gets ldap included just fine in the self made binary. After Matt's progress, I also just did a re-emerge, while another copy of cyrus-sasl was installed and now it finds the ldap stuff it needs, compiles saslauthd with ldap and replaces the previous emerge. What's up with that?
> 
> Also, I would like to add that it is preferred to emerge the 7.4.5 masked version of jdbc3-postgresql package, if you are having problems with groupware not acting right on data occasionaly and getting SET AUTOCOMMIT TO OFF not supported errors in groupware.log.

 

So is it the order in which cyrus-sasl and ldap are emerge that's giving the problem?

Did you link against /usr/share/jdbc3-postgresql-1/lib/pg74jdbc3.jar instead of /usr/share/postgresql/lib/postgresql.jar?  That's what I did the first time around.  The second time around, when I was writing the HOWTO, i noticed the postgresql.jar file and used that instead.  It seemed to have worked ok.

----------

## janh

have followed the doc into extreme detail:

these are the software versions I have emerged:

[ebuild   R   ] dev-java/jikes-1.21

[ebuild   R   ] dev-libs/openssl-0.9.7d-r1

[ebuild   R   ] net-nds/openldap-2.1.30-r2

[ebuild   R   ] dev-libs/cyrus-sasl-2.1.19-r1

[ebuild   R   ] mail-mta/postfix-2.1.3

[ebuild   R   ] net-mail/cyrus-imapd-2.2.8

[ebuild   R   ] net-mail/cyrus-imap-admin-2.2.8

[ebuild   R   ] dev-db/postgresql-7.4.5-r2

[ebuild   R   ] dev-java/ant-1.6.2-r6

[ebuild   R   ] net-www/apache-2.0.52

[ebuild   R   ] www-servers/tomcat-5.0.27-r4

[ebuild   R   ] dev-java/jdom-1.0_beta10

[ebuild   R   ] dev-java/xerces-2.6.2-r1

[ebuild   R   ] app-admin/sudo-1.6.7_p5

[ebuild   R   ] app-text/ispell-3.2.06-r6

[ebuild   R   ] net-misc/netkit-telnetd-0.17-r4

[ebuild   R   ] net-nds/gq-0.6.0

when I do the command:

/etc/init.d/cyrus start

I get the results:

 * Starting Cyrus imapd...

start-stop-daemon: stat /usr/cyrus/bin/cyrusmaster: No such file or directory                    [ !! ] 

Anybody has got any ideas what is happening ??

----------

## bitwh0re

Sounds to me like /usr/cyrus/bin/cyrusmaster doesn't exist at that location.  Have you tried looking for 'cyrusmaster'?

```
find / -name "cyrusmaster" -print
```

If cyrusmaster exists but not in /usr/cyrus/bin you can create a symlink to it.  If it doesn't exist, try re-emerging it cyrus-imapd.

----------

## janh

This did the trick to get things up and running

```

mkdir /usr/cyrus/

mkdir /usr/cyrus/bin/

ln -sf /usr/lib/cyrus/master /usr/cyrus/bin/cyrusmaster

/etc/init.d/cyrus start

 * Starting Cyrus imapd...    [ OK ]

```

but this does not give me a warm feeling (although at least that works now)

----------

## janh

progressed further but got stuck with this now:

```

/usr/sbin/saslpasswd2 -c cyrus

Password:

Again (for verification):

saslpasswd2: generic failure

```

The message inside /var/log/messages is below

```

Oct 14 22:27:13 tux saslpasswd2: unable to open Berkeley db /etc/sasl2/sasldb2: Invalid argument

Oct 14 22:27:13 tux saslpasswd2: setpass failed for cyrus: generic failure

```

searched everywhere but getting stuck on this

----------

## bitwh0re

Have a look in /var/log/auth.log.  Does /etc/sasl2/sasldb2 exist?  Have you confirmed that the Berkeley DB libraries exist on your computer and that directory is listed in ld.so.conf?   You could also possibly run 'ldconfig'....

----------

## janh

Still stuck on the same,

have gone in detail through everything:

the file /var/log/auth.log does not exist (this might point to something I am missing)

```
    

ls -l /var/log | grep aut

```

results in nothing

the file /etc/sasl2/sasldb2 exists and is owned by root:

```

ls -l /etc/sasl2/sasldb2

-rw-r-----  1 root mail 12311 Sep 10 15:54 /etc/sasl2/sasldb2

```

As far as I can tell Berkeley DB is installed on this system (maybe the doc could be slightly more detailed on that front), what I found is the following:

```

ls -l /usr/lib/libdb*.a

-rw-r--r--  1 root root  736450 Sep 10 12:08 /usr/lib/libdb-3.2.a

-rw-r--r--  1 root root 1073900 Apr 13  2004 /usr/lib/libdb-4.1.a

lrwxr-xr-x  1 root root      11 Sep 10 12:08 /usr/lib/libdb.a -> libdb-4.1.a

-rw-r--r--  1 root root  883438 Jun 20 23:27 /usr/lib/libdb1.a

-rw-r--r--  1 root root  799338 Sep 10 12:08 /usr/lib/libdb_cxx-3.2.a

-rw-r--r--  1 root root 1168986 Apr 13  2004 /usr/lib/libdb_cxx-4.1.a

lrwxr-xr-x  1 root root      15 Sep 10 12:08 /usr/lib/libdb_cxx.a -> libdb_cxx-4.1.a

```

Have download Berkeley DB in a seperate directoy as well, to make sure this gets found I have done the below:

```

echo /usr/lib/sasl2 >> /etc/ld.so.conf

echo /usr/local/BerkeleyDB.4.2/lib >> /etc/ld.so.conf

ldconfig

```

Instead of installing manually, should the Berkeley DB-stuff not be covered by this ebuild ?

[url]

http://packages.gentoo.org/ebuilds/?db-4.2.52_p2

[/url]

```

emerge --pretend sys-libs/db

These are the packages that I would merge, in order:

Calculating dependencies ...done!

[ebuild   R   ] sys-libs/db-4.1.25_p1-r3

```

----------

## bitwh0re

Try adding:

auth.debug,authpriv.*                 /var/log/auth.log

to your /etc/syslog.conf file and restarting sysklogd.  Also make sure you have an entry for your hostname in /etc/hosts.  These results from Google may help you as well:

http://www.google.ca/search?hl=en&q=saslpasswd2+unable+to+open+Berkeley+db++Invalid+argument&btnG=Search&meta=

I will change that section about Berkeley DB to show the proper emerge statement, thanks for catching that!

----------

## janh

have gone through google and various usergroups, still stuck.

Appear to be hitting a problem encountered on other user groups,

but I could not find anybody that came up with a solution.

This is the entry in the auth log:

```

 saslpasswd2: auxpropfunc error no mechanism available

 saslpasswd2: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

 saslpasswd2: setpass succeeded for login

 saslpasswd2: error deleting entry from sasldb: DB_NOTFOUND: No matching key/data pair found last message repeated 2 times

 saslpasswd2: sql_select option missing

 saslpasswd2: auxpropfunc error no mechanism available

 saslpasswd2: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

 saslpasswd2: setpass succeeded for login

 saslpasswd2: error deleting entry from sasldb: DB_NOTFOUND: No matching key/data pair found

```

any suggestions

----------

## bitwh0re

Seems your saslauthd is not configured.  Make sure your /etc/conf.d/saslauthd reads like this:

# Initial (empty) options.

SASLAUTHD_OPTS=""

# Specify the authentications mechanism.

# *NOTE* For list see: saslauthd -v

# From 2.1.19, add "-r" to options for old behavior

# ie. reassemble user and realm to user@realm form.

# SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam -r"

#SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam"

#SASLAUTHD_OPTS="-a shadow"

SASL_AUTHMECH=ldap

SASLAUTHD_OPTS="-a ${SASL_AUTHMECH}"

Good Luck!!

----------

## playworker

Sorry for not posting earlier!

All working now, it was just the permissions on the lmtp socket   :Rolling Eyes: 

The socket is owned by the "cyrus" user which is a member of the "mail" group, all I had to do was add the postfix user to the "mail" group so that Postfix could also access the socket - no good just changing the perms so that postfix is the owner because then Cyrus can't see it!   :Smile: 

Many thanks for everyone's assistance and thanks again for the HOWTO   :Cool: 

----------

## janh

have searched over the whole document step by step, 

in the end I was missing one of the PERL modules.

After that I found out stuff was not talking through to imap,

fixed that and yes hit another problem I cannot explain:

```

Oct 19 14:20:35  saslauthd[27010]: set_auth_mech   : unknown authentication mechanism: ldap

```

Have searched the whole document for the word ldap and verified my setup against that, could not find any differences. 

These are my entries for /etc/conf.d/saslauthd

```

more /etc/conf.d/saslauthd

SASLAUTHD_OPTS=""

#SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam"

SASL_AUTHMECH=ldap

SASLAUTHD_OPTS="-a ${SASL_AUTHMECH}"

```

where else might it loose the link to ldap ??

not in perl (verified that)

not in portage (verified that as well)

----------

## bitwh0re

Ensure that ldap and -pam are in your USE flags and check what authentication method your saslauthd supports:

```
ox ~ # saslauthd -v

saslauthd 2.1.19

authentication mechanisms: getpwent rimap shadow ldap

```

Hope that helps!

----------

## janh

Think you hit the problem spot on with this, ldap is not supported inside saslauthd:

```

saslauthd -v

saslauthd 2.1.19

authentication mechanisms: getpwent rimap shadow

```

have tried to unmerge cyrus-sasle,

verify the USE statement in /etc/make.conf

then merged it again.

no change.

Then I tried to set it explicit with the following commands:

```

emerge --unmerge cyrus-sasl

USE="ldap -pam" emerge cyrus-sasl

```

the result remains:

```

saslauthd -v

saslauthd 2.1.19

authentication mechanisms: getpwent rimap shadow

```

have started to feel pretty stupid about this all,

doing nothing but reading manuals all the time.

----------

## bitwh0re

I would ensure that after you unmerge cyrus-sasl that indeed the saslauthd file disappears and that when you re-emerge it that the date and time matches your new emerge.

You may also want to 'source /etc/profile' and 'env-update' before and/or after the emerge.

Don't feel stupid,  it took me over two weeks the first time around to get OX working.  I read *a lot* of manuals, HOWTO's, documentation, problem reports, and mailing lists before I got everything going.  It's even tougher if you've never touched this stuff (mail, ldap, etc.) before because you have to learn that as well.  

The learning curve is very steep.

----------

## janh

Have tried several times to update all environment variables and unmerge and emerge the cyrus-sasl software.  During the compilation it reports the following error in the auth.log file

```

Oct 19 18:16:23 tux last message repeated 2 times

Oct 19 18:19:52 tux saslpasswd2: sql_select option missing

Oct 19 18:19:52 tux saslpasswd2: auxpropfunc error no mechanism available

Oct 19 18:19:52 tux saslpasswd2: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Oct 19 18:19:52 tux saslpasswd2: setpass succeeded for login

Oct 19 18:19:52 tux saslpasswd2: error deleting entry from sasldb: DB_NOTFOUND: No matching key/data pair found

Oct 19 18:19:52 tux last message repeated 2 times

Oct 19 18:19:52 tux saslpasswd2: sql_select option missing

Oct 19 18:19:52 tux saslpasswd2: auxpropfunc error no mechanism available

Oct 19 18:19:52 tux saslpasswd2: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Oct 19 18:19:52 tux saslpasswd2: setpass succeeded for login

Oct 19 18:19:52 tux saslpasswd2: error deleting entry from sasldb: DB_NOTFOUND: No matching key/data pair found

```

On the other hand the emerge log does not report any problems during that same compile:

```

1098202681: Started emerge on: Oct 19, 2004 18:18:01

1098202681:  *** emerge  cyrus-sasl

1098202681:  >>> emerge (1 of 1) dev-libs/cyrus-sasl-2.1.19-r1 to /

1098202681:  === (1 of 1) Cleaning (dev-libs/cyrus-sasl-2.1.19-r1::/usr/portage/dev-libs/cyrus-sasl/cyrus-sasl-2.1.19-r1.ebuild)

1098202682:  === (1 of 1) Compiling/Merging (dev-libs/cyrus-sasl-2.1.19-r1::/usr/portage/dev-libs/cyrus-sasl/cyrus-sasl-2.1.19-r1.ebuild)

1098202795:  === (1 of 1) Updating world file (dev-libs/cyrus-sasl-2.1.19-r1)

1098202795:  === (1 of 1) Post-Build Cleaning (dev-libs/cyrus-sasl-2.1.19-r1::/usr/portage/dev-libs/cyrus-sasl/cyrus-sasl-2.1.19-r1.ebuild)

1098202796:  >>> AUTOCLEAN: dev-libs/cyrus-sasl

1098202796:  --- AUTOCLEAN: Nothing unmerged.

1098202796:  ::: completed emerge (1 of 1) dev-libs/cyrus-sasl-2.1.19-r1 to /

1098202796:  *** Finished. Cleaning up...

1098202796:  *** exiting successfully.

1098202796:  *** terminating.

```

Have done a google for the above error, there appear to be other people with the same error, but nobody with a solution

----------

## bitwh0re

Ensure these files exist and that these are the permissions set:

```

ox ~ # ls -al /etc/sasl2/

total 55

drwxr-xr-x   2 root root   128 Sep 29 10:57 .

drwxr-xr-x  36 root root  3032 Oct  7 06:07 ..

-rw-r--r--   1 root root     0 Sep 29 10:54 .keep

-rw-r-----   1 root mail 49152 Oct  4 08:43 sasldb2

-rw-r--r--   1 root root   132 Oct  4 08:33 smtpd.conf

```

Does saslauthd -v show ldap now?  You can also google for the error you're receiving, possibly a solution there too:

http://www.google.ca/search?hl=en&q=error+deleting+entry+from+sasldb%3A+DB_NOTFOUND%3A+No+matching+key%2Fdata+pair+found+&btnG=Google+Search&meta=

good luck!

----------

## janh

still looks exactly the same, this is why I tried to find out what happens during the install

```

saslauthd -v

saslauthd 2.1.19

authentication mechanisms: getpwent rimap shadow

```

have tried to delete the content of 

/etc/sasl2

and then emerge cyrus-sasl again

this did not make me any wiser.

the configuration file :

/etc/sasl2/smtpd.conf

contained a line:

pwcheck_method:pam

have tried to change that to sasldb, but this did not get me anywhere.

when I do the command "telnet localhost imap"

the program

/usr/cyrus/bin/cyrusmaster

appears to start looping and gives lots of the following errors in the auth.log file:

```

Oct 19 20:29:14 tux imap[8710]: auxpropfunc error no mechanism available

Oct 19 20:29:14 tux imap[8710]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Oct 19 20:29:14 tux imap[8711]: sql_select option missing

Oct 19 20:29:14 tux imap[8711]: auxpropfunc error no mechanism available

Oct 19 20:29:14 tux imap[8711]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Oct 19 20:29:14 tux imap[8712]: sql_select option missing

Oct 19 20:29:14 tux imap[8712]: auxpropfunc error no mechanism available

Oct 19 20:29:14 tux imap[8712]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Oct 19 20:29:14 tux imap[8713]: sql_select option missing

Oct 19 20:29:14 tux imap[8713]: auxpropfunc error no mechanism available

Oct 19 20:29:14 tux imap[8713]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Oct 19 20:29:14 tux imap[8714]: sql_select option missing

Oct 19 20:29:14 tux imap[8714]: auxpropfunc error no mechanism available

Oct 19 20:29:14 tux imap[8714]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Oct 19 20:29:14 tux imap[8715]: sql_select option missing

Oct 19 20:29:14 tux imap[8715]: auxpropfunc error no mechanism available

Oct 19 20:29:14 tux imap[8715]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Oct 19 20:29:14 tux imap[8716]: sql_select option missing

```

this is probably just another way of looking at the same problem,

have tried a google as well, no luck so far.

----------

## bitwh0re

Here are the sample configs from a working OX install:

http://www.mikefetherston.ca/OX/configs/

Maybe there's something in those configs that can help you track down what's going wrong.

----------

## janh

have gone through every config file,

have found some differences but still none to solve my main problem (basically some stuff I would have solved later on anyway).

the thing that keeps me blocked is this command:

```

saslauthd -v

saslauthd 2.1.19

authentication mechanisms: getpwent rimap shadow

```

This should show ldap at the end,

no matter how I play around with USE variables etc...

ldap does not want to appear at the end.

This is something to do with how the binaries are build,

it cannot be a difference in the config files,

anybody please prove my assumption wrong.

----------

## bitwh0re

All I can suggest then is to ensure that your USE flags are set properly - definitely have 'sasl' and 'ldap' defined.  Try to unmerge all the software listed in the HOWTO and then start from the beginning.  There may be something that was skipped before the cyrus-sasl emerge that's preventing saslauthd from using ldap for authentication.

----------

## peace

janh,

   you can test your USE flag settings with

```
emerge -pv cyrus-sasl
```

Make sure that +ldap is in the list of flags.  If it is not, maybe there is an error in your make.conf file.  Otherwise maybe there is another saslauthd on your system that is being used?  Check your paths and use 

```
which saslauthd
```

To find the version that is being executed.  My saslauthd is in /usr/sbin

```
find / -name "saslauthd" -print
```

should locate any dups as well (or "locate saslauthd" if you have find-utils installed.  do an "updatedb" before you search to be safe)

Kind Regards

----------

## Deathwing00

Moved from Gentoo Chat.

----------

## amigafan

I am trying to follow your guide but the 

```
install Net::SSLeay
```

 within cpan doesn't work.

```
cpan> install Net::SSLeay 

CPAN: Storable loaded ok 

LWP not available 

CPAN: Net::FTP loaded ok 

Fetching with Net::FTP: 

  ftp://ftp.perl.org/pub/CPAN/authors/01mailrc.txt.gz 

Couldn't fetch 01mailrc.txt.gz from ftp.perl.org

Trying with "/usr/bin/wget -O -" to get 

    ftp://ftp.perl.org/pub/CPAN/authors/01mailrc.txt.gz 

--23:36:35--  ftp://ftp.perl.org/pub/CPAN/authors/01mailrc.txt.gz 

           => `-' 

Resolving ftp.perl.org... 209.221.142.118, 64.74.207.33 

Connecting to ftp.perl.org[209.221.142.118]:21... connected. 

Logging in as anonymous ... Logged in! 

==> SYST ... done.    ==> PWD ... done. 

==> TYPE I ... done.  ==> CWD /pub/CPAN/authors ... done. 

==> PORT ... 

Invalid PORT. 

Retrying.
```

The "PORT" thing guides me to my shorewall  but there are all connections from loc to net allowed. 

Another question is: Do I have to use a local DNS-Server? The guide says:

 *Quote:*   

> 
> 
> foobar ~ # nano w /etc/hosts 
> 
> 12.34.56.78 ox-domain.tld 
> ...

 . What to insert here when using a setup without local DNS-Server? 

Thank you, 

Kai

----------

## bitwh0re

Try emerging this instead:

http://packages.gentoo.org/search/?sstring=net%3A%3Assleay

It's been suggested to use the CPAN modules by using Portage instead of CPAN.  I would like to try that and if it works, change that section in my document.  Right now I'm working on DSPAM/ClamAV/Amavis.

That /etc/hosts addition is a kludge.  It's there to fix some crazy issue I had.  You can remove it, but if you experience problems put something back in there.  :Smile:   Of course, use your own name besides ox-domain.tld.

----------

## fosstux

Sorry, but I'm new to virtual transport in Postfix, Cyrus and LDAP.

My questions are:

1. What do I have to do to set up Postfix to use the vmail user for cyrus and with ldap?

2. How do I setup cyrus propery?

3. And how do I get LDAP working from Evolution for Calendars and Contacts? I don't find a spot to enter my password to connect to my ldap server !!!

4. When I enter my Openxchange site, it is not formatted an also not working!

Please help!!!

I's urgent!!!

----------

## redog

 *bitwh0re wrote:*   

> 
> 
> It's been suggested to use the CPAN modules by using Portage instead of CPAN.  I would like to try that and if it works, change that section in my document.  Right now I'm working on DSPAM/ClamAV/Amavis.

 

don't use cpan, if there is not already a ebuild for the module use g-cpan so portage can properly track deps.

----------

## Stormy

Hi folks, 

It seems that sun's javamail went to 1.3.2 in the recent days, and the ebuild needs updating and commiting to the portage servers, I would do this although I am not proficent in ebuilds (or even close), could someone drop a line when this is fixed so I can get this server up and running.  Also I know this is kinda a side topic, but with the current howto does it support virtual domains? because I just have gone threw the postfix howto which is all sql and now were into ldap here and I know nothing of ldap (i've tryed a few times to get it tho)

--Stormy

----------

## bitwh0re

I'm sure it's possible but I haven't tried doing it yet.  It's on my list of things to document beside my list of many other things to do.... :/

----------

## bitwh0re

Just released v0.13 of the HOWTO.  I've added a section on getting ClamAV and Amavisd-New integrated as well as a slew of minor additions and corrections.

Thanks to all for reading and giving me your input!

http://www.mikefetherston.ca/OX/

----------

## bdraw

Have you considered adding a Troubleshooting section?

I was able to fix a few issues by reading this thread, but the document would be more complete if it had these tips.

I had to re-emerge cyrus-sasl despite having the USE flags set correctly, and I had to add the postfix user to the mail group.

Thanks again for writing this doc.

----------

## bitwh0re

Maybe what I'll do for now is reference this thread..  I can always sum this thread up in an FAQ or something in the document.

----------

## silent_runner

my session terminates on login. The sessiond gives me a session the groupwared trys to check it gets an Sdc Exception:Connection Refused and kicks me back to login screen am confused. Any ideas

----------

## dashnu

I have followed your guide (thanks a lot btw!)  And I am having an issue loging in.

```
Redirecting to Groupware ...

SessionID: 86d7a966b1bab09b55a03992034bb510
```

After login I get that on my browser..

In my openxchange-session log I get the following

```
addSession <86d7a966b1bab09b55a03992034bb510>

Session Data: {lang=EN, passwd=test, host=ox-mydomainl.net, uid=test, localip=192.168.1.83} POS --> 2

(OK) SEND to client -->

```

It just sits there.. any ideas would be great..

TIA

**edit my apache error log

```
[Tue Nov 02 14:15:43 2004] [error] [client 192.168.1.83] File does not exist: /var/www/localhost/htdocs/favicon.ico

[Tue Nov 02 14:15:43 2004] [notice] child pid 17764 exit signal Segmentation fault (11)

[Tue Nov 02 14:15:43 2004] [notice] child pid 17768 exit signal Segmentation fault (11)

[Tue Nov 02 14:15:43 2004] [notice] child pid 17769 exit signal Segmentation fault (11)

[Tue Nov 02 14:15:43 2004] [notice] child pid 17770 exit signal Segmentation fault (11)

```

**edit again

Im an ass   :Embarassed:    killall java and forgot...   Tomcat appeared to be running but it was not.. :p

----------

## dashnu

Ok, After my first dumb mistake lets see if I can make another one....

I can login but all I see is the portal icon up top,  no other icons.. I can only click "Overview" and "current" tabs . . . . . 

I do not have permissions to view any of the calender stuff when I click a day.. I have double checked my configs and stuff but still no luck.  This of course Is the first time ever touching ldap for me and it seems pretty confusing.. It seems I am logging in with ldap but where do the web-based permissions get set and how do I change them ?

----------

## odborg

I managed to get to page 18 in the pdf. When i try web i receive internal server error 500. I the start the procces manually and get this when i start openexchange-sessiond:

```
oxsessiond init (Port=<33333>)

Exception in thread "main" java.lang.UnsatisfiedLinkError: /usr/lib/open-xchange/liboxssl.so: /usr/lib/open-xchange/liboxssl.so: undefined symbol: BIO_s_mem

        at java.lang.ClassLoader$NativeLibrary.load(Native Method)

        at java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1586)

        at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1511)

        at java.lang.Runtime.loadLibrary0(Runtime.java:788)

        at java.lang.System.loadLibrary(System.java:834)

        at com.openexchange.ssl.SSLCtx.<clinit>(SSLCtx.java:100)

        at com.openexchange.sessiond.SocketHandler.<init>(SocketHandler.java:140)

        at com.openexchange.sessiond.oxsessiond.<init>(oxsessiond.java:54)

        at com.openexchange.sessiond.oxsessiond.main(oxsessiond.java:59)
```

----------

## dashnu

Are you using the ebuild or something.... I dont have a  /usr/lib/open-xchange  nor do I have the file it is complaining about anywhere on my system..

----------

## odborg

yeah im using the ebuild from bugs.gentoo.org

but i used this pdf afterwards coz the ebuild didnt setup postgresql and many other things

----------

## dashnu

I tried the ebuild but had _no_ luck what so ever ..  Get the source and do it the old fashin way  :Wink: 

on my issues.... if anyone is watching

I can send and recieve mail from my mail client with out errors.. But I can not connect to the webmail app

OPEN-XCHANGE 0.7.4

[authentification_failed] [nopermission]

I cant  seem to find any logs that error... I see 

```
File does not exist: /var/www/localhost/htdocs/favicon.ico
```

in my apache logs

```
getSession <a4e3191c0198e79b7efea0b3395a5c9b>

(OK) SEND to client -->YmN1cnRpcwF0ZXN0AUVOATE5Mi4xNjguMS44MwFveC1pd2ZpbmFuY2lhbC5uZXQ=

```

that in my session log

nothing in my webmail log or groupware log..

----------

## bitwh0re

 *odborg wrote:*   

> I managed to get to page 18 in the pdf. When i try web i receive internal server error 500. I the start the procces manually and get this when i start openexchange-sessiond:
> 
> ```
> oxsessiond init (Port=<33333>)
> 
> ...

 

Rebuild OX without SSL support.  I just read recently that SSL support within OX is not for internet traffic, only for encrypting interprocess communications on the local server.

----------

## bitwh0re

 *init-zero wrote:*   

> I tried the ebuild but had _no_ luck what so ever ..  Get the source and do it the old fashin way 
> 
> on my issues.... if anyone is watching
> 
> I can send and recieve mail from my mail client with out errors.. But I can not connect to the webmail app
> ...

 

I've had issues similar to what you're experiencing with this and your posts above.  What I've found is killing/restarting all processes  usually does the trick.  You may have to wait a few minutes between stopping them and then restarting them.  If that fails, try a reboot.  I know Linux fans don't want to hear that, but it has fixed mysterious problems like that.

You should also look in your other log files such as auth, ldap, and tomcat for more information.  If you're starting your OX processes manually watch that terminal for info as well.

----------

## dashnu

I did that this morning... no luck Still all I see is the portal icon no cal no forums no tasks....

And webmail still seems to be an issue..

I am re-reading you how to and will post anything that I had issues with...

To Start

Section 3:

```
cp /root/.cpan/build/perl-ldap-0.3202/lib/Net/LDAP.pm /usr/lib/perl5/site_perl
```

I did not have that directory in roots home.. I had a .cpan dir but it did not go that far.

So I used find / -name LDAP.pm and found one in 

```
/usr/lib/perl5/vendor_perl/5.8.4/Net/LDAP.pm

/usr/lib/perl5/vendor_perl/5.8.4/Bundle/Net/LDAP.pm

```

I used one of those.. do you think this will be an issue ?

**edit if you help me get this going today I will mail you a check  :Wink: 

----------

## dashnu

Also... Section 3 postgress..

That big huge postgres insert with all the 'y','y','y','y',    I was not sure if I  put the correct number of 'y' in so I ran it again..  Not sure If that caused something to bork up..  I am not to hot with postgres either..

----------

## bitwh0re

 *init-zero wrote:*   

> Also... Section 3 postgress..
> 
> That big huge postgres insert with all the 'y','y','y','y',    I was not sure if I  put the correct number of 'y' in so I ran it again..  Not sure If that caused something to bork up..  I am not to hot with postgres either..

 

Get the latest HOWTO, I've done some updates, and try using Portage to emerge your PERL CPAN modules.  You can copy the Postgre INSERT statement from the OX INSTALL file or from their website.

----------

## dashnu

I am using v0.13...   Is that the newest ? That is the only one I see on the site

----------

## dashnu

Ok it stems out to the 'usr_general_rights' table ..

I did in fact have the system_general_right table incorrect.  So creating a new user with adduser_ox works..

I do a query with 

```
elect * from usr_general_rights where login like '[a_valid_user]'; 
```

and get several 'y' like we want...

But still get the same issues.

----------

## dashnu

God damn it...  Users can not have upper case letters..   :Shocked: 

Created a new user 'testme'  All data base perms were correct and I am up and running..

Yeeeefsckinhawwww   :Very Happy: 

----------

## dashnu

Ok I am now junning into errors with pg73jdbc3.jar..

```
java.sql.SQLException: ERROR:  SET AUTOCOMMIT TO OFF is no longer supported

        at org.postgresql.core.QueryExecutor.execute(QueryExecutor.java:131)

        at org.postgresql.jdbc1.AbstractJdbc1Connection.ExecSQL(AbstractJdbc1Connection.java:482)

        at org.postgresql.jdbc1.AbstractJdbc1Connection.ExecSQL(AbstractJdbc1Connection.java:461)

        at org.postgresql.jdbc1.AbstractJdbc1Connection.setAutoCommit(AbstractJdbc1Connection.java:957)

        at com.openexchange.tools.RightsHandle.insertMembers(RightsHandle.java:357)

```

I am using the dev-java/jdbc3-postgresql ebuild..  Maybe I will try 2 and see what happens.

I will continue to post here in hopes my trail and error is helping anyone.

----------

## bitwh0re

```

ox sbin # ./adduser_ox --username="MikeDonaldson" --passwd="xxxxxx" --name="Mike" --sname="Donaldson" --maildomain="hozer.ca" --lang="EN" --mail_enabled=OK --inetmail=TRUE --ox_timezone=EST

LDAP Success

SQL Success

```

I just tried adding a user with caps and it seems to work (see above).  What's the error that you get when trying to add a user with caps?

----------

## dashnu

That part works but when I log in I see no icons except for 'portal'   

Question..

What postgresql version are you using and what jdbc connector ?

edit ** and will I have to re-configure the source to build with a different jdbc driver if I change 

 *Quote:*   

> --with-jdbcjar=/usr/share/my/new/jdbc.jar

 

----------

## dashnu

ok fixed that ..

I went to http://jdbc.postgresql.org/download.html#jars and downloaded pg74.215.jdbc3.jar than moved it to /usr/share/jdbc3-postgresql-1/lib than I renamed it to match the original one in that directory.

Im sure this is not the best thing to do but it works.

----------

## dashnu

New issue   :Razz: 

This is an ldap error.  

When I create an appoinment and send out e-mails when a pop-up window appears asking me to 'accept' of 'decline' It fails with "Your options couldn't be saved."

My log output..

```
ERROR: uid=myuser: SloxWorker/storeConfirmation: Unable to store confirmation status to groupware DB: javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]

```

----------

## bitwh0re

 *init-zero wrote:*   

> ok fixed that ..
> 
> I went to http://jdbc.postgresql.org/download.html#jars and downloaded pg74.215.jdbc3.jar than moved it to /usr/share/jdbc3-postgresql-1/lib than I renamed it to match the original one in that directory.
> 
> Im sure this is not the best thing to do but it works.

 

You can just emerge jdbc3-postgresql http://packages.gentoo.org/ebuilds/?jdbc3-postgresql-7.4.5.  I would imagine that you'd have to recompile OX with the new JDBC driver.  I'll file a bug at OX's website about the capitals in usernames.  I just logged in with that user above and saw what you're experiencing.

As for your LDAP issue, make sure you've set the LDAP rootdn and credentials properly in the /usr/local/open-xchange/etc files.

----------

## dashnu

 *bitwh0re wrote:*   

> 
> 
> As for your LDAP issue, make sure you've set the LDAP rootdn and credentials properly in the /usr/local/open-xchange/etc files.

 

hrmm I seem to have no rootdn options in any of my etc files except for admintools.conf.

```
BINDDN="cn=Manager,dc=ox-mydomain,dc=net"
```

Should there be any ldap options in server.conf  all I have is sql connect stuff....

Wondering if it has something to do with /usr/local/open-xchange/share/init_ldap.ldif

**edit

When trying to add a contact to the Address Book I also get an error. But the address gets added.

```
 WARN: CATEGORY: Unable to load user's private categories /usr/local/open-xchange/var/settings/intranet/myuser.cat not found or not readable.

javax.naming.NoPermissionException: [LDAP: error code 50 - no write access to parent]; remaining name 'uid=23,o=AddressBook,ou=OxObjects'

        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2925)

        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2863)

        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2669)

        at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:753)

        at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:319)

```

----------

## bitwh0re

Under /usr/local/open-xchange/groupware and /webmail you should have linked (ln -s) /etc/openldap/ldap.conf.  That file should contain your rootdn and ldap admin credentials.

```

ox webmail # pwd && ls -al ldap.conf

/usr/local/open-xchange/etc/webmail

lrwxrwxrwx  1 root root 23 Oct 20 08:14 ldap.conf -> /etc/openldap/ldap.conf

ox groupware # pwd && ls -al ldap.conf

/usr/local/open-xchange/etc/groupware

lrwxrwxrwx  1 root root 23 Oct 20 08:14 ldap.conf -> /etc/openldap/ldap.conf

```

----------

## dashnu

Im sorry, I do have those I did not explain clear enough I guess. My bad.

I am wondering about this mailadmin user.?? The doc does not say anything about that user come to think of it I do not think I created a passwd for him.

When I look at /usr/local/open-xchange/share/init_ldap.ldif 

I have this and it cant be correct :p

```
uid: mailadmin

userPassword: {CRYPT}newmailadminpass

```

I did do the crypt setup for something.. Do I use that same password in this area also.. I am getting more confused as I go  :Very Happy: 

BTW  Thank you so very much for the help... Check is in the mail   :Razz: 

----------

## bitwh0re

Yes.  It's covered on pages 12 and 13.

----------

## dashnu

```
cat 'your-guide' | grep -i mailadmin
```

  :Wink: 

Hmm I see the crypt section no mailadmin stuff, but anyways I added the crypt password to both places in 

```
/usr/local/open-xchange/share/init_ldap.ldif
```

I think my problem is in that file somewhere...  

Still stuck with the create contact error and the accept / decline appointment error.

Looking into this further, mailadmin is a different user to run OX on or what ? We are using ldaps default rootdn which is 'Manager' with you guide.. I see entries all over the place for mailadmin in other docs.  My admin tool is using BINDDN="cn=Manager.......  not mailman. 

hrmmmm its been a long day i may give up and look at it with fresh eyes tomorrow.

----------

## bitwh0re

The mailadmin/crypt section in my HOWTO is listed on Page 13.

```
Change the userPassword directive to show:

   userPassword:  {CRYPT}<output from perl command above>

   Browse this file and replace/change any entries that need to be to suit your configuration.
```

Manager is the 'root' user for your LDAP installation.  S/He's the one that does maintenance on the LDAP tree such as creating, deleting, modifying entries.  'mailadmin' is something created by OX which exists in your LDAP tree.  I'm not clear as to what the purpose of the 'mailadmin' user is for.  You may want to ask on the General mailing list for OX.  You may also want to ask them about the specific issues you are having with LDAP and your Address Book.  You can find more information about that on their website:

http://mirror.open-xchange.org/ox/EN/community/

----------

## dashnu

One more question before my day is over..

How can I undo the slapadd -l /usr/loca/open-xchange/share/init_ldap.ldif command so I can re run it ?

----------

## cron0

I can't add users.. Where is what I do and the error:

```
/usr/local/open-xchange/sbin/adduser_ox --username="my.email" --passwd="password" --name="firstname" --sname="secondname" --maildomain="mydom.com" --ox_timezone="EST"

ldap_bind: Inappropriate authentication (48)
```

Then when I try to search the tree:

```
ldapsearch -b "cn=Manager,dc=mydom,dc=com"

SASL/DIGEST-MD5 authentication started

Please enter your password:

ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)

        additional info: SASL(-13): user not found: no secret in database
```

Each of my files /etc/openldap/slapd.conf and /usr/local/open-xchange/etc/admintools.conf contain the SAME password chain which start with {MD5} because I've used slappasswd -h {MD5} to generate the password as recommended in slapd.conf

The password I used when initializing the database with init_ldap.ldif is different from the one used above... Should it have been the same? If so, what would be the ldap command to modify it in my tree?

Or else, what could be the probleme here?

By the way, thanks for the great How-To! EVERY useful and easy to follow!

JF

----------

## bitwh0re

 *init-zero wrote:*   

> One more question before my day is over..
> 
> How can I undo the slapadd -l /usr/loca/open-xchange/share/init_ldap.ldif command so I can re run it ?

 

You can use GQ to administer your LDAP tree.  The connection details are at the very end of the document.  GQ is a GNOME based LDAP directory administrator.

----------

## bitwh0re

 *JF_Cron0 wrote:*   

> I can't add users.. Where is what I do and the error:
> 
> ```
> /usr/local/open-xchange/sbin/adduser_ox --username="my.email" --passwd="password" --name="firstname" --sname="secondname" --maildomain="mydom.com" --ox_timezone="EST"
> 
> ...

 

What are you typing on the command line when asked for your password?  The input key or the encrypted key?

http://www.openldap.org/lists/openldap-software/200201/msg00616.html

You may want to try reverting, temporarily, to a plaintext password for your LDAP config to get the base of OX running and then try adding security.  You may also want to check the man page for slapd.conf:

http://www.hmug.org/man/5/slapd.conf.html

----------

## cron0

 *bitwh0re wrote:*   

> 
> 
> What are you typing on the command line when asked for your password?  The input key or the encrypted key?
> 
> http://www.openldap.org/lists/openldap-software/200201/msg00616.html
> ...

 

I tried deleting my database /var/lib/openldap-data/ and starting again with simple cleartext passwords. No luck. I still get that error:

```
ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)

        additional info: SASL(-13): [b]user not found: no secret in database[/b]
```

User not found? No secret in database?

----------

## dashnu

You may want to sign up for the mailing list (users) My question got answered pretty quick.

To me It almost sounds like you default slapd passwd is not set in the slapd.conf.. I also am a ldap n00b.  (rootpw)

bitwh0re Do you get an error with accept or deny a meeting request through the web-mail interface. A mailing list user said it was a known bug ..  Just wondering if you see it.

My other issues stems out to be from ldap ACL's .. In the how-to It does not look like any ACL's are set in the slapd.conf..  I must dig into this more today and see were I get.

----------

## bitwh0re

Yes it sounds like:

```
suffix          "dc=hozer,dc=ca"

rootdn          "cn=Manager,dc=hozer,dc=ca"

rootpw          secret
```

isn't set.  If you don't have those entries in your slapd.conf I can't see how OpenLDAP would work.  Don't forget you have to restart OpenLDAP after changing it's .conf files (/etc/init.d/slapd restart).

I was not able to accept or deny an appointment request through the webmail interface.  I did not see any options allowing me to do that.  The only place that I did see that was when I opened the appointment there were Accept and Deny radio buttons which seemed to work.  I did this on the online demo for OX on open-xchange.org.

I do not have ACL's for LDAP in the HOWTO (yet).  The first few releases of the HOWTO were to make sure that it was the bare minimum you needed to do to get OX up and running.  I'm now working, when I have the time, on extending OX.  After that I will work on security and maintenance/administrative sections.

If you would like to give me a start with LDAP ACL's that would be great.

----------

## cron0

Thanks alot for the help guys!

I did the How-To all over again, and not it worked!!

But still, something is wrong.. I am able to login with the created user, but the website is all white and blue, like default colors, no images, no tables, just the menu text, calendar text, etc.. on a default white background and big blue hyperlinks...

Any clues?

Oh and I also get an error with OX's debug stuff:

```
Nov 04 12:34 tux openexchange: WARN: LOGIN: Unable to load user settings: File /usr/local/open-xchange/var/settings/intranet/user not found or not readable.
```

edit: nevermind! After checking the log I've figured that the "cfintranet" part of the path if NOT optional! Changed it back and it's working great!

----------

## bitwh0re

Read the HOWTO again.  :Smile:   No really, on page 19 there's a section called Extending Open-Xchange.  The first set of instructions is for adding icons.  If that's not what you're referring to, can you post a screenshot of what you're experiencing?

----------

## dashnu

 *bitwh0re wrote:*   

> 
> 
> I was not able to accept or deny an appointment request through the webmail interface.  I did not see any options allowing me to do that.  The only place that I did see that was when I opened the appointment there were Accept and Deny radio buttons which seemed to work.  I did this on the online demo for OX on open-xchange.org.

 

hrmm, I wonder if this has something to do with my acl's also

 *bitwh0re wrote:*   

> 
> 
> I do not have ACL's for LDAP in the HOWTO (yet).  The first few releases of the HOWTO were to make sure that it was the bare minimum you needed to do to get OX up and running.  I'm now working, when I have the time, on extending OX.  After that I will work on security and maintenance/administrative sections.
> 
> If you would like to give me a start with LDAP ACL's that would be great.

 

I will be more than willing to help you out in any way I can.

I took the acl's from the suse how to and applied them to my slapd.conf...

```
access to * attr=UserPassword

        by self write

        by anonymous auth

 

access to dn="ou=addr,uid=(.*),ou=Users,ou=OxObjects,dc=example,dc=org"

 attr=uid,objectClass,entry filter=(objectClass=OXUserObject)

        by self write

        by dn="uid=$1,ou=Users,ou=OxObjects,dc=example,dc=org" write

        by * none

 

access to dn.subtree="o=AddressBook,ou=OxObjects,dc=example,dc=org"

        by group="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=example,dc=org" write

        by users read

        by * none

 

access to * attr=uid,objectClass,entry filter=(objectClass=OXUserObject)

        by self write

        by * read

 

access to dn="uid=mailadmin,ou=Users,ou=OxObjects,dc=example,dc=org"

 attr=imapServer,mailDomain,smtpServer,sn,givenName,uid

        by self write

        by users read

 

access to dn="uid=mailadmin,ou=Users,ou=OxObjects,dc=example,dc=org"

        by self write

        by * none

 

access to dn="ou=addr,uid=(.*),ou=Users,ou=OxObjects,dc=example,dc=org"

        by dn="uid=$1,ou=Users,ou=OxObjects,dc=example,dc=org" write

        by * none

 

access to dn="ou=Users,ou=OxObjects,dc=example,dc=org"

        by self write

        by users read

        by anonymous auth

 

access to dn="ou=OxObjects,dc=example,dc=org"

        by users read

        by anonymous auth

 

access to dn="dc=example,dc=org"

        by dn="uid=*,ou=Users,ou=OxObjects,dc=example,dc=org" read

 

access to *

        by self write

        by anonymous auth
```

Of course change dc=example,dc=org to you setup. I added these and restarted slapd and my addressbook errors are now fixed. Now I am not going to lie I really do not understand what these mean / do and I plan on investigating that today because the security of the app fully depends on these acl's. These acl's from what I am understanding controll who has access to what..  Like for instance If I wanted to let everybody add a contact but not let mary-jane delete the contact how would that be done. Hopefully by EOD today I will be able to piece this together a bit more.

Over all this app by far blows the ever living crap out of any of the other groupware servers.. I have used several (except for exchange 4 linux) and they are light years behind this. Opengroupware has A nice evolution / outhouse express intagration but It was so so buggy for me it was not worth the efforts.  Not to mention I work for a small dev company that uses java for our app so I have some developers that can help me degub parts of this application.

----------

## dashnu

 *Quote:*   

> bitwh0re wrote:
> 
> I was not able to accept or deny an appointment request through the webmail interface. I did not see any options allowing me to do that. The only place that I did see that was when I opened the appointment there were Accept and Deny radio buttons which seemed to work. I did this on the online demo for OX on open-xchange.org.
> 
> 

 

I just tried the online demo and I recived the same error I am reciving localy.

Do you no How to set up the mail quota ?

----------

## bitwh0re

I would assume through Cyrus:

http://asg.web.cmu.edu/cyrus/download/imapd/install-admin-mb.html

also check the cyradm man page.

I think if you have a reproducable bug in OX to submit a bug report at open-xchange.org.

Thanks for all the input!

----------

## dashnu

I have gotten webdav to put out a login screen.

Things I had to do that were not in the doc.

Create symlinks or copy mail.jar pg73b1jdbc3.jar xercesImpl.jar to /opt/tomcat5/webapps/servlet/WEB-INF/lib

pg73b1jdbc3.jar will have to be renamed to postgresql.jar 

```
 

cd /opt/tomcat5/webapps/servlet/WEB-INF/lib

ln -s /usr/share/sun-javamail-bin/lib/mail.jar

cp /usr/share/jdbc3-postgresql-1/lib/pg73jdbc3.jar .

mv pg73jdbc3.jar postgresql.jar

ln -s /opt/tomcat5/common/endorsed/xercesImpl.jar

```

Than....

```

mkdir -p /var/log/tomcat/base ; touch /var/log/tomcat/base/jserv.log ; chown -R tomcat:tomcat /var/log/tomcat/ 

```

next 

```

vi /opt/tomcat5/bin/catilina.sh

```

Add the following Args line

```

JAVA_OPTS=" -Dopenexchange.propfile=/usr/local/open-xchange/etc/groupware/system.properties"

```

Restart tomcat

```

/etc/init.d/tomcat5 restart

```

point your webdav client at http://your-ox-server/servlet/webdav.calendar

You should get a login box..  I cant get much further than that though. I am not even sure what webdav client I could use to test with.. Any ideas ? Edit ** evolution would not work for me..

Most of this was taken from the suse how-to.

----------

## parnasus

From the PDF:

 *Quote:*   

> It's now time to create your first Open-Xchange user!
> 
> foobar ~ # /usr/local/open-xchange/sbin/adduser_ox 
> 
>               --username= john  
> ...

 

When I use the following command:

 *Quote:*   

> /usr/local/open-xchange/sbin/adduser_ox 
> 
>               --username="sam"  
> 
>               --passwd="xxxxxxxx"  
> ...

 

I get:

 *Quote:*   

> Undefined ERROR - LDAP CODE 32
> 
> See LDAP Log for Details!

 

(and yes, it really does show up in red)

The relevant dump from /var/log/debug (sans time and extraneous info)

 *Quote:*   

> slapd[11915]: conn=4 fd=12 ACCEPT from IP=127.0.0.1:1150 (IP=0.0.0.0:389) 
> 
> slapd[5103]: conn=4 op=0 BIND dn="cn=Manager,dc=dyndns-ise,dc=dyndns,dc=org" method=128 
> 
> slapd[5103]: conn=4 op=0 BIND dn="cn=Manager,dc=dyndns-ise,dc=dyndns,dc=org" mech=SIMPLE ssf=0 
> ...

 

Some configuration information:

Host file entry:

127.0.0.1       localhost oxchange.dyndns-ise.dyndns.org dyndns-ise.dyndns.org oxchange

I've been able to follow the HOWTO guide this far as well as this forum.  I had a problem with the .cpan directory not being in root's directory and found the referenced .pm files elsewhere.

I have had ZERO exposure to LDAP and have no idea what may be going wrong.  I probably haven't even supplied enough info to properly describe the problem.  Anyone have ideas on how to fix this or what additional info needs to be included?  

Thanks.

----------

## cron0

I finally got Open-Xchange Webmail/Groupware to work !

The oly thing I'm wondering is.. How do I maintain and add things to the directory?

I cannot find a way for a user to modify it's informations (name, adress, photo, phone#, etc...) and as an administrator, how do I configure groups/rights on certain things? There are no "administrator" control panel or something like that...

----------

## bitwh0re

 *JF_Cron0 wrote:*   

> I finally got Open-Xchange Webmail/Groupware to work !
> 
> The oly thing I'm wondering is.. How do I maintain and add things to the directory?
> 
> I cannot find a way for a user to modify it's informations (name, adress, photo, phone#, etc...) and as an administrator, how do I configure groups/rights on certain things? There are no "administrator" control panel or something like that...

 

An admin interface is in the works (page 3):

http://www.open-xchange.org/bishoph/ox_concept_0.8-draft1.0.pdf

for now you'll have to use the commandline tools for OX in it's sbin folder and GQ or some other admin interface to OpenLDAP.  As far as assigning groups/rights to resources it can be done, from what I understand, through OpenLDAP ACL's.  I have not tried it yet and have to admit, I'm pretty green to LDAP as most of you are.

I'm going to play around with what init-zero posted but right now free time is scarce for me.  I'm working 35 hours a week and doing about an extra 25 hours a week consulting.  I also have some other events in my life that are taking priority.  If/when anyone comes across a mistake or does something that works that's not in the HOWTO (as in init-zero's case) please post it to the forum.  When I can, I will review what's there and add it to the HOWTO.

I really do appreciate everyone's input and help with this!

----------

## bitwh0re

 *parnasus wrote:*   

> From the PDF:
> 
>  *Quote:*   It's now time to create your first Open-Xchange user!
> 
> foobar ~ # /usr/local/open-xchange/sbin/adduser_ox 
> ...

 

http://www.openldap.org/lists/openldap-software/200111/msg00066.html

Error code 32 means that the object could not be found.  I would connect to your LDAP tree using a graphical interface (GQ - connection details are at the end of the doc) and snoop around there.  Make sure that  ou=Users,ou=OxObjects,dc=dyndns-ise,dc=dyndns,dc=org" exists.. that's where you get your first err=32 message in the log you posted.  

If the tree is not complete, remove everything except for the Manager "branch" and redo the slapadd section.   Remember that there are few lines at the top of the init_ldap.ldif file that have to be trimmed (deleted) before you add them to the tree.  Watch your logfiles when you do this.

This is the section you want to not delete:

```
dn: dc=ox-domain,dc=tld

objectclass: dcObject

objectclass: organization

o: OXDomain

dc: ox-domain

dn: cn=Manager,dc=ox-domain,dc=tld

objectclass: organizationalRole

cn: Manager
```

----------

## cron0

 *init-zero wrote:*   

> 
> 
> ```
> 
> vi /opt/tomcat5/bin/catilina.sh
> ...

 

This should be uncommented and added in /etc/conf.d/tomcat5

Otherwise, thanks alot! I've wanted to use WebDAV but it didn't work!

----------

## dashnu

 *JF_Cron0 wrote:*   

>  *init-zero wrote:*   
> 
> ```
> 
> vi /opt/tomcat5/bin/catilina.sh
> ...

 

Oh yes, the gentoo way  :Very Happy:  forgot about that  :Embarassed: 

Is this working for you ? If so what client are you using to test.. I tried evolution / calendar but It does not give any option for uname and password.  

I dont know how to get the firefox calendar to work.. Is there a USE="calendar" when emerge-ing firefox?

This part of the app is extreamly important to me actually rolling this out to production. 

 *bitwh0re wrote:*   

> I would connect to your LDAP tree using a graphical interface (GQ - connection details are at the end of the doc) and snoop around there. Make sure that ou=Users,ou=OxObjects,dc=dyndns-ise,dc=dyndns,dc=org" exists.. that's where you get your first err=32 message in the log you posted. 

 

You man want to try directoryadministrator.

```
 emerge directoryadministrator
```

It puts a nice picture to the ldap madness  :Smile: 

parnasus welcome to the forums  :Very Happy:   I think it has something to do with admintools.conf. I think you will want to double check that to start. All and or most of the sbin scripts use that file to create things.

----------

## bitwh0re

 *init-zero wrote:*   

>  *bitwh0re wrote:*   I would connect to your LDAP tree using a graphical interface (GQ - connection details are at the end of the doc) and snoop around there. Make sure that ou=Users,ou=OxObjects,dc=dyndns-ise,dc=dyndns,dc=org" exists.. that's where you get your first err=32 message in the log you posted.  
> 
> You man want to try directoryadministrator.
> 
> ```
> ...

 

I found that DA wasn't so hot.  It was nice to get a graphical look to the LDAP tree but I didn't find it terribly usable to administer the tree.  At first GQ scared me off, it looked too technical so I tried DA at first.  I ended up using GQ in the end.  :Smile: 

If you are going to use DA you need to have 

```
allow bind_v2
```

 set in your slapd.conf.  That one caused me a lot of grief!

----------

## BulletSponge

i've tried to follow the tutorial, and still use the ebuild. so far it seems to be working, except for when i try to add a user i get 

# adduser_ox --username=test --passwd=xxxx --name=test --sname=user --maildomain=xxxxxxx --ox_timezone=MST

ldap_bind: Can't contact LDAP server (81)

LDAP Success

SQL Success

if i try to login from the login page i get : 

Unable to connect to LDAP Server!

slapd is running, and configured as per the instuctions, as well as the admintools.conf

----------

## bitwh0re

 *BulletSponge wrote:*   

> i've tried to follow the tutorial, and still use the ebuild. so far it seems to be working, except for when i try to add a user i get 
> 
> # adduser_ox --username=test --passwd=xxxx --name=test --sname=user --maildomain=xxxxxxx --ox_timezone=MST
> 
> ldap_bind: Can't contact LDAP server (81)
> ...

 

Ensure that you have linked (ln -s) /etc/openldap/ldap.conf in both /usr/local/open-xchange/etc/groupware and /usr/local/open-xchange/etc/webmail

Can you post your slapd.conf and admintools.conf files?

----------

## dashnu

I am trying that now and I cant seem to get anything to happen :p 

Also today I am going to install and test out the virus protection.  So I will keep ya posted on that also

----------

## bitwh0re

 *init-zero wrote:*   

> I am trying that now and I cant seem to get anything to happen :p 
> 
> Also today I am going to install and test out the virus protection.  So I will keep ya posted on that also

 

Does 'netstat -tnap' show openldap (slapd) listening on port 389?  Can you telnet localhost 389 and receive a response?

----------

## dashnu

 *bitwh0re wrote:*   

>  *init-zero wrote:*   I am trying that now and I cant seem to get anything to happen :p 
> 
> Also today I am going to install and test out the virus protection.  So I will keep ya posted on that also 
> 
> Does 'netstat -tnap' show openldap (slapd) listening on port 389?  Can you telnet localhost 389 and receive a response?

 

Yes and Yes..

----------

## dashnu

Ok.. got it to work..  Did not set my BASE DN   :Embarassed: 

**edit Or not... Learning something new is always a pain in the arse but learning it publicly on a forum is even worse   :Very Happy: 

Ok when I go to browse and schema I do not see anything.. It is not a search only thingy is it ?

**edit  I will figure it out

----------

## dashnu

Ok gq is _way_ better.. ignore my other post about DA   :Very Happy: 

Poking around my ldap tree in an O so friendly way now I noticed I had the mailadmin password set wrong this whole time.    :Rolling Eyes:    Strangly enough this did not cause any errors ..

/me emerge -C directoryadministrator

----------

## bitwh0re

 :Very Happy: 

-----

Learn to enjoy the frustration of learning.

----------

## cron0

@ init-zero

webdav is partially "working" here. If go to http://mydom.com/servlet/webdav.documents using Internet Explorer 6 or Firefox it asks me for my login/password, then I see a very ugly black on white page with my documents tree, but when I try to access a subfolder or a file, I get an error

[code]HTTP Status 404 - /servlet/webdav.documents/MyDocumentFolder/[/code

If I try to access webdav.ical, it wants to download the file.

webdav.contacts, webdav.calendar,  give me this error:

[code]HTTP Status 400 - HTTP method GET is not supported by this URL[/code]

I haven't found a way to fix this yet.... I suppose something is wrong with apache/tomcat, something about redirection maybe...

----------

## dashnu

 *JF_Cron0 wrote:*   

> @ init-zero
> 
> webdav is partially "working" here. If go to http://mydom.com/servlet/webdav.documents using Internet Explorer 6 or Firefox it asks me for my login/password, then I see a very ugly black on white page with my documents tree, but when I try to access a subfolder or a file, I get an error
> 
> [code]HTTP Status 404 - /servlet/webdav.documents/MyDocumentFolder/[/code
> ...

 

I have the exact same errors..  I am goin going to try ical on a mac and see what that does for me. Maybe it will work with ical who knows... One thing I just found out is that it will not work on outlook at all, that struck me as strange..

----------

## BulletSponge

ok, after i fixed my ldap.conf, i created the user just fine, 

but now, after i log in, it just goes

Redirecting to Groupware ...

SessionID: 2b6a6bc27552d1c812c62a71805b976d

and that's it. 

if i do it on the localhost, it redirects just fine. could it be a firewall issue? 

had anyone heard of a firewall stripping off a redirect? 

do i need to specifically open a new port?

----------

## dashnu

I went through the howto as far as the virus stuff goes.. None of my messages will go through now.

My posfix error.

```
Nov  5 12:17:22 laptop postfix/qmgr[7600]: F406011747C: to=<uname@ox-mydomainl.net>, relay=none, delay=387, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused)

```

In my master.cf I am a bit confused with some of the settings.

```
smtp-amavis unix - - n - 3 smtp

   -o smtp_data_done_timeout=1200

   -o disable_dns_lookups=yes

127.0.0.1:10025 inet n - n - - smtpd

   -o content_filter=

   -o local_recipient_maps=

   -o relay_recipient_maps=

   -o smtpd_restriction_classes=

   -o smtpd_client_restriction=

   -o smtpd_helo_restrictions=

   -o smtpd_sender_restrictions=

   -o smtpd_recipient_restrictions=permit_mynetworks,reject

   -o mynetworks=127.0.0.0/8

   -o strict_rfc821_envelopes=yes

```

Do I just add this section or add and remove my other smtp - -n  stuff?

Everything has fired up but amavis wont shutdown..  Maybe amavis is acting funny.. probably just a pid location or something...

/me investigates more

----------

## dashnu

 *BulletSponge wrote:*   

> ok, after i fixed my ldap.conf, i created the user just fine, 
> 
> but now, after i log in, it just goes
> 
> Redirecting to Groupware ...
> ...

 

Did you enable the -i option in /etc/conf.d/postgresql  ?

```
# Extra options to run postmaster with.

# If you want to enable TCP/IP for PostgreSQL, add -i to the following:

# PGOPTS="-N 1024 -B 2048 -i"

PGOPTS="-i"

```

----------

## BulletSponge

if anyone has a firebox, it strips unknown headers, and the cgi-redirect is one of them. 

paranoid firewalls are a pain in the ass

----------

## dashnu

Virus scan is up and running.  I tested all 27 emails on the site and only one made it through.  And that was test #25..  Pretty damn good if ya ask me. I am going to retest 26 and 27 .

The howto was great. I did have some permission issues with /var/amavis and /var/run/amavis ..

Maybe have them add amavis user to the clamav group or something similar.

I just chmod 777 the dirs because this is my sandboxed env and I am lazy and just testing.  :Very Happy: 

----------

## dashnu

I am still stuck with webdav.*   Not one thing seems to be working.  I attempted to connect from a mac via ical to webdav.ical and It complained about incorrect data format.  I do however get a login screen for each webdav.* url. Like was stated before I can view documents but all sub_dirs do not allow access.. I dont really no were to begin but I will be messing with this untill 5:00 EST so any ideas please shoot them my way.

----------

## bitwh0re

 *init-zero wrote:*   

> I am still stuck with webdav.*   Not one thing seems to be working.  I attempted to connect from a mac via ical to webdav.ical and It complained about incorrect data format.  I do however get a login screen for each webdav.* url. Like was stated before I can view documents but all sub_dirs do not allow access.. I dont really no were to begin but I will be messing with this untill 5:00 EST so any ideas please shoot them my way.

 

I've never really had WebDAV working myself either.  That section was based from the other HOWTO's posted on OX's website.  Mostly from the Fedora HOWTO.  May want to ask on the list if anyone's ever successfully gotten WebDAV working.

----------

## dashnu

It seems some people are having read-only issues.. This was taken from the default tomcat webdav web.xml

```
 <init-param>

      <param-name>readonly</param-name>

      <param-value>false</param-value>

    </init-param>

```

This would need to be in the desired writeable servlet section.

----------

## dashnu

Well it is 5:00 and i am done working for the weekend. I have got mozilla-sunbird to view the calendar, however even with the post above I am still not able to write to it.

Monday Is a new day  :Wink: 

----------

## amigafan

I followed your guide but I cannot login to ox. The only difference in my setup is the self-compiled apache2 located in /usr/local/apache2. My webpages are in /www/hosts/ , e.g. open-xchange.mydom.tld.

I changed all paths pointing to /var/www/localhost/htdocs to /www/hosts/open-xchange.mydom.tld. Every service starts fine, I see my login-screen but I cannot login - I am always redirected to the login screen. If I enter a wrong username/password I see a message "authentication failed", so the connection to the ldap is established.

groupware.log says:

```
Nov 06 14:50 h9121 openexchange: ERROR: CHECKSESSION: Unable to check sessiond: uid=null, id=98a153c0d29cfa4d90cd6607ddd421e$

Nov 06 14:50 h9121 openexchange: ERROR: No language found - Using "EN" as default.

Nov 06 14:50 h9121 openexchange: DEBUG: Using non-cached version EN/logout

java.net.ConnectException: Connection refused

        at java.net.PlainSocketImpl.socketConnect(Native Method)

        at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:305)

        at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:171)

        at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:158)

        at java.net.Socket.connect(Socket.java:452)

        at java.net.Socket.connect(Socket.java:402)

        at java.net.Socket.<init>(Socket.java:309)

        at java.net.Socket.<init>(Socket.java:124)

        at com.openexchange.thread.Sdc.createSSLSocket(Sdc.java:105)

        at com.openexchange.groupware.UserLogout.logout(UserLogout.java:77)

        at com.openexchange.server.SessionBroker.killSession(SessionBroker.java:104)

        at com.openexchange.server.ComfireListener.removeSession(ComfireListener.java:165)

        at com.openexchange.thread.ComfireThread.validateSession(ComfireThread.java:454)

        at com.openexchange.thread.ComfireThread.run(ComfireThread.java:152)

        at java.lang.Thread.run(Thread.java:534)

Sdc Exception: Connection refused

java.lang.NullPointerException

        at com.openexchange.thread.Sdc.removeSession(Sdc.java:178)

        at com.openexchange.groupware.UserLogout.logout(UserLogout.java:78)

        at com.openexchange.server.SessionBroker.killSession(SessionBroker.java:104)

        at com.openexchange.server.ComfireListener.removeSession(ComfireListener.java:165)

        at com.openexchange.thread.ComfireThread.validateSession(ComfireThread.java:454)

        at com.openexchange.thread.ComfireThread.run(ComfireThread.java:152)

        at java.lang.Thread.run(Thread.java:534)

Nov 06 14:50 h9121 openexchange: logout session=98a153c0d29cfa4d90cd6607ddd421ee - null
```

----------

## el'cool0r

I have some problem with my ox installation... i've followed the guide so far except of cyrus and apache... 

the login screen (i use the pl script to login) is working but if i try to login i'm getting redirected to the login. it's not a false jdbc or a su error.

my log says it's a session error

==> sessiond.log <==

oxsessiond init (Port=<33333>)

getSession <295340145eff410978a71901dfae5b62>

(ERROR) SEND to client -->ERROR: No Session found

==> groupware.log <==

Nov 06 23:59 h9121 openexchange: bind to port 6661

Nov 06 23:59 h9121 openexchange: upload bind to port 6663

 done

Nov 06 23:59 h9121 openexchange: WARN: CHECKSESSION: sessionID not found or invalid: uid=null, id=295340145eff410978a71901dfae5b62, response=ERROR: No Session found

Nov 06 23:59 h9121 openexchange: ERROR: No language found - Using "EN" as default.

Nov 06 23:59 h9121 openexchange: DEBUG: Using non-cached version EN/logout

----------

## bitwh0re

Ok, we're up to v0.14.  A few minor corrections, additions, modifications and notes have been added.  init-zero's LDAP ACL's have been added as well, untested.

Good Luck to all!

http://www.mikefetherston.ca/OX

----------

## dashnu

I have got addresses to be accessible via evolution and ldap however can write from evolution.

I run a different mail-server at work using mysql. And am just getting use to this new setup and have a couple question.

I seem to be getting an error

```
Nov 10 09:59:49 laptop imap[6759]: SQL engine 'mysql' not supported

Nov 10 09:59:49 laptop imap[6759]: auxpropfunc error no mechanism available

Nov 10 09:59:49 laptop imap[6759]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

```

Everything is working I am authing against ldap I also see that in the logs but this error keeps popping up.  

I want my FQDN to be mail.mydomain.net but I want users e-mail to be user1@mydomain2.com

How do I set up a virtualhost with this new mailsetup? 

bitwh0re I have had a conversation on the mail-lists about pushing the 7.4 release out at my work. From your experience with this do you think an upgrade to 8 will be a nightmare? Our do you reccomend I wait untill 8 to push.

----------

## dashnu

I figured out how to set up virtual domains..

In you /etc/postfix/main.cf add the following.

```
virtual_alias_domains = example.com 

         virtual_alias_maps = hash:/etc/postfix/virtual

```

Than create /etc/postfix/virtual and add

```
postmaster@example.com postmaster
```

Than "Execute the command "postmap /etc/postfix/virtual" after changing the virtual

file, and execute the command "postfix reload" after changing the main.cf file"

works just like your alias file and newalises. 

Taken from the VIRTUAL_README  :Very Happy: 

----------

## rumchumchum

Moin!

In the manual page 8: 

```
Foobar: telnet ox-domain.tdl imap
```

I thing you forgot the s of imaps

```
Foobar: telnet ox-domain.tdl imaps
```

If I type this command in my shell I get that 

```
Trying 192.168.1.21...

    Connected to steffen-pc.lan.

    Escape character is '^]'.

```

I enter return some times and I get an error

```
* BYE Fatal error: tls_start_servertls() failed

    Connection closed by foreign host. 
```

Can anyone help me pleas ? thank you !!!

---

----------

## dashnu

The connection between OX and the imap server is not imaps I do not think.

I would focus on getting imap to work before trying to secure it.

telnet localhost 143

imaps would be on port 993 i think.

----------

## rumchumchum

In this HOWTO pop and imap is only with ssl activated.

So you must us imaps

----------

## bitwh0re

 *rumchumchum wrote:*   

> In this HOWTO pop and imap is only with ssl activated.
> 
> So you must us imaps

 

No, IMAP/143 is proper.  This is just a simple test to see that cyrus is listening  responding  on 143.  I have not yet covered encrypting network traffic in this howto yet.

----------

## bitwh0re

 *init-zero wrote:*   

> I have got addresses to be accessible via evolution and ldap however can write from evolution.
> 
> I run a different mail-server at work using mysql. And am just getting use to this new setup and have a couple question.
> 
> I seem to be getting an error
> ...

 

That sql error is coming from SASL.  You can safely ignore it.  If it's bothering you, it would bother me in a production environment, there's got to be a way to stop SASL from trying a SQL plugin.  This could be done possibly through a USE flag or by editing /etc/conf.d/saslauthd.

I would wait until 0.8.0 or even 0.8.1 to start pushing OX.  There have been changes to the database table structures between 0.7 releases.  I'm sure that there have been many other changes to the back-end software as well.  I would become very familiar with the product and then start pushing it when the developers consider it "release ready".  The reason I said "or even 0.8.1" is because, as most of us know, the first stable release may not be so.

Thanks for your tips on Postfix and virtual aliases, I'll be adding them to the HOWTO.  If you haven't noticed, you've been added to the Thanks / Credits section.

----------

## dashnu

Cool.. You may want to take out the init-parm stuff. Speaking with a Dev on the mail-lists they do _not_ use the tomcat implementation of webDav they use only some of webDav's commands .. So this option will do nothing nor will it cause any issues.

Another thing you may want to add is viewing contacts from evolution.

Keep in mind it does not support external writing yet due to the fact that from your client you will only write to the ldap tree and not the postgresql data-base in which the web front end needs in order to be visable on the web site.

Global address book..

 *Quote:*   

> 
> 
> Server : <servername>
> 
> Port : 389 (unless running in ssl)
> ...

 

This should allow you to search your contacts go to the search bar and press enter and you should see all your contacts.

Personal Address Book (only listing the differences, much the same as above)

 *Quote:*   

> 
> 
> Search Base: ou=addr,uid=<youruname>,ou=Users,ou=OxObjects,dc=<your-domain>,dc=<tdl>
> 
> 

 

The difference is the ou=addr. If you browse the ldap tree (with gq  :Very Happy:  ) and look at a user you will see the personal book.

Pretty self explainitory but it may be nice to have in there.  I tested with outlook express,  entourage and evolution. all works well.

Another thing to get document to be browsable change the server-mapping i will post my full webdav.documents section to get the idea...

```
<servlet>

        <servlet-name>webdav.documents</servlet-name>

        <servlet-class>com.openexchange.webdav.documents</servlet-class>

        <display-name>webdav.documents</display-name>

        <description>webdav.documents</description>

    </servlet>

<servlet-mapping>

        <servlet-name>webdav.documents</servlet-name>

        <url-pattern>/webdav.documents/*</url-pattern>

    </servlet-mapping>

```

Sorry for the confusion on the init-parm stuff..

----------

## dashnu

On another note There must be a way to set up virtual domains in the ldap tree which ideally would be a better way to do it.  The way I set it up will only allow for example.

user@mydomain1.com  to get sent to user@mydomain.com

just want to make that clear.

----------

## dashnu

On another note   :Very Happy:   postcount + + lol  

I am going to use this release in a production env (depending on the time it takes to get a new server). We only have a user base of 10 or so. Have you ever done an upgrade of any of the 7 versions.  I am sure worst case senerio I could pull out entries in the data base and ldap tree and sync them up manualy after a fresh install. However I dont know how I would do this with ldap.. I guess I could create a new tree.. I will have a look at that not sure if I can run multiple ldap trees. As far as postgres goes I could create a new db and toss all the content into it.. May be a lot of work but I want to get this damn thing out there already.

----------

## dashnu

Securing Postfix .. stuff

As of the current docs. Postfix (smtp) does not support auth. IMAP is using ldap to auth via saslauthd so lets set up postfix to do the same. Also we will allow no relaying.

In your /etc/postfix/main.cf   add..

```

smtpd_sasl_auth_enable = yes

smtpd_sasl2_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_local_domain = 

smtpd_recipient_restrictions =

        permit_sasl_authenticated,

        permit_mynetworks,

        reject_unauth_destination

```

 this will allow only users in your ip range to send mail unless they authenticate. May want to confirm that your mynetworks setting is correct. Also if you want to allow a pc outside your network to send / relay mail off your server add thier IP to this section.

Since our saslauthd auth mech has been set to use ldap already for the imap part we need to change nothing in /etc/conf.d  

You will  need to create a file in /etc/sasl2 called smtp .

and in that file add the following.

```
pwcheck_method:saslauthd

mech_list: LOGIN PLAIN

```

So now to send an email postfix will use saslauthd than saslauthd will than look to ldap.

Restart postfix and saslauthd just to be safe..

You can test if you are an open-relay using this site..  http://www.abuse.net/relay.html

However I did not do this because my test Env is behind a f-wall.  

minimaly you can check by telnet ..

```
telnet localhost 25

Trying 127.0.0.1...

Connected to laptop.mydomain.net.

Escape character is '^]'.

220 ox-domain.net ESMTP Postfix

EHLO blaaa.com

250-mydomain.net

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250 8BITMIME

```

Now with your email-client set up your send options to authenticate.

A few things to keep in mind.. We are not using SSL on smtp yet so passwords are getting thrown through the air in plain text.  Once I figure out how to get ssl to work I would consider this method to be secure.. How ever I am no security guru  :Very Happy:  so I take no responsibility 

Another note imap ssl works via your how-to as far as clients go...  Of course the key is bogus.

Hopfully by EOD today I will have smtp ssl working and post info here.

----------

## jkomar

I made it through the tutorial no problem up to testing the IMAP server. I connect via telnet OK, but when I do saslauthd -v, I get "saslauthd BAD Please login first."

Anyone have any ideas/suggestions?

Thanks,

Jason

----------

## dashnu

I have no idea why you would be getting that error.. That command is only looking at your configuration not logging into anything (i think).. hmmm

I would try to re-emerge that again and make sure your use flags are set up per the howto.

Sorry I could not be more help.

**edit have you created your cyrus saslpasswd ?  may need to do that first.

----------

## jkomar

 *init-zero wrote:*   

> **edit have you created your cyrus saslpasswd ?  may need to do that first.

 

I haven't. How do you create it?

Thanks,

Jason

----------

## dashnu

First make sure saslauthd is running

```
/etc/init.d/saslauthd status
```

Than run...

```
/usr/sbin/saslpasswd2 -c cyrus
```

----------

## jkomar

I must have some kind of problem in my cyrus-sasl setup because when I try to start saslauthd, I get saslauthd[process number] :set_auth_mech   : unknown authentication mechanism: pam...

Could this have something to do with -pam in my USE Flags?

Thanks,

Jason

----------

## dashnu

set you auth mech to use ldap.

/etc/conf.d/saslauthd

```
SASL_AUTHMECH=ldap

SASLAUTHD_OPTS="-a ${SASL_AUTHMECH}"

```

That is what you want

----------

## jkomar

That eliminated the pam error, but produced the same error with ldap. I ended up re-emerging openldap and it saslauthd starts properly now.

Thanks for your help.

Jason

----------

## teldap

Hallo,

I have a little problem:

foobar ~ # nano w ldap.ldif

dn: dc=ox-domain,dc=tld

objectclass: dcObject

objectclass: organization

o: OXDomain

dc: ox-domain

dn: cn=Manager,dc=ox-domain,dc=tld

objectclass: organizationalRole

cn: Manager

```
 foobar ~ # slapadd -l ldap.ldif

   slapadd: could not parse entry (line=9)
```

line 9 is the end of the file. Mast I change "o: OXDomain" ? Or what is wrong ? Thank you

----------

## dashnu

Minimally Get rid of line 9 or any blank lines..

Make sure it is running 

```
ps -ef | grep slapd
```

Confirm your BASE URI and HOST is set in /etc/openldap/ldap.conf also make sure your /etc/openldap/slapd.conf is set up exactly like the how to describes (of course use your tld)

If you have to edit any of the files make sure you restart slapd.

Try again..  see if slapcat shows anything maybe it has been added already ..

Like i said some posts above I am a ldap n00b so if none of this solves your issue i do not know what to tell ya.  

However if you find you answer somewhere else be sure to post back what it was.. This thread is  a good resource..

Welcome to gentoo forums...

----------

## bitwh0re

Ok, init-zero, you're getting some kind of "promotion" here.  How about something like "Official Gentoo OX Forum Guru"?   :Smile: 

I really appreciate all the help you're giving as well as your experimentation and feedback.  It's really great!  Thanks!

----------

## dashnu

 *bitwh0re wrote:*   

> Ok, init-zero, you're getting some kind of "promotion" here.  How about something like "Official Gentoo OX Forum Guru"?  
> 
> I really appreciate all the help you're giving as well as your experimentation and feedback.  It's really great!  Thanks!

 

Hey no problem!  I am on this OX thing like flies on shit  :Very Happy: 

I have got konqueror / nautilus / cadaver all working with webdav.documents  .. webdav rocks ! I am having some auth issues with windows xp but so far so good..

----------

## DoDaT69

where did the how to move to?

----------

## bitwh0re

 *DoDaT69 wrote:*   

> where did the how to move to?

 

http://www.mikefetherston.ca/OX/

----------

## DoDaT69

much appreciated.. I am going through it atm...  :Wink: 

Thanks again man!

----------

## bitwh0re

 *DoDaT69 wrote:*   

> much appreciated.. I am going through it atm... 
> 
> Thanks again man!

 

Good luck, and you're welcome!  Any feedback or tips are welcomed and appreciated!!!

----------

## bitwh0re

 *init-zero wrote:*   

> 
> 
> ```
> <servlet>
> 
> ...

 

So the only thing that needed to be changed was the <url-pattern>?  I.E. the "/*" needed to be added to the end of webdav.documents?  I guess I should change that for ical, contacts, etc, huh?

----------

## bitwh0re

 *init-zero wrote:*   

> I figured out how to set up virtual domains..
> 
> In you /etc/postfix/main.cf add the following.
> 
> ```
> ...

 

Wouldn't something have to be added to the LDAP tree as well?

----------

## dashnu

 *bitwh0re wrote:*   

>  *init-zero wrote:*   
> 
> ```
> <servlet>
> 
> ...

 

yes to "   /*  " that will allow you to travel into the directories. Also your filespool must be accesable by the user running you tomcat instance.  As far as ical and such go I would say no this would only apply for the documents.

----------

## dashnu

 *bitwh0re wrote:*   

>  *init-zero wrote:*   I figured out how to set up virtual domains..
> 
> In you /etc/postfix/main.cf add the following.
> 
> ```
> ...

 

Again this will only allow you to send an email to user1@mydomain1.com and have it send to your "real" user at user1@mydomain.com ..  It is like a virtual host alias thing. Not a true virtual domain..

----------

## parnasus

First of all, thank you all.  If one reads the HOWTO carefully, it is possible to set this up on the first try.    :Embarassed: 

On to the problem:

I am unable to save documents through openXchange.  When I try to upload the file, I get:

 *Quote:*   

> - An error ocurred saving the documents to the database

 

The only thing I see in the log files are:

 *Quote:*   

> Nov 16 14:49:57 localhost slapd[13266]: conn=3 op=435 BIND anonymous mech=implicit ssf=0 
> 
> Nov 16 14:49:57 localhost slapd[13266]: conn=3 op=435 BIND dn="cn=Manager,dc=dyndns-ise,dc=dyndns,dc=org" method=128 
> 
> Nov 16 14:49:57 localhost slapd[13266]: conn=3 op=435 BIND dn="cn=Manager,dc=dyndns-ise,dc=dyndns,dc=org" mech=SIMPLE ssf=0 
> ...

 

Any ideas?

----------

## dashnu

Looking at you post I am not to sure what to tell you..  Your log shows that the ldap requests are going through fine so the only thing I think it could be is database grants / permissions.

How are you starting OX...  I would reccomend starting each server in a differnt term and watch the logs..

/usr/local/open-xchange/bin/openexchange-sessiond

/usr/local/open-xchange/bin/openexchange-groupware 

/usr/local/open-xchange/bin/openexchange-webmail

than also tail -f /var/log/messages  

(for testing a have /var/log/messages as a catch all log file)

this will give you "real time error reporting"  so to speak.. I think you will find an error in your groupware log if so post that..

----------

## bitwh0re

Those are LDAP log entries, you'll want to post your other logs as init-zero says.  The documents are stored in your local filesystem under a (pretty whacky) file system layout in the /usr/local/open-xchange directory.  The entries, not the file itself, are stored in the database.  All that LDAP is used for is for authentication.  

You may want to look in your auth.log file as well and maybe check the permissions on your filespool.  I've read in some of the other howto's that you have to do this, although I've never noticed it with mine.

----------

## parnasus

 *init-zero wrote:*   

> Looking at you post I am not to sure what to tell you..  Your log shows that the ldap requests are going through fine so the only thing I think it could be is database grants / permissions.
> 
> How are you starting OX...  I would reccomend starting each server in a differnt term and watch the logs..
> 
> /usr/local/open-xchange/bin/openexchange-sessiond
> ...

 

The sessiond and webmail log files had nothing helpful in them.  The only thing reported in the groupware log was:

```
Nov 16 17:59 localhost openexchange: Netline Application Server [NAS 5.0]

Nov 16 17:59 localhost openexchange: (c) Netline Internet Service GmbH

Nov 16 17:59 oxchange openexchange: Linux i386 2.4.26-gentoo-r9

Nov 16 17:59 oxchange openexchange: 1.4.2-gentoo-1098991002

Nov 16 17:59 oxchange openexchange: VM Total Memory       : 20,288 KB

Nov 16 17:59 oxchange openexchange: VM Free Memory        : 19,791 KB

Nov 16 17:59 oxchange openexchange: VM Used Memory        : 497 KB

Nov 16 17:59 oxchange openexchange: system version : [0.7.4] initializing ...

Nov 16 17:59 oxchange openexchange: Using path: /usr/local/open-xchange/

Nov 16 17:59 oxchange openexchange: Loglevel set to: 5

Nov 16 17:59 oxchange openexchange: Setting timeout           : 60000

Nov 16 17:59 oxchange openexchange: Setting start_server      : 1

Nov 16 17:59 oxchange openexchange: Setting thread_pool       : 0

Nov 16 17:59 oxchange openexchange: Setting db_pool           : 5

Nov 16 17:59 oxchange openexchange: Allow non pooled threads  : true

Nov 16 17:59 oxchange openexchange: Setting upload directory  : /tmp/

Nov 16 17:59 oxchange openexchange: Application-Build: 0

Nov 16 17:59 oxchange openexchange: Application-Build: 0

Nov 16 17:59 oxchange openexchange: bind to port 6661

Nov 16 17:59 oxchange openexchange: upload bind to port 6663

 done

Error while saving uploaded document.

```

Per bitwh0re's clue, I tried:

```
chmod -R 777 /usr/local/open-xchange/var
```

Unfortunately, I get the same errors again.  The only thing that seems unusual in the LDAP entries is it is trying to log in anonymously (?).

I'll take a look at the SQL permissions and see what turns up.[/code]

----------

## bitwh0re

Is this a clean install or an upgrade?

----------

## parnasus

 *bitwh0re wrote:*   

> Is this a clean install or an upgrade?

 

This is a clean install.

I tried running the PostgreSQL postmaster in terminal mode (logged in as postgres and ran 'postmaster -i -D /var/lib/postgresql/data/') but got no joy.  Also looked at the prg_documents_* tables but didn't see anything particularly out of place with them.

I've taken a close look at /usr/local/open-xchange/var/filespool.  The directory is completely empty, and according to SuSE, it should be populated.  I've made modifications to their script to populate the directory and I'll see if that remedies the problem.

----------

## bitwh0re

you did run the "correctfilespool" shell file right?

----------

## parnasus

 *bitwh0re wrote:*   

> you did run the "correctfilespool" shell file right?

 

I checked command history and there was a typo when I entered it.  I'm re-running (actually running for the first time) it now.  This will most likely take care of it.

<bonk self>

----------

## dashnu

dohhh  :Very Happy: 

One thing to note if your are going to be using webdav stuff the filespool must also be accesible by the user running your tomcat instance. And I do suggest you mess with that I am super impressed. Works just like a local file system just with versioning  :Razz: 

----------

## bitwh0re

 *init-zero wrote:*   

> dohhh 
> 
> One thing to note if your are going to be using webdav stuff the filespool must also be accesible by the user running your tomcat instance. And I do suggest you mess with that I am super impressed. Works just like a local file system just with versioning 

 

There's also talk on the General mailinglist about possibly integrating SAMBA with LDAP and the filespool.  Would be done through what's called an OXtension.  Sounds very promising.

On another note, there's talk on the OX forum about integrating an IM server (Jabber) into the mix as well.  There are java clients that could be docked on the (right-side) panel.

Things are going to get even more interesting!!

----------

## playworker

Hello all,

Just installed Open-Xchange 0.7.4 on a fresh Gentoo box and had slightly different issues to last time - guess this is a Gentoo "feature"  :Very Happy: 

o  I had to create an Apache log directory before Apache would start

o  To get postfix to deliver mail I had to add the users "cyrus" and "postfix" to the mail group and then 

```
chown cyrus:mail /var/imap/socket/lmtp
```

o  I had to change the "allowplaintext" option in the /etc/imapd.conf file to "yes" to get webmail to work

That was about it though I think! All in all not a bad install...  :Smile: 

Matt

----------

## playworker

Just thought of something else!

If the 

```
/usr/local/open-xchange/etc/init.d/openexchange start
```

 command doesn't work for you then you probably need to go into the 3 individual init scripts (sessiond, webmail and groupware) in the same directory and in each script there is a line that starts with "su" and a commented out line next to it that begins "sudo".  Simply swap the comment over so that the "sudo" line is uncommented and the startup script should work properly now  :Wink: 

----------

## bitwh0re

This should all be covered in the HOWTO, except maybe for the apache log problem and chowning the lmtp socket.

----------

## temp

Hi folks,

great stuff, the howto works like a charme  :Smile: 

But I have one problem now, when I add/edit a contact I get this error:

```
 Contacts 

The contact has been created successfully in the database \nbut couldn't be inserted into the LDAP addressbook: Naming err in ContactLdap javax.naming.NoPermissionException: [LDAP: error code 50 - no write access to parent]; remaining name 'uid=9,ou=addr,uid=swentz,ou=Users,ou=OxObjects'

You will be redirected ...
```

I haven't played around with LDAP's ACL, but shouldn't this work without this? I used phpldapadmin to get to "ou=addr,uid=swentz,ou=Users,ou=OxObjects", it's there, but nothing under it (no uid=9).

Can someone help me?

----------

## dashnu

 *temp wrote:*   

> Hi folks,
> 
> great stuff, the howto works like a charme 
> 
> But I have one problem now, when I add/edit a contact I get this error:
> ...

 

This is because of acl's. Write need to be set for ou=addr.....

```
#access to dn="ou=addr,uid=(.*),ou=Users,ou=OxObjects,dc=ox-yourdomain,dc=net"

# attr=uid,objectClass,entry filter=(objectClass=OXUserObject)

#   by self write

#   by dn="uid=$1,ou=Users,ou=OxObjects,dc=ox-youdomain,dc=net" 

#   write

#   by * none

```

```
#access to dn.subtree="o=AddressBook,ou=OxObjects,dc=ox-yourdomain,dc=net"

#  by group="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=ox-yourdomain,dc=net" 

#  write

#  by users read

#  by * none

```

or to cheat   :Very Happy: 

```
access to *

        by * write
```

----------

## playworker

 *bitwh0re wrote:*   

> This should all be covered in the HOWTO, except maybe for the apache log problem and chowning the lmtp socket.

 

I don't think the allowplaintext change is in your HOWTO unless I'm just being a fool and can't see it?  :Very Happy: 

Also, does anyone know how I should go about getting the browser interface secured so that external users can connect to my OX server securely - is it just a case of setting up Apache to use mod_ssl or is there a lot more to it than that? Sorry if this is a stupid question but I'm new to most of this  :Smile: 

Matt

----------

## dashnu

I would use ssl yes. The webfront end using ssl would be secure..  However what _needs_ to be worked on is  internal security. Of coures have only port 80 or 443 open. As far as security goes it is a work in progress .. I _think_ I secured the mail server in previous posts . The main thing is to truly understand ldap acl's. Allowing write acces to 'all' is a bit crazy I think.. Your site may get destroyed by the swell user base that most companies have.   :Very Happy:  Other things like ldap crypt method would be nice and maybe securing postgresql which I am totally unfimiliar with.

----------

## bitwh0re

 *playworker wrote:*   

>  *bitwh0re wrote:*   This should all be covered in the HOWTO, except maybe for the apache log problem and chowning the lmtp socket. 
> 
> I don't think the allowplaintext change is in your HOWTO unless I'm just being a fool and can't see it? 
> 
> Also, does anyone know how I should go about getting the browser interface secured so that external users can connect to my OX server securely - is it just a case of setting up Apache to use mod_ssl or is there a lot more to it than that? Sorry if this is a stupid question but I'm new to most of this 
> ...

 

My bad, it was in the original document which was accidentally erased by me.  I tried to recreate all changes since the first release into v0.13 and must have missed that one.  Sorry, it *was* in the document, but no longer is.  I'll add that back in and go through the last few pages of this forum topic to cover the latest changes and additions.

init-zero, wanna write the instructions for spell check in webmail?  I saw them once on the General mailinglist.  That's a section in this HOWTO that's been nagging at me.

----------

## dashnu

 *Quote:*   

> init-zero, wanna write the instructions for spell check in webmail? I saw them once on the General mailinglist. That's a section in this HOWTO that's been nagging at me.

 

I may be able to do that tomorrow for ya..  I need spellcheck bad  :Very Happy:  jhuytsfnd

----------

## bitwh0re

 *init-zero wrote:*   

>  *Quote:*   init-zero, wanna write the instructions for spell check in webmail? I saw them once on the General mailinglist. That's a section in this HOWTO that's been nagging at me. 
> 
> I may be able to do that tomorrow for ya..  I need spellcheck bad  jhuytsfnd

 

LOL!

----------

## temp

Thanks for your answer, it worked fine  :Smile: 

Now I have another problem, I have about 10.000 contacts that I need to import - any help on that? Are there import-tools or something?

I looked at the postgres-database and found the prg_addresses and prg_contacts tables, can i write directly into these? I'd write myself a little php-script that would fill these tables if no other tools are available... Do I have to take care of something else? Other tables? I'd skip importing these to LDAP cause I don't need an LDAP-Addessbook...

Hope someone can give me tips on this one  :Wink: 

----------

## dashnu

 *temp wrote:*   

> Thanks for your answer, it worked fine 
> 
> Now I have another problem, I have about 10.000 contacts that I need to import - any help on that? Are there import-tools or something?
> 
> I looked at the postgres-database and found the prg_addresses and prg_contacts tables, can i write directly into these? I'd write myself a little php-script that would fill these tables if no other tools are available... Do I have to take care of something else? Other tables? I'd skip importing these to LDAP cause I don't need an LDAP-Addessbook...
> ...

  Lets just say If you write an import script will you please share it  :Very Happy:   I am not sure but I _think_ you may still need the contacts in ldap for the site to function properly. You will notice if you go to you global or personal book via the web interface it will still access the ldap tree.  You can introduce them to ldap via a ldiff file I think but to this I also am not sure.

----------

## temp

 *init-zero wrote:*   

> Lets just say If you write an import script will you please share it   I am not sure but I _think_ you may still need the contacts in ldap for the site to function properly. You will notice if you go to you global or personal book via the web interface it will still access the ldap tree.  You can introduce them to ldap via a ldiff file I think but to this I also am not sure.

 

Hmmm a few postings above I had the problem with the ldap-actions failing, so there where NO contacts in LDAP... But the site still worked!

So I guess that when I figure out all of the fields for contacts and companies an import should go fairly easy... I'll report as soon as the script is ready  :Wink: 

----------

## dashnu

hmm, yea I guess you might be correct.. to some extent,  but those ldap errors will continue to plague you I bet ... 

What would happen if you tried to edit a contact that was only in the db would it sync up the ldap tree or would it barf..

I would be curious to know the outcome.

----------

## temp

Works fine, just checked that. LDAP-entries are created even if they didn't exist before editing!

So it should really be a matter of getting the data into the right spot in the database...

I'll keep you informed  :Wink: 

----------

## playworker

 *init-zero wrote:*   

> I would use ssl yes. The webfront end using ssl would be secure..  However what _needs_ to be worked on is  internal security. Of coures have only port 80 or 443 open. As far as security goes it is a work in progress .. I _think_ I secured the mail server in previous posts . The main thing is to truly understand ldap acl's. Allowing write acces to 'all' is a bit crazy I think.. Your site may get destroyed by the swell user base that most companies have.   Other things like ldap crypt method would be nice and maybe securing postgresql which I am totally unfimiliar with.

 

The company I am working for is only small so the internal security isn't a priority but people are asking for remote access so securing the web interface is a priority  :Very Happy: 

Am I right in thinking I just have to set apache up to use SSL and that's it done or is there more to it than that?

Also I had email spellchecking working on my previous install (0.7.3) I'm guessing it's pretty similar with this version, just had to mess with the webmail config file I think, although I'm not at work so I can't check for you now  :Smile: 

Let me know if you need any info about the spellchecking and I can get you settings etc. from work tomorrow...

----------

## jkomar

I don't know if this has been covered, but here goes.

The problem with the /usr/local/open-xchange/etc/init.d/openexchange startup script lies in the first 7 lines of the script. Sessiond is started OK, but the lines with the paths for webmail and groupware have an extra / near the end. This causes those individual scripts to not be run.

The next thing that needs to be done to use the openexchange script is to modify each of the other 3 scripts in the same folder. Look for the line beginning with su and you will see a commented line beginning with sudo. Uncomment the sudo line and comment the su line, and things will work properly.

I put a symlink to /usr/local/open-xchange/etc/init.d/openexchange in /etc/init.d, but when I added it to my default runlevel with rc-update it didn't start automatically. I can start it no problem after the above modifications with /etc/init.d/openexchange.

JasonLast edited by jkomar on Thu Nov 18, 2004 8:11 pm; edited 1 time in total

----------

## dashnu

 *Quote:*   

> Am I right in thinking I just have to set apache up to use SSL and that's it done or is there more to it than that? 

 

It would than be as secure as ssl / apache / and the ox-app it self. So yes I am not sure what else you could do... BTW sounds like you are going to roll this out to production, is this correct?

I think I may wait untill 8 but have not fully decided..

 *Quote:*   

> Let me know if you need any info about the spellchecking and I can get you settings etc. from work tomorrow...

 

That would be great  :Very Happy:  It does not look like I am going to have time to mess with it this week..

 *Quote:*   

> I don't know if this has been covered, but here goes.
> 
> The problem with the /usr/local/open-xchange/etc/init.d/openexchange startup script lies in the first 7 lines of the script. Sessiond is started OK, but the lines with the paths for webmail and groupware have an extra / near the end. This causes those individual scripts to not be run.
> 
> The next thing that needs to be done to use the openexchange script is to modify each of the other 3 scripts in the same folder. Look for the line beginning with su and you will see a commented line beginning with sudo. Uncomment the sudo line and comment the su line, and things will work properly.
> ...

 

Very cool man. I will test this out and let you know how it works.

----------

## jkomar

 *init-zero wrote:*   

> Very cool man. I will test this out and let you know how it works.

 

I jumped the gun a little. It didn't start automatically, but can be started after the other modifications with /etc/init.d/openexchange. I'm no expert on startup scripts, so if anyone else has any further ideas, at least this brought it one step closer.

Jason

----------

## bitwh0re

 *playworker wrote:*   

> 
> 
> Am I right in thinking I just have to set apache up to use SSL and that's it done or is there more to it than that?
> 
> Also I had email spellchecking working on my previous install (0.7.3) I'm guessing it's pretty similar with this version, just had to mess with the webmail config file I think, although I'm not at work so I can't check for you now 
> ...

 

Yeah, the spellchecking seems simple but i could never get it going.. but then again I gave it a very low priority.

If all you're doing is the web interface, using SSL would be a good first step.  If not, you should use SSL on SMTP and IMAP as well.  Putting the system behind a firewall and only allowing the required ports is another good thing to do..

----------

## dashnu

Any Spellcheck info yet  playworker   :Very Happy: 

----------

## bitwh0re

0.7.5 has been released.

As well, I'm retesting my HOWTO on a fresh install of 2004.3 using NPTL.  Look for that soon.. some new sections too.

----- CHANGES (the stuff in bold is from this forum or people on this forum) -----

Changes with OPEN-XCHANGE 0.7.5 - 2004-11-19

	*) Fixed several minor bugs in week- and month view

	if the duration was less then 24 hours and one week

	calculation issue that is maybe fixed now. Also some

	modifications for sequences added. The storage has

	changed. Consolidated some methods for easier coding.

	*) Changed complete day view so that the start and end

	times and also the interval can be changed. This will

	affects later on some user settings. Calculation

	optimized.

	*) Added the very first version of folder permissions.

*) Fixed bug #102. Login with capitals inside is now

	possible and will not result in missing permissions.

	*) Fixed bug #112. Resource group query works now.

	*) Changed the sequence end date format in the database

	for an easier handling in the future, part of a long list

	of upcoming changes.

	[Martin.Kauss]

	*) The 'login.pm' now stores the last selected language	at

	a cookie and reselect it at the next login.

	*) Fixed bug #87. Not able to forward an existing email	in

	OX WebMail when the subject line on the original email is

	empty.

	*) Fixed bug #10. The default folder names are now be 

	configurable in PREFIX/etc/webmail/imap.properties. The 

	admin can also deactivate the auto creation of not existing

	default folders.

	*) Fixed bug #85. Added missing 'nowrap' tag to the portal

	page.

	*) Fixed bug #88. Fixed a problem that the ignore quota on

	deleting messages didn't work.

	*) Fixed a problem that only "localhost" was used to send

	groupware messages like (notifications, reminder) and not

	the given smtp server.

*) Fixed bug #108. Fixed a problem that you can't accept/deny

	groupware confirmations for tasks and appointments at the

	OX WebMail confirmation popup.

	*) Finished integration of distribution lists at the OX WebMail

	address book. Due to this integration we have done a redesign

	of the address book webinterface. Note: The old OX WebMail

	mailling lists are no longer available.

	*) Fixed bug #90. Fixed a small typo at 'FolderSettings.java'. 

	Thanks to Henrik Holmboe who provided this patch.

	*) Fixed a problem for language 'DE' that when you replied to

	a message the parameter "$date" and "$from" weren't replaced.

	*) Added a new Interface 'IMAPConnection' which handles all imap

	connections made through OX WebMail. This makes it easier for

	changes. For example, if you have different username/password as

	the given login data.

	*) Fixed a problem that OX WebMail doesn't check personal

	mailsettings in ldap ('maildomain' attribute) and always uses

	the maildomain of the user 'mailadmin' instead. Also fixed a

	problem that the user default email address ('mail' attribute)

	was not available at the selection field under preferences.

*) Fixed bug #103. Fixed a problem that the page 'top.htm'

	points to 'javascript/flags.css' when it should point to

	'css/flags.css'.

	*) Fixed bug #97. Fixed a login problem at the 'login.pm' when

	using a username which contains more than 30 characters. 

	[Stefan.Preuss]

	*) Fix for resolving the problem with "make" and with the

	creating of the "war" file.

	*) Fixed bug #31, problems with recurring appointments and ical.

	*) Fixed bug #67, problem insert und update appointment via sunbird.

	*) Fixed bug #84, problem with chmod -R in /var.

	*) Fixed bug #96, logging the password in sessiond.log is now depending 

	of the loglevel.

	*) Fixed bug #83, htdocs-, serlvet and cgi-bin options are now available

	in the configure.

	*) Fixed problem with importing ICal appointments.

	*) Add MIME types to webmail.jar.

	*) Changed methods for parsing XML content in a PROPFIND request.

	*) Add the OXGroupuser class to the API.

	*) Implemented the new API in the groupuser servlet.

	*) Implemented the first version of the java API that can be used from 

	external programs.

	*) API Javadoc implemented.

	[Sebastian.Kauss]

	*) Partially implemented WebDAV LOCK for documents. Not fully working yet.

	*) Compiles now also with JDOM 1.0 (Bug 5 :Cool: 

	*) List view in documents doesn't become print style anymore after showing the print page. (Bug 46)

	*) Convert all usernames to lowercase after fetching it from sessiond. (Bug 41)

	[Marcus Klein]

	*) Fixed bug in sessiond startup script.

	[Sebastian.Kotyrba]

----------

## dashnu

Wow, that looks really promising.. Sounds like I-cal works to. May push this version out to production.. bitwh0re I will be testing this release on Monday so I will be around to help / test / whatever...

Weeeeeehawwwwwwww

----------

## bitwh0re

 *init-zero wrote:*   

> Wow, that looks really promising.. Sounds like I-cal works to. May push this version out to production.. bitwh0re I will be testing this release on Monday so I will be around to help / test / whatever...
> 
> Weeeeeehawwwwwwww

 

I'm going to try and do this over the weekend.. it's 9:45AM Saturday and I'm just now doing the 'emerge system' step.. so it'll be a bit still.

----------

## bitwh0re

Just working through a fresh install of 0.7.5 here.. quite a few things have changed.  If you've gone through the HOWTO already, or are about to, read it carefully.. some things have changed that you may not notice have changed.

I have a question for everyone.  When sun-j2sdk is emerged, it emerges xorg as well.  xorg is listed as an RDEPEND for sun-j2sdk.  Is XORG really required to make sun-j2sdk work?!  If not how do you stop it from being emerged?  XORG is declared as x11/virtual.

----------

## playworker

Some of the java classes need X, but none of them are needed for OX, I just emerged it with --nodeps and it worked fine (0.7.4)  :Smile: 

----------

## playworker

To get spellchecking to work in 0.7.4 (dunno if they have fixed this in the new version) you need to add the following line to each dictionary in your spellcheck.cfg file:

```
 <element pdict="/usr/local/open-xchange/var/dictionary/" filename="$uid"/>
```

If you are running an earlier version then this line will already be present but you need to change the ispell command line by removing the switch -TLatin1 at the end to get spellcheck to work.

Also, if you are a proper English person  :Razz:  then you will probably want to change the English dictionary command line from -damerican to -dbritish  :Smile: 

Hope this helps, if this doesn't make sense then take a look at the /usr/local/open-xchange/etc/webmail/spellcheck.cfg file and it will all become clear...

Matt

----------

## temp

Are there any guidelines in upgrading from 0.7.4 to 0.7.5?

Maybe add it as a chapter of your manual?  :Smile: 

Or isn't it recommended to upgrade a running version?

----------

## bitwh0re

 *temp wrote:*   

> Are there any guidelines in upgrading from 0.7.4 to 0.7.5?
> 
> Maybe add it as a chapter of your manual? 
> 
> Or isn't it recommended to upgrade a running version?

 

That is one of the things I'd like to tackle in the future, right now I'm concentrating on having a good working HOWTO and adding the steps to extend it.  Once I feel that that's been completed, then I'll concentrate on adding steps to upgrading.

Realize too that you'll probably have to do a fresh install once 0.8 comes out.  I've read that there will be some major changes when that version is released.

----------

## temp

 *bitwh0re wrote:*   

> That is one of the things I'd like to tackle in the future, right now I'm concentrating on having a good working HOWTO and adding the steps to extend it.  Once I feel that that's been completed, then I'll concentrate on adding steps to upgrading.
> 
> Realize too that you'll probably have to do a fresh install once 0.8 comes out.  I've read that there will be some major changes when that version is released.

 

Ah ok. I'll skip the 0.7.5 then  :Wink: 

Going to test my import-stuff with 0.7.4, i can do wild things when I need to reinstall it with 0.8 either way...  :Wink: 

Have you got any info's on when 0.8 will be released? Will there be any 0.7.x-releases before?

----------

## bitwh0re

 *temp wrote:*   

>  *bitwh0re wrote:*   That is one of the things I'd like to tackle in the future, right now I'm concentrating on having a good working HOWTO and adding the steps to extend it.  Once I feel that that's been completed, then I'll concentrate on adding steps to upgrading.
> 
> Realize too that you'll probably have to do a fresh install once 0.8 comes out.  I've read that there will be some major changes when that version is released. 
> 
> Ah ok. I'll skip the 0.7.5 then 
> ...

 

Tenative Q1 2005.  Might be sooner, might be later.  They said "It'll be released when it gets released."  Sound familiar??  :Smile: 

----------

## sardiskan

I was following the install guide and I have come to a stopping point. During the "Initialize LDAP tree" phase I have a create a file called ldap.diff and configure it. Then I have to add this tree configuration to ldap by running:

```
slapadd -l ldap.ldif
```

After I try that I get the following error:

```
slapadd: cound not parse entry (line=9)
```

I'm not sure what to do next. Any ideas?

----------

## bitwh0re

 *sardiskan wrote:*   

> I was following the install guide and I have come to a stopping point. During the "Initialize LDAP tree" phase I have a create a file called ldap.diff and configure it. Then I have to add this tree configuration to ldap by running:
> 
> ```
> slapadd -l ldap.ldif
> ```
> ...

 

You know, I thought everyone that was getting this error was doing it wrong until I got that error just the other day.  I've changed the HOWTO around to show a working way of initially populating the LDAP tree.  Here's the command until I publish the next HOWTO:

```
ldapadd x D cn=Manager,dc=ox-domain,dc=tld W f ldap.ldif
```

Of course, change dc=ox-domain,dc=tld to suit your environment.

----------

## sardiskan

Well, I actually did eventually get it to work, but now I'm having trouble with another ldif file. The init_ldap.ldif file is not importing. I'm not sure why, everything appears to be ok.

Jason King

----------

## bitwh0re

 *sardiskan wrote:*   

> Well, I actually did eventually get it to work, but now I'm having trouble with another ldif file. The init_ldap.ldif file is not importing. I'm not sure why, everything appears to be ok.
> 
> Jason King

 

That file does need quite a few edits to get it going.  You really have to customize it for your environment.  Be sure to change all of the dc=example,dc=org to your tree.

----------

## sardiskan

I have an email system already in place and I don't want to get rid of it. I just want to integrate open-xchange with what I already have. Can open-xchange be integrated into other email programs? I'm running qmail w/vpopmail as my mail box store.

Jason

----------

## bitwh0re

 *sardiskan wrote:*   

> I have an email system already in place and I don't want to get rid of it. I just want to integrate open-xchange with what I already have. Can open-xchange be integrated into other email programs? I'm running qmail w/vpopmail as my mail box store.
> 
> Jason

 

That's a question best answered by the OX team:

http://mirror.open-xchange.org/ox/EN/mailman/

http://www.open-xchange.org/cgi-bin/simpleforum.cgi

----------

## sardiskan

I tried running the following command to initialize the ldap tree but I got this message.

```
portal root # slapadd -l /usr/local/open-xchange/share/init_ldap.ldif

slapadd: could not add entry dn="ou=OxObjects,dc=informs,dc=com" (line=5): txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30997)

```

What have I done wrong?

Jason

----------

## parnasus

According to the HOWTO, mail addresses (for user jdoe) are added to cyrus in the form:

```
localhost> cm user.jdoe

localhost> quit

```

What I'm wonder is:  Is there a way to have a user "jdoe" with an email address of "john_doe@oxdomain.com"  :Question: 

----------

## dashnu

Spell check. Confirm you have ispell emerged. 

Than change your /etc/webmail/spellcheck.cfg 

```
# WebMail SpellCheck configuration file

# (c) Netline Internet Service GmbH

# Author: Stefan Preuss <stefan.preuss@netline-is.de>

# Feel free to add new dictionaries.

# Note: 

# Currently we ONLY support ispell. Never change the breakpoint parameter!

<SpellCheck>

 <element enabled="true"/>

 <element breakpoint="4000"/>

 <element language="EN" default="english"/>

 <dictionary id="english">

  <element title="Englisch" language="DE"/>

  <element title="English" language="EN"/>

  <element debug="false"/>

  <execute cmd="/usr/bin/ispell -damerican -a -P -H"/>

 </dictionary>

</SpellCheck>
```

Really easy but figured I would post it anyways. This is for english of course :p

----------

## bitwh0re

 *parnasus wrote:*   

> According to the HOWTO, mail addresses (for user jdoe) are added to cyrus in the form:
> 
> ```
> localhost> cm user.jdoe
> 
> ...

 

This can be done with Postfix:

http://www.postfix.org/VIRTUAL_README.html

http://www.postfix.org/aliases.5.html

----------

## bitwh0re

Just browsing the OX website and ran across some interesting items in the Wiki...

SAMBA and OX playing together:

http://www.open-xchange.org/oxwiki/OX_20and_20Samba_20Login_20through_20LDAP

OX filespool through WebDAV in Windows:

http://www.open-xchange.org/oxwiki/Using_20WebDAV_20for_20documents_20as_20Windows_20network_20share

And the (GPL?) Outlook connector will be released with OX 0.8:

http://www.open-xchange.org/oxwiki/OutlookConnector

----------

## -Tom-

Hi all, I'm having quite the time of it with Tomcat - I wonder if anyone can help me?

First a quick bit of background: This is a clean OXinstall, using the 0.14 howto, it's been installed on a clean Gentoo build (2.6.9-gentoo-r4) and is running on Sempron 3000+ / nForce2 platform. Nothing else has been installed other than the items specified in the Gentoo Handbook.

Right, having followed the howto through, I have run through successfully to 'Configure Tomcat for OX's servlets' - the only 'odd' thing up to that point was that 'login.pl' was not in /usr/local/open-xchange/share/perl, rather, it was already in /var/www/localhost/cgi-bin/  :Rolling Eyes: 

So, what I am doing as of now is this:

```
foobar ~ # mkdir /opt/tomcat/webapps/servlet

foobar ~ # mkdir /opt/tomcat5/webapps/servlet/WEB-INF

foobar ~ # mkdir /opt/tomcat5/webapps/servlet/WEB-INF/classes

foobar ~ # mkdir /opt/tomcat5/webapps/servlet/WEB-INF/lib

```

This all does what you'd expect - creates the dirs (duh!). It's the next bit that's the problem...

```
foobar ~ # cp /usr/local/open-xchange/share/servlets/*

/opt/tomcat5/webapps/servlet/WEB-INF/classes
```

For some reason, /usr/local/open-xchange/share/servlets/ is empty  :Confused:  Is this normal? I have a feeling there should be something in there, no? The next command:

```
foobar ~ # cp /usr/local/open-xchange/lib/*

/opt/tomcat5/webapps/servlet/WEB-INF/lib/
```

works fine - there are files in /usr/local/open-xchange/lib/ and are copied across...

Anyway, I run throught the howto noting the following:

- That /opt/tomcat5/webapps/servlet/WEB-INF/web.xml doesn't exits, so I create it and add the contents as outlined in the howto.

- That on restarting Tomcat I don't get the 'No running Server found.' error - but not really knowing Tomcat, I forge on ahead...  :Rolling Eyes:  The error I see is an 'Apache Tomcat/5.0.27 - Error report', which presents me with a page basically saying: 

```
HTTP Status 404 - /servlets/

type Status report

message /servlets/

description The requested resource (/servlets/) is not available.
```

- That /etc/apache2/conf/jk2.conf doesn't exist, so I create it and populate it as in the howto.

- That /etc/apache2/conf/workers2.properties doesn't exist, so I create it and populate as in the howto.

I then restart Apache, and get the following error:

```
[error] env.createBean2(): Error getting factory for [sbm] (null)

[error] config.update(): Can't create sbm 
```

When looking in the /var/log/apache2/error_log file, I see:

```
[Wed Nov 24 11:38:55 2004] [notice] Digest: generating secret for digest authentication ...

[Wed Nov 24 11:38:55 2004] [notice] Digest: done

[Wed Nov 24 11:38:56 2004] [error] ajp13.init(): No channel [server name removed]:8009

[Wed Nov 24 11:38:56 2004] [error] uriEnv.init() map to invalid worker /servlet/* ajp13.[server name removed]:8009

[Wed Nov 24 11:38:56 2004] [error] ajp13.init(): No channel [server name removed]:8009

[Wed Nov 24 11:38:56 2004] [error] uriEnv.init() map to invalid worker /servlet/* ajp13.[server name removed]:8009

[Wed Nov 24 11:38:56 2004] [error] ajp13.init(): No channel [server name removed]:8009

[Wed Nov 24 11:38:56 2004] [error] uriEnv.init() map to invalid worker /servlet/* ajp13.[server name removed]:8009

[Wed Nov 24 11:38:56 2004] [error] ajp13.init(): No channel [server name removed]:8009

[Wed Nov 24 11:38:56 2004] [error] uriEnv.init() map to invalid worker /servlet/* ajp13.[server name removed]:8009

[Wed Nov 24 11:38:56 2004] [notice] Apache/2.0.52 (Gentoo/Linux) mod_jk2/2.0.4 configured -- resuming normal operations

[Wed Nov 24 11:38:56 2004] [error] ajp13.init(): No channel [server name removed]:8009

[Wed Nov 24 11:38:56 2004] [error] uriEnv.init() map to invalid worker /servlet/* ajp13.[server name removed]:8009
```

It is at this point that I now find myself...  :Crying or Very sad:  Anyone have any suggestions about what might be the problem? I've tried Googling on the errors, and I've tried both the Gentoo and OX forums - but all to no avail. Please help - I'm floating around in a giant pool of my own n00bishness, and it's not nice...

 - Tom.

----------

## bitwh0re

You're installing OX 0.7.5 by the sounds of it.  'make install' now copies over the html files to cfintranet and copies over the class files.  Move the files you find in /opt/tomcat5/webapps/servlet to /opt/tomcat5/webapps/servlet/WEB-INF/classes.  Be sure to stop both the tomcat and apache services before you do this.

Also be sure that your workers2.properties file has hostnames that match your environment...

----------

## -Tom-

 *bitwh0re wrote:*   

> You're installing OX 0.7.5 by the sounds of it. 

 

Yep, it's the 0.7.5 install... Your solution worked fine thanks  :Very Happy: 

 *bitwh0re wrote:*   

> Also be sure that your workers2.properties file has hostnames that match your environment...

 

Yeah... I had a couple of type-o's in there  :Embarassed: 

One more question: How do I stop OX outputting to the screen if I've started the processes manually?

Thanks!

----------

## sardiskan

What is the login information for Tomcat anyway?

----------

## bitwh0re

 *-Tom- wrote:*   

> 
> 
> One more question: How do I stop OX outputting to the screen if I've started the processes manually?
> 
> Thanks!

 

I think the standard 

```

command > /dev/null 2 > &1

```

should work.  There is a fix for having to manually start the processes.  Edit each individual file (sessiond, groupware, webmail) in etc/init.d.  In there search for 'su', comment out the line that starts with su and uncomment the line with sudo in it.  That should let you just run the master etc/init.d/openexchange script.  This fix will be in the next HOWTO.

----------

## bitwh0re

 *sardiskan wrote:*   

> What is the login information for Tomcat anyway?

 

Do you mean for http://host:8080/manager?

----------

## bitwh0re

I'm just gonna keep posting interesting URLs here so I don't have to find them again:

Add Cyrus user when adduser_ox:

http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=01&topic_id=1097702474

Automatic logout:

http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=03&topic_id=1101159936

----------

## pneum0nia

I emerge cyrus-sasl successfully, but don't have /usr/sbin/saslpasswd2 as mentioned in the pdf document.  Am I missing something?

----------

## bitwh0re

 *pneum0nia wrote:*   

> I emerge cyrus-sasl successfully, but don't have /usr/sbin/saslpasswd2 as mentioned in the pdf document.  Am I missing something?

 

Maybe it exists elsewhere?  Try, as root, find / -name "saslpasswd2" -print and see if that locates it for you.

----------

## pneum0nia

Nope...

----------

## pneum0nia

I even tried remerging cyrus-sasl, but nowhere in the ebuild installation does it install saslpasswd2 anywhere.  Very strange stuff.

----------

## bitwh0re

 *pneum0nia wrote:*   

> I even tried remerging cyrus-sasl, but nowhere in the ebuild installation does it install saslpasswd2 anywhere.  Very strange stuff.

 

And you've emerged, and possibly re-emerged, all the other software in order as well?  Including cyrus-imapd, cyrus-imap-admin,  and the necessary perl modules?

Can you post your USE flags?

Can you tell me if this is a fresh system or a currently working Gentoo install?

----------

## pneum0nia

This is a currently working gentoo install.  I have emerged all packages once in order as described in the pdf.  The only package I had to re-emerge was cyrus-sasl, because it wasn't compiling in ldap support.  

root@hyperbole Pan # cat /etc/make.conf

```

# These settings were set by the catalyst build script that automatically built this stage

# Please consult /etc/make.conf.example for a more detailed example

CFLAGS="-O3 -mcpu=athlon -march=athlon -fomit-frame-pointer"

CHOST="i686-pc-linux-gnu"

CXXFLAGS="${CFLAGS}"

GENTOO_MIRRORS="http://gentoo.ccccom.com"

MAKEOPTS="-j1"

#FEATURES="distcc"

PORTDIR_OVERLAY="/usr/local/portage"

USE="acpi apache1 imap tiff -oss -arts -avi -cups -encode -foomaticdb -gpm \

     -gtk -gtk2 -imlib -kde -gnome -libg++ -mad -mikmod -mpeg -oggvorbis \

     -opengl -qt -quicktime -X -xmms -xv -berkdb java javacomm javadoc \

     -pam javamail perl jikes -gdbm ldap sasl xerces xml xmlrpc postgres"
```

----------

## bitwh0re

 *pneum0nia wrote:*   

> This is a currently working gentoo install.  I have emerged all packages once in order as described in the pdf.  The only package I had to re-emerge was cyrus-sasl, because it wasn't compiling in ldap support.  
> 
> root@hyperbole Pan # cat /etc/make.conf
> 
> ```
> ...

 

you may want to change that '-berkdb' to 'berkdb' and start over....

----------

## pneum0nia

Yeah, I was thinking the same thing.  I will try that out and post my results.

----------

## pneum0nia

Bitwh0re, after re-emerging the packages with that changed USE flag, I now have saslpasswd2 in /usr/sbin and all things are good.  Thanks for your help.

----------

## bitwh0re

 *pneum0nia wrote:*   

> Bitwh0re, after re-emerging the packages with that changed USE flag, I now have saslpasswd2 in /usr/sbin and all things are good.  Thanks for your help.

 

Good to hear, maybe i'll add that USE flag to the HOWTO.

----------

## pneum0nia

I am now having problems configuring the open-exchange 0.7.5 source as described in the source.  It is complaining that I don't have java installed, but I installed it via the binary (sun-jdk).

```
./configure --enable-webdav --with-mailjar=/usr/share/sun-jaf-bin/lib/activation.jar --with-activationjar=/usr/share/sun-jaf-bin/lib/activation.jar --with-jdomjar=/usr/share/jdom/lib/jdom.jar --with-xercesjar=/usr/share/xerces-2/lib/xercesImpl.jar --with-jsdkjar=/opt/tomcat5/common/lib/servlet-api.jar --with-jdbcjar=/usr/share/jdbc3-postgresql-1/lib/pg73jdbc3.jar --with-dbname=openexchange --with-dbuser=open-xchange --with-dbpass=oxen --with-runuid=apache --with-servletdir=/opt/tomcat5/webapps/servlet/ --with-htdocsdir=/var/www/localhost/htdocs/ --with-cgibindir=/var/www/localhost/cgi-bin/ --with-jni-dir=/opt/sun-jdk-1.4.2.06/include/ --with-openssl-dir=/usr/include/

checking for a BSD-compatible install... /bin/install -c

checking whether build environment is sane... yes

/home/pneumonia/temp/open-xchange.0.7.5/missing: Unknown `--run' option

Try `/home/pneumonia/temp/open-xchange.0.7.5/missing --help' for more information

configure: WARNING: `missing' script is too old or missing

checking for gawk... gawk

checking whether make sets $(MAKE)... yes

checking whether make sets $(MAKE)... (cached) yes

checking for a BSD-compatible install... /bin/install -c

checking for java... no

checking for jikes... /opt/sun-jdk-1.4.2.06/bin/javac

checking for jar... no

checking for ant... /usr/bin/ant

checking for javah... no

checking for sudo... /usr/bin/sudo

checking for gcc... gcc

checking for C compiler default output... a.out

checking whether the C compiler works... yes

checking whether we are cross compiling... no

checking for suffix of executables...

checking for suffix of object files... o

checking whether we are using the GNU C compiler... yes

checking whether gcc accepts -g... yes

checking for gcc option to accept ANSI C... none needed

checking for style of include used by make... GNU

checking dependency style of gcc... gcc3

checking build system type... i686-pc-linux-gnu

checking host system type... i686-pc-linux-gnu

checking for ld used by GCC... /usr/i686-pc-linux-gnu/bin/ld

checking if the linker (/usr/i686-pc-linux-gnu/bin/ld) is GNU ld... yes

checking for /usr/i686-pc-linux-gnu/bin/ld option to reload object files... -r

checking for BSD-compatible nm... /usr/bin/nm -B

checking for a sed that does not truncate output... /bin/sed

checking whether ln -s works... yes

checking how to recognise dependent libraries... pass_all

checking command to parse /usr/bin/nm -B output... ok

checking how to run the C preprocessor... gcc -E

checking for egrep... grep -E

checking for ANSI C header files... yes

checking for sys/types.h... yes

checking for sys/stat.h... yes

checking for stdlib.h... yes

checking for string.h... yes

checking for memory.h... yes

checking for strings.h... yes

checking for inttypes.h... yes

checking for stdint.h... yes

checking for unistd.h... yes

checking dlfcn.h usability... yes

checking dlfcn.h presence... yes

checking for dlfcn.h... yes

checking for ranlib... ranlib

checking for strip... strip

checking for objdir... .libs

checking for gcc option to produce PIC... -fPIC

checking if gcc PIC flag -fPIC works... yes

checking if gcc static flag -static works... yes

checking if gcc supports -c -o file.o... yes

checking if gcc supports -c -o file.lo... yes

checking if gcc supports -fno-rtti -fno-exceptions... yes

checking whether the linker (/usr/i686-pc-linux-gnu/bin/ld) supports shared libraries... yes

checking how to hardcode library paths into programs... immediate

checking whether stripping libraries is possible... yes

checking dynamic linker characteristics... GNU/Linux ld.so

checking if libtool supports shared libraries... yes

checking whether to build shared libraries... yes

checking whether to build static libraries... no

checking whether -lc should be explicitly linked in... no

creating libtool

checking for pthread_mutex_lock in -lpthread... yes

checking for pthread_mutex_lock in -lpthreads... no

checking for socket in -lsocket... no

checking for _xti_accept in -lnsl... no

checking for an ANSI C-conforming const... yes

configure: error: java is requiered - please install at least the Java(TM) 2 SDK.

```

----------

## bitwh0re

 *pneum0nia wrote:*   

> I am now having problems configuring the open-exchange 0.7.5 source as described in the source.  It is complaining that I don't have java installed, but I installed it via the binary (sun-jdk).
> 
> ```
> ./configure --enable-webdav 
> 
> ...

 

either do the config as a user or as root type 'env-update && source /etc/profile'

----------

## pneum0nia

That was it.  Thanx again.  I think you should add that to the doc.  I'm so used to compiling via Gentoo's ebuilds that I forgot about updating the environment.

----------

## pneum0nia

I am now having trouble compiling open-exchange 0.7.5.

```

./configure --enable-webdav --with-mailjar=/usr/share/sun-jaf-bin/lib/activation.jar --with-activationjar=/usr/share/sun-jaf-bin/lib/activation.jar --with-jdomjar=/usr/share/jdom/lib/jdom.jar --with-xercesjar=/usr/share/xerces-2/lib/xercesImpl.jar --with-jsdkjar=/opt/tomcat5/common/lib/servlet-api.jar --with-jdbcjar=/usr/share/jdbc3-postgresql-1/lib/pg73jdbc3.jar --with-dbname=openexchange --with-dbuser=open-xchange --with-dbpass=oxen --with-runuid=apache --with-servletdir=/opt/tomcat5/webapps/servlet/ --with-htdocsdir=/var/www/localhost/htdocs/ --with-cgibindir=/var/www/localhost/cgi-bin/ --with-jni-dir=/opt/sun-jdk-1.4.2.06/include/ --with-openssl-dir=/usr/include/

checking for a BSD-compatible install... /bin/install -c

checking whether build environment is sane... yes

/home/pneumonia/temp/open-xchange.0.7.5/missing: Unknown `--run' option

Try `/home/pneumonia/temp/open-xchange.0.7.5/missing --help' for more information

configure: WARNING: `missing' script is too old or missing

checking for gawk... gawk

checking whether make sets $(MAKE)... yes

checking whether make sets $(MAKE)... (cached) yes

checking for a BSD-compatible install... /bin/install -c

checking for java... /opt/sun-jdk-1.4.2.06/bin/java

checking for jikes... /opt/sun-jdk-1.4.2.06/bin/javac

checking for jar... /opt/sun-jdk-1.4.2.06/bin/jar

checking for ant... /usr/bin/ant

checking for javah... /opt/sun-jdk-1.4.2.06/bin/javah

checking for sudo... /usr/bin/sudo

checking for gcc... gcc

checking for C compiler default output... a.out

checking whether the C compiler works... yes

checking whether we are cross compiling... no

checking for suffix of executables...

checking for suffix of object files... o

checking whether we are using the GNU C compiler... yes

checking whether gcc accepts -g... yes

checking for gcc option to accept ANSI C... none needed

checking for style of include used by make... GNU

checking dependency style of gcc... gcc3

checking build system type... i686-pc-linux-gnu

checking host system type... i686-pc-linux-gnu

checking for ld used by GCC... /usr/i686-pc-linux-gnu/bin/ld

checking if the linker (/usr/i686-pc-linux-gnu/bin/ld) is GNU ld... yes

checking for /usr/i686-pc-linux-gnu/bin/ld option to reload object files... -r

checking for BSD-compatible nm... /usr/bin/nm -B

checking for a sed that does not truncate output... /bin/sed

checking whether ln -s works... yes

checking how to recognise dependent libraries... pass_all

checking command to parse /usr/bin/nm -B output... ok

checking how to run the C preprocessor... gcc -E

checking for egrep... grep -E

checking for ANSI C header files... yes

checking for sys/types.h... yes

checking for sys/stat.h... yes

checking for stdlib.h... yes

checking for string.h... yes

checking for memory.h... yes

checking for strings.h... yes

checking for inttypes.h... yes

checking for stdint.h... yes

checking for unistd.h... yes

checking dlfcn.h usability... yes

checking dlfcn.h presence... yes

checking for dlfcn.h... yes

checking for ranlib... ranlib

checking for strip... strip

checking for objdir... .libs

checking for gcc option to produce PIC... -fPICchecking if gcc PIC flag -fPIC works... yes

checking if gcc static flag -static works... yes

checking if gcc supports -c -o file.o... yes

checking if gcc supports -c -o file.lo... yes

checking if gcc supports -fno-rtti -fno-exceptions... yes

checking whether the linker (/usr/i686-pc-linux-gnu/bin/ld) supports shared libraries... yes

checking how to hardcode library paths into programs... immediate

checking whether stripping libraries is possible... yes

checking dynamic linker characteristics... GNU/Linux ld.so

checking if libtool supports shared libraries... yes

checking whether to build shared libraries... yes

checking whether to build static libraries... no

checking whether -lc should be explicitly linked in... no

creating libtool

checking for pthread_mutex_lock in -lpthread... yes

checking for pthread_mutex_lock in -lpthreads... no

checking for socket in -lsocket... no

checking for _xti_accept in -lnsl... no

checking for an ANSI C-conforming const... yes

** WebDAV enabled per user request

checking sys/socket.h usability... yes

checking sys/socket.h presence... yes

checking for sys/socket.h... yes

checking for sys/types.h... (cached) yes

checking netinet/in.h usability... yes

checking netinet/in.h presence... yes

checking for netinet/in.h... yes

checking netinet/tcp.h usability... yes

checking netinet/tcp.h presence... yes

checking for netinet/tcp.h... yes

checking netdb.h usability... yes

checking netdb.h presence... yes

checking for netdb.h... yes

checking fcntl.h usability... yes

checking fcntl.h presence... yes

checking for fcntl.h... yes

checking signal.h usability... yes

checking signal.h presence... yes

checking for signal.h... yes

checking for unistd.h... (cached) yes

checking for string.h... (cached) yes

Buildfile: OX_COMPILE_CHECK.xml

compile:[javac] Compiling 1 source file

BUILD SUCCESSFUL

Total time: 6 seconds

configure: WARNING: it seems that the database can not be reached ... maybe the application will not work as expected

configure: creating ./config.status

config.status: creating build.xml

config.status: creating Makefile

config.status: creating src/Makefile

config.status: creating src/misc/Makefile

config.status: creating src/misc/login/login.pm

config.status: creating src/misc/ssl/Makefile

config.status: creating javabuild/Makefile

config.status: creating bin/groupware/openexchange-groupware

config.status: creating bin/webmail/openexchange-webmail

config.status: creating bin/groupware/openexchange-sessiond

config.status: creating sbin/addgroup_ox

config.status: creating sbin/addresource_ox

config.status: creating sbin/addresourcegroup_ox

config.status: creating sbin/addresourcetogroup_ox

config.status: creating sbin/adduser_ox

config.status: creating sbin/addusersql_ox

config.status: creating sbin/addusertogroup_ox

config.status: creating sbin/changeuserattr_ox

config.status: creating sbin/changecyruspass_ox

config.status: creating sbin/delgroup_ox

config.status: creating sbin/delresource_ox

config.status: creating sbin/delresourcefromgroup_ox

config.status: creating sbin/delresourcegroup_ox

config.status: creating sbin/deluser_ox

config.status: creating sbin/deluserfromgroup_ox

config.status: creating sbin/correctfilespool

config.status: creating system/etc/init.d/groupware

config.status: creating system/etc/init.d/webmail

config.status: creating system/etc/init.d/sessiond

config.status: creating system/etc/init.d/openexchange

config.status: creating system/servlet/web.xml

config.status: creating conf/groupware/system.properties

config.status: creating conf/groupware/server.conf

config.status: creating conf/webmail/server.conf

config.status: creating conf/webmail/system.properties

config.status: creating conf/admintools.conf

config.status: executing depfiles commands

```

```

[javac]     58.     public static boolean hasRight(Folder folder, Rights.Right right) {

    [javac]                                                                  ^---^

    [javac] *** Semantic Error: Type "Rights.Right" was not found.

    [javac]     59.         IMAPFolder fa = null;

    [javac]                 ^--------^

    [javac] *** Semantic Error: Type "com.openexchange.webmail.folder.IMAPFolder" was not found.

    [javac]     65.             fa = (IMAPFolder)folder; 

    [javac]                           ^--------^

    [javac] *** Semantic Error: A candidate for type "IMAPFolder" was found, but it is invalid and needs to be fixed before this type will successfully compile.

    [javac]     66.             Rights rights = fa.myRights();

    [javac]                     ^----^

    [javac] *** Semantic Error: Type "com.openexchange.webmail.folder.Rights" was not found.

    [javac]     77.     public void getFolderList(List folderList, Folder fimap[]) throws Exception {

    [javac]                                                        ^----^

    [javac] *** Semantic Error: A candidate for type "Folder" was found, but it is invalid and needs to be fixed before this type will successfully compile.

    [javac]     83.             if (((Folder[])fimap[b].list()).length != 0) {

    [javac]                           ^----^

    [javac] *** Semantic Error: A candidate for type "Folder" was found, but it is invalid and needs to be fixed before this type will successfully compile.

    [javac]     84.                 getFolderList(folderList, (Folder[])fimap[b].list());

    [javac]                                                    ^----^

    [javac] *** Semantic Error: A candidate for type "Folder" was found, but it is invalid and needs to be fixed before this type will successfully compile.

make[1]: Leaving directory `/home/pneumonia/temp/open-xchange.0.7.5/javabuild'

BUILD FAILED /home/pneumonia/temp/open-xchange.0.7.5/build.xml:85: The following error occurred while executing this line: /home/pneumonia/temp/open-xchange.0.7.5/build.xml:104: Compile failed; see the compiler error output for details.  Total time: 18 seconds

make[1]: *** [java] Error 1

make: *** [all-recursive] Error 1

```

----------

## bitwh0re

 *pneum0nia wrote:*   

> I am now having trouble compiling open-exchange 0.7.5.
> 
> ```
> 
> ./configure --enable-webdav --with-mailjar=/usr/share/sun-jaf-bin/lib/activation.jar 
> ...

 

double check your ./configure options..  your --with-mailjar should look like this:

```
--with-mailjar=/usr/share/sun-javamail-bin/lib/mail.jar
```

----------

## Primera

I am currently on page 9 of the howto.  I have reached the step 

```
cyradm -user cyrus domain.tld
```

 but this command just hangs and never allows me to continue with the following steps.  I have insured that postfix user is part of the mail group.  I have been unable to look at logs as I do not have /var/log/mail.log or /var/logmail.err.  In the beginning of this thread it suggests to use the full server name in this command, but when I do 

```
cyradm -user cyrus computer.domain.tld
```

 it still hangs.  Thanks for this howto, and thanks in advance for any assistance.

Update: I am able to do

```
cyradm -user cyrus
```

 which gets me to

```
cyradm>
```

 but when I attempt to do 

```
cm user.foo
```

 I get an error message stating "createmailbox: no connection to server".  It would appear that I am having trouble connecting to the server when I use the full command.

----------

## bitwh0re

 *Primera wrote:*   

> I am currently on page 9 of the howto.  I have reached the step 
> 
> ```
> cyradm -user cyrus domain.tld
> ```
> ...

 

Ensure that your hostname is in your /etc/hosts file.  You may be using a different system logger than what I've used (sysklogd) and that could explain why you don't see mail.log and/or mail.err

----------

## Primera

/etc/hosts contains my full hostname 

```
computer.domain.tld
```

.  This appears to be an authentication problem or connection to server problem.  Could someone please post their imapd.conf from a working install?

----------

## Primera

 *Primera wrote:*   

> I am currently on page 9 of the howto.  I have reached the step 
> 
> ```
> cyradm -user cyrus domain.tld
> ```
> ...

 

I'm pretty sure my problem lies in /etc/cyrus.conf or /etc/imapd.conf.  If anyone could post those files from a working server that would be great.

----------

## pneum0nia

```
cyradm -user cyrus domain.tld
```

Try cyradm -user cyrus localhost.

----------

## pneum0nia

I am getting the following apache error after I try and login:

```

Forbidden

You don't have permission to access /servlet/intranet on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

```

Before this, I was getting that /servlet/intranet/ didn't exist, so I created it and created a symlink to the tomcat servlet dir.  I never read about any of this in the doc.

----------

## Primera

```
cyradm -user cyrus localhost
```

 also does not work.

----------

## bitwh0re

 *pneum0nia wrote:*   

> I am getting the following apache error after I try and login:
> 
> ```
> 
> Forbidden
> ...

 

It's because you're not supposed to... the link is made through JK2 and workers2.properties.

----------

## bitwh0re

configs from a working server can be found here:

http://www.mikefetherston.ca/OX/configs

----------

## pneum0nia

I noticed in the doc that it instructs to create the directory 'cfintranet' and place the web files within it.  Is there a config that specifies which directory to look for its webfiles?

----------

## bitwh0re

 *pneum0nia wrote:*   

> I noticed in the doc that it instructs to create the directory 'cfintranet' and place the web files within it.  Is there a config that specifies which directory to look for its webfiles?

 

Do you mean where Apache should look for html files?  Yes, it's the DocumentRoot parameter in apache2.conf.

If instead, you're referring to OX, it's the --with-htdocsdir configure parameter.

OX 0.7.5 now copies over the html files to cfintranet when you make install.

----------

## pneum0nia

Yeah I guess I am just confused as to why the application is looking for '/servlet/intranet' when that directory doesn't exist.

----------

## Primera

I have re-emerged all cyrus packages as well as used your (bitwh0re) configs modified only with my information.  Unfortunately the command 

```
cyradm -user cyrus domain.tld
```

 still hangs.  I have tried domain.tld, computer.domain.tld, and localhost in this command without success.   Any more ideas?

----------

## bitwh0re

 *pneum0nia wrote:*   

> Yeah I guess I am just confused as to why the application is looking for '/servlet/intranet' when that directory doesn't exist.

 

it's a virtual mapping that's created by mod_jk2 in workers2.properties and in the web.xml file:

```
web.xml:

<servlet>

<servlet-name>intranet</servlet-name>

<servlet-class>intranet</servlet-class>

</servlet>

<servlet-mapping>

<servlet-name>intranet</servlet-name>

<url-pattern>/intranet</url-pattern>

</servlet-mapping>
```

```
workers2.properties:

# Example socket channel, override port and host.

[channel.socket:ox-domain.tld:8009]

port=8009

host=ox-domain.tld

# define the worker

[ajp13:ox-domain.tld:8009]

channel=channel.socket:ox-domain.tld:8009

group=lb

# Map the Tomcat examples webapp to the Web server uri space

[uri:/examples/*]

group=lb

[status:]

info=Status worker, displays runtime information

[uri:/jkstatus/*]

info=The Tomcat /jkstatus handler

group=status:

[uri:/servlet/*]

worker=ajp13:ox-domain.tld:8009
```

I hope that helps to clear it up as to how the mapping is created.

----------

## bitwh0re

 *Primera wrote:*   

> I have re-emerged all cyrus packages as well as used your (bitwh0re) configs modified only with my information.  Unfortunately the command 
> 
> ```
> cyradm -user cyrus domain.tld
> ```
> ...

 

can you verify that imap is indeed listening on port 143 by telnetting to your host (to port 143)?

----------

## pneum0nia

Yeah it does...it actually made more sense when I viewed things via the tomcat administration panel.

----------

## Primera

 *Quote:*   

> can you verify that imap is indeed listening on port 143 by telnetting to your host (to port 143)?

 

Yes, telnet to imap port was working great...I've started over from the beginning with a fresh install...I'll report if I get the same problem.

----------

## killercow

I have configured tomcat to start the /servlet app, but when i start it trough the manager at :8080, it says:

FAIL - Application at context path /servlet could not be started

what could be wrong? i know i did some things a bit different to get everything installed, i checked to see if the .class and .jar files are in the tomcat/*/servlet dir 

When i continue with the guide, and later on start OX, it all works as expected, i can see the login screen, and it logs me in, but as soon as it redirects me to http://10.0.0.150/servlet/groupware.......

i get a 404 error,

Apache's error_log says it can't find the dir servlet in /var/www/localhost/htdocs/servlet

So im guessing the mod_jk2 thing isn't working as expected, which probably depends on tomcat to get the /servlet application started.

Any clues?

FIXED:

while searhing for answers i found out that /opt/tomcat5/logs/catalina.out contains the errors that the manager doesn't display, it said the xml of my web.xml was not correct, i have corrected it and now it works, at least, the servlet starts.

Not so fixed after all,

after restarting tomcat i see that the servet has been loaded as openExchange.

And after reloading apache,tomcat and all of the OX daemons i can login to the perl script without getting the 500 error.

But when i get redirect apache still looks for /servlet in its localhost/htdocs dir.

Im getting lost in the config scripts here, :/ Were to look for typo's?

My tomcat manager doens't seem to get any connections on jk-8009, which i persume would be the proces apache should be talking to?

----------

## sardiskan

I would like to use open-xchange but I already have a mail server running that I would like open-xchange to connect to. Will it do that?

----------

## sardiskan

My postfix install sends email to outside domains but not to my own domain. THe client sides shows that the message has been sent, but the other user never gets it and I guess the timeout on postfix is long because I haven't recieved a bounce yet.

Jason

----------

## dashnu

@ killercow  It sound as if it has something to do with mod_jk.  I would also look at your apache logs to see what mod_jk is doing..

@ sardiskan  I think we would need more info on your mail server to give you any answers. Do you use ldap to authenticate to your mail server? .. cryus-imapd  ? sasl ?

----------

## killercow

for some reason stupid litle bugs seem to persist more easily when the workday is getting at the end.

just booted the server and all was solved within 15 minutes. guess i was getting tired and overlooked some things. 

(it was just a typo in the modules conf part of apache.)

allmost everything works now,

deleting contacts gives me an sql error, which says autocomming=off is no longer supported.

isn't that a bug which emerged when i guess postgresql dropped support for that?

Does anyone have any luck reaching the ldap server from within thunderbird? i add it to the ldap servers list like the OX wiki says, but it won't give me any of my contacts, or an error.

----------

## sardiskan

if I login with an incorrectly user/pass it gives me an

authentication error (which is good), but if I give the correct

user/pass information, it goes and logs me in but it bring up a black webpage. What's up with that. any ideas.

----------

## sardiskan

 *init-zero wrote:*   

> @ killercow  It sound as if it has something to do with mod_jk.  I would also look at your apache logs to see what mod_jk is doing..
> 
> @ sardiskan  I think we would need more info on your mail server to give you any answers. Do you use ldap to authenticate to your mail server? .. cryus-imapd  ? sasl ?

 

init-zero I use qmail and vpopmail as my email services. Qmail is used to send, and vpopmail is used to capture. Does that help?

----------

## sardiskan

Ok, I appear to be getting logged into the server, I don't get any error message when I logon with my "john" user, but I get a black website. There is literally nothing in it. Any ideas?

----------

## Swell°

Hi,

First thanks for this great howto! Great job

But, i have a problem when i want to start slapd, I have this error:

```

Dec  5 02:06:50 [slapd] SQL engine 'mysql' not supported

Dec  5 02:06:50 [slapd] auxpropfunc error no mechanism available_

```

I don't know what's wrong...

----------

## drakkan

Hi, I'm following your howto but I'm having some trouble configuring ldap (this is the first time I configure ldap):

my sldap.conf has the following entries, as howto suggests:

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/inetorgperson.schema

include         /etc/openldap/schema/openldap.schema

include         /etc/openldap/schema/misc.schema

include         /etc/openldap/schema/nis.schema

#include        /etc/openldap/schema/openxchange.schema

allow bind_v2

suffix  "dc=homenetwork,dc=it"

rootdn  "cn=Manager,dc=homenetwork,dc=it"

index   objectClass     pres,eq

#index  cn,sn,uid eq

index   gidNumber,memberUid eq

#index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub

but when I start ldap with /etc/init.d/slapd start , I have the following error:

* Starting ldap-server...

/etc/openldap/schema/cosine.schema: line 1071: ObjectClass not found: "person  [ !! ]

how I can fix this?

thanks 

drakkan

----------

## Swell°

 *drakkan wrote:*   

> Hi, I'm following your howto but I'm having some trouble configuring ldap (this is the first time I configure ldap):
> 
> 

 

Same as me...

----------

## drakkan

 *Swell° wrote:*   

>  *drakkan wrote:*   Hi, I'm following your howto but I'm having some trouble configuring ldap (this is the first time I configure ldap):
> 
>  
> 
> Same as me...

 

I have solved the slapd start problem a good slapd.conf is the following:

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include         /etc/openldap/schema/core.schema

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/inetorgperson.schema

include         /etc/openldap/schema/openldap.schema

include         /etc/openldap/schema/misc.schema

include         /etc/openldap/schema/nis.schema

#include        /etc/openldap/schema/openxchange.schema

allow bind_v2

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral       ldap://root.openldap.org

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

# Load dynamic backend modules:

# modulepath    /usr/lib/openldap/openldap

# moduleload    back_bdb.la

# moduleload    back_ldap.la

# moduleload    back_ldbm.la

# moduleload    back_passwd.la

# moduleload    back_shell.la

# Sample security restrictions

#       Require integrity protection (prevent hijacking)

#       Require 112-bit (3DES or better) encryption for updates

#       Require 63-bit encryption for simple bind

# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:

#       Root DSE: allow anyone to read it

#       Subschema (sub)entry DSE: allow anyone to read it

#       Other DSEs:

#               Allow self write access

#               Allow authenticated users read access

#               Allow anonymous users to authenticate

#       Directives needed to implement policy:

# access to dn.base="" by * read

# access to dn.base="cn=Subschema" by * read

# access to *

#       by self write

#       by users read

#       by anonymous auth

#

# if no access controls are present, the default policy is:

#       Allow read by all

#

# rootdn can always write!

#######################################################################

# ldbm database definitions

#######################################################################

database        bdb

suffix          "dc=homenetwork,dc=it"

rootdn          "cn=Manager,dc=homenetwork,dc=it"

# Cleartext passwords, especially for the rootdn, should

# be avoid.  See slappasswd( :Cool:  and slapd.conf(5) for details.

# Use of strong authentication encouraged.

rootpw          secret

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory       /var/lib/openldap-data

# Indices to maintain

index   objectClass     pres,eq

#index cn,sn,uid eq

index gidNumber,memberUid eq

#index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub

now I have another problem: 

I create the following ldap.ldif file:

dn:             dc=homenetwork,dc=it

objectclass:    dcObject

objectclass:    organization

o:              HOMENETWORK

dc:             homenetwork

dn:             cn=Manager,dc=homenetwork,dc=it

objectclass:    organizationalRole

cn:             Manager

but when I issue the command :

slapadd -l ldap.ldif

I have the error:

slapadd: could not parse entry (line=6)

----------

## Swell°

@drakkan: thanks but my problem is not coming from the slapd.conf, I don't understand why it tells me SQL engine 'mysql' not supported 

I hope someone can help...

Thanks anyway

----------

## Rosjahh

Hi, I've been busy trying to get OX working with help of Mike's guide. Exellent guide. Thank you!

However, I'm having trouble to log in. I just get "Authentication failed!" above the login box. I've looked in all the logs that I thought are relevant,  inside /var/open-xchange/log, messages, auth, slapd etc. and also tried to watch output when i start the openexchange starting scripts in a terminal. There I do get some output, but no error messages. sessiond.log shows me:

```

Creating directory '/home/httpd'.

Creating directory '/home/httpd/.maildir'.

Creating directory '/home/httpd/.maildir/cur'.

Creating directory '/home/httpd/.maildir/new'.

Creating directory '/home/httpd/.maildir/tmp'.

```

webmail.log and groupware.log are empty. slap doesn't give me any indication that open-xchange is contacting ldap.

Apache confirms that it has started the mod_jk2/2.0.4 module. No errors.

I'm doind two things a little different from the guide: I'm trying to use courier instead of cyrus, and I configured the ldap differently so that the Open-xchange setup just merges with my samba configuration. But I guess that this should not be a problem. I should at least be able to see some errors, right?

What should I double check? Any suggestions?

ThanksLast edited by Rosjahh on Sun Dec 05, 2004 12:20 am; edited 1 time in total

----------

## drakkan

 *Rosjahh wrote:*   

> Hi, I've come to page Mike's guide. Exellent guide. Thank you!
> 
> 

 

can you post your ldap.ldif, please? I'm having trouble with slapadd (the previous post),

thanks

drakkan

----------

## drakkan

 *bitwh0re wrote:*   

>  *sardiskan wrote:*   I was following the install guide and I have come to a stopping point. During the "Initialize LDAP tree" phase I have a create a file called ldap.diff and configure it. Then I have to add this tree configuration to ldap by running:
> 
> ```
> slapadd -l ldap.ldif
> ```
> ...

 

I have the same problem:

gentoo openldap # ldapadd -x -D "cn=Manager,dc=homenetwork,dc=it" -W -f ldap.ldif

Enter LDAP Password:

adding new entry "dc=homenetwork,dc=it "

ldapadd: update failed: dc=homenetwork,dc=it

ldap_add: Invalid syntax (21)

        additional info: objectclass: value #0 invalid per syntax

ldap.conf:

gentoo openldap # cat ldap.conf

# $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.9 2000/09/04 19:57:01 kurt Exp$

#

# LDAP Defaults

#

# See ldap.conf(5) for details

# This file should be world readable but not world writable.

#BASE   dc=example, dc=com

#URI    ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT      12

#TIMELIMIT      15

#DEREF          never

BASE dc=homenetwork, dc=it

URI ldap://homenetwork.it

HOST homenetwork.it

----------

## dashnu

@Swell : recompile ldap with -mysql in your use flag. Or do an equery uses openldap and see if mysql support is compiled in. I have no idea why you would be pulling this from slapd..

@sardiskan : I could be wrong but I do not think that mail server will work well with OX.

@the other people: I am not at work but I will be able to look at your problems more on monday if they have not been resolved.

bitwh0re get in here !!   :Very Happy: 

----------

## Rosjahh

 *drakkan wrote:*   

>  *Rosjahh wrote:*   Hi, I've come to page Mike's guide. Exellent guide. Thank you!
> 
>  
> 
> can you post your ldap.ldif, please? I'm having trouble with slapadd (the previous post),
> ...

 

drakkan, I don't see anything wrong with your ldif file. It's the same as mine except that I have a different domain ofcourse. The errors you get are also not familiar to me. Personnaly I had to mess a little with my schema's in /etc/openldap/slapd.conf to get it working.  I really don't know if this is the case with you to. My schemas are now;

```

include         /etc/openldap/schema/core.schema

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/nis.schema

include         /etc/openldap/schema/inetorgperson.schema

include         /etc/openldap/schema/samba.schema

include         /etc/openldap/schema/qmail.schema

include        /etc/openldap/schema/openxchange.schema

```

At least i can restart openldap with this configuration, I can add the ldif file, and my previous postfix configuration still works (I need qmail.schema for that). I don't know if this will cause me problems later on.

At the moment open-xchange doesn't even talk to openldap.

----------

## Swell°

@Everybody here: My ldap works 

I'AM VERY STUPID... there was a stupid mistake in my slapd.conf...

What can be good to had in the doc is:

```

This command test the config file!

/usr/lib/slapd -t

```

----------

## Swell°

OK, it's almost working!   :Very Happy: 

I have three problems right now:

1st: I can't connect to Cyrus-IMAP server...

```

It's working now, i had to my /etc/imap.conf

allowplaintext = yes

```

2nd: I can't delete contact...

3rd: When i delete a task, the task is deleted, but i get logged out of Open Xchange

TIA

----------

## sardiskan

My open-xchange is ALMOST working, but I have run into a problem. When I login, the machine gives me a sessionID but when it brings me to the "next" page, there is nothing there. Basically, I login, and then I get logged into a blank page. Anyone have any ideas?

----------

## Swell°

Here are a few things that may be added to this great howto:

Before starting Openldap do:

```
/usr/lib/slapd -t 
```

This will test your slapd.conf

If Cyrus-Imap doesn't accept your login change that in /etc/imap.conf

```
allowplaintext = yes 
```

If you log in Cyrus-Imap but it tells that no mailbox exist:

Log in cyradm

```
cyradm -user cyrus ox-domain.tld
```

Check the name of all your mailboxes

```
 ox-domain.tld> lm
```

If one you mailbox doesn't start with user.<username>

Then you have to rename it

```
ox-domain.tld>sam <mail_box_with_bad_name> cyrus c

ox-domain.tld>renm <mail_box_with_bad_name> user.<username>

```

----------

## bitwh0re

 *drakkan wrote:*   

> Hi, I'm following your howto but I'm having some trouble configuring ldap (this is the first time I configure ldap):
> 
> my sldap.conf has the following entries, as howto suggests:
> 
> include         /etc/openldap/schema/cosine.schema
> ...

 

The text in the HOWTO in *BLUE* does *NOT* represent the contents of an entire configuration file.  As it says in the beginning of the document, blue text is the text in the configuration file that is either added or changed.

If you want to look at the configs from a working OX install, visit:

http://www.mikefetherston.ca/OX/configs

----------

## bitwh0re

 *init-zero wrote:*   

> 
> 
> @sardiskan : I could be wrong but I do not think that mail server will work well with OX.
> 
> bitwh0re get in here !!  

 

There are posts on the General mailing list at OX's website about what configuration changes need to be made to get courier working in place of cyrus.

init-zero: I'm back!   :Razz: 

----------

## bitwh0re

 *Swell° wrote:*   

> @Everybody here: My ldap works 
> 
> I'AM VERY STUPID... there was a stupid mistake in my slapd.conf...
> 
> What can be good to had in the doc is:
> ...

 

Thanks, I'll be sure to add that!

----------

## Rosjahh

Hi,

I'm finally having some reaction from apache, the cgi script segfaults.   :Confused: 

Now I'm trying to rebuild stuff, but I'm having this error when I configure open-xcahnge-0.7.4:

```
checking for unistd.h... (cached) yes

checking for string.h... (cached) yes

Buildfile: OX_COMPILE_CHECK.xml

compile:

    [javac] Compiling 1 source file

BUILD SUCCESSFUL

Total time: 14 seconds

configure: WARNING: it seems that the database can not be reached ... maybe the application will not work as expected

configure: creating ./config.status

config.status: creating build.xml
```

I'm configuring open-xchange, with this configure command:

```
./configure --enable-webdav --with-mailjar=/usr/share/sun-javamail-bin/lib/mail.jar --with-activationjar=/usr/share/sun-jaf-bin/lib/activation.jar --with-jdomjar=/usr/share/jdom/lib/jdom.jar --with-xercesjar=/usr/share/xerces-2/lib/xercesImpl.jar --with-jsdkjar=/opt/tomcat5/common/lib/servlet-api.jar --with-jdbcjar=/usr/share/jdbc3-postgresql-1/lib/pg73jdbc3.jar --with-dbname=openexchange --with-dbuser=open-xchange --with-dbpass=oxmailtjes --with-runuid=apache --with-servletdir=/opt/tomcat5/webapps/servlet/ --with-htdocsdir=/var/www/localhost/htdocs/ --with-cgibindir=/var/www/localhost/cgi-bin/ --with-jni-dir=/opt/sun-jdk-1.4.2.06/include/
```

Differently from Mike's guide, the jdbc3 jar lives in a different location now and the name of the ebuild now changed from jdbc-postgresql to jdbc3-postgresql. So this is the contents of that package:

```
server rogier # qpkg -l jdbc

dev-java/jdbc3-postgresql-7.3 *

CONTENTS:

/usr

/usr/share

/usr/share/jdbc3-postgresql-1

/usr/share/jdbc3-postgresql-1/lib

/usr/share/jdbc3-postgresql-1/lib/pg73jdbc3.jar

/usr/share/jdbc3-postgresql-1/package.env

```

Also, I have created the user 'open-xchange' in postgresql. So why would open-xchange not be able to connect to postgresql ??!!

----------

## Swell°

 *sardiskan wrote:*   

> My open-xchange is ALMOST working, but I have run into a problem. When I login, the machine gives me a sessionID but when it brings me to the "next" page, there is nothing there. Basically, I login, and then I get logged into a blank page. Anyone have any ideas?

 

I just had the same problem here, i have recompiled open xchange with the good jdbc connector! And i forgot something in the ./configure it was the db-user!  :Smile: 

So do that!

 *Quote:*   

> 
> 
> stop the services sessiond groupware webmail
> 
> go to the open-xchange source dir and do that
> ...

 

And it should work!  :Smile:  i hope!

----------

## Swell°

Here is a very quick and very dirty init.d script for open xchange...

```

depend() {

        need net

}

start() {

        einfo "Starting Open XChange"

        ebegin "  Starting Sessiond"

        start-stop-daemon --start --quiet --exec /usr/local/open-xchange/bin/openexchange-sessiond --p /var/run/sessiond -b -m

        eend $? "  Failed to start sessiond"

        ebegin "  Starting Groupware"

        start-stop-daemon --start --quiet --exec /usr/local/open-xchange/bin/openexchange-groupware --p /var/run/groupware -b -m

        eend $? "  Failed to start Groupware"

        ebegin "  Starting Webmail"

        start-stop-daemon --start --quiet --exec /usr/local/open-xchange/bin/openexchange-webmail --p /var/run/webmail -b -m

        eend $? "  Failed to start Webmail"

}

stop() {

        ebegin "Stopping Open XChange"

        /usr/local/open-xchange/etc/init.d/openexchange stop > /dev/null

        eend $? "Failed to stop OpenXChange"

}

```

----------

## bitwh0re

 *Rosjahh wrote:*   

> Hi,
> 
> I'm finally having some reaction from apache, the cgi script segfaults.  
> 
> Now I'm trying to rebuild stuff, but I'm having this error when I configure open-xcahnge-0.7.4:
> ...

 

The "cannot contact the database" issue is completely fine.  I get it everytime I build OX, and OX works.  Don't worry about it.

As for the jdbc ebuild, that was a typo on my part.  I've updated the HOWTO but haven't released the latest version yet.  I was hoping to have that done soon, but other more pressing matters have claimed my attention.

----------

## sardiskan

 *Swell° wrote:*   

>  *sardiskan wrote:*   My open-xchange is ALMOST working, but I have run into a problem. When I login, the machine gives me a sessionID but when it brings me to the "next" page, there is nothing there. Basically, I login, and then I get logged into a blank page. Anyone have any ideas? 
> 
> I just had the same problem here, i have recompiled open xchange with the good jdbc connector! And i forgot something in the ./configure it was the db-user! 
> 
> So do that!
> ...

 

Ok, I did all of that and I still have the same problem. I get logged into a blank webpage. Any other ideas out there?

----------

## bitwh0re

 *sardiskan wrote:*   

> 
> 
> When I do the make && make install I get alot of error messages that appear on the screen. Is that normal?

 

Yup, as long as when it's done it looks like the make completed without any fatal errors.

----------

## sardiskan

 *bitwh0re wrote:*   

>  *sardiskan wrote:*   
> 
> When I do the make && make install I get alot of error messages that appear on the screen. Is that normal? 
> 
> Yup, as long as when it's done it looks like the make completed without any fatal errors.

 

ok, I've done all those things, and I still get logged into a black webpage. Any more ideas?

----------

## dashnu

I have never heard of a Black screen... also that does not tell us anything.. exceptions from logs apache log / tomcat log / session log / groupware log / ldap log / postgresql log /etc etc... would help out.. It is impossible to debug with out some sort of _real_ indication of what is going on..

----------

## conloos

hi,

i have a strange problem: if i try to login (with the right pw) i get a  Internal Server Error  and the apache error.log say's:

```

Can not build up Socket!, referer: http://xxx/cgi-bin/login.pl

ERRNO=<Connection refused> in getSocket. Can not connect do SessionD, referer: http://xxx/cgi-bin/login.pl

Premature end of script headers: login.pl, referer: http://x/cgi-bin/login.pl

```

i have checked and checked again but can't find the problem.

Thanks con

----------

## killercow

 *conloos wrote:*   

> hi,
> 
> i have a strange problem: if i try to login (with the right pw) i get a  Internal Server Error  and the apache error.log say's:
> 
> ```
> ...

 

try and start all of the services ox uses by hand, it probably can't find the ox daemons because the normal start script doenst work correctly.

run these and try again:

/usr/local/open-xchange/bin/openexchange-sessiond 

/usr/local/open-xchange/bin/openexchange-groupware

/usr/local/open-xchange/bin/openexchange-webmail

----------

## killercow

My OX webmail gives me the following error:

OPEN-XCHANGE 0.7.5

!!! SYSTEM - ERROR !!!

what can this be?

The logs (as usual) don't give me a whole lot to hold on to.,

I can also still not reach my ldap server from my thunderbird addres book.

It does connect, and ask for the password, but it then gives me no records and says ldap search problem. but no specific error.

using gq i can see my own record but i can't see any contacts unerneath it, does anyone have some good ldap query's for me?

(FIXED) when i try to delete a contact from my OX adres book i get the following error:

bla bla,autocommit is no longer suppored, 

(page reloads too fast to copy the entire error) (FIXED) i needed the new jdbc-postgres connector.

But wait!! there's more!

my constantly get the follwing error when i get a OX portal reload.

```

Exception in MailFunc/checkNewMail

Unable to check for new messages

StackTrace:

javax.mail.AuthenticationFailedException: Login failed: authentication failure

etc etc, bla bla,

```

When i try to connect to cyrus by hand it also fails on me altough the mailbox is there. Any info on this?Last edited by killercow on Thu Dec 09, 2004 11:10 am; edited 2 times in total

----------

## Swell°

 *killercow wrote:*   

> My OX webmail gives me the following error:
> 
> OPEN-XCHANGE 0.7.5
> 
> !!! SYSTEM - ERROR !!!
> ...

 

The problem of the autocommit comes from the jdbc3-postgre connector, you have emerged 7.3, you have to emerge jdbc3-postgresql 7.4.5, then recompile OX!

Make the link to the right jdbc connector and it should work!  :Smile: 

----------

## bdraw

 *Swell° wrote:*   

> Here is a very quick and very dirty init.d script for open xchange...
> 
> ```
> 
> depend() {
> ...

 

Worked for me, but I had to add

```
#!/sbin/runscript
```

On the top line

----------

## bdraw

Anyone have an idea hot to host multiple groups on the same server?

My company hosts mail, and they would like to be able to groupware to the offered services. 

Hosting multiple domains in requards to cyrus, is not hare, but how does one configure ldap or sql?

----------

## sardiskan

I'm afraid I've given up on open-xchange. It is too difficult to setup and as difficult as it is to setup, you'd think there would be some more options. One of the things I don't like is that you can't use a different email service other that open-xchange itself. IT just isn't worth it to me anymore. I've opted for Group-Office. It performs much of the same functions as openxchange but the install is much cleaner and simpler.

Thanks for everyones help,

Jason King

----------

## bitwh0re

 *bdraw wrote:*   

> Anyone have an idea hot to host multiple groups on the same server?
> 
> My company hosts mail, and they would like to be able to groupware to the offered services. 
> 
> Hosting multiple domains in requards to cyrus, is not hare, but how does one configure ldap or sql?

 

I don't think that's possible right now.  It's a question that's been asked before on the mailinglists and I haven't really seen a response.  :Sad: 

----------

## bitwh0re

 *sardiskan wrote:*   

> I'm afraid I've given up on open-xchange. It is too difficult to setup and as difficult as it is to setup, you'd think there would be some more options. One of the things I don't like is that you can't use a different email service other that open-xchange itself. IT just isn't worth it to me anymore. I've opted for Group-Office. It performs much of the same functions as openxchange but the install is much cleaner and simpler.
> 
> Thanks for everyones help,
> 
> Jason King

 

You're welcome and good luck Jason!  I have a question for you.. what do you mean when you refer to:  *Quote:*   

> "One of the things I don't like is that you can't use a different email service other that open-xchange itself."

 

You can connect a fat client (Evo, Outlook, etc) to your IMAP and SMTP server and use it that way.  Pretty much the only requirement is that you need to be using IMAP and not POP3.

----------

## sardiskan

 *bitwh0re wrote:*   

>  *sardiskan wrote:*   I'm afraid I've given up on open-xchange. It is too difficult to setup and as difficult as it is to setup, you'd think there would be some more options. One of the things I don't like is that you can't use a different email service other that open-xchange itself. IT just isn't worth it to me anymore. I've opted for Group-Office. It performs much of the same functions as openxchange but the install is much cleaner and simpler.
> 
> Thanks for everyones help,
> 
> Jason King 
> ...

 

What I mean is that open-xchange is the email program itself. My shop actually already uses another open-source mail program and I wouldn't want to phase it out in order to phase open-xchange in. That is all I mean.

----------

## bitwh0re

 *sardiskan wrote:*   

>  *bitwh0re wrote:*    *sardiskan wrote:*   I'm afraid I've given up on open-xchange. It is too difficult to setup and as difficult as it is to setup, you'd think there would be some more options. One of the things I don't like is that you can't use a different email service other that open-xchange itself. IT just isn't worth it to me anymore. I've opted for Group-Office. It performs much of the same functions as openxchange but the install is much cleaner and simpler.
> 
> Thanks for everyones help,
> 
> Jason King 
> ...

 

Actually, OX simply interfaces with your current e-mail setup, providing it's SMTP and IMAP.  OX simply provides a web interface to that.  I know that OX works with Postfix or Sendmail, and Cyrus or Courier.  OX does not replace your current mail setup or provide any internal mail functionality, it's simply an interface.

----------

## sardiskan

Hey Bitwhore,

Really? Hmm,  I was under the impression the open-xchange WAS the MTA/POP/IMAP server and it wouldn't use another server without some serious adjustments. Anyway, I'll give it another try later. I've run out of time and patience trying to make it this go around. I'll rest from it for a time and try again perhaps. Perhaps by then the HOW-TO will be updated and better than it already is and I'll have an easier time following it. Thanks for all your hard work in documenting this monster.

Jason King

----------

## bitwh0re

 *sardiskan wrote:*   

> Hey Bitwhore,
> 
> Really? Hmm,  I was under the impression the open-xchange WAS the MTA/POP/IMAP server and it wouldn't use another server without some serious adjustments. Anyway, I'll give it another try later. I've run out of time and patience trying to make it this go around. I'll rest from it for a time and try again perhaps. Perhaps by then the HOW-TO will be updated and better than it already is and I'll have an easier time following it. Thanks for all your hard work in documenting this monster.
> 
> Jason King

 

I'm currently running through it with a fresh gentoo system to make sure that the HOWTO works properly.  As well as  making the changes necessary to reflect some new stuff with 0.7.5.

Good Luck!

----------

## bdraw

Is there any hope that the ebuild will work soon?

That would make it alot easier, the other thing that causes alot of problems is coping and pasting out of Acrobat is less than pefect.

On the other hand, I was able to get it to work thanks to your doc, and I really appreciate it.

----------

## monkeyboy

There is an ebuild at bugs.gentoo.org that I have been playing with today.  I'm working on some other install instructions that use that.  It looks like it will be a lot easier to get running.

https://bugs.gentoo.org/show_bug.cgi?id=62197

----------

## bitwh0re

 *bdraw wrote:*   

> Is there any hope that the ebuild will work soon?
> 
> That would make it alot easier, the other thing that causes alot of problems is coping and pasting out of Acrobat is less than pefect.
> 
> On the other hand, I was able to get it to work thanks to your doc, and I really appreciate it.

 

As far as I know the ebuild author doesn't frequent this thread..  :Sad: 

I am working on an HTML version of the HOWTO.  Once that's completed you can kiss the pdf goodbye.

----------

## steffen79

Please HELP me...

i don't get the init_ldap.ldif working...

```

dn: ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: OxObjects

dn: ou=Users,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: Users

dn: ou=Groups,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: Groups

dn: ou=ResourceObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: ResourceObjects

dn: ou=ResourceGroups,ou=ResourceObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: ResourceGroups

dn: ou=Resources,ou=ResourceObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: Resources

dn: ou=AdminObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: AdminObjects

dn: ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: SMTPObjects

dn: ou=DNSObjects,ou=AdminObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: DNSObjects

dn: ou=DHCPObjects,ou=AdminObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: DHCPObjects

dn: o=AddressBook,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organization

o: AddressBook

dn: cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: groupOfNames

cn: AddressAdmins

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=project-1,dc=intern

dn: uid=mailadmin,ou=Users,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: shadowAccount

objectClass: posixAccount

objectClass: person

objectClass: inetOrgPerson

objectClass: OXUserObject

OpenLDAPaci: 1#entry#grant;r,w,s,c;cn,initials,mail,title,ou,l,birthday,description,street,

postalcode,st,c,oxtimezone,homephone,mobile,pager,facsimiletelephonenumber,telephonenumber,

labeleduri,jpegphoto,loginDestination,sn,givenname,;r,s,c;[all]#self#

uid: mailadmin

userPassword: {CRYPT}AGtipTtIKm09s

shadowMin: 0

shadowMax: 9999

shadowWarning: 7

shadowExpire: 0

description: mailadmin

cn: mailadmin mailadmin

uidNumber: 501

gidNumber: 500

homeDirectory: /home/mailadmin/

loginShell: /bin/bash

sn: mailadmin

givenName: mailadmin

mail: mailadmin@example.org

mailDomain: example.org

alias: postmaster

o: Example Org.

smtpServer: localhost

imapServer: localhost

groupwareServer: localhost

webmailServer: localhost

preferredLanguage: EN

userCountry: Tuxworld

mailEnabled: OK

lnetMailAccess: TRUE

OXAppointmentDays: 5

OXGroupID: 500

OXTaskDays: 5

OXTimeZone: Europe/Berlin

writeGlobalAddressBook: TRUE

dn: ou=addr,uid=mailadmin,ou=Users,ou=OxObjects,dc=project-1,dc=intern

ou: addr

objectClass: top

objectClass: organizationalUnit

dn: cn=users,ou=Groups,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: posixGroup

cn: users

userPassword: {crypt}*

memberUid: mailadmin

gidNumber: 500

dn: ou=VirtualDomains,ou=DNSObjects,ou=AdminObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: VirtualDomains

dn: ou=virtual-domain.org,ou=VirtualDomains,ou=DNSObjects,ou=AdminObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

objectClass: OXVDomainObject

ou: virtual-domain.org

MTALocaldomain: true

dn: ou=MailTransports,ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: organizationalUnit

ou: MailTransports

dn: cn=office2,ou=MailTransports,ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=project-1,dc=intern

objectClass: top

objectClass: OXMailTransportObject

smtpDomain: office2.example.org

cn: office2

smtpDomainTransportNexthop: smtp:smtp-gw.example.org

description: transport all mail for office2.example.org to another mail server

```

always get an error in line 101.

seems that the objekt with uid mailadmin is wrong. now testing for 2 days, till i found the error. but whats wrong???

some more infos:

slapd.conf

```

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include   /etc/openldap/schema/core.schema

include   /etc/openldap/schema/cosine.schema

include   /etc/openldap/schema/inetorgperson.schema

include   /etc/openldap/schema/openldap.schema

include   /etc/openldap/schema/misc.schema

include   /etc/openldap/schema/nis.schema

include   /etc/openldap/schema/openxchange.schema

allow bind_v2

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral   ldap://root.openldap.org

pidfile      /var/run/openldap/slapd.pid

argsfile   /var/run/openldap/slapd.args

# Load dynamic backend modules:

# modulepath   /usr/lib/openldap/openldap

# moduleload   back_bdb.la

# moduleload   back_ldap.la

# moduleload   back_ldbm.la

# moduleload   back_passwd.la

# moduleload   back_shell.la

# Sample security restrictions

#   Require integrity protection (prevent hijacking)

#   Require 112-bit (3DES or better) encryption for updates

#   Require 63-bit encryption for simple bind

# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:

#   Root DSE: allow anyone to read it

#   Subschema (sub)entry DSE: allow anyone to read it

#   Other DSEs:

#      Allow self write access

#      Allow authenticated users read access

#      Allow anonymous users to authenticate

#   Directives needed to implement policy:

# access to dn.base="" by * read

# access to dn.base="cn=Subschema" by * read

# access to *

#   by self write

#   by users read

#   by anonymous auth

#

# if no access controls are present, the default policy is:

#   Allow read by all

#

# rootdn can always write!

#######################################################################

# ldbm database definitions

#######################################################################

database   bdb

checkpoint   32   30 # <kbyte> <min>

suffix      "dc=project-1,dc=intern"

rootdn      "cn=Manager,dc=project-1,dc=intern"

# Cleartext passwords, especially for the rootdn, should

# be avoid.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

rootpw      secret

# The database directory MUST exist prior to running slapd AND 

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory   /var/lib/openldap-data

# Indices to maintain

index   objectClass         pres,eq

index   gidNumber,memberUid      eq

index   uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination   eq,sub

```

with ldap.dif i've set the ldap server up:

```

dn: dc=project-1,dc=intern

objectclass: dcObject

objectclass: organization

o: Project1

dc: project-1

dn: cn=Manager,dc=project-1,dc=intern

objectclass: organizationalRole

cn: Manager

```

----------

## bitwh0re

I've just put up v0.15 of the HOWTO.  You can find it here:

http://www.mikefetherston.ca/OX/

----------

## ewtrowbr

Thanks for the awesome Howto, bitwhore... I am really looking forward to getting this monster working. Many of the updates in your 1.15 howto were things I noticed and worked through...

can you please post your /usr/local/open-xchange/share/init_ldap.ldif with your other working config files online? Is it necessary to have a mailadmin user withthe corresponding UID on the system? I have not created this user...

thanks,

erich

----------

## ewtrowbr

I guess I'm getting a littlebit involved... I am a complete openldap n00b, but what I lack in smarts, I make up for in hard-headedness...  :Wink: 

Bitwh0re, please explain on page 11 of your howto that the database directory 'lnetMailAccess' is "l" as in "Larry" and not I as in "Igloo". I think this has fooled a few people, myself included...

erich

----------

## steffen79

you seem to have same problems as i have. can't import the ldap structure.

i have an l like larry there. no word is written in capitals.

the other l's look same way. if you make copy & paste from the pdf it's an l(arry).

----------

## ewtrowbr

you just have to follow the config guide closely...

1) REMOVE the first dn: section in /usr/local/open-xchange/share/init_ldap.ldif

2) Make sure you have the files correct, as described in the HOWTO.

root@ox ewtrowbr #   grep lnet /usr/local/open-xchange/share/init_ldap.ldif

lnetMailAccess: TRUE

root@ox ewtrowbr #   grep lnet /etc/openldap/slapd.conf

index   uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination  eq,sub

root@ox ewtrowbr #

3) If your slapd init state gets jacked up you can '/etc/init.d/slapd zap' to reset the state to off, and then kill whatever pops up in "ps -ax | grep slap"

do you have a specific error message that it's barfing on?

erich

----------

## bitwh0re

soon enough the pdf will become html and copying and pasting will be much easier.  I will add that note as well about Larry.. maybe it should be l as in LDAP?  :Smile: 

If you have troubles importing the ldif files you can always zap the data directory and re-emerge openldap and then try again.  The most common problems are that the tree gets partially created and then it's just a pain to get the rest in.  It's easiest to zap it and recreate it and go over your ldif files with a fine toothed comb.

----------

## ewtrowbr

What is this "inappropriate authentication" message?  Is openldap just griping because I used a plaintext passwd? please advise...

erich

root@ox init.d # /usr/local/open-xchange/sbin/adduser_ox --username="ewtrowbr" --passwd="something" --name="erich" --sname="trowbridge" --maildomain="nois.net" --ox_timezone="CST"

ldap_bind: Inappropriate authentication (4 :Cool: 

LDAP Success

SQL Success

root@ox init.d #

----------

## bitwh0re

 *ewtrowbr wrote:*   

> What is this "inappropriate authentication" message?  Is openldap just griping because I used a plaintext passwd? please advise...
> 
> erich
> 
> root@ox init.d # /usr/local/open-xchange/sbin/adduser_ox --username="ewtrowbr" --passwd="something" --name="erich" --sname="trowbridge" --maildomain="nois.net" --ox_timezone="CST"
> ...

 

hrm, sounds like admintools.conf isn't configured properly.

----------

## -Tom-

Well, having finally got OX up and running thanks to bitwh0re's howto & additional help on here (thanks!  :Laughing:  ), I have stumbled across a problem...   :Sad: 

I only seem to be able to create private calendar entries - whether from the web interface or from Sunbird. Having looked through the database, I figured that the calendar entries are stored in the prg_dates table, and that the 'rights' field is group_right (I think!).

All the entries created have 's' under group_right... Having seen with the contacts table that 's' seems to signify a private entry, and that 'a' seemed to signify a public entry, I tried changing the field within the prg_dates table. This had the effect of removing the entry from the creators' calendar - but did not make it public...  :Confused: 

I have to admit that I have not yet checked the OX forums / bugzilla on this - so am off there now. If it's something logged then fair enough, but I have a feeling that it might be something I am doing, otherwise someone else here would surely have noticed by now?!

 - Tom.

----------

## -Tom-

 *Quote:*   

> All the entries created have 's' under group_right... Having seen with the contacts table that 's' seems to signify a private entry, and that 'a' seemed to signify a public entry, I tried changing the field within the prg_dates table. This had the effect of removing the entry from the creators' calendar - but did not make it public...

 

I have also tried this by setting group_right to 'g' as I have seen in one of the only references I've found about this - but to no avail  :Crying or Very sad: 

 - Tom.

----------

## steffen79

Problem, import the LDIF-File:

uid=mailadmin,ou=Users,ou=OxObjects,dc=project-1,dc=intern

LDAP meldet: Undefined attribute type

Fehlernummer: 0x11 (LDAP_UNDEFINED_TYPE)

that's my error on phpLDAPadmin....

----------

## bitwh0re

 *steffen79 wrote:*   

> Problem, import the LDIF-File:
> 
> uid=mailadmin,ou=Users,ou=OxObjects,dc=project-1,dc=intern
> 
> LDAP meldet: Undefined attribute type
> ...

 

check that your schemas are proper in your slapd.conf file.  note that the howto lists only the changes that need to be made and the text in blue in no way represents a complete configuration file.

----------

## -Tom-

Ok... So please ignore my ramblings in the previous two posts - I was being a little on the stupid side.

I had no idea all that had to be done was to click on the 'show' button to see other calendar entries!  :Embarassed:  Still, it does strike me as slightly odd that the default view is only your own entries - unless you go to 'Teamview' I guess...

There are however problems with Sunbird entries & OX - but that's something for the OX forums  :Laughing: 

 - Tom.

----------

## killercow

I can't seem to login as any user differnt then cyrus to the cyrus server.

I can list the mailboxes when i log on as cyrus. and i can see the mailbox's name is correct, but i can't login.

Does cyrus authenticate to a local user pool? or does it connect to the ldap server? where would i look for the problem?

Is it possible to list the users which i could use to connect to cyrus? (eg which users does cyrus knows about)

Thanks a lot, with this i might actually get the imap part of OX working!

----------

## dashnu

This part is a bit confusing for me also. I am thinking outloud on this one  :Wink:    You create that user with saslpasswd2.  cyrus uses sasl daemon to auth which than uses ldap.. So you should look into sasl and ldap to figure out your problem. One thing to note is that when you create OX-users you do not assign them with a saslpasswd2 passwd manualy. I am not sure if the adduser_ox script does that.   I skimmed it very quickly and did not find any reference to saslpasswd2 commands..

So now after looking into this even more I am still very confused..

 :Rolling Eyes: 

----------

## bitwh0re

 *init-zero wrote:*   

> This part is a bit confusing for me also. I am thinking outloud on this one    You create that user with saslpasswd2.  cyrus uses sasl daemon to auth which than uses ldap.. So you should look into sasl and ldap to figure out your problem. One thing to note is that when you create OX-users you do not assign them with a saslpasswd2 passwd manualy. I am not sure if the adduser_ox script does that.   I skimmed it very quickly and did not find any reference to saslpasswd2 commands..
> 
> So now after looking into this even more I am still very confused..
> 
> 

 

What happens is you create the mailbox only in Cyrus.  You are not creating a user or a password.  You then use sbin/adduser_ox which adds the user to the LDAP tree as well as your database.  Cyrus is configured to use SASL as it's authentication layer, so whenever someone attempts to log into your IMAP server (Cyrus), Cyrus hands the request off to SASL.

SASL is an authentication layer which can use many mechanisms to use (LDAP, PAM, MySQL, and probably a host of others).  In OX's case SASL is configured to talk to LDAP for user information / authentication.

So, in summary:

You log in to IMAP, Cyrus asks SASL what to do, SASL talks to the LDAP tree and authenticates the user, SASL tells Cyrus that it's either ok or not ok.  You do not need to create users using saslpasswd2, just the initial one for the cyradm section.

----------

## dashnu

I understand that,  but what confused me is we have sasl authing against ldap, but when we use saslpasswd2 to add the cyrus user that in fact does _not_ get added to the ldap tree. If sasl used ldap as I thought it would i figured saslpasswd2 would add a user and pass to ldap.. not to the saslpasswd file.. see what I am saying?  

So regarding killercow's issue adding a user via adduser_ox does not give that user any permissions inside cyradm.. It only allows that user to get mail. Adding a saslpasswd2 gives the cyrus user the ability to use cyradm..

Is this correct bitwh0re?

----------

## bitwh0re

 *init-zero wrote:*   

> I understand that,  but what confused me is we have sasl authing against ldap, but when we use saslpasswd2 to add the cyrus user that in fact does _not_ get added to the ldap tree. If sasl used ldap as I thought it would i figured saslpasswd2 would add a user and pass to ldap.. not to the saslpasswd file.. see what I am saying?  
> 
> So regarding killercow's issue adding a user via adduser_ox does not give that user any permissions inside cyradm.. It only allows that user to get mail. Adding a saslpasswd2 gives the cyrus user the ability to use cyradm..
> 
> Is this correct bitwh0re?

 

That is correct sir!  I'm no expert on IMAP, but I don't think that cyradm talks to SASL the same way that the Cyrus daemon does.  I believe that cyradm simply talks to the SASL passwd database whereas the actual Cyrus daemon is configured to talk to SASL and LDAP.  So, because when you create users with adduser_ox and it dumps info into the LDAP and database store it doesn't ever end up in the SASL user database.  

If you want your OX users to be able to *administer* your IMAP server you would have to manually add them to your SASL database.  You could also hack up the adduser_ox file as well.. after all, it is just a text file.  Why you'd want OX users to be able to admin Cyrus is beyond me.

----------

## killercow

my problem isn't just that i can't login with my normal user on cyradm (i thought it was the same login OX uses for its mail part.)

I don't need the user to be able to administer my server, i just need the user to login.

Everytime OX refreshes the front-page it gives a error on the console saying the user can't be authenticated to the imap server.

Since i haven;t figured out how to "browse" the ldap tree to see if the user is actually there and relied on the thought that it was (because i can login to OX which also uses ldap for authentication right?)

Since i do not know how to either list the available users in cyrus/sals or the ldap tree i can't see what's going wrong.

Does anyone of you know how i can tell if the user is there, and how i can see cyrus actually calls on sals to find the user.

Is there a tool which allows me to list the users available to sasl?

Thanks a lot.

----------

## -Tom-

 *killercow wrote:*   

> Since i haven;t figured out how to "browse" the ldap tree

 

Emerge phpldapadmin - it's masked at the moment. It's what I use and is *very* simple to setup  :Smile: 

 - Tom.

----------

## playworker

Hello again  :Smile: 

I'm trying to set up Aliases using the LDAP tree - I can browse the tree using GQ but I can't change anything, I get a permission denied error...

Anybody know how I sort this?

Thanks,  Matt

----------

## steffen79

ok, i got the installation got work  :Smile: 

BUT. I can't delete documents.

And if i try to delete tasks, there comes the same error. cannot delete from database, but then the task is deleted. when i tried, to delete a appointment, i suddenly came to the login page...

also i have no logs.

----------

## fosstux

Hi!

I tried to install OX before using the howto linked on the OX homepage. At that time I didn'tr finish it.

Reason was, that I installed cyrus in order to follow the setup. After one week, I rweturned to my previous setup: courier+postfix.

My question: Has anyone got open-xchange up and running completely using courier and postfix? Does SASL authenricate against ldap? It didn't when I tried it.

Please help!

Thanks.

----------

## dashnu

@playworker You want to make sure you are logging into GQ with your manager user.

@crparr I think that setup will work for you. People have got this to work i believe.  Sasl will auth against ldap. 

I will be able to help a lot more later in the week when I install OX again for production. I am a little bit rusty now.[/code]

----------

## RedNeckCracker

any chances to use qmail+vpopmail+qmailadmin instead of postfix? i don't know how to implement qmail since i don't understand how the mta "speaks" to openxchange.

----------

## dashnu

edit* added more detail..

edit* added perl-ldap

I created a package.use file for OX and all of its deps. This file needs to be put into /etc/portage  If you do not have a /etc/portage directory create it. Than create a package.use file with the following in it ..

```
#USE flags for individual packages#

###################################

net-nds/openldap perl sasl crypt -gdbm

###

net-mail/cyrus-imapd -pam

###

sys-devel/libperl -gdbm 

###

dev-lang/perl -gdbm 

###

dev-libs/cyrus-sasl postgres java ldap -pam -gdbm

###

dev-java/jdom jikes 

###

mail-mta/postfix ldap sasl postgres -pam

###

dev-db/postgresql java perl -pam 

###

net-www/apache ldap -gdbm 

###

www-servers/tomcat jikes

###

app-admin/sudo -pam

###

dev-java/commons-logging jikes

###

dev-java/jython jikes

###

dev-java/regexp jikes

###

dev-java/oro jikes

###

dev-java/rhino jikes

###

dev-java/jzlib jikes

###

dev-java/jsch jikes

###

dev-java/bcel jikes

###

dev-java/junit jikes

###

dev-java/commons-collections jikes

###

dev-java/commons-logging jikes

###

dev-java/commons-beanutils jikes

###

dev-java/jdepend jikes

###

dev-java/ant-tasks jikes javamail

###

dev-java/commons-net jikes

###

dev-perl/perl-ldap sasl

```

This is going to allow your system related packages to compile correctly and still allow your OX related packages to compile with the things you need. For example we use -pam for our OX packages this could / will cause a problem when you go to update some of your system packages.

My use flags in my make.conf cut a lot of the garbage out also.  This server is compiled with nptl from the get-go so if you are not using nptl make sure to take that out.

```
USE="-X -alsa -oss -gif -mad -gpm -gnome -motif -mikmod -encode -kde -apm -nls -arts -avi -bitmap-fonts -cups -foomaticdb -gtk -gtk2 -ipv6 -jpeg -mpeg -oggvorbis -opengl -pdflib -png -qt -quicktime -readline -sdl -truetype -xmms -xv apache2 nptl ssl pam ssh"
```

This will help you keep a cleaner system.  

ono

----------

## RedNeckCracker

Just a question, is it possible using openxchange with outlook (calendar, shared address book) ?

----------

## bitwh0re

 *RedNeckCracker wrote:*   

> Just a question, is it possible using openxchange with outlook (calendar, shared address book) ?

 

Not currently.  For that you need to dish out some cash for SLOX.  The OX team is working on a GPL Outlook connector and it will be released RSN.

----------

## dashnu

however you can share the address book via ldap.

----------

## mxc

What package am i suppost to store the ebuild for openxchange under? When I do a emerge mxc-misc/openxchange, which is a miscellaneous directory I creates it complains.

Thanks

----------

## bitwh0re

Happy Holidays and Merry Christmas everyone!  I've got the core of the HOWTO converted to HTML which can be found here:

http://www.mikefetherston.ca/OX/html/

Have a good set of holidays!!

----------

## face

Hi  :Smile: 

i followed your howto exactly and everything seems to work correctly.

Finally I added a user and wanted to log in, but I was redirected to a blank white screen (http://my-domain.com/servlet/intranet?SITE=beforeAuth&sessionID=7f9c18c1bbc3a1444ee9b66b428c270f) and noticed the following error in /usr/local/open-xchange/var/log/groupware.log :

```

Dec 26 20:01 localhost openexchange: Netline Application Server [NAS 5.0]

Dec 26 20:01 localhost openexchange: (c) Netline Internet Service GmbH

Dec 26 20:01 www openexchange: Linux i386 2.6.9-vs1.9.3vs-1.9.3

Dec 26 20:01 www openexchange: 1.4.2_06-b03

Dec 26 20:01 www openexchange: VM Total Memory       : 20,352 KB

Dec 26 20:01 www openexchange: VM Free Memory        : 19,924 KB

Dec 26 20:01 www openexchange: VM Used Memory        : 428 KB

Dec 26 20:01 www openexchange: system version : [0.7.5] initializing ...

Dec 26 20:01 www openexchange: Using path: /usr/local/open-xchange/

Dec 26 20:01 www openexchange: Loglevel set to: 5

Dec 26 20:01 www openexchange: Setting timeout           : 60000

Dec 26 20:01 www openexchange: Setting start_server      : 1

Dec 26 20:01 www openexchange: Setting thread_pool       : 0

Dec 26 20:01 www openexchange: Setting db_pool           : 5

Dec 26 20:01 www openexchange: Allow non pooled threads  : true

Dec 26 20:01 www openexchange: Setting upload directory  : /tmp/

Dec 26 20:01 www openexchange: Application-Build: 0

Dec 26 20:01 www openexchange: Application-Build: 0

Dec 26 20:01 www openexchange: bind to port 6661

Dec 26 20:01 www openexchange: upload bind to port 6663

 done

Dec 26 20:02 www openexchange: Error getting imapserver, smtpserver in ldap!

Dec 26 20:02 www openexchange: [LDAP: error code 32 - No Such Object]

java.lang.NullPointerException

        at java.util.Hashtable.put(Hashtable.java:393)

        at com.openexchange.groupware.Management.onCheckUserAuth(Management.java:559)

        at com.openexchange.thread.ComfireThread.validateSession(ComfireThread.java:383)

        at com.openexchange.thread.ComfireThread.run(ComfireThread.java:152)

        at java.lang.Thread.run(Thread.java:534)

```

Perhaps anyone have an idea.

thanks

Jens

----------

## ferp2

Hi Face,

I'm in the same boat as you. Whenever I try to login I get a blank page and the following code:

```

server # Dec 26 15:32 localhost openexchange: addSession <84f0043434299c794c88fd33fc33196f>

Dec 26 15:32 localhost openexchange: OK: done

Dec 26 15:32 localhost openexchange: getSession <84f0043434299c794c88fd33fc33196f>

Dec 26 15:32 localhost openexchange: GET AUTH !?!?!?!?!

Dec 26 15:32 localhost openexchange: bWFyawFybXRxY2RvdG5ldAFFTgExOTIuMTY4LjEuMQFwd2FsLnJtdHFjLm5ldA==

Dec 26 15:32 pwal openexchange: Error getting imapserver, smtpserver in ldap!

Dec 26 15:32 pwal openexchange: [LDAP: error code 32 - No Such Object]

java.lang.NullPointerException

        at java.util.Hashtable.put(Hashtable.java:393)

        at com.openexchange.groupware.Management.onCheckUserAuth(Management.java:559)

        at com.openexchange.thread.ComfireThread.validateSession(ComfireThread.java:383)

        at com.openexchange.thread.ComfireThread.run(ComfireThread.java:152)

        at java.lang.Thread.run(Thread.java:534)

```

Notice the first 5 lines use localhost, then on the 6th line it changes to pwal (the machine hostname) and that's where the Error occurs as in:

 *Quote:*   

> 
> 
> pwal openexchange: Error getting imapserver, smtpserver in ldap!
> 
> 

 

So far I'm stumped on this one.

----------

## unused

Brought up a brand new 2004.3 box and decided to follow this howto.

Everything compiles smoothly. 

Use flags set to: USE="-mysql -gtk -gnome -kde java javamail ldap xml javacomm perl sasl xmlrpc javadoc jikes xerces postgres crypt -pam -gdbm -X"

but when using ldapadd:

```

zulu openldap # ldapadd -x -D "cn=Manager,dc=myhost,dc=org" -W -f ldap.ldif

Enter LDAP Password:

adding new entry "dc=myhost,dc=org"

ldapadd: update failed: dc=myhost,dc=org

ldap_add: Undefined attribute type (17)

        additional info: dn: attribute type undefined

```

ldap.ldiff contents:

```

dn: dc=myhost,dc=org

objectclass: dcObject

objectclass: organization

o: MYHOST

dc: myhost

dn: cn=Manager,dc=myhost,dc=org

objectclass: organizationalRole

cn: Manager

```

From what I can tell it should match everything everyone else in this thread has used and had success; I may just be missing the obvious.. (hopefully someone can point it out.)

Interestingly, I saw one post in this thread about this error I'm seeing in my logfiles:

```

Dec 27 20:03:36 [slapd] SQL engine 'mysql' not supported

Dec 27 20:03:36 [slapd] auxpropfunc error no mechanism available_

```

Suggestion was -mysql in use flags.. I've confirmed this & cleaned/recompiled everything w/ no luck. Unsure at this point if it's related to the ldapp add error.

Any insight is appreciated.

----------

## unused

FYI, found the problem. In the ldap.ldif file each dn must be seperated by a new line. So,

```
dn: dc=myhost,dc=org

objectclass: dcObject

objectclass: organization

o: MYHOST

dc: myhost

dn: cn=Manager,dc=myhost,dc=org

objectclass: organizationalRole

cn: Manager
```

Works beautifully.

----------

## jorgeantonio

Hi Guys!

This week I'm trying to setup the OPENXCHANGE on gentoo but have a problem with ldap. (I am newbee in ldap) 

I'm using http://www.mikefetherston.ca/OX/html/ (HOW-TO) Before OpenLDAP Configuration all without error.

ok look the following case:

My ldap.ldif:

 *Quote:*   

> 
> 
> objectclass: dcObject
> 
> objectclass: organization
> ...

 

My /etc/openldap/slapd.conf  (default + the code added on the HOW-TO)

 *Quote:*   

> 
> 
> # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 k$
> 
> #
> ...

 

My /etc/openldap/ldap.conf

 *Quote:*   

> 
> 
> # $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.9 2000/09/04 19:57:01 kur$
> 
> #
> ...

 

The test and service start was sucessfull ...

 *Quote:*   

> 
> 
>  Test OpenLDAP configuration files:
> 
> foobar ~ # /usr/lib/openldap/slapd -t
> ...

 

But when go to the ...

 *Quote:*   

> 
> 
> # slappasswd -h {CRYPT} -s MYPASSWORD
> 
> # ldapadd x D cn=admin,dc=enlace,dc=net W f ldap.ldif
> ...

 

I receive an error message:

 *Quote:*   

> ldap_bind: Invalid credentials (49)

 

So I dont know what or where is the error or bad config??? Please if any body can help me thanxxxxxx!!!!! a lot  :Wink: 

JORGELast edited by jorgeantonio on Wed Dec 29, 2004 3:10 am; edited 1 time in total

----------

## dashnu

I also just went through the how yet again (third install now) and also get the same results.  I will figure this out tomorrow and post back if someone does not get back to you by then..  Last time I used the howto {Crypt} was not setup.. so I had no issues.

----------

## unused

You definitely need to add a space between your dn in your ldap.ldiff:

You pasted:

```
objectclass: dcObject

objectclass: organization

o: Enlace.net

dc: enlace.net

dn: cn=admin,dc=enlace,dc=net

objectclass: organizationalRole

cn: admin 
```

Needs to be:

```
objectclass: dcObject

objectclass: organization

o: Enlace.net

dc: enlace.net

dn: cn=admin,dc=enlace,dc=net

objectclass: organizationalRole

cn: admin 
```

----------

## dashnu

Both of our issues lie with the {CRYPT} passwd I think.  I can not even log in to insert my ldap.ldif and I really dont think ldap incorporates blank space as anything.  

edit* looking into it you are correct we do need a blank space... my bad

----------

## jorgeantonio

 *unused wrote:*   

> You definitely need to add a space between your dn in your ldap.ldiff:
> 
> You pasted:
> 
> ```
> ...

 

Hi Guys! Thanx

After the space,  /etc/init.d/slapd restart  and now the message is:     :Embarassed: 

 *Quote:*   

> 
> 
>  # ldapadd -x -D "cn=admin,dc=enlace,dc=net" -W -f ldap.ldif
> 
> Enter LDAP Password:
> ...

 

Where can I fix the problem??? I think that the code is like the how to   :Sad: 

----------

## dashnu

same error for me too.... working on it now

----------

## dashnu

Mine was just a typo in my ldiff file.. make sure your dc: matches your dn: dc=mydomain..

It looks like you are forgetting your " dn: dc=ox-domain,dc=tld "  in you ldap.ldif file the first line unless you just are not pasting it.

----------

## dashnu

ok end of the day and everything is ok so far.. All mail / site and webdav stuff set up...

I found the the emerge jdbc3-postgresql throws an error when trying to delete a contact. So once again I downloaded a different version of the jdbc and cp it to the original. I posted this some posts back..

Another thing I found was with no acls creating contacts and things error.. I would at least have them add ...

```
access to *

  by * write
```

just let people know this does exactly what it implies

well i will continue on tomorrow...

ono

oh yea, the package.use file works perfectly.. I would add that to  :Very Happy: 

----------

## jorgeantonio

Hi init-zero!

Thank You for the replies.

Now After all setting when try to create the firs user BOOM!!! Error    :Embarassed: 

The problem now is when:

 *Quote:*   

> /usr/local/open-xchange/sbin/adduser_ox \
> 
> --username=Jorge \
> 
> --passwd=jorge \
> ...

 

Receive:

 *Quote:*   

> Undefined ERROR - LDAP CODE 17
> 
> See LDAP Log for Details!

 

Searching for the error on google I can find it  (http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=01&topic_id=1098254905)

But can't help me because the file structure is different and review the HOW TO (http://www.mikefetherston.ca/OX/html/)

and try chown R ldap:ldap /var/lib/openldap-data/* but nothing.  The Undefined ERROR - LDAP CODE 17 still here, please help!! 

If any body know hot to solve the problem, please let me know.  Gentoo.org forum have not any post for this error. Thank You! and Happy Holidays!

----------

## dashnu

Did you make sure you enabled aci in you ebuild for ldap?

```
foobar openldap # nano -w openldap-2.1.xx-ry.ebuild

 myconf=â$(myconf) --enable-aciâ 
```

Also I am having issues with the encrypted password.

The adduser_ox uses your etc/admintools.conf for many variables. May want to look at that.

In admintools.conf I can not use my encrypted {CRYPT} pass and in saslauthd.conf I can not use my encrypted passwd.. I do not know why but I _must_ store them in plain text.. This I do not like and will look into figuring out why this is the case.

----------

## jorgeantonio

You are right can be the error on that part  because the code to add was in other .ebuild  :Smile:  now can I edit and nothing more at my step on The how to or is needed re-emerge other apps???

ANd in your case if you test with 

 *Quote:*   

> /usr/lib/openldap/slapd -t

  it is sucess ? 

Men I'm newbee here but i know that the ldap authentication is not my issue, so if you want to see any of my files or code let me know.   :Rolling Eyes: 

Thanx!

----------

## dashnu

do a..

```
emerge -p openldap
```

to see what version you are running then edit the ebuild of that version.

yes I can test fine.

----------

## dashnu

changed your post :p   you will need to emerge ldap again after of course.

----------

## jorgeantonio

 :Very Happy:   Sorry!  

Ok emerge ldap but is needed set again all passwords and all the settings following the HOW TO or only emerge ldap and done?

----------

## dashnu

should be able to just emerge ldap again

----------

## dashnu

Another thing to update in the how-to is in the smtp section... You do not need to create a new /etc/sasl2/smtp file just edit the current /etc/sasl2/smtp.conf and add

```
 pwcheck_method: saslauthd

mech_list: LOGIN PLAIN
```

working on ssl will keep ya posted..

Also in the virus section amavisd.conf   if you add a " \ " before the @$mydomain you will not get that error.. 

```
$mailfrom_notify_admin     = "virus-admin\@$mydomain";

$mailfrom_notify_recip     = "virus-admin\@$mydomain";

```

It is defaulted like that i think.

----------

## parnasus

I'm back, guys.

I've checked through the HOWTO as well as the body of this thread and have found no indiciation of what may be happening to my reminders.  Whenever an appointment has a reminder attached, the reminder is never sent.  I've verified the system date is set correctly, as well as the appointment date.

I've done some investigating, and have found if I do not click on ADD on the participant screen, I am not notified of the appointment, even though I'm already assigned.  I realize as the appointment creator, I may not necessarily need to be notified.  But it also makes a good trail of bread crumbs when appointments are made and cancelled, etc.

Is there a CRON job which needs to be running?  A daemon forgotten?  I really haven't a clue.

----------

## bitwh0re

 *parnasus wrote:*   

> I'm back, guys.
> 
> I've checked through the HOWTO as well as the body of this thread and have found no indiciation of what may be happening to my reminders.  Whenever an appointment has a reminder attached, the reminder is never sent.  I've verified the system date is set correctly, as well as the appointment date.
> 
> I've done some investigating, and have found if I do not click on ADD on the participant screen, I am not notified of the appointment, even though I'm already assigned.  I realize as the appointment creator, I may not necessarily need to be notified.  But it also makes a good trail of bread crumbs when appointments are made and cancelled, etc.
> ...

 

I would file this as a reproducable bug at the open-xchange website.

----------

## mxc

Hi all,

I have an exisitng ldap server which keep centralised user info. I use kerberos to handle authentication. The particular version I use is Heimdal which stores teh passwords in ldap.

My question is as follows:

1) Are there any known issue with openxchange and kerberos authentication?

2) When I run the init.d script from openxchange I keep getting prompted for passwords when the scripts tries to su to apache. Its weird as my server attempts to use kerbeos to login but the server itself is setup to use only local account for login. I.e. the client machine use kerberos and the server just uses unix accounts. I am not sure why the su command is attempting to do kerbeos authentication especially since the pam modules tell it only to use unix authentication?

3) I keep getting ldap connection errors when trying to add a user

 *Quote:*   

> ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
> 
> LDAP Success
> 
> SQL Success
> ...

 

Any help appreciated

----------

## steffen79

i have still a little problem... i can't delete anything in the groupware frontend.

i cant delete contacts or files.

I always get if i try to delete a file:

Can't delete file in filestorage.

Can't delete file in filestorage.

Can't delete file in filestorage.

Error while deleting folder from database.

if i try to delete a contact:

The contact wasn't deleted from the database: SQL err in Contact java.sql.SQLException: ERROR: SET AUTOCOMMIT TO OFF is no longer supported

im using these libs in WEB-INF/libs:

activation.jar

comfiretools.jar

intranet.jar

jdom.jar

mail.jar

nas.jar

pg73jdbc3.jar

postgresql.jar -> /usr/share/jdbc3-postgresql-1/lib/pg73jdbc3.jar

servlet-api.jar

webdav.jar

xercesImpl.jar 

are these correct?

----------

## dashnu

 *steffen79 wrote:*   

> 
> 
> The contact wasn't deleted from the database: SQL err in Contact java.sql.SQLException: ERROR: SET AUTOCOMMIT TO OFF is no longer supported
> 
> 

 

That is because of the jdbc connector. In this huge thread I explain how to fix this by downloading a new jdbc jar.. You should be able to find it.

----------

## steffen79

thx. it worked. emerged the masked jdbc driver, compiled ox again und now everythings works! thanks a lot for this great how-to,  too!

----------

## ferp2

Hi everyone,

Although I've installed the top menu icons in /var/www/localhost/htdocs/cfintranet/images/icons/top/EN, I'm still getting the colored squares. Only when I mouse over them do they change to the icons.  I've tried different things, including rebooting but so far nothing works.

Any suggestions on this?

Thanks

----------

## dashnu

clean out you web-browser cache and temp files.....

----------

## ferp2

Thanks, init... should have known better.

I'd also like to make a small contribution with regards to setting up OX. I had some trouble getting past ./adduser_ox ...  which kept on giving me the "inappropriate authentication" message, and thus prevented me from successfully logging into Open-xchange. If you're having a similar problem, this is how I entered the LDAP secretpassword into all the pertinent documents:

Let's say you decide upon a secretpassword of "123551234". 

1. /etc/saslauthd.conf

...

ldap_bind_pw: 123551234

...

2.  slappasswd -h {CRYPT} -s 123551234

{CRYPT}abcXXabcd

3.  /etc/openldap/slapd.conf

...

password-hash {CRYPT}

rootpw abcXXabcd

...

4. /usr/local/open-xchange/etc/admintools.conf

...

# LDAP Admin Passwd

BINDPW="abcXXabcd"

...

Apparently, you don't include the {CRYPT} portion when you insert your encrypted password into admintools.conf. 

Good luck...

----------

## dashnu

good tip. I was wondering about that. I have my passwd stored in plain text and sure as heck didnt like it. I will try to change that in my admintools.. We still need to store it in plain text as far a saslauthd goes  :Sad:  it looks like...

----------

## ferp2

OK, I sent in a post detailing how I got LDAP to work. Everything seemed alright, meaning I was able to successfully login to open-exchange, but that was until I clicked on the email icon and got that familiar "!!!System Error!!!" message. After taking a careful look in my log files, I realized that entering the secretpassword before I encrypted it is WRONG. 

Here's what I wrote:

 *Quote:*   

> Let's say you decide upon a secretpassword of "123551234". 
> 
> 1. /etc/saslauthd.conf
> 
> ...
> ...

 

Here's what I should have written:

 *Quote:*   

> Let's say you decide upon a secretpassword of "123551234". 
> 
> 1. slappasswd -h {CRYPT} -s 123551234
> 
> {CRYPT}abcXXabcd 
> ...

 

If you don't enter the encrypted secretpassword in saslauthd.conf, you will not be able to use the email portion of open-xchange. 

To Mike Fetherston: 

First, thanks for the excellent howto which, as far as I'm concerned, outclasses the other howtos I've seen out there by a long shot. Second, when you get a chance to update your howto, I'd recommend that you put the "slappasswd -h {CRYPT} -s secretpassword" step before entering the secretpassword info into  /etc/saslauthd.conf. The way things are now in your howto, one might get the impression  that you decide upon your secretpassword first when entering it into /etc/saslauthd.conf, and then encrypt it for /etc/slapd.conf and /usr/local/open-xchange/etc/admintools.conf. 

Anyway, that's it.

----------

## dashnu

tls on SMTP

/etc/postfix/main.cf

```
smtpd_use_tls = yes

smtpd_tls_auth_only = yes

smtpd_tls_key_file = /etc/ssl/postfix/server.key

smtpd_tls_cert_file = /etc/ssl/postfix/server.crt

smtpd_tls_CAfile = /etc/ssl/postfix/server.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

```

Posfix now comes with it own certs so creating them is not need anymore. To confirm check /etc/ssl/postfix for server.key server.crt server.pem.

Than do a postfix reload and you should be good to go.

----------

## dashnu

How do we add access to only e-mail and not OX?  I am going to be looking into this if anyone has any ideas let me know.  Our mail setup is authing against a uname and password on ldap but so is OX so I am not even sure if it can be done.

----------

## ferp2

Could someone post their web.xml file with the WebDAV stuff included. I can access http://myserv.dom/servlet/webdav.documents in my browser but I get a 404 if I try http://myserv.dom/servlet/webdav.documents/dir/test.txt.

I read that some other people were having problems. Has any one figured out how to get this working?

----------

## dashnu

your servlet section ..

```
<servlet>

<servlet-name>webdav.documents</servlet-name>

<servlet-class>com.openexchange.webdav.documents</servlet-class>

<display-name>webdav.documents</display-name>

<description>webdav.documents</description>

</servlet>

```

Than your mapping section ..

```
<servlet-mapping>

<servlet-name>webdav.documents</servlet-name>

<url-pattern>/webdav.documents/*</url-pattern>

</servlet-mapping>

</web-app>

```

The "  /*  " is the key

----------

## ferp2

Hi init_zero,

When I originally created the web.xml file, I put in a bunch of tags, allowing open-xchange to be deployed in the Tomcat server container. These original tags were surrounded by these two tags:

 *Quote:*   

> <web-app></web-app>

 

When I originally added the WebDAV stuff to the web.xml file, I added it below the closing </web-app> tag. When I tried to access open-xchange, however, it couldn't find the files, so I took a chance and surround ALL the tags, including the WebDAV tags, with <web-app></web-app>. Now this worked, but to be honest I'm not sure if this is right. That's why I wanted to see a complete web.xml file, so I can see how the original info and the new WebDAV info is put together. By the way I have the correct syntax as in: 

 *Quote:*   

> <url-pattern>/webdav.documents/*</url-pattern>

 

Thanks

----------

## conloos

Hi,

i tried to setup 'init_ldap.ldif' on a openldap-2.1.30-r4 and had several times an error in line 101 (the problem is the line 69: OpenLDAPaci: etc.)

I had to edit my ebuild script (for openldap-2.1.30-r4) and add --enable-aci (e.g. myconf_berkdb='--enable-bdb --with-ldbm-api=berkeley --enable-aci'). 

con

RFM@me: page 5 on the pdf  :Sad: Last edited by conloos on Sat Jan 08, 2005 1:02 am; edited 2 times in total

----------

## dashnu

 *ferp2 wrote:*   

> Hi init_zero,
> 
> When I originally created the web.xml file, I put in a bunch of tags, allowing open-xchange to be deployed in the Tomcat server container. These original tags were surrounded by these two tags:
> 
>  *Quote:*   <web-app></web-app> 
> ...

 

Ahh I see yea that will work but you want one <web-app> at the begining and one at the end.

```
<web-app>

<display-name>Servlet OpenXchange</display-name>

<description>

Servlet OpenXchange 0.7.5

</description>

<servlet>

<servlet-name>intranet</servlet-name>

<servlet-class>intranet</servlet-class>

</servlet>

<servlet>

<servlet-name>webmail</servlet-name>

<servlet-class>webmail</servlet-class>

</servlet>

<servlet-mapping>

<servlet-name>intranet</servlet-name>

<url-pattern>/intranet</url-pattern>

</servlet-mapping>

<servlet-mapping>

<servlet-name>webmail</servlet-name>

<url-pattern>/webmail</url-pattern>

</servlet-mapping>

<servlet>

<servlet-name>webdav.con</servlet-name>

<servlet-class>com.openexchange.webdav.contacts</servlet-class>

<display-name>webdav.con</display-name>

<description>webdav.con</description>

</servlet>

<servlet>

<servlet-name>webdav.calendar</servlet-name>

<servlet-class>com.openexchange.webdav.calendar</servlet-class>

<display-name>webdav.calendar</display-name>

<description>webdav.calendar</description>

</servlet>

<servlet>

<servlet-name>webdav.ical</servlet-name>

<servlet-class>com.openexchange.webdav.ical</servlet-class>

<display-name>webdav.ical</display-name>

<description>webdav.ical</description>

</servlet>

<servlet>

<servlet-name>webdav.documents</servlet-name>

<servlet-class>com.openexchange.webdav.documents</servlet-class>

<display-name>webdav.documents</display-name>

<description>webdav.documents</description>

</servlet>

<servlet-mapping>

<servlet-name>webdav.con</servlet-name>

<url-pattern>/webdav.contacts</url-pattern>

</servlet-mapping>

<servlet-mapping>

<servlet-name>webdav.calendar</servlet-name>

<url-pattern>/webdav.calendar</url-pattern>

</servlet-mapping>

<servlet-mapping>

<servlet-name>webdav.ical</servlet-name>

<url-pattern>/webdav.ical</url-pattern>

</servlet-mapping>

<servlet-mapping>

<servlet-name>webdav.documents</servlet-name>

<url-pattern>/webdav.documents/*</url-pattern>

</servlet-mapping>

</web-app>

```

----------

## ferp2

OK thanks init_zero, that's exactly what I have, so I don't know what the problem is. I'm able to login to open-xchange, click on the "Documents" icon and create/delete both folder and files. Let's say I've created a folder called test1 and a file called test2.txt, as in

 *Quote:*   

> Root/test1/test2.txt

 

Then I use my Firefox browser and enter the following URL:

 *Quote:*   

> http://my.server/servlet/webdav.documents

 

This works and I'm able to see the root folder with the test1 subfolder. When I click on the test1 folder, however, it tells me:

 *Quote:*   

> The requested URL /servlet/webdav.documents/test1/ was not found on this server.

 

So I'm getting this despite the fact that my web.xml file is identical to yours.

I don't know if you or anyone else has run into this problem. I've checked the apache logs but they don't give any revealing information. 

Thanks

----------

## conloos

Hello, 

i have a working istallation for webaccess. 

To share my contacts between (KDE) Kontact and ox i need the webdav functionality, this is in my setup the buggy part: 

If i connect to webdav.ical i get a vcard - ok 

If i connect to webdav.documents i see a slash - ok 

But by connect to webdav.calendar or webdav.contacts i get an error: 

HTTP Status 405 - HTTP method GET is not supported by this URL

my configfiles:

(by http://www.mikefetherston.ca/OX/ ver.015) 

 web.xml 

```

 ---- schanipp ------ 

 <servlet> 

 <servlet-name>webdav.calendar</servlet-name> 

 <servlet-class>com.openexchange.webdav.calendar</servlet-class> 

 <display-name>webdav.calendar</display-name> 

 <description>webdav.calendar</description> 

 </servlet> 

 <servlet-mapping> 

 <servlet-name>webdav.calendar</servlet-name> 

 <url-pattern>/webdav.calendar</url-pattern> 

 </servlet-mapping> 

 ---- schanipp ------ 

```

/etc/conf.d/tomcat5 

```

 ---- schanipp ------ 

 JAVA_OPTS=" -Dopenexchange.propfile=/usr/local/open-xchange/etc/groupware/system.properties 

 ---- schanipp ------ 

```

 workers2.properties 

```

 ---- schanipp ------ 

 [uri:/servlet/webdav.calendar*] 

 worker=ajp13:server.de:8009 

 ---- schanipp ------ 

 
```

i cant see any faults in the log's . 

 My questions: 

 Has anybody a working webdav.* system? 

 Can he/she please post the configurations files? 

 Has anybody an idea to get that error out of my configs? 

 con

----------

## linoob

 *sardiskan wrote:*   

> I tried running the following command to initialize the ldap tree but I got this message.
> 
> ```
> portal root # slapadd -l /usr/local/open-xchange/share/init_ldap.ldif
> 
> ...

 

I'm having the same issue and was wondering if this ever got addressed. Any help appreciated (I've been chewing on this config for about a week).

----------

## ferp2

 *Quote:*   

> portal root # slapadd -l /usr/local/open-xchange/share/init_ldap.ldif
> 
> slapadd: could not add entry dn="ou=OxObjects,dc=informs,dc=com" (line=5): txn_aborted! 
> 
> DB_KEYEXIST: Key/data pair already exists (-30997) 

 

This means you have already performed this step.  If you want to start your LDAP database over from scratch, I would suggest you delete everything in

/var/lib/ldap-data

This may not be the correct path since I'm not running my OX machine at the moment. To see the exact path, take a look in your slapd.conf file. You'll see a reference to the ldap-data directory. Turn the slapd server off before you perform this step.

Best of luck.

----------

## mxc

Hi there,

I have used the ebuild to setup open-xchange. I am at the final stages and just need to login. I notice that the login.pl file is kept under cgi-bin/open-xchange. Thus to login I go to http://localhost/cgi-bin/open-xchange/login.pl The login page comes up. When I try and login though the page tries to post back to http://localhost/cgi-bin/login.pl. Since this file does not exist the login attempt fails.

Have the maintainers of the ebuild adjusted the login.pl script not to look in cgi-bin but cgi-bin/open-xchange? Otherwise how to fix this problem?

----------

## bitwh0re

 *mxc wrote:*   

> Hi there,
> 
> I have used the ebuild to setup open-xchange. I am at the final stages and just need to login. I notice that the login.pl file is kept under cgi-bin/open-xchange. Thus to login I go to http://localhost/cgi-bin/open-xchange/login.pl The login page comes up. When I try and login though the page tries to post back to http://localhost/cgi-bin/login.pl. Since this file does not exist the login attempt fails.
> 
> Have the maintainers of the ebuild adjusted the login.pl script not to look in cgi-bin but cgi-bin/open-xchange? Otherwise how to fix this problem?

 

Move or link open-xchange/login.pl to cgi-bin.  If you want to keep it in that location you'll have to go snooping in some files for the redirection.  A good place to start is both in login.pl and login.pm.

----------

## mxc

thanks I found it in login.pm. Only problem now is that my ldapserver uses tls and insists on it for basic authentication. I have found the spot in the perl code where it creates the ldap connection. I dont know perl that well. In any event there is a method called start_tls(); which one can call after creating the connection to start tls.

I tried adding it but no effect. 

ie,

 *Quote:*   

> 
> 
> $ld = NET:LDAP->new (.....);
> 
> $ld->start_tls();
> ...

 

----------

## dashnu

You may want to post this on the ox-mail-lists.. I too would be very interested in getting this to work..

Also if any one on this post can help me out with this...

https://forums.gentoo.org/viewtopic.php?t=157831

I would be very appreciative.

----------

## dashnu

Ok, I have mastered SSL for postfix and imapd.  I will type up a full howto if you want to add it to your guide bit..  This also includes creating your own certs..  However today I roll out OX and once I see things moving ok I will than type up a doc.. wish me luck  :Very Happy: 

----------

## mxc

I have come to the conclusion it is better to have a seperate ldap server for ox. I manged to get tls to work with the ->start_tls(); method. But then later on the script does an anonymous bind to the ldap server. I have disabled anonymous binds on mine.  I managed to get it to work by hacking the script to bind with an application id.

I now have some problem with the j2k adapter to tomcat. Somewhere in the perl script it gets a response it doesnt expect and the script terminates claiming that it unexpexdly reacht eh end o fthe file.

Oh well I may get it working someday.

----------

## mxc

ok - Does anyone else have this problem.

When I start the open-xchange script either the master one in /etc/init.d or the individial ones in /etc/open-xchange/init.d/groupware etc It says it "start successful" but  I am not sure. 

For exaple starting the master script manually after booting results in success messages being printed out and "su" messages being shown. But at the prompt I can no longer see what I type. i.e. characters are not displayed

If it is started at boot, the script fails claiming there is a syntax error.

If I exceute the script seperately,ie. groupware, webmail and session, at the prompt I am dumped to after execution I cannot see what I am typing. i.e cahracters are not displayed again.

I am not sure if this is a problem with kerberos as the su command result in password prompts which the script seems to handle though.

Anyone else got ideas?

----------

## dashnu

I use the three scripts to start my server openexchange-groupware  openexchange-sessiond  openexchange-webmail .. I have no idea how the ebuild is set up.  I think you are one of the only ones brave enough to trust the e-build.

----------

## mxc

yeah - it seems most people dont like the ebuild. All the init script  does though is call the three scripts you mentioned. 

BTW Here are some tips that others might find useful:

(Warning: I havent got my system working yet so maybe something is wrong with these tips. I dont think so though.  I think my problems are to do with the fact that I run kerberos. I am going to try and install on an non-kerberised server this weekend.

1) How to install the Tomcat Servelt applications.

In the "OX How To"  it has an elaborate section about copy ing files to tomcat directories and editing web.xml files. I dont think this is necessary. You can  just copy the servlet.war file, somewhere in the open-xchange directories, and dump it in the "webapp" directory under tomcat. This is a zipped java web app that tomcat can automatically deploy. I didnt have to edit any web.xml files or copy libraries around. 

2) J2K adapter.

I emerged the j2k adapter in gentoo and edited the files under /etc/apache2/conf/modules.d/ (writing from memory so dir may be wrong but its somewhere under /etc/apache2/conf.) (I prefer to do things the gentoo way when possible.) There are files in this dir for each apache module and one can edit the contents there to config each module. The defaults where ok if I remember correctly. All I needed to do apart from editing this file to add the "intranet" application, was to edit the file /etc/conf/apache and add the "-D j2k" parameter to the options list. This ensures the module is loaded at startup. No need to edit the /etc/apach2/conf/apache2.conf file.

 3) Sasl and saslauthd

I didnt find it necessary to edit all that stuff for sasl authentication. I just used the exisitng authentication mechanism/pam config. Basically sasl is optional for the installation. i already had a working cyrus-imap installation which uses a different authentication setup. i.e. kerberos. 

HTH someone

----------

## bitwh0re

 *init-zero wrote:*   

> Ok, I have mastered SSL for postfix and imapd.  I will type up a full howto if you want to add it to your guide bit..  This also includes creating your own certs..  However today I roll out OX and once I see things moving ok I will than type up a doc.. wish me luck 

 

Yes, of course!  Write it up and I'll include it.

----------

## bitwh0re

 *mxc wrote:*   

> yeah - it seems most people dont like the ebuild. All the init script  does though is call the three scripts you mentioned. 
> 
> BTW Here are some tips that others might find useful:
> 
> (Warning: I havent got my system working yet so maybe something is wrong with these tips. I dont think so though.  I think my problems are to do with the fact that I run kerberos. I am going to try and install on an non-kerberised server this weekend.
> ...

 

1.  I wrote those instructions based on what the OX INSTALL and other HOWTO's said to do.  It was successful so I kept it the same.  I'll try your method and see how that goes.

2.  The jk2 ebuild was released December 11, 2004.  Much after I wrote the HOWTO.  Now that I know it's there that will be added to the HOWTO.  when the ebuild makes it to X86 (from ~X86) it will become *the* way to do it in the HOWTO.

3.  From what I understand OX uses SASL to communicate with all of the other backed daemons (SMTP, LDAP, IMAP).  If you've gotten it to work differenly, great!  That's what this is all about.  If you want to submit some instructions to get it working differently, it would greatly be appreciated.  The more situations that this HOWTO can cover, the better I think it will be.  In fact, I'd eventually like to add some instructions for getting this going with other software such as Courier.

Thanks for your input MXC, and to the rest who have either helped in this forum topic or even asked questions!

----------

## mxc

Hi bitwhore,

I hope that I can help. But currently I am having some problems of my own. As promised I have moved my ox installation to a none kerberised server and am getting the exact same error as on the kerberised box.

Below is a copy of my post on the open-xchange forums

=====================================

I cannot log into openxchange. When I log in the web server processes for a while and then comes back with a internal server error (500). I have had a look at the apache error_log file and the reference I find is as such

"cannot build up socket! referer: http://webserver/cgi-bin/login.pl"

"ERRNO=<No such file or directory> in getSocket Cannot find file Can not connect do SessionD -referer: http://webserver/cgi-bin/login.pl"

"..premature end of script"

I have no idea where to go to try and fix this. All I can gather is that there is something wrong with connecting to the session daemon?

=========================================

I have found several references to this problem elsewhere but no solution. There is nothing under /var/log/open-xchange/ all the logs are empty  :Sad: 

----------

## mxc

ok -  I managed to get past the "500 internal error" message. I had to change the $connection_mode paramter in the loign.pm from 2, which is ssl, to 1 which is unix sockets. I want to use ssl in the long run so will look at getting that sorted out later. Its probably got to do with certificates.

***** EDIT I had to change it to 3 and recompile open-xchange without ssl support. It seems the docs for ssl support are really thin on the ground.

But now, after logging in, I just get "No running server found" from tomcat. I have checked tomcats log and apaches and there is nothing in them. I have also check the sessiond.log etc but it seems that no info is being writtent to these files.

Two questions that may help me solve this problem: 

1) How do I get OX to write to the log files?

2) When I run the init scripts either individually or from the master script I prints out messages saying "done" However if I ask for a status it just says "[unused]" and if I restart then it says "failed" when attempting to stop the scripts and goes on to claim they have been started successfully.

********

EDIT : I had to emerge sudo and then edit the script files groupware and webmail etc to use the sudo command instead of the su command. 

Thanks

----------

## mxc

Now I can login ------ but I dont get any images  :Sad:  I checked the usr_general_rights table and all is fine there.

Dont know why it wont load the images  :Sad: 

Sheesh -- open-xchange really likes to make everything a mission!

----------

## mxc

TIP: If you installed using the ebuild save yourself a lot of trouble and move the directory "cfIntranet" from "/var/www/localhost/htdocs/open-xchange/open-xchange" to the root of your apache server document path.

ie "/var/www/localhost/htdocs/"

----------

## killercow

I managed to add more users to ox after using the encrypted passwords in various config files.

i now try to add more mailboxes (altough i still get the well known system error), but cyrus gives me the following error:

lan> cm user.myseconduser

createmailbox: Permission denied

(lan is my domain used on the entire install)

I tried to use cyrus@localhost as an admin in /etc/smtpd.conf but that didn't help.

Does anyone know how to get this working, and does anyone know how to get rid of this evil system error message when connecting to the webmail?

I get the following errors in the logfile:

```

Jan 20 17:18:53 sambadev imap[9760]: login: lan [10.0.0.150] cyrus DIGEST-MD5 User logged in

Jan 20 17:20:01 sambadev /usr/sbin/cron[9767]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )

Jan 20 17:20:06 sambadev imap[9760]: accepted connection

Jan 20 17:20:06 sambadev saslauthd[8949]: ldap_simple_bind() failed 81 (Can't contact LDAP server).

Jan 20 17:20:06 sambadev saslauthd[8949]: Retrying authentication

Jan 20 17:20:06 sambadev saslauthd[8949]: ldap_simple_bind() failed 81 (Can't contact LDAP server).

Jan 20 17:20:06 sambadev saslauthd[8949]: Authentication failed for j.klopper: Retry condition (ldap server connection reset or broken) (-3)

Jan 20 17:20:06 sambadev saslauthd[8949]: do_auth         : auth failure: [user=j.klopper] [service=imap] [realm=] [mech=ldap] [reason=Unknown]

Jan 20 17:20:06 sambadev imap[9760]: badlogin: localhost [127.0.0.1] plaintext j.klopper SASL(-13): authentication failure: checkpass failed

Jan 20 17:21:09 sambadev master[9719]: process 9760 exited, status 0

Jan 20 17:25:09 sambadev master[9781]: about to exec /usr/lib/cyrus/imapd

Jan 20 17:25:09 sambadev imap[9781]: executed

Jan 20 17:25:09 sambadev imap[9781]: SQL engine 'mysql' not supported

Jan 20 17:25:09 sambadev imap[9781]: auxpropfunc error no mechanism available

Jan 20 17:25:09 sambadev imap[9781]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Jan 20 17:25:09 sambadev imap[9781]: accepted connection

Jan 20 17:25:09 sambadev saslauthd[8950]: ldap_simple_bind() failed 81 (Can't contact LDAP server).

Jan 20 17:25:09 sambadev saslauthd[8950]: Retrying authentication

Jan 20 17:25:09 sambadev saslauthd[8950]: ldap_simple_bind() failed 81 (Can't contact LDAP server).

Jan 20 17:25:09 sambadev saslauthd[8950]: Authentication failed for j.klopper: Retry condition (ldap server connection reset or broken) (-3)

Jan 20 17:25:09 sambadev saslauthd[8950]: do_auth         : auth failure: [user=j.klopper] [service=imap] [realm=] [mech=ldap] [reason=Unknown]

Jan 20 17:25:09 sambadev imap[9781]: badlogin: localhost [127.0.0.1] plaintext j.klopper SASL(-13): authentication failure: checkpass failed

```

sambadev is the hostname, 

j.klopper is the user logged in to OX and polling the mailserver for the mail indicator on the frontpage.

The cyrus connects are from me trying to create new users.

Any takers?

update:

This is the error i get when refreshing the portal page:

```

Jan 21 12:42 sambadev openexchange: ERROR: PORTAL: uid=myuser: imap=localhost: Error while checking mails: javax.mail.AuthenticationFailedException: Login failed: authentication f         ailure

```

Could it be possbiel cyrus can't find sals? or saslcan't find the ldap server?

whe trying to telnet to the imap server i get a connection but i can't login.

----------

## kowal

OX Gentoo HOWTO specifies to modify ldap ebuild by adding code with round brackets

```
myconf=$(myconf) --enable-aci
```

I think it should be curley bracket as below

```
myconf=${myconf} --enable-aci
```

Emerging ldap with round brackets brings up error right at the beginning

```
/usr/lib/portage/bin/ebuild.sh: line 1: myconf: command not found
```

----------

## roRisc

I chmod'ed 755

```
Forbidden

You don't have permission to access /open-xchange/ on this server.

Apache/2.0.52 (Gentoo/Linux) Server at localhost Port 80

```

how do I actually use openXchange?

I followed the gentoo-wiki howto, as the pdf is not available anymore...

Thanks

----------

## bitwh0re

 *roRisc wrote:*   

> I chmod'ed 755
> 
> ```
> Forbidden
> 
> ...

 

The PDF and HTML HOWTO are both available here:

http://www.mikefetherston.ca/OX/

I would suggest moving all files in open-xchange to the htdocs root directory.  You access your server by going to http://<hostname>/cgi-bin/login.pl

kowal:  thanks for catching that!  I'll be sure to have that changed on my next edit.

----------

## bitwh0re

An interesting read outlining the (near) future of OX/SLOX (soon to be NOX):

http://mirror.open-xchange.org/ox/EN/downloads/NetlineWP-OXfuture.pdf

Looks like March '05 is the release date for OX 0.8.  The first "stable" release of OX.

----------

## killercow

Could anyone please give me a clue where to look?

I've had this problem for a few weeks now but i can't find how to solve this.

please please please! i really want to use OX for real now! but i can't let my co-workers use it while i have these errors. anyone, i would be very gratefull.

----------

## dashnu

 *killercow wrote:*   

> Could anyone please give me a clue where to look?
> 
> I've had this problem for a few weeks now but i can't find how to solve this.
> 
> please please please! i really want to use OX for real now! but i can't let my co-workers use it while i have these errors. anyone, i would be very gratefull.

 

Make sure your imapd.conf has 

```
admins:                 cyrus

```

than do a

```
saslpasswd2 -c cyrus 

cyradm -user cyrus <your-domain>   (not hostname just your domain)
```

I have found times when i need to add the saslpasswd2 again for some strange reason.. The cyrus user is the only user that auths against saslpasswd and not ldap.. cyadm must look only at saslpasswd.

Try that then try to add a user.

----------

## killercow

Adding the user did work when i followed the guide, but now it doesn;t anymore.

i tried chaning the cyrus password to some other values, and i was able to login like before, but as soon as i try and add a mailbox (cm user.myuser)

it says permission denied.

[update!!]

Adding a user with only on . works fine tough,

I named my OX users with a dot in their username. (as in) j.klopper

But cyrus only accepts user.jklopper as a username.

Is there a workaround for this? besided changing the ox user names?

----------

## janh

This did the trick for me (when you look at the dates I have looked on and off at this problem for a long time now):

```

emerge --unmerge cyrus-sasl

USE="ldap" emerge cyrus-sasl > testemerge

saslauthd -v

saslauthd 2.1.20

authentication mechanisms: getpwent rimap shadow ldap

```

Have never surfed google more than this time,

the issue is that sometimes autoconf does not pick-up the ldap option during the configuration stage.  

But apparently explicitly saying ldap needs to be used does the trick.

----------

## playworker

Hello again,

Just a quick note and a question  :Very Happy: 

bitwh0re:  You mention in the HowTo (pdf v0.15) that you had to change the user passwords in LDAP to plain-text otherwise you couldn't log in to the web interface - this is a problem with the LDAP ACLs that are in the HowTo, not figured out how to fix this yet but I thought I would point it out  :Smile: 

Question now:

I too have the issue with webdav.documents where I can see documents / folders in the root but when I try to access them I get a message from Apache telling me that the document cannot be found on the server - I do have the /* after documents in the config file...  Anyone any ideas?

Many thanks for any help,

Matt

----------

## kblack

How do we know when to use the FQDN of the server or just the domain name. In the how-to you add the server FQDN and the domain name to /etc/hosts. But there is minimal refrences to the FQDN of the server. I have my own DNS server so the only thing I have in /etc/hosts in 127.0.0.1 localhost. In some of the configs you only enter the domain for the hostname which works becasue of the host file. Can someone help me determin where the FQDN should be specified and where the domain is necessary?

Thank You

BTW: Great how-to

----------

## bitwh0re

 *kblack wrote:*   

> How do we know when to use the FQDN of the server or just the domain name. In the how-to you add the server FQDN and the domain name to /etc/hosts. But there is minimal refrences to the FQDN of the server. I have my own DNS server so the only thing I have in /etc/hosts in 127.0.0.1 localhost. In some of the configs you only enter the domain for the hostname which works becasue of the host file. Can someone help me determin where the FQDN should be specified and where the domain is necessary?
> 
> Thank You
> 
> BTW: Great how-to

 

If you do a CTRL-F for 'ox-domain.tld' you'll see where all the references are.  The Postfix config and the LDAP config especially is where you'll catch most.  This is in reference to the PDF, the HTML doesn't have some of the extras (i.e. init_ldap.ldif) that the PDF currently has.

playworker:  Yes, I did mention that mostly as a note to myself or others that experience similar problems when following the instructions.  That note was not meant to be taken as something to follow.  After a few more installs I've never experienced that problem again, and you'll probably see that note dropped from the HOWTO.

----------

## bitwh0re

WRT WebDAV issues:

http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=02&topic_id=1107268283

----------

## playworker

Hmmm, interesting that you've not had that problem again - wonder if this could be an issue upgrading from 0.7.4 to 0.7.5?  Still can't get the LDAP ACLs working properly and the iCal is still read-only  :Sad: 

----------

## dashnu

http:://username:passwd@ox.yourdomain.com/servlet/webdav.ical

That will allow you to view ONLY view your online cal from evolution..  Pretty cool though.

----------

## lxnay

Hi guys,

I've a huge problem and a lot of headache.

if I do:

```
/usr/local/open-xchange/sbin/adduser_ox --username="fabio" --passwd="12345" --name="Fabio" --sname="Erculiani" --maildomain="lxnaydesign.local" --ox_timezone="Europe/Rome"

```

I get:

```
ldap_bind: Inappropriate authentication (48)

[color=green][b]LDAP Success[/b][/color]

[color=green][b]SQL Success[/b][/color]
```

Please help me!

That's my /etc/openldap/slapd.conf:

```
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include   /etc/openldap/schema/core.schema

include /etc/openldap/schema/cosine.schema

include /etc/openldap/schema/inetorgperson.schema

include /etc/openldap/schema/openldap.schema

include /etc/openldap/schema/misc.schema

include /etc/openldap/schema/nis.schema

include /etc/openldap/schema/openxchange.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral   ldap://root.openldap.org

pidfile      /var/run/openldap/slapd.pid

argsfile   /var/run/openldap/slapd.args

# Load dynamic backend modules:

# modulepath   /usr/lib/openldap/openldap

# moduleload   back_bdb.la

# moduleload   back_ldap.la

# moduleload   back_ldbm.la

# moduleload   back_passwd.la

# moduleload   back_shell.la

# Sample security restrictions

#   Require integrity protection (prevent hijacking)

#   Require 112-bit (3DES or better) encryption for updates

#   Require 63-bit encryption for simple bind

# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:

#   Root DSE: allow anyone to read it

#   Subschema (sub)entry DSE: allow anyone to read it

#   Other DSEs:

#      Allow self write access

#      Allow authenticated users read access

#      Allow anonymous users to authenticate

#   Directives needed to implement policy:

# access to dn.base="" by * read

# access to dn.base="cn=Subschema" by * read

# access to *

#   by self write

#   by users read

#   by anonymous auth

#

# if no access controls are present, the default policy is:

#   Allow read by all

#

# rootdn can always write!

allow bind_v2

#######################################################################

# ldbm database definitions

#######################################################################

database   bdb

checkpoint   32   30 # <kbyte> <min>

suffix      "dc=lxnaydesign,dc=local"

rootdn      "cn=Manager,dc=lxnaydesign,dc=local"

# Cleartext passwords, especially for the rootdn, should

# be avoid.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

password-hash {CRYPT}

rootpw {CRYPT}gORa9G.0gsCy.

# The database directory MUST exist prior to running slapd AND 

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory   /var/lib/openldap-data

# Indices to maintain

#index   objectClass   pres,eq

#index   gidNumber,memberUid eq

index    uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub

```

my imapd.conf:

```
# $Header: /var/cvsroot/gentoo-x86/net-mail/cyrus-imapd/files/imapd.conf,v 1.5 2004/08/27 06:02:45 langthang Exp $

# Don't forget to use chattr +S (if you are using ext[23]) 

# when you change these directories (read the docs).

configdirectory:   /var/imap

partition-default:   /var/spool/imap

sievedir:      /var/imap/sieve

tls_ca_path:            /etc/ssl/certs

tls_cert_file:      /etc/ssl/cyrus/server.crt

tls_key_file:      /etc/ssl/cyrus/server.key

# Don't use an everyday user as admin.

admins:         cyrus

hashimapspool:      yes

allowanonymouslogin:   no

allowplaintext:      yes

# Allow renaming of top-level mailboxes.

#allowusermoves:         yes

# Use this if sieve-scripts could be in ~user/.sieve.

#sieveusehomedir:   yes

# Use saslauthd if you want to use pam for imap.

# But be warned: login with DIGEST-MD5 or CRAM-MD5 

# is not possible using pam.

sasl_pwcheck_method:   saslauthd

####################################################

## This is a recommended authentication method if you

## emerge cyrus-sasl with 'postgres' or 'mysql'

## To use with mysql database uncomment those lines below.

#sasl_pwcheck_method: auxprop

#sasl_auxprop_plugin: sql

## possible values for sasl_auxprop_plugin 'mysql', 'pgsql', 'sqlite'.

#sasl_sql_engine: mysql

## all possible values.

sasl_mech_list: LOGIN PLAIN CRAM-MD5 DIGEST-MD5 NTLM

## or limit to CRAM-MD5 only

#sasl_mech_list: CRAM-MD5

## change below to suit your setup.

sasl_sql_user: open-xchange

sasl_sql_passwd: oxen

sasl_sql_database: openexchange

sasl_sql_hostnames: localhost

sasl_sql_select: SELECT clear FROM users WHERE email = '%u@%r'

```

my smtpd.conf

```
# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.2 2004/07/18 03:26:56 dragonheart Exp $

pwcheck_method: saslauthd

mech_list: LOGIN PLAIN
```

my admintools.conf

```
#!/bin/sh

#

# (c) 2004-2100 ;)

# Author: cutmasta AT netline-is D0T de

# 

# OX-SCRIPTS - CONFIGURATION PARAMETER :)

#

############## GENERAL CONFIG STUFF ###############

# Your Company Name 

# To which Organisation new User belong!

ORGA="lxnaydEsigN"

# OXBASE 

OXBASE=`grep -v '^#' /usr/local/open-xchange/etc/groupware/ldap.conf | grep -i BASE | head -n 1 | awk {'print $2'}`

# LDAP Server

LDAPHOST=`grep -v '^#' /usr/local/open-xchange/etc/groupware/ldap.conf | grep -i HOST | head -n 1 | awk {'print $2'}`

# LDAP Admin 

BINDDN="cn=Manager,dc=lxnaydesign,dc=local"

# LDAP Admin Passwd

BINDPW="gORa9G.0gsCy."

# OX LDAP Leaf, where is the "OxObjects" leaf?

OX_LEAF="ou=OxObjects,$OXBASE"

# Default Language

DEFAULT_PREF_LANG="EN"

# Default mail is enabled

DEFAULT_MAIL_ENAB="OK"

# Default the user can send mail to the internet

DEFAULT_INET_MAIL="TRUE"

# Default days of displaying appointments

DEFAULT_OX_APP_DAYS=5

# Default days of displaying tasks

DEFAULT_OX_TASK_DAYS=5

# default the user can write in the global adressbook

DEFAULT_WRITE_GLOBAL_ADDR="TRUE"

# The used Tools - should work on most Systems!

LDAPADD_BIN="ldapadd "

LDAPDELETE_BIN="ldapdelete "

LDAPMODIFY_BIN="ldapmodify "

LDAPSEARCH_BIN="ldapsearch "

GREP_BIN="grep"

SED_BIN="sed"

EXPR_BIN="expr"

SORT_BIN="sort"

HEAD_BIN="head"

AWK_BIN="awk"

SQL_BIN="psql"

##################################################

#################### SQL Stuff #####################

DEFAULT_SQL_HOST="localhost"

DEFAULT_SQL_DB="openexchange"

DEFAULT_SQL_USER="open-xchange"

DEFAULT_SQL_PASS="oxen"

# Default Table where we store the Rights

RIGHTS_TABLE="usr_general_rights"

# Default Template Table where the template is stored!

TEMPLATE_TABLE="sys_gen_rights_template"

# Default Template for creating Users.

# Must exist in the DB

DEFAULT_TEMPLATE_NAME="default_template"

####################################################

####################### LDAP #######################

# Where are the OX Users

USER_BASEDN="ou=Users,$OX_LEAF"

# Where are the OX Groups

GROUP_BASEDN="ou=Groups,$OX_LEAF"

# Where are the OX Resources

RESOURCES_BASEDN="ou=Resources,ou=ResourceObjects,$OX_LEAF"

# Where are the OX Resource Groups

RESOURCE_GROUPS_BASEDN="ou=ResourceGroups,ou=ResourceObjects,$OX_LEAF" 

# Where is the Global Adressbook

GLOBAL_ADDRESSBOOKDN="o=AddressBook,$OX_LEAF"                            

# where are the adressbook admins

GLOBAL_ADDRESSBOOK_ADMINSDN="cn=AddressAdmins,$GLOBAL_ADDRESSBOOKDN" 

# TEMPORARY FILE

TMPDIF="/usr/local/open-xchange/var/temporary_ldap_scripts.ldif"

####################################################

####################################################

HOME_DIR="/home/"

DEFAULT_USR_SHELL="/bin/bash"

SHADOW_EXPIRE=0

SHADOW_MIN=0

SHADOW_MAX=9999

SHADOW_WARN=7

STD_GID=500

MIN_UID=501

MIN_GID=500

####################################################

```

If I login to open-xchange I get:

```
Feb  3 20:00:32 mars slapd[7740]: conn=23 fd=11 ACCEPT from IP=127.0.0.1:60155 (IP=0.0.0.0:389)

Feb  3 20:00:32 mars slapd[7740]: conn=23 op=0 BIND dn="" method=128

Feb  3 20:00:32 mars slapd[7740]: conn=23 op=0 RESULT tag=97 err=0 text=

Feb  3 20:00:32 mars slapd[7740]: conn=23 op=1 SRCH base="ou=Users,ou=OxObjects,dc=lxnaydesign,dc=local" scope=1 filter="(&(uid=fabio)(objectClass=OXUserObject))"

Feb  3 20:00:32 mars slapd[7740]: conn=23 op=1 SRCH attr=dn

Feb  3 20:00:32 mars slapd[7740]: conn=23 op=1 RESULT tag=101 err=32 text=

Feb  3 20:00:33 mars slapd[7740]: conn=23 op=2 UNBIND

Feb  3 20:00:33 mars slapd[7740]: conn=23 fd=11 closed

```

and it tells me "Authentication failed"

----------

## dashnu

One thing to note is that the CRYPT password does not work for me in admintools.conf. Take that out and put in your plain text password. Just to test.. If that is your issues you can go from there. I think someone posted how to fix that in this thread.

In you slapd.conf I noticed a few things.. try to uncomment out these two lines.

```
#index   objectClass   pres,eq

#index   gidNumber,memberUid eq 
```

restart ldap.

Lets see what that does for us.

----------

## lxnay

thank you init-zero I've done what you told me but,

now I'm getting:

```
/usr/local/open-xchange/sbin/adduser_ox --username="lxnay" --passwd="lxnay" --name="lxnay" --sname="Erculiani" --maildomain="lxnaydesign.local" --ox_timezone="Europe/Rome"

Undefined ERROR - LDAP CODE implementation specific

See LDAP Log for Details!
```

and /var/log/messages says:

```
Feb  3 20:54:10 mars slapd[20299]: conn=12 fd=9 ACCEPT from IP=127.0.0.1:33228 (IP=0.0.0.0:389)

Feb  3 20:54:10 mars slapd[20299]: conn=12 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128

Feb  3 20:54:10 mars slapd[20299]: conn=12 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" mech=SIMPLE ssf=0

Feb  3 20:54:10 mars slapd[20299]: conn=12 op=0 RESULT tag=97 err=0 text=

Feb  3 20:54:10 mars slapd[20299]: conn=12 op=1 SRCH base="ou=Users,ou=OxObjects,dc=lxnaydesign,dc=local" scope=2 filter="(uid=*)"

Feb  3 20:54:10 mars slapd[20299]: conn=12 op=1 SRCH attr=uidNumber

Feb  3 20:54:10 mars slapd[20299]: bdb_db_cache: db_open(uid) failed: Permission denied (13)

Feb  3 20:54:10 mars slapd[20299]: conn=12 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=

Feb  3 20:54:10 mars slapd[20299]: conn=12 op=2 UNBIND

Feb  3 20:54:10 mars slapd[20299]: conn=12 fd=9 closed

Feb  3 20:54:10 mars slapd[20299]: conn=13 fd=9 ACCEPT from IP=127.0.0.1:33229 (IP=0.0.0.0:389)

Feb  3 20:54:10 mars slapd[20299]: conn=13 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128

Feb  3 20:54:10 mars slapd[20299]: conn=13 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" mech=SIMPLE ssf=0

Feb  3 20:54:10 mars slapd[20299]: conn=13 op=0 RESULT tag=97 err=0 text=

Feb  3 20:54:10 mars slapd[20299]: conn=13 op=1 ADD dn="uid=lxnay,ou=Users,ou=OxObjects,dc=lxnaydesign,dc=local"

Feb  3 20:54:10 mars slapd[20299]: bdb_db_cache: db_open(uid) failed: Permission denied (13)

Feb  3 20:54:10 mars slapd[20299]: bdb_index_read: Could not open DB uid

Feb  3 20:54:10 mars slapd[20299]: conn=13 op=1 RESULT tag=105 err=80 text=index generation failed

Feb  3 20:54:10 mars slapd[20299]: conn=13 op=1 RESULT tag=105 err=80 text=index generation failed

Feb  3 20:54:10 mars slapd[20299]: conn=14 fd=12 ACCEPT from IP=127.0.0.1:33230 (IP=0.0.0.0:389)

Feb  3 20:54:10 mars slapd[20299]: conn=13 op=2 UNBIND

Feb  3 20:54:10 mars slapd[20299]: conn=13 fd=9 closed

Feb  3 20:54:10 mars slapd[20299]: conn=14 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128

Feb  3 20:54:10 mars slapd[20299]: conn=14 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" mech=SIMPLE ssf=0

Feb  3 20:54:10 mars slapd[20299]: conn=14 op=0 RESULT tag=97 err=0 text=

Feb  3 20:54:10 mars slapd[20299]: conn=14 op=1 ADD dn="ou=addr,uid=lxnay,ou=Users,ou=OxObjects,dc=lxnaydesign,dc=local"

Feb  3 20:54:10 mars slapd[20299]: conn=14 op=1 RESULT tag=105 err=32 text=

Feb  3 20:54:10 mars slapd[20299]: conn=14 op=1 RESULT tag=105 err=32 text=

Feb  3 20:54:10 mars slapd[20299]: conn=15 fd=9 ACCEPT from IP=127.0.0.1:33231 (IP=0.0.0.0:389)

Feb  3 20:54:10 mars slapd[20299]: conn=14 op=2 UNBIND

Feb  3 20:54:10 mars slapd[20299]: conn=14 fd=12 closed

Feb  3 20:54:10 mars slapd[20299]: conn=15 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128

Feb  3 20:54:10 mars slapd[20299]: conn=15 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" mech=SIMPLE ssf=0

Feb  3 20:54:10 mars slapd[20299]: conn=15 op=0 RESULT tag=97 err=0 text=

Feb  3 20:54:10 mars slapd[20299]: conn=15 op=1 MOD dn="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=lxnaydesign,dc=local"

Feb  3 20:54:10 mars slapd[20299]: conn=15 op=1 MOD attr=member

Feb  3 20:54:10 mars slapd[20299]: conn=15 op=1 RESULT tag=103 err=20 text=modify/add: member: value #0 already exists

Feb  3 20:54:10 mars slapd[20299]: conn=15 op=1 RESULT tag=103 err=20 text=modify/add: member: value #0 already exists

Feb  3 20:54:10 mars slapd[20299]: conn=15 op=2 UNBIND

Feb  3 20:54:10 mars slapd[20299]: conn=15 fd=9 closed

```

----------

## dashnu

1) you can try to create a brand new user

2) or tey to delete that user and create it again. Looks like some of the info got into the tree

----------

## kblack

 *bitwh0re wrote:*   

>  *kblack wrote:*   How do we know when to use the FQDN of the server or just the domain name. In the how-to you add the server FQDN and the domain name to /etc/hosts. But there is minimal refrences to the FQDN of the server. I have my own DNS server so the only thing I have in /etc/hosts in 127.0.0.1 localhost. In some of the configs you only enter the domain for the hostname which works becasue of the host file. Can someone help me determin where the FQDN should be specified and where the domain is necessary?
> 
> Thank You
> 
> BTW: Great how-to 
> ...

 

Here is what I am talking about

in /etc/postfix/main.cf

ldap_source_host = ox-domain.tld

shouldn't it be

ldap_source_host = foobar.ox-domain.tld

The way you have it set up is fine because of /etc/hosts having the entry for ox-domain.tld and foobar.ox-domain.tld. There are other configs that I have questions about as well. This is great except for people that have there own DNS serers and don't need a host file.

----------

## bitwh0re

 *kblack wrote:*   

>  *bitwh0re wrote:*    *kblack wrote:*   How do we know when to use the FQDN of the server or just the domain name. In the how-to you add the server FQDN and the domain name to /etc/hosts. But there is minimal refrences to the FQDN of the server. I have my own DNS server so the only thing I have in /etc/hosts in 127.0.0.1 localhost. In some of the configs you only enter the domain for the hostname which works becasue of the host file. Can someone help me determin where the FQDN should be specified and where the domain is necessary?
> 
>  
> 
> If you do a CTRL-F for 'ox-domain.tld' you'll see where all the references are.  The Postfix config and the LDAP config especially is where you'll catch most.  This is in reference to the PDF, the HTML doesn't have some of the extras (i.e. init_ldap.ldif) that the PDF currently has.
> ...

 

Well, the HOWTO was written without a DNS server so that explains the HOSTS file "hack".  If you're doing DNS I would assume that you could add your OX server to the BIND (or whatever flavour you use) database instead of using HOSTS.   I bet either way that LDAP config will work.  The HOWTO was written with the idea in mind that this would be the only machine associated with that domain name.  I realize that this may not be the case for everyone but making the switch shouldn't be relatively easy.

----------

## bitwh0re

 *playworker wrote:*   

> Hmmm, interesting that you've not had that problem again - wonder if this could be an issue upgrading from 0.7.4 to 0.7.5?  Still can't get the LDAP ACLs working properly and the iCal is still read-only 

 

Each time I write a new HOWTO version I start from a completely fresh Gentoo installation.  Sometimes upgrading can introduce errors or allow me to skip steps that need to be covered/corrected.  I think the LDAP issue was just a problem of my own fault.  I played with that particular installation for a few days and it ended up "correcting itself".  :Smile: 

----------

## lxnay

I've solved partially, e-mail doesn't work yet but groupware works good, I had to put a clear password in admintools.conf, and this is quite unhappy.

For the mail problem, that's the log, anyone can help me?

```

Feb  4 00:49:20 mars imap[25172]: accepted connection

Feb  4 00:49:20 mars imap[25172]: sql plugin Parse the username lxnay

Feb  4 00:49:20 mars imap[25172]: sql plugin try and connect to a host

Feb  4 00:49:20 mars imap[25172]: sql plugin trying to open db 'openexchange' on host 'localhost'

Feb  4 00:49:20 mars imap[25172]: sql plugin could not connect to host localhost

Feb  4 00:49:20 mars imap[25172]: sql plugin couldn't connect to any host

Feb  4 00:49:20 mars imap[25172]: sql plugin Parse the username lxnay

Feb  4 00:49:20 mars imap[25172]: sql plugin try and connect to a host

Feb  4 00:49:20 mars imap[25172]: sql plugin trying to open db 'openexchange' on host 'localhost'

Feb  4 00:49:20 mars imap[25172]: sql plugin could not connect to host localhost

Feb  4 00:49:20 mars imap[25172]: sql plugin couldn't connect to any host

Feb  4 00:49:20 mars slapd[24781]: conn=27 fd=24 ACCEPT from IP=127.0.0.1:34171 (IP=0.0.0.0:389)

Feb  4 00:49:20 mars slapd[24781]: conn=27 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128

Feb  4 00:49:20 mars slapd[24781]: conn=27 op=0 RESULT tag=97 err=48 text=

Feb  4 00:49:20 mars saslauthd[6780]: ldap_simple_bind() failed 48 (Inappropriate authentication).

Feb  4 00:49:20 mars saslauthd[6780]: Retrying authentication

Feb  4 00:49:20 mars slapd[24781]: conn=28 fd=25 ACCEPT from IP=127.0.0.1:34172 (IP=0.0.0.0:389)

Feb  4 00:49:20 mars slapd[24781]: conn=27 op=1 UNBIND

Feb  4 00:49:20 mars slapd[24781]: conn=27 fd=24 closed

Feb  4 00:49:20 mars slapd[24781]: conn=28 op=0 BIND dn="cn=Manager,dc=lxnaydesign,dc=local" method=128

Feb  4 00:49:20 mars slapd[24781]: conn=28 op=0 RESULT tag=97 err=48 text=

Feb  4 00:49:20 mars saslauthd[6780]: ldap_simple_bind() failed 48 (Inappropriate authentication).

Feb  4 00:49:20 mars saslauthd[6780]: Authentication failed for lxnay: Retry condition (ldap server connection reset or broken) (-3)

Feb  4 00:49:20 mars saslauthd[6780]: do_auth         : auth failure: [user=lxnay] [service=imap] [realm=] [mech=ldap] [reason=Unknown]

Feb  4 00:49:20 mars imap[25172]: badlogin: localhost [127.0.0.1] plaintext lxnay SASL(-13): authentication failure: checkpass failed

Feb  4 00:49:21 mars slapd[24781]: conn=25 op=4 BIND anonymous mech=implicit ssf=0

Feb  4 00:49:21 mars slapd[24781]: conn=25 op=4 BIND dn="" method=128

Feb  4 00:49:21 mars slapd[24781]: conn=25 op=4 RESULT tag=97 err=0 text=

Feb  4 00:49:21 mars slapd[24781]: conn=26 op=8 BIND anonymous mech=implicit ssf=0

Feb  4 00:49:21 mars slapd[24781]: conn=26 op=8 BIND dn="" method=128

Feb  4 00:49:21 mars slapd[24781]: conn=26 op=8 RESULT tag=97 err=0 text=

```

----------

## kblack

@bitwh0re

you said shouldn' be easy  :Very Happy:  Hope you miss typed that one!

----------

## kblack

So is the e-build only an alternative to the manual install in the how-to or does it use different MTAs and what not

----------

## dashnu

my 2 cents, On A project like OX I do not see the e-build keeping up. I would recomend using the OX src per release. Use Portage to maintain everything else. 

As to your question I have not used the e-build much or at all. Looking at the e-build will tell you what it pulls for deps.

----------

## dashnu

lxnay,

comment out all of this out of your imap.conf

```
sasl_sql_user: open-xchange

sasl_sql_passwd: oxen

sasl_sql_database: openexchange

sasl_sql_hostnames: localhost

sasl_sql_select: SELECT clear FROM users WHERE email = '%u@%r'

```

And look at your /etc/saslauthd.conf

make sure you are using ldap. You logs show that you are trying auth againts mysql.

Another tidbit so you guys do not have to learn the hard way.. Cyrus is case sensitive.

add thiss in your imap.conf to stop that..

```
lmtp_downcase_rcpt: yes
```

----------

## bitwh0re

 *kblack wrote:*   

> @bitwh0re
> 
> you said shouldn' be easy  Hope you miss typed that one!

 

LOL!  420 total posts in the topic!   Yes, I did make a typo there.  :Very Happy: 

----------

## dashnu

I felt the need to tell everyone that I am now viewing the calander in evolution also the contacs. I am also using the document system in nautilus / konquer / cadaver /  M$ / Mac - finder. Apples I-cal works also. All though the cal stuff is still read only its a step.  

A new way to deploy the servlet side of the app is to use the tomcat manager and deploy the servlet.war in you lib directory of your source. Works like a charm  :Wink: 

bit, I will try to write up a doc on the webdav stuff so people can use this and also SMTP tls and auth.. Been super busy lately.

/me waits for the 'stable' 0.8.0

ono

----------

## dashnu

 *Quote:*   

> Dear reader,
> 
> we are very proud to announce the very first preview of the
> 
> Open-Xchange Server 0.8.PRE (Codename: Hymalia), available
> ...

 

full post http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=01&topic_id=1107526693

It was posted a few days ago but just incase you have not seen it.

----------

## lxnay

Thank you very much, I've built a beautiful Open-Xchange framework.

But I need to know two things:

1) If I try to authenticate via SSL (993 port is open) i get this:

```

Feb  5 15:01:40 mars imaps[10868]: imaps TLS negotiation failed: localhost [127.0.0.1]

Feb  5 15:01:40 mars imaps[10868]: Fatal error: tls_start_servertls() failed

Feb  5 15:01:40 mars master[28992]: process 10868 exited, status 75

Feb  5 15:01:40 mars master[28992]: service imaps pid 10868 in BUSY state: terminated abnormally

Feb  5 15:01:45 mars master[13499]: about to exec /usr/lib/cyrus/imapd

Feb  5 15:01:45 mars imaps[13499]: executed

Feb  5 15:01:45 mars imaps[13499]: sql_select option missing

Feb  5 15:01:45 mars imaps[13499]: auxpropfunc error no mechanism available

Feb  5 15:01:45 mars imaps[13499]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Feb  5 15:01:45 mars imaps[13499]: accepted connection

Feb  5 15:01:47 mars imaps[13499]: imaps TLS negotiation failed: localhost [127.0.0.1]

Feb  5 15:01:47 mars imaps[13499]: Fatal error: tls_start_servertls() failed

Feb  5 15:01:47 mars master[28992]: process 13499 exited, status 75

Feb  5 15:01:47 mars master[28992]: service imaps pid 13499 in BUSY state: terminated abnormally

Feb  5 15:01:54 mars master[28992]: process 28455 exited, status 0

Feb  5 15:01:55 mars master[28992]: process 28444 exited, status 0

Feb  5 15:01:55 mars master[28992]: process 28452 exited, status 0

```

and Thunderbird tells me that the server has a bad certificate.

2) Now I have internal e-mail, is there a way to automatically fetch externals e-mails (like xxx@gmail.com) and redirect them to internal accounts? If yes, how?

Thank you all, Open-Xchange is the best thing after the Linux kernel.

----------

## Hibbelharry

Hey lxnay,

you're maybe seraching for fetchmail. it's able to collect mail from pop3/imap accounts and puts them in the local smtp queue. very handy.

A Issue i'm experiencing with OX is when i add acl's as mentioned in the slapd.conf knowledge and bookmark trees aren't working anymore. anyone else got that problem ?

Greetz

Hibbelharry

----------

## kblack

I am getting an error when I try to login through the web interface. Most of the time I get "servlet intranet unavailable" It seems to me that tomcat5 did not emerge correctly. One thing I did notice is that /usr/local/open-xchange/share/servlets is empty. Is this correct or do I need to link the tomcat5 servlets here?

----------

## dashnu

It should be empty. Try to install the servlet.war through the tomcat manager it is imho a much better way to deploy the app. I posted about it a few posts above.

----------

## kowal

 *kowal wrote:*   

> OX Gentoo HOWTO specifies to modify ldap ebuild by adding code with round brackets
> 
> ```
> myconf=$(myconf) --enable-aci
> ```
> ...

 

Any comments from any one?

----------

## dashnu

about the proper syntax of an ebuild ?

 it should be { }   

Check out the ebuild you will see a few examples of the same..

```
myconf="${myconf} `use_enable crypt`"

    myconf="${myconf} `use_enable ipv6`"

    myconf="${myconf} `use_with sasl cyrus-sasl` `use_enable sasl spasswd`"

    myconf="${myconf} `use_with readline`"

    myconf="${myconf} `use_with ssl tls` `use_with samba lmpasswd`"

    myconf="${myconf} `use_enable tcpd wrappers`"

    myconf="${myconf} `use_enable odbc sql`"

    myconf="${myconf} `use_enable perl`"

    myconf="${myconf} `use_enable slp`"

```

----------

## bitwh0re

 *init-zero wrote:*   

> about the proper syntax of an ebuild ?
> 
>  it should be { }   
> 
> Check out the ebuild you will see a few examples of the same..
> ...

 

HOWTO fixed and updated...

----------

## amasidlover

When adding a contact I get: "The contact has been created successfully in the database \nbut couldn't be inserted into the LDAP addressbook: Naming err in Contact.Ldap javax.NamingException: Property inetOrgPersonAttributeDescriptionName not found under "com.openexchange.groupware.ContactInsEdit"

When trying to delete the contact which appears because it has been created on the DB, only not on LDAP I get: "The contact wasn't deleted from the database: SQL err in Contact java.sql.SQL.Exception: ERROR: SET AUTOCOMMIT TO OFF is no longer supported"

The install is running on Gentoo and I have configured my LDAP ACL's according to the Wiki.

Also, the error messages disappear after a fraction of a second meaning I have to do some nifty work with printscreen to catch them. The /usr/local/open-xchange/var/log/ dir is empty - should I be getting a log of these messages somewhere?

I posted this on the OX support forum yesterday but so far have had no replies that have got me any closer to solving any of the issues above.

Thanks,

Alex

----------

## dashnu

it is your jdbc I posted how to fix that in this thread. you will need to get the correct postgresql.jar that will take care of ERROR: SET AUTOCOMMIT TO OFF.. I am using pg73jdbc3.jar

Looks like your ldap setup may be incorrect too. But i would fix the other error first.

----------

## amasidlover

Hi,

I found the correct .jar for jdbc on page 6 of the thread and after restarting tomcat and OX I can delete things. However, I still can't get LDAP contacts to add with a 'proper' ldap configuration I have to add the access to * by * write to get it to work. The lines I've got which should do it are:

```
access to dn="ou=addr,uid=(.*),ou=Users,ou=OxObjects,dc=zednax,dc=com" attr=uid,objectClass,entry filter=(objectClass=OXUserObject)

        by self write

        by dn="uid=$1,ou=Users,ou=OxObjects,dc=zednax,dc=com" write

        by * none

access to dn.subtree="o=AddressBook,ou=OxObjects,dc=zednax,dc=com"

        by group="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=zednax,dc=com" write

        by users read

        by * none

```

Also, I'd love to find some error logs or at least a way to stop it from redirecting after an error...

----------

## dashnu

There is a working list of acl's on the wiki you may want to check it out.. I have yet to try it.

Edit* yea I had that same super fast error message to thanks to you I now know what it said  :Very Happy: 

----------

## amasidlover

Hi, 

Yep, that's where my ACL is from the OX wiki... Unfortunatley I spoke to soon about giving write access to everyone working, it doesn't. I did see somewhere in the 18 pages of this thread a bit about some java configuration, but I can't find it now....

I think I'm going to have to find a way of amalgamating this thread so I can search it.

----------

## dashnu

http://www.novell.com/products/openexchange/download.html

User guide in case people did not know about it. It is for SLOX but it is for the most part the same.

----------

## kblack

you should add java-config to the emerge list before sun-jdk so java and javac will end up in the path without any manual changes

----------

## bitwh0re

OX 0.8 Beta to be released this Friday (Feb. 18 / 2005)!!

http://mirror.open-xchange.org/ox/EN/news/news_detail2640.htm

I guess I know what I'm doing this weekend.  :Smile:   init-zero--send me all that extra documentation you've been promising me!  even if it's in rough notes.  :Smile: 

As well, with the release of Hula (hula-project.org) it seems that the OX team will be adding that to their list of supported servers.  I'm guessing since Hula has integrated all of the server technologies, including Web, that Hula would have to be hosted on a box separate from the OX server.  Either way, it's great to see the OX and Hula teams cooperating.

 *Quote:*   

> 
> 
> Hula project - Novell and Netline, perfect together.
> 
>  You may have already seen the exciting announcement by Novell and Netline on the Hula Project -- a new community project to create an open source e-mail and collaboration server.
> ...

 

----------

## bitwh0re

More on the Hula project and JWZ's views on Groupware:

http://www.jwz.org/doc/groupware.html

 *Quote:*   

> 
> 
>  So I said, narrow the focus. Your "use case" should be, there's a 22 year old college student living in the dorms. How will this software get him laid?
> 
> That got me a look like I had just sprouted a third head, but bear with me, because I think that it's not only crude but insightful. "How will this software get my users laid" should be on the minds of anyone writing social software (and these days, almost all software is social software). 
> ...

 

----------

## leynux

It works extremely wonderful to me..  :Laughing: 

In the "HOWTO: Gentoo Open-Xchange Installation v0.20b" , it miss this part 

 *Quote:*   

> 
> 
> SMTP Authentication and Relay Control
> 
> /etc/postfix/main.cf
> ...

 

which was explained in OX_install-v0.15-1.pdf .

Thanks a lot..

----------

## ukj

 *bitwh0re wrote:*   

> Good day all,
> 
> I've finished a rough draft outlining how to get OX installed on Gentoo using:
> 
> - Postfix / Cyrus / SASL
> ...

 

 The above URL does not seem to be valid as of now. Is it updated?

Regards.

----------

## bitwh0re

 *leynux wrote:*   

> It works extremely wonderful to me.. 
> 
> In the "HOWTO: Gentoo Open-Xchange Installation v0.20b" , it miss this part 
> 
>  *Quote:*   
> ...

 

Yes, the HTML HOWTO is still in "beta" even though it covers a completely updated install of 0.7.5.  If you're looking for those "extra" instructions you can find them in the PDF still.  I plan on updating the HOWTO to cover OX v0.8PR.  At that time I also plan to add the supplemental instructions from the PDF HOWTO.  

You can find the links to both the HTML and PDF at:

http://www.mikefetherston.ca/OX

----------

## plut0

0.8.0 beta1 released, check it out:

http://mirror.open-xchange.org/ox/EN/community/download.htm

----------

## chotchki

I would like to send out a big thank you for all those who help write this document. After fighting with Fedora 3, I am halfway through the install with this guide. If all goes well this should be a great way to sneak gentoo into my organization.  :Cool: 

----------

## bitwh0re

 *chotchki wrote:*   

> I would like to send out a big thank you for all those who help write this document. After fighting with Fedora 3, I am halfway through the install with this guide. If all goes well this should be a great way to sneak gentoo into my organization. 

 

Chotchki, glad to hear it helped you out!  The HOWTO is geared towards Gentoo, but if you're familiar with Linux you can easily adapt it to your distro of choice.  I intended it to be a guide to take you from a completely fresh and bare Gentoo install to a working mail and ldap server and then build on that to get OX working, which explains the length of the document.

Again, thanks for your kind words!

----------

## bitwh0re

Picked this up off the OX General mailing list:

 *Quote:*   

> 
> 
> Hi All
> 
> I've manged to get the OX 0.8 Administration tools working on SuSE 9.2
> ...

 

Hope that can help anyone attempting the OX0.8PR install!

----------

## bitwh0re

just a side-post:

http://www.fishdoc.co.uk/disease/whitespot.htm

ebuild for CVS Hula.

----------

## bitwh0re

I am skipping finalizing the v0.20b HOWTO.  The instructions are all there, it's just missing some of the extra functionality that can be found in the v0.15 PDF.  I'm doing this in favour of a "Bleeding Edge" HOWTO based on OX 0.8PR on 2005.0RC5 ~x86.  I intend to merge the missing instructions from the 0.15 HOWTO into this new document.  If I have time, I will create a more "stable" HOWTO based on 2004.3 and OX 0.7.5 -- this all depends on when OX 0.8 is released as stable.

Thank you to all for all of your valuable input, questions, and contributions!

----------

## bitwh0re

With regard to the past JDBC driver issues...  init-zero, can you shed some light on which version gave you troubles and which version you had success with?  Looking at http://jdbc.postgresql.org/download.html#serverselection it says that we should be using JDBC3 (because of JVM  1.4).  Or did you use the JDBC3 driver from this page and not portage??

----------

## dashnu

The one in portage gave me trouble, so I downloaded  	pg73jdbc3.jar and copied it around.

----------

## cadaverus

I've tried to keep my config as close to the documentation as possible, right down to the host name. At this point, I'm interested in showing this off to some management =)

Everything seemed to be going fine with the configuration... until I tried to add a user

/usr/local/open-xchange/sbin/adduser_ox --username="john" --passwd="johnspassword" --name="john" --sname="smith" --maildomain="ox-domain.tld" --ox_timezone="EST"

gives me

adduser john to oxfolders.

Exception in thread "main" java.lang.NumberFormatException: For input string: ""

        at java.lang.NumberFormatException.forInputString(NumberFormatException.java:4 :Cool: 

        at java.lang.Integer.parseInt(Integer.java:489)

        at java.lang.Integer.<init>(Integer.java:609)

        at com.openexchange.tools.OXFolderTools.getMergedFolderOCL(OXFolderTools.java:120)

        at com.openexchange.tools.oxfolder.OXFolderAction.addUserRightsToFolder(OXFolderAction.java:599)

        at com.openexchange.tools.oxfolder.OXFolderAction.addUserToOXFolders(OXFolderAction.java:493)

        at com.openexchange.tools.oxfolder.OXFolderAction.main(OXFolderAction.java:119)

entry Already exists!

This is with Openxchange 0.8.0-beta1, Sun JDK 1.4.2.07.

The server seems to work okay (I can login), but going in to the calendar gives me:

Permision denied

You don't have the permission to access this page.

/etc/openldap/slapd.conf

--------------

include /etc/openldap/schema/core.schema

include /etc/openldap/schema/cosine.schema

include /etc/openldap/schema/inetorgperson.schema

include /etc/openldap/schema/openldap.schema

include /etc/openldap/schema/misc.schema

include /etc/openldap/schema/nis.schema

include /etc/openldap/schema/openxchange.schema

allow bind_v2

password-hash {CRYPT}

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

database        bdb

suffix "dc=ox-domain,dc=tld"

rootdn "cn=Manager,dc=ox-domain,dc=tld"

rootpw {CRYPT}Q0e3BWpa8IABc

directory       /var/lib/openldap-data

index   objectClass     pres,eq

index gidNumber,memberUid eq

index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub

-------------

/usr/local/open-xchange/etc/admintools.conf

------------------------

ORGA="OXDomain"

OXBASE=`grep -v '^#' /usr/local/open-xchange/etc/groupware/ldap.conf | grep -i BASE | head -n 1 | awk {'print $2'}`

LDAPHOST=`grep -v '^#' /usr/local/open-xchange/etc/groupware/ldap.conf | grep -i HOST | head -n 1 | awk {'print $2'}`

BINDDN="cn=Manager,dc=ox-domain,dc=tld"

BINDPW="ldapsecretpassword"

OX_LEAF="ou=OxObjects,$OXBASE"

DEFAULT_PREF_LANG="EN"

DEFAULT_MAIL_ENAB="OK"

DEFAULT_INET_MAIL="TRUE"

DEFAULT_OX_APP_DAYS=5

DEFAULT_OX_TASK_DAYS=5

DEFAULT_WRITE_GLOBAL_ADDR="TRUE"

LDAPADD_BIN="ldapadd"

LDAPDELETE_BIN="ldapdelete"

LDAPMODIFY_BIN="ldapmodify"

LDAPSEARCH_BIN="ldapsearch"

GREP_BIN="grep"

SED_BIN="sed"

EXPR_BIN="expr"

SORT_BIN="sort"

HEAD_BIN="head"

TAIL_BIN="tail"

AWK_BIN="awk"

SQL_BIN="psql"

DEFAULT_SQL_HOST="localhost"

DEFAULT_SQL_DB="openexchange"

DEFAULT_SQL_USER="open-xchange"

DEFAULT_SQL_PASS="oxen"

RIGHTS_TABLE="usr_general_rights"

TEMPLATE_TABLE="sys_gen_rights_template"

DEFAULT_TEMPLATE_NAME="default_template"

USER_BASEDN="ou=Users,$OX_LEAF"

GROUP_BASEDN="ou=Groups,$OX_LEAF"

RESOURCES_BASEDN="ou=Resources,ou=ResourceObjects,$OX_LEAF"

RESOURCE_GROUPS_BASEDN="ou=ResourceGroups,ou=ResourceObjects,$OX_LEAF"

GLOBAL_ADDRESSBOOKDN="o=AddressBook,$OX_LEAF"

GLOBAL_ADDRESSBOOK_ADMINSDN="cn=AddressAdmins,$GLOBAL_ADDRESSBOOKDN"

TMPDIF="/usr/local/open-xchange/var/temporary_ldap_scripts.ldif"

HOME_DIR="/home/"

DEFAULT_USR_SHELL="/bin/bash"

SHADOW_EXPIRE=0

SHADOW_MIN=0

SHADOW_MAX=9999

SHADOW_WARN=7

STD_GID=500

MIN_UID=501

MIN_GID=500

------------------------

Thanks in advance if anyone has any ideas.

----------

## cheeby

I am at the exact same point as you, cadaverus, and experiencing the identical problem with adduser_ox.  At some stage a null value is being passed :

```
Exception in thread "main" java.lang.NumberFormatException: For input string: ""
```

So,  I am checking through all my config and ldif files for trailing spaces, will post results as they come.

----------

## cpunchin

Cheeby:

I found this on OX's forum: 

Type: 

/usr/local/open-xchange/sbin/dbinit_ox

That solved for me.

However, I cannot delete the user. I get 

gentoo1 root # /usr/local/open-xchange/sbin/deluser_ox --username=john1

java.sql.SQLException: ERROR:  SET AUTOCOMMIT TO OFF is no longer supported

        at org.postgresql.core.QueryExecutor.execute(QueryExecutor.java:131)

        at org.postgresql.jdbc1.AbstractJdbc1Connection.ExecSQL(AbstractJdbc1Connection.java:482)

        at org.postgresql.jdbc1.AbstractJdbc1Connection.ExecSQL(AbstractJdbc1Connection.java:461)

        at org.postgresql.jdbc1.AbstractJdbc1Connection.setAutoCommit(AbstractJdbc1Connection.java:957)

        at com.openexchange.tools.oxfolder.OXFolderAction.removeUserFromOXFolders(OXFolderAction.java:589)

        at com.openexchange.tools.oxfolder.OXFolderAction.main(OXFolderAction.java:128)

Thanks

----------

## cadaverus

Thanks cpunchin, I managed to fix the error but now I get exactly the same as you when trying to delete. Nearly there!

Thanks heaps.

----------

## lxnay

I don't know why but now OpenLDAP does not start correctly. slapd is ok (?) but port 389 isn't open.

That's my error:

```

Feb 25 13:06:07 mars ctl_cyrusdb[18586]: checkpointing cyrus databases

Feb 25 13:06:07 mars ctl_cyrusdb[18586]: archiving database file: /var/imap/annotations.db

Feb 25 13:06:07 mars ctl_cyrusdb[18586]: archiving log file: /var/imap/db/log.0000000001

Feb 25 13:06:07 mars ctl_cyrusdb[18586]: archiving database file: /var/imap/mailboxes.db

Feb 25 13:06:07 mars ctl_cyrusdb[18586]: archiving log file: /var/imap/db/log.0000000001

Feb 25 13:06:07 mars ctl_cyrusdb[18586]: done checkpointing cyrus databases

Feb 25 13:06:07 mars master[13851]: process 18586 exited, status 0

Feb 25 13:10:01 mars /usr/sbin/cron[18693]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )

Feb 25 13:10:01 mars /usr/sbin/cron[18694]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )

Feb 25 13:10:06 mars slapd[18778]: daemon: socket() failed errno=97 (Address family not supported by protocol)

Feb 25 13:10:06 mars slapd[18778]: sql_select option missing

Feb 25 13:10:06 mars slapd[18778]: auxpropfunc error no mechanism available

Feb 25 13:10:06 mars slapd[18778]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Feb 25 13:10:06 mars slapd[18778]: bdb_initialize: Sleepycat Software: Berkeley DB 4.2.52: (December  3, 2003)

Feb 25 13:10:06 mars slapd[18778]: bdb_db_init: Initializing BDB database

Feb 25 13:12:54 mars postfix/qmgr[14817]: 0E4EFA1E08A: from=<root@lxnaydesign.local>, size=1286, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 081A6A1239C: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 09E11A1E07D: from=<root@lxnaydesign.local>, size=1289, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 05A105B1F9: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 03B6AA183D9: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 1A05A7ED65E: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 196154343A: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 192B646B9E: from=<root@lxnaydesign.local>, size=1277, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 2211FF85E3: from=<root@lxnaydesign.local>, size=988, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 28AEE7ED553: from=<root@lxnaydesign.local>, size=1299, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 2357343437: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 267167ED555: from=<root@lxnaydesign.local>, size=1295, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 38F56F7D3A: from=<root@lxnaydesign.local>, size=1283, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 3FF827265CA: from=<root@lxnaydesign.local>, size=1286, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 3B537965CD4: from=<root@lxnaydesign.local>, size=1027, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 3B4E2F7D33: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 4188A11A41: from=<root@lxnaydesign.local>, size=988, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 46257A1E085: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 4A8CB7F7622: from=<root@lxnaydesign.local>, size=1289, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 431B2F8491: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 4AAF95B1E7: from=<root@lxnaydesign.local>, size=1282, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 456497265C3: from=<root@lxnaydesign.local>, size=154943, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 5B8962EBA4: from=<root@lxnaydesign.local>, size=1280, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 50C0644A02: from=<root@lxnaydesign.local>, size=1283, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 54D0A2E010: from=<root@lxnaydesign.local>, size=959, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 59D2F4347B: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 660AB5B1F2: from=<root@lxnaydesign.local>, size=1280, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 676C24347A: from=<root@lxnaydesign.local>, size=1283, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 795EC4295C: from=<root@lxnaydesign.local>, size=1277, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 7112FA1E074: from=<root@lxnaydesign.local>, size=1286, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 8AC6D7F6553: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 8FD04A1E080: from=<root@lxnaydesign.local>, size=1286, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 828699AF11A: from=<root@lxnaydesign.local>, size=1286, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 8E0CD43E09: from=<root@lxnaydesign.local>, size=1280, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 833B1298A3: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 8BF4146F2F: from=<root@lxnaydesign.local>, size=1277, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 8E26D43436: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 8A04B4705E: from=<root@lxnaydesign.local>, size=1283, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 9BE28449FD: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 94B3FA1E086: from=<root@lxnaydesign.local>, size=1286, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: 95E287ED56A: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: AE5F7F85D7: from=<root@lxnaydesign.local>, size=1280, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: AA66E962291: from=<root@lxnaydesign.local>, size=964, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: A163247464: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: AE1264709A: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: A081A42959: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: A9D33A1E078: from=<root@lxnaydesign.local>, size=1286, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: B3149A1E025: from=<root@lxnaydesign.local>, size=962, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: BE011A1E075: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: BEEEC449FE: from=<root@lxnaydesign.local>, size=2672, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: CC9137F7028: from=<root@lxnaydesign.local>, size=1289, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: CE9C743458: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: DDD667F7998: from=<root@lxnaydesign.local>, size=1280, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: D8B7E2E026: from=<root@lxnaydesign.local>, size=1280, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: D41DB9AF118: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: DE43BF8606: from=<root@lxnaydesign.local>, size=1280, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: DF558F7D39: from=<root@lxnaydesign.local>, size=986, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: E2491A1E076: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: E981A7ED56F: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/qmgr[14817]: F2086A1E081: from=<root@lxnaydesign.local>, size=989, nrcpt=1 (queue active)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 0E4EFA1E08A: to=<root@lxnaydesign.local>, relay=local, delay=22364, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 081A6A1239C: to=<root@lxnaydesign.local>, relay=local, delay=61959, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 09E11A1E07D: to=<root@lxnaydesign.local>, relay=local, delay=33163, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 05A105B1F9: to=<root@lxnaydesign.local>, relay=local, delay=65553, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 03B6AA183D9: to=<root@lxnaydesign.local>, relay=local, delay=36766, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 1A05A7ED65E: to=<root@lxnaydesign.local>, relay=local, delay=11566, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 196154343A: to=<root@lxnaydesign.local>, relay=local, delay=90754, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 192B646B9E: to=<root@lxnaydesign.local>, relay=local, delay=72755, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 2211FF85E3: to=<root@lxnaydesign.local>, relay=local, delay=47562, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 28AEE7ED553: to=<root@lxnaydesign.local>, relay=local, delay=18758, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 2357343437: to=<root@lxnaydesign.local>, relay=local, delay=87156, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 267167ED555: to=<root@lxnaydesign.local>, relay=local, delay=15158, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 38F56F7D3A: to=<root@lxnaydesign.local>, relay=local, delay=58363, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 3FF827265CA: to=<root@lxnaydesign.local>, relay=local, delay=47560, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 3B537965CD4: to=<root@lxnaydesign.local>, relay=local, delay=40366, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 3B4E2F7D33: to=<root@lxnaydesign.local>, relay=local, delay=54766, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 4188A11A41: to=<root@lxnaydesign.local>, relay=local, delay=4367, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 46257A1E085: to=<root@lxnaydesign.local>, relay=local, delay=22367, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 4A8CB7F7622: to=<root@lxnaydesign.local>, relay=local, delay=7964, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 431B2F8491: to=<root@lxnaydesign.local>, relay=local, delay=51167, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 4AAF95B1E7: to=<root@lxnaydesign.local>, relay=local, delay=61963, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 456497265C3: to=<root@lxnaydesign.local>, relay=local, delay=47060, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 5B8962EBA4: to=<root@lxnaydesign.local>, relay=local, delay=97954, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 50C0644A02: to=<root@lxnaydesign.local>, relay=local, delay=79950, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 54D0A2E010: to=<root@lxnaydesign.local>, relay=local, delay=101538, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 59D2F4347B: to=<root@lxnaydesign.local>, relay=local, delay=79954, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 660AB5B1F2: to=<root@lxnaydesign.local>, relay=local, delay=65556, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 676C24347A: to=<root@lxnaydesign.local>, relay=local, delay=87153, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 795EC4295C: to=<root@lxnaydesign.local>, relay=local, delay=90756, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 7112FA1E074: to=<root@lxnaydesign.local>, relay=local, delay=40364, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 8AC6D7F6553: to=<root@lxnaydesign.local>, relay=local, delay=7967, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18996]: 8FD04A1E080: to=<root@lxnaydesign.local>, relay=local, delay=29564, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:54 mars postfix/local[18994]: 828699AF11A: to=<root@lxnaydesign.local>, relay=local, delay=764, status=deferred (alias database unavailable)

Feb 25 13:12:54 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: 8E0CD43E09: to=<root@lxnaydesign.local>, relay=local, delay=83558, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: 833B1298A3: to=<root@lxnaydesign.local>, relay=local, delay=101561, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: 8BF4146F2F: to=<root@lxnaydesign.local>, relay=local, delay=76357, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: 8E26D43436: to=<root@lxnaydesign.local>, relay=local, delay=94354, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: 8A04B4705E: to=<root@lxnaydesign.local>, relay=local, delay=69156, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: 9BE28449FD: to=<root@lxnaydesign.local>, relay=local, delay=76360, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: 94B3FA1E086: to=<root@lxnaydesign.local>, relay=local, delay=25965, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: 95E287ED56A: to=<root@lxnaydesign.local>, relay=local, delay=15168, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: AE5F7F85D7: to=<root@lxnaydesign.local>, relay=local, delay=54764, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: AA66E962291: to=<root@lxnaydesign.local>, relay=local, delay=43947, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: A163247464: to=<root@lxnaydesign.local>, relay=local, delay=72760, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: AE1264709A: to=<root@lxnaydesign.local>, relay=local, delay=69154, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: A081A42959: to=<root@lxnaydesign.local>, relay=local, delay=97959, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: A9D33A1E078: to=<root@lxnaydesign.local>, relay=local, delay=36765, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: B3149A1E025: to=<root@lxnaydesign.local>, relay=local, delay=43945, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: BE011A1E075: to=<root@lxnaydesign.local>, relay=local, delay=33167, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: BEEEC449FE: to=<root@lxnaydesign.local>, relay=local, delay=79849, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: CC9137F7028: to=<root@lxnaydesign.local>, relay=local, delay=11565, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: CE9C743458: to=<root@lxnaydesign.local>, relay=local, delay=83562, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: DDD667F7998: to=<root@lxnaydesign.local>, relay=local, delay=4366, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: D8B7E2E026: to=<root@lxnaydesign.local>, relay=local, delay=94356, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: D41DB9AF118: to=<root@lxnaydesign.local>, relay=local, delay=768, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: DE43BF8606: to=<root@lxnaydesign.local>, relay=local, delay=51165, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: DF558F7D39: to=<root@lxnaydesign.local>, relay=local, delay=58367, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18994]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18996]: E2491A1E076: to=<root@lxnaydesign.local>, relay=local, delay=29568, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: warning: dict_ldap_connect: Unable to bind to server ldap://lxnaydesign.local:389 as : 81 (Can't contact LDAP server)

Feb 25 13:12:55 mars postfix/local[18994]: E981A7ED56F: to=<root@lxnaydesign.local>, relay=local, delay=18768, status=deferred (alias database unavailable)

Feb 25 13:12:55 mars postfix/local[18996]: F2086A1E081: to=<root@lxnaydesign.local>, relay=local, delay=25966, status=deferred (alias database unavailable)

Feb 25 13:20:01 mars /usr/sbin/cron[19192]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )

Feb 25 13:20:01 mars /usr/sbin/cron[19193]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )

```

Please help me! I have to set up fetchmail now!

----------

## cheeby

Yep, that did the trick for me, too, cpunchin.  Thank you!

I haven't tried to delete any users yet -- still fighting with LDAP.  Suddenly no one can ssh into this box, and unless a user is created with adduser_ox, s/he can't log in to OX.

Anyone else experience an LDAP seisure as such upon deploying OX?

----------

## mahir

what is this about

```
Feb 27 20:01:22 balik slapd[24507]: bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002)

Feb 27 20:01:22 balik slapd[24507]: bdb_db_init: Initializing BDB database

Feb 27 20:01:22 balik slapd[24507]: /etc/openldap/slapd.conf: line 70: rootpw can only be set when rootdn is under suffix

Feb 27 20:01:22 balik slapd[24507]: slapd stopped.

```

this is my sladp conf.

```
allow bind_v2

password-hash {CRYPT}

database        bdb

rootpw --crypted--

suffix          "dc=balikarts,dc=ltd"

rootdn          "cn=Manager,dc=balilkarts,dc=ltd"

```

what is my syslog talking about??

----------

## cadaverus

 *mahir wrote:*   

> what is this about
> 
> ```
> Feb 27 20:01:22 balik slapd[24507]: bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002)
> 
> ...

 

----------

## lxnay

how can I allow postfix to accept mail from the extern?

port 25 is open but it doesn't work.

If I am away from home, and I'm on another ISP, IMAP works, but smtp to my home server doesn't. Please help me !

Next step will be to getting work openxchange mail sending, smtp servers tells me that lxnaydesign.local is not a valid domain!

----------

## dashnu

That all depends on how you want to setup postfix.. I would set it up to use TLS and auth that way it is secure and will not be turned into a spam relay box :p I owe bitwh0re a how to on this but i have been to busy.. Still got ya in my mind big boy  :Wink: 

easy way is to add the ip you want to be able to mail from....

```
mynetworks = 192.168.1.0/24, 127.0.0.0/8, mynewip
```

or

```

## SMTP AUTH ##

smtpd_use_tls = yes

smtpd_tls_auth_only = yes

#smtpd_tls_key_file = /etc/ssl/postfix/server.key

smtpd_tls_key_file = /etc/postfix/newreq.pem

#smtpd_tls_cert_file = /etc/ssl/postfix/server.crt

smtpd_tls_cert_file = /etc/postfix/newcert.pem

#smtpd_tls_CAfile = /etc/ssl/postfix/server.pem

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

smtpd_sasl_auth_enable = yes

smtpd_sasl2_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_local_domain =

smtpd_recipient_restrictions =

      permit_sasl_authenticated,

      permit_mynetworks,

      reject_unauth_destination

```

I had to make my own certs because the ones that came with postfix are / were  broke....  This is all done in /etc/postfix/main.cf

----------

## cpunchin

Beta 2 has just been released along with an alpha version of the Outlook connector  :Very Happy: 

http://mirror.open-xchange.org/ox/EN/community/CHANGES.htm

----------

## carpman

Hello, ok ask this open xchange forum but no answer so am trying with the vastly knowledgable gentoo user  :Smile: 

Ok flattery over this is my question:

Been looking around for a groupware solution for small office and open xchange  looks nice possiblity. thing  is i already have a local email server that collects  email via fetchmail from main domain mail server, with mail sent via  isp smtp, mail is proccessed by cyrus and courier, spamassassin and AV then distributed to local user via imap.

Can i  intigrate this  mail server into open xchange and so bypass the need to setup the mail service on groupware server?

cheers

----------

## mahir

 *cadaverus wrote:*   

>  *mahir wrote:*   what is this about
> 
> ```
> Feb 27 20:01:22 balik slapd[24507]: bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002)
> 
> ...

 

thank you  :Smile:  it works..

now i made another booboo

i wad adding init_ldap.ldiff and i forgot to change one of the example org's thing... 

so now i edited and i want to add the new, nice version of teh file

but i get this error

```
balik / # slapadd -l /usr/local/open-xchange/share/init_ldap.ldif

slapadd: could not add entry dn="ou=OxObjects,dc=balikarts,dc=ltd" (line=5): txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30997)

```

any ideas friends?

----------

## dashnu

I am pretty sure it can be done. Some things you may want to consider. OX uses ldap for authentication and so does the suggested mail setup for OX. So I am not sure how you would auth against you current mail setup upon logging into OX. 

Another thing to consider is just swaping out mail servers. I only have a user base of 12 and I was able to switch from courier / mysql imap over to cyrus with out any troubles and no loss of emails. Most of my users had at least 2000 emails.

ono

----------

## mahir

any idea's how to reverse an ldapadd ?

i mucked it up

----------

## mahir

i got everything workig

everything up until section 4

up until sectino 4, everything worked fine

i could even log in (altohught i didnt see anything, it let me log in and it just said Session ID etcetc.. and the screen was blank)

now...

i went ahead to do the rest of thing things.. installing the amavisd etc

nw when i try and log on

it says

ERROR: Authentification failed on the webpage...

waht could it be?

----------

## dashnu

I do not know what it would be. This is a shitty response but I would try to create your ldap tree from scratch. That is were all the authentication happens after it gets tossed around by sasl and such....

----------

## mahir

firstly

how do i do that?

and secondly

what has sasl got to do with amavis and the email side

i mean i cant access webmail or groupware

----------

## dashnu

You can remove you /var/lib/openldap-data dir.... I am sure there is a better way to do this but I do not know.  Sasl is what you use to auth against which than tells stuff to use ldap.

To log into your imap server for example you log in that requset goes to sasl which than goes to ldap. get it ? Same through the web interface i believe.

----------

## ezekiel61

hey all, i'm running into trouble with the tutorial.  I got everything working up until i'm supposed to set the cyrus password:

foobar ~ # /usr/sbin/saslpasswd2 c cyrus

           Password: cyrusadmin

Output:

bash: /usr/bin/saslpasswd2: No such file or directory

So... anyone have any ideas? I guess I should tell you that I've tried to tweak the tutorial in the fact I have not installed postgres in attempt to run this on mysql. I've edited the files accordingly as I go. But could this be the culprit causing the saslauthd error?

Thanks in advance!

----------

## carpman

Hello was this directed at my question?

It is a possibility  would user still be able to access mail via normal email client?

Would imaging they could!

 *init-zero wrote:*   

> I am pretty sure it can be done. Some things you may want to consider. OX uses ldap for authentication and so does the suggested mail setup for OX. So I am not sure how you would auth against you current mail setup upon logging into OX. 
> 
> Another thing to consider is just swaping out mail servers. I only have a user base of 12 and I was able to switch from courier / mysql imap over to cyrus with out any troubles and no loss of emails. Most of my users had at least 2000 emails.
> 
> ono

 

----------

## dashnu

Yea, that was @ you.  Sure I would also imagine your users could access e-mail via client fine.

 *carpman wrote:*   

> Hello was this directed at my question?
> 
> It is a possibility  would user still be able to access mail via normal email client?
> 
> Would imaging they could!
> ...

 

----------

## carpman

 :Smile:  thanks for reply

Looking through docs it sems it is possible but not a lot of detail.

May still with all in one but no ref to AV in setup, though should be possible.

The seperate mail server i have is not yet in production so could i not set it up so it works with ldap on OX server.

 *init-zero wrote:*   

> Yea, that was @ you.  Sure I would also imagine your users could access e-mail via client fine.
> 
>  *carpman wrote:*   Hello was this directed at my question?
> 
> It is a possibility  would user still be able to access mail via normal email client?
> ...

 

----------

## Are`awn

per the how-to I try:

 *Quote:*   

> 
> 
> /usr/local/open-xchange/sbin/adduser_ox --username="john" --passwd="johnspassword" --name="john" --sname="smith" --maildomain="test.outpost.com" --ox_timezone="EST"
> 
> 

 

And I get:

 *Quote:*   

> 
> 
> Exception in thread "main" java.lang.NumberFormatException: For input string: ""
> 
>         at java.lang.NumberFormatException.forInputString(NumberFormatException.java:4
> ...

 

Not sure where the OXFolders are...  nor where to look for clues on how to fix.

Thanks for any help

<-- EDIT -->

Found this information on the open-xchange forums:

You should execute the script $PATH/sbin/dbinit_ox after installation! 

Then everything should work fine when adding users. 

Which when I did this it did work fine.

----------

## dashnu

@ carpman

If your mail server is not yet in production I would strongly urge you to use the desired mail setup.  If no... I am sure you could get your server to auth against ldap and work with OX I just think it will be very difficult for you to find support.  The desired server is great to admin and very scalable and secure. I use the clam-av and amavisd-new for virus protection blocked well over 200+ virus e-mails since I deployed.  Good luck with whatever use choose  :Wink: 

----------

## Are`awn

Now I am not able to create new appointments from the web interface, or contacts..

and if I use mozilla's calendar app, and try to push my appointment up to it I see a 

2005-03-04 12:36:33 StandardContext[/servlet]webdav.ical: GET

2005-03-04 12:36:33 StandardContext[/servlet]webdav.ical: PUT

2005-03-04 12:36:33 StandardContext[/servlet]webdav.ical: ERROR: ical.doPut: java.sql.SQLException: ERROR:  SET AUTOCOMMIT TO OFF is no longer supported

2005-03-04 12:36:33 StandardContext[/servlet]webdav.ical: 500 msg --> Server Error

Any hints ?

----------

## dashnu

ERROR: SET AUTOCOMMIT TO OFF that is an error due to using the wrong PostgreSQL JDBC Driver. Im am not sure if this is causing your errors as far as creating an appointment and what not but it should get you one step closer. Also 0.7.5 does not support client writes via webdav. This should be fixed in 8

In this thread I explain how to fix that AUTOCOMMENT error... somewhere  :Wink: 

----------

## Are`awn

Alright.. upgraded to the jdbc3-postgresql-7.4.5 and that takes care of the AUTOCOMMIT...

Have you seen any problems when making appointments via the web interface, and accessing them via webdav ?  The appointment times are off..  5 hours off...  which sounds like things are getting set to GMT.  

The mozilla calendar client will see the time for 15:00 and the web interface will show 20:00

----------

## Nicoo

 *Are`awn wrote:*   

> Alright.. upgraded to the jdbc3-postgresql-7.4.5 and that takes care of the AUTOCOMMIT...
> 
> Have you seen any problems when making appointments via the web interface, and accessing them via webdav ?  The appointment times are off..  5 hours off...  which sounds like things are getting set to GMT.  
> 
> The mozilla calendar client will see the time for 15:00 and the web interface will show 20:00

 

Upgrade to beta3, this issues has been fixed

----------

## carpman

Thanks for reply init-zero, think i will follow your suggestion, just has to be easier for setup and getting support. 

I take it i can still relay email via ISP smtp?

Trouble i am now going to have find a use for dual 500 P2 with Ultra scsi 160 raid 5 box i was going to use for mail  :Smile: 

Might redeploy smoothwall onto.

 *init-zero wrote:*   

> @ carpman
> 
> If your mail server is not yet in production I would strongly urge you to use the desired mail setup.  If no... I am sure you could get your server to auth against ldap and work with OX I just think it will be very difficult for you to find support.  The desired server is great to admin and very scalable and secure. I use the clam-av and amavisd-new for virus protection blocked well over 200+ virus e-mails since I deployed.  Good luck with whatever use choose 

 

----------

## Are`awn

I have successfully upgraded to beta3.. and the times work great/

Now I have this strange error in my groupware.log:

Mar 04 18:01:45 dev.test.outpost.com openexchange: WARN: uid=john, can't load settings '/usr/local/open-xchange/var/settings/intranet/john'. File not found or not readable.

does anything special have to be done to the users after an upgrade ?

Also the web interface to tasks isn't working so great.  Whenever I click on a task or choose the search tab I keep getting sent to the main tasks page. I do not see any groupware errors in the log

<-- EDIT -->

Seems my web interface problems is an issue with the konqueror broweser, just used Firefox without a problem.

thanks

----------

## amigafan

I've got two questions:

 - do you use a stable or unstable (e.g. ~x86) gentoo system?

 - is it right that its not possible to write to ldap without acls?

I followed the nice gentoo open-xchange guide (0.20b) and it seems the author uses an unstable system. When using a stable system the jdbc3-postgres package creates different directories and filenames. It doesn't even really work. Maybe that should be mentioned in the guide. Another thing that could be mentioned it that its not necessary to insert the thousand 'y's - at this point you can simply run $OXPREFIX/sbin/dbinit_ox .

I tried the fresh install after I've modified the startscripts. The guide states that ox can be testet at this point. I was not able to create a contact, because ox was not able to write to ldap - only to the database. I just want to know if this is the normal behaviour. With acls ox is able to write to ldap.

Ok, a third question  :Wink:  : Are you able to delete an ox-user with deluser_ox? Get some strange error_messages here.

thx!

----------

## amigafan

well I can use /servlet/webdav.ical with sunbird etc. but I am still not able to use /servlet/webdav.documents . I get:

```
HTTP Status 500 -

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

javax.servlet.ServletException: IOException: Permission denied

   com.openexchange.webdav.documents.oxinit(documents.java:134)

   com.openexchange.tools.webdav.OXServlet.init(OXServlet.java:136)

   org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)

   org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)

   org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:300)

   org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:374)

   org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:743)

   org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:675)

   org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:866)

   org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)

   java.lang.Thread.run(Thread.java:534)

note The full stack trace of the root cause is available in the Apache Tomcat/5.0.27 logs.
```

I am using ox 0.8.0-beta3.

----------

## amigafan

I want to share some experiences with my setup of ox 0.8.0-beta3 . Hope it helps.

You can follow Mike Fetherstons guide on installing ox 0.7.5 with some differences:

Emerge the masked version of jdbc3-postgresql with

```
ACCEPT_KEYWORDS=~x86 emerge  jdbc3-postgresql
```

 . The stable release creates different directory-names and doesn't work well.

Configure ox like this:

```
./configure --enable-webdav \

--with-mailjar=/usr/share/sun-javamail-bin/lib/mail.jar \

--with-activationjar=/usr/share/sun-jaf-bin/lib/activation.jar \

--with-jdomjar=/usr/share/jdom-1.0_beta10/lib/jdom.jar \

--with-xercesjar=/usr/share/xerces-2/lib/xercesImpl.jar \

--with-jsdkjar=/opt/tomcat5/common/lib/servlet-api.jar \

--with-jdbcjar=/usr/share/jdbc3-postgresql/lib/jdbc3-postgresql.jar \

--with-dbname=openexchange \

--with-dbuser=open-xchange \

--with-dbpass=oxen \

--with-runuid=tomcat \

--with-htdocsdir=/var/www/localhost/htdocs/ \

--with-cgibindir=/var/www/localhost/cgi-bin/ \

--with-jni-dir=/opt/sun-jdk-1.4.2.07/include/ \

--with-openssl-dir=/usr/include/

--with-domain=ox-domain.tld

--with-organization="your companys name"

--with-basedn="dc=ox-domain,dc=tld"

--with-rootdn="cn=Manager,dc=ox-domain,dc=tld"

```

Please note the missing  --with-servletdir=/opt/tomcat5/webapps/servlet/  because its currently not supported. Also note the new flags --with-domain ... --with-rootdn . These are very nice because these entries will be filled into init_ldap.ldif and admintools.conf later on! Here I used --with-runuid=tomcat because webdav doesn't work with user apache - it gives a "permission denied"  :Sad:  Don't know if this is the best solution.

After initiating the postgres database with 

```
psql -U open-xchange openexchange < \

/usr/local/open-xchange/share/init_database.sql
```

 you DON'T need to fill it with the 47 'y's. Here you simply run 

```
/usr/local/open-xchange/sbin/dbinit_ox
```

 - still as user postgres. After this type exit.

When modifying /usr/local/open-xchange/share/init_ldap.ldif notice that most changes are already made! Simply edit 

```
userPassword: {CRYPT}<output from perl command above>
```

 and 

```
OXTimeZone
```

.

When configuring tomcat for ox you have to create the directory /opt/tomcat5/webapps/servlet/WEB-INF. This can be done automatically by copying two files: 

```
cp lib/servlet.war /opt/tomcat5/webapps/

cp lib/umin.war /opt/tomcat5/webapps/
```

Then restart tomcat. All files in /opt/tomcat/webapps/servlet are created. To enable webdav you only need to modify /etc/apache2/conf/workers2.properties as described in the guide.

I found out that there is a mod_jk in portage. Has anyone tried it yet?

Good luck!

----------

## carpman

Hello, following guide as found via OX website, when emerge pretend listed apps 'gq' wants to install xorg plus GTK and other x related stuff such as esound.

I do have -X in make.conf , is qg anecessary app? or how can i stop it installing all the dependancies?

cheers

----------

## dashnu

gq is a gui to view your ldap tree. No, you do not need it. You will of course need X installed if you want to use it. I installed gq on my local machine and then connected to our ldap server from there.

----------

## bitwh0re

Just so everyone knows.. I'm watching this thread and keeping track of all of the suggestions and comments and fixes and will be reworking them into the HOWTO.  I have not been ignoring you guys, just not participating in the discussion.  :Smile:   Sorry...

Yes, I was using an ~x86 system but will be updataing the document with x86 and only install ~x86 ebuilds where necessary.

I can't thank everyone enough for asking questions and answering others.  It's really helped this document and forum become top-notch.  

Thanks to all!!

Mike

----------

## dashnu

/me hugs bitw0re

----------

## catalinux

wget -c http://www.mikefetherston.ca/OX/OX_Install.pdf

--17:40:14--  http://www.mikefetherston.ca/OX/OX_Install.pdf

           => `OX_Install.pdf'

Resolving www.mikefetherston.ca... 67.19.13.194

Connecting to www.mikefetherston.ca[67.19.13.194]:80... connected.

HTTP request sent, awaiting response... 504 Gateway Time-out

17:43:13 ERROR 504: Gateway Time-out.

can anyone mail-me last pdf  at cata@csc.ro

i need this ...

tnx

----------

## bitwh0re

 *catalinux wrote:*   

> wget -c http://www.mikefetherston.ca/OX/OX_Install.pdf
> 
> --17:40:14--  http://www.mikefetherston.ca/OX/OX_Install.pdf
> 
>            => `OX_Install.pdf'
> ...

 

http://www.mikefetherston.ca/OX/OX_Install-v0.15.pdf

That document is old, however and hasn't been updated for several months.  You may have some difficulties using this with OX0.8PRb4.

----------

## catalinux

wget -c http://www.mikefetherston.ca/OX/OX_Install-v0.15.pdf

--10:13:35--  http://www.mikefetherston.ca/OX/OX_Install-v0.15.pdf

           => `OX_Install-v0.15.pdf'

Resolving www.mikefetherston.ca... 67.19.13.194

Connecting to www.mikefetherston.ca[67.19.13.194]:80... connected.

HTTP request sent, awaiting response... 504 Gateway Time-out

10:16:34 ERROR 504: Gateway Time-out.

----------

## bitwh0re

 *catalinux wrote:*   

> wget -c http://www.mikefetherston.ca/OX/OX_Install-v0.15.pdf
> 
> --10:13:35--  http://www.mikefetherston.ca/OX/OX_Install-v0.15.pdf
> 
>            => `OX_Install-v0.15.pdf'
> ...

 

Hrm..  why not just point your webbrowser at www.mikefetherston.ca/OX?

----------

## catalinux

ERROR

The requested URL could not be retrieved

While trying to retrieve the URL: http://www.mikefetherston.ca/OX?

The following error was encountered:

    * Connection Failed 

The system returned:

    (110) Connection timed out

The remote host or network may be down. Please try the request again.

Your cache administrator is isp@csc.ro.

Generated Sun, 13 Mar 2005 09:37:13 GMT by proxy.csc.ro (squid/2.5.STABLE5)

----------

## ajc

Hi,

This thread seems to be getting really long and is now quite hard to search through so i posted my query here https://forums.gentoo.org/viewtopic-p-2184795.html#2184795 to try and make it easier...

Does any1 have any ideas?

Thanks

Adam

----------

## DecoY

The site of Mike and this thread has been a great help to make OX work for me. 

I only have one problem at the moment and can't find a solution for it.

When I wat to send mail to my ox-box i get the following error in postfix:

```
Recipient address rejected: User unknown in local recipient table
```

My slapd log says:

```
Mar 14 11:44:31 ox postfix/smtpd[10028]: connect from localhost[127.0.0.1]

Mar 14 11:44:44 ox slapd[9978]: conn=8 fd=12 ACCEPT from IP=127.0.0.1:34436 (IP=0.0.0.0:389)

Mar 14 11:44:44 ox slapd[9981]: conn=8 op=0 BIND dn="" method=128

Mar 14 11:44:44 ox slapd[9981]: conn=8 op=0 RESULT tag=97 err=0 text=

Mar 14 11:44:44 ox slapd[9979]: conn=8 op=1 SRCH base="dc=ox,dc=mm,dc=nl" scope=2 filter="(mail=pdo@ox.mm.nl)"

Mar 14 11:44:44 ox slapd[9979]: conn=8 op=1 SRCH attr=mail

Mar 14 11:44:44 ox slapd[9979]: conn=8 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=

Mar 14 11:44:44 ox slapd[9980]: conn=8 op=2 SRCH base="dc=ox,dc=mm,dc=nl" scope=2 filter="(mail=pdo)"

Mar 14 11:44:44 ox slapd[9980]: conn=8 op=2 SRCH attr=mail

Mar 14 11:44:44 ox slapd[9980]: conn=8 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=

Mar 14 11:44:44 ox slapd[9981]: conn=8 op=3 SRCH base="dc=ox,dc=mm,dc=nl" scope=2 filter="(mail=@ox.mm.nl)"

Mar 14 11:44:44 ox slapd[9981]: conn=8 op=3 SRCH attr=mail

Mar 14 11:44:44 ox slapd[9981]: conn=8 op=3 SEARCH RESULT tag=101 err=0 nentries=0 text=
```

I have no idea where to look anymore. I quess the problem lies within the ACL's but I removed all of them and it still doesn't work.

----------

## dashnu

That has to do with your main.cf I bet, do you have any other logs like mail.log or mail.err that tells ya anything. The slapd log looks fine.

----------

## bitwh0re

 *catalinux wrote:*   

> ERROR
> 
> The requested URL could not be retrieved
> 
> While trying to retrieve the URL: http://www.mikefetherston.ca/OX?
> ...

 

I don't know dude, my site's hosted on phpwebhosting.com, maybe your ISP/Country is denying access?

----------

## DecoY

@init-zero

Been fighting with it for most of the day. Tried a manuel search and via phpldapadmin... but my slapd wouldn't let me get the mail-attribute, strange. Tried searching as the root-dn for "mail=pdo", no luck. Searching for "mail=*" gives me al the users.

So I guess it's a filter/acl error

Changed my main.cf to use "uid=%u" and now it works enough for testing purposes.

----------

## bitwh0re

Ok, the newest version of the howto is about to come out, but I figured it'd help anyone here battling with an OX0.8PR-Beta install.  Realize that this isn't guaranteed to get every little aspect of OX running, but it will get the core going for you.  Again, it's not "published" yet, but here.. have a peek:

http://www.mikefetherston.ca/OX/html/index-new.html

Let me know what you think with any comments, suggestions, fixes, etc etc...

Mike.

----------

## Dijital_US

 *bitwh0re wrote:*   

> Ok, the newest version of the howto is about to come out, but I figured it'd help anyone here battling with an OX0.8PR-Beta install.  Realize that this isn't guaranteed to get every little aspect of OX running, but it will get the core going for you.  Again, it's not "published" yet, but here.. have a peek:
> 
> http://www.mikefetherston.ca/OX/html/index-new.html
> 
> Let me know what you think with any comments, suggestions, fixes, etc etc...
> ...

 

I think this is only my 2nd post but I for one greatly appreciate the new guide, and must say that it looks great especially for those that are 100% noobs like me, where I basically need someone to hold my hand while I do it for now so to speak, keep up the great work:D 

Also, could possibly put up a pdf version of the newest guide?

----------

## bitwh0re

 *Dijital_US wrote:*   

>  *bitwh0re wrote:*   Ok, the newest version of the howto is about to come out, but I figured it'd help anyone here battling with an OX0.8PR-Beta install.  Realize that this isn't guaranteed to get every little aspect of OX running, but it will get the core going for you.  Again, it's not "published" yet, but here.. have a peek:
> 
> http://www.mikefetherston.ca/OX/html/index-new.html
> 
> Let me know what you think with any comments, suggestions, fixes, etc etc...
> ...

 

no.   :Smile: 

Thanks for putting us over 500 posts!$#!  You deserve some kind of reward.  :Smile:   Maybe a PDF export of the HTML would do?  :Smile: 

http://www.mikefetherston.ca/OX/OX-HOWTO-0.21b.pdf

----------

## r4d0

 *amigafan wrote:*   

> 
> 
> ...
> 
> I found out that there is a mod_jk in portage. Has anyone tried it yet?
> ...

 

Yes. And it works very well.

I use : 

net-www/apache-2.0.52-r1

www-apache/mod_jk2-2.0.4

www-servers/tomcat-5.0.27-r4

----------

## zcappc8

Hello All

I'm slowly getting OX to work (I'm going through it in a rather blind fashion though!). I seem to be getting the following error when I connect to http://myserver/servlet/webdav.contacts

```

type Status report

message HTTP method GET is not supported by this URL

description The specified HTTP method is not allowed for the requested resource (HTTP method GET is not supported by this URL).

```

If I connect to http://myserver/servlet/webdev.ical then all works fine.

My ultimate aim is to sync kaddressbook with OX  - any one done this?

Cheers

----------

## amigafan

want a killer tip for a working webdav.documents?

in workers2.properties put something like 

```
[uri:/servlet/webdav.documents/*]

worker=ajp13:domain.tld:8009

```

and NOT 

```
[uri:/servlet/webdav.documents*]

worker=ajp13:domain.tld:8009

```

Please notice the slash. You have to set this for all entries. Works nice with oxlook, this time even writeable  :Wink: 

----------

## amigafan

I read through the new howto by Mike and found a little mistake there. The steps in "Configure Apache for Tomcat" should be a bit different. Instead of 

```
 mv /usr/lib/apache2-extramodules/mod_jk2.so \ /usr/lib/apache2/modules
```

 you can simply edit /etc/conf.d/apache and add 

```
-D JK2
```

 (must be UPPERCASE!) to it. The module will be loaded with /etc/apache2/conf/modules.d/89_mod_jk2.conf then. In this file you can set 

```
JkSet config.file /etc/apache2/conf/workers2.properties
```

.

Another thing to mention is that webdav shouldn't be treated as an optional component. With newer versions of ox the web.xml file is created automatically, so the only thing you need is a valid workers2.properties file. Mike, please add a complete workers2.properties file to the above section - so it can be removed from the "extending section"  :Wink:  As you can see in my post above, there is a typo in the howto that made me crazy: in the workers2 example for webdav the slashes are missing. I realized a readable webdav support without them but writing and the outlook connector didn't work. They work fine by adding them. Here is my working workers2.properties file

```
[logger]

info=Native logger

level=ERROR

[shm]

info=Scoreboard. Requried for reconfiguration and status with multiprocess servers.

file=anon

# Defines a load balancer named lb. Use even if you only have one machine.

[lb:lb]

# Example socket channel, override port and host.

[channel.socket:domain.tld:8009]

port=8009

host=domain.tld

# define the worker

[ajp13:domain.tld:8009]

channel=channel.socket:domain.tld:8009

group=lb

# Map the Tomcat examples webapp to the Web server uri space

[uri:/examples/*]

group=lb

[status:]

info=Status worker, displays runtime information

[uri:/jkstatus/*]

info=The Tomcat /jkstatus handler

group=status:

[uri:/servlet/*]

worker=ajp13:domain.tld:8009

[uri:/umin/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.contacts/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.calendar/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.ical/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.documents/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.tasks/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.folders/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.projects/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.groupuser/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.attachments/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.freebusy/*]

worker=ajp13:domain.tld:8009

[uri:/servlet/webdav.vcard/*]

worker=ajp13:domain.tld:8009
```

Simply replace domain.tld with your valid domain.

Another tip for the guide can be a small note for /etc/openldap/ldap.conf . After a fresh installation there is a space after the comma in the BASE line. This is a showstopper and has to be removed.

I have to say that our gentoo howto is - compared to the howtos of other distris - one of the best out there! Nice work.Last edited by amigafan on Wed Mar 16, 2005 4:53 pm; edited 1 time in total

----------

## Cuchulainn

I've got a problem initializing the LDAP tree. I get the following error:

 *Quote:*   

>  DB_KEYEXIST: Key/data pair already exists (-30997)

 

Any idea how to fix this?

Cheers, Cuchu

----------

## bitwh0re

 *Cuchulainn wrote:*   

> I've got a problem initializing the LDAP tree. I get the following error:
> 
>  *Quote:*    DB_KEYEXIST: Key/data pair already exists (-30997) 
> 
> Any idea how to fix this?
> ...

 

What I've found works is by shutting down the ldap server and deleting the /var/lib/openldap-data directory and re-emerging openldap.   :Sad: 

----------

## bitwh0re

amigafan, thanks catching those omissions/errors and submitting your corrections!  I'll add that to the HOWTO as soon as I can.

Mike.

----------

## carpman

Thought i would just post this here as it may help those doing install, follow guide until you get to install apps section.

First off because of download restrictions you will need to download to the /usr/portage/distfiles

```

sun-jdk

jaf-1_0_2-upd

javamail-1_3_1-upd

```

you can get these from sun web pages.

To speed things and save typing cut and paste following into console.

```

emerge --nodeps sun-jdk &&  env-update && source /etc/profile && emerge  sun-jaf-bin sun-javamail-bin perl openssl xerces jikes tomcat ispell app-admin/sudo dev-java/ant jdom postgresql openldap cyrus-sasl cyrus-imapd cyrus-imap-admin postfix apache

```

```

emerge  Net-SSLeay IO-Socket-SSL XML-NamespaceSupport  XML-SAX-Base Authen-SASL Convert-ASN1 perl-ldap

```

You can add  -p if you wish to check before compiling.

Not a lot of help but may save bit of time.

----------

## amigafan

 *bitwh0re wrote:*   

>  *Cuchulainn wrote:*   I've got a problem initializing the LDAP tree. I get the following error:
> 
>  *Quote:*    DB_KEYEXIST: Key/data pair already exists (-30997) 
> 
> Any idea how to fix this?
> ...

 

A maybe faster way is to simply delete the content of the directory:

```
rm /var/lib/openldap-data/*
```

 and to restart slapd. Then you can re-initialize your ldap-tree without reemerging openldap.

----------

## bitwh0re

 *amigafan wrote:*   

>  *bitwh0re wrote:*    *Cuchulainn wrote:*   I've got a problem initializing the LDAP tree. I get the following error:
> 
>  *Quote:*    DB_KEYEXIST: Key/data pair already exists (-30997) 
> 
> Any idea how to fix this?
> ...

 

amigafan, thanks.. as you can probably tell, I'm no expert in the area that is LDAP.  :Smile:   I'll add this tip to the HOWTO as well.

----------

## Cuchulainn

 :Very Happy:  Thanks for that tip. Seems like I will need it.... I get the following error now:

 *Quote:*   

> slapadd: dn="smtpDomain=dummy.net,ou=MailTransports,ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=dummy,dc=net"(line=163) (64) value of naming attribute 'smtpDomain' is not present in entry

 

Any ideas on this one?

----------

## bitwh0re

 *Cuchulainn wrote:*   

>  Thanks for that tip. Seems like I will need it.... I get the following error now:
> 
>  *Quote:*   slapadd: dn="smtpDomain=dummy.net,ou=MailTransports,ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=dummy,dc=net"(line=163) (64) value of naming attribute 'smtpDomain' is not present in entry 
> 
> Any ideas on this one?

 

When you ./configure'd OX did you use some of the new parameters?  Namely,

--with-domain=ox-domain.tld

----------

## Cuchulainn

No, I didn't use the new paramaters..... Can I simply do a ./config again, or do I need to remove something first?

BTW, stopping the slapd service and removing the /var/lib/openldap-data dir is not enough... you need to do a mkdir /var/lib/openldap-data, and a chown ldap:ldap /var/lib/openldap-data before restarting the service. I thought i'd just mention it for future reference.

----------

## bitwh0re

 *Cuchulainn wrote:*   

> No, I didn't use the new paramaters..... Can I simply do a ./config again, or do I need to remove something first?
> 
> BTW, stopping the slapd service and removing the /var/lib/openldap-data dir is not enough... you need to do a mkdir /var/lib/openldap-data, and a chown ldap:ldap /var/lib/openldap-data before restarting the service. I thought i'd just mention it for future reference.

 

Yes, it should be as simple as doing a ./configure && make && make install.

You can try using rm /var/lib/openldap-data/* instead which will keep the directory and hopefully the permissions.  That should save you from having to recreate the directory and reset permissions back to ldap:ldap.

----------

## Hibbelharry

hey guys,

i'm currently in progress of restoring and updating our OX-Server after a suddenly powerloss which crashed some filesystems badly. after 8 hours of beeing offline i thought it's a good time to do a update of OX to the current version. After having major headaches with 0.8-beta4 i reverted to beta3. beta4 somehow managed it to corrupt my pgsql databases, don't know how this happens. i noticed some things while updating OX which might be useful for others:

i'm successfully using openldap 2.2 manually unmasked in portage which supports aci from the start, acls from OX-Wiki for 2.2 work really flawless. but when i stopped slapd ant deleted the contents of /var/lib/openldap-data and reinserted the init_ldap.ldif file and my modified userdata some files in the openldap-data were curiously owned by root, which gave me strange errors. be sure to check this and reown the files if needed.

when i installed pgsql 8 i had to include a extra trusting relation for the ip address of my server. the dns name of my server was in there, but i got some permission denied errors for my own ip in the logs. just be sure to check this after inserting data when things don't work. 

a note to bitwhore and init-zero:

your work here is absolutely great, i found lots of good help in the howtos on mike's page and here in the forum. 

currently i'm just facing trouble with mod_jk2: whenever i tried to integrate it in the new ~x86 apache 2.0.53-whatever-version apache, it seg'faults on startup. i also tried building the module from source but that didn't help either. i don't know if this is related to my system or a general problem... 

success storys from other users are welcome  :Wink: 

mod_jk2 is also dead upstream and unmaintained in gentoo and at apsf. maybe a solution with mod_jk should be used ?

i'm currently in progress of trying to get this running. if i'm successful i will post my results here. if anyone knows bottlenecks of this solution feel free to inform me. i'm somehow experienced with apache but a nearly absolute noob dealing with tomcat and jk connector. any help is appreciated. 

another problem: webdav servlets work partially: i can acces documents and modify them, but ical is read only. every change gets lost. i found no errors in the logs so far. this is happening with both 0.8 beta3 and 4. anyone ever faced this ? 

greetz from Bremen, Northern Germany

Wilken Haase

wilken.haase@campuspoint.de

----------

## amigafan

Is it possible that the howto is wrong about "--with-xercesjar=" ? The official install guide states that a file called xml-apis should be used. This file is available under gentoo, so I think the line should read:

```
--with-xercesjar=/usr/share/xerces-2/lib/xml-apis.jar
```

I HAVE NOT tried this yet. Another thing is the creation of the database. We create it using UNICODE, the official guide uses UTF-8. Maybe both is something to test and to update the howto  :Wink: 

----------

## Dark_Hunter

 *bitwh0re wrote:*   

> 
> 
> Let me know what you think with any comments, suggestions, fixes, etc etc...
> 
> 

 

greate tutorial =) just doing it step by step.

I've found a somehow problem and don't know if it is realy important "java-config" is no dependency of sun-jdk but is executed during emerge. I think it would be good to emerge it before the sun-jdk.

----------

## temp

I love this turorial - works like a charm  :Wink: 

But found a bug:

in the section where you describe /etc/apache2/conf/workers2.properties on the last line it states "freebusy" again, should be vcard...

Bye, and thanks for this great stuff!

Stephan

----------

## hybrid256

Hi all,

It's for a few days now that I'm in the configuration of my Open Xchange server on Gentoo thanks to this great Howto everyones there helped to build.

I'm not quite finished by now but the system works and is usable even if there are still some points I have to clarify.

I was very impressed by all this good will and I love Open Xchange, this is great stuff and this will definitely bury those damned Exchange Server 5.5 I have there which are giving me more and more headaches every days (I'm not even talking about the price I'll have to put on the table to replace them by Exchange 2003 ...)

You guys (and the whole Gentoo and Open Xchange teams) are giving me such a fresh air ... so much power for so few money ... I must be dreaming  :Very Happy: 

Well, for all those reasons, I also want to be of some help and I thought these two days that it would be great to have a central repository for all the tips and help that have been said here and there.

The Howto is wonderfull but it can be greatly enhanced and I especially thinks that "making it work" is not enough, I would love to have a "guide for building Open Xchange", something that would take people from the beginning including the best options to build the Gentoo system for taht purpose : building an enterprise class Open Xchange server.

This guide would include the basics of course but also configuration for security, enhancements (antispam, antivirus, etc etc ...), optimizations, etc etc ...

For that purpose, I propose to create a "Howto generator" based on the howto created by bitwhore and all the other helpers there.

The idea is to "generate" the howto based on the configuration you want.

For that purpose, you'll have to fill a form on the website, answering few questions (domain name, hostname, multi site support, anti spam, anti virus, hardware configuration, ...) and after this "Wizard", the site would generate the Howto for building a complete rock-solid Open Xchange server based on Gentoo from scratch.

Here is the idea, I hope that it would interrest some of you there, that doesn't mean this thread or the current howto to become obsolete, on the contrary, in fact, every idea gathered here and even elsewhere would simply be integrated in the "Howto generator".

I'm planning to work on it anyway, I'll be building the "generator", making translation for French users too and begin with what has already be done for the actual howto.

I sincerely hope some of you would be interrested in helping me for that purpose, if not, well, I'll try to do my best anyway   :Rolling Eyes: 

See ya'

----------

## pgb

In a related topic to how useful this howto is...

I've seen that in bugs.gentoo.org there is an ebuild for Open-xchange. What are the chances that this ebuild will be integrated into portage? That would make installing Open-xchange as easy as installing any other gentoo ebuild...

I think people on this thread may be able to contribute to that ebuild...

What do you think?

----------

## Dark_Hunter

Found a new bug in "/etc/conf.d/saslauthd"

the 

```
SASLAUTH_MECH=ldap
```

 should be

```
SASLAUTH_MECH="ldap"
```

----------

## bitwh0re

 *hybrid256 wrote:*   

> 
> 
> Well, for all those reasons, I also want to be of some help and I thought these two days that it would be great to have a central repository for all the tips and help that have been said here and there.
> 
> The Howto is wonderfull but it can be greatly enhanced and I especially thinks that "making it work" is not enough, I would love to have a "guide for building Open Xchange", something that would take people from the beginning including the best options to build the Gentoo system for taht purpose : building an enterprise class Open Xchange server.
> ...

 

That sounds like a book.  Of course, that's crossed my mind.  I know that this HOWTO can be so much more than "just the basics".  Funny, the "just the basics" in this HOWTO seems to be so much more than any of the other guides!  :Smile:   </bragging>

 *hybrid256 wrote:*   

> 
> 
> For that purpose, I propose to create a "Howto generator" based on the howto created by bitwhore and all the other helpers there.
> 
> The idea is to "generate" the howto based on the configuration you want.
> ...

 

You read my mind!!  That was my original plan when I first converted the HOWTO from PDF to HTML.. it would be so easy to add some PHP statements so that a user could customize the HOWTO for themselves.  That would allow cutting and pasting.. or even the ability to autogenerate a build script custom for their environment!  I don't know of any other HOWTO or guide that does this.  I was planning on doing it once the "dust settles" when OX 0.8 finally goes stable... but if you want to tackle it first, be my guest!  Maybe you could build the one for your French converted HOWTO and I could do the EN side of things?

----------

## bitwh0re

To all above, thanks!  I'll be collecting all these tips and modifying the HOWTO, thanks for the collective eye!

Mike.

----------

## bitwh0re

 *amigafan wrote:*   

> Is it possible that the howto is wrong about "--with-xercesjar=" ? The official install guide states that a file called xml-apis should be used. This file is available under gentoo, so I think the line should read:
> 
> ```
> --with-xercesjar=/usr/share/xerces-2/lib/xml-apis.jar
> ```
> ...

 

The guide that I based the original HOWTO off of (v0.10) said UNICODE so it stayed and I haven't since been back to the official guide.  As well, the xerces "link" is somewhat of a mystery to me.. I always thought it had to link to xercesImpl.jar .. again the original guide that I read really left you on your own to figure almost all of this out.  I'll have to try again with xml-apis.jar.

As well, I see you're really busy on the official OX forums.. good for you!   :Smile:   Are you deploying OX in a production environment?

----------

## amigafan

 *Quote:*   

> The guide that I based the original HOWTO off of (v0.10) said UNICODE so it stayed and I haven't since been back to the official guide.

 

Hehe, the official one is funny here. It says you should create a unicode db, but their own example creates a UTF-8 one. Maybe its the same in postgres!? Don't know...

 *Quote:*   

> As well, I see you're really busy on the official OX forums.. good for you! Smile Are you deploying OX in a production environment?

 

Currently not, because its unstable software. But our customers frequently ask for an alternative to M$ Exchange and I want to be prepared when ox is stable. I think service build around ox could be a quite interesting business.

----------

## Dark_Hunter

Mhh, i think found something new:

/etc/openldap/slapd.conf

```
rootpw {CRYPT}<encrypted output from command above> 
```

should be under the line

```
suffix "dc=ox-domain,dc=tld" 

 rootdn "cn=Manager,dc=ox-domain,dc=tld"
```

Why? I had some trouble, and made  a /usr/lib/openldap/slapd -t but it just said it failed:

try a

```
/usr/lib/openldap/slapd -t -d 1
```

and you get a detailed error-message for your configuration.

i think this would be good for a trouble-section of this guide.

like i always say greate guide =)

=============================================

New Beta5 is out =)

----------

## amigafan

I just want to say that the guide works well with beta5. The new oxlook does work with this setup  :Smile: 

How are you using ox? I ask because I want to know how you are administrating ox. Does a login as user "mailadmin" work for you? Are you working with groups and global adressbooks? Maybe we need a "What you can do after the installation" guide  :Wink: 

----------

## alsubhi

I followed the last post OX HowTo. 

http://www.mikefetherston.ca/OX/html/index-new.html

Everything goes fine until I try to emerge dev-java/ant , I got the following error message: 

------------------------------------------------------------------------------------------------ 

Calculating dependencies ...done!

>>> emerge (1 of 16) dev-java/jython-2.1-r5 to /

>>> md5 src_uri  :Wink:  jython-21.class

>>> Unpacking source...

try path /var/tmp/portage/jython-2.1-r5/work/

Done

>>> Source unpacked.

jikes

3 warnings

xargs: jar: No such file or directory

>>> Test phase [not enabled]: dev-java/jython-2.1-r5

>>> Install jython-2.1-r5 into /var/tmp/portage/jython-2.1-r5/image/ category dev-java

install: cannot stat `jython-2.1.jar': No such file or directory

!!! ERROR: dev-java/jython-2.1-r5 failed.

!!! Function java-pkg_dojar, Line 186, Exitcode 1

!!! jython-2.1.jar not found

!!! If you need support, post the topmost build error, NOT this status message.

----------------------------------------------------------------------------------------------------------- 

What shall I do to install this dev-java/jython-2.1-r5 in order to proceed?

----------

## alsubhi

I solved the problem by reading the java_config document.

http://www.gentoo.org/doc/en/java.xml

I had to set environment variable CLASSPATH and system-vm.

----------

## carpman

Hello, working my way through install but stopped as waiting for sub domain to be setup, this raises couple of questions:

How will using subdomain for OX server affect setup?

I take it that where i see settings such as:

```

dc=ox-domain,dc=tld

ox-domain.tld 

```

I woud use:

```

 BASE dc=sub.mydomain,dc=com

sub.mydomain.com

```

Also i will not using this as full MX mail server but will use fetchmail to retrieve mail from main domain mail server, this of course means that email address will be:

```

user@mydomain.com

```

and not

```

user.sub.mydomain.com

```

As i see no mention of fetcmail do just set fetchmail up as per normal?

How do get mail to OX users?

Also should note that OX box is behind smoothwall corp firewall and will be using port forwarding to get external users to OX server.

cheers

----------

## bitwh0re

 *carpman wrote:*   

> Hello, working my way through install but stopped as waiting for sub domain to be setup, this raises couple of questions:
> 
> How will using subdomain for OX server affect setup?
> 
> I take it that where i see settings such as:
> ...

 

Actually, I think you would use dc=sub,dc=mydomain,dc=com.  The only limitation I could see using your method is that I don't believe it would allow you to separate two possible OX servers to sub1.domain.com and sub2.domain.com.

 *carpman wrote:*   

> 
> 
> Also i will not using this as full MX mail server but will use fetchmail to retrieve mail from main domain mail server, this of course means that email address will be:
> 
> ```
> ...

 

I believe postfix will allow you to change your outbound domains for the users on the box.  There are two parameters in main.cf called myorigin and mydestination.  You can read more here:

http://www.postfix.org/BASIC_CONFIGURATION_README.html#myorigin

As for fetchmail, I haven't used it with OX or in any other type of situation.  Going on what I know about fetchmail, could you not write a rule where fetchmail gets the mail and then delivers it to cyrus?  Maybe some of the others would like to comment on this?

----------

## bitwh0re

 *amigafan wrote:*   

>  *Quote:*   The guide that I based the original HOWTO off of (v0.10) said UNICODE so it stayed and I haven't since been back to the official guide. 
> 
> Hehe, the official one is funny here. It says you should create a unicode db, but their own example creates a UTF-8 one. Maybe its the same in postgres!? Don't know...

 

Care to ask one of the developers?  :Smile: 

 *amigafan wrote:*   

> 
> 
>  *Quote:*   As well, I see you're really busy on the official OX forums.. good for you!  Are you deploying OX in a production environment? 
> 
> Currently not, because its unstable software. But our customers frequently ask for an alternative to M$ Exchange and I want to be prepared when ox is stable. I think service build around ox could be a quite interesting business.

 

 *amigafan wrote:*   

> 
> 
> I just want to say that the guide works well with beta5. The new oxlook does work with this setup.
> 
> How are you using ox? I ask because I want to know how you are administrating ox. Does a login as user "mailadmin" work for you? Are you working with groups and global adressbooks? Maybe we need a "What you can do after the installation" guide.

 

I'm not using it in any type of a production environment either, but am also very interested in using OX as a service to generate revenue.. you know, for those mobile road warriors that always need access to their data from multiple points of access.  PM me if you want to talk more about this.  :Smile: 

I haven't been doing too much of the administration side of OX, although I really would like to get into that side of it instead of testing new releases of OX against my HOWTO... I know that init-zero has been involved in the admin side of things and could probably write a book on it.  :Smile:   I really think this document will soon be a mini-book.  Maybe in time we should contact O'Reilly some day?  :Very Happy: 

----------

## hybrid256

To be honest, "MY" principal interrest in this project (including evolutions to this howto) is to replace an Exchange 5.5 based solution with something else than Exchange 2003 which I trust around the same level that I trust Exchange 5.5 (which is not very high on my list ...) and which is really too expensive, I'd really prefer spending this money in very reliable and powerful hardware instead of jerky software. 

To give you an idea, replacing my actual solution with an Exchange 2003 server based solution would cost me arount 15000 euros for around 100 users ... and this is software licences only !

If I can make OX works correctly and if it gives me good results (which means if most of the Exchange features are correctly emulated so that the users are not lost), it would only cost me the hardware and would give me enough to buy something really strong which won't collapse because of some abuse with mailbox sizes !

So, yes, I'm definitely very interrested in this  :Wink: 

----------

## hybrid256

 *Quote:*   

> 
> 
> I haven't been doing too much of the administration side of OX, although I really would like to get into that side of it instead of testing new releases of OX against my HOWTO... I know that init-zero has been involved in the admin side of things and could probably write a book on it.   I really think this document will soon be a mini-book.  Maybe in time we should contact O'Reilly some day? 

 

Hey, contact me if you're looking for a french translator  :Razz: 

----------

## Hibbelharry

Hey guys,

i think the important part when dealing with subdomains is setting up your mta right. just use fetchmail like this:

```

poll popserver.provider.com with proto POP3 timeout 30

    user 'john.doe' there with password 'password' is 'john.doe@sub.domain.com' here

```

so basically the mta with its configured transports should have to do the magic.

Greetz from Bremen, Northern Germany

Wilken Haase

wilken.haase@campuspoint.de

----------

## bitwh0re

 *hybrid256 wrote:*   

> Hey, contact me if you're looking for a french translator 

 

You're more than welcome to do anything with the document as you see fit!  I think one of the main terms of the FDL is that you make yours under the FDL and that you refer back to the original document as well as give credit.  A french translation would be great!!

----------

## bitwh0re

 *amigafan wrote:*   

> 
> 
> Please note the missing  --with-servletdir=/opt/tomcat5/webapps/servlet/  because its currently not supported. Also note the new flags --with-domain ... --with-rootdn . These are very nice because these entries will be filled into init_ldap.ldif and admintools.conf later on! Here I used --with-runuid=tomcat because webdav doesn't work with user apache - it gives a "permission denied"  Don't know if this is the best solution.
> 
> 

 

Amigafan, I changed that in the document and all seemed to work well.  I just recently took a look at ./configure --help and noticed that along with the --with-runuid parameter there's a --with-tomcatuser parameter.  I've since changed the HOWTO back to --with-runuid=apache and added --with-tomcatuser=tomcat.

I have not tested this, but I think this will resolve the permissions issue as well as run the app as apache.

----------

## Dark_Hunter

There were several problems with "_sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql".

You don't have to upgrade to the testing-packages. 

You have to select the backend you want use (tooks me dayes  :Wink: ), if you don't, it seems try selecting the sql-backend automaticaly.

insert in your /etc/openldap/slapd.conf

```
backend bdb
```

After this line, restart your ldap and it should work.

----------

## bitwh0re

 *Boef wrote:*   

> There were several problems with "_sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql".
> 
> You don't have to upgrade to the testing-packages. 
> 
> You have to select the backend you want use (tooks me dayes ), if you don't, it seems try selecting the sql-backend automaticaly.
> ...

 

This is one of the things I was starting to look into yesterday.  I thought that maybe adding ACCEPT_KEYWORDS="-postgres" to the emerge statement for cyrus-sasl would work.  I have not tested that yet, but it is in the latest HOWTO.  Did adding backend bdb work for you to get rid of those auxprop errors?

----------

## mammoccio

Tnx man for the great howto!

btw at te moment i have a preoblem with the  jk2 part of the doc, everytime I start apache i get:

[snip]

child pid 6937 exit signal Segmentation fault (11)

[snip]

The version of apache and jk2 is the some as the doc.

someone pointed me on this direction -->https://bugs.gentoo.org/show_bug.cgi?id=77834 

Any hint?

Im coming mad about this stuff!!

Vito

----------

## Dark_Hunter

 *bitwh0re wrote:*   

> 
> 
> This is one of the things I was starting to look into yesterday.  I thought that maybe adding ACCEPT_KEYWORDS="-postgres" to the emerge statement for cyrus-sasl would work.  I have not tested that yet, but it is in the latest HOWTO.  Did adding backend bdb work for you to get rid of those auxprop errors?

 

Yes it works perfectly, didn't have any real problems, i remember i have fixed some rights but i'm not sure if it does matter.

But after that line, fixing the other things was realy easy =)

An other part (could be a bug of the beta5), to get "Setup" working, you have to edit 

```
/opt/tomcat5/webapps/umin/WEB-INF/classes
```

, after that setup is working like a charm =)

Oh, I found something which is just importend for users start setup any webapplication on their servers:

/etc/conf.d/apache2

the line "APACHE2_OPTS" should be:

```
APACHE2_OPTS="-D SSL -D JK2 -D DAV -D DAV_FS
```

Are the last two things importend for webdav-support, would say yes but i'm not sure.

----------

## amigafan

 *Boef wrote:*   

> 
> 
> ```
> APACHE2_OPTS="-D SSL -D JK2 -D DAV -D DAV_FS
> ```
> ...

 

No its not. This line adds webdav support for apache, but ox uses the webdav part of tomcat so you don't need this. For ox its only important to have 

```
-D JK2
```

 here.

----------

## amigafan

 *bitwh0re wrote:*   

> 
> 
> Amigafan, I changed that in the document and all seemed to work well.  I just recently took a look at ./configure --help and noticed that along with the --with-runuid parameter there's a --with-tomcatuser parameter.  I've since changed the HOWTO back to --with-runuid=apache and added --with-tomcatuser=tomcat.
> 
> I have not tested this, but I think this will resolve the permissions issue as well as run the app as apache.

 

Cool thing, I'll test it soon.

O'Reilly.. hmm.. any idea of an animal for the cover?  :Wink: 

----------

## amigafan

 *bitwh0re wrote:*   

> 
> 
> Amigafan, I changed that in the document and all seemed to work well.  I just recently took a look at ./configure --help and noticed that along with the --with-runuid parameter there's a --with-tomcatuser parameter.  I've since changed the HOWTO back to --with-runuid=apache and added --with-tomcatuser=tomcat.
> 
> I have not tested this, but I think this will resolve the permissions issue as well as run the app as apache.

 

Better change it back to --with-runuid=tomcat. I've tested it and it gaves me:

 *Quote:*   

> HTTP Status 500 -
> 
> type Exception report
> 
> message
> ...

 

There are other options such as --with-tomcaturl and --with-tomcatpassword. I somehow have the feeling that these parameters are thought for deploying the .war-files as the --with-servletdir parameter doesn't exist anymore (should be removed from the guide, btw.).

----------

## cpunchin

For those getting this error on the apache error log on OX beta5, i think there's a typo on the Gentoo Manual http://www.mikefetherston.ca/OX/html/index-new.html it should read

/etc/conf.d/apache2 APACHE2_OPTS="-D JK2"  (note the 2)

 *Quote:*   

> 
> 
> First, we configure Apache to load the JK2 module: 
> 
> /etc/conf.d/apache APACHE2_OPTS="-D JK2"  
> ...

 

Keep the good work Mike!....

----------

## )(MarksTheSpot

OK, so here's the biggie,

I've followed the latest install (Great doc btw!) and it's all floated along merrilly until I try and access the login screen (http://mydomain/cgi-bin/login.pl).

All I get is a 404.  It says in the docs that this probably means that perl or apache2 isn't configured properly, and as the latest ebuild seems to re-enable the awful (imho) single-file apache configuration without deleting the old-style (and much better/easier/configurable) multiple file config, I no-longer know which files I'm meant to be changing.

I've added -D JK2 to my APACHE2_OPTS and it's starting fine, but I get a 403 for the main page and still get a 404 for the login script.

Any ideas?

TIA,

)(marks

----------

## playworker

Wow, this Thread is getting huge!  :Smile: 

Just wondering if anyone knows why when using Sunbird to access OX iCal, publishing the entire calendar doesn't work but publishing individual events does ?  I'm still using 0.7.5 BTW, not going to switch to 0.8 until it's stable  :Very Happy: 

Cheers,

Matt

----------

## bitwh0re

 *)(MarksTheSpot wrote:*   

> 
> 
> I've followed the latest install (Great doc btw!) and it's all floated along merrilly until I try and access the login screen (http://mydomain/cgi-bin/login.pl).
> 
> All I get is a 404.  It says in the docs that this probably means that perl or apache2 isn't configured properly, and as the latest ebuild seems to re-enable the awful (imho) single-file apache configuration without deleting the old-style (and much better/easier/configurable) multiple file config, I no-longer know which files I'm meant to be changing.
> ...

 

404 means file could not be found.   I would verify that the files were copied over during the make install to /var/www/localhost/cgi-bin.  Alternatively find / -name "login.pl" -print would find every instance of login.pl in your filesystem.  A 403 is permission denied, that sounds like an apache config problem on your DocumentRoot.

----------

## )(MarksTheSpot

 *bitwh0re wrote:*   

> 
> 
> 404 means file could not be found.   I would verify that the files were copied over during the make install to /var/www/localhost/cgi-bin.  Alternatively find / -name "login.pl" -print would find every instance of login.pl in your filesystem.  A 403 is permission denied, that sounds like an apache config problem on your DocumentRoot.

 

bitwh0re:

I've looked in the dir and the scripts seem to be there, I've also checked the permissions on the folders and all seems to be correct, I just don't understand it!  :Sad: 

Matt

----------

## bitwh0re

 *)(MarksTheSpot wrote:*   

>  *bitwh0re wrote:*   
> 
> 404 means file could not be found.   I would verify that the files were copied over during the make install to /var/www/localhost/cgi-bin.  Alternatively find / -name "login.pl" -print would find every instance of login.pl in your filesystem.  A 403 is permission denied, that sounds like an apache config problem on your DocumentRoot. 
> 
> bitwh0re:
> ...

 

Next, I would check your apache config and make sure that DocumentRoot points to where your htdocs actually is located.  As well, it may be a permissions problem.

----------

## )(MarksTheSpot

bitwh0re,

I've done all of that, the paths are correct, so are the permissions.

 I've now also got an issue with LDAP saying it can't find the server, even though it's definately running.

and I was doing so well...  :Sad: 

)(marks

----------

## bitwh0re

 *amigafan wrote:*   

> O'Reilly.. hmm.. any idea of an animal for the cover? 

 

I would say a spider on her web with all her babies around.  OX is internet based, hence the web, and she ties together alot of other children and makes them all work together.  Maybe an old italian woman would work too!  But, she's not an animal.  :Wink: 

----------

## bitwh0re

 *)(MarksTheSpot wrote:*   

> bitwh0re,
> 
> I've done all of that, the paths are correct, so are the permissions.
> 
> I've now also got an issue with LDAP saying it can't find the server, even though it's definately running.
> ...

 

Ok, don't take offence to this please, but after you verified all your paths and permissions, did you restart the apache daemon?  Have you tried locating the main index.html file and maybe changing the contents and then loading up your website's root in a browser to see what it loads?  You may be getting a 403 because your permissions on the DocumentRoot doesn't allow directory browsing.  It really sounds to me like there's something whacky in your config.  Can you copy it here, of course fudging IP's and server names?  Maybe post the directory contents of your webroot (defaults to /var/www/localhost in gentoo) as well.

----------

## carpman

Hello, ok got to the bit where i initilize the ldap tree but get ollowing error:

```

 root #  slapadd -l /usr/local/open-xchange/share/init_ldap.ldif

slapadd: line 6: database (dc=office.mydomain,dc=com) not configured to hold "dc=office.mydomain.com,dc=com"

slapadd: line 6: database (dc=office.mydomain,dc=com) not configured to hold "dc=office.mydomain.com,dc=com"

```

Should add that i am trying to set this up on a subdomain - office.mydomain.com

Where would start looking? 

is this just a config error on my part?

Once sorted can i just run command gain or will i have to follow instruction to remove ldap data.

This is using beta version

cheers

----------

## )(MarksTheSpot

 *carpman wrote:*   

> Hello, ok got to the bit where i initilize the ldap tree but get ollowing error:
> 
> ```
> 
>  root #  slapadd -l /usr/local/open-xchange/share/init_ldap.ldif
> ...

 

Change it to

```

dc=office,dc=mydomain,dc=com

```

This should work...  :Smile: 

)(marks

----------

## carpman

 *)(MarksTheSpot wrote:*   

> 
> 
> Change it to
> 
> ```
> ...

 

Thanks for reply, may seem dumb question but in what file? many files have this entry!

Have to say i am bit confused setting this up with subdomain as there is no info on doing it, though would have thought it would be common. My subdomain is on different network to main domain.

cheers

----------

## )(MarksTheSpot

 *carpman wrote:*   

>  *)(MarksTheSpot wrote:*   
> 
> Change it to
> 
> ```
> ...

 

oops,  My bad, to busy sorting out my own problems!  :Smile: 

Changes need to be made to all files in the tutorial that have the 

```
dc=ox-domain,dc=com
```

 lines in them.

Basically, AFAIK, all the files that setup LDAP should have this change in them.

)(marks

----------

## carpman

 *)(MarksTheSpot wrote:*   

>  *carpman wrote:*    *)(MarksTheSpot wrote:*   
> 
> Change it to
> 
> ```
> ...

 

Hello, ok thanks for that.

Umm  so if i change all the ldap files will users outside of local network still be able to logon even the server address if office.mydomain.com?

From what you are saying ldap only needs main domain and not subdomain to work?

cheers

----------

## )(MarksTheSpot

 *bitwh0re wrote:*   

>  *)(MarksTheSpot wrote:*   bitwh0re,
> 
> I've done all of that, the paths are correct, so are the permissions.
> 
> I've now also got an issue with LDAP saying it can't find the server, even though it's definately running.
> ...

 

Bitwh0re,

no offence taken, it's a mistake I've made in the past, however I remembered to restart apache this time.

I've even restarted the box!  :Smile: 

[quote="bitwh0re]

 Have you tried locating the main index.html file and maybe changing the contents and then loading up your website's root in a browser to see what it loads?  You may be getting a 403 because your permissions on the DocumentRoot doesn't allow directory browsing.  It really sounds to me like there's something whacky in your config.  Can you copy it here, of course fudging IP's and server names?  Maybe post the directory contents of your webroot (defaults to /var/www/localhost in gentoo) as well.[/quote]

OK,

I've gone through the httpd.conf and edited it, it seams that someone has put all the config information back into one file and enabled vhosts as the default.

I've rebooted my box and the result is... bugger all.

It won't bring up anything.

I've decided to completely reinstall apache and see if this works.

Thanks for all the help btw, it's much appreciated.

)(marks

----------

## )(MarksTheSpot

 *carpman wrote:*   

> 
> 
> Hello, ok thanks for that.
> 
> Umm  so if i change all the ldap files will users outside of local network still be able to logon even the server address if office.mydomain.com?
> ...

 

OK,  here's where I throw my hands up and admit I don't know!  :Wink: 

I'm only setting it up on a subdomain as I'm using a freebie DynDNS address and it's only for personal use.

only thing I can do is point you at http://www.openldap.org/ and suggest that you might find the answer there.

sorry I can't help further,

)(marks

----------

## bitwh0re

 *)(MarksTheSpot wrote:*   

>  *carpman wrote:*   
> 
> Hello, ok thanks for that.
> 
> Umm  so if i change all the ldap files will users outside of local network still be able to logon even the server address if office.mydomain.com?
> ...

 

Basically LDAP works like this:

- 'com' is your "TLD".. your top level of your tree.

- then you can have multiple subdomains, or "branches".. in your case 'mydomain'

- then you can have further branches such as 'office', 'garage', 'parkinglot', etc.

- then you have your "leaves" which are the actual contents such as "OXUsers" or "OXGroups".

LDAP is laid out in much the same way as DNS is, or even Active Directory - which is another "form" of LDAP.

In your case you need to use dc=office,dc=mydomain,dc=com.. because in theory you could also have dc=garage,dc=mydomain,dc=com which could contain completely different data.  I would change all entries that you see in the HOWTO referring to ox-domain.tld to what suits your setup.. in your example office.mydomain.com, and dc=office,dc=mydomain,dc=com.  Be aware of that ./configure rootdn parameter during the OX build!

Does that answer your questions?

----------

## carpman

Many thanks bitwh0re all  makes sense now but looks like i am going to have to recompile OX.

----------

## bitwh0re

 *carpman wrote:*   

> Many thanks bitwh0re all  makes sense now but looks like i am going to have to recompile OX.

 

Ahh yes, but recompiling OX is one of the quickest steps throughout the entire process!  :Smile: 

----------

## hybrid256

Hi,

I managed to "make it work" with V 0.20 of the howto but some points where not working so, since the document evolved, I tried to rebuild my openXchange from scratch ... again.

Everything went smooth until I had to add my first user in order to be able to login but after the /usr/local/open-xchange/sbin/adduser_ox function, I got this answer :

Undefined ERROR - LDAP CODE implementation specific

See LDAP Log for Details!

I don't understand why, I checked my conf files, I took a look at my ldap tree ... nothing wrong here, I don't understand  :Sad: 

Any idea ?

EDIT : hummm ... in my messages log; I see this :

Mar 25 12:05:55 hermes2 slapd[9529]: slapd starting

Mar 25 12:06:01 hermes2 slapadd: bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002)

Mar 25 12:06:01 hermes2 slapadd: bdb_db_init: Initializing BDB database

Mar 25 12:06:09 hermes2 slapd[9532]: slapd shutdown: waiting for 0 threads to terminate

Mar 25 12:06:09 hermes2 slapd[9529]: bdb(dc=tourisport,dc=fr): /var/lib/openldap-data/gidNumber.bdb: Permission denied

Mar 25 12:06:09 hermes2 slapd[9529]: bdb(dc=tourisport,dc=fr): gidNumber.bdb: cannot sync: Permission denied

Mar 25 12:06:09 hermes2 slapd[9529]: bdb(dc=tourisport,dc=fr): txn_checkpoint: failed to flush the buffer cache Permission denied

Mar 25 12:06:09 hermes2 slapd[9529]: bdb_db_destroy: txn_checkpoint failed: Permission denied (13)

Mar 25 12:06:09 hermes2 slapd[9529]: slapd stopped.

Mar 25 12:06:21 hermes2 slapd[9615]: daemon: socket() failed errno=97 (Address family not supported by protocol)

Mar 25 12:06:21 hermes2 slapd[9615]: SQL engine 'mysql' not supported

Mar 25 12:06:21 hermes2 slapd[9615]: auxpropfunc error no mechanism available

Mar 25 12:06:21 hermes2 slapd[9615]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Mar 25 12:06:21 hermes2 slapd[9615]: bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002)

Mar 25 12:06:21 hermes2 slapd[9615]: bdb_db_init: Initializing BDB database

Mar 25 12:06:21 hermes2 slapd[9622]: slapd starting

Mar 25 12:06:29 hermes2 slapd[9625]: conn=0 fd=12 ACCEPT from IP=10.0.0.121:1951 (IP=0.0.0.0:389)

Mar 25 12:06:29 hermes2 slapd[9663]: conn=0 op=0 BIND dn="cn=Manager,dc=tourisport,dc=fr" method=128

Mar 25 12:06:29 hermes2 slapd[9663]: conn=0 op=0 BIND dn="cn=Manager,dc=tourisport,dc=fr" mech=SIMPLE ssf=0

Mar 25 12:06:29 hermes2 slapd[9663]: conn=0 op=0 RESULT tag=97 err=0 text=

Mar 25 12:06:29 hermes2 slapd[9663]: conn=0 op=1 SRCH base="ou=Users,ou=OxObjects,dc=tourisport,dc=fr" scope=2 filter="(uid=*)"

Mar 25 12:06:29 hermes2 slapd[9663]: conn=0 op=1 SRCH attr=uidNumber

Mar 25 12:06:29 hermes2 slapd[9663]: bdb_db_cache: db_open(objectClass) failed: Permission denied (13)

Mar 25 12:06:29 hermes2 slapd[9663]: <= bdb_equality_candidates: (objectClass) index_param failed (13)

Mar 25 12:06:29 hermes2 slapd[9663]: conn=0 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=

Mar 25 12:06:29 hermes2 slapd[9663]: conn=0 op=2 UNBIND

Mar 25 12:06:29 hermes2 slapd[9663]: conn=0 fd=12 closed

----------

## hybrid256

Don't bother ... I hadn't set the permissions correctly in /var/lib/openldap-data ... sorry   :Embarassed: 

----------

## bitwh0re

 *hybrid256 wrote:*   

> Don't bother ... I hadn't set the permissions correctly in /var/lib/openldap-data ... sorry  

 

You don't know how many people this catches (including myself -- several TIMES).  I'll have to border that part in red or something.  :Smile: 

----------

## sfspin

sorry to be a noob but I have been hunting around for a couple of days. First off sasl seems to work and ldap seems to work to, but I can not authenticate against ldap. 

here is the log trying to login to ox web page.

Mar 25 17:51:03 lox slapd[7152]: conn=0 fd=10 ACCEPT from IP=127.0.0.1:32782 (IP=0.0.0.0:389)

Mar 25 17:51:03 lox slapd[7152]: conn=0 op=0 BIND dn="" method=128

Mar 25 17:51:03 lox slapd[7152]: conn=0 op=0 RESULT tag=97 err=0 text=

Mar 25 17:51:03 lox slapd[7152]: conn=0 op=1 BIND dn="uid=emico,ou=Users,ou=OxObjects,dc=luster,dc=com" method=128

Mar 25 17:51:03 lox slapd[7152]: conn=0 op=1 RESULT tag=97 err=49 text=

Here is the error trying cyradm

Mar 25 18:10:57 lox saslauthd[6680]: Authentication failed for cyrus: Bind to ldap server failed (invalid user/password or insufficient access) (-7)

Mar 25 18:10:57 lox saslauthd[6680]: do_auth         : auth failure: [user=cyrus] [service=imap] [realm=] [mech=ldap] [reason=Unknown]

Mar 25 18:10:57 lox imap[7541]: badlogin: lox [10.10.1.10] plaintext cyrus SASL(-13): authentication failure: checkpass failed

I am using crypt in slapd.conf and I know the saslauthd.conf password matches...

Any suggestion appreciated..

sfspin

----------

## capitanjackal

hi all

If I try to login apache shows me: Internal Server Error

while from the error_log I see:

[Sat Mar 26 23:28:35 2005] [error] [client *.*.*.*] -1<-, referer: http://host.domain.tld/cgi-bin/login.pl

[Sat Mar 26 23:28:35 2005] [error] channelApr.open() attempt to connect to *.*.*.*:8009 (host.domain.tld) failed 111

[Sat Mar 26 23:28:35 2005] [error] ajp13.connect() failed ajp13:domain.tld:8009

[Sat Mar 26 23:28:35 2005] [error] ajp13.service() failed to connect endpoint errno=9 Bad file descriptor

[Sat Mar 26 23:28:35 2005] [error] ajp13.service() Error  forwarding ajp13:giaco.net:8009 1 1

[Sat Mar 26 23:28:35 2005] [error] mod_jk2.handler() Error connecting to tomcat 120000, status 0

any idea ?

thanks very much for your help

Giaco

----------

## sfspin

I fixed it by re emerging cyrus, now I can login to ox and use cyradm, but now I can get into the web mail component of ox I get

Details: javax.mail.AuthenticationFailedException: Login failed: authentication failure.  Argh, sorry for taking up bandwith here...

jb

 *sfspin wrote:*   

> sorry to be a noob but I have been hunting around for a couple of days. First off sasl seems to work and ldap seems to work to, but I can not authenticate against ldap. 
> 
> here is the log trying to login to ox web page.
> 
> Mar 25 17:51:03 lox slapd[7152]: conn=0 fd=10 ACCEPT from IP=127.0.0.1:32782 (IP=0.0.0.0:389)
> ...

 

----------

## dashnu

Ok I just typed up a nice post and hit my fscking power button by mistake and lost it..  :Sad:  So now I am pissed.

anyways..

@sfspin, You said something about using crypt that is fine but last I knew not all of the config file from ox could handle an encrypted BINDPW. check /usr/local/open-xchange/etc/admintools.conf try to put plain text in that file. Also make sure your auth is set up correctly via imap --> sasl --> ldap same for postfix..

@capitanjackal, as you must already know that is a modjk2 error.. It appers tomcat is net running at all. Anyways I am not sure how to set up the portage version now but try to remerge it and check all the configs over again. 

Also everyone may want to look at this.. This was in 2004 so I am not sure what the deal is now.

http://jakarta.apache.org/tomcat/connectors-doc/news/20041100.html#20041115.1

```

15 November - JK2 is officially unsupported

JK2 has been put in maintainer mode and no further development will take place. The reason for shutting down JK2 development was the lack of developers interest. Other reason was lack of users interest in adopting JK2, caused by configuration complexity when compared to JK.

The latest official JK2 release is 2.0.4.

JK2 will have it's successor within core Apache2.1/2.2 distribution. We have developed new proxy_ajp that is an addition to the mod_proxy and uses Tomcat's AJP protocol stack. It is developped in httpd-2.1 and integrated in it. We have also developed a new proxy_balancer module for load balancing http and ajp protocol stacks.

JK will be fully supported for all other web servers. The next JK release is planned for the end of November. Lots of code from JK2 has been ported to JK

```

----------

## hybrid256

Hi,

Well, after at least 4 attempts and hours and hours of installation (building the whole OpenXchange configuration from scratch from Stage2 is a really long process !!), I finally have a working installation.

I followed the howto until the part where I change the default icons by the one provided by bitwhore and didn't go further since for instance, I want a working solution before  adding some other stuff such as Clam or Spam Assassin.

Here is my goal : I have 100 users currently using Outlook as a Microsoft Exchange client and of course, the Exchange that goes with it.

Part of my users have adresses in @clubaventure.fr, some in @sport-away.com and I want to add a @tourisport.fr which means that I'll have to deal with 3 domains and to make thing a bit more complicated, I want to be able to have at mximum, the 3 domains for one single user (ie aliases)

What I want from OX is to be able to do all this as much alike as possible.

That means : 

- using Outlook 2000 as the client (at least for a while) with OXLook

- beeing able to have something like the Global Address List when clicking on the "To:" button ...

- beeing able to share calendars, contacts, folders

- syncing informations between OXLook and the Web groupware.

- managing multiple domains, even for one user (ex : having the ability to have a john@sport-away.com, john@clubaventure.fr, etc etc ... which are only aliases of the same mailbox)

What I have now after completed the howto :

- the groupware is working, so does the mail system (at least for sending mails)

- I can't receive mails, I got this Apr  5 15:18:32 hermes2 postfix/lmtp[8531]: 309141026064: to=<walid@tourisport.fr>, relay=none, delay=0, status=deferred (connect to /var/imap/socket/lmtp[/var/imap/socket/lmtp]: Permission denied) but my postfiw user is in the mail group ... don't understand ...

- when I create an event in the calendar using the web ui, I can't get it in OXLook and when I create an event in OXLook, I can't get it on the web ui ... each system keeps it's own information.

- same situation with contacts

- tasks on the contrary are working, I mean, I can create tasks in OX and seeing them in OXLook and so does the contrary.

- how can I manage multiple domains ???

- in the webmail, I see only one folder, "inbox" but no drafts, no deleted elements, no junkbox, no sent elements ... everytime I send a mail, it's keeping a copy in the mailbox.

Well, that's all for now but solving at least those points would take me further to a complete replacement of Exchange and this is my personnal great motivation  :Razz: 

Thanks to all of you to help me in my St Graal's Quest !!!

----------

## dashnu

 *hybrid256 wrote:*   

> Hi,
> 
> Well, after at least 4 attempts and hours and hours of installation (building the whole OpenXchange configuration from scratch from Stage2 is a really long process !!), I finally have a working installation.
> 
> I followed the howto until the part where I change the default icons by the one provided by bitwhore and didn't go further since for instance, I want a working solution before  adding some other stuff such as Clam or Spam Assassin.
> ...

 

The anti virus is a walk in the park with the how to I would go for at least that.

 *hybrid256 wrote:*   

> 
> 
> Here is my goal : I have 100 users currently using Outlook as a Microsoft Exchange client and of course, the Exchange that goes with it.
> 
> Part of my users have adresses in @clubaventure.fr, some in @sport-away.com and I want to add a @tourisport.fr which means that I'll have to deal with 3 domains and to make thing a bit more complicated, I want to be able to have at mximum, the 3 domains for one single user (ie aliases)
> ...

 

I use virtual alias domains. in /etc/postfix/main.cf

```
virtual_alias_domains = fakedomain.com

virtual_alias_maps = hash:/etc/postfix/virtual

```

in /etc/postfix/virtual

```

# Fakedamain.com Aliases

# Root

root@fakedomain.com root

```

Then run..

```

postmap /etc/postfix/virtual ; postfix reload

```

That will give you a /etc/postfix/virtual.db that postfix can read and understand.

This all can be done via ldap to but i like the good ol way  :Wink: 

 *hybrid256 wrote:*   

> 
> 
> That means : 
> 
> - using Outlook 2000 as the client (at least for a while) with OXLook
> ...

 

my /etc/group

```

mail:x:12:mail,cyrus,postfix

```

Also this issue happens a lot i know for sure in this massive thread somewhere there is info to fix it.

 *hybrid256 wrote:*   

> 
> 
> - when I create an event in the calendar using the web ui, I can't get it in OXLook and when I create an event in OXLook, I can't get it on the web ui ... each system keeps it's own information.
> 
> - same situation with contacts
> ...

 

that is all i can help ya with for now,

----------

## Cuchulainn

When I try to login, I get an internal server error. When I check the apache error-log I see the following:

 *Quote:*   

> 
> 
> [Tue Apr 05 20:42:45 2005] [error] mod_jk2.handler() Error connecting to tomcat 120000, status 0
> 
> [Tue Apr 05 20:42:45 2005] [error] [client 10.0.0.11] File does not exist: /var/www/localhost/htdocs/favicon.ico
> ...

 

Any idea what is wrong?

Cheers, Cuchu

----------

## dans1234

I have open-xchange beta 5 up and running with relatively few problems following Mike's How-to (Thanks Mike). However, I just can't get OXlook to work. It's not a top priority for me because my users are used to using a webmail interface and they don't seem to care... I was just wondering if anyone has gotten OXLook to work properly. I'm using SSL according to Mike's guide so I use https://mail.oxdomain.tld

Thanks

----------

## Hibbelharry

hello guys,

i'm currently running rc1 and web guis and tools ork flawlessly so far using ~x86 apache/tomcat. since mod_jk2 gave me major headaches with apache seg'faulting all the time i tried to set up mod_jk instead of mod_jk2. since i reworked the whole setup to clean up somethings i'm currently running in a problem: webdav doesn't work as it should. webdav.documents works flawlessly, rss feeding of bookamrks to browser also works. i can import calendars via webdav.ical but i can't write anything into the calendar. i don't find any error messages in the logs. so my question:

has anyone a working ox setup using mod_jk and can post his configuration files for mod_jk ?

i strongly believe this is the issue of my problems.

any help or suggestions are really appreciated.

Greetz

Hibbelharry

----------

## Cuchulainn

Okay, I've got groupware up and running. When I try the webmail though, it says:

 *Quote:*   

> WebMail - OPEN-XCHANGE 0.8.0-beta4
> 
> !!! SYSTEM - ERROR !!!

 

What is going wrong here?

Cheers, Cuchu

----------

## bitwh0re

 *hybrid256 wrote:*   

> 
> 
> I followed the howto until the part where I change the default icons by the one provided by bitwhore and didn't go further since for instance, I want a working solution before  adding some other stuff such as Clam or Spam Assassin.
> 
> 

 

I'm currently trying to get DSPAM integrated into my OX install.. DSPAM is supposed to be more accurate than SA.  But I think you're going in the right direction -- get the base going, test, *then* extend.  :Smile: 

 *hybrid256 wrote:*   

> 
> 
> Here is my goal : I have 100 users currently using Outlook as a Microsoft Exchange client and of course, the Exchange that goes with it.
> 
> Part of my users have adresses in @clubaventure.fr, some in @sport-away.com and I want to add a @tourisport.fr which means that I'll have to deal with 3 domains and to make thing a bit more complicated, I want to be able to have at mximum, the 3 domains for one single user (ie aliases)
> ...

 

I know init-zero showed you how to do this with /etc/postfix/virtual and will probably want my head on a silver platter for mentioning this, but this could probably be done in LDAP as well.  IMO, LDAP would be the way to go (more centralized administration).. if you try this method and get it working, I'd be very interested in seeing how you did it.

Good Luck!

----------

## Cuchulainn

I am logged in to the groupware section, but I am not able to make an appointment or task. It seems to work, but the task/appointment is not made. What could be wrong here?

Cheers, Cuchu

----------

## dashnu

 *init-zero wrote:*   

> 
> 
> Then run..
> 
> ```
> ...

 

Jesus bitwh0re do you read before you type  :Twisted Evil:   :Twisted Evil:   :Twisted Evil: 

----------

## Dark_Hunter

Wow RC-1 is out.

Will try this version and write success or not  :Wink: 

Edit:

It functions perfectly =)

i just downloaded the source compiled it like in the tutorial - but something doesn't function, i added following lines:

```

 --with-dbhost=127.0.0.1 \

 --with-rootpw="ldapsecretpassword"

```

now it functions perfectly. Give it a try *YES*

----------

## Dark_Hunter

@bitwh0re:

Could you please change in WebmailSpellChecking the line:

```
<execute cmd="ispell -ddeutsch -a -P -H -Tlatin1"/>
```

to

 *Quote:*   

> <execute cmd="ispell -dgerman -a -P -H -Tlatin1"/>

 

Could be, that you mean the original content of the file.

But with 'german' it works like it should.

Thank You =)

----------

## bitwh0re

 *Boef wrote:*   

> 
> 
> Could you please change in WebmailSpellChecking the line:
> 
> ```
> ...

 

Are you saying that -ddeutsch doesn't work?  Could it be that you don't have the deutsch dictionary installed?  From the ispell man page it states that:

```
-d file    Specify  an  alternate dictionary file.  For example, use -d deutsch to choose a German dictionary in a German installation.

```

If it isn't working for you, could it be that you don't have a "German installation"?  You can find your installed dictionaries here:

```
/usr/lib/ispell

```

----------

## Dark_Hunter

 *bitwh0re wrote:*   

> 
> 
> Are you saying that -ddeutsch doesn't work?  Could it be that you don't have the deutsch dictionary installed?  From the ispell man page it states that:
> 
> 

 

Yes, i mean. I installed the german package (app-dicts/ispell-de).

 *bitwh0re wrote:*   

> 
> 
> ```
> -d file    Specify  an  alternate dictionary file.  For example, use -d deutsch to choose a German dictionary in a German installation.
> 
> ...

 

I read that too and wondered, i don't know why - but the dictionary is saved as /usr/lib/ispell/german.[hash/aff].

Thats why I change the option and now it is functioning. =)

----------

## gschinkel

Hi people,

Can anyone of you guys help me out with the following problem:

Apr  8 13:46:27 groupware slapd[22713]: conn=3 fd=10 ACCEPT from IP=81.173.4.90:50643 (IP=0.0.0.0:389)

Apr  8 13:46:27 groupware slapd[22754]: conn=3 op=0 BIND dn="cn=Manager,dc=example,dc=nl" method=128

Apr  8 13:46:27 groupware slapd[22754]: conn=3 op=0 BIND dn="cn=Manager,dc=example,dc=nl" mech=SIMPLE ssf=0

Apr  8 13:46:27 groupware slapd[22754]: conn=3 op=0 RESULT tag=97 err=0 text=

Apr  8 13:46:27 groupware slapd[22754]: conn=3 op=1 MOD dn="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=example,dc=nl"

Apr  8 13:46:27 groupware slapd[22754]: conn=3 op=1 MOD attr=member

Apr  8 13:46:27 groupware slapd[22754]: conn=3 op=1 RESULT tag=103 err=20 text=modify/add: member: value #0 already exists

Apr  8 13:46:27 groupware slapd[22754]: conn=3 op=1 RESULT tag=103 err=20 text=modify/add: member: value #0 already exists

Apr  8 13:46:27 groupware slapd[22754]: conn=3 op=2 UNBIND

Apr  8 13:46:27 groupware slapd[22754]: conn=3 fd=10 closed

This happens when I try to add a user with the following command:

/usr/local/open-xchange/sbin/adduser_ox --username="gschinkel" --passwd="test123" --name="schinkel" --sname="g" --maildomain="example.nl" --ox_timezone="GMT"

What might be wrong? The command output says it's first error is an SQL error, but I doubt that because all previous ldap (and SQL) statements seem to have gone well.

----------

## kblack

Need postfix help:

Got everything up and running but postfix stoped delivering to cyrus. Every message I sedn gets bounced because postfix detects it as a loop. Do I need to do anything in main.cf to tell postfix to deliver to cyrus?

----------

## )(MarksTheSpot

Hi,

I've been away sorting out a different machine, and now it's going great, I'm just trying to add a ox-user but it keeps saying that it can't find ldap.conf in my ox directory.

Can anyone post an example of a ldap.conf so I can add it to the dir and get going again? or is this s deeper problem that it appears?

Cheers,

Matt

[edit]

OK, since posting this, I've got the ldap.conf isue sorted, but I'm ow getting ldap error 89.

I can't find any reference to this in the log files, so I'm not sure what's going on...

Help!

[/edit]

----------

## )(MarksTheSpot

 *)(MarksTheSpot wrote:*   

> 
> 
> OK, since posting this, I've got the ldap.conf isue sorted, but I'm ow getting ldap error 89.
> 
> I can't find any reference to this in the log files, so I'm not sure what's going on...
> ...

 

Boy do I feel stupid, it was because I'd put whitespace in the ldap.conf file between the dc="" tags...

 :Embarassed: 

Ah well, Now I can login, just get a blank page though with a session id in the URL.

On to tracking that down...  :Smile: 

)(marks

----------

## )(MarksTheSpot

OK,

I rebooted and it's all good!  :Smile: 

Thanks for a great tuorial, now to just change the icons...  :Smile: 

)(marks

----------

## KirinSan

Hi All,

great tutorial. Certainly it's a lot of work and time in it.

I followed the tutorial, emerge software, configured it, and so on. So far I did not have any problems.

But when I typed the following command:

```
slapadd -l /usr/local/open-xchange/share/init_ldap.ldif
```

I'm getting this error: 

```
slapadd: could not parse entry (line=146)
```

At first I thought, I had made a typo, but when I edited this file, Line 146 was a blank one. When I removed this line, and ran the command again, he could not parse the next blank line. :Question: 

```

111: dn: uid=mailadmin,ou=Users,ou=OxObjects,dc=wiwi-gentoo,dc=testserver,dc=de

112: objectClass: top

113: objectClass: shadowAccount

114: objectClass: posixAccount

115: objectClass: person

116: objectClass: inetOrgPerson

117: objectClass: OXUserObject

118: OpenLDAPaci: 1#entry#grant;r,w,s,c;cn,initials,mail,title,ou,l,birthday,description,street,

  postalcode,st,c,oxtimezone,homephone,mobile,pager,facsimiletelephonenumber,

  telephonenumber,labeleduri,jpegphoto,loginDestination,sn,givenname,;r,s,c;[all]#self#

119: uidNumber: 501

120: homeDirectory: /home/mailadmin/

121: loginShell: /bin/bash

122: mailEnabled: OK

123: gidNumber: 500

124: mailDomain: wiwi-gentoo.testserver.de

125: ou: Administration

126: uid: mailadmin

127: sn: Admin

128: preferredLanguage: EN

129: mail: mailadmin@wiwi-gentoo.testserver.de

130: o: BDV

131: smtpServer: localhost

132: imapServer: localhost

133: alias: postmaster@wiwi-gentoo.testserver.de

134: alias: root@wiwi-gentoo.testserver.de

135: givenName: Admin

136: cn: Admin Admin

137: shadowMin: 0

138: shadowMax: 9999

139: shadowWarning: 7

140: shadowExpire: 0

141: userPassword: {crypt}TYVrC4Dwsnp8o

142: OXAppointmentDays: 5

143: OXGroupID: 500

144: OXTaskDays: 5

145: OXTimeZone: EST

146:

```

Line 118 is one line in the config-file

Anyone any idea?

Thanks for helping me!

KirinSan

----------

## bitwh0re

 *KirinSan wrote:*   

> Hi All,
> 
> ```
> 
> 118: OpenLDAPaci: 1#entry#grant;r,w,s,c;cn,initials,mail,title,ou,l,birthday,description,street,
> ...

 

It looks like OpenLDAP doesn't have ACI enabled.  If you were following the older howto (index.html) the edits you make to the OpenLDAP ebuild will get erased when you perform an emerge sync.  I have a more active HOWTO that you can follow here:

http://www.mikefetherston.ca/OX/html/index-new.html

----------

## les.piggot

Hi guys,

I've just followed Mikes Howto but for ox 0.8 rc1 release (& postgress 8.01). when I try to add a user to OX using adduser_ox, it fails, on the SQL addition (addusersql_ox script) with the following error:

java.sql.SQLException: ERROR: column "creating_date" is of type timestamp with time zone but expression is of type character varying

	at org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:1471)

	at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1256)

	at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:175)

	at org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:389)

	at org.postgresql.jdbc2.AbstractJdbc2Statement.executeWithFlags(AbstractJdbc2Statement.java:330)

	at org.postgresql.jdbc2.AbstractJdbc2Statement.executeUpdate(AbstractJdbc2Statement.java:282)

	at com.openexchange.tools.oxfolder.OXFolderAction.createFolder(OXFolderAction.java:194)

	at com.openexchange.tools.oxfolder.OXFolderAction.addUsersStandardFolder(OXFolderAction.java:730)

	at com.openexchange.tools.oxfolder.OXFolderAction.addUserToOXFolders(OXFolderAction.java:608)

	at com.openexchange.tools.oxfolder.OXFolderAction.main(OXFolderAction.java:107)

java.sql.SQLException: ERROR: column "creating_date" is of type timestamp with time zone but expression is of type character varying

	at org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:1471)

	at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1256)

	at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:175)

	at org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:389)

	at org.postgresql.jdbc2.AbstractJdbc2Statement.executeWithFlags(AbstractJdbc2Statement.java:330)

	at org.postgresql.jdbc2.AbstractJdbc2Statement.executeUpdate(AbstractJdbc2Statement.java:282)

	at com.openexchange.tools.oxfolder.OXFolderAction.createFolder(OXFolderAction.java:194)

	at com.openexchange.tools.oxfolder.OXFolderAction.addUsersStandardFolder(OXFolderAction.java:730)

	at com.openexchange.tools.oxfolder.OXFolderAction.addUserToOXFolders(OXFolderAction.java:614)

	at com.openexchange.tools.oxfolder.OXFolderAction.main(OXFolderAction.java:107)

java.sql.SQLException: ERROR: column "creating_date" is of type timestamp with time zone but expression is of type character varying

	at org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:1471)

	at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1256)

	at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:175)

	at org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:389)

	at org.postgresql.jdbc2.AbstractJdbc2Statement.executeWithFlags(AbstractJdbc2Statement.java:330)

	at org.postgresql.jdbc2.AbstractJdbc2Statement.executeUpdate(AbstractJdbc2Statement.java:282)

	at com.openexchange.tools.oxfolder.OXFolderAction.createFolder(OXFolderAction.java:194)

	at com.openexchange.tools.oxfolder.OXFolderAction.addUsersStandardFolder(OXFolderAction.java:730)

	at com.openexchange.tools.oxfolder.OXFolderAction.addUserToOXFolders(OXFolderAction.java:620)

	at com.openexchange.tools.oxfolder.OXFolderAction.main(OXFolderAction.java:107)

INSERT

Any else found this error, or any ideas how to solve it?

Cheers

Les

----------

## les.piggot

OK, seemed to be a issue with postgres 8.01, downgrades to 7.437. and SQL statemtn works correctly.

Cheers

Les

----------

## dashnu

 *les.piggot wrote:*   

> OK, seemed to be a issue with postgres 8.01, downgrades to 7.437. and SQL statemtn works correctly.
> 
> Cheers
> 
> Les

 

Good to know, I was going to upgrade to postgresql 8x  this weekend. Thanks for the heads up.

----------

## KirinSan

Hello again,

thx for your help. You were right, it was a missing --enable-aci statement. I forgot that I compiled openldap long time ago on my machine.

But now I got an error again. When I try to add a user via adduser_ox I get a LDAP Success and a SQL Error Deleting User from LDAP.

/var/log/messages gives nothing but when I start slapd I get these strange messages:

```

lapd[28673]: daemon: socket() failed errno=97 (Address family not supported by protocol)

sql_select option missing

auxpropfunc error no mechanism available

_sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002)

bdb_db_init: Initializing BDB database

slapd starting

```

Is it possible thats something wrong with my postgresql...I use postgresql 7.4.7-r1

As I had enough time I printed the tutorial and found a slight error in the "Configuring Postfix" section. There seems to be an overlapping table in the config section.  :Smile: 

Thank you for this great documentation

Greetz

Kirin

----------

## les.piggot

Guys,

Everything seems to be working but I'm not able to log into ox  :Sad: 

After loging on to the system I get redirected to 

http://172.16.2.111/servlet/intranet?SITE=beforeAuth&sessionID=3a43c09cbc5f029a96a79076fe878e64:

Not Found

The requested URL /servlet/intranet was not found on this server.

Apache/2.0.52 (Gentoo/Linux) mod_jk2/2.0.4 Server at domain.ltd Port 80

Any thoughts,

Cheers

Les

----------

## dashnu

```
 auxpropfunc error no mechanism available

_sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql 
```

 this is comming from a mail daemon correct?

Bitwh0re and I tried to figure this error out.. And had no luck yet. I think it may be a bug in gentoo somewhere.

```
lapd[28673]: daemon: socket() failed errno=97 (Address family not supported by protocol)

```

This is the error you should be looking into. I can not tell you off the top of my head what it is.

also this may be fishy too.

```
sql_select option missing 
```

I would confirm use flags and such in your packages. 'equery uses ldap'

----------

## dashnu

 *les.piggot wrote:*   

> Guys,
> 
> Everything seems to be working but I'm not able to log into ox 
> 
> After loging on to the system I get redirected to 
> ...

 

I would check over your mod_jk2 configs also make sure tomcat is running. You could look into your apache logs a bit more to see what is going on.

----------

## bitwh0re

 *init-zero wrote:*   

> 
> 
> ```
>  auxpropfunc error no mechanism available
> 
> ...

 

This sounds more like PostgreSQL is not accepting TCP/IP connections.  What makes me think it's Postgre and *not* OpenLDAP is the 'sql_select option missing'.  Enabling TCP/IP connections in Postgres is covered in this section:

http://www.mikefetherston.ca/OX/html/index-new.html#22

If this error is indeed being thrown by OpenLDAP and not Postgres then make sure that you have 'allow bind_v2' in your slapd.conf file.  It's order of placement matters, but slapd will tell you where to put it when you restart it.

WRT to the Postgres 8.x problems.. it could be that the 7.4 JDBC drivers were emerged which are probably not entirely compatible with Postgres 8.0.  It seems now that 8.0_p311 of the Postgres JDBC3 drivers have been released (unstable) as of April 12th.  You may want to try again as it seems Postgres 8.0 has been marked stable (April 4th) on x86.

----------

## KirinSan

Hello again,

thanx for your advices, but after hours of emerging, compiling and configuring I'm giving up.

I check all the conf files, but I did everything according to the documentation. Even postgres was configured correctly.

The errors ocurred while starting slapd.

```
slapd[1828]: daemon: socket() failed errno=97 (Address family not supported by protocol)

[1828]: sql_select option missing

[1828]: auxpropfunc error no mechanism available

[1828]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

[1828]: bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002)

[1828]: bdb_db_init: Initializing BDB database

[1835]: slapd starting

```

According to other postings the "sql_select option missing" statement comes from mysql database.

Could it be a problem to use mysql and postgres on one host?

 *Quote:*   

> If this error is indeed being thrown by OpenLDAP and not Postgres then make sure that you have 'allow bind_v2' in your slapd.conf file. It's order of placement matters, but slapd will tell you where to put it when you restart it.

 

I tested several placements, can you give me a better hint, where to put allow_bind_v2? At the moment it is configured like this:

```
allow bind_v2

backend         bdb

database        bdb

```

Greetz

KirinSan

----------

## Hibbelharry

seems like you should maybe check the following things:

```
slapd[1828]: daemon: socket() failed errno=97 (Address family not supported by protocol) 
```

this message informs you that not all address familys/protocols compiled into the openldap binaries can be used. normally  this means you've compiled the binaries with support for the new  and still in most places not usable IPv6 Protocol and/or if its usable at your site not enabled the sytem to use it.  You can control the enabled protocols on your machine in /etc/rc.conf. Although this is not fatal you should ask yourself whether this support is needed. current internet only relys on IPv4. check your useflags and recompile openldap. 

```

[1828]: sql_select option missing

[1828]: auxpropfunc error no mechanism available

[1828]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

```

this message informs you that you've compiled cyrus-sasl with either support for mysql/postgresql but not yet configured the binding correctly. since normal (howto-based) open-xchange setups don't rely on using sql to authenticate users in favour of openldap, this is normally unneeded. if you've not got a special setup simply recompile cyrus-sasl without any sql use flag or use the quick and dirty way: just delete every file with sql in its name from /usr/lib/sasl2 and restart saslauthd.

hope this gives you a clue what to do next.

Greetz

Hibbelharry

----------

## Hibbelharry

just noticed some of you are struggling around with pgsql 8.0.x...

i'm currently running pgsql 8.0.1 with connector 7.4.5. every newer connector i tried so far gave me more or less amounts of sql errors.  will stay with this combination for a while. using the old connector doesn't seem to be a problem.

Greetz again

Hibbelharry

----------

## les.piggot

hi guys,

OK, I'm baffled by this one at the moment, but its a mod_jk2 configuration error, but  I just can't find the bugger, what makes it worse is its probabily staring me in the face!  :Sad: 

Scenario: 

Login to open-xchange,  via the login page http://mydomain.com/cgi-bin/login.pl and then get an Interal Server Error

In the apache error log, I see

[Mon Apr 18 12:28:32 2005] [error] [client 172.16.2.3] -1<-, referer: http:/mydomain.com/cgi-bin/login.pl

[Mon Apr 18 12:28:32 2005] [error] channelApr.open() attempt to connect to 172.16.2.111:8009 (mydomain.com) failed 111

[Mon Apr 18 12:28:32 2005] [error] ajp13.connect() failed ajp13:mydomain.com:8009

[Mon Apr 18 12:28:32 2005] [error] ajp13.service() failed to connect endpoint errno=9 Bad file descriptor

[Mon Apr 18 12:28:32 2005] [error] ajp13.service() Error  forwarding ajp13:mydomain.com:8009 1 1

[Mon Apr 18 12:28:32 2005] [error] mod_jk2.handler() Error connecting to tomcat 120000, status 0

Software Versions as as Per Mike's Howto with the exception that its Gentoo 2005.0

Any ideas?

Cheers

Les

Config files:

Extract from /etc/conf.d/apache2:

#APACHE2_OPTS="-D SSL"

APACHE2_OPTS="-D JK2"

/etc/apache2/conf/modules.d/89_mod_jk2.conf

apollo conf # more /etc/apache2/conf/modules.d/89_mod_jk2.conf

<IfDefine JK2>

        <IfModule !mod_jk2.c>

                LoadModule jk2_module extramodules/mod_jk2.so

                JkSet config.file /etc/apache2/conf/workers2.properties

                # for extra piece of mind we can project the WEB-INF directory

                <Location "/jsp-examples/WEB-INF/">

                       AllowOverride None

                       deny from all

                </Location>

                # This is provided as an example of how to

                # map a webapp from tomcat to a path in

                # Apache.

                <Location "/jsp-examples/*">

                        JkUriSet worker ajp13:localhost:8009

                </Location>

        </IfModule>

/etc/apache2/con/workers2.properties:

[logger]

info=Native Logger

level=ERROR

[shm]

info=Scoreboard. Requried for reconfiguration and status with multiprocess servers.

file=anon

# Defines a load balancer named lb. Use even if you only have one machine.

[lb:lb]

# Example socket channel, override port and host.

[channel.socket:localhost:8009]

port=8009

host=localhost

[ajp13:localhost:8009]

channel=channel.socket:localhost:8009[ajp13:localhost:8009]

channel=channel.socket:localhost:8009

[uri:/jsp-examples/*]

worker=ajp13:localhost:8009

[channel.socket:greavessports.com:8009]

port=8009

host=greavessports.com

# define the worker

[ajp13:greavessports.com:8009]

channel=channel.socket:greavessports.com:8009

group=lb

# Map the Tomcat examples webapp to the Web server uri space

[uri:/examples/*]

group=lb

[status:]

info=Status worker, displays runtime information

[uri:/jkstatus/*]

info=The Tomcat /jkstatus handler

group=status:

[uri:/servlet/*]

worker=ajp13:greavessports.com:8009

[uri:/umin/*]

worker=ajp13:greavessports.com:8009

[uri:/servlet/webdav.contacts/*]

worker=ajp13:greavessports.com:8009

[uri:/servlet/webdav.calendar/*]

worker=ajp13:greavessports.com:8009

[uri:/servlet/webdav.ical/*]

worker=ajp13:greavessports.com:8009

[uri:/servlet/webdav.documents/*]

worker=ajp13:greavessports.com:8009

[uri:/servlet/webdav.folders/*]

worker=ajp13:greavessports.com:8009

[uri:/servet/webdav.projects/*]

worker=ajp13:greavessports.com:8009

[uri:/servlet/webdav.groupuser/*]

worker=ajp13:greavessports.com:8009

[uri:/servlet/webdav.attachments/*]

worker=ajp13:greavessports.com:8009

[uri:/servlet/webdav.freebusy/*]

worker=ajp13:greavessports.com:8009

[uri:/servlet/webdav.freebusy/*]

worker=ajp13:greavessports.com:8009

/opt/tomcat5/webapps/servlet/WEB-INF/web.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">

<web-app>

   <display-name>

      Open-Xchange Servlets and WebDAV

   </display-name>

   <description>

      Open-Xchange 0.8.0

   </description>

   <servlet>

      <servlet-name>intranet</servlet-name>

      <servlet-class>intranet</servlet-class>

   </servlet>

   <servlet>

      <servlet-name>webmail</servlet-name>   <servlet>

      <servlet-name>documents</servlet-name>

      <servlet-class>

         com.openexchange.webdav.documents

      </servlet-class>

      <init-param>

         <param-name>openexchange.propfile</param-name>

         <param-value>

            /usr/local/open-xchange/etc/groupware/system.properties

         </param-value>

      </init-param>

   </servlet>

   <servlet>

      <servlet-name>calendar</servlet-name>

      <servlet-class>

         com.openexchange.webdav.calendar

      </servlet-class>

      <init-param>

         <param-name>openexchange.propfile</param-name>

         <param-value>

            /usr/local/open-xchange/etc/groupware/system.properties

         </param-value>

      <servlet-class>webmail</servlet-class>

   </servlet>

----------

## bitwh0re

Try using localhost in place of mydomain.com and/or greavessports.com.  I don't think either of those will be resolving to 172.16.2.111.

----------

## les.piggot

Already tried replacing with localhost, just as I was posting it  :Sad:   greavessports.com is specified in the host files and on internal DNS for clients (yes I know its a very stupid name but it was late and I had too much caffine  :Rolling Eyes:  ) I'll re-emerge and see if that corrects the problem (you never know  :Wink:  )

Cheers

Les

----------

## KirinSan

Hey all,

finally open-xchange is working on my pc. Thank you all for your help. 

It was not an error with ipv6, but with the postgresql:(

Now I can do groupware and such things, but one little error keeps to appear:

When I'm adding a user to ox and later to cyrus only one folder is created. Folders like 'INBOX.Trash' doesn't exists. How can I create them?  :Smile: 

Greetings

KirinSan

----------

## les.piggot

Hi,

I've now got OX to startup and I can log in (reemerging tomcat and mod_jk2 appeared to clear down the tomcat errors) but if a user moves off the initial portal page, OX crashes.

Restarting, LDAP, apache, open-xchange and tomcat doesn't restart the server once the crash has occurred (a system reboot does however)

The apache error log file say (/var/log/apache2/error_log)

[Tue Apr 19 12:51:14 2005] [notice] Digest: generating secret for digest authentication ...

[Tue Apr 19 12:51:14 2005] [notice] Digest: done

[Tue Apr 19 12:51:15 2005] [notice] Apache/2.0.52 (Gentoo/Linux) mod_jk2/2.0.4 configured -- resuming normal operations

[Tue Apr 19 12:51:30 2005] [error] [client 172.16.2.145] -1<-, referer: http://172.16.2.111/cgi-bin/login.pl

[Tue Apr 19 12:51:30 2005] [error] channelApr.open() attempt to connect to 172.16.2.111:8009 (ox.greavessports.com) failed 111

[Tue Apr 19 12:51:30 2005] [error] ajp13.connect() failed ajp13:ox.greavessports.com:8009

[Tue Apr 19 12:51:30 2005] [error] ajp13.service() failed to connect endpoint errno=9 Bad file descriptor

[Tue Apr 19 12:51:30 2005] [error] ajp13.service() Error  forwarding ajp13:ox.greavessports.com:8009 1 1

[Tue Apr 19 12:51:30 2005] [error] mod_jk2.handler() Error connecting to tomcat 120000, status 0

Any ideas on where to go from here?

Cheers

Les

----------

## les.piggot

OK, looked through the catalina logs and found that I had a type  and that the openexchange system.properties file wasn't being read, oops!

OK, so I can consistantly log in and get the portal, however I cannot go anything with my basic user, is that meant to happen?

when I click on setup for example I get:

Sorry,

Details: acess denied

Les

----------

## dashnu

 *KirinSan wrote:*   

> Hey all,
> 
> finally open-xchange is working on my pc. Thank you all for your help. 
> 
> It was not an error with ipv6, but with the postgresql:(
> ...

 

err add the folders.. You can do it via a mail client or in the webmail part of the app.

----------

## dashnu

 *les.piggot wrote:*   

> OK, looked through the catalina logs and found that I had a type  and that the openexchange system.properties file wasn't being read, oops!
> 
> OK, so I can consistantly log in and get the portal, however I cannot go anything with my basic user, is that meant to happen?
> 
> when I click on setup for example I get:
> ...

 

AFIK the setup link is a differnt app you need to deploy ....bitwh0re ?

/me stuck with a production 7.5 server  :Sad: 

have not tested 8 yet

----------

## KirinSan

Hey again,

well...i tried to add different folders..even with ox, but i can't.

When I create a user for cyrus with cm user.Test the only folder, which is created is the inbox.

Normally it should create folders like drafts, sent and so on, or?

Greetings

KirinSan

----------

## Suicidal

Gonna give it a try, if it works (reliably) im gonna Ebay my 600 Exchange licenses, and buy a new server  :Razz: 

----------

## dashnu

 *Suicidal wrote:*   

> Gonna give it a try, if it works (reliably) im gonna Ebay my 600 Exchange licenses, and buy a new server 

 

w00h00 That is what we like to hear!

----------

## bitwh0re

 *init-zero wrote:*   

>  *les.piggot wrote:*   
> 
> when I click on setup for example I get:
> 
> Sorry,
> ...

 

Yes, you have to deploy umin.jar which happens here:

http://www.mikefetherston.ca/OX/html/index-new.html#34  (very first line)

and then here:

http://www.mikefetherston.ca/OX/html/index-new.html#35  (workers2.properties)

Are you getting "Access Denied" errors elsewhere, or just in the Setup link?

----------

## bitwh0re

 *KirinSan wrote:*   

> Hey again,
> 
> well...i tried to add different folders..even with ox, but i can't.
> 
> When I create a user for cyrus with cm user.Test the only folder, which is created is the inbox.
> ...

 

Yes, 0.7.5 *used* to do this upon first logon but it doesn't appear that OX 0.8 does.  Here is a script you can use:

http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=01&topic_id=1097702474

Mike

----------

## bitwh0re

ClarkConnect will be shipping an out-of-the-box OX server very soon:

http://www.clarkconnect.org/projects/groupware.php

http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=01&topic_id=1113865213

----------

## gschinkel

 *KirinSan wrote:*   

> Hey all,
> 
> finally open-xchange is working on my pc. Thank you all for your help. 
> 
> It was not an error with ipv6, but with the postgresql:(
> ...

 

Could you please tell us what you did to solve your problem? I'm stuck at the error you described in earlier posts.

TIA

----------

## ferp2

I just want to recommend the following to anyone who's planning on installing OX or is in the process of installing OX:

Don't use postgresql-8.0.1-r2 and/or jdbc3-postgresql-8.0_p311. They don't work and you will get an SQL ERROR when you try to add a user with OX. I downgraded both postgresql server and the jdbc3-postgresql driver and, lo and behold, I got the SQL SUCCESS message. Oh and another thing, you don't have to reinstall OX after changing the jdbc3 driver. It starts working right after you downgrade the jdbc3 driver. 

If you're downgrading, just specify the version you want as follows:

emerge =postgresql-7.4.7-r1

Run the following to erase the data dir which you already set up with postgresql-8.0.1-r2:

rm -rf /var/lib/postgresql/data/*

Now you can run the postgresql ebuild config step.

Good luck.

----------

## les.piggot

[quote]Are you getting "Access Denied" errors elsewhere, or just in the Setup link?[/quote]

There is something amiss with my installation I think. after logging into OX, all OX modules such as tasks, projects etc. are not present. Interestingly enough, only the "portal" button is shown in the top menu. Setup and Logout links are visable just under the menu. Its easier to show what I mean http://www.greavessports.com/openxchange.jpg demonstrates the problem.

So from this, I would assume that the webapps have not been deployed properly, although the files have been copied over and workers2.properties has been updated as per (i think??) the HOWTO

workers2.properties

[logger]

info=Native Logger

level=ERROR

[shm]

info=Scoreboard. Requried for reconfiguration and status with multiprocess servers.

file=anon

# Defines a load balancer named lb. Use even if you only have one machine.

[lb:lb]

[channel.socket:localhost:8009]

port=8009

host=127.0.0.1 

[ajp13:localhost:8009]

channel=channel.socket:localhost:8009

[uri:/jsp-examples/*]

worker=ajp13:localhost:8009

# Example socket channel, override port and host.

[channel.socket:ox.greavessports.com:8009]

port=8009

host=ox.greavessports.com

# define the worker

[ajp13:ox.greavessports.com:8009]

channel=channel.socket:ox.greavessports.com:8009

group=lb

# Map the Tomcat examples webapp to the Web server uri space

[uri:/examples/*]

group=lb

[status:]

info=Status worker, displays runtime information

[uri:/jkstatus/*]

info=The Tomcat /jkstatus handler

group=status:

[uri:/servlet/*]

worker=ajp13:ox.greavessports.com:8009

[uri:/umin/*]

worker=ajp13:ox.greavessports.com:8009

[uri:/servlet/webdav.contacts/*]

worker=ajp13:ox.greavessports.com:8009 

[uri:/servlet/webdav.calendar/*]

worker=ajp13:ox.greavessports.com:8009 

[uri:/servlet/webdav.ical/*]

worker=ajp13:ox.greavessports.com:8009 

[uri:/servlet/webdav.documents/*]

worker=ajp13:ox.greavessports.com:8009 

[uri:/servlet/webdav.tasks/*]

worker=ajp13:ox.greavessports.com:8009 

[uri:/servlet/webdav.folders/*]

worker=ajp13:ox.greavessports.com:8009 

[uri:/servlet/webdav.projects/*]

worker=ajp13:ox.greavessports.com:8009 

[uri:/servlet/webdav.groupuser/*]

worker=ajp13:ox.greavessports.com:8009 

[uri:/servlet/webdav.attachments/*]

worker=ajp13:ox.greavessports.com:8009 

[uri:/servlet/webdav.freebusy/*]

worker=ajp13:ox.greavessports.com:8009 

[uri:/servlet/webdav.freebusy/*]

worker=ajp13:ox.greavessports.com:8009 

Directory listing of /opt/tomcat5/webapps

total 4115

drwxr-xr-x  7 tomcat tomcat     432 Apr 21 11:48 .

drwxr-x---  9 tomcat tomcat     264 Apr 19 10:43 ..

drwxr-xr-x  3 tomcat tomcat     248 Apr 19 10:43 ROOT

drwxr-xr-x  4 tomcat tomcat     128 Apr 19 10:43 balancer

-rw-r--r--  1 root   root    352916 Apr 21 11:48 comfiretools.jar

-rw-r--r--  1 root   root    844807 Apr 21 11:48 intranet.jar

-rw-r--r--  1 root   root     52872 Apr 21 11:48 nas.jar

drwxr-xr-x  4 tomcat tomcat      96 Apr 21 11:48 servlet

-rw-r--r--  1 root   root   1962258 Apr 21 11:48 servlet.war

-rw-r--r--  1 root   root     10152 Apr 21 11:48 sessiond.jar

drwxr-xr-x  6 root   root       144 Apr 21 11:48 umin

-rw-r--r--  1 root   root     27258 Apr 21 11:48 umin.jar

-rw-r--r--  1 root   root    664792 Apr 21 11:48 umin.war

drwxr-xr-x  3 tomcat tomcat     168 Apr 19 10:43 webdav

-rw-r--r--  1 root   root     51719 Apr 21 11:48 webdav.jar

-rw-r--r--  1 root   root    223801 Apr 21 11:48 webmail.jar

From netstat the JK2 workers are running on port 8009 as per the definition in the workers2.properties 

Any ideas where my problem could be?

Cheers

Les

----------

## bitwh0re

 *les.piggot wrote:*   

> There is something amiss with my installation I think. after logging into OX, all OX modules such as tasks, projects etc. are not present. Interestingly enough, only the "portal" button is shown in the top menu. Setup and Logout links are visable just under the menu. Its easier to show what I mean http://www.greavessports.com/openxchange.jpg demonstrates the problem.
> 
> 

 

I've seen this before with usernames with a capital in them.. try a user with all lower case letters.

----------

## ulwur

 *Quote:*   

> Don't use postgresql-8.0.1-r2 and/or jdbc3-postgresql-8.0_p311. They don't work and you will get an SQL ERROR when you try to add a user with OX. I downgraded both postgresql server and the jdbc3-postgresql driver and, lo and behold, I got the SQL SUCCESS message. Oh and another thing, you don't have to reinstall OX after changing the jdbc3 driver. It starts working right after you downgrade the jdbc3 driver. 
> 
> If you're downgrading, just specify the version you want as follows:
> 
> emerge =postgresql-7.4.7-r1
> ...

 

I had the same problem, with Postgresql 8 and jdbc-postgresql 8 installed but got around this problem by just downgrading jdbc3-postgresql to 7.4.5

First I added "dev-java/jdbc3-postgresql ~x86" to /etc/portage/package.keywords and then

emerge =jdbc3-postgresql-7.4.5

Then I could run the adduser_ox script just fine!!

----------

## feliperal

As of this morning, the mod_j2k ebuild was removed from portage (www-apache).  So, I tried to build the sucker out of source.  I downloaded the most current version off of apache: jakarta-tomcat-connectors-jk2-2.0.4-src. Proceeded with configuring the source files:

```

$ mkdir /tmp/build/

$ cd /tmp/build && wget http://apache.mirrors.pair.com/jakarta/tomcat-connectors/jk2/jakarta-tomcat-connectors-jk2-src-current.tar.gz

$ tar -xvzf *.gz 

$ cd /tmp/build/jakarta-tomcat-connectors-jk2-2.0.4-src/jk/native2

$ chmod 0777 build.sh

$ ./build.sh

# must do this or the configure script will bitch that the compiler used to compile apache2 is different than the one to be used for mod_jk2

$ CC=x86_64-pc-linux-gnu-gcc ./configure --with-apxs2=/usr/sbin/apxs2 --with-jni --with-pcre

# okay, let's try to give it a shot and build it

$ make clean build

```

I get this error when trying to compile it:

```

$ make clean build

list=' server/apache2'; \

for i in $list; do \

        echo "Making $target in $i"; \

        if test "$i" != "."; then \

        (cd $i && make clean) || exit 1; \

fi; \

done;

Making  in server/apache2

make[1]: Entering directory `/tmp/build/jakarta-tomcat-connectors-jk2-2.0.4-src/jk/native2/server/apache2'

rm -rf ../../../build/jk2/apache2/*.lo ../../../build/jk2/apache2/*.la ../../../build/jk2/apache2/*.o ../../../build/jk2/apache2/*.a \

        ../../../build/jk2/apache2/.libs ../../../build/jk2/apache2/*.so ../../../build/jk2/apache2/usr/lib/apache2/modules/*.so \

        ../../../build/jk2/apache2/usr/lib/apache2/modules/*.la

make[1]: Leaving directory `/tmp/build/jakarta-tomcat-connectors-jk2-2.0.4-src/jk/native2/server/apache2'

list=' server/apache2'; \

for i in $list; do \

        echo "Making $target in $i"; \

        if test "$i" != "."; then \

        (cd $i && make) || exit 1; \

fi; \

done;

Making  in server/apache2

make[1]: Entering directory `/tmp/build/jakarta-tomcat-connectors-jk2-2.0.4-src/jk/native2/server/apache2'

mkdir -p ../../../build/jk2/apache2/usr/lib/apache2/modules

/bin/sh /usr/lib/apache2/build/libtool --silent  --mode=compile x86_64-pc-linux-gnu-gcc  -O2 -march=nocona -mtune=nocona -pipe -pthread    -DLINUX=2 -D_REENTRANT -D_XOPEN_SOURCE=500 -D_BSD_SOURCE -D_SVID_SOURCE -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE   -I../../include -I/usr/include/apache2 -I/usr/include/apr-0 -I/usr/include/apr-0 -I /opt/blackdown-jdk-1.4.2.01/include -I /opt/blackdown-jdk-1.4.2.01/include/linux  -DCHUNK_SIZE=4096 -DUSE_APACHE_MD5 -DHAVE_JNI -I/usr/local/include -DHAS_PCRE -c ../../common/jk_channel.c -o ../../../build/jk2/apache2/jk_channel.lo

/bin/sh: /usr/lib/apache2/build/libtool: No such file or directory

make[1]: *** [../../../build/jk2/apache2/jk_channel.lo] Error 127

make[1]: Leaving directory `/tmp/build/jakarta-tomcat-connectors-jk2-2.0.4-src/jk/native2/server/apache2'

make: *** [jk2-build] Error 1

```

I got the same error with the ebuild before it was removed from portage.  Any help or suggestions would be appreciated.

Thanks,

Felipe[/code]

----------

## bitwh0re

 *KirinSan wrote:*   

> 
> 
> Now I can do groupware and such things, but one little error keeps to appear:
> 
> When I'm adding a user to ox and later to cyrus only one folder is created. Folders like 'INBOX.Trash' doesn't exists. How can I create them? 
> ...

 

Suggested "fix" for that is here:

http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=01&topic_id=1114003156

----------

## bitwh0re

Oh and by the way, Open-Xchange v0.8 final has been released today.

----------

## pneum0nia

I am having emerge failures of mod_jk2-2.0.4 on apache-2.0.54 and noticed this on bugfix that noted that mod_jk2 is no longer supported and mod_jk is being backported and supported.  Is there any reason why I wouln't be able to implement mod_jk instead of mod_jk2 in my OX installation?

----------

## bitwh0re

 *pneum0nia wrote:*   

> I am having emerge failures of mod_jk2-2.0.4 on apache-2.0.54 and noticed this on bugfix that noted that mod_jk2 is no longer supported and mod_jk is being backported and supported.  Is there any reason why I wouln't be able to implement mod_jk instead of mod_jk2 in my OX installation?

 

I think that mod_jk is for Apache 1.3 and mod_jk2 is for Apache 2.0.  JK2 will be integrated as of Apache 2.1 which is currenly in Alpha.  You can reference the older instructions which used a JK2 binary here:

http://www.mikefetherston.ca/OX/html/index.html

Look in the section titled "Configure Apache for Tomcat"

----------

## ferp2

I recently setup OX and had everything working fine. Then I decided to change the domainname, so I went through all the config files and reentered the new domain name. I also did a rm /var/lib/openldap-data/* and rebuilt OX. You'd think that would have been enough for ldap to forget that the old domain ever existed, but when I created a new user and logged in as that user under the new domainname and then clicked the Setup link to make changes to the user information I got:

 *Quote:*   

> Sorry,
> 
> Details:
> 
> Access Denied!

 

Taking a look at the ldap log, I see:

```
Apr 22 15:51:32 max slapd[5835]: conn=37 fd=12 ACCEPT from IP=127.0.0.1:1254 (IP=0.0.0.0:389)

Apr 22 15:51:32 max slapd[6165]: conn=37 op=0 BIND dn="uid=xxxxx,ou=Users,ou=OxObjects,dc=olddomainname,dc=com" method=128

Apr 22 15:51:32 max slapd[6165]: conn=37 op=0 RESULT tag=97 err=49 text=

Apr 22 15:51:32 max slapd[5835]: conn=37 fd=12 closed
```

So, although I basically purged the olddomainname from ldap, it's still appearing in the logs and preventing me from accessing the user's info in OX.

I'm hoping someone might have a suggestions in this matter.

----------

## feliperal

 *bitwh0re wrote:*   

>  *pneum0nia wrote:*   I am having emerge failures of mod_jk2-2.0.4 on apache-2.0.54 and noticed this on bugfix that noted that mod_jk2 is no longer supported and mod_jk is being backported and supported.  Is there any reason why I wouln't be able to implement mod_jk instead of mod_jk2 in my OX installation? 
> 
> I think that mod_jk is for Apache 1.3 and mod_jk2 is for Apache 2.0.  JK2 will be integrated as of Apache 2.1 which is currenly in Alpha.  You can reference the older instructions which used a JK2 binary here:
> 
> http://www.mikefetherston.ca/OX/html/index.html
> ...

 

I tried downloading the fedorcore 1 binary.  Unfortunately, apache2 is complaining that it cannot load or open shared libary mod_jk2.so from /usr/lib/modules/ .  

I'm trying to run the i386 binary on my x86_64 machine.  I have multilib in my USE flags, so  I do  not know why it won't load the module.

Anyways, apache2 functionaly is present in mod_jk and I was able tocompile and install it with no problem.  The only thing now is to incorporate the config settings in workers2.properties to their correct equivalents for mod_jk.  I'll try to get it running this weekend and post my findings.

Felipe

----------

## Dark_Hunter

Works realy fine thanks to the documentation.

Thanks again =)

----------

## ferp2

One of the steps in the howto is to setup directories in the filespool directory using the command:

 *Quote:*   

> sh /usr/local/open-xchange/sbin/correctfilespool

 

Now in older versions of OX, you entered the above command and then were told to be patient while the directories were being set up. When I came to doing this step on the latest version (open-xchange-0.8.0-0), instead of the usual message to be patient, I got the following:

 *Quote:*   

> chmod: cannot access `/usr/local/open-xchange/var/filespool/00': No such file or directory
> 
> chmod: cannot access `/usr/local/open-xchange/var/filespool/00/00': No such file or directory
> 
> chmod: cannot access `/usr/local/open-xchange/var/filespool/00/01': No such file or directory
> ...

 

Thinking I had made a mistake, I reinstalled OX only to get the same message. Next I wrote to the OX user group describing the problem. I was told the following by one of the developers:

 *Quote:*   

> the filespool will be created if needed. You do not need to run 
> 
> ./correctfilespool while the installation ...

 

So, either this step has become obsolete in the lastest version of OX, or it was never necessary to manually run this bash script in the first place -- I don't know. In any case you don't have to run the correctfilespool script to get a functioning OX system.

----------

## )(MarksTheSpot

All,

I've got it all up and runnging and when I log into groupware, it looks great but I can't create anything.

I also get the following in webmail.log:

```

Unable to authentificate user at the imap server.

```

Can anyone help with why I might have this error?

I'm gonna try and upgrade to 8.0 final today and see if that works, but if anyone can help in the mean time, that would be great.

Thanks,

)(marks

----------

## inTIMidate

when i do the following: 

```

./configure --enable-webdav \ 

--with-mailjar=/usr/share/sun-javamail-bin/lib/mail.jar \ 

--with-activationjar=/usr/share/sun-jaf-bin/lib/activation.jar \ 

--with-jdomjar=/usr/share/jdom-1.0_beta10/lib/jdom.jar \ 

--with-xercesjar=/usr/share/xerces-2/lib/xercesImpl.jar \ 

--with-jsdkjar=/opt/tomcat5/common/lib/servlet-api.jar \ 

--with-jdbcjar=/usr/share/jdbc3-postgresql-1/lib/pg73jdbc3.jar \ 

--with-dbname=openexchange \ 

--with-dbuser=open-xchange \ 

--with-dbpass=oxen \ 

--with-runuid=apache \ 

--with-servletdir=/opt/tomcat5/webapps/servlet/ \ 

--with-htdocsdir=/var/www/localhost/htdocs/ \ 

--with-cgibindir=/var/www/localhost/cgi-bin/ \ 

--with-jni-dir=/opt/sun-jdk-1.4.2.08/include/ \ 

--with-openssl-dir=/usr/include/ 

```

i receive this error: 

```

configure: WARNING: you should use --build, --host, --target 

configure: WARNING: invalid host type: 

checking for a BSD-compatible install... /bin/install -c 

checking whether build environment is sane... yes 

/root/open-xchange-0.8.0-0/config/missing: Unknown `--run' option 

Try `/root/open-xchange-0.8.0-0/config/missing --help' for more information 

configure: WARNING: `missing' script is too old or missing 

checking for gawk... gawk 

checking whether make sets $(MAKE)... yes 

checking whether make sets $(MAKE)... (cached) yes 

checking for a BSD-compatible install... /bin/install -c 

checking for java... /opt/sun-jdk-1.4.2.08/bin/java 

checking for jikes... /opt/sun-jdk-1.4.2.08/bin/javac 

checking for jar... /opt/sun-jdk-1.4.2.08/bin/jar 

checking for ant... /usr/bin/ant 

checking for javah... /opt/sun-jdk-1.4.2.08/bin/javah 

checking for sudo... /usr/bin/sudo 

checking for -gcc... no 

checking for gcc... gcc 

checking for C compiler default output... a.out 

checking whether the C compiler works... yes 

checking whether we are cross compiling... no 

checking for suffix of executables... 

checking for suffix of object files... o 

checking whether we are using the GNU C compiler... yes 

checking whether gcc accepts -g... yes 

checking for gcc option to accept ANSI C... none needed 

checking for style of include used by make... GNU 

checking dependency style of gcc... gcc3 

checking build system type... config.sub: missing argument 

Try `config.sub --help' for more information. 

configure: error: /bin/sh config/config.sub failed 

./tim: line 2: --with-mailjar=/usr/share/sun-javamail-bin/lib/mail.jar: No such file or directory 

./tim: line 3: --with-activationjar=/usr/share/sun-jaf-bin/lib/activation.jar: No such file or directory 

./tim: line 4: --with-jdomjar=/usr/share/jdom-1.0_beta10/lib/jdom.jar: No such file or directory 

./tim: line 5: --with-xercesjar=/usr/share/xerces-2/lib/xercesImpl.jar: No such file or directory 

./tim: line 6: --with-jsdkjar=/opt/tomcat5/common/lib/servlet-api.jar: No such file or directory 

./tim: line 7: --with-jdbcjar=/usr/share/jdbc3-postgresql-1/lib/pg73jdbc3.jar: No such file or directory 

./tim: line 8: --with-dbname=openexchange: command not found 

./tim: line 9: --with-dbuser=open-xchange: command not found 

./tim: line 10: --with-dbpass=oxen: command not found 

./tim: line 11: --with-runuid=apache: command not found 

./tim: line 12: --with-servletdir=/opt/tomcat5/webapps/servlet/: No such file or directory 

./tim: line 13: --with-htdocsdir=/var/www/localhost/htdocs/: No such file or directory 

./tim: line 14: --with-cgibindir=/var/www/localhost/cgi-bin/: No such file or directory 

./tim: line 15: --with-jni-dir=/opt/sun-jdk-1.4.2.08/include/: No such file or directory 

./tim: line 16: --with-openssl-dir=/usr/include/: No such file or directory 

```

Anyone know a solution?

Could the mod_jk2 be the problem? because mod_jk2 isnt available anymore only mod_jk which is also masked.

----------

## bitwh0re

 *inTIMidate wrote:*   

> 
> 
> configure: error: /bin/sh config/config.sub failed 
> 
> ./tim: line 2: --with-mailjar=/usr/share/sun-javamail-bin/lib/mail.jar: No such file or directory 
> ...

 

No, I don't think that mod_jk2 is the source of the problems here.. it really isn't coming into play for the ./configure for Open-Xchange.  It appears to me that the ./configure script cannot find the files in the location that you've specified.  Are you possibly doing this as non-root?  Can you verify that these files exist in these locations as the user you're performing the ./configure as?

I'll be updating the HOWTO to use mod_jk and 2005.0.  It appears I misspoke earlier when I said that mod_jk is for Apache 1.3 and mod_jk2 is for Apache 2.0.  mod_jk will work fine for Apache 2.0.. there's even official documentation from the Apache Project covering this and a Gentoo Forums topic as well.

----------

## Hibbelharry

[quote="ferp2"]One of the steps in the howto is to setup directories in the filespool directory using the command:

 *Quote:*   

> sh /usr/local/open-xchange/sbin/correctfilespool

 

since OX 0.8 this command is obsolete,files and directories are created on the fly with right permissions when needed. if you're upgrading you should just make sure every already existing file should have the right owner.

bitwhore wrote

mod_jk is for apache 1.3 and mod_jk2 is for apache 2.0. this is apparently wrong. both, mod_jk and mod_jk2 work on apache 2.0. mod_jk2 is deprecated and unsupported. mod_jk ist actively maintained and lots of code from mod_jk2 has been backported to mod_jk.

apache 2.1 will have a successor for both beeing built in, which should work nearly similar to mod_jk (not mod_jk2) as far as apache mailinglists predict.

i'm currently using mod_jk successful, just having some webdav issues which i'm currently tracing, think they're not related to mod_jk. web frontends work beautiful and webdav.documents too.

Greetz

Hibbelharry

----------

## inTIMidate

Problem is fixed. 

The --with-jsdkjar=/ value was wrong.

----------

## inTIMidate

Im currently stuck at the point where i have to configure apache2 for tomcat and i want to get apache2 to work with mod_jk not mod_jk2.

There seems to be somthing wrong with the mod_jk file.

```
# /etc/init.d/apache2 start     

* Apache2 has detected a syntax error in your configuration files:

Syntax error on line 1 of /usr/lib/apache2/conf/modules.d/mod_jk.conf:

Cannot load /usr/lib/apache2/extramodules/mod_jk.so into server: /usr/lib/apache2/extramodules/mod_jk.so: undefined symbol: ap_null_cleanup

```

File: /usr/lib/apache2/conf/modules.d/mod_jk.conf

```
LoadModule jk2_module extramodules/mod_jk.so

JkSet config.file /etc/apache2/conf/workers2.properties

```

File: /etc/apache2/conf/workers2.properties

```

[logger]

info=Native Logger

level=ERROR

[shm]

info=Scoreboard. Requried for reconfiguration and status with multiprocess servers.

file=anon

# Defines a load balancer named lb. Use even if you only have one machine.

[lb:lb]

[channel.socket:localhost:8009]

port=8009

host=127.0.0.1

# define the worker

[ajp13:localhost:8009]

channel=channel.socket:localhost:8009

group=lb

[status:]

info=Status worker, displays runtime information

[uri:/servlet/*]

worker=ajp13:localhost:8009

```

Portage doesnt seem to support mo'd_jk2 anymore. So who has the solution for this problem?

----------

## les.piggot

Hi InTIMidate,

Look further up the page, Bitwhore thought that mod_jk is for Apache 1.3 and mod_jk2 is for Apache 2.0. JK2 will be integrated as of Apache 2.1 which is currenly in Alpha. You can reference the older instructions which used a JK2 binary here:

http://www.mikefetherston.ca/OX/html/index.html

Look in the section titled "Configure Apache for Tomcat"

Les

----------

## bitwh0re

 *les.piggot wrote:*   

> 
> 
> Look further up the page, Bitwhore thought that mod_jk is for Apache 1.3 and mod_jk2 is for Apache 2.0. JK2 will be integrated as of Apache 2.1 which is currenly in Alpha. You can reference the older instructions which used a JK2 binary here:
> 
> http://www.mikefetherston.ca/OX/html/index.html
> ...

 

I will be reworking the HOWTO for mod_jk, and then again for whatever Apache dreams up with 2.1.  For now, yeah, use the old instructions for the binary.

----------

## kblack

So what has been the easiest way to get OX to start on boot?

----------

## les.piggot

kblack:

Copy the openxchange startup script from  /usr/local/open-xchange/etc/init.d/openexchange to /etc/init.d

then to automatically start openexchange during the boot process run: rc-update add openexchange default

Les

----------

## bitwh0re

 *bitwh0re wrote:*   

>  *KirinSan wrote:*   Hey again,
> 
> well...i tried to add different folders..even with ox, but i can't.
> 
> When I create a user for cyrus with cm user.Test the only folder, which is created is the inbox.
> ...

 

Forget that.. use this instead:

http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=01&topic_id=1114003156

 *Quote:*   

> since OX 0.8-x it's configureable and disabled by default. check the webmail.properties for the option: user.default.folder.autocreate=false

 

----------

## killercow

Hmfgz,

Since my last atempt to get Ox working as it should (including webmail) didn;t work as expected i tried to redo the entire install with 0.8 final.

I reran all of the steps, and removed the databases where needed,. but not i get an error on make for openexchange.

./configure works perfectly.

make gives me a lot of this java error's and then:

```

............essfully compile.

    [javac]    393.                         descr = new Element("responsedescription", "D", "DAV:");

    [javac]                                             ^-----^

    [javac] *** Semantic Error: A candidate for type "Element" was found, but it is invalid and needs to be fixed before this type will successfully compile.

    [javac] Issued 1 semantic warning compiling "/root/open-xchange-0.8.0-0/src/com/openexchange/webdav/vcard.java":

    [javac]    159.                 String user = null;

    [javac]                                ^--^

    [javac] *** Semantic Warning: Local "user" shadows a field of the same name in "com.openexchange.tools.webdav.OXServlet".

BUILD FAILED

/root/open-xchange-0.8.0-0/build.xml:57: Compile failed; see the compiler error output for details.

Total time: 11 seconds

make[1]: *** [java] Error 1

make[1]: Leaving directory `/root/open-xchange-0.8.0-0/javabuild'

make: *** [all-recursive] Error 1

```

Any clues?

my configure command is as follows:

```

./configure --enable-webdav --with-mailjar=/usr/share/sun-javamail-bin/lib/mail.jar --with-activationjar=/usr/share/sun-jaf-bin/lib/activation.jar --with-jdomjar=/usr/share/jdom/lib/jdom.jar --with-xercesjar=/usr/share/xerces-2/lib/xercesImpl.jar --with-jsdkjar=/opt/tomcat5/common/lib/servlet-api.jar --with-jdbcjar=/usr/share/jdbc3-postgresql/lib/jdbc3-postgresql.jar --with-dbname=openexchange --with-dbuser=open-xchange --with-dbpass=oxen --with-runuid=apache --with-servletdir=/opt/tomcat5/webapps/servlet/ --with-htdocsdir=/var/www/localhost/htdocs/ --with-cgibindir=/var/www/localhost/cgi-bin/ --with-jni-dir=/opt/sun-jdk-1.4.2.08/include/ --with-openssl-dir=/usr/include/

```

----------

## bitwh0re

Latest HOWTO (v0.23) released.  Major change this time is the move from mod_jk2 to mod_jk.

http://www.mikefetherston.ca/OX/html/index.html

This HOWTO has been based on a completely fresh install of 2005.0 from Stage 1 using "x86" using Open-Xchange 0.8. The system you choose to install Open-Xchange on should match this as closely as possible, if not there may be some breakage or "things just don't work" type of situations.

Let me know how things go and, good luck to all!!

Mike.

----------

## bitwh0re

 *killercow wrote:*   

> 
> 
> /root/open-xchange-0.8.0-0/build.xml:57: Compile failed; see the compiler error output for details.
> 
> Total time: 11 seconds
> ...

 

It appears that it's failing on the webdav compile section:

```
file:  build.xml

56:        <target name="compilewebdav" depends="init">

57:                <javac srcdir="${srcdir}" destdir="${builddir}" debug="on" optimize="off" encoding="ISO8859-1">

58:                        <classpath>

59:                                <pathelement location="/opt/tomcat5/common/lib/servlet-api.jar"/>

60:                                <pathelement location="/usr/share/jdbc3-postgresql/lib/jdbc3-postgresql.jar"/>

61:                                <pathelement location="/usr/share/sun-javamail-bin/lib/mail.jar"/>

62:                                <pathelement location="/usr/share/sun-jaf-bin/lib/activation.jar"/>

63:                                <pathelement location="/usr/share/jdom-1.0_beta10/lib/jdom.jar"/>

64:                        </classpath>

65:                </javac>

66:        </target>

```

You can try temporarily disabling webdav, or verify the locations of the files in the <pathelement> lines above (those are mine).  I noticed that your jdom directory is a bit different than what portage installs.

----------

## killercow

BitW0re,

Thanks!

That did the trick, i copied your configure statement (as stated in the manual) as i hought you used the default settings.

Maybe you should use the default options everywhere so people can indeed blindly copy the commands from the manual. (i did so becuase i had some trouble with typo's while reading them from the PDF the last time.)

----------

## bitwh0re

 *killercow wrote:*   

> Thanks!
> 
> That did the trick, i copied your configure statement (as stated in the manual) as i hought you used the default settings.
> 
> Maybe you should use the default options everywhere so people can indeed blindly copy the commands from the manual. (i did so becuase i had some trouble with typo's while reading them from the PDF the last time.)

 

You're welcome killercow!

That was the default location for JDOM when v0.20 of the HOWTO was out.  Since then the latest stable version of JDOM was bumped and there were some path changes from /usr/share/jdom to /usr/share/jdom-1.0_beta10.  When 5.0.28 of Tomcat hits x86 I'm expecting it's path to change as well.

Check out the latest HOWTO, I just finished it and it works well with OX v0.8!

----------

## feliperal

 *bitwh0re wrote:*   

>  *killercow wrote:*   Thanks!
> 
> That did the trick, i copied your configure statement (as stated in the manual) as i hought you used the default settings.
> 
> Maybe you should use the default options everywhere so people can indeed blindly copy the commands from the manual. (i did so becuase i had some trouble with typo's while reading them from the PDF the last time.) 
> ...

 

Yes the path moved from /opt/tomcat5 to /usr/share/tomcat-5.  I tried running open-xchange with the newest tomcat and I get a sessionID error that complains about no socet being available.  :Sad:   Also, you will get a log4j error when starting the newest tomcat in portage.

----------

## bitwh0re

 *feliperal wrote:*   

>  *bitwh0re wrote:*   
> 
> That was the default location for JDOM when v0.20 of the HOWTO was out.  Since then the latest stable version of JDOM was bumped and there were some path changes from /usr/share/jdom to /usr/share/jdom-1.0_beta10.  When 5.0.28 of Tomcat hits x86 I'm expecting it's path to change as well.
> 
>  
> ...

 

Yup, you're right!  And the last time I tried Tomcat 5.0.28 out of ~x86 it really did not work at all.

----------

## lxnay

I've some problems. I've updated OX to 0.8.0 and I'd like to use Calendar via Kontact using WebDAV. I can read the file http://localhost/servlet/webdav.ical but I can't write back the changes:

here's some logs:

catalina:

```
ERROR: ICalWriter.build: java.lang.NullPointerException

java.lang.NullPointerException

   at com.openexchange.tools.ical.ICalWriter.output(ICalWriter.java:89)

   at com.openexchange.tools.ical.ICalWriter.output(ICalWriter.java:82)

   at com.openexchange.webdav.ical.doGet(ical.java:140)

   at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)

   at com.openexchange.tools.webdav.WebDavServlet.service(WebDavServlet.java:150)

   at com.openexchange.tools.webdav.OXServlet.service(OXServlet.java:330)

   at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)

   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)

   at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)

   at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)

   at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)

   at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:300)

   at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:374)

   at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:743)

   at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:675)

   at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:866)

   at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)

   at java.lang.Thread.run(Thread.java:534)

org.postgresql.util.PSQLException: ERROR: la colonna "fid" non esiste

   at org.postgresql.util.PSQLException.parseServerError(PSQLException.java:139)

   at org.postgresql.core.QueryExecutor.executeV3(QueryExecutor.java:152)

   at org.postgresql.core.QueryExecutor.execute(QueryExecutor.java:100)

   at org.postgresql.core.QueryExecutor.execute(QueryExecutor.java:43)

   at org.postgresql.jdbc1.AbstractJdbc1Statement.execute(AbstractJdbc1Statement.java:517)

   at org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:50)

   at org.postgresql.jdbc1.AbstractJdbc1Statement.executeQuery(AbstractJdbc1Statement.java:233)

   at com.openexchange.api.OXSqlObject.getNext(OXSqlObject.java:231)

   at com.openexchange.webdav.ical.createVEVENT(ical.java:289)

   at com.openexchange.webdav.ical.doGet(ical.java:132)

   at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)

   at com.openexchange.tools.webdav.WebDavServlet.service(WebDavServlet.java:150)

   at com.openexchange.tools.webdav.OXServlet.service(OXServlet.java:330)

   at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)

   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)

   at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)

   at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)

   at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)

   at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:300)

   at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:374)

   at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:743)

   at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:675)

   at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:866)

   at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)

   at java.lang.Thread.run(Thread.java:534)

org.postgresql.util.PSQLException: ERROR: la colonna "fid" non esiste

   at org.postgresql.util.PSQLException.parseServerError(PSQLException.java:139)

   at org.postgresql.core.QueryExecutor.executeV3(QueryExecutor.java:152)

   at org.postgresql.core.QueryExecutor.execute(QueryExecutor.java:100)

   at org.postgresql.core.QueryExecutor.execute(QueryExecutor.java:43)

   at org.postgresql.jdbc1.AbstractJdbc1Statement.execute(AbstractJdbc1Statement.java:517)

   at org.postgresql.jdbc2.AbstractJdbc2Statement.execute(AbstractJdbc2Statement.java:50)

   at org.postgresql.jdbc1.AbstractJdbc1Statement.executeQuery(AbstractJdbc1Statement.java:233)

   at com.openexchange.api.OXSqlObject.getNext(OXSqlObject.java:231)

   at com.openexchange.webdav.ical.createVTODO(ical.java:306)

   at com.openexchange.webdav.ical.doGet(ical.java:136)

   at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)

   at com.openexchange.tools.webdav.WebDavServlet.service(WebDavServlet.java:150)

   at com.openexchange.tools.webdav.OXServlet.service(OXServlet.java:330)

   at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)

   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)

   at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)

   at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)

   at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)

   at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:300)

   at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:374)

   at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:743)

   at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:675)

   at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:866)

   at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)

   at java.lang.Thread.run(Thread.java:534)

ERROR: ICalWriter.build: java.lang.NullPointerException

java.lang.NullPointerException

   at com.openexchange.tools.ical.ICalWriter.output(ICalWriter.java:89)

   at com.openexchange.tools.ical.ICalWriter.output(ICalWriter.java:82)

   at com.openexchange.webdav.ical.doGet(ical.java:140)

   at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)

   at com.openexchange.tools.webdav.WebDavServlet.service(WebDavServlet.java:150)

   at com.openexchange.tools.webdav.OXServlet.service(OXServlet.java:330)

   at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)

   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)

   at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)

   at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)

   at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

   at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

   at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)

   at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)

   at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:300)

   at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:374)

   at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:743)

   at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:675)

   at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:866)

   at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)

   at java.lang.Thread.run(Thread.java:534)

```

There's "fid" column problem and wedav write file problem.

----------

## killercow

I managed to get everything up and running, but there are two last problems.

My webdav doesn't do much. webdav.ical gives me a prompt and when i enter my data i get an error stating that my user doesn't belong to any groups.

If i connect to webdav.documents i get the following error:

```

javax.servlet.ServletException: Can't access the filespool: Permission denied

   com.openexchange.webdav.documents.oxinit(documents.java:122)

   com.openexchange.tools.webdav.OXServlet.init(OXServlet.java:136)

   org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)

   org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)

   org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:300)

   org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:374)

   org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:743)

   org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:675)

   org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:866)

   org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)

   java.lang.Thread.run(Thread.java:534)

```

Could this be because the shellscript creating the filespool didn't do anything? (all the chmod's gave me file not found errors)

And there's a last question:

How can i share my contacts database with my co-workers?

Have they disabled this in 0.8? (as we would like to share "parts" of our contacts databases with each other.)

----------

## bitwh0re

 *lxnay wrote:*   

> I've some problems. I've updated OX to 0.8.0 and I'd like to use Calendar via Kontact using WebDAV. I can read the file http://localhost/servlet/webdav.ical but I can't write back the changes:
> 
> There's "fid" column problem and wedav write file problem.

 

What version are you upgrading from?

----------

## bitwh0re

 *killercow wrote:*   

> I managed to get everything up and running, but there are two last problems.
> 
> My webdav doesn't do much. webdav.ical gives me a prompt and when i enter my data i get an error stating that my user doesn't belong to any groups.
> 
> If i connect to webdav.documents i get the following error:
> ...

 

Can you access your documents from the web interface, or does that fail as well?

For your contacts, I'm sure you can by connecting to the LDAP server to access your contacts.  You may have to tinker with the ACL's on your LDAP tree.

----------

## killercow

 *bitwh0re wrote:*   

> 
> 
> Can you access your documents from the web interface, or does that fail as well?
> 
> For your contacts, I'm sure you can by connecting to the LDAP server to access your contacts.  You may have to tinker with the ACL's on your LDAP tree.

 

Nope, even uploading a files gives me problems.

- An error ocurred saving the documents to the database

----------

## bitwh0re

 *killercow wrote:*   

>  *bitwh0re wrote:*   
> 
> Can you access your documents from the web interface, or does that fail as well?
> 
> For your contacts, I'm sure you can by connecting to the LDAP server to access your contacts.  You may have to tinker with the ACL's on your LDAP tree. 
> ...

 

It seems by the above trace that OX is having trouble accessing your filespool due to a permissions problem.  Here is what my filespool looks like:

```
/usr/local/open-xchange/var

drwxr-xr-x   2 tomcat nogroup  72 Apr 27 08:50 filespool
```

```
/usr/local/open-xchange/var/filespool

ox filespool # ls -al

total 4

drwxr-xr-x  3 tomcat nogroup  96 Apr 29 06:38 .

drwxr-xr-x  8 root   root    216 Apr 27 08:50 ..

drwxr-xr-x  3 tomcat tomcat   72 Apr 29 06:38 00

-rw-r--r--  1 tomcat tomcat   15 Apr 29 06:38 state
```

HTH,

Mike.

----------

## Tanisete

Hi to all!!

I've spent hours with the tutorials, forums, and all, and i'm unable to make this work... I have a few problems right now:

- First, i can't connect with cyrus imap server. I only have imapd server (no port 143, and 993 is ok). So that, i cannot add a user with cyrusadmin. My cyrus.conf is:

```
SERVICES {

  # Add or remove based on preferences.

  imap          cmd="imapd" listen="imap2" prefork=0

  pop3          cmd="pop3d" listen="pop-3" prefork=0

  imaps         cmd="imapd -s" listen="imaps" prefork=0

  pop3s         cmd="pop3d -s" listen="pop3s" prefork=0

  # Don't forget to generate the needed keys for SSL or TLS

  # (see doc/html/install-configure.html).

  #imaps                cmd="imapd -s" listen="imaps" prefork=0

  #pop3s                cmd="pop3d -s" listen="pop3s" prefork=0

  sieve         cmd="timsieved" listen="sieve" prefork=0

 

```

EDIT: OK, Forget this one... i think i'm a bit obscure right now... The important one is the ldap one.

 - Second, i had a strange error with LDAP, 

[/code]

Apr 29 22:06:18 krynn slapd[17789]: conn=5 op=0 RESULT tag=97 err=0 text=

Apr 29 22:06:18 krynn slapd[17789]: conn=5 op=1 ADD dn="uid=inmi,ou=Users,ou=OxObjects,dc=ox-domain,dc=tld"

Apr 29 22:06:18 krynn slapd[17789]: conn=5 op=1 RESULT tag=105 err=80 text=entry store failed

Apr 29 22:06:18 krynn slapd[17789]: conn=5 op=1 RESULT tag=105 err=80 text=entry store failed

```

```

so i had to follow some instructions i found in the german forum of open-xchange (with altavista  :Very Happy:  ):

```
/etc/init.d/slapd stop

rm /var/lib/openldap-data/*

slapadd l /usr/local/open-xchange/share/init_ldap.ldif

/etc/init.d/slapd start

```

But now, i can only start the ldap daemon manually!!! The daemon doesn't start with the default gentoo script...

Can anyone give me a clue or help me?

Thanks a lot!!!!

----------

## Tanisete

Ok, i got it running after all...

But i'm having strange problems ritgh now.

I also have kde installed, but when i start all the services that run with openxchange, kde failts with rpc timeout... is something interferring? do they share any kind of socket? I can't understand why this happens...

Thanks in advance!!!

----------

## feliperal

Bitwhore, your guide is well written, and a pleasure to read.  Just a few suggestions.

In the first part, where you are configuring the /etc/hosts file, I would set it like this:

```

12.34.56.78 ox-domain.tld ox-domain

```

I had to do it this way in order to properly resolve when running hostname -f or starting the /etc/init.d/postfix service.  Postfix will not start without doing the above.

Second, you should give execute permissions to the openexchange init.d file we created init /etc/init.d/

```

chmod u+x /etc/init.d/openexchange

env-update

rc-update add openexchange default

/etc/init.d/openexchange start

```

Now, to my problem. I was able to create a user using the open-xchange adduser utility.  Unfortunately, when I try to login, I'm getting a Authentication Failed error:

```

May 01 08:00:33 localhost openexchange: oxsessiond init (localhost:33333)

May 01 08:00:33 localhost openexchange: INTERNAL TLS Support: OFF

May 01 08:02:41 localhost openexchange: ERROR: Authentification failed

May 01 08:04:57 localhost openexchange: ERROR: Authentification failed

May 01 08:05:09 localhost openexchange: ERROR: Authentification failed

May 01 08:19:36 localhost openexchange: ERROR: Authentification failed       
```

I have checked my saslauthd.conf file and changed the 

```
ldap_servers: ldap://ox-domain.tld:389/ 
```

to:

```

ldap_servers: ldap://localhost:389/ 
```

also, I made sure that the ldapsecret password was the same as in slapd.conf and in the /usr/local/open-xchange/share/admintools.conf.

Any help would be greately appreciated.  I've been scratching my head and banging it against the wall for hours  :Sad: 

Thanks,

Felipe

----------

## Tanisete

Hi again!!

Finally i got it working... thanks for the great tutorial mike! I would like also to add that, the package.use you provide is wrong in some package's name, like "oro", that is "jakarta-oro". Anyway, great!! I will read more to finish ssl support.

----------

## inTIMidate

I think i almost got everything up and running, only groupware isn't functioning...

I can succesfully login to webmail and everything works.

I can succesfully login to groupware BUT i get a blank page

What could cause this problem?

groupware.log

```
May 02 17:06:11 localhost openexchange: getSession <c1e798295dc40ca159cacb8459ecf4d8>

May 02 17:06:11 localhost openexchange: dGltAXRlc3QBRU4BMTkyLjE2OC4wLjI3ATE5Mi4xNjguMC4yMQ==

May 02 17:06:11 linux_PC openexchange: Attribute "imapServer" not set in "uid=mailadmin,ou=Users,ou=OxObjects", using localhost!

May 02 17:06:11 linux_PC openexchange: Attribute "smtpServer" not set in "uid=mailadmin,ou=Users,ou=OxObjects", using localhost!

java.lang.NullPointerException

        at com.openexchange.groupware.ldap.DefaultUserGroupHandle.getForeSureName(DefaultUserGroupHandle.java:562)

        at com.openexchange.groupware.Management.onCheckUserAuth(Management.java:491)

        at com.openexchange.thread.ComfireThread.validateSession(ComfireThread.java:386)

        at com.openexchange.thread.ComfireThread.run(ComfireThread.java:158)

        at java.lang.Thread.run(Thread.java:534)

```

----------

## Tanisete

have you inited the ldap server? It seems that you missed something in the ldap config...

Revise this section in the tutorial:

http://www.mikefetherston.ca/OX/html/index.html#33

It may be related to a bad dc in slapd.conf... 

I hope it helps!

----------

## ferp2

Hello,

I've set up OX on Gentoo using Mike's 0.22 howto and 2005.0. Everything is working except I can't get the mod_rewrite to work. In Mike's howtos he says the following about redirects:

 *Quote:*   

> You may want to create a 302 or an HTML file with a META REFRESH to redirect the user to the HTTPS server.

 

Now I've done that by putting a file called index.html (containing a META REFRESH) in the DocumentRoot, which is /var/www/localhost/htdocs. As a result, now if you explicitly enter https://sub.domain.tld, Apache will redirect you to https://sub.domain.tld/cgi-bin/login.pl.

Most users, however, will not enter https://sub.domain.tld. They will enter sub.domain.tld. By default, the browser client will attach http://sub.domain.tld and then fetch the URL. In my case I get a 400 Bad Request Error, telling me the Apache server is not setup to serve pages on port 80, and that instead you'll have to go to port 443, since Apache has been set up with SSL. The 400 Bad Request Error page also conveniently provides a link to the https port, but since DNS is pointing to sub.domain.tld while server knows itself as domain.tld, the link leads to a dead end. Regardless, the way I would like things to be set up is as follows:

A user enters sub.domain.tld, which becomes http://sub.domain.tld. The Apache server, using mod_rewrite, redirects the user to https://sub.domain.tld/cgi-bin/login.pl, the OX login page.

Easy enough, you might say, but when I create the mod_rewrite code, either in commonapache.conf or a .htaccess file, it is ignored and I once again find myself on the 400 Bad Request Error page.

I have searched high and low for a solution. Init_zero has offered a solution using a virtual host, but the domain I've setup is not being virtually hosted, so this is not a solution for me. Since sub.domain.tld is the only domain hosted on the system, I should be able to put a .htaccess file in DocumentRoot, which is /var/www/localhost/htdocs, or I should be able to put the mod_rewrite code in commonapache.conf or one of the SSL conf files. Alas, no matter where I have put this code, the result is always for Apache to send me a 400 Bad Request Error page.

I would be ecstatic if someone could reproduce this persistent error. If you are so inclined, here's the mod_rewrite code for entering into a .htaccess or commonapache.conf

```
RewriteEngine On

RewriteCond %{SERVER_PORT} !^443$

RewriteRule ^/(.*)$ https://ox.dfsarchitects.com/cgi-bin/login.pl/ [R]
```

Or some such variation.

Thanks

----------

## carpman

hello, i have a problem configuring OX, during install i get:

```

jc_options: java not found at /opt/sun-jdk-1.4.2.07/bin/java or /opt/sun-jdk-1.4.2.07/jre/bin/java

Error: JAVA_HOME is not defined correctly.

```

I have updated from 07 to 08, if i run java-config -f i get:

```

smaart open-xchange-0.8.0-0 # java-config -f

smaart open-xchange-0.8.0-0 #

```

This does not change even if i do:

```

smaart open-xchange-0.8.0-0 # java-config -S sun-jdk-1.4.2.08

System Virtual Machine set

You may want to update your enviroment by running:

        "/usr/sbin/env-update && source /etc/profile"

```

```

smaart open-xchange-0.8.0-0 # java-config -L

[sun-jdk-1.4.2.08] "Sun JDK 1.4.2.08" (/etc/env.d/java/20sun-jdk-1.4.2.08)

```

Any ideas?

cheers

----------

## carpman

Hello, ok run:

```

source /etc/profile

```

Now i get:

```

java-config -L

[sun-jdk-1.4.2.08] "Sun JDK 1.4.2.08" (/etc/env.d/java/20sun-jdk-1.4.2.08)

```

but still fails on compile, in compile config i have:

```

--with-jni-dir=/opt/sun-jdk-1.4.2.08/include/ \

```

----------

## killercow

Changing the permissions to tomcat, changed some things.

I now get:

An error ocurred saving the documents to the database.

Any clues?

----------

## Grokinator

Hello Everyone.

I have been using Mike's HOWTO and reading from this thread, and I've managed to get pretty far in the setup of OX.  I just wanted to add this bit of info to the thread:

I've been using the address extension delimiter through postfix.  That is, when anyone sends an email to greg-<whatever> at mydomain_com, it goes to the email inbox of "greg".  However, following this HOWTO, cyrus didn't recognize the <account>-<whatever> format.  I changed the mailbox_transport setting in Postfix's main.cf and the cyrus setting in Postfix's master.cf as follows:

Changes to main.cf:

```

#mailbox_transport = lmtp:unix:/var/imap/socket/lmtp

mailbox_transport = cyrus

```

Fix the path to "deliver" in master.cf as follows:

```

  user=cyrus argv=/usr/lib/cyrus/deliver -e -r ${sender} -m ${extension} ${user}

```

Oh, I had to make sure I added "local_recipient_maps =" to main.cf.  I'm not sure that was specified in the HOWTO or if I just missed it in there.  That lets lookups work for users who only exist in LDAP (i.e. not local accounts).

Well, good luck to everyone.  

Oh, if anyone reads this and happens to know of a way to export my maildir to the cyrus db, please PM me.

Thanks!

G

----------

## bitwh0re

New release of OX today.  v0.80-1 is out!!

----------

## rickvernam

Okay, bare with me as I have never setup a mail server in my life.

I have been following the How-To religiously, but cannot get past the first functionality check: using postfix to send an email.

here is the log after I try to send an email:

 *Quote:*   

> 
> 
> May  5 11:23:35 oxdomain postfix/smtpd[15324]: connect from unknown[192.168.2.120]
> 
> May  5 11:23:35 oxdomain postfix/smtpd[15324]: 7349357A60: client=unknown[192.168.2.120]
> ...

 

I have been searching for the problem for about a day or so.  Perhaps if I new the problem, I could find a solution...or the solution.

So, perhaps this is some trivial thing, but having absolutely no experience, I don't know where to turn...

Any direction would be greatly appreciated.

TIA

-Rick

----------

## Grokinator

Rick,  

Sounds like the problem is in your LDAP configuration.  Either the LDAP server itself or the configuration of Postfix to communicate with it.  

You can verify openLDAP is listening by using nmap (emerge nmap) and scanning your local host.  "nmap localhost" will do it.  Then it will tell you all the ports your local machine has open.  389 should be there.  If you see a 636, but no 389 then your server is configured for secure LDAP, but not normal LDAP.

Post your postfix main.cf file if you want, and possibly your /etc/openldap/ldap.conf.

Do a "grep -v "#" /etc/postfix/main.cf" to output your main.cf file w/o all the commented stuff.

Regards,

Greg

----------

## bitwh0re

 *rickvernam wrote:*   

> Okay, bare with me as I have never setup a mail server in my life.
> 
> I have been following the How-To religiously, but cannot get past the first functionality check: using postfix to send an email.
> 
> here is the log after I try to send an email:
> ...

 

It could be that postfix is using dns to find out what the ip address is for oxdomain.tld and not consulting your /etc/hosts file.  Try setting entries in your hosts file, or use localhost instead of ox-domain.tld for your postfix/ldap configuration.

----------

## Grokinator

Excellent point!  The hosts file could be the prob, too.

Bit, do you know what's significant about the 0.8.0-1 release?  I have been having problems with windows webdav clients not being able to save to a webdav folder.  It's really weird.  I can copy things there, but not save directly.

Greg

----------

## ptparif

i've been trying to get OX running here, and have been following through the how-to.

I'm up to the point where I do slapadd -l /usr/local/openxchange/share/init_ldap.ldif and I get a segmentation fault.

Interestingly, when I do a slapcat, I also get a segmentation fault.

Any ideas on what I can do to get this working?

thanks

----------

## Grokinator

Are you running a hardened kernel?

Greg

----------

## ptparif

 *Grokinator wrote:*   

> Are you running a hardened kernel?
> 
> Greg

 

Nope, at least I don't think so - I ran through a fresh install really quickly and used genkernel with gentoo-sources.  From what I remember, that's not a hardened kernel.

----------

## Grokinator

No, I don't think that has any PAX features in it.  Is there anything interesting in your logs when things segfault?

I might try rebuilding openLDAP, but it's up to you.

Greg

----------

## ptparif

 *Grokinator wrote:*   

> No, I don't think that has any PAX features in it.  Is there anything interesting in your logs when things segfault?
> 
> I might try rebuilding openLDAP, but it's up to you.
> 
> Greg

 

Ack.  it's fixed.  chalk it up to a hastily edited slapd.conf

or, put differently, the problem was between the keyboard and chair.

 :Embarassed: 

----------

## Grokinator

Hehe, well, better that than some insanely obscure bug that just happens to only affect system exactly like the one you're using.  :Smile: 

----------

## rickvernam

 *grokinator wrote:*   

> 
> 
> Sounds like the problem is in your LDAP configuration. Either the LDAP server itself or the configuration of Postfix to communicate with it. 
> 
> 

 

The part of the How-To that instructs to test postfix by sending email to known working email account is prior to doing anything LDAP.

 *bitwh0re wrote:*   

> 
> 
> It could be that postfix is using dns to find out what the ip address is for oxdomain.tld and not consulting your /etc/hosts file. Try setting entries in your hosts file, or use localhost instead of ox-domain.tld for your postfix/ldap configuration.
> 
> 

 

Thats what I was suspecting as well, but I shadowed the examples in the How-To, including /etc/hosts.  Just now I set everything in /etc/postfix/main.cf to localhost, as said in the How-To, and am getting same errors...

grep -v "#" /etc/postfix/main.cf:

```

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

mail_owner = postfix

mydomain = localhost

myorigin = $mydomain

inet_interfaces = all

mydestination = $mydomain,hobi.com

local_recipient_maps =

unknown_local_recipient_reject_code = 550

alias_maps = ldap:ldapsource

ldapsource_server_host = localhost

ldapsource_search_base = dc=localhost

ldapsource_query_filter = (mail=%s)

ldapsource_result_attribute = mail

lmtp_cache_connection = NO

mailbox_transport = lmtp:unix:/var/imap/socket/lmtp

debug_peer_level = 2

debugger_command =

         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

         xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /etc/postfix

readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme

default_destination_concurrency_limit = 2

alias_database = hash:/etc/mail/aliases

local_destination_concurrency_limit = 2

home_mailbox = .maildir/

```

This is how it came default after emerge, plus the instructions in the How-To, if I am not mistaken...

Thanks for the Help!!

-Rick

----------

## Grokinator

If you are gonna want to use OX as the email server for your hobi.com domain, then I would configure your OX installation to use dc=hobi,dc=com instead of the generic oxdomain.tld.  

I would change these settings in your main.cf file:

mydomain = hobi.com

(add) myhostname = <machinename>.hobi.com

mydestination = localhost, $mydomain, $myhostname

(add: sub in your local net) mynetworks = 192.168.0.0/16, 127.0.0.0/8

ldapsource_search_base = dc=hobi,dc=com

I actually skipped the "testing postfix" step.  If LDAP isn't properly set up or started, then postfix won't be able to do any lookups on it.  

I would go on with configuring your LDAP server and the rest of the steps.  Postfix is pretty easy to go back and reconfigure once you get the rest of the stuff going.

----------

## rickvernam

excellent.  I will accept a failing postfix for the time being and move along.  Thanks!

----------

## rickvernam

okay, how about this one...

telnet ox-domain.tld imap does not work

telnet ox-domain.tld ldap spits out exactly what the How-To says I should get for the above command...

So, either something I've got setup is wrong, or the How-To needs a minor typo fix..

Any idea?

----------

## giulianoz

Hi,

 I think I've followed closely the guide up to the point where I have to test the tomcat server. if I point to my http://localhost:8080/ page what I receive is a blank pace (contains 

```
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title></title></head><body></body></html>
```

. I've checked the logs for tomcat, apache, messages but there's nothing in. tomcat started correctly and the webapps path is set to the right directory.

any idea about this ?

thanks

giuliano

----------

## hybrid256

Hi all,

Well well ... I tried -again- to have a working OX based on a fresh 2005.0 + OX 0.8.0-1 install.

I foolowed the howto religiously and absolutely everything went smooth, never had an error, this is probably the first time since I tested OX.

At the end, I add my new user with adduser_ox, got a nice SQL ok, LDAP ok.

did all the stuff following that step, no errors.

Started OX, entered my login and password and ... and ... and got this "ERROR: Authentification failed" ..  ouch !

I asked myself that maybe I mistyped the password or so, take a look the the adduser string ... nothing wrong.

I tried then to do a deluser_ox but I got this error "invalid DN"

I don't understand, this is the first time I get those errors.

I took a look at my slapd.conf and ldap.conf and other files related to ldap ... I see no errors ... any idea ?

----------

## bitwh0re

 *giulianoz wrote:*   

> Hi,
> 
>  I think I've followed closely the guide up to the point where I have to test the tomcat server. if I point to my http://localhost:8080/ page what I receive is a blank pace (contains 
> 
> ```
> ...

 

don't use tomcat 5.0.28.

----------

## bitwh0re

 *hybrid256 wrote:*   

> I tried then to do a deluser_ox but I got this error "invalid DN"
> 
> I don't understand, this is the first time I get those errors.
> 
> I took a look at my slapd.conf and ldap.conf and other files related to ldap ... I see no errors ... any idea ?

 

What about admintools.conf?

----------

## hybrid256

I have this :

# LDAP Admin

BINDDN="cn=Manager,dc=tourisport,dc=fr"

# LDAP Admin Passwd

BINDPW="ldapsecretpassword"

DEFAULT_SQL_HOST="localhost"

DEFAULT_SQL_DB="openexchange"

DEFAULT_SQL_USER="open-xchange"

DEFAULT_SQL_PASS="oxen"

Some thing is strange anyway, I have another installation running with 2004.3 and OX 0.8.0-Beta4 which is "nearly working" but at least, I can login.

I took a look at my ldap tree with a client and there are significant differences ...

For example, there is non cn=Manager entry in the LDAP tree for 0.8.0-1

And my user has not been created ... that's pretty strange since I got no error at creation time with adduser_ox.

I think I'll try to delete the LDAP tree and recreate it ... just to be sure.

[EDIT] I tried to connect with "cn=Manager,dc=tourisport,dc=fr" as my BINDDN and "ldapsecretpassword" as my pass with my LDAP client and it works ... I really don't understand why my user has not been created using adduser_ox ...  :Sad: 

Again, more informations about my problem ... my user is not created in the LDAP tree (as I said) although I get a "LDAP Success" while adding the user ... BUT, my user is correctly created in postgre ... definitely an LDAP related problem but how ???

I'm doomed ...  :Rolling Eyes: 

----------

## Master One

With high interest I read through all 28 pages of this thread. I want to try the OX setup with LX-Office ERP / CRM integration (as mentioned at http://www.lx-office.org).

I assume it generally should not no problem to have it run on an EM64T 64-bit Gentoo setup, otherwise someone please tell me before I start with it.

As I have seen, almost all people trying Mike's wonderfull howto, ran into problems, so the setup seems to be really difficult.

Is anyone here, who has OX running in a production setup with all functions working properly?

There is a Fedora Core 3 setup-script for the LX-Office server available at sourceforge, and I was wondering if this script can be adapted and integrated into an ebuild for an automated Gentoo setup.

It's surely a good thing, to have Mike's wonderfull documentation, but why not concentrate on the ebuild for a painless installation?

So many people are fighting with the manual installation, so it really would make sense to have an install-script doing the job, especially when it comes down to upgrading.

Any feedback is welcome, before I also proceed and start my first manual installation.

----------

## rickvernam

 *rickvernam wrote:*   

> okay, how about this one...
> 
> telnet ox-domain.tld imap does not work
> 
> telnet ox-domain.tld ldap spits out exactly what the How-To says I should get for the above command...
> ...

 

As I expected, I had a miss-configuration.  In /etc/services there was no entry for 'imap' going to port 143/tcp...there was however 'imap2' going to port 143/tcp.  so i just changed 'imap2' to 'imap' and al wasl good there...

----------

## rickvernam

I feel like everything is *almost* there...but having some authentication problems.  One is same as hybrid256's problem when logging into ox from the webpage.  & the invalid DN, all that jazz.

Another which I think is perhpas related is where a configured client (such as thunderbird) can't check mail - authorization failed, bad username...

The following log entry seems to be a pretty good clue as to the problem (with the mail client logging in):

```
May  6 11:53:37 localhost master[8772]: about to exec /usr/lib/cyrus/pop3d

May  6 11:53:37 localhost pop3[8772]: executed

May  6 11:53:37 localhost pop3[8772]: sql auxprop plugin using pgsql engine

May  6 11:53:37 localhost pop3[8772]: accepted connection

May  6 11:53:41 localhost pop3[8772]: sql plugin Parse the username rickv

May  6 11:53:41 localhost pop3[8772]: sql plugin try and connect to a host

May  6 11:53:41 localhost pop3[8772]: sql plugin trying to open db 'mailsqldb' on host 'localhost'

May  6 11:53:41 localhost pop3[8772]: sql plugin: FATAL:  database "mailsqldb" does not exist

May  6 11:53:41 localhost pop3[8772]: sql plugin could not connect to host localhost

May  6 11:53:41 localhost pop3[8772]: sql plugin couldn't connect to any host

May  6 11:53:41 localhost pop3[8772]: sql plugin Parse the username rickv

May  6 11:53:41 localhost pop3[8772]: sql plugin try and connect to a host

May  6 11:53:41 localhost pop3[8772]: sql plugin trying to open db 'mailsqldb' on host 'localhost'

May  6 11:53:41 localhost pop3[8772]: sql plugin: FATAL:  database "mailsqldb" does not exist

May  6 11:53:41 localhost pop3[8772]: sql plugin could not connect to host localhost

May  6 11:53:41 localhost pop3[8772]: sql plugin couldn't connect to any host

May  6 11:53:41 localhost pop3[8772]: no secret in database

May  6 11:53:44 localhost pop3[8772]: badlogin: adsl-68-23-60-237.dsl.chcgil.ameritech.net [68.23.60.237] CRAM-MD5 user not found

May  6 11:53:47 localhost master[8583]: process 8772 exited, status 0
```

Initially, it was trying to connect to a mysql database, but I went into /etc/imapd.conf and changed from mysql to pgsql...

anyway, here is grep -v "#" /etc/imapd.conf:

```
configdirectory:        /var/imap

partition-default:      /var/spool/imap

sievedir:               /var/imap/sieve

tls_ca_path:            /etc/ssl/certs

tls_cert_file:          /etc/ssl/cyrus/server.crt

tls_key_file:           /etc/ssl/cyrus/server.key

admins:                 cyrus

hashimapspool:          yes

allowanonymouslogin:    no

allowplaintext:         yes

sasl_pwcheck_method: saslauthd

sasl_sql_engine: pgsql

sasl_sql_user: mailsqluser

sasl_sql_passwd: password

sasl_sql_database: mailsqldb

sasl_sql_hostnames: localhost

sasl_sql_select: SELECT clear FROM users WHERE email = '%u@%r'

lmtp_downcase_rcpt: yes
```

This is out of the box, plus mods noted in HowTo, plus changeing 'sasl_sql_engine' to pgsql.

Mabye of interest: saslauthd -v is as HowTo says it should be.

I have absolutely no clue on the theory behind how imap or whatever does authentication, maybe it should not even be looking in a database?  maybe it should?  I saw no mention of it one way or the other in the HowTo, so I haven't a clue.

I also saw this in the log when trying to login via the ox webpage:

May  6 12:00:49 localhost lmtpunix[8812]: IOERROR: fstating sieve script /var/imap/sieve/r/rickv/defaultbc: No such file or directory

Thanks,

Rick

----------

## rickvernam

well, i changed my /etc/imap.conf back to how I suspect it should've been:

```
configdirectory:        /var/imap

partition-default:      /var/spool/imap

sievedir:               /var/imap/sieve

tls_ca_path:            /etc/ssl/certs

tls_cert_file:          /etc/ssl/cyrus/server.crt

tls_key_file:           /etc/ssl/cyrus/server.key

admins:                 cyrus

hashimapspool:          yes

allowanonymouslogin:    no

allowplaintext:         yes

sasl_pwcheck_method: saslauthd

lmtp_downcase_rcpt: yes
```

I also went through the Cyrus setup & configuration again...and now I can authenticate with mail client...

still getting authentication error in OX

----------

## dashnu

You do not want to auth against a db.. You auth againts sasl which then looks to ldap. Jabber  me if ya want.

edit* what do your ldap logs say ?

----------

## rickvernam

 *hybrid256 wrote:*   

> Hi all,
> 
> Well well ... I tried -again- to have a working OX based on a fresh 2005.0 + OX 0.8.0-1 install.
> 
> I foolowed the howto religiously and absolutely everything went smooth, never had an error, this is probably the first time since I tested OX.
> ...

 

well, after some time I found on the forums at open-xchange.org that somebody with this problem used the adduser_ox binary from the previous version (8.0.0 or whatever previous version was) and the problem cleared up.  I have had the same success.

Thanks to Init-Zero for much needed help.

----------

## dashnu

 *Quote:*   

> I saw no mention of it one way or the other in the HowTo, so I haven't a clue. 

 

Yea, the how-to is very short on 'whys'

/me smacks bitwh0re

 :Twisted Evil:   :Twisted Evil:   :Wink: 

----------

## rickvernam

 *init-zero wrote:*   

>  *Quote:*   I saw no mention of it one way or the other in the HowTo, so I haven't a clue.  
> 
> Yea, the how-to is very short on 'whys'
> 
> /me smacks bitwh0re
> ...

 

You know what would be nice, is a link to some informative source of info about the things that are being used by Open-XChange.  I am very much familiar with Tomcat, Apache, Perl & Postgre...but found that it was very hard to configure & set something up when I had no clue what it was, what function it served, how it related to the other components...etc...

My problem was that I didn't even know the theory behind ldap, imap (the other things that I don't want to mention for fear that they don't really exist, and I just don't know  :Embarassed:  )...  I'm sure some such document exists...a reference to it (them) needs to exist in this How To as well.  Be sure that I'll be keeping my eyes open for such things...should I run across something of interest, I will make mention of it...

----------

## lxnay

Damn, every time I try to fix something, something else get wrong...

If I add to slapd.conf this entries:

```
access to * attr=UserPassword by self write by anonymous auth

access to dn="ou=addr,uid=(.*),ou=Users,ou=OxObjects,dc=lxnaydesign,dc=net" by dn="uid=$1,ou=Users,ou=OxObjects,dc=lxnaydesign,dc=net" write by * none

access to dn.subtree="o=AddressBook,ou=OxObjects,dc=lxnaydesign,dc=net" by group="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=lxnaydesign,dc=net" write by users read by * none

access to * attr=uid,objectClass,entry filter=(objectClass=OXUserObject) by self write by * read

access to dn="uid=mailadmin,ou=Users,ou=OxObjects,dc=lxnaydesign,dc=net" attr=imapServer,mailDomain,smtpServer,sn,givenName,uid by self write by users read

access to dn="uid=mailadmin,ou=Users,ou=OxObjects,dc=lxnaydesign,dc=net" by self write by * none

access to dn="ou=addr,uid=(.*),ou=Users,ou=OxObjects,dc=lxnaydesign,dc=net" by dn="uid=$1,ou=Users,ou=OxObjects,dc=lxnaydesign,dc=net" write by * none

access to dn="ou=Users,ou=OxObjects,dc=lxnaydesign,dc=net" by self write by users read by anonymous auth

access to dn="ou=OxObjects,dc=lxnaydesign,dc=net" by users read by anonymous auth

access to dn="dc=lxnaydesign,dc=net" by dn="uid=*,ou=Users,ou=OxObjects,dc=lxnaydesign,dc=net" read

access to * by self write by anonymous auth

```

I can't create any user with adduser_ox, and i get:

```
ldap_sasl_interactive_bind_s: No such object (32)

LDAP Success

SQL Success

```

If I remove those entries, I get:

```
SASL/DIGEST-MD5 authentication started

Please enter your password:

ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)

        additional info: SASL(-13): user not found: no secret in database

Please enter your password:

Please enter your password:

```

I think it's a sasl auth problem

Please help me, I'm in troubles!

----------

## mxc

Hi there,

I have my cyrus imap server setup to do virtual mailboxes for two seperate domains say test.com and myworld.com. This means that there are seperate mailboxes for the domains and mail to xxx@test.com and xxx@myworld.com go to seperate mailboxes. (Sorry for the repetative explanation but I am not so sure of the terminoligy and its easy to get confused with aliases, virtual domain aliases etc.)

Now users  on OX can belong to one or both of these domains. Most belong to the domain which is not the default domain in cyrus. Unfortuanately when I setup OX it looks for their mail accounts in the default domain and doesnt find anything. It should be loggin in with the full email address but probably is just using the uid and cyrus supplies the default domain.

Is there a way to fix it so that the full email address is used? Also is it possible to have webmail access two seperate mailboxes, in different domains for those users with accounts in both domains?

----------

## lxnay

If I do:

```
mars fabio # ldapsearch "cn=Manager,dc=lxnaydesign,dc=net"

```

I get:

```
ldap_sasl_interactive_bind_s: No such object (32)

```

If I put -x it works but adduser_ox does not add users anyway.

----------

## ferp2

Has anybody used Thunderbird or MS Outlook to connect to the server on port 993? I have no problem connecting clients to port 143, but when I try connecting, for instance, Thunderbird on port 993, I always get

 *Quote:*   

> Could not establish an encrypted connection because certificate presented by ip.ad.dr.ess is invalid or corrupted. Error code:- 8182.

 

I tried rebuilding the certificate but that hasn't worked. I also installed the latest Thunderbird but that hasn't changed anything either.

Could somebody show me their copy of the CA.pl script? I may have configured it wrong.

Thanks.

----------

## lxnay

http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=02&topic_id=1115282470

^ 10 hours of headache... OX programmers sometimes like to trick their users  :Evil or Very Mad:   :Rolling Eyes:   :Laughing: 

do not try to manage users with OX 0.8.0-1 ! 0.8.0-0 works, You can fix this by copying adduser_ox from 0.8.0-0 to 0.8.0-1.

I hope that this will help someone else !

----------

## mxc

If you are using the new LDAPURI connection string format there is a missing "-H" option in admintools.conf where it tries to create the ldap connetion string. There is some code where it detects if you are using the old or new format. If it detects the old formt it appends "-H" correctly if it doesnt it uses the LDAPURI entry and it forgets to put "-H" in the string it constructs. After I added that all worked fine  :Smile: 

===== edit

sorry its in the adduser_ox file that the edit needs to occur not admintools.conf

----------

## giulianoz

 *bitwh0re wrote:*   

>  *giulianoz wrote:*   Hi,
> 
>  I think I've followed closely the guide up to the point where I have to test the tomcat server. if I point to my http://localhost:8080/ page what I receive is a blank pace (contains 
> 
> ```
> ...

 

hi,

 in unmerged  5.0.28 and the emarged 5.0.27-r5 but the problem hasn't solved. the output page is alqays empty wuth the same html source.

any other idea?

thanks

----------

## bitwh0re

 *giulianoz wrote:*   

>  *bitwh0re wrote:*   
> 
> don't use tomcat 5.0.28. 
> 
>  in unmerged  5.0.28 and the emarged 5.0.27-r5 but the problem hasn't solved. the output page is alqays empty wuth the same html source.
> ...

 

What happens when you go to http://localhost:8080/manager/html?  Do you get a blank page as well?  Or does the Tomcat manager login screen appear?  What if you go to http://localhost:8080/admin/?

----------

## bitwh0re

 *rickvernam wrote:*   

>  *init-zero wrote:*    *Quote:*   I saw no mention of it one way or the other in the HowTo, so I haven't a clue. 
> 
> Yea, the how-to is very short on 'whys'
> 
> /me smacks bitwh0re 
> ...

 

I can re-add the references section to the HOWTO.  It existed in the PDF version, but was removed to save some space and reading.  The HOWTO is currently 59 pages long and that can be a bit overwhelming.  Linking to another 15 or so websites with at least 200pgs of documentation each could be enough to make setting up OX seem a monumental task and turn potential users away.  If people feel that adding links to the documentation sections on websites such as postfix.org, openldap.org apache.org, etc etc, as well as other tutorials that I've used to help me with OX, please let me know via a private message.  If you'd also like to have a certain website added to this section, again, PM me with the link.

----------

## giulianoz

 *bitwh0re wrote:*   

>  *giulianoz wrote:*    *bitwh0re wrote:*   
> 
> don't use tomcat 5.0.28. 
> 
>  in unmerged  5.0.28 and the emarged 5.0.27-r5 but the problem hasn't solved. the output page is alqays empty wuth the same html source.
> ...

 

I got two blank pages  :Sad: 

giuliano

----------

## bitwh0re

 *giulianoz wrote:*   

>  *bitwh0re wrote:*    *giulianoz wrote:*    *bitwh0re wrote:*   
> 
> don't use tomcat 5.0.28. 
> 
>  in unmerged  5.0.28 and the emarged 5.0.27-r5 but the problem hasn't solved. the output page is alqays empty wuth the same html source.
> ...

 

Silly question, but did you do '/etc/init.d/tomcat-5 stop' before unmerging and then after emerging tomcat 5.0.27 use '/etc/init.d/tomcat5 start' (note the lack of a dash)?

----------

## ferp2

The tutorial has 2 sections called "Encrypting E-Mail Traffic with SSL/TLS" and "SMTP Authentication and Relay Control". These 2 sections have to be implemented before you can get the desired effect. What is the desired effect? To be able to use your OX smtp server as a relay from essentially any client machine anywhere on the internet.  Now some of you may find this obvious, but I for one took a bit of time before realizing the implications of these 2 sections. I thought, somehow, that these sections had to do with enabling me to connect my email client (Outlook, Thunderbird) with IMAP on port 993. This is not the case, so don't waste your time as the above mentioned sections have nothing to do with IMAP. Before going further you should understand the concept of relaying and how it applies to securing your system. Here's a quick, excellent read on this subject.

http://www.palomine.net/qmail/relaying.html

Now the reason I'm writing about this subject is that once I understood the concept, I couldn't get it to work. Let's say you want to hook up your Thunderbird email client, which is on a host that postfix does not trust. For instance, I've set the mynetworks_style parameter in /etc/postfix/main.cf to only trust the localhost.

```
mynetworks_style = host
```

This means even hosts on the same subnet can't relay through the OX smtp server without authenticating first.

How do you get, for instance, Thunderbird to authenticate through the OX smtp server? By going to Edit/Account Settings and clicking on Outgoing Server (smtp). Here you enter your mail server (mail.oxdomain.tld), port 25, enter your username and click on TLS. Now if you set up the server as in the tutorial, you should be able to authenticate against the server before being able to.  In my case I wasn't able to for 2 reasons:

1) The howto says to "Add '-nodes' to your CA.pl file" where you have "} elsif (/^-newcert$/) {".  This is to prevent the password from being encrypted. All very well, but I kept on getting a message that the certificate was corrupted. Finally somebody recommended doing this when you check for TLS support:

 *Quote:*   

> telnet localhost 25
> 
> Trying 127.0.0.1...
> 
> Connected to localhost.localdomain.
> ...

 

The important thing is to type in starttls and see whether the server replies with a "Ready to start TLS" message. If you don't get that message, despite the fact that you see 250-STARTTLS, it isn't going to work. In my case the server gave me an error message. To correct it, I added -nodes in CA.pl as in:

```
        } elsif (/^-newreq$/) {

            # create a certificate request

            system ("$REQ -new [b]-nodes[/b] -keyout newreq.pem -out newreq.pem $DAYS");

            $RET=$?;

            print "Request (and private key) is in newreq.pem\n";
```

So that means you put -nodes in 2 places, not 1. Now you should be able to build the certificates and get the Ready to start TLS message when you run telnet.

2) The next problem occured when I tried to authenticate. First I'd accept the server certificate, but when I'd enter my password, it wouldn't work. Looking at my logs I saw the following:

```
May  9 22:57:03 max postfix/smtpd[29249]: warning: SASL authentication failure: no secret in database

May  9 22:57:03 max postfix/smtpd[29249]: warning: unknown[66.11.179.71]: SASL CRAM-MD5 authentication failed

May  9 22:57:03 max postfix/smtpd[29249]: warning: SASL authentication failure: no secret in database

May  9 22:57:03 max postfix/smtpd[29249]: warning: unknown[66.11.179.71]: SASL NTLM authentication failed

May  9 22:57:03 max postfix/smtpd[29249]: warning: SASL authentication problem: unknown password verifier 

May  9 22:57:03 max postfix/smtpd[29249]: warning: SASL authentication failure: Password verification failed

May  9 22:57:03 max postfix/smtpd[29249]: warning: unknown[66.11.179.71]: SASL PLAIN authentication failed

May  9 22:57:03 max postfix/smtpd[29249]: warning: SASL authentication problem: unknown password verifier 

May  9 22:57:03 max postfix/smtpd[29249]: warning: unknown[66.11.179.71]: SASL LOGIN authentication failed

```

To correct this I edited the smtpd.conf file as follows:

 *Quote:*   

> cat /etc/sasl2/smtpd.conf 
> 
> # $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.2 2004/07/18 03:26:56 dragonheart Exp $
> 
> #pwcheck_method:pam
> ...

 

After correcting these 2 problems I'm able to access the smtp server from any untrusted host.

----------

## dashnu

 *ferp2 wrote:*   

> The tutorial has 2 sections called "Encrypting E-Mail Traffic with SSL/TLS" and "SMTP Authentication and Relay Control". These 2 sections have to be implemented before you can get the desired effect. What is the desired effect? To be able to use your OX smtp server as a relay from essentially any client machine anywhere on the internet.  Now some of you may find this obvious, but I for one took a bit of time before realizing the implications of these 2 sections. I thought, somehow, that these sections had to do with enabling me to connect my email client (Outlook, Thunderbird) with IMAP on port 993. This is not the case, so don't waste your time as the above mentioned sections have nothing to do with IMAP. Before going further you should understand the concept of relaying and how it applies to securing your system. Here's a quick, excellent read on this subject.

 

The section could be called "Encrypting SMTP Traffic with SSL/TLS" 

 *ferp2 wrote:*   

> 
> 
> http://www.palomine.net/qmail/relaying.html
> 
> Now the reason I'm writing about this subject is that once I understood the concept, I couldn't get it to work. Let's say you want to hook up your Thunderbird email client, which is on a host that postfix does not trust. For instance, I've set the mynetworks_style parameter in /etc/postfix/main.cf to only trust the localhost.
> ...

 

Why would you want this? I for example have 5 to 6 different apps that require smtp access. Not all apps support Auth.. Not to mention system mails, i also have 6 gentoo boxes with several users that need to send e-mail via scripts / cron-jobs and such. To add those all to ldap / cyrus would be a mojor pain. why not trust your network?

IMHO this will cause more work then good and is not needed. If user do this make sure you realize what you are doing.

 *ferp2 wrote:*   

> 
> 
> How do you get, for instance, Thunderbird to authenticate through the OX smtp server? By going to Edit/Account Settings and clicking on Outgoing Server (smtp). Here you enter your mail server (mail.oxdomain.tld), port 25, enter your username and click on TLS. Now if you set up the server as in the tutorial, you should be able to authenticate against the server before being able to.  In my case I wasn't able to for 2 reasons:
> 
> 

 

With smtpd_tls_auth_only set to 'yes' you can not auth againts the server without using tls. I am confused with what your are talking about. 

This statement is not correct. Why should you ?

 *ferp2 wrote:*   

> 
> 
> 1) The howto says to "Add '-nodes' to your CA.pl file" where you have "} elsif (/^-newcert$/) {".  This is to prevent the password from being encrypted. All very well, but I kept on getting a message that the certificate was corrupted. Finally somebody recommended doing this when you check for TLS support:
> 
> 

 

Yes I wrote this up several months after actually implementing it... Bitwhore you should add this to the how-to the -nodes is needed in both places.

 *ferp2 wrote:*   

> 
> 
> 2) The next problem occured when I tried to authenticate. First I'd accept the server certificate, but when I'd enter my password, it wouldn't work. Looking at my logs I saw the following:
> 
> ```
> ...

 

This is in the how-to in the relay section.. http://www.mikefetherston.ca/OX/html/index.html#smtpauth

However it should be smtp.conf

good finds

edit* Bitwh0re these sections are in fact needed to get the desired result.. Maybe they should be put into one section and organized a bit better.

----------

## bitwh0re

I'll add this to my TODO....

----------

## ferp2

 *dashnu wrote:*   

> Why would you want this? I for example have 5 to 6 different apps that require smtp access. Not all apps support Auth.. Not to mention system mails, i also have 6 gentoo boxes with several users that need to send e-mail via scripts / cron-jobs and such. To add those all to ldap / cyrus would be a mojor pain. why not trust your network?
> 
> IMHO this will cause more work then good and is not needed. If user do this make sure you realize what you are doing. 

 

Yes, yes, I know. This is just a temporary setting until I establish which hosts I can trust.

 *dashnu wrote:*   

> 
> 
> With smtpd_tls_auth_only set to 'yes' you can not auth againts the server without using tls. I am confused with what your are talking about.
> 
> This statement is not correct. Why should you ? 

 

I should have said, "before being able to send email". IOW, if you're an untrusted host, you have to authenticate using TLS before sending email using the OX smtp server, without exception. 

 *dashnu wrote:*   

> This is in the how-to in the relay section.. http://www.mikefetherston.ca/OX/html/index.html#smtpauth
> 
> However it should be smtp.conf

 

 *Mike's tutorial wrote:*   

> 
> 
> You will next create a file in /etc/sasl2 called smtp and add the following:
> 
> /etc/sasl2/smtp
> ...

 

This doesn't work. It should be 

 *Quote:*   

> Ye shall create a file in /etc/sasl2 called smtpd.conf and add the following:
> 
> blahblah...

 

This is how I have it set up in mine, and it works.

----------

## rickvernam

I will be setting up DSPAM shortly.  I have absolutely no clue what I'm getting into by setting up DSPAM...buy then again I had no clue when starting Open-XChange either (I have never done email stuff...ever...)

So, I will look at DSPAM docs, and search if I have problems...etc...etc..

But does anybody here have any suggestions?

Thanks!

-Rick

----------

## bitwh0re

 *rickvernam wrote:*   

> I will be setting up DSPAM shortly.  I have absolutely no clue what I'm getting into by setting up DSPAM...buy then again I had no clue when starting Open-XChange either (I have never done email stuff...ever...)
> 
> So, I will look at DSPAM docs, and search if I have problems...etc...etc..
> 
> But does anybody here have any suggestions?
> ...

 

I tried a while back and had troubles with the pgsql driver.  Check into the irc channel.. #dspam on freenode i beleive.  if you'd like, this is something i've been wanting to add to the HOWTO.. if you'd like to document your steps and findings, I'd be happy to add them in and give you credit.

mike.

----------

## rickvernam

Yeah, I'll do that...it'll be a piece that will fit nicely.

----------

## ulwur

I had problems with aliass on an open-exchange installation from Mike fetherson's howto.

In phpldapadmin I added alias attributes on the users, (so that mail to postmaster and root would go my my mailbox) but I never got it working...

Eventuellay found out I had to tell postfix how to find the aliases. I added this to my postfix's main.cf

virtual_maps = ldap:ldapsource

ldapsource_query_filter = (|(mail=%s)(alias=%s))

Then it works!

/Uwur

----------

## bitwh0re

 *ulwur wrote:*   

> I had problems with aliass on an open-exchange installation from Mike fetherson's howto.
> 
> In phpldapadmin I added alias attributes on the users, (so that mail to postmaster and root would go my my mailbox) but I never got it working...
> 
> Eventuellay found out I had to tell postfix how to find the aliases. I added this to my postfix's main.cf
> ...

 

Thanks for that tip, that's really helpful!!

----------

## giulianoz

 *bitwh0re wrote:*   

>  *giulianoz wrote:*    *bitwh0re wrote:*    *giulianoz wrote:*    *bitwh0re wrote:*   
> 
> don't use tomcat 5.0.28. 
> 
>  in unmerged  5.0.28 and the emarged 5.0.27-r5 but the problem hasn't solved. the output page is alqays empty wuth the same html source.
> ...

 

yes, I did stop the tomcat5 daemon before the unmerge and restarted it after the emerge  :Smile: 

giuliano

----------

## Braden.Compton

Hi guys,

After having a look at this pdf document [mikefetherston.ca], which outlines a dream-scenario for windows/linux network integration, it strikes me that this sort of thing is imminently do-able. Has anyone tried?

In light of this, can I make some suggestions for the next version of the OX-on-Gentoo guide?

Configuring Gentoo to use LDAP/PAM (with an OX-compatible DIT).  This will require some careful planning.  Do we use an RFC DIT and change open-xchange accordingly (ala  this OX-wikie guide [open-xchange.org]).  Or do we go with OX's ldap structure and reconfigure PAM accordingly? 

Installing SAMBA with LDAP authentication (with an OX-compatible DIT).  The OX-wiki has some a rough guide [open-xchange.org] to configuring SAMBA and OPEN-XCHANGE to use a common, compatible DIT.  Unfortunately this guide is old, and I couldn't get it to work (mostly because I didn't have time).

Configure APACHE2 to do redirection to SSL (ala this OX-wiki guide [open-xchange.org]).  An absolute must if you are going to start making intranet docs available over webdav (not to mention having intranet password flying all over the web).

Come up with a way to mount webdav documents to a server's filesystem, for NFS and SAMBA export.  Again, this should be do-able (albeit difficult).  There are several open-source projects that allow webdav mounting under linux (IMHO, davfs2 [sourceforge.net] looks the most promising).  The OX-wiki has guides for mounting webdav.documents under windows and MacOSX [open-xchange.org]. Once again, this would require some planning.  I don't think you can just use root (on the server) to mount webdav, and then symlink this to people's home directories, because everyone will get root access to the webdav files (please correct me if I'm wrong on this one).  One possibility would be to use client-side scripts to mount the webdav share at logon time (ala the aforementioned OX-wiki guides).  Another (uglier) option might be to use SU (on the server) to mount webdav, user-by-user, to each home directory.  But just the thought of this makes me cringe.  Of course, there might be other, more elegant solutions that lie outside the scope of my knowledge.

What this would enable us to do:

Deploy a network of mixed clients (linux/windows) that all authenticate against a common source.  Passwords changes can be made from any workstation, or even OX umin.

Have one centralised documents store, accessible via the home directory on linux and windows workstations, or via the OX web-interface (ie. available anywhere in the world).  This means one home directory/documents tree, no matter whether you are sitting in front of a linux terminal, or a windows worksation.

IMHO, such a system, while technically ambitious, would be of considerable use to large organisations.  The reason I am floating this idea here is that I want to depoly such a system (as a test-platform) early in July.  If anyone has any suggestions that might help reduce the pain of doing so (or, shock/horror, if someone puts together a working HOWTO before then), well, I'd be *EXTREMELY* happy  :Smile: .

Thanks for your time.  Looking forward to some suggestions!

Regards,

Braden.

----------

## Fibbs

Hi folks,

i am having a problem installing openxchange from the HOWTO on http://www.mikefetherston.ca/OX/html/index.html. I'm at the point "Initialize your LDAP tree for Open-Xchange:".

My init_ldap.ldif is the following:

```

dn: dc=kdorf,dc=local

objectClass: dcObject

objectClass: organization

dc: kdorf

o: GENTIX

dn: ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: OxObjects

dn: ou=Users,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: Users

dn: ou=Groups,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: Groups

dn: ou=ResourceObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: ResourceObjects

dn: ou=ResourceGroups,ou=ResourceObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: ResourceGroups

dn: ou=Resources,ou=ResourceObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: Resources

dn: ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: AdminObjects

dn: ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: SMTPObjects

dn: ou=DNSObjects,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: DNSObjects

dn: o=AddressBook,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organization

o: AddressBook

dn: cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: groupOfNames

cn: AddressAdmins

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local

dn: cn=users,ou=Groups,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: posixGroup

cn: users

gidNumber: 500

dn: cn=OXSMTPAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: groupOfNames

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local

cn: OXSMTPAdmins

dn: cn=OXUserAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: groupOfNames

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local

cn: OXUserAdmins

dn: cn=OXGroupAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: groupOfNames

cn: OXGroupAdmins

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local

dn: cn=OXDNSAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: groupOfNames

cn: OXDNSAdmins

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local

dn: cn=OXResourceAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: groupOfNames

cn: OXResourceAdmins

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local

dn: cn=OXIMAPAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: groupOfNames

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local

cn: OXIMAPAdmins

dn: ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: Administration

dn: uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: shadowAccount

objectClass: posixAccount

objectClass: person

objectClass: inetOrgPerson

objectClass: OXUserObject

OpenLDAPaci: 1#entry#grant;r,w,s,c;cn,initials,mail,title,ou,l,birthday,description,street,postalcode,st,c,oxtimezone,homephone,mobile,pager,facsimiletelephonenumber,telephonenumber,labeleduri,jpegphoto,loginDestination,sn,givenname,;r,s,c;[all]#self#

uidNumber: 501

homeDirectory: /home/mailadmin/

loginShell: /bin/bash

mailEnabled: OK

gidNumber: 500

mailDomain: kdorf.local

ou: Administration

uid: mailadmin

sn: Admin

preferredLanguage: EN

mail: mailadmin@kdorf.local

o: GENTIX

smtpServer: localhost

imapServer: localhost

alias: postmaster@kdorf.local

alias: root@kdorf.local

givenName: Admin

cn: Admin Admin

shadowMin: 0

shadowMax: 9999

shadowWarning: 7

shadowExpire: 0

userPassword: {CRYPT}TT7Vc9uG64aQY

OXAppointmentDays: 5

OXGroupID: 500

OXTaskDays: 5

OXTimeZone: Europe/Berlin

dn: ou=addr,uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local

ou: addr

objectClass: top

objectClass: organizationalUnit

dn: ou=MailTransports,ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: MailTransports

dn: smtpDomain=kdorf.local,ou=MailTransports,ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

smtpDomainTransportNexthop: smtp:192.168.32.134

smtpDomain: kdorf.local

objectClass: top

objectClass: OXMailTransportObject

cn: example transport map entry

dn: ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: AvailableServers

description: List of available Servers for OX

dn: ou=directoryServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: directoryServer

dn: ou=webmailServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: webmailServer

dn: ou=smtpServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: smtpServer

dn: ou=SharedFolder,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: SharedFolder

dn: ou=imapServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: imapServer

dn: domainName=kdorf.local,ou=DNSObjects,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: OXVDomainObject

MTALocaldomain: TRUE

domainName: kdorf.local

dn: ou=groupwareServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=kdorf,dc=local

objectClass: top

objectClass: organizationalUnit

ou: groupwareServer

```

i only edited the password string. Because my machine is a test server i did not change the password string here.

When i try to execute

```

slapadd -d 1 -l /usr/local/open-xchange/share/init_ldap.ldif

```

i get the following debug output:

```

....

cal), objectClass "organizationalUnit"

oc_check_allowed type "objectClass"

oc_check_allowed type "ou"

oc_check_allowed type "structuralObjectClass"

=> bdb_tool_entry_put( -1, "ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local" )

=> bdb_dn2id( "ou=administration,ou=groups,ou=oxobjects,dc=kdorf,dc=local" )

<= bdb_dn2id: got id=0x0000000e

=> entry_encode(0x0000000e): ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local

=> index_entry_add( 14, "ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local" )

=> key_change(ADD,e)

<= key_change 0

=> key_change(ADD,e)

<= key_change 0

=> key_change(ADD,e)

<= key_change 0

<= index_entry_add( 14, "ou=Administration,ou=Groups,ou=OxObjects,dc=kdorf,dc=local" ) success

=> str2entry

>>> dnPrettyNormal: <uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local>

<<< dnPrettyNormal: <uid=mailadmin,ou=Users,ou=OxObjects,dc=kdorf,dc=local>, <uid=mailadmin,ou=users,ou=oxobjects,dc=kdorf,dc=local>

<= str2entry: str2ad(OpenLDAPaci): attribute type undefined

slapadd: could not parse entry (line=145)

slapadd shutdown: initiated

====> bdb_cache_release_all

slapadd shutdown: freeing system resources.

====> bdb_cache_release_all

```

Without the '-d 1' i only get

```

groupware open-xchange # slapadd -l /usr/local/open-xchange/share/init_ldap.ldif

slapadd: could not parse entry (line=145)

```

As i have no idea about ldap yet i don't know how to fix this problem and would be glad if anyone of you could help me...

I am using net-nds/openldap-2.1.30-r4 and OPEN-XCHANGE 0.8.0-2.

Thank you very much in advance!

Fibbs

----------

## bitwh0re

 *Fibbs wrote:*   

> 
> 
> ```
> <= str2entry: str2ad(     OpenLDAPaci     ): attribute type undefined
> 
> ...

 

Sounds / Looks like you don't have ACI enabled in OpenLDAP.

----------

## Fibbs

 *bitwh0re wrote:*   

>  *Fibbs wrote:*   
> 
> ```
> <= str2entry: str2ad(     OpenLDAPaci     ): attribute type undefined
> 
> ...

 

This was the error, thank you very much!

Fibbs

----------

## rickvernam

So, I've gotten dspam to scan messages & keep stats.

Also, mail is no longer being bounced back to the sender  :Very Happy: 

From what I can tell, only 2 tasks remain:

1 - Get mail delivered to recipient mailbox (i said it is not being bounced back to sender, never said it was going to destination though...)  :Exclamation: 

2 - Get dspam-web working for nice www stats & also for looking at mail marked as spam.

-Rick

----------

## bitwh0re

 *rickvernam wrote:*   

> So, I've gotten dspam to scan messages & keep stats.
> 
> Also, mail is no longer being bounced back to the sender 
> 
> From what I can tell, only 2 tasks remain:
> ...

 

Keep me posted rickvernam!  This will be a welcome addition to the HOWTO!!  You can send your (rough?) notes to my e-mail that you can find on my website.

Thanks!!

Mike.

----------

## rickvernam

I can't seem to get any mail client to authenticate when trying to send mail.  I can send from OX webmail just fine...but if I try to configure Thunderbird, or any other mail client for that matter, I get problems.

If I don't do authentication, I get problems saying no relaying.  This is fine, I want all senders to authenticate.

If I set up authentication on the mail client, it comes up and perpetually asks for my password.

Looking at the logs, I get lots of this junk:

```
May 17 15:29:27 localhost postfix/smtpd[6769]: connect from unknown[192.168.2.120]

May 17 15:29:31 localhost postfix/smtpd[6769]: warning: SASL authentication failure: no secret in database

May 17 15:29:31 localhost postfix/smtpd[6769]: warning: unknown[192.168.2.120]: SASL CRAM-MD5 authentication failed

May 17 15:29:31 localhost postfix/smtpd[6769]: warning: SASL authentication failure: no secret in database

May 17 15:29:31 localhost postfix/smtpd[6769]: warning: unknown[192.168.2.120]: SASL NTLM authentication failed

May 17 15:29:31 localhost postfix/smtpd[6769]: warning: SASL authentication problem: unknown password verifier

May 17 15:29:31 localhost postfix/smtpd[6769]: warning: SASL authentication failure: Password verification failed

May 17 15:29:31 localhost postfix/smtpd[6769]: warning: unknown[192.168.2.120]: SASL PLAIN authentication failed

May 17 15:29:31 localhost postfix/smtpd[6769]: warning: SASL authentication problem: unknown password verifier

May 17 15:29:31 localhost postfix/smtpd[6769]: warning: unknown[192.168.2.120]: SASL LOGIN authentication failed

May 17 15:34:31 localhost postfix/smtpd[6769]: timeout after AUTH from unknown[192.168.2.120]

May 17 15:34:31 localhost postfix/smtpd[6769]: disconnect from unknown[192.168.2.120]
```

so...what to do?  I'm thinking that since I can send from OX just fine that this problem is related to something else...but what?  Maybe I don't have correct config in mail client?

----------

## bitwh0re

 *rickvernam wrote:*   

> I can't seem to get any mail client to authenticate when trying to send mail.  I can send from OX webmail just fine...but if I try to configure Thunderbird, or any other mail client for that matter, I get problems.
> 
> If I don't do authentication, I get problems saying no relaying.  This is fine, I want all senders to authenticate.
> 
> If I set up authentication on the mail client, it comes up and perpetually asks for my password.
> ...

 

Sounds like either postfix doesn't trust anything but localhost or your mail client isn't sending the proper authentication.  Are you trying this after you enabled SSL/TLS, Auth, and Relay control?  If so, try backing out those changes and see what happens then.

----------

## rickvernam

 *bitwh0re wrote:*   

>  *rickvernam wrote:*   I can't seem to get any mail client to authenticate when trying to send mail.  I can send from OX webmail just fine...but if I try to configure Thunderbird, or any other mail client for that matter, I get problems.
> 
> If I don't do authentication, I get problems saying no relaying.  This is fine, I want all senders to authenticate.
> 
> If I set up authentication on the mail client, it comes up and perpetually asks for my password.
> ...

 

Found that if I put into '/etc/sasl2/smtpd.conf' the same as what was in '/etc/sasl2/smtp' that the problem went away & authentication worked like a charm.

----------

## rickvernam

So, I got DSPAM working with an OX install followed directly from the How-To.  It may not be elegant or even a good way to do it...but I really don't know...

First, I made an ebuild for DSPAM 3.4.6 by making a dspam-3.4.6.ebuild in the portage overlay, then digesting it (your overlay may not be /usr/local/portage):

```
cd /usr/local/portage

mkdir -p ./mail-filter/dspam

cp /usr/portage/mail-filter/dspam/dspam-3.4.5.ebuild ./mail-filter/dspam/dspam-3.4.6.ebuild

ebuild ./mail-filter/dspam/dspam-3.4.6.ebuild digest
```

ACCEPT_KEYWORDS="~x86" USE="cyrus virtual-users" emerge dspam -pv should look like this:

```
[ebuild  N    ] mail-filter/dspam-3.4.6  +cyrus -debug -exim -large-domain -maildrop -mysql -neural -oci8 +postgres -procmail -sqlite -sqlite3 +virtual-users
```

If you want, go ahead and merge it.  After it's done, run 

```
ebuild dspam-3.4.6.ebuild config
```

 to setup the database & whatever else it does...

I had to modify /etc/postfix/master.cf with the following:

```
dspam-cyrus unix - n n - - pipe user=cyrus:mail argv=dspam --deliver=innocent --user ${user} -e -r ${sender} -m ${extension} ${user}
```

If you want debugging, add '--debug' after 'argv=dspam'.  if you want to deliver spammy emails to the user change '--deliver=innocent' to '--deliver=innocent,spam'

The parameters after '--user ${user} all go to cyrus's deliver, so you can modify those according to deliver's configuration parameters.

I had to modify /etc/postfix/main.cf as such:

```
#mailbox_transport = lmtp:unix:/var/imap/socket/lmtp

mailbox_transport = dsapm-cryus

alias_maps = hash:/etc/postfix/dspam.aliases
```

in /etc/mail/dspam/dspam.conf

```
TrustedDeliveryAgent "/usr/lib/cyrus/deliver"

UnTrustedDeliveryAgent "/usr/lib/cyrus/deliver -r %u"

Trust dspam

Trust postfix

Trust cyrus

Trust nobody
```

Now, unless you have trained DSPAM it won't know what is spam and what is not.  One way to train it that works nicely in such a setup is to have everybody specify what they consider spam.  To do so, each user will forward their spam to 'spam-[their username]@ox-domain.tld'.  However, instead of setting up those email accounts, we'll create an alias file that postfix will use to both recognize these 'addresses' and also to take a different course of action in order to notify dspam that the user considers the given message spam.  You can also use the same alias file to specify 'notspam-[theirusername]@ox-domain.tld' to inform dspam if it incorrectly categorized a message as spam when it's really not, but I haven't done that yet...

So, create an alias file where ever you want.  I put mine in /etc/postfix/dspam.aliases and fill it with entries as such for each user:

```
spam-[username]: "|dspam --user [username] --class=spam --source=error --mode=teft -e -r ${sender} -m {Spam} [username]"
```

I'd imagine that the notspam-username would look like this, but like I said I have not tested this stuff yet:

```
notspam-[username]: "|dspam --user [username] --class=innocent --source=error --mode=teft -e -r ${sender} [username]"
```

In these example, postfix pipes to dspam which corrects it's data to reflect its mistake.  I have also instructed dspam to send spammy messages into the users "Spam" folder, and otherwise into the users mailbox.

You'll also have to do the following to the alias file:

```
postalias /etc/postfix/dspam.aliases'
```

so, reload postfix and you should be on your way (or maybe you'd have to restart, but reload worked for me...)

```
/etc/init.d/postfix reload
```

So, this is coming from somebody who two weeks ago had never done anything with email other than read & write it.  I'm expecting that the more seasoned email admin people will advise accordingly should the above be an undesireable configuration.

----------

## PeeJay

Would it be possible to put

```
chown ldap /var/lib/openldap-data/*

chgrp ldap /var/lib/openldap-data/* 
```

in the how-to somewhere? Took me ages to figure out why slapd wouldn't start!!

----------

## rickvernam

 *PeeJay wrote:*   

> Would it be possible to put
> 
> ```
> chown ldap /var/lib/openldap-data/*
> 
> ...

 

The last part of the section "Section 3: Open-Xchange Installation" is as follows:

 *Quote:*   

> 
> 
> Setup proper symlinks:
> 
>    ln -s /etc/openldap/ldap.conf \
> ...

 

----------

## carpman

a quick question on the domain and use of dc=

I am using a .co.uk domain so which of the following would be right:

```

dc=domain,dc=.co.uk

dc=domain,dc=.co,dc=.uk

```

cheers

----------

## rickvernam

Am curious as to the location of files that make up the users' data (ie, users' mail, OX's data...etc...any other userfull data locations...)  I'd imagine OX keeps all its' data in the database & that email is in cyrus-data?  But I really don't know so any verification or whatever would be great!

Thanks!

-Rick

----------

## carpman

Hello, ok anyone know where i can get the older versions of sun java files such as jaf and javamail, can only download newer versions then in howto and portage.

cheers

----------

## rickvernam

 *carpman wrote:*   

> Hello, ok anyone know where i can get the older versions of sun java files such as jaf and javamail, can only download newer versions then in howto and portage.
> 
> cheers

 

I've got these, but I don't know off the top of my head if they're newer or older.  If you want them, let me know and I'll do something to provide the files in  a way that is not blatantly in violation of this, that or the other thing...

j2sdk-1_4_2_08-linux-i586.bin

jaf-1_0_2-upd.zip

javamail-1_3_1-upd.zip

javamail-1_3_2.zip

jikes-1.21.tar.bz2

----------

## feliperal

I just modified the ebuilds to download the newer versions of javamail.  Unforunately, I'm having some problems with running open-xchange.

1) When I try to add a contact, I get the following error:

```
The contact has benn created in the Database but couldn't be inserted into the LDAP addressbook: Naming err in ContactLdap javax.naming.NoPermissionException: [LDAP: error code 50 - no write access to parent]; remaining name 'uid=24,ou=addr,uid=anonuser,ou=Users,ou=OxObjects'
```

2)  For some reason I cannot send any mail or receive the mail.  I have confirmed that sending works fine using mutt.  Also, I have made sure that there is a MX record at pairnic for my domain.  Trying to send mail from open-xchange results in : 

```
No running Server found.

Please inform the Administrator!

```

3)  When composing an email message, I can easily fill the To:, CC:, and BC: fields.  However, I can't type text inside the message body, nor do the font size and style buttons work.

Edit 3: It seems to be a rendering and javascript problem with Safari browsers (used on Mac OS X), which is based on KHTML.  Works fine with Mozilla Firefox 1.04.  I am able to send messages.

So my only problem is point #1 and I can't receive email messages  :Sad:  .  I've forwarded the ports imap,imaps,ldap,pop3,pop3s all to my box using my wireless router's setup.  For some reason, cyrus isn't putting the mail into the OX_MailBox/Inbox.  I have created the user.anonuser already.  Any suggestions?

Felipe

----------

## carpman

ok so far good after sorting out some problems but know i have reached the section for

/etc/apache2/conf/modules.d/88_mod_jk.conf

thing is where do i put entries?

the file current look like:

```

<IfDefine JK2>

        <IfModule !mod_jk2.c>

                LoadModule jk2_module       extramodules/mod_jk2.so

                # for extra piece of mind we can project the WEB-INF directory

                <Location "/jsp-examples/WEB-INF/">

                       AllowOverride None

                       deny from all

                </Location>

                # This is provided as an example of how to

                # map a webapp from tomcat to a path in

                # Apache.

                <Location "/jsp-examples/*">

                        JkUriSet worker ajp13:localhost:8009

                </Location>

        </IfModule>

</IfDefine>

```

----------

## bitwh0re

 *feliperal wrote:*   

> 
> 
> So my only problem is point #1 and I can't receive email messages  .  I've forwarded the ports imap,imaps,ldap,pop3,pop3s all to my box using my wireless router's setup.  For some reason, cyrus isn't putting the mail into the OX_MailBox/Inbox.  I have created the user.anonuser already.  Any suggestions?
> 
> 

 

With regard to receiving e-mail.. try forwarding port 25 (SMTP).  SMTP is what mail servers use to transfer e-mail messages between them.  It's only the clients that need to talk to 143/IMAP to get the messages to the user.

----------

## bitwh0re

 *carpman wrote:*   

> ok so far good after sorting out some problems but know i have reached the section for
> 
> /etc/apache2/conf/modules.d/88_mod_jk.conf
> 
> thing is where do i put entries?
> ...

 

Interesting, this is what my file looks like:

```

<IfDefine JK>

LoadModule jk_module    modules/mod_jk.so

###

### Where to find workers.properties

###

# JkWorkersFile specify the location where mod_jk will find

# the workers definitions.

JkWorkersFile   conf/jk-workers.properties

###

### Where to put mod_jk logs

###

# specify the location where mod_jk is going to place its log file.

JkLogFile       logs/mod_jk.log

###

### Set the jk log level [debug/error/info]

###

# info log will contains standard mod_jk activity (default).

# error log will contains also error reports.

# debug log will contains all informations on mod_jk activity

#JkLogLevel     info

###

### Select the log format

###

# JkLogStampFormat will configure the date/time format found

# on mod_jk logfile. Using the strftime() format string it's

# set by default to "[%a %b %d %H:%M:%S %Y]"

#JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "

###

### JkOptions indicate to send SSL KEY SIZE,

###

# The directive JkOptions allow you to set many forwarding

# options which will enable (+) or disable (-) following option.

#

#

# JkOptions ForwardKeySize , you ask mod_jk, when using ajp13, to

# forward also the SSL Key Size as required by Servlet API 2.3.

# This flag shouldn't be set when servlet engine is Tomcat 3.2.x

# (on by default).

#

#

# JkOptions ForwardURICompat , you told mod_jk to send the URI to

# Tomcat normally, which is less spec compliant but mod_rewrite

# compatible, use it for compatibility with Tomcat 3.2.x engines

# (on by default).

#

#

# JkOptions ForwardURICompatUnparsed , the forwarded URI is unparsed,

# it's spec compliant but broke mod_rewrite.

#

#

# JkOptions ForwardURIEscaped , the forwarded URI is escaped and

# Tomcat (since 3.3 rc2) will do the decoding part.

#

#

# JkOptions ForwardDirectories is used in conjunction with Directory-

# Index directive of Apache web server. As such mod_dir should be

# available to Apache, statically or dynamically (DSO)

#

# When DirectoryIndex is configured, Apache will create sub-requests

# for each of the local-url's specified in the directive, to determine

# if there is a local file that matches (this is done by stat-ing the file).

#

# If ForwardDirectories is set to false (default) and Apache doesn't

# find any files that match, Apache will serve the content of the

# directory (if directive Options specifies Indexes for that directory)

# or a 403 Forbidden response (if directive Options doesn't specify

# Indexes for that directory).

#

# If ForwarDirectories is set to true and Apache doesn't find any

# files that match, the request will be forwarded to Tomcat for

# resolution. This is used in cases when Apache cannot see the index

# files on the file system for various reasons: Tomcat is running on

# a different machine, the JSP file has been precompiled etc.

#

# Note that locally visible files will take precedence over the ones

# visible only to Tomcat (i.e. if Apache can see the file, that's

# the one that's going to get served). This is important if there is

# more then one type of file that Tomcat normally serves - for

# instance Velocity pages and JSP pages.

#

JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories

###

### JkEnvVar forward environment vars

###

# The directive JkEnvVar allow you to forward an environment vars

# from Apache server to Tomcat engine.

#

#JkEnvVar SSL_CLIENT_V_START

###

### JkRequestLogFormat set the request format

###

# JkRequestLogFormat will configure the format of mod_jk individual

# request logging. Request logging is configured and enabled on a

# per virtual host basis. To enable request logging for a virtual

# host just add a JkRequestLogFormat config. The syntax of the

# format string is similiar to the Apache LogFormat command, here

# is a list of the available request log format options:

#

# Options       Description

# %b            Bytes sent, excluding HTTP headers (CLF format)

# %B            Bytes sent, excluding HTTP headers

# %H            The request protocol

# %m            The request method

# %p            The canonical Port of the server serving the request

# %q            The query string (prepended with a ? if a query string exists, otherwise an empty string)

# %r            First line of request

# %s            Request HTTP status code

# %T            Request duration, elapsed time to handle request in seconds '.' micro seconds

# %U            The URL path requested, not including any query string.

# %v            The canonical ServerName of the server serving the request

# %V            The server name according to the UseCanonicalName setting

# %w            Tomcat worker name

#

JkRequestLogFormat "%w %V %T"

###

### JkMount assign specific URLs to Tomcat

###

# JkMount directive assign specific URLs to Tomcat. In general the

# structure of a JkMount directive is:

#

# send all requests ending in .jsp to worker1

#  JkMount /*.jsp worker1

#

# send all requests ending /servlet to worker1

#  JkMount /*/servlet/ worker1

#

# send all requests jsp requests to files located in /otherworker will go worker2

#  JkMount /otherworker/*.jsp worker2

#

#

# You can use the JkMount directive at the top level or inside

# <VirtualHost> sections of your httpd.conf file.

#

# We specify an autoalias, that makes it possible that apache is still

# reponsible for serving static html files. All requests of files with

# the ending .jsp will be redirected to a default Tomcat installation which

# uses the default profile. Change this to fit your needs.

jkAutoAlias /opt/tomcat5/webapps/

jkMount /*.jsp ajp13

## New by Mike below ##

jkMount /manager        ajp13

jkMount /manager/*      ajp13

jkMount /servlet        ajp13

jkMount /servlet/*      ajp13

jkMount /umin           ajp13

jkMount /umin/*         ajp13

jkMount /servlet/webdav.contacts        ajp13

jkMount /servlet/webdav.contacts/*      ajp13

jkMount /servlet/webdav.calendar        ajp13

jkMount /servlet/webdav.calendar/*      ajp13

jkMount /servlet/webdav.ical            ajp13

jkMount /servlet/webdav.ical/*          ajp13

jkMount /servlet/webdav.documents       ajp13

jkMount /servlet/webdav.documents/*     ajp13

jkMount /servlet/webdav.tasks           ajp13

jkMount /servlet/webdav.tasks/*         ajp13

jkMount /servlet/webdav.folders         ajp13

jkMount /servlet/webdav.folders/*       ajp13

jkMount /servlet/webdav.projects        ajp13

jkMount /servlet/webdav.projects/*      ajp13

jkMount /servlet/webdav.groupuser       ajp13

jkMount /servlet/webdav.groupuser/*     ajp13

jkMount /servlet/webdav.attachments     ajp13

jkMount /servlet/webdav.attachments/*   ajp13

jkMount /servlet/webdav.freebusy        ajp13

jkMount /servlet/webdav.freebusy/*      ajp13

jkMount /servlet/webdav.vcard           ajp13

jkMount /servlet/webdav.vcard/*         ajp13

## End new by Mike ##

jkMount /openlaszlo-3.0                 ajp13

jkMount /openlaszlo-3.0/*               ajp13

</IfDefine>

```

sorry for the s**t-long post....

----------

## carpman

Thanks for reply, ok tried your file but get following error:

```

 # /etc/init.d/apache2 restart

 * Stopping apache2...

Syntax error on line 2 of /usr/lib/apache2/conf/modules.d/89_mod_jk2.conf:

Cannot load /usr/lib/apache2/modules/mod_jk.so into server: /usr/lib/apache2/modules/mod_jk.so: cannot open shared object file: No such file or directory                                                                                         [ ok ] * Apache2 has detected a syntax error in your configuration files:

Syntax error on line 2 of /usr/lib/apache2/conf/modules.d/89_mod_jk2.conf:

Cannot load /usr/lib/apache2/modules/mod_jk.so into server: /usr/lib/apache2/modules/mod_jk.so: cannot open shared object file: No such file or directory

```

----------

## bitwh0re

 *carpman wrote:*   

> Thanks for reply, ok tried your file but get following error:
> 
> ```
> 
>  # /etc/init.d/apache2 restart
> ...

 

can you verify the location of mod_jk.so on your computer?  if it's not in /usr/lib/apache2/modules you'll have to modify your mod_jk conf file.  upon further looking, it appears that you're still using mod_jk2.. please use mod_jk instead.

----------

## feliperal

I'm almost there.  I'm getting the messages on my box, but for some reason I get this error message from postfix: 

```
May 25 17:59:14 [postfix/cleanup] E0953D9D5: message-id=<b07d9753050525205472ad7713@mail.gmail.com>

May 25 17:59:14 [postfix/qmgr] E0953D9D5: from=<anonuser@gmail.com>, size=1570, nrcpt=1 (queue active)

May 25 17:59:14 [postfix/smtpd] disconnect from wproxy.gmail.com[64.233.184.192]May 25 17:59:14 [postfix/local] fatal: open database /etc/mail/aliases.db: No such file or directory

May 25 17:59:15 [postfix/master] warning: process /usr/lib/postfix/local pid 15653 exit status 1

May 25 17:59:15 [postfix/master] warning: /usr/lib/postfix/local: bad command startup -- throttling         
```

How do I generate a aliases.db in postfix?  I really wish that qmail would work with OX since I run two other mail servers using it for several years  :Smile: 

Thanks,

Felipe

----------

## feliperal

 *feliperal wrote:*   

> I'm almost there.  I'm getting the messages on my box, but for some reason I get this error message from postfix: 
> 
> ```
> May 25 17:59:14 [postfix/cleanup] E0953D9D5: message-id=<b07d9753050525205472ad7713@mail.gmail.com>
> 
> ...

 

This fixed the /etc/mail/aliases.db problem 

```
 # newaliases
```

But, now I have a problem with permissions of the lmtp socket: 

```
May 25 18:15:20 [postfix/lmtp] 9769ADA17: to=<anonuser@gentoobox.org>, relay=none, delay=0, status=deferred (connect to /var/imap/socket/lmtp[/var/imap/socket/lmtp]: Permission denied) 
```

What permissions and to whom should I set ownership of the /var/imap/socket/lmtp?  Shouldn't it be root:cyrus?

Thanks for all your help,

Felipe

----------

## carpman

 *bitwh0re wrote:*   

>  *carpman wrote:*   Thanks for reply, ok tried your file but get following error:
> 
> ```
> 
>  # /etc/init.d/apache2 restart
> ...

 

thanks for reply, can report there is no mod_jk.so on box, nither is there a mod_jk2.so. Am  going to try emerging mod _jk again

cheers

----------

## carpman

Ok sorted mod_jk issue but now have error on creating user:

```

ldap_bind: Invalid credentials (49)

LDAP Success

SQL Error

Deleting User from LDAP

ldap_bind: Invalid credentials (49)

ldap_bind: Invalid credentials (49)

```

Have gone through howto to make sure i have not missed something and all seems ok!

any pointers ?

cheers

----------

## carpman

 *carpman wrote:*   

> Ok sorted mod_jk issue but now have error on creating user:
> 
> ```
> 
> ldap_bind: Invalid credentials (49)
> ...

 

Ok seems this is password problem, rechecked passwords and found error change this but still getting error, is there something i need to do to sync passwords?

Also in howto there is ref to ldap password and openldap password, shoudl these be the same password?

cheers

----------

## feliperal

[quote="feliperal"] *feliperal wrote:*   

> 
> 
> This fixed the /etc/mail/aliases.db problem 
> 
> ```
> ...

 

Bitwhore, I was able to make the mail transport work by making sure these two lines were uncommented in my /etc/postfix/main.cf:

```
mailbox_transport = lmtp:unix:/var/imap/socket/lmtp

mailbox_transport = cyrus 
```

Also, a correction needs to made for the correct path to the Cyrus delivery binary located in /usr/lib/cyrus/deliver not /cyrus/bin/deliver.  Here is the correction I made to /etc/postfix/master.cf:

from:

```
# The Cyrus deliver program has changed incompatibly, multiple times.

#

old-cyrus unix  -       n       n       -       -       pipe

  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}

# Cyrus 2.1.5 (Amos Gouaux)

cyrus     unix  -       n       n       -       -       pipe

  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
```

to:

```
#

# The Cyrus deliver program has changed incompatibly, multiple times.

#

old-cyrus unix  -       n       n       -       -       pipe

  flags=R user=cyrus argv=/usr/lib/cyrus/deliver -e -m ${extension} ${user}

# Cyrus 2.1.5 (Amos Gouaux)

# Also specify in main.cf: cyrus_destination_recipient_limit=1

cyrus     unix  -       n       n       -       -       pipe

  user=cyrus argv=/usr/lib/cyrus/deliver -e -r ${sender} -m ${extension} ${user}
```

After making these corrections and reloading the postfix daemon everything works like a champ.  I'm still getting those darn ldap access errors when I try to add a contact.  Bitwhore, did you add some ACL definitions inside of your /etc/openldap/ldap.conf file?

Also, I had tried previously to install OX on the amd64 architecture.  Unfortunately, i never could get the thing running because Cyrus SASL authentication borked on me, eventhough I had ldap authentication compiled right in.  I believe some of the dependencies of SASL don't work well in 64-bit mode quite yet. In addition, the blackdown compiler is kind ancient and did not work will with compiling some of the packages.  If any amd64 users could kindly incate all the packages they used for this install and which JVM so I could make a package.keywords file for this install, I'd really appreciate.

Thanks,

Felipe

----------

## carpman

 *carpman wrote:*   

> Ok sorted mod_jk issue but now have error on creating user:
> 
> ```
> 
> ldap_bind: Invalid credentials (49)
> ...

 

----------

## dashnu

Guys I am getting closer to the point were I upgrade / re-install my 7.5 system. I have helped many people out in this thread now it is your turn to help me!  :Smile:   A simple question really. 

More or less I hate macs. They do not support common things in there apps like SSL and that is just insane. Tiger might but Tiger broke every VPN server except for OSX server and one other one.  That is just the tip of the iceburg. So i can not believe i am going to say this but I am pushing our three Mac users to "make the switch" to WINDOWS  :Shocked: 

One of of my selling point is OXLOOK. So I would love some feedback on how it currentlly works with the most recent versions OX server.  Does everything work?  Will it appear to my windows users that we are on a "Exchange" server? Is it that nice? And any other info you want to share with me would be great.

ONO

----------

## carpman

 *carpman wrote:*   

>  *carpman wrote:*   Ok sorted mod_jk issue but now have error on creating user:
> 
> ```
> 
> ldap_bind: Invalid credentials (49)
> ...

 

Ok still have problems though this time it is:

```

ldap_bind: Can't contact LDAP server (81)

LDAP Success

SQL Error

Deleting User from LDAP

ldap_bind: Can't contact LDAP server (81)

ldap_bind: Can't contact LDAP server (81)

```

Ok have a question on passwords, should the password in admintools.conf be the same as in slapd.conf? if so should it be the crypted or uncrypted version?

cheers

----------

## dashnu

I never got it to work with a crypt password in admintools.conf. Things may be different on the new versions though.

----------

## carpman

ok found following in repeated logs:

```

conn=45 fd=13 ACCEPT from IP=192.168.1.4:32899 (IP=0.0.0.0:389)

May 27 16:03:13 office slapd[24961]: conn=45 op=0 BIND dn="cn=Manager,dc=mydomain,dc=co,dc=uk" method=128

May 27 16:03:13 office slapd[24961]: conn=45 op=0 RESULT tag=97 err=49 text=

```

and these

```

 office sshd[8951]: Server listening on :: port 22.

May 27 20:33:05 office sshd[8951]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.

May 27 20:33:09 office saslauthd[10819]: detach_tty      : master pid is: 10819

May 27 20:33:09 office saslauthd[10819]: ipc_init        : listening on socket: /var/lib/sasl2/mux

May 27 20:33:13 office su(pam_unix)[11154]: session opened for user postgres by (uid=0)

May 27 20:33:13 office su(pam_unix)[11154]: session closed for user postgres

May 27 20:33:17 office slapd[11268]: sql_select option missing

May 27 20:33:17 office slapd[11268]: auxpropfunc error no mechanism available

May 27 20:33:17 office slapd[11268]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

```

```

May 27 20:33:18 office slapd[11269]: bdb_db_open: dbenv_open failed: Permission denied (13)

May 27 20:33:18 office slapd[11269]: backend_startup: bi_db_open(0) failed! (13)

May 27 20:33:18 office slapd[11269]: bdb(dc=mydomain,dc=co,dc=uk): txn_checkpoint interface requires an environment configured for the transaction subsystem

May 27 20:33:18 office slapd[11269]: bdb_db_destroy: txn_checkpoint failed: Invalid argument (22)

May 27 20:33:18 office slapd[11269]: slapd stopped.

May 27 20:33:18 office slapd[11269]: connections_destroy: nothing to destroy.

```

cheers

----------

## hybrid256

Hi,

Well, my OX 0.8.0 is working quite well, I am now trying to tweak it a little for my needs.

I wanted to connect Mozilla Sunbird (using ical) or tried to reach documents on the server but whenever I try, I get this error message :

 *Quote:*   

> 
> 
> type Exception report
> 
> message
> ...

 

any idea ?

I tried to add a user called "walid" in the system but this didn't solved the problem.

I'm clueless.

Thanks.

----------

## ferp2

 *hybrid256 wrote:*   

> I tried to add a user called "walid" in the system but this didn't solved the problem.
> 
> I'm clueless.

 The error is stating that you already have a user named "walid" who does not belong to any group. Therefore you will have to create a group and add walid to it.

I ran into the same problem, however, when I tried to add a new group, I got the following:

```
cd /usr/local/open-xchange/sbin

./addgroup_ox --group="test"

ldap_bind: Invalid DN syntax (34)

        additional info: invalid DN

Added Group test to LDAP
```

Of course, nothing was added to LDAP. This ugly little problem has cropped again since I upgraded to the latest OX version. I'm having the same problem when trying when trying to add a new user:

```
./adduser_ox --username="billy" --passwd="xxxxx" --name="Billy" --sname="Jones" --maildomain="billyjones.com" --ox_timezone="EST"

ldap_bind: Invalid DN syntax (34)

        additional info: invalid DN

LDAP Success

SQL Success
```

If anyone has any suggestions, please tell me.

Thanks

----------

## ferp2

OK, never mind my whining about LDAP, turns out I put a "-" instead of a "=" in the ./configure portion of installing OX.

----------

## hybrid256

 *ferp2 wrote:*   

>  *hybrid256 wrote:*   I tried to add a user called "walid" in the system but this didn't solved the problem.
> 
> I'm clueless. The error is stating that you already have a user named "walid" who does not belong to any group. Therefore you will have to create a group and add walid to it.
> 
> I ran into the same problem, however, when I tried to add a new group, I got the following:
> ...

 

I found the way !

Well, adding a user don't link it to any group, you have to do it manually using addusertogroup_ox like this : 

addusertogroup_ox --user="<user>" --group="users"

The "users" group is created by default and every user should be created linked to that group.

After that, using ical sync or even webdav documents works like a charm and this is really great, I can mount a web share, I can sync Sunbird without any problem, everything is perfect, the only thing I encounter some problems now is the address book.

Here is an error when I try to add a contact to my private contact list (not the global one) :

 *Quote:*   

> 
> 
> Le contact a bien été créé dans la base de données \nmais n'a pu être inséré dans l'annuaire LDAP : Naming err in ContactLdap javax.naming.NoPermissionException: [LDAP: error code 50 - no write access to parent]; remaining name 'uid=50,ou=addr,uid=walid,ou=Users,ou=OxObjects'
> 
> 

 

Which means : "the contact has correctly been added to the database but could not be inserted in the LDAP diary" ... any help ?

Please ... there are very few things now to complete and I'll kick Exchange's ASS !!!   :Twisted Evil: 

----------

## bitwh0re

 *hybrid256 wrote:*   

>  *Quote:*   
> 
> Le contact a bien été créé dans la base de données \nmais n'a pu être inséré dans l'annuaire LDAP : Naming err in ContactLdap javax.naming.NoPermissionException: [LDAP: error code 50 - no write access to parent]; remaining name 'uid=50,ou=addr,uid=walid,ou=Users,ou=OxObjects'
> 
>  
> ...

 

Looks like OpenLDAP is either running into a filesystem permissions issue, or an ACL issue in the LDAP tree.

----------

## hybrid256

 *bitwh0re wrote:*   

> 
> 
> Looks like OpenLDAP is either running into a filesystem permissions issue, or an ACL issue in the LDAP tree.

 

I just religiously followed the howto ... do you encounter such problems yourself ?

Or do you have any idea on how I could correct this ?

Now everything is working so well, this is the last annoying bit, I even managed to make webmail check works (thanks again for the howto) with the french dictionary.

About that last point, here are some suggestions to complete this great "holly bible" :

- about spell check, you should say in the howto that, for installing the good dictionary, the easiest way is to do "emerge ispell-xx" where xx is the code for your country (ispell-fr for french, ispell-de for german, ispell-es for spanish ...) and you can have the complete list of supported country by typing "emerge --search ispell-"

Explanations on how to modify the xml file could be developped a bit more, I'll send you some additions if you wish.

Anyway, my french dictionary is working very well now but the -Tlatin1 doesn't work with it and that means that it doesn't work correctly whith accentuated characters, I tried -Tunicode and -Tutf8 but it doesn't work  :Sad: 

- I'd love to see some more explanations about the "LDAP ACL" section ... I didn't really understand the purpose. What is it for ?

In general, I'd love to see some explanations on the purpose of those "addons", some are self explanatory (like CLAM or spell check) but some are not (like LDAP ACL)

- I'd love to see some more added functionalities like spam protection,  multiple domains, aliases, some administration articles (how to add a user, set some options, ... well, just to do it simply with all the steps necessary)

This document is really wonderfull and could easily replace any official "user guide" if it was just completed a little.

Sorry, I'm talking too much and I might ask for a dream but this is just because I'm so enthousiast with this thing !

Just to let you know, I began a french translation of the document, I'll send it to you as soon as it is finished.

A++

----------

## ferp2

I seem to be stuck trying to get Sunbird working with OX. To get Sunbird to work with OX, I goto Tools/Subscribe to Remote Calendar. First I give Calendar session a name -- Test; then I enter the location as in https://mydomain.com or https://mydomain.com/servlet/webdav.ical. In either case nothing happens. In Sunbird on the left hand side below the menubar, you'll find 2 tabs, one is "Calendar" and the other is "Calendars". When I switch to the "Calendars" tab, I see My Calendar with a checkmark and the new one I created ("Test") with a little red arrow turning around and around. I guess that means it's trying to download something but in my case it's not succeeding. Anyway, if I right click on the Test calendar that I created and then select Edit Calendar, I see that it wants to create a Calendar Data File, as in:

 *Quote:*   

> /home/user/.mozilla/sunbird/default.jtu/Calendar/CalendarDataFile1.ics

 

The file, however, never gets created, so I have to stop the procedure from Sunbird.

Anyway, I'm wondering if the problem has to do with the fact that Sunbird can't deal with SSL. So, I'm wondering if anybody has succeeded in accessing OX with Sunbird over https.

Thanks.

----------

## feliperal

 *hybrid256 wrote:*   

>  *bitwh0re wrote:*   
> 
> Looks like OpenLDAP is either running into a filesystem permissions issue, or an ACL issue in the LDAP tree. 
> 
> I just religiously followed the howto ... do you encounter such problems yourself ?
> ...

 

Hybrid256, I would first make sure that all the files in /var/lib/openldap-data belong to owner and group: ldap:ldap 

```
 chown -R ldap:ldap /var/lib/openldap-data/*
```

Next, try these ACL.  They differ alittle bit from bitwhore's, but I was able to solve that error with these: 

```
access to dn.base="" by * read

access to dn.base="cn=Subschema" by * read

# protect the userPassword attribute

access to attr=userPassword

  by self =w

  by anonymous auth

# global address book

access to dn.subtree="o=AddressBook,ou=OxObjects,dc=example,dc=org"

  by group.exact="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=example,dc=org" write

  by users read

# personal address book 

access to dn.regex="^ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,dc=example,dc=org)$" attrs=children

  by dn.regex="$1" write

access to dn.regex="^uid=([^,]+),ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,dc=example,dc=org)$" attrs=entry

  by dn.regex="$2" write

# default rule allowing users full access to their own entries

access to *

    by self write

    by users read

```

Good Luck,

Felipe

----------

## linuxholgi

Thats my problem:

```
ox_test root # emerge dev-java/ant

Calculating dependencies ...done!

>>> emerge (1 of 8) dev-java/javacup-0.10k to /

>>> md5 files   ;-) javacup-0.10k.ebuild

>>> md5 files   ;-) ChangeLog

>>> md5 files   ;-) metadata.xml

>>> md5 files   ;-) files/digest-javacup-0.10k

>>> md5 src_uri ;-) java_cup_v10k.tar.gz

>>> Unpacking source...

>>> Unpacking java_cup_v10k.tar.gz to /var/tmp/portage/javacup-0.10k/work

>>> Source unpacked.

xargs: jar: No such file or directory

>>> Test phase [not enabled]: dev-java/javacup-0.10k

>>> Install javacup-0.10k into /var/tmp/portage/javacup-0.10k/image/ category dev-java

install: cannot stat `javacup.jar': No such file or directory

!!! ERROR: dev-java/javacup-0.10k failed.

!!! Function java-pkg_dojar, Line 185, Exitcode 1

!!! javacup.jar not found

!!! If you need support, post the topmost build error, NOT this status message.

```

First emerge told me it was unable to find javac. I added the /opt/sun-jdk/bin directory to my path and was able to invoke javac on the commandline without any trouble. Next thing I did was a symbolic link from the /opt/sun... folder to /bin/javac. Now it is able to find javac but fails at this point. 

Any Ideas?

--Holger

----------

## Arkanjo

Hey guys,

I got all working thanks to bitwh0re howto  :Wink: 

But now I wonder how are you guys managing the users?

What tools besides the ones from OX are you using to create or modifing users?

I took a look at http://www.web-cyradm.org for the IMAP part but i still can't make it work.

any thoughts?

regards,

----------

## hybrid256

Setting up users is quite easy after you did everything correctly following the howto but there are a few steps you'll have to follow :

1) add the user in OX : /usr/local/open-xchange/sbin/adduser_ox (use --help to see the parameters needed)

2) create the mailbox like this : cyrusadm (enter the password as described in the HOWTO) then type cm.<user> where <user> is the username you used with adduser_ox

3) add you created user to a group (the default group is "users" but you can create as many groups as you like)

   /usr/local/open-xchange/sbin/addusertogroup_ox --user=john --group=users

You MUST add the user to a group if you want everything to work correctly under Open Xchange, this is a part which is not mentionned in the HOWTO but this is necessary.

When you create a user using adduser_ox, the user is NOT affected to any group (at least, not with 0.8.0.0) so you have to do it manually.

That's all, have fun.

----------

## plut0

Anyone know if Open-Xchange works with mysql yet?  I see it in the ebuild now.

----------

## xunil

So I followed the OX on Gentoo guide at http://www.mikefetherston.ca/OX/html/index.html but haven't done any of the extensions yet.  Everything appears to be working until I try to log in.  Logging in appears to work fine, but when I get redirected I get a blank browser window.  There's nothing in view source.  When I try to hit any of the OX servlets, I get the blank page, but I can hit the manager through Apache or Tomcat directly, it comes up normally.  I've considered a configuration error, but triple-checking seems to indicate that everything is, in fact, correct.  Anyone have any ideas?

----------

## Arkanjo

Check your OX logs, here is a good place to start debuging:

http://www.open-xchange.org/oxwiki/TroubleShootingTips

----------

## xunil

Well I got it working (it wasn't finding the Postgresql JAR), but now when I try to go to any of the appointments, tasks, calendars, etc. tabs I get a Permission denied notice that reads " You don't have the permission to access this page."  Webmail doesn't work, but I knew it wouldn't -- anyone know how to tell Open-Xchange to use an IMAP server on a different host?

----------

## cy_

 *Arkanjo wrote:*   

> 
> 
> I got all working thanks to bitwh0re howto 
> 
> But now I wonder how are you guys managing the users?
> ...

 

http://www.flatmtn.com/computer/Linux-LDAP.html#LdapGeneral-3

as far as i see it, you just need to --enable-sql

add some config stuff and youre done.. i havent tried to do that yet but i will soon and post a progress-report here  :Wink: 

yes, thanks bitwh0re for your great tutorial.. 

but concering the latest changes on http://www.mikefetherston.ca/OX/html/index.html

why do you use mod_jk and not mod_jk2 ?! .. 

cheers  :Smile: 

----------

## bitwh0re

 *cy_ wrote:*   

> 
> 
> yes, thanks bitwh0re for your great tutorial.. 
> 
> but concering the latest changes on http://www.mikefetherston.ca/OX/html/index.html
> ...

 

You're welcome!  I have to thank for taking the time to try it out!  I use mod_jk because mod_jk2 has been removed from the portage tree as well as been deprecated by the developers that work on it.

Mike.

PS>  I must apologize for not participating lately in the forum here.  It's summertime after all and this geek has to work on his tan!!  :Smile: 

----------

## vorel

Hi

I tried to follow up instructions posted in past by ulwur :

****************

In phpldapadmin I added alias attributes on the users

I added this to my postfix's main.cf

virtual_maps = ldap:ldapsource

ldapsource_query_filter = (|(mail=%s)(alias=%s))

********************

Since that time I am able to see in the list and change email address from which are the e-mails going from. 

But still, I am able to receive mails just to e-mail address "ldap_UID"@mydomain.com. When I send email to alias email I can see  in postfix log:

postfix/lmtp[8621]: 8C92818630C: to=<my_alias@mydomain.com>, relay=/var/imap/socket/lmtp[/var/imap/socket/lmtp], delay=0, status=bounced (host /var/imap/socket/lmtp[/var/imap/socket/lmtp] said: 550-Mailbox unknown.  Either there is no mailbox associated with this 550-name or you do not have authorization to see it. 550 5.1.1 User unknown (in reply to RCPT TO command))

Can you please help?

Thanks,

Ondrej.

----------

## rickvernam

I hope I'm not being repetitive here, but what all do I have to do to change the Postgres port used throughout?

I can't use 5432 anymore...

Thanks,

-Rick

----------

## rickvernam

 *rickvernam wrote:*   

> I hope I'm not being repetitive here, but what all do I have to do to change the Postgres port used throughout?
> 
> I can't use 5432 anymore...
> 
> Thanks,
> ...

 

well, I just upgraded to 0.8.0-4

added 

```
--with-dbhost=localhost:5431
```

 to the ./configure options

did the trick just fine...

----------

## Hibbelharry

hey guys,

i did the following to assign incoming email aliases to mailboxes not in ldap, see /etc/postfix/main.cf:

alias_maps = hash:/etc/aliases,ldap:ldapsource

after inserting this you can insert lines there like:

incoming_alias receiver_mailbox_name

when you use a default setup of OX don't add the domain in that lines anywhere. after saving the file don't forget to convert it to a postfix db file using postmap command.

greetz from Bremen, Northern Germany

Hibbelharry

----------

## lxnay

how can I train spamassassin in a fully working Open-Xchange environment? How can I pass to spamassassin an IMAP directory to scan? I've some problems because most spam get a low score and it isn't blocked by spamassassin.

The next thing is... there are some problems when you upgrade sun-jdk, we should use:

```
export JAVA_HOME=`java-config -O`

```

and then use it in ./sbin/add* bash scripts.

Anyone have problems with tomcat that doesn't really start at boot?

I've to restart it manually, at init time, it starts, then it stops again without bashing for errors...

a catalina.sh bug? If I restart it from an xterm, everything work perfectly...

----------

## aphex

After reading through this thread and the howto, I have gotten everything installed and appears to be running.  When I get to the login screen and enter the usename and password that I created, I get the following:

Can not build up socket!

SessionD running?

Of course I have checked for errors in my log files, and have found none, and all sessiond/groupware/webmail scripts have/are running successfully.  Any advice or help would be appreciated.

----------

## rickvernam

My biggest problem getting it to start the first time was that I had not done the following:

/usr/local/open-xchange/etc/init.d/groupware 

 sudo -u $USER $OX_BIN >> $LOGFILE 2>&1 &

 #su $USER -s /bin/bash $OX_BIN >> $LOGFILE 2>&1 & 

/usr/local/open-xchange/etc/init.d/sessiond 

 sudo -u $USER $OX_SESSIOND_BIN >> $LOGFILE 2>&1 &

 #su $USER -s /bin/bash $OX_SESSIOND_BIN >> $LOGFILE 2>&1 & 

/usr/local/open-xchange/etc/init.d/webmail 

 sudo -u $USER $OX_BIN >> $LOGFILE 2>&1 &

 #su $USER -s /bin/bash $OX_BIN >> $LOGFILE 2>&1 &

have you double checked those?

----------

## aphex

I have the same sudo lines in each init script, and each appears to be starting correctly.  As part of my troubleshooting I launched each from separate terminals so I could see what was going on.  Throughout this issue, each runs, but nothing happeds when I attempt to login.

I am wondering if this may be caused by a problem with saslauthd or slapd.  When I try to issue 

ldapsearch -D "cn=Manager,dc=airxcel,dc=com" -W

After I enter my password, I get the following response from stdout

ldap_sasl_interactive_bind_s: No such object (32)

And this shows up in my /var/log/messages

Jul 20 08:50:54 ox slapd[7851]: conn=31 fd=12 ACCEPT from IP=123.2.1.253:35041 (IP=0.0.0.0:389)

Jul 20 08:50:54 ox slapd[7930]: conn=31 op=0 SRCH base="" scope=0 filter="(objectClass=*)"

Jul 20 08:50:54 ox slapd[7930]: conn=31 op=0 SRCH attr=supportedSASLMechanisms

Jul 20 08:50:54 ox slapd[7930]: conn=31 op=0 RESULT tag=101 err=0 text=

Jul 20 08:50:54 ox slapd[7851]: conn=31 fd=12 closed

Maybe I am misunderstanding how this is supposed to work, but I am also unable to connect to my ldap server with phpldapadmin.Last edited by aphex on Wed Jul 20, 2005 6:49 pm; edited 1 time in total

----------

## rickvernam

nothing in the tomcat logs either (/var/log/tomcat5) ?

----------

## aphex

Nothing unusual, and no errors are in tomcats logs.  I can login to the management interface and see all the umin and webdav items started.

----------

## bhalter

Has anyone gotten OX working with an IMAPS server? I'd like to only use IMAPS and turn off IMAP.  I can't get OX to work with --enable-ssl in the comfigure because sessiond fails to start on an error about oxssl missing.

--Bryan

----------

## heinzg

Hi there

I am stuck with the following and I hope that someone can help with it.

After configuring Cyrus and SASL http://www.mikefetherston.ca/OX/html/index.html#24

I tested the configuration with 

 *Quote:*   

> telnet myhost imap

 

and recieved the following 

 *Quote:*   

>  telnet myhost imap
> 
> Trying 192.168.0.xx...
> 
> telnet: Unable to connect to remote host: Connection refused
> ...

 

I then recycled the cyrus with 

```
/etc/init.d/cyrus restart
```

and got the following error 

 *Quote:*   

>  * Stopping cyrus imapd ...
> 
> start-stop-daemon: warning: failed to kill 7240: No such process                                                       [ !! ]

 

I then checked the with 'ps' if it was running but it was not, but found the following in the logs

 *Quote:*   

> ctl_cyrusdb[7262]: recovering cyrus databases
> 
> Aug  8 18:25:57 myhost ctl_cyrusdb[7262]: skiplist: recovered /var/imap/mailboxes.db (0 records, 144 bytes) in 0 seconds
> 
> Aug  8 18:25:57 myhost ctl_cyrusdb[7262]: skiplist: recovered /var/imap/annotations.db (0 records, 144 bytes) in 0 seconds
> ...

 

I checked /etc/services for "imaps" and this is all that is in there

 *Quote:*   

> 
> 
> imaps           993/tcp                         # imap4 protocol over TLS/SSL
> 
> imaps           993/udp
> ...

 

Any ideas?

Thanx in advance

heinzg

----------

## heinzg

hi there,

I found the problem in /etc/cyrus.conf

I had the line  *Quote:*   

> imaps         cmd="imapd -s" listen="imaps" prefork=0

  twice.

Fixed and working

----------

## bitwh0re

 *bhalter wrote:*   

> Has anyone gotten OX working with an IMAPS server? I'd like to only use IMAPS and turn off IMAP.  I can't get OX to work with --enable-ssl in the comfigure because sessiond fails to start on an error about oxssl missing.
> 
> --Bryan

 

--enable-ssl is only for interprocess communication within the OX daemons (webmail, sessiond, groupware).

IMAPS may not be possible judging by this email from sept 2004:

http://article.gmane.org/gmane.comp.cms.open-xchange.general/234

might be worth asking the OX devs again.

----------

## trashcity

hello

me english is not so good

i have a problem with initializ the postgres db

```
postgres@mail ~ $ /usr/local/open-xchange/sbin/dbinit_ox 

/usr/local/open-xchange/sbin/dbinit_ox: line 15: /usr/local/open-xchange/etc/admintools.conf: Permission denied 

/usr/local/open-xchange/sbin/dbinit_ox: line 27: -h: command not found 

postgres@mail ~ $
```

so wath kan i du?

----------

## olli.bo

Hello....

Did anyone get webdav completely workling yet?

I can get the webdav.ical with kontact but the descriptiones are not there. I can't  write on the webdav.ical too. 

As I understood until now, the rights are set in the /opt/tomcat5/webapps/servlet/WEB-INF/web.xml.

I use the file from http://www.mikefetherston.ca/OX/html/.

What do I have to do to change the rights?

----------

## bitwh0re

 *trashcity wrote:*   

> hello
> 
> me english is not so good
> 
> i have a problem with initializ the postgres db
> ...

 

run that command as root.

----------

## heinzg

Hi there!

Ok i am still stuck with the section http://www.mikefetherston.ca/OX/html/index.html#36

I run the following 

```
/usr/local/open-xchange/sbin/adduser_ox --username="heinzg" --passwd="heinzg" --name="heinz" --sname="user" --maildomain="mydomain.de" --ox_timezone="Europe/Berlin"
```

and get the following return on the prompt *Quote:*   

> Undefined ERROR - LDAP CODE implementation specific
> 
> See LDAP Log for Details!

 

I did see a post earler where  "lxnay" had the same / or rather similar error. https://forums.gentoo.org/viewtopic-t-233291-postdays-0-postorder-asc-start-400.html

I then back tracked to and also did as "lxnay"  *Quote:*   

> I had to put a clear password in admintools.conf

 

What i did was I changed all entries of "ldapsecretpassword" that are mentioned in the howto i.e.

 *Quote:*   

> 
> 
> ```
> 
> /etc/saslauthd.conf
> ...

 

in the logs the following is to be found ( i did a reboot ) and re-run the  adduser_ox command.

 *Quote:*   

> 
> 
> Aug 17 21:31:16 gentoo_host slapd[7737]: conn=28 fd=9 ACCEPT from IP=192.168.0.10:41287 (IP=0.0.0.0:389)
> 
> Aug 17 21:31:16 gentoo_host slapd[7737]: conn=28 op=0 BIND dn="cn=Manager,dc=mydomain.de,dc=de" method=128
> ...

 

I then tried to delete the user with 

```
usr/local/open-xchange/sbin/deluser_ox --username="heinz" 

No such User
```

in the logs at the same time 

 *Quote:*   

> 
> 
> Aug 17 21:34:43 gentoo_host slapd[7737]: conn=34 fd=9 ACCEPT from IP=192.168.0.10:60715 (IP=0.0.0.0:389)
> 
> Aug 17 21:34:43 gentoo_host slapd[7737]: conn=34 op=0 BIND dn="cn=Manager,dc=mydomain.de,dc=de" method=128
> ...

 

What I did see during the reboot is that the "saslauthd" printed lots of text to the console i.e. 

 *Quote:*   

> 
> 
> option information:
> 
>   -a <authmech>  Selects the authentication mechanism to use.
> ...

 

And it don't seem to be running at all, as i can't find it with 

```
ps -ef | grep saslauthd
```

I did the 

```
saslauthd -v

saslauthd 2.1.20

authentication mechanisms: getpwent rimap shadow ldap

```

all the steps in the howto worked fine up in till the adduser_ox command.

can someone help with this ??

I will buy the person a real Bavarian beer (or 2 ) who helps me solve this one !! ( i will also post it any where it needs to go)

Cheers

Heinzg

----------

## elKano

Hello.

I have spent some too long time trying to install Open-Xchange on our server. Thanks to this excellent howto, I am almost there.

I just have a couple of problems, which, I think, are related:

Webmail gives only this message:

```
WebMail - OPEN-XCHANGE 0.8.0-5

!!! SYSTEM - ERROR !!!

```

And the following log shows up in the webmail.log:

 *Quote:*   

> 
> 
> AuthentificationFailedException in FolderSettings/loadFolder
> 
> Unable to authentificate user at the imap server.
> ...

 

I know this error has been reported before, but I can not seem to find a working solution...

The other error shows up when trying to save a modified user setup:

```

 ERROR!Could not store input to the directory!Details:

javax.naming.NoPermissionException: [LDAP: error code 50 - Insufficient Access Rights]; remaining name 'uid=test,ou=Users,ou=OxObjects,dc=juno,dc=w95'

```

I think both problems are related to some identification misconfiguration, but I can not find where.

Any help would be much appreciate...

----------

## Dark_Hunter

 *bhalter wrote:*   

> Has anyone gotten OX working with an IMAPS server? I'd like to only use IMAPS and turn off IMAP.  I can't get OX to work with --enable-ssl in the comfigure because sessiond fails to start on an error about oxssl missing.
> 
> --Bryan

 

the "--enable-ssl"-flag turns on encryptet communication between OX-components.

----------

## Dark_Hunter

A new ebuild to bugs.gentoo.org: https://bugs.gentoo.org/show_bug.cgi?id=62197 was added for the new OX-release.

----------

## bitwh0re

 *heinzg wrote:*   

> 
> 
> What I did see during the reboot is that the "saslauthd" printed lots of text to the console i.e. 
> 
>  *Quote:*   
> ...

 

It looks like all is well with your saslauthd except that you  may have a typo (more than likely a missing space) in your /etc/conf.d/saslauthd.  It should look like this:

```

#SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam"

SASLAUTH_MECH=ldap

SASLAUTHD_OPTS="-a ${SASLAUTH_MECH}"

```

I've got a feeling that you don't have the space after the -a.

----------

## bitwh0re

Please read here for how to use Virtual Domains with OX:

https://forums.gentoo.org/viewtopic-t-371116-highlight-.html

----------

## cpunchin

 *Quote:*   

> 
> 
> ```
> WebMail - OPEN-XCHANGE 0.8.0-5
> 
> ...

 

I had this problem last night due to the power failure thanks to hurricane Katrina  :Mad: 

It turned out that my ldap db got corrupted. Please make sure that these account(s) have been created into cyrus. If so, then:

1. Stop slapd. If you get errors (!!), then kill the process. that happened to me.

2. Do a db4.2_recover -v from within the /var/lib/openldap-data/ directory.

3. Restart ldap.

In my case, my log.000000001 file was corrupted. I renamed it to log.00000001.bak and ran a db4.2_recover -c 

The recover -v was unable to fix it in my case.

Please let us know how you did... 

 :Idea: 

----------

## elKano

Actually, I just found the problem. I just feel plain stupid. In one of the config files, there was a missing 'd': ldap_bin_pw instead of ldap_bind_pw.

And my other problem, I have found on the open-xchange official forum, is a problem of permissions set by slapd.conf. I have right now them set a bit too large (all rights to everyone), but it works. I just need to limit them step by step.

My only big problem right now is sending mail. It did work when I set up Postfix, I remember, but now mail just keeps being queued (they all show up in 'mailq' and 'postqueue -f' does nothing) with the following message:

```
(connect to /var/imap/socket/lmtp[/var/imap/socket/lmtp]: Permission denied)
```

However:

```
wxrwxrwx  1 root root 0 Aug 29 13:58 /var/imap/socket/lmtp
```

If, in /etc/postfix/main.cf, I comment line 'mailbox_transport = lmtp:unix:/var/imap/socket/lmtp' and uncomment 'mailbox_transport = cyrus', mails seem to be sent, but they actually just disappear (never received).

However, this is more of a postfix problem, not Open-Xchange. I will see if I manage to correct this today.

Thanks.

----------

## cpunchin

 *Quote:*   

> 
> 
> If, in /etc/postfix/main.cf, I comment line 'mailbox_transport = lmtp:unix:/var/imap/socket/lmtp' and uncomment 'mailbox_transport = cyrus', mails seem to be sent, but they actually just disappear (never received).
> 
> However, this is more of a postfix problem, not Open-Xchange. I will see if I manage to correct this today.
> ...

 

Seems that your ISP blocking port 25. Most residential DSL ISP's have port 25 blocked.

----------

## empunkt

Hello,

i followed mike's guide. Everything worked good so far. Tanks a lot!

OX compiled, Ldap configured an runnig, Postgres, postfix, courier, apache1.

But i got stuck on tomcat.

merged, configured, copied ox .jar files. Tomcat is running. Manager ist working.

When i try to enter http://192.168.22.1:8080/servlet/intranet just nothing happens.. wating for answer... then.. nothing.

An http://192.168.22.1:8080/servlet/ results in Directory Listing For / ... what is empty

In the Tomcat Manager i see

/  Welcome to Tomcat

  /admin  Tomcat Administration

  /balancer

  /manager  Tomcat Manager Application

  /servlet  Open-Xchange Servlets and WebDAV

  /umin  Open-Xchange

  /webdav  Webdav Content Management

Im not familar with tomcat at all. May anyone give me a hint?

kind regards,

Julian

----------

## nife

 *empunkt wrote:*   

> Hello,
> 
> i followed mike's guide. Everything worked good so far. Tanks a lot!
> 
> OX compiled, Ldap configured an runnig, Postgres, postfix, courier, apache1.
> ...

 

I am in much the same state right now  :Sad: 

get a 404 error.. blah

----------

## Dark_Hunter

Hmm you should just copy the servlet.war (this file has also the webdav in it) and the umin.war in the tomcat5/webapps-path (make sure you've compiled it with webdav-support)

You could also try the ebuild from the bugzilla:

https://bugs.gentoo.org/show_bug.cgi?id=62197&action=View

This should help you and is easy to use. If you encounter any problems please post it here.

----------

## empunkt

Hi,

servlet.war and umin.war, are in the webapp directory as they should.

ox was compiled with webdav support.

I did the make myself with

./configure --enable-webdav --enable-doc --with-mailjar=/usr/share/sun-javamail-bin/lib/mail.jar --with-activationjar=/usr/share/sun-jaf-bin/lib/activation.jar --with-jdomjar=/usr/share/jdom-1.0/lib/jdom.jar --with-xercesjar=/usr/share/xerces-2/lib/xercesImpl.jar --with-jsdkjar=/opt/tomcat5/common/lib/servlet-api.jar --with-jdbcjar=/usr/share/jdbc3-postgresql/lib/jdbc3-postgresql.jar --with-dbname=openexchange --with-dbuser=open-xchange --with-dbpass=xxxx --with-runuid=tomcat --with-tomcatuser=tomcat --with-htdocsdir=/var/www/localhost/htdocs/ --with-cgibindir=/var/www/localhost/cgi-bin/ --with-jni-dir=/opt/sun-jdk-1.4.2.08/include/ --with-openssl-dir=/usr/include --with-domain=ox.asgard.myth --with-organization="eMpunkt" --with-basedn="dc=ox,dc=asgard,dc=myth" --with-rootdn="cn=Manager,dc=ox,dc=asgard,dc=myth"

I really don't have a clou why tomcat is not working correctly. there isn't much to be misconfigured concerning tomcat. is there?

I rember tomcat working at some time but than it stopped. unmerging -> deleting configs -> merging again -> compiling ox again. didn't solve the issue.

maybe i should try the ebuild.

Help appreciated,

Thanks a lot,

Julian

----------

## nife

 *Boef wrote:*   

> Hmm you should just copy the servlet.war (this file has also the webdav in it) and the umin.war in the tomcat5/webapps-path (make sure you've compiled it with webdav-support)
> 
> You could also try the ebuild from the bugzilla:
> 
> https://bugs.gentoo.org/show_bug.cgi?id=62197&action=View
> ...

 

I have tried the ebuild.  And the war's are in

/usr/share/tomcat-5/server/webapps

```
castle webapps # ls -al

total 2647

drwxr-xr-x   4 tomcat tomcat     152 Sep  7 15:10 .

drwxr-xr-x   4 root   root        96 Sep  5 22:24 ..

drwxr-xr-x  15 tomcat tomcat     944 Sep  5 22:24 admin

drwxr-xr-x   4 tomcat tomcat     272 Sep  5 22:24 manager

-rwxr-xr-x   1 tomcat tomcat 2004255 Sep  7 15:10 servlet.war

-rwxr-xr-x   1 tomcat tomcat  698019 Sep  7 15:10 umin.war

```

I chown'd them to tomcat in the hopes that would work, but nope.

going to localhost:8080/servlet/intranet/

gives me an error reading:

```
HTTP Status 404 - /servlet/intranet/
```

basically I followed the web howto until the installing open-xchange part and then I used the ebuild.  The ebuild workd, but tomcat can't seem to run the stuff I need.

also when I try the login @ /cgi-bin/login.pl it complains that 

```
Can not build up Socket!

SessionD running?

```

but ps aux shows that it is running

```
castle webapps # ps aux | grep sessiond

tomcat   15057  0.0  0.1   4340  1036 pts/1    S    15:05   0:00 /bin/sh /usr/bin/openexchange-sessiond

tomcat   15062  0.1  3.1 1517128 32344 pts/1   Sl   15:05   0:01 /opt/blackdown-jdk-1.4.2.02/bin/java -ms20M -mx280M -Dopenexchange.propfile=/etc/open-xchange/groupware/system.properties -DappName=sessiondApp -Djava.library.path=/usr/lib64/open-xchange -classpath /usr/lib64/open-xchange/nas.jar:/usr/lib64/open-xchange/comfiretools.jar:/usr/lib64/open-xchange/intranet.jar:/usr/lib64/open-xchange/sessiond.jar com.openexchange.sessiond.oxsessiond -P 33333

root     31431  0.0  0.0   2608   520 pts/2    R+   15:18   0:00 grep sessiond

```

So I have no ideas left what I have done wrong.  I really want to get this up and running as it seems like exactly what I need.  Can anyone help ?

I am going to put up a $10usd reward for helping me get open-change up and running.  Seriously I am tired of looking at this.  Thanks gentoo users you are great

----------

## Dark_Hunter

 *nife wrote:*   

> 
> 
> I have tried the ebuild.  And the war's are in
> 
> /usr/share/tomcat-5/server/webapps
> ...

 

Which version of tomcat you've got?

If you've got a the version greater than 5.0.28-r4, I will check this again.

 *nife wrote:*   

> 
> 
> ```
> castle webapps # ps aux | grep sessiond
> 
> ...

 

Which useflags have you used?

```
emerge open-xchange -pv
```

.

Try 

```
USE="webdav postgres -ssl" emerge open-xchange
```

 if all of your ox-components are on the same computer.

Hope that helps.

----------

## nife

```
[ebuild   R   ] net-mail/open-xchange-0.8.1.2  -doc -mysql +postgres +ssl -vhosts -webdav 0 kB [1]
```

The new use flags just made it so that I get a 404 error when I try to login instead of complaining that it doesn't have a sessiond running.  So that is progress

Looks like I am close.  All I need is to get tomcat to run the stuff and then configure mod_jk

I have www-servers/tomcat-5.0.28-r4  -doc +examples +jikes

so looks like that is alright

I haven't changed any config files on my tomcat install so maybe that is something that I have messed up ?

The example files show up fine when I to to localhost:8080 so looks like tomcat is running just not running the .war's

I have tried deploying the .war's through the tomcat manage page and it fails the upload just goes to a blank white screen.

----------

## nife

now I'm getting error authentication failed when I try to login... blah

----------

## Dark_Hunter

The problem is, they have changed the structure of the directories since tomcat www-servers/tomcat-5.0.28-r4. I'm currently installing that version and will report it and change the ebuild.

ok, now it finished, they changed the structure try to copy the war-files into "/var/lib/tomcat-5/default/webapps".

This should be the right location.

i'll update the ebuild.

----------

## nife

 *Boef wrote:*   

> The problem is, they have changed the structure of the directories since tomcat www-servers/tomcat-5.0.28-r4. I'm currently installing that version and will report it and change the ebuild.
> 
> ok, now it finished, they changed the structure try to copy the war-files into "/var/lib/tomcat-5/default/webapps".
> 
> This should be the right location.
> ...

 

Nope I copied the war's into there and http://localhost:8080/servlet/intranet/ still gives me an error.

----------

## Dark_Hunter

 *nife wrote:*   

> now I'm getting error authentication failed when I try to login... blah

 

what say the log-files in /var/log/open-xchange?

----------

## Dark_Hunter

an other question, it seams you've upgrade from a prior version of tomcat.

Have you start tomcat with 

```
/etc/init.d/tomcat-5 start
```

?

Are their any information in the catalina.out?

----------

## nife

 *Boef wrote:*   

> an other question, it seams you've upgrade from a prior version of tomcat.
> 
> Have you start tomcat with 
> 
> ```
> ...

 

Nope I haven't upgraded this is a fresh install

the only thing even the least bit weird is that its an amd64 bit machine

catalina.out just complains about log4j and nothing else

----------

## nife

 *Boef wrote:*   

>  *nife wrote:*   now I'm getting error authentication failed when I try to login... blah 
> 
> what say the log-files in /var/log/open-xchange?

 

I'm working on this.. I think I messed up the openldap stuff so I am re-doing that

----------

## nife

could the fact that I am running 

java version "1.4.2-02"

Java(TM) 2 Runtime Environment, Standard Edition (build Blackdown-1.4.2-02)

Java HotSpot(TM) 64-Bit Server VM (build Blackdown-1.4.2-02, mixed mode)

lead to the fact that I am not able to run this ?

well It looks like I have a problem with ldap

here is what sessiond.log says:

```
Sep 07 18:08:59 localhost openexchange: oxsessiond init (localhost:33333) objectstream=false

Sep 07 18:08:59 localhost openexchange: INTERNAL TLS Support: OFF

Sep 07 18:08:59 localhost openexchange: oxsessiond init (localhost:33335) objectstream=true

Sep 07 18:09:08 localhost openexchange: Authentication failed for user: nife

Sep 07 18:09:08 localhost openexchange: ERROR: Authentification failed

Sep 07 18:09:16 localhost openexchange: Authentication failed for user: nife

Sep 07 18:09:16 localhost openexchange: ERROR: Authentification failed

Sep 07 18:09:20 localhost openexchange: Authentication failed for user: nife

Sep 07 18:09:20 localhost openexchange: ERROR: Authentification failed

Sep 07 18:09:24 localhost openexchange: Authentication failed for user: nife

Sep 07 18:09:24 localhost openexchange: ERROR: Authentification failed

Sep 07 18:09:27 localhost openexchange: Authentication failed for user: nife

Sep 07 18:09:27 localhost openexchange: ERROR: Authentification failed

```

I have added a user with adduser_ox and it had an error:

```
adduser_ox --username="nife1" --passwd="password" --name="Nife" --sname="Nife" --ox_timezone=EDT --maildomain="nife.us"

ldap_bind: Invalid credentials (49)

LDAP Success

SQL Success

```

Figured that out.  It was a permissions error.  I had to chown ldap:ldap everything in ldap-data

so the only thing left is to figure out why tomcat hates me

----------

## Dark_Hunter

 *nife wrote:*   

> 
> 
> ```
> adduser_ox --username="nife1" --passwd="password" --name="Nife" --sname="Nife" --ox_timezone=EDT --maildomain="nife.us"
> 
> ...

 

hmm, strange, could please remove the user and add him again, if the "ldap_bind"-error still exists.

ok, what went to my mind:

* did you also initialised your LDAP with the init_ldap.dif from /usr/share/open-xchange?

* did you also created links from your ldap-schema to your groupware and webmail-directory?

* did you include the ox-schema into your ldap-file?

* you could try 

```
ebuild /var/db/pkg/net-mail/open-xchange-0.8.1.2/open-xchange-0.8.1.2 config
```

and you could also increase your debug-output of ox.

in the file "/etc/open-xchange/groupware/system.properties" set the LOGLEVEL to 10

after restarting ox you should get much more information in your ox-logs.

please post them if it doesn't help.

----------

## nife

Thanks for the reply I edited my post during your reply i guess. hehe

I got the ldap stuff working.  it was a simple permissions issue of the db files.  so now that is fixed and I have that working but when I login I get a 404 error still.

Tomcat still doesn't see the war's even though I have tried a different jvm I have war's coppied into /usr/share/tomcat-5/server/webapps/ and /var/lib/tomcat-5/default/webapps

the tomcat manager page doesn't show either.  though if I try to upload the war it says error    	

```

FAIL - War file "servlet.war" already exists on server
```

So it looks like /var/lib/tomcat-5/default/webapps is the correct location now something else is wrong... blah.

here is what I have in /var/lib/tomcat-5/default/webapps

```
castle webapps # ls -al

total 2648

drwxr-xr-x   7 root   root       280 Sep  7 18:46 .

drwxr-xr-x   3 tomcat tomcat     168 Sep  5 22:24 ..

-rw-r--r--   1 root   root         0 Sep  5 22:24 .keep

drwxr-xr-x   3 tomcat tomcat     248 Sep  5 22:24 ROOT

drwxr-xr-x  21 tomcat tomcat     592 Sep  5 22:24 jsp-examples

-rw-r--r--   1 tomcat tomcat 2004214 Sep  7 18:46 servlet.war

drwxr-xr-x   4 tomcat tomcat     320 Sep  5 22:24 servlets-examples

drwxr-xr-x   9 tomcat tomcat    1136 Sep  5 22:24 tomcat-docs

-rw-r--r--   1 tomcat tomcat  697980 Sep  7 18:46 umin.war

drwxr-xr-x   3 tomcat tomcat     168 Sep  5 22:24 webdav

```

Isn't there supposed to be a servlet and WEB-INF for all of those things ?? I can't find them

----------

## nife

Well I finally got the war to install.  It was a permissions issue AGAIN

hehe the webapps folder and the temp folder were owend by root and didn't allow  writing I fixed that and they installed. 

Now all is up and running.

Now how do I add Procmail  to this ?

I desperatly need to have procmail

----------

## Dark_Hunter

 *nife wrote:*   

> 
> 
> Now how do I add Procmail  to this ?
> 
> I desperatly need to have procmail

 

Fine,fine, now you should just emerge procmail.

The mail-server-part is quasi independend from ox. ox just access the mailboxes per IMAP and sends its mail per SMTP. So if your configuration is working with an imap/smtp-client like kmail, thunderbird, ... it should also work with ox. 

If this doesn't help post your email-configuration.

----------

## nife

 *Boef wrote:*   

>  *nife wrote:*   
> 
> Now how do I add Procmail  to this ?
> 
> I desperatly need to have procmail 
> ...

 

Thanks man you have been awesome.  I was just worried because its all virtual mailboxes and procmail will drop the mail in some folder.  thanks again

----------

## slaapkop

Hello,

Great howto, keep up the good work!

I tried to follow the howto and get a OpenXchange server running on my gentoo install.

I came till the point: 

 *Quote:*   

>  We're now at the stage where we can add our first user for Open-Xchange. This is the litmus test to see if everything we've done up to this point is correct. This is where it can go all right and give you a huge sense of satisfaction, or terribly wrong and leave you scratching your head for a while.
> 
>  /usr/local/open-xchange/sbin/adduser_ox
> 
>            --username=john
> ...

 

Well the writer was right. About the scratching the head part....  :Embarassed: 

I tried to read as much about this subject as possible. Most of the time in this forum:

http://www.open-xchange.org/cgi-bin/simpleforum.cgi?fid=02&search

My error is the following when i try to add a user:

TRUUS ~ # /usr/local/open-xchange/sbin/adduser_ox --username="pim" --passwd="password" --name="pim" --sname="jansen" --maildomain="localhost" --ox_timezone="Europe/Amsterdam"

ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

LDAP Success

SQL Success

My /var/log/messages, most of the time my best friend tells me nothing at this stage.

My (i think) relevant configs are:

/usr/local/open-xchange/etc/admintools.conf

```

#!/bin/sh

#

# (c) 2004-2100 ;)

# Author: cutmasta AT netline-is D0T de

#

# OX-SCRIPTS - CONFIGURATION PARAMETER :)

#

############## GENERAL CONFIG STUFF ###############

# Your Company Name

# To which Organisation new User belong!

ORGA="NIX"

# OXBASE

OXBASE=`grep -v '^#' /usr/local/open-xchange/etc/groupware/ldap.conf | grep -i BASE | head -n 1 | awk {'print $2'}`

# LDAP Server - deprecated in favor of LDAPURI

LDAPHOST=`grep -v '^#' /usr/local/open-xchange/etc/groupware/ldap.conf | grep -i HOST | head -n 1 | awk {'print $2'}`

# LDAP URI - supercedes LDAPHOST

LDAPURI=`awk '/^[Uu][Rr][Ii]/ {print $2; exit;}' /usr/local/open-xchange/etc/groupware/ldap.conf`

if [ -z "$LDAPURI" ] ; then

    LDAPURI="ldap://$LDAPHOST/"

fi

# LDAP Admin

BINDDN="cn=Manager,dc=mydomain,dc=nl"

# LDAP Admin Passwd

BINDPW="mypassword"

if [ -z "$BINDDN" -a -z "$BINDPW" ] ; then   # omit unused options

        LDAPCONN="-H $LDAPURI"    # typical for full Kerberos/LDAP

else

        # Note that the -x -should- be a last resort, not the default

        LDAPCONN="-H $LDAPURI -D $BINDDN -w $BINDPW"   # -x is deprecated

fi

# OX LDAP Leaf, where is the "OxObjects" leaf?

OX_LEAF="ou=OxObjects,$OXBASE"

# Default Language

DEFAULT_PREF_LANG="EN"

# Default mail is enabled

DEFAULT_MAIL_ENAB="OK"

# Default the user can send mail to the internet

DEFAULT_INET_MAIL="TRUE"

# Default days of displaying appointments

DEFAULT_OX_APP_DAYS=5

# Default days of displaying tasks

DEFAULT_OX_TASK_DAYS=5

# default the user can write in the global adressbook

DEFAULT_WRITE_GLOBAL_ADDR="TRUE"

# The used Tools - should work on most Systems!

LDAPADD_BIN="ldapadd -ZZ"

#LDAPADD_BIN="ldapadd"

LDAPDELETE_BIN="ldapdelete"

LDAPMODIFY_BIN="ldapmodify"

LDAPSEARCH_BIN="ldapsearch"

GREP_BIN="grep"

SED_BIN="sed"

EXPR_BIN="expr"

SORT_BIN="sort"

HEAD_BIN="head"

TAIL_BIN="tail"

AWK_BIN="awk"

SQL_BIN="psql"

##################################################

###### CONVERT ALL USERNAMES TO LOWERCASE #########

CASE_IGNORE="yes"

##################################################

#################### SQL Stuff #####################

DEFAULT_SQL_HOST="localhost"

DEFAULT_SQL_DB="openexchange"

DEFAULT_SQL_USER="open-xchange"

DEFAULT_SQL_PASS="oxen"

# Default Table where we store the Rights

RIGHTS_TABLE="usr_general_rights"

# Default Template Table where the template is stored!

TEMPLATE_TABLE="sys_gen_rights_template"

# Default Template for creating Users.

# Must exist in the DB

DEFAULT_TEMPLATE_NAME="default_template"

####################################################

####################### LDAP #######################

# Where are the OX Users

USER_BASEDN="ou=Users,$OX_LEAF"

# Where are the OX Groups

GROUP_BASEDN="ou=Groups,$OX_LEAF"

# Where are the OX Resources

RESOURCES_BASEDN="ou=Resources,ou=ResourceObjects,$OX_LEAF"

# Where are the OX Resource Groups

RESOURCE_GROUPS_BASEDN="ou=ResourceGroups,ou=ResourceObjects,$OX_LEAF"

# Where is the Global Adressbook

GLOBAL_ADDRESSBOOKDN="o=AddressBook,$OX_LEAF"

# where are the adressbook admins

GLOBAL_ADDRESSBOOK_ADMINSDN="cn=AddressAdmins,$GLOBAL_ADDRESSBOOKDN"

# TEMPORARY FILE

TMPDIF="/usr/local/open-xchange/var/temporary_ldap_scripts.ldif"

####################################################

####################################################

HOME_DIR="/home/"

DEFAULT_USR_SHELL="/bin/bash"

SHADOW_EXPIRE=0

SHADOW_MIN=0

SHADOW_MAX=9999

SHADOW_WARN=7

STD_GID=500

MIN_UID=501

MIN_GID=500

####################################################

```

my /etc/openldap/slapd.conf

```

# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include /etc/openldap/schema/core.schema

include /etc/openldap/schema/cosine.schema

include /etc/openldap/schema/inetorgperson.schema

include /etc/openldap/schema/openldap.schema

include /etc/openldap/schema/misc.schema

include /etc/openldap/schema/nis.schema

include /etc/openldap/schema/openxchange.schema

allow bind_v2

#backend bdb

database bdb

password-hash {CRYPT}

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral       ldap://root.openldap.org

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

# Load dynamic backend modules:

# modulepath    /usr/lib/openldap/openldap

# moduleload    back_bdb.la

# moduleload    back_ldap.la

# moduleload    back_ldbm.la

# moduleload    back_passwd.la

# moduleload    back_shell.la

# Sample security restrictions

#       Require integrity protection (prevent hijacking)

#       Require 112-bit (3DES or better) encryption for updates

#       Require 63-bit encryption for simple bind

# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:

#       Root DSE: allow anyone to read it

#       Subschema (sub)entry DSE: allow anyone to read it

#       Other DSEs:

#               Allow self write access

#               Allow authenticated users read access

#               Allow anonymous users to authenticate

#       Directives needed to implement policy:

# access to dn.base="" by * read

# access to dn.base="cn=Subschema" by * read

# access to *

#       by self write

#       by users read

#       by anonymous auth

#

# if no access controls are present, the default policy is:

#       Allow read by all

#

# rootdn can always write!

#######################################################################

# ldbm database definitions

#######################################################################

checkpoint      32      30 # <kbyte> <min>

suffix          "dc=mydomain,dc=nl"

rootdn          "cn=Manager,dc=mydomain,dc=nl"

# Cleartext passwords, especially for the rootdn, should

# be avoid.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

rootpw          {CRYPT}CrypTedPa2w0rD

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory       /var/lib/openldap-data

# Indices to maintain

#loglevel=10

index   objectClass                     pres,eq

index   gidNumber,memberUid             eq

index   uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination   eq,sub

```

my /etc/openldap/ldap.conf

```

#

# LDAP Defaults

#

# See ldap.conf(5) for details

# This file should be world readable but not world writable.

#BASE   dc=example, dc=com

#URI    ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT      12

#TIMELIMIT      15

#DEREF          never

BASE dc=mydomain,dc=nl

URI ldap://mydomain.nl

HOST mydomain.nl

```

my /etc/saslauthd.conf

```

ldap_servers: ldap://mydomain.nl:389/

ldap_bind_dn: cn=Manager,dc=mydomain,dc=nl

#ldap_bind_pw: ldapsecretpassword

ldap_bind_pw:mypassword

ldap_search_base: dc=mydomain,dc=nl

```

I don't know why but when i try to restart slapd a get the red!!

TRUUS ~ # /etc/init.d/slapd restart

 * Caching service dependencies ...                                       [ ok ]

 * Stopping ldap-server ...                                               [ !! ]

So my question is, I 'm a doing something stupid? missing out something?

I did a lot of tweaking, just some stuf i read in the other forum..

If i need to give you some moore info please let me know.........

Thanks for helping me out here........

p.s Sorry for my poor English....

----------

## Dark_Hunter

Hi, it sounds like a ldap problem  :Wink: 

Ok, first check your logfiles.

Did you upgrade your ldap from 2.1 to 2.2?

What you can, is ldap running on the same machine like ox - than you can use the following lines in your /etc/openldap/ldap.conf.

```

URI ldap://127.0.0.1

```

But you also have to setup ox again.

An other nice solution  :Wink:  ox is now in portage currently masked but realy nice. It's a promise.

Hope that helps you a little bit.

----------

## slaapkop

Hi,

Thanks for your fast reply.

I did'nt upgrade from 2.1 to 2.2. But i might did an emerge -C openldap.

ldap and OX are running on the same machine. 

And about the log files for ldap, where can i find it? And is there a way to setup a higher loglevel?

----------

## Dark_Hunter

Ok, are you using ldap with an other software (samba or so)?

Did you change the kind of backend?

The good thing for 2.2 is you've got aci enabled by default and it shouldn't make that much problems.

But be carefull when updating it like stated in the ebuild.

I've got my logs in "/var/log/syslog".

You can also try to get more information from ox.

/etc/open-xchange/groupware/system.properties

and change the LOGLEVEL to 10

also /etc/open-xchange/webmail/system.properties

I hope that helps you.

----------

## slaapkop

Hi, no i'm using ldap only for OX. Maybe in the future for samba...

The kind of backend, you meen the 

#backend bdb

database bdb  

.. part in slapd.conf?

I might changed that, i changed a lot while reading other forums, but not realy knowing wat i was doing...   :Sad: 

My log are in /var/log/messages, but nothing usefull is comming in here concerning ldap. I maybe thought there was a different location for it somewhere...

And my openxhange folder is in /var/local/openxchange..... is that a problem?

I will check the OX logs as well, but i think it is a ldap problem, or could it be a problem using OX and ldap.

And could it be a problem reinstalling ldap?

The problem i get when adding a user with the # /usr/local/open-xchange/sbin/adduser_ox part.

And i get the error: ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

LDAP Success

SQL Success

Where do a look for this problem, i mean wich log file...

I try it again tonight after work.....

----------

## Dark_Hunter

Hi =)

One importand thing, is mydomain.nl resolveable!!! ?

best if you do a ping at mydomain.nl and it should ping your ldap-server (localhost).

if not add the informations to /etc/hosts or your dns server

 *slaapkop wrote:*   

> Hi, no i'm using ldap only for OX. Maybe in the future for samba...
> 
> The kind of backend, you meen the 
> 
> #backend bdb
> ...

 

If would suggest you to save your ldap data with slapcat, unmerging openldap, move the openldap dirs under /var/lib to a different location and also move the /etc/openldap directory to a new location.

Emerge openldap again and try to setup it again, if you want i can help you.

 *slaapkop wrote:*   

> 
> 
> And my openxhange folder is in /var/local/openxchange..... is that a problem?
> 
> 

 

No, this isn't a problem, i would suggest you to use the ebuild in portage it is masked but we are working hardly on it =).

I hope that helps you.

----------

## slaapkop

Hi,

Yes my domain is resolvable and for my ldap server, you mean the domain where the ldap server is running on? In my case the same so that should be good.

I will try to backup my ldap date with slapcat.  reemerge openldap stuff..

And i delete the usr/var/openxchange directory... And then use the ebuild.

I do that after work today.

Thanks for your help!!!

----------

## slaapkop

Hello,

I copied the /var/lib/opendlap* and /etc/openldap to my homedir.

Then i stopped the slapd service --> /etc/init.d/slapd zap (because the stop funtion did'n work).

But after that when i try to use slapcat it hangs, nothing in any of the logs...

TRUUS etc # slapcat > /home/pim/opendlapTemp/temp.ldif                          

What can i do to fix this?

And for the deleting of my already installed verion of openxchange, is it correct to do a rm -r /var/local/openxchange.?

Thanks..

----------

## thurisaz

Hi guys,

I'm also trying to install Open-Xchange on my Gentoo-Root-Box. I'm using the hard-masked 0.8.1.3-ebuild-script from the offical portage-repository (http://packages.gentoo.org/search/?sstring=open-xchange). Currently I'm having huge problems to get the OpenLDAP-Stuff to work. The other stuff is working (at least I think so).

Whenever I try to start slapd my /var/log/messages says

```

Oct  4 19:43:12 thurisaz slapd[6784]: sql_select option missing

Oct  4 19:43:12 thurisaz slapd[6784]: auxpropfunc error no mechanism available

Oct  4 19:43:12 thurisaz slapd[6784]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Oct  4 19:43:12 thurisaz slapd[6784]: auxpropfunc error invalid parameter supplied

Oct  4 19:43:12 thurisaz slapd[6784]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb

Oct  4 19:43:12 thurisaz slapd[6784]: bdb_db_init: Initializing BDB database

Oct  4 19:43:12 thurisaz slapd[6785]: slapd starting

```

I also used the search-function where I found the hint (https://forums.gentoo.org/viewtopic-t-151004-highlight-sqlselect+openldap.html) to emerge cyrus-sasl without the MySQL-useflag. This did'nt help  :Confused:  Instead of this ugly "sql_select option missing" I got an ugly "Mysql not supported" error. I also tried unstable OpenLDAP and cyrus-sasl ebuild but nothing helped. 

I also tried the  Cyrus and SASL and OpenLDAP-configuration like it is descriped in http://www.mikefetherston.ca/OX/html/index.html but I'm always getting these sql_select- or MySQL-not-supported-errors

What the hell am I doing wrong??   :Crying or Very sad: 

P.S: MySQL and Postgresql are installed on my system, the system itself is 100% up to date (Kernel 2.6.12, newest baselayout etc).

----------

## thurisaz

Okay, I simply tried the /usr/sbin/adduser_ox, /usr/sbin/addusertogroup_ox and /usr/sbin/addgroup_ox and they seem to work.   :Very Happy: 

Nevertheless I can not login, because I get the following error-message on the login-screen after pressing the submit-button:  *Quote:*   

> Can not build up Socket!
> 
> SessionD running?

 

This seems to be a certificate-problem...

```
Oct 04 20:08:49 localhost openexchange: oxsessiond init (localhost:33333) objectstream=false

Oct 04 20:08:49 localhost openexchange: INTERNAL TLS Support: ON

error loading keyfile: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

Oct 04 20:08:50 localhost openexchange: oxsessiond init (localhost:33335) objectstream=true

error loading keyfile: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

```

what can I do to solve this?Last edited by thurisaz on Tue Oct 04, 2005 6:12 pm; edited 1 time in total

----------

## Dark_Hunter

Currently the problem is the SSL stuff.

Please reemerge ox 

```
USE="-SSL" emerge open-xchange
```

.

Because this feature is somehow broken (this feature encrypts communication between the backend components).

But don't worry you are able to securly connect to ox when you enabled ssl in apache.

----------

## thurisaz

okay, thanks, I'll try it   :Very Happy: 

----------

## Dark_Hunter

 *slaapkop wrote:*   

> Hello,
> 
> But after that when i try to use slapcat it hangs, nothing in any of the logs...
> 
> What can i do to fix this?
> ...

 

Your hardware is okay?

Check if the openldap directories under /var/lib are ldap:ldap owned.

 *slaapkop wrote:*   

> 
> 
> And for the deleting of my already installed verion of openxchange, is it correct to do a rm -r /var/local/openxchange.?
> 
> 

 

yes, should be.

----------

## thurisaz

YAHOO!!! NOW IT WORKS!!! THANKS A LOT!!!

The Open-Xchange-Installation has costed me one full day of work, but I'm quite sure that Open-Xchange is it worth   :Razz: 

----------

## slaapkop

Hi, i'm trying to download an ebuild.

Maybe a stupid question, but where can i find this ebuild?

I find this page beacuase of the person beforme me:

http://packages.gentoo.org/ebuilds/?open-xchange-0.8.1.3

But i cannot find the ebuild overhere??

this link isn't working for me:

http://gentoo-wiki.com/HOWTO_Open-Xchange

----------

## Dark_Hunter

Oh, yes you have to unmask the package currently it is masked.

insert "www-apps/open-xchange" into your "/etc/portage/package.unmask"

If it doesn't function you probably have also insert the entry in /etc/portage/package.keywords.

Hope that helps

----------

## slaapkop

TRUUS portage # cat /etc/portage/package.unmask

www-apps/open-xchange

TRUUS portage # cat /etc/portage/package.keywords

dev-java/sun-jdk ~x86

www-apps/open-xchange

TRUUS portage # emerge -p open-xchange

These are the packages that I would merge, in order:

Calculating dependencies

emerge: there are no ebuilds to satisfy "open-xchange".

TRUUS portage #

Do i have to add something to my /etc/make.conf or so? Or update anything to tell the system a changed anything?

Man i don't get it...  :Rolling Eyes: 

----------

## slaapkop

Might be a  *Quote:*   

>  emerge sync

 ..........

----------

## thurisaz

One problem is still there: I can not use the webmail-client. Whenever I start the webmail-web-interface I the following error-message

```
Der aktuelle Befehl war nicht erfolgreich. Der Mail-Server antwortete: 

Exception in FolderSettings/loadFolder

An unknown error has occurred! Please check error message below.

Details: java.lang.NullPointerException
```

How can I configure it?

/var/log/open-xchange/webmail.log says:

```

Oct 05 10:54:17 localhost openexchange: Netline Application Server [NAS 5.0]

Oct 05 10:54:17 localhost openexchange: (c) Netline Internet Service GmbH

Oct 05 10:54:17 [mydomain] openexchange: Linux i386 2.6.12-gentoo-r10

Oct 05 10:54:17 [mydomain] openexchange: 1.5.0_05-b05

Oct 05 10:54:17 [mydomain] openexchange: VM Total Memory       : 20,352 KB

Oct 05 10:54:17 [mydomain] openexchange: VM Free Memory        : 19,860 KB

Oct 05 10:54:17 [mydomain] openexchange: VM Used Memory        : 492 KB

Oct 05 10:54:17 [mydomain] openexchange: System version        : OPEN-XCHANGE [0.8.1-3] initializing ...

Oct 05 10:54:18 [mydomain] openexchange: Using path: /usr/

Oct 05 10:54:18 [mydomain] openexchange: Loglevel set to: 5

Oct 05 10:54:18 [mydomain] openexchange: No LDAP Addressbook Config-file found!

Oct 05 10:54:18 [mydomain] openexchange: Setting timeout           : 60000

Oct 05 10:54:18 [mydomain] openexchange: Setting start_server      : 1

Oct 05 10:54:18 [mydomain] openexchange: Setting thread_pool       : 0

Oct 05 10:54:18 [mydomain] openexchange: Setting db_pool           : 5

Oct 05 10:54:18 [mydomain] openexchange: Allow non pooled threads  : true

Oct 05 10:54:18 [mydomain] openexchange: Setting upload directory  : /tmp/

Oct 05 10:54:19 [mydomain] openexchange: INFO: DefaultEncoding : UTF-8

Oct 05 10:54:19 [mydomain] openexchange: INFO: UserCanSelectEncoding : false

Oct 05 10:54:19 [mydomain] openexchange: INFO: UseServerSearch : false

Oct 05 10:54:19 [mydomain] openexchange: INFO: UseServerSort   : false

Oct 05 10:54:19 [mydomain] openexchange: INFO: DateFormat[DE]  : EEE dd.MM.yyyy HH:mm

Oct 05 10:54:19 [mydomain] openexchange: INFO: DateFormat[EN]  : MMM dd, yyyy hh:mm aaa

Oct 05 10:54:19 [mydomain] openexchange: INFO: Use Html-Editor : true

Oct 05 10:54:19 [mydomain] openexchange: INFO: Mail list style : SEARCH:SCROLL:SORT:LIST:MOVECOPY:DELETE

Oct 05 10:54:19 [mydomain] openexchange: INFO: Max. entries    : 500

Oct 05 10:54:19 [mydomain] openexchange: INFO: Entries on page : 10,15,20,25,50,75,100,125,150,175,200,250,500

Oct 05 10:54:19 [mydomain] openexchange: INFO: Quoted Colors   : #666666

Oct 05 10:54:19 [mydomain] openexchange: INFO: Disp. size lim. : 1000000 bytes

Oct 05 10:54:19 [mydomain] openexchange: INFO: Autocomplete max. Entries : 25

Oct 05 10:54:19 [mydomain] openexchange: INFO: Quota Warn      : 90%

Oct 05 10:54:19 [mydomain] openexchange: INFO: Hide Empty Folder Button : false

Oct 05 10:54:19 [mydomain] openexchange: INFO: Content Type Selection Filter : application/\\S*

Oct 05 10:54:19 [mydomain] openexchange: INFO: Readed webmail.properties: default.sent=INBOX/Sent

Oct 05 10:54:19 [mydomain] openexchange: INFO: Readed webmail.properties: default.trash=INBOX/Trash

Oct 05 10:54:19 [mydomain] openexchange: INFO: Readed webmail.properties: default.drafts=INBOX/Drafts

Oct 05 10:54:19 [mydomain] openexchange: INFO: Readed webmail.properties: default.spam=INBOX/Spam

Oct 05 10:54:19 [mydomain] openexchange: INFO: Readed webmail.properties: default.folder.autocreate=false

------------------------------------------------------------------

Oct 05 10:54:19 - system - 0.8.1-3

System in SpellCheck/loadSpellCheckParameter

Unable to execute: ispell -dgerman -a -P -H -Tlatin1

Please check your configuration and that ispell can be executed by WebMail.

Details: null

------------------------------------------------------------------

Oct 05 10:54:19 [mydomain] openexchange: INTERNAL TLS Support: OFF

Oct 05 10:54:19 [mydomain] openexchange: bind to port 4445

Oct 05 10:54:19 [mydomain] openexchange: upload bind to port 4447

 done

------------------------------------------------------------------

Oct 05 10:54:29 - thurisaz - 0.8.1-3

Exception in FolderSettings/loadFolder

Unable to get folder list.

java.lang.NullPointerException

        at com.openexchange.webmail.FolderSettings.dumpFolder(FolderSettings.java:328)

        at com.openexchange.webmail.FolderSettings.loadFolder(FolderSettings.java:240)

        at com.openexchange.webmail.Management.onBeforeHtmlLoad(Management.java:347)

        at com.openexchange.thread.ComfireThread.validateSession(ComfireThread.java:407)

        at com.openexchange.thread.ComfireThread.run(ComfireThread.java:162)

        at java.lang.Thread.run(Thread.java:595)

------------------------------------------------------------------

```

According to http://www.mikefetherston.ca/OX/html/#23 I need postfix for Open-Xchange. Nevertheless I'm also running a BugZilla-Server on my root-server which needs sendmail - could this be a problem?

EDIT: okay, I'll try de-install sendmail and install postfix because BugZilla seems to be postfix-compatible

EDIT 2

great, BugZilla seems to work with postfix, nevertheless I still have the Open-Xchange problem that there are no folders in my webmail-client. I have  user.default.folder.autocreate=true in my /etc/open-xchange/webmail/webmail.properties but it seems so that there are no auto-created-folders. Can I do this manually? Also when I add new users I have the same problem:

```
Exception in FolderSettings/loadFolder

Unable to get folder list.

java.lang.NullPointerException

        at com.openexchange.webmail.FolderSettings.dumpFolder(FolderSettings.java:328)

        at com.openexchange.webmail.FolderSettings.loadFolder(FolderSettings.java:240)

        at com.openexchange.webmail.Management.onBeforeHtmlLoad(Management.java:347)

        at com.openexchange.thread.ComfireThread.validateSession(ComfireThread.java:407)

        at com.openexchange.thread.ComfireThread.run(ComfireThread.java:162)

        at java.lang.Thread.run(Thread.java:595)

------------------------------------------------------------------

```

----------

## Dark_Hunter

Theoretically you should be able to use what ever you want.

OX just needs an SMTP server for sending emails and an imap for receiving. So what whatever you use as "email backend" it should function.

Increase your loglevel in /etc/open-xchange/{webmail|groupware}/system.properties to 10.

You can change the email settings in /etc/open-xchange/webmail/webmail.properties this should help you.

You also have to pay attention whether you have imap enabled or just imaps.

----------

## thurisaz

```
Oct 05 13:10:31 myhost openexchange: DEBUG: Pushing database connection org.postgresql.jdbc3.Jdbc3Connection@e45076

Oct 05 13:10:31 myhost openexchange: INTERNAL TLS Support: OFF

Oct 05 13:10:31 myhost openexchange: DEBUG: CLL -> com.openexchange.webmail.UserLogout

Oct 05 13:10:31 myhost openexchange: bind to port 4445

Oct 05 13:10:31 myhost openexchange: upload bind to port 4447

 done

Oct 05 13:10:37 myhost openexchange: DEBUG: Create new ComfireThread ComfireThread 0

Oct 05 13:10:37 myhost openexchange: DEBUG: Run ComfireThread ComfireThread 0

Oct 05 13:10:37 myhost openexchange: DEBUG: Re-use database connection org.postgresql.jdbc3.Jdbc3Connection@e45076

Oct 05 13:10:37 myhost openexchange: Connect to sessiond server: localhost:33333

Oct 05 13:10:37 myhost openexchange: DEBUG: NEWSESSION: uid=xxx, lang=DE, remoteip=62.143.132.93, id=c3764bd58ed6536b7e0e2b269e18a2b8, response=*** :-)

Oct 05 13:10:37 myhost openexchange: DEBUG: Using webmail <-> /servlet/webmail

Oct 05 13:10:37 myhost openexchange: DEBUG: LOGIN: uid=xxx: moduleRights=addr_r cont_r bookm_r data_r task_r doc_r proj_r knowl_r forum_n pin_r webmail

Oct 05 13:10:37 myhost openexchange: DEBUG: LOGIN: uid=xxx, imap=localhost - port=143, smtp=localhost - port= 25, MAILDOMAIN=myhost

Oct 05 13:10:37 myhost openexchange: DEBUG: LOGIN: uid=xxx: User can change mail address=true

Oct 05 13:10:38 myhost openexchange: DEBUG: IMAP: Open connection: CONNECTIONS=1

Oct 05 13:10:38 myhost openexchange: DEBUG: FOLDER : Create default folder ...........=false

Oct 05 13:10:38 myhost openexchange: DEBUG: FOLDER : Create default folder ............=false

Oct 05 13:10:38 myhost openexchange: DEBUG: FOLDER : Create default folder .............=false

Oct 05 13:10:38 myhost openexchange: DEBUG: FOLDER : Create default folder ...............=false

------------------------------------------------------------------

Oct 05 13:10:38 - [xxx] - 0.8.1-3

Exception in FolderSettings/loadFolder

Unable to get folder list.

java.lang.NullPointerException

        at com.openexchange.webmail.FolderSettings.dumpFolder(FolderSettings.java:328)

        at com.openexchange.webmail.FolderSettings.loadFolder(FolderSettings.java:240)

        at com.openexchange.webmail.Management.onBeforeHtmlLoad(Management.java:347)

        at com.openexchange.thread.ComfireThread.validateSession(ComfireThread.java:407)

        at com.openexchange.thread.ComfireThread.run(ComfireThread.java:162)

        at java.lang.Thread.run(Thread.java:595)

------------------------------------------------------------------

Oct 05 13:10:38 myhost openexchange: DEBUG: IMAP: Release connection: CONNECTIONS=0

Oct 05 13:10:38 myhost openexchange: DEBUG: Using non-cached version DE/loadmain

Oct 05 13:10:38 myhost openexchange: DEBUG: Pushing database connection org.postgresql.jdbc3.Jdbc3Connection@e45076

Oct 05 13:10:38 myhost openexchange: DEBUG: Destroy ComfireThread ComfireThread 0

Oct 05 13:10:38 myhost openexchange: DEBUG: Create new ComfireThread ComfireThread 1

Oct 05 13:10:38 myhost openexchange: DEBUG: Run ComfireThread ComfireThread 1

Oct 05 13:10:38 myhost openexchange: DEBUG: Using non-cached version DE/main

Oct 05 13:10:38 myhost openexchange: DEBUG: Create new ComfireThread ComfireThread 2

Oct 05 13:10:38 myhost openexchange: DEBUG: Destroy ComfireThread ComfireThread 1

Oct 05 13:10:38 myhost openexchange: DEBUG: Create new ComfireThread ComfireThread 3

Oct 05 13:10:38 myhost openexchange: DEBUG: Run ComfireThread ComfireThread 2

Oct 05 13:10:38 myhost openexchange: DEBUG: Using non-cached version DE/top

Oct 05 13:10:38 myhost openexchange: DEBUG: Destroy ComfireThread ComfireThread 2

Oct 05 13:10:38 myhost openexchange: DEBUG: Run ComfireThread ComfireThread 3

Oct 05 13:10:38 myhost openexchange: Connect to sessiond server: localhost:33333

Oct 05 13:10:38 myhost openexchange: DEBUG: PINGSESSION: uid=xxx, id=c3764bd58ed6536b7e0e2b269e18a2b8, response=OK: done

Oct 05 13:10:38 myhost openexchange: DEBUG: Using non-cached version DE/left_top

Oct 05 13:10:38 myhost openexchange: DEBUG: Destroy ComfireThread ComfireThread 3

```

Last edited by thurisaz on Wed Oct 05, 2005 11:22 am; edited 1 time in total

----------

## thurisaz

Why does the log tell me

```
Oct 05 13:10:38 thurisaz.org openexchange: DEBUG: FOLDER : Create default folder ...........=false 

Oct 05 13:10:38 thurisaz.org openexchange: DEBUG: FOLDER : Create default folder ............=false 

Oct 05 13:10:38 thurisaz.org openexchange: DEBUG: FOLDER : Create default folder .............=false 

Oct 05 13:10:38 thurisaz.org openexchange: DEBUG: FOLDER : Create default folder ...............=false 
```

?

In my webmail.property I have

```
# Should the default folder be created when they not exists

user.default.folder.autocreate=true
```

----------

## thurisaz

This is my hole webmail.properties-file

```
# Folder mapping which will be used when a user login the first time

user.default.folder.sent=INBOX/Sent

user.default.folder.trash=INBOX/Trash

user.default.folder.drafts=INBOX/Drafts

user.default.folder.spam=INBOX/Spam

# Should the default folder be created when they not exists

user.default.folder.autocreate=true

# JavaMail property settings. Please take a look to the JavaMail API Specification

# for detailed informations about all available settings.

#mail.debug=true

#mail.smtp.auth=true

# Comment out the following lines if you want to use IMAPS and/or SMTPS

# Detailed informations about the property settings can be found at the

# JavaMail API Documentation.

#mail.imap.socketFactory.class=com.openexchange.tools.ssl.TrustAllSSLSocketFactory

#mail.imap.socketFactory.port=993

#mail.imap.socketFactory.fallback=false

#mail.smtp.starttls.enable=true

#mail.smtp.socketFactory.class=com.openexchange.tools.ssl.TrustAllSSLSocketFactory

#mail.smtp.socketFactory.port=465

#mail.smtp.socketFactory.fallback=false

mail.imap.allowreadonlyselect=true

mail.mime.encodeeol.strict=true

mail.mime.decodetext.strict=false

```

EDIT

I have just enabled the javamail-debug and there I get some interesting additional informations:

```
DEBUG: JavaMail version 1.3.1

DEBUG: java.io.FileNotFoundException: /opt/sun-jdk-1.5.0.05/jre/lib/javamail.providers (No such file or directory)

DEBUG: !anyLoaded

```

maybe I should downlrade to java 1.4 again...

----------

## Dark_Hunter

Which imap server do you use?

The javamail.providers errors should not be a problem.

Downgrade to 1.4 could be a solution.

Some of the dependencies couldn't get compiled with jsdk 1.5.

----------

## thurisaz

okay, now I have downgraded to 1.4 and re-emerged all java-stuff which had been compiled with 1.5 (at least I hope so). CUrrently I'm a little bit unsettled because I upgrated jdbc3-postgresql-7.4.5 to jdbc3-postgresql-8.0_p312 and I'm not sure whether this works with open-xchange. 

Now the javamail.providers-error is gone

```
DEBUG: successfully loaded resource: /META-INF/javamail.default.providers
```

nevertheless the FolderSettings/loadFolder-error is still there:

```
DEBUG: not loading resource: /META-INF/javamail.address.map

DEBUG: java.io.FileNotFoundException: /opt/sun-jdk-1.4.2.09/jre/lib/javamail.address.map (No such file or directory)

DEBUG: getProvider() returning javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Sun Microsystems, Inc]

DEBUG: mail.imap.fetchsize: 16384

* OK mydomain Cyrus IMAP4 v2.2.12-Gentoo server ready

A0 CAPABILITY

* CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS AUTH=GSSAPI AUTH=CRAM-MD5 AUTH=DIGEST-MD5 AUTH=NTLM SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE

A0 OK Completed

A1 LOGIN USER MYHIDDENPASS

A1 OK User logged in

Oct 05 14:01:11 mydomain openexchange: DEBUG: IMAP: Open connection: CONNECTIONS=1

A2 LIST "" INBOX

A2 OK Completed (0.000 secs 1 calls)

A3 LIST "" ..........

A3 OK Completed (0.000 secs 1 calls)

A4 CREATE ..........

A4 NO Invalid mailbox name

Oct 05 14:01:11 mydomain openexchange: DEBUG: FOLDER : Create default folder ..........=false

A5 LIST "" ..........

A5 OK Completed (0.000 secs 1 calls)

A6 LIST "" ...........

A6 OK Completed (0.000 secs 1 calls)

A7 CREATE ...........

A7 NO Invalid mailbox name

Oct 05 14:01:11 mydomain openexchange: DEBUG: FOLDER : Create default folder ...........=false

A8 LIST "" ...........

A8 OK Completed (0.000 secs 1 calls)

A9 LIST "" ............

A9 OK Completed (0.000 secs 1 calls)

A10 CREATE ............

A10 NO Invalid mailbox name

Oct 05 14:01:11 mydomain openexchange: DEBUG: FOLDER : Create default folder ............=false

A11 LIST "" ............

A11 OK Completed (0.000 secs 1 calls)

A12 LIST "" ..........

A12 OK Completed (0.000 secs 1 calls)

A13 CREATE ..........

A13 NO Invalid mailbox name

Oct 05 14:01:11 mydomain openexchange: DEBUG: FOLDER : Create default folder ..........=false

A14 LIST "" ..........

A14 OK Completed (0.000 secs 1 calls)

A15 LSUB "" "%"

A15 OK Completed (0.010 secs 1 calls)

A16 GETQUOTAROOT INBOX

A16 NO Mailbox does not exist

```

And I have a new " java.io.FileNotFoundException: /opt/sun-jdk-1.4.2.09/jre/lib/javamail.address.map"-error.

I'm note qute sure which IMAP-Server I use, I think it is net-mail/cyrus-imapd-2.2.12Last edited by thurisaz on Wed Oct 05, 2005 12:08 pm; edited 2 times in total

----------

## thurisaz

Why does the log say "Invalid mailbox name"?

----------

## Dark_Hunter

invalid mailboxname? the userid and password you use to login into ox is also used for authentication against your imap server.

you should asure that the mailbox of the user exists.

----------

## thurisaz

*hui* after emerging and re-emerging stable and unstable ebuilds of cyrus-imapd and re-reading the manual I simply did an

```
myhost ~ # cyradm --user cyrus localhost

Password:

localhost> cm user.mynewuser

localhost>

```

and it worked   :Razz: 

Thanks A LOT (!!!) for your support Dark_Hunter  :Very Happy: 

----------

## thurisaz

Appendix

Here I will post some observations which I made or which I will make in the future during the use of Open-Xchange

It seems so, that the current Version of Open-Xchange is NOT WORKING with >=dev-java/jdbc3-postgresql-8.0 so you better put this in your  /etc/portage/package.mask

During Open-Xchange runs it it tries to access user-setting-files under /var/open-xchange/settings/intranet/myuser. After the login/logout the log-file then complains about the file /var/open-xchange/settings/intranet/myuser which does not exist. If you create it by hand and add the correct permissions the error messages are gone and the file will be used

... more to come (I'm quite sure about it  :Wink:  )

----------

## Dark_Hunter

 *thurisaz wrote:*   

> Appendix
> 
> Here I will post some observations which I made or which I will make in the future during the use of Open-Xchange
> 
> It seems so, that the current Version of Open-Xchange is NOT WORKING with >=dev-java/jdbc3-postgresql-8.0 so you better put this in your  /etc/portage/package.mask
> ...

 

Yes, the date format is somehow changed.

 *thurisaz wrote:*   

> 
> 
> During Open-Xchange runs it it tries to access user-setting-files under /var/open-xchange/settings/intranet/myuser. After the login/logout the log-file then complains about the file /var/open-xchange/settings/intranet/myuser which does not exist. If you create it by hand and add the correct permissions the error messages are gone and the file will be used
> 
> ... more to come (I'm quite sure about it  )
> ...

 

If you first login it is normal, that it complains about it. If you create a new user, login to ox and try groupware options in the setup.

Normaly if you save ox should create this file. If not please tell me - than is a bug in ox-ebuild. 

Thanks =)

----------

## thurisaz

 *Dark_Hunter wrote:*   

> 
> 
> If you first login it is normal, that it complains about it. If you create a new user, login to ox and try groupware options in the setup.
> 
> Normaly if you save ox should create this file. If not please tell me - than is a bug in ox-ebuild. 
> ...

 

okay I see - the file is created correctly if you change/save something in the groupware options  :Wink: 

Nevertheless I can not receive emails - I just can send them. But I think I'll have to check my postfix-daemon-configs for this issue: 

```
warning: dict_ldap_connect: Unable to bind to server ldap://mydomain:389 as : 2 (Protocol error)

[...] alias database unavailable

```

----------

## Dark_Hunter

 *thurisaz wrote:*   

> 
> 
> Nevertheless I can not receive emails - I just can send them. But I think I'll have to check my postfix-daemon-configs for this issue: 
> 
> ```
> ...

 

I've got the following lines in my /etc/postfix/main.cf, this should enable the postfix-ldap support

```

alias_maps = ldap:ldapsource

ldapsource_server_host = localhost

ldapsource_search_base = dc=your,dc=domaind,dc=which,dc=you,dc=have,dc=defined

ldapsource_query_filter = (mail=%s)

ldapsource_result_attribute = mail

```

----------

## slaapkop

Hi,

I removed the open-xchange install from the howto. And I remereged openldap again.

Afer that i unmasked the ebuild en emerge the open-xchenge from portal.

Is it possible to follow the howto over from the 

 Configuring OpenLDAP

part of the howto over again? Or do i have to set it up on a different way?

Thanks.

----------

## thurisaz

thanks but I have the same settings in my main.cf. After changing some passwords etc I think that I have solved this error, nevertheless I'm getting the next one when postfix tries to deliver an email:

```
(connect to /var/imap/socket/lmtp[/var/imap/socket/lmtp]: Permission denied)
```

this files belongs to root:root   :Confused: 

----------

## Dark_Hunter

 *slaapkop wrote:*   

> 
> 
> part of the howto over again? Or do i have to set it up on a different way?
> 
> Thanks.

 

(Yes, you can start with the openldap part of the howto, but ...)

You should set the basedn of openldap and also the password.

After you've done this, do the following:

```
ebuild /var/db/pkg/www-apps/open-xchange/open-xchange-0.8.1.3.ebuild config
```

Now ox got configured for your entered values and after that step-by-steps are printed what should be done next.

Most things are already done by the ebuild-package =)

----------

## slaapkop

Ow I see....

This makes the world a lot easier...

Hmmm, i think i already have a database named openxchange and a dbuser named openxchange.

And i'm not able to log in into postgres sqldatabase with root.

Do i have to reemerge postgresql? Or how can i delete the database user openchange and the database openxchange?

Sorry for my totaly nooB questions.....

 :Embarassed: 

----------

## thurisaz

My permission problem is fixed - I emerged the newest unstable ebuild and than I simply needed to do the following:

```
chown -R cyrus:mail /var/imap/ 

usermod -G mail cyrus

usermod -G mail postfix  
```

Now it works and I spend another day on Open-Xchange-Configuration  :Shocked:  time to go to bed   :Laughing: 

----------

## Dark_Hunter

 *slaapkop wrote:*   

> 
> 
> Hmmm, i think i already have a database named openxchange and a dbuser named openxchange.
> 
> And i'm not able to log in into postgres sqldatabase with root.
> ...

 

This is no problem, in the howto of Mike they create the user through login per postgres user.

But you can do this also per this three, four lines like stated in the howto of ebuild config.

The best is you just copy those lines under "Setup database" and execute each line as root.

You can change the database options to the options you want, change the databasename or change the database user.

Just execute the config script of the ebuild and everything is setup in open-xchange configuration. After that follow the lines in the little howtos in the config script.

 *slaapkop wrote:*   

> 
> 
> Do i have to reemerge postgresql? Or how can i delete the database user openchange and the database openxchange?
> 
> 

 

An easy way is to use webmin to delete the just the ox database.

A dirty way is to delete (all postgresql databases) the content under /var/lib/postgresql and after that just

```

ebuild /var/db/pkg/dev-db/postgresql-x.x.x/postgresql-x.x.x.ebuild config

```

This creates the base postgresql config.

 *slaapkop wrote:*   

> 
> 
> Sorry for my totaly nooB questions.....
> 
> 

 

Don't worry  :Wink: 

----------

## slaapkop

Well got that part working...

But when i do the:  slapadd -l /usr/share/open-xchange/init_ldap.ldif

It hangs, just like i had with the previous install....

TRUUS ~ # slapadd -l /usr/share/open-xchange/init_ldap.ldif

Or is this a proces that takes more than an hour?

Thanks...

----------

## Dark_Hunter

 *slaapkop wrote:*   

> 
> 
> Or is this a proces that takes more than an hour?
> 
> 

 

No, this should happen in seconds.

If something is wrong it normaly should stop with a failure.

What you can do (if you have no data in your ldap database!!).

Delete all openldap directories under /var/lib and reemerge openldap.

Hope that helps.

----------

## slaapkop

Hi,

I deleted the user and database.

Then i re-aded them again. So there sould be data inside.

Well i will delete my opendlap dirs under /var/lib (again) and remerge openldap again..

Thanks...

----------

## slaapkop

oh,,,, Fu.k i miss read that.

I just deleted those directories.... Oeps.

Hmmm now what,,  :Embarassed:   And i'm emerging openldap again. How can i see if there is data in the ldap database??

Thanks...

----------

## Dark_Hunter

Try a slapcat, and check if data printed out.

----------

## slaapkop

oke,

After work a give this thing another shot.

i'm reemerge openldap now. Thats bringing my /var/lib/open-* dirs back?

Can't use putty at work. So Let you know what's happend after work.

Cheers..

----------

## Dark_Hunter

 *slaapkop wrote:*   

> 
> 
> Thats bringing my /var/lib/open-* dirs back?
> 
> 

 

Yes.

Have fun and good luck =)

----------

## thurisaz

By the way: I noticed that the description in the ebuild is not correct:

```

* HOWTO: Add a user

 * +++++++++++++++++

 * /usr/sbin/adduser_ox --username=MYUSERNAME --password=MYPASSWORD --name=FORENAME --sname=SURENAME --maildomain=thurisaz.org --ox_timezone="Europe/Berlin"

 * Now you can add the user to a group.

 * /usr/sbin/addusertogroup_ox --user=MYUSERNAME --group=NEWGROUPNAME

```

the password-attribute is called --passwd instead of --password; so to add a new user you'll have to do

```
/usr/sbin/adduser_ox --username=MYUSERNAME --passwd=MYPASSWORD --name=FORENAME --sname=SURENAME --maildomain=thurisaz.org --ox_timezone="MyTimeZone"
```

----------

## slaapkop

Hi,

I reemerged openldap.

When i do a: 

```
slapadd -l /usr/share/open-xchange/init_ldap.ldif
```

It returns nothing, so i gues thats good.

But after that when i try to add a group like said in the open-xchange install it stil gives me the same 'ERROR' as in the past.

```

TRUUS open-xchange # /usr/sbin/addgroup_ox --group=LISTS                        ldap_bind: Can't contact LDAP server (-1)

Added Group LISTS to LDAP

TRUUS open-xchange #

```

And when i try to add a user:

```

/usr/sbin/adduser_ox --username=joep --passwd=joep123 --name=joep --sname=jansen --maildomain=mydomain.nl --ox_timezone="Europe/Amsterdam"

ldap_bind: Can't contact LDAP server (-1)

LDAP Success

SQL Success

TRUUS open-xchange #

```

Any help is apriciated!

----------

## Dark_Hunter

Hi Slaapkop,

please post again your /etc/openldap/slapd.conf and /etc/open-xchange/admintools.conf .

Oh, an other qestion is slapd running?

```
/etc/init.d/slapd start
```

Hope that helps.

----------

## slaapkop

Hi,

My /etc/openldap/slapd.conf

```

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include         /etc/openldap/schema/core.schema

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/inetorgperson.schema

include         /etc/openldap/schema/misc.schema

include         /etc/openldap/schema/nis.schema

include         /etc/openldap/schema/openldap.schema

include         /etc/openldap/schema/openxchange.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral       ldap://root.openldap.org

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

# Load dynamic backend modules:

# modulepath    /usr/lib/openldap/openldap

# moduleload    back_bdb.la

# moduleload    back_ldap.la

# moduleload    back_ldbm.la

# moduleload    back_passwd.la

# moduleload    back_shell.la

# Sample security restrictions

#       Require integrity protection (prevent hijacking)

#       Require 112-bit (3DES or better) encryption for updates

#       Require 63-bit encryption for simple bind

# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:

#       Root DSE: allow anyone to read it

#       Subschema (sub)entry DSE: allow anyone to read it

#       Other DSEs:

#               Allow self write access

#               Allow authenticated users read access

#               Allow anonymous users to authenticate

#       Directives needed to implement policy:

# access to dn.base="" by * read

                                                                                                           1,1           Top

# access to dn.base="cn=Subschema" by * read

# access to *

#       by self write

#       by users read

#       by anonymous auth

#

# if no access controls are present, the default policy

# allows anyone and everyone to read anything but restricts

# updates to rootdn.  (e.g., "access to * by * read")

#

# rootdn can always read and write EVERYTHING!

#######################################################################

# BDB database definitions

#######################################################################

database        bdb

checkpoint      32      30 # <kbyte> <min>

suffix          "dc=mydomain,dc=nl"

rootdn          "cn=Manager,dc=mydomain,dc=nl"

# Cleartext passwords, especially for the rootdn, should

# be avoid.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

#rootpw         secret

rootpw          {CRYPT}crYptedPasswd

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory       /var/lib/openldap-data

# Indices to maintain

index   objectClass     eq

```

and /etc/open-xchange/admintools.conf:

```

#!/bin/sh

#

# (c) 2004-2100 ;)

# Author: cutmasta AT netline-is D0T de

#

# OX-SCRIPTS - CONFIGURATION PARAMETER :)

#

############## GENERAL CONFIG STUFF ###############

# Your Company Name

# To which Organisation new User belong!

ORGA="NIX"

# OXBASE

OXBASE=`grep -v '^#' /etc/open-xchange/groupware/ldap.conf | grep -i BASE | head -n 1 | awk {'print $2'}`

# LDAP Server - deprecated in favor of LDAPURI

LDAPHOST=`grep -v '^#' /etc/open-xchange/groupware/ldap.conf | grep -i HOST | head -n 1 | awk {'print $2'}`

# LDAP URI - supercedes LDAPHOST

LDAPURI=`awk '/^[Uu][Rr][Ii]/ {print $2; exit;}' /etc/open-xchange/groupware/ldap.conf`

if [ -z "$LDAPURI" ] ; then

    LDAPURI="ldap://$LDAPHOST/"

fi

# LDAP Admin

BINDDN="cn=Manager,dc=mydomain,dc=nl"

# LDAP Admin Passwd

BINDPW="password"

if [ -z "$BINDDN" -a -z "$BINDPW" ] ; then   # omit unused options

        LDAPCONN="-H $LDAPURI"    # typical for full Kerberos/LDAP

else

        # Note that the -x -should- be a last resort, not the default

        LDAPCONN="-H $LDAPURI -D $BINDDN -w $BINDPW -x"   # -x is deprecated

fi

# OX LDAP Leaf, where is the "OxObjects" leaf?

OX_LEAF="ou=OxObjects,$OXBASE"

# Default Language

DEFAULT_PREF_LANG="EN"

# Default mail is enabled

DEFAULT_MAIL_ENAB="OK"

# Default the user can send mail to the internet

DEFAULT_INET_MAIL="TRUE"

# Default days of displaying appointments

DEFAULT_OX_APP_DAYS=5

# Default days of displaying tasks

DEFAULT_OX_TASK_DAYS=5

# default the user can write in the global adressbook

DEFAULT_WRITE_GLOBAL_ADDR="TRUE"

# The used Tools - should work on most Systems!

LDAPADD_BIN="ldapadd"

LDAPDELETE_BIN="ldapdelete"

LDAPMODIFY_BIN="ldapmodify"

LDAPSEARCH_BIN="ldapsearch"

GREP_BIN="grep"

SED_BIN="sed"

EXPR_BIN="expr"

SORT_BIN="sort"

HEAD_BIN="head"

TAIL_BIN="tail"

AWK_BIN="awk"

SQL_BIN="psql"

##################################################

###### CONVERT ALL USERNAMES TO LOWERCASE #########

CASE_IGNORE="yes"

##################################################

#################### SQL Stuff #####################

DEFAULT_SQL_HOST="localhost"

DEFAULT_SQL_DB="openexchange"

DEFAULT_SQL_USER="openexchange"

DEFAULT_SQL_PASS="password"

# Default Table where we store the Rights

RIGHTS_TABLE="usr_general_rights"

# Default Template Table where the template is stored!

TEMPLATE_TABLE="sys_gen_rights_template"

# Default Template for creating Users.

# Must exist in the DB

DEFAULT_TEMPLATE_NAME="default_template"

####################################################

####################### LDAP #######################

# Where are the OX Users

USER_BASEDN="ou=Users,$OX_LEAF"

# Where are the OX Groups

GROUP_BASEDN="ou=Groups,$OX_LEAF"

# Where are the OX Resources

RESOURCES_BASEDN="ou=Resources,ou=ResourceObjects,$OX_LEAF"

# Where are the OX Resource Groups

RESOURCE_GROUPS_BASEDN="ou=ResourceGroups,ou=ResourceObjects,$OX_LEAF"

# Where is the Global Adressbook

GLOBAL_ADDRESSBOOKDN="o=AddressBook,$OX_LEAF"

# where are the adressbook admins

GLOBAL_ADDRESSBOOK_ADMINSDN="cn=AddressAdmins,$GLOBAL_ADDRESSBOOKDN"

# TEMPORARY FILE

TMPDIF="/var/open-xchange/temporary_ldap_scripts.ldif"

####################################################

####################################################

HOME_DIR="/home/"

DEFAULT_USR_SHELL="/bin/bash"

SHADOW_EXPIRE=0

SHADOW_MIN=0

SHADOW_MAX=9999

SHADOW_WARN=7

STD_GID=100

MIN_UID=101

MIN_GID=100

####################################################

```

Cheers

----------

## Dark_Hunter

ok =)

could you also please post the /etc/openldap/ldap.conf

Next question: how did you create the crypted password in slapd.conf or have you just written down what went into your mind.

Make sure the crypted password in slapd.conf is equal the unencrypted password in admintools.conf.

Or for testing purposes you can also try the unencrypted version in slapd.conf .

Don't forget to restart slapd after you've changed configuration.

Hope that helps you.

----------

## slaapkop

Hi,

my /etc/openldap/ldap.conf :

```

#

# LDAP Defaults

#

# See ldap.conf(5) for details

# This file should be world readable but not world writable.

#BASE   dc=example, dc=com

#URI    ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT      12

#TIMELIMIT      15

#DEREF          never

BASE dc=domain,dc=nl

URI ldap://domain.nl

HOST domain.nl

```

Oke i created the crypted password in slapd.conf like this:

 slappasswd -h {CRYPT} -s thenthepassword

I coppied the crypted password i got from it into /etc/openldap/slapd.conf file.

And yes it is the same password as the uncrypted one in /etc/open-xchange/admintools.conf.

Thanks..

----------

## Dark_Hunter

hmm - seams all good.

Have you got a firewall running - blocking ldap?

----------

## slaapkop

Hi, no i wich it was the firewall.

I don't get this ldap thing. 

And the thing i cannot stop the ldap-server, the only way to stop it is /etc/init.d/slapd zap.

That should'nt be normal as wel. Somehow the ldap-server and i don't get allong.....

If you have more sugestions your welcom...

Thanks.

----------

## slaapkop

Hi,

Tried it with an uncrypted password.. No luck.

Another thing, shouldn't ldap be listening op port 389?

When i do a netstat -an | grep 389 i get nothing..

Cheers.

----------

## Dark_Hunter

This night short before sleeping an idea went to my mind.

please try an:

```
chown -R ldap:ldap /var/lib/openldap-data
```

I had a problem starting ldap - this fixed it.

----------

## slaapkop

He.. cool that helped a lot!!

Wel i thought i already did that, but when i looked i saw:

ls -l /var/lib

```

drwxr-xr-x  2 apache   apache    72 Sep 26  2005 dav

drwxr-xr-x  2 dhcp     dhcp     136 Feb  8 11:30 dhcp

drwxr-xr-x  2 root     root     160 Feb  8 10:29 dhcpc

drwxr-xr-x  6 root     root     232 Feb  8 10:30 init.d

drwxr-xr-x  2 root     root      72 Sep  4  2005 ip6tables

drwxr-xr-x  2 root     root      72 Sep  4  2005 iptables

drwxr-xr-x  2 root     root      72 Jul 26  2005 misc

drwx------  2 ldap     ldap     320 Oct  6  2005 openldap-data

drwx------  2 ldap     ldap      72 Oct  6  2005 openldap-ldbm

drwx------  2 ldap     ldap      72 Oct  6  2005 openldap-slurp

drwxrws---  2 root     portage   96 Jul 26  2005 portage

drwxr-xr-x  3 postgres postgres 104 Sep 27  2005 postgresql

drwxr-xr-x  2 root     root     160 Feb  8 10:29 sasl2

drwxr-x---  2 root     slocate  104 Sep  4  2005 slocate

```

So that would be good, then i tool a look a little further, inside the /var/lib/openldap dir

ls -l /var/lib/openldap-data

```

-rw-------  1 root root   8192 Oct  6 08:20 __db.001

-rw-------  1 root root 270336 Oct  6 08:20 __db.002

-rw-------  1 root root  98304 Oct  6 08:20 __db.003

-rw-------  1 root root 368640 Oct  6 08:20 __db.004

-rw-------  1 root root  24576 Oct  6 08:20 __db.005

-rw-------  1 root root   8192 Oct  6 17:58 dn2id.bdb

-rw-------  1 root root  32768 Oct  6 17:58 id2entry.bdb

-rw-------  1 root root  42225 Oct  6 17:58 log.0000000001

```

Hmmm must have forget the -R option.

After this I 'm able to normaly start and stop the ldap demon.

Now i'm able to add a new user group!!

But when i try to add a user via:

```

/usr/sbin/adduser_ox --username=pim --passwd=paswordforpim--name=pim --sname=Jansen--maildomain=mydomain.nl --ox_timezone="Europe/Amsterdam"

```

i get an error back:

```

Undefined ERROR - LDAP CODE 32

See LDAP Log for Details!

```

But   i'm a lot further now thanks...

----------

## slaapkop

Hi, 

Well fixed this by changing the following line:

```

LDAPCONN="-H $LDAPURI -D $BINDDN -w $BINDPW -x"

```

into:

```

LDAPCONN="-H $LDAPURI -D $BINDDN -w $BINDPW"

```

in the /etc/open-xchange/admintools.conf file, i don't if the -x is default there or that i put it there..

Now the next stop is.. Loging into http://mydomain.nl/cgi-bin/login.pl

I get the 

Can not build up Socket!

SessionD running?

Message. I emerged open-xchange with the command:

```
USE="-SSL" emerge open-xchange
```

Where can i find info about this SessionD?

Thanks.

----------

## Dark_Hunter

Normally you find log information in /var/log/open-xchange/sessiond.log

----------

## slaapkop

Hi,

Well this is the output when i restart the slapd and open-exchange server and after that try to log in via http://www.mydomain.nl/cgi-bin/login.pl

```

/usr/bin/openexchange-sessiond: line 11: 14475 Killed                  /opt/sun-jdk-1.4.2.09/bin/java $SERVER $OPTS -ms20M -mx280M -Dopenexchange.propfile=/etc/open-xchange/groupware/system.properties -DappName=sessiondApp -Djava.library.path=/usr/lib/open-xchange -classpath /usr/lib/open-xchange/nas.jar:/usr/lib/open-xchange/comfiretools.jar:/usr/lib/open-xchange/intranet.jar:/usr/lib/open-xchange/sessiond.jar com.openexchange.sessiond.oxsessiond -P 33333

Oct 08 17:12:28 localhost openexchange: oxsessiond init (localhost:33333) objectstream=false

Oct 08 17:12:28 localhost openexchange: INTERNAL TLS Support: ON

Oct 08 17:12:33 localhost openexchange: oxsessiond init (localhost:33335) objectstream=true

Oct 08 17:12:44 localhost openexchange: SocketHandler.runStream: com.openexchange.ssl.SSLException:

15186:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1052:SSL alert number 48

ssl server fails to process ssl handshake

com.openexchange.ssl.SSLException:

15186:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1052:SSL alert number 48

ssl server fails to process ssl handshake

 at com.openexchange.ssl.SSLServerSocket.nativeAccept(Native Method)

 at com.openexchange.ssl.SSLServerSocket.accept(SSLServerSocket.java:129)

 at com.openexchange.sessiond.SocketHandler.runStream(SocketHandler.java:365)

 at com.openexchange.sessiond.SocketHandler.run(SocketHandler.java:243)

 at java.lang.Thread.run(Thread.java:534)

```

Looks like its trying to communicate via ssl??

----------

## Dark_Hunter

Yes, you have compiled ox with ssh.

But you can disable this without recompile ox.

1. edit /var/www/localhost/cgi-bin/login.pm and change to:

```
my $connection_mode = 3;
```

2. edit /etc/open-xchange/groupware/system.properties and change to

```
ENABLETLS: no
```

3. edit /etc/open-xchange/webmail/system.properties and change to

```
ENABLETLS: no
```

And now, welcome to your own OX - World =)

----------

## sonix

i went through the gentoo manual from top to the point where i create my first ox user. All went moderately well. However, when i login with my newly created user, i get this error message

 *Quote:*   

> Not Found
> 
> The requested URL /servlet/intranet was not found on this server.
> 
> Apache/2.0.52 (Gentoo/Linux) mod_ssl/2.0.52 OpenSSL/0.9.7e PHP/4.3.9 mod_jk/1.2.10 Server at www.vexelmedia.com Port 80

 

if i adjust the link on my browser to port 8080, i get a txt only version of ox with broken pic links which tells me ox is alright. What did i miss?

EDIT: I missed the JKMounts.Last edited by sonix on Sun Oct 09, 2005 11:40 am; edited 1 time in total

----------

## slaapkop

Hi,

I was a little too soon..

When i do a adduser i get the following:

```

TRUUS ~ # /usr/sbin/adduser_ox --username=pim --passwd=mypassword --name=pim --sname=janssen--maildomain=mydomain.nl --ox_timezone="Europe/Amsterdam"

SASL/DIGEST-MD5 authentication started

ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)

        additional info: SASL(-13): user not found: no secret in database

LDAP Success

SQL Success

```

I changed the line LDAPSEARCH_BIN="ldapsearch" into LDAPSEARCH_BIN="ldapsearch -d -3". 

So i got a lot of output, so when i saw the LDAP success and SQL success i thought it went good. But it did't

With the ssl enabled like you told me too, either way i get this message adding a new user.

It's not going smoothly for me, is it?

Can you help me out once again?

----------

## Dark_Hunter

 *sonix wrote:*   

> EDIT: I missed the JKMounts.

 

If you use the build, you get all inclusive  :Wink: 

----------

## Dark_Hunter

 *slaapkop wrote:*   

> 
> 
> With the ssl enabled like you told me too, either way i get this message adding a new user.
> 
> 

 

Did I? Sorry for the wrong information at first try to install ox without ssl. After all working fine, switch it on.

 *slaapkop wrote:*   

> 
> 
> It's not going smoothly for me, is it?
> 
> 

 

Somehow not  :Wink:  But we will hopefully get this done.

Try to edit the /etc/saslauthd.conf the following way

```

ldap_servers: ldap://127.0.0.1

ldap_bind_dn: cn=Manager,dc=mydomain,dc=nl

ldap_bind_pw: yourLDAPpassword

ldap_search_base: dc=mydomain,dc=nl

ldap_auth_method: userPassword

```

and restart your saslauthd service

----------

## sonix

 *Dark_Hunter wrote:*   

>  *sonix wrote:*   EDIT: I missed the JKMounts. 
> 
> If you use the build, you get all inclusive 

 

say what?

At any rate. I thought i had my installation all worked out. I added a second user and then i tried to test things around. Tried to add a calendar entry, entered all the data, saved, told me its saving then in the calendar there's NOTHING! im disappointed.

I tried to change my Setup options, namely the Groupware settings. I hit save there and i get the error message " ERROR!Settings could not be stored in directory!"

:'(

----------

## Dark_Hunter

Did you tried the ebuild?

If you try, make sure you execute the config part.

----------

## sonix

the portage tree ebuild? nope. i just went ahead with this manual: http://www.mikefetherston.ca/OX/html/index.html

however, tomcat error log says

 *Quote:*   

> 2005-10-09 00:30:55 StandardContext[/balancer]org.apache.webapp.balancer.BalancerFilter: init(): ruleChain: [org.apache.webapp.balancer.RuleChain: [org.apache.webapp.balancer.rules.URLStringMatchRule: Target$
> 
> 2005-10-09 01:45:42 StandardContext[/balancer]org.apache.webapp.balancer.BalancerFilter: init(): ruleChain: [org.apache.webapp.balancer.RuleChain: [org.apache.webapp.balancer.rules.URLStringMatchRule: Target$
> 
> 2005-10-09 01:45:57 StandardContext[/servlet]intranet: Exception: null
> ...

 

/var/log/messages says

 *Quote:*   

> Oct  9 09:45:13 lenin master[2881]: about to exec /usr/lib/cyrus/imapd
> 
> Oct  9 09:45:13 lenin imap[2881]: executed
> 
> Oct  9 09:45:13 lenin imap[2881]: sql auxprop plugin using mysql engine
> ...

 

maybe i really should just start from scratch with that ebuild... :'(

----------

## Dark_Hunter

sonix, the ebuild is quit easy.

The big problems for ox, is getting PostgreSQL and OpenLDAP working - and all seams fine for you.

So I would you suggest the ebuild - also for easely updating it in feature.

But for your problem, these are the acl for OpenLDAP:

http://www.mikefetherston.ca/OX/html/index.html#ldapacl

The problem is they are incomplete and also a security risk.

Hope that helps you so far.

----------

## sonix

 *Dark_Hunter wrote:*   

> sonix, the ebuild is quit easy.
> 
> The big problems for ox, is getting PostgreSQL and OpenLDAP working - and all seams fine for you.
> 
> So I would you suggest the ebuild - also for easely updating it in feature.
> ...

 

i definitely did miss. but adding them didnt solve my problem. however, i want to know how i can cleanly get rid of all that i have done, and install ox using the ebuild. I believe the ebuild on portage is the unstable version and the version i am using right now is stable, so that might cause further problems. Let me know what you think is the best option at this time.

/var/log/messages

 *Quote:*   

> Oct  9 11:17:22 lenin imap[6376]: sql plugin try and connect to a host
> 
> Oct  9 11:17:22 lenin imap[6376]: sql plugin trying to open db 'mailsqldb' on host 'localhost'
> 
> Oct  9 11:17:22 lenin imap[6376]: sql plugin could not connect to host localhost
> ...

 

----------

## Dark_Hunter

which version of ox do you have?

The stable 0.8.0.6 or the development 0.8.1.3 of ox?

----------

## slaapkop

Hi,

Well i reemerged open-xchange again:

```
emerge -C open-xchange

and then

USE="-SSL" emerge open-xchange

```

But when adding a group: 

```

TRUUS ~ # /usr/sbin/addgroup_ox --group=newgroup

SASL/DIGEST-MD5 authentication started

ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)

        additional info: SASL(-13): user not found: no secret in database

Added Group newgroup to LDAP

```

The log at that point:

```

Oct  9 21:58:27 TRUUS slapd[11279]: conn=4 fd=13 ACCEPT from IP=myexternalip:38371 (IP=0.0.0.0:389)

Oct  9 21:58:27 TRUUS slapd[11429]: conn=4 op=0 SRCH base="" scope=0 deref=0 filter="(objectClass=*)"

Oct  9 21:58:27 TRUUS slapd[11429]: conn=4 op=0 SRCH attr=supportedSASLMechanisms

Oct  9 21:58:27 TRUUS slapd[11429]: conn=4 op=0 SEARCH RESULT tag=101 err=0 nentries=1 text=

Oct  9 21:58:27 TRUUS slapd[11430]: conn=4 op=1 BIND dn="cn=Manager,dc=mydomain,dc=nl" method=163

Oct  9 21:58:47 TRUUS slapd[11279]: conn=5 fd=15 ACCEPT from IP=myextrnalip:33861 (IP=0.0.0.0:389)

Oct  9 21:58:47 TRUUS slapd[11429]: conn=5 op=0 BIND dn="" method=128

Oct  9 21:58:47 TRUUS slapd[11429]: conn=5 op=0 RESULT tag=97 err=0 text=

Oct  9 21:58:47 TRUUS ldapsearch: DIGEST-MD5 client step 2

Oct  9 21:58:47 TRUUS ldapsearch: DIGEST-MD5 client step 2

Oct  9 21:58:47 TRUUS slapd[11429]: conn=4 op=2 BIND dn="cn=Manager,dc=mydomain,dc=nl" method=163

Oct  9 21:58:47 TRUUS slapd[11429]: SASL [conn=4] Failure: no secret in database

Oct  9 21:58:47 TRUUS slapd[11429]: conn=4 op=2 RESULT tag=97 err=80 text=SASL(-13): user not found: no secret in database

Oct  9 21:58:47 TRUUS slapd[11279]: conn=4 fd=13 closed

Oct  9 21:58:47 TRUUS slapd[11279]: conn=6 fd=13 ACCEPT from IP=myextrnalip:38372 (IP=0.0.0.0:389)

Oct  9 21:58:47 TRUUS slapd[11430]: conn=6 op=0 SRCH base="" scope=0 deref=0 filter="(objectClass=*)"

Oct  9 21:58:47 TRUUS slapd[11430]: conn=6 op=0 SRCH attr=supportedSASLMechanisms

Oct  9 21:58:47 TRUUS slapd[11430]: conn=6 op=0 SEARCH RESULT tag=101 err=0 nentries=1 text=

Oct  9 21:58:48 TRUUS slapd[11429]: conn=6 op=1 BIND dn="cn=Manager,dc=mydomain,dc=nl" method=163

Oct  9 21:58:49 TRUUS slapd[11430]: conn=5 op=1 BIND dn="" method=128

Oct  9 21:58:49 TRUUS slapd[11430]: conn=5 op=1 RESULT tag=97 err=0 text=

Oct  9 21:59:06 TRUUS ldapadd: DIGEST-MD5 client step 2

Oct  9 21:59:26 TRUUS ldapadd: DIGEST-MD5 client step 2

Oct  9 21:59:26 TRUUS slapd[11430]: conn=6 op=2 BIND dn="cn=Manager,dc=mydomain,dc=nl" method=163

Oct  9 21:59:26 TRUUS slapd[11430]: SASL [conn=6] Failure: no secret in database

Oct  9 21:59:26 TRUUS slapd[11430]: conn=6 op=2 RESULT tag=97 err=80 text=SASL(-13): user not found: no secret in database

Oct  9 21:59:26 TRUUS slapd[11279]: conn=6 fd=13 closed

```

I changed the system.property documents from ENABLETLS:yes to ENABLETLS:no.

And the  /var/www/localhost/cgi-bin/login.pm, i changed the my $connection_mode = 2; to my $connection_mode = 2;

Why do i still get the ssl messages?

I just don't get it!!

----------

## slaapkop

HEEEJ...

I changed the /etc/open-xchange/admintools.conf file, the line:

```

LDAPCONN="-H $LDAPURI -D $BINDDN -w $BINDPW"

```

back into

```

LDAPCONN="-H $LDAPURI -D $BINDDN -w $BINDPW -x"

```

And now i'm finally in openXchange...!!!!!!!!!!!!!!

YES...

Thank toy verry much Dark_Hunter, your the best. Keep up the good work..

p.s. Probably won't be long for me too get another problem  :Wink: 

----------

## Dark_Hunter

Great =)

I wish you so much fun with it - I know you will have it  :Wink: 

----------

## sonix

 *Dark_Hunter wrote:*   

> which version of ox do you have?
> 
> The stable 0.8.0.6 or the development 0.8.1.3 of ox?

 

stable 0.8.0.6.

so it might cause me more troubles to go to ebuild  :Sad: 

----------

## Dark_Hunter

No, don't worry. An ebuild for stable ox will soon get in portage.

It is quite same as the current for 0.8.1.3.

So you can copy this or wait a few days - hope get this next days fixed.

----------

## sonix

 *Dark_Hunter wrote:*   

> No, don't worry. An ebuild for stable ox will soon get in portage.
> 
> It is quite same as the current for 0.8.1.3.
> 
> So you can copy this or wait a few days - hope get this next days fixed.

 

should i delete anything that i have done or should i just go ahead unmask the ebuild and emerge it?

----------

## Dark_Hunter

you should delete things under /usr/local/open-xchange, because this is obsolete.

----------

## sonix

 *Dark_Hunter wrote:*   

> you should delete things under /usr/local/open-xchange, because this is obsolete.

 

alright so thats all deleted now. i am emerging the ebuild. which how-to should i follow to configure it now?

----------

## Dark_Hunter

The howto provided by the ebuild itself:

Try

```
ebuild /var/db/pkg/www-apps/open-xchange-0.8.your_version/open-xchange-0.8.your_version.ebuild config
```

Ox get configured after answering a few question and after that a little howto is printed for setting up Openldap and PostgreSQL.

Skip the sections you've already done withe Mikes howto

So far... this should be all  :Wink: 

----------

## sonix

i still get the old version of ox on http://localhost/cgi-bin/login.pl  :Sad: 

i think i need ssl for the ebuild version. i get an error in my open-xchange log

 *Quote:*   

> Oct 10 02:35:25 localhost openexchange: oxsessiond init (localhost:33333) objectstream=false
> 
> Oct 10 02:35:25 localhost openexchange: INTERNAL TLS Support: ON
> 
> Oct 10 02:35:26 localhost openexchange: oxsessiond init (localhost:33335) objectstream=true
> ...

 

mod_ssl looks like is for apache1 only. i use apache2. not sure what to emerge now.

----------

## Dark_Hunter

Currently OX-0.8.1.* is buggy with SSL support for backend turned on.

Please distinguish between:

secured communication between backend components (currently buggy for 0.8.1 versions) can be disabled with 

```
USE="-ssl" emerge open-xchange
```

 currently you should do this (hopefully this get soon fixed)

secured communictation between your browser and apache accessing ox (this is indedependent from ox), you can enable it with "-D ssl" in the "APACHE2_OPTS" line in /etc/conf.d/apache2

----------

## sonix

should do the ebuild command again after i reemerge?

----------

## Dark_Hunter

 *sonix wrote:*   

> should do the ebuild command again after i reemerge?

 

Currently yes -  sorry, will be fixed soon.

----------

## slaapkop

Hi,

It's me again.

Still got a question. The webmail part isn't working for me yet.

When i try too log in via a browser, i get a screen wich says: 

WebMail - OPEN-XCHANGE 0.8.1-3

!!! SYSTEM - ERROR !!!

My log at that moment says: (/var/log/open-xchange/webmail.log)

```

Oct 10 17:55:20 TRUUS openexchange: DEBUG: Create new ComfireThread ComfireThread 3

Oct 10 17:55:20 TRUUS openexchange: DEBUG: Run ComfireThread ComfireThread 3

Oct 10 17:55:20 TRUUS openexchange: DEBUG: Re-use database connection org.postgresql.jdbc3.Jdbc3Connection@1ab28fe

Oct 10 17:55:20 TRUUS openexchange: Connect to sessiond server: localhost:33333

Oct 10 17:55:20 TRUUS openexchange: DEBUG: NEWSESSION: uid=pim, lang=EN, remoteip=62.131.1.42, id=daf85dc1f1fd64a80354b6e8ec87d95e, response=*** :-)

Oct 10 17:55:20 TRUUS openexchange: DEBUG: Using webmail <-> /servlet/webmail

Oct 10 17:55:20 TRUUS openexchange: DEBUG: LOGIN: uid=pim: moduleRights=addr_r cont_r bookm_r data_r task_r doc_r proj_r knowl_r forum_n pin_r webmail

Oct 10 17:55:20 TRUUS openexchange: DEBUG: LOGIN: uid=pim, imap=localhost - port=143, smtp=localhost - port= 25, MAILDOMAIN=mydomain.nl

Oct 10 17:55:20 TRUUS openexchange: DEBUG: LOGIN: uid=pim: User can change mail address=true

------------------------------------------------------------------

Oct 10 17:55:24 - pim - 0.8.1-3

AuthentificationFailedException in FolderSettings/loadFolder

Unable to authentificate user at the imap server.

Please check username and/or password.

Details: javax.mail.AuthenticationFailedException: Login failed: authentication failure

------------------------------------------------------------------

Oct 10 17:55:24 TRUUS openexchange: DEBUG: Using non-cached version noAuth

Oct 10 17:55:24 TRUUS openexchange: DEBUG: Pushing database connection org.postgresql.jdbc3.Jdbc3Connection@1ab28fe

Oct 10 17:55:24 TRUUS openexchange: DEBUG: Destroy ComfireThread ComfireThread 3

```

my imap.conf is like this:

```

# $Header: /var/cvsroot/gentoo-x86/net-mail/cyrus-imapd/files/imapd.conf,v 1.5 2004/08/27 06:02:45 langthang Exp $

# Don't forget to use chattr +S (if you are using ext[23])

# when you change these directories (read the docs).

configdirectory:        /var/imap

partition-default:      /var/spool/imap

sievedir:               /var/imap/sieve

tls_ca_path:            /etc/ssl/certs

tls_cert_file:          /etc/ssl/cyrus/server.crt

tls_key_file:           /etc/ssl/cyrus/server.key

# Don't use an everyday user as admin.

admins:                 cyrus

hashimapspool:          yes

allowanonymouslogin:    no

allowplaintext:         yes

# Allow renaming of top-level mailboxes.

#allowusermoves:         yes

# Use this if sieve-scripts could be in ~user/.sieve.

#sieveusehomedir:       yes

# Use saslauthd if you want to use pam for imap.

# But be warned: login with DIGEST-MD5 or CRAM-MD5

# is not possible using pam.

sasl_pwcheck_method:    saslauthd

lmtp_downcase_rcpt: yes

####################################################

## This is a recommended authentication method if you

## emerge cyrus-sasl with 'postgres' or 'mysql'

## To use with mysql database uncomment those lines below.

#sasl_pwcheck_method: auxprop

#sasl_auxprop_plugin: sql

## possible values for sasl_auxprop_plugin 'mysql', 'pgsql', 'sqlite'.

#sasl_sql_engine: mysql

## all possible values.

#sasl_mech_list: LOGIN PLAIN CRAM-MD5 DIGEST-MD5 NTLM

## or limit to CRAM-MD5 only

#sasl_mech_list: CRAM-MD5

## change below to suit your setup.

sasl_sql_user: mailsqluser

sasl_sql_passwd: password

sasl_sql_database: mailsqldb

sasl_sql_hostnames: localhost

sasl_sql_select: SELECT clear FROM users WHERE email = '%u@%r'

```

Is it a autentiacation problem(via ssl) or i'm i missing something?

Thanks...

----------

## sonix

could you please inform me what this command does?

```
 webapp-config -I -h <host> -d open-xchange open-xchange 0.8.1.3
```

EDIT: ha! adds /var/www/open-xchange folder  :Smile: 

I'm wondering how i can reset this (i really dont think its necessary)

 *Quote:*   

> slapadd -l /usr/share/open-xchange/init_ldap.ldif
> 
> slapadd: could not add entry dn="dc=vexelmedia,dc=com" (line=6): txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996

 

EDIT: rm /var/lib/openldap-data/* should do it.

but i'm really conerned about...

 *Quote:*   

> /usr/sbin/adduser_ox --username=MYUSERNAME --password=MYPASSWORD --name=FORENAME --sname=SURENAME --maildomain=vexelmedia.com --ox_timezone="Europe/Berlin"
> 
> ldap_bind: Can't contact LDAP server (-1)
> 
> LDAP Success
> ...

 

I checked /etc/open-xchange/admintools.conf, slapd.conf, ldap.conf and even saslauthd.conf and made the pass match in all cases. still no idea. i could not figure out at all how to get logging working with ldap. also, for some reason i CANNOT stop slapd after i started it. even after unmerging it and emerging again. i checked /var/lib/open-ldap/ permissions and made sure ldap:ldap owned those files. i think now would be a good time to study physics instead.

----------

## sonix

slaapkop:

try this:

```
 cyradm -user cyrus ox-domain.tld

ox-domain.tld> cm user.john

ox-domain.tld> exit
```

adduser_ox command does not create a mail acct for you. that is probably your issue. keep the two passwords matching so ox doesnt freak out. refer to the FINALIZING INSTALLATION section of http://www.mikefetherston.ca/OX/html/index.html .

bon chance.

----------

## Dark_Hunter

 *slaapkop wrote:*   

> Hi,
> 
> When i try too log in via a browser, i get a screen wich says: 
> 
> WebMail - OPEN-XCHANGE 0.8.1-3
> ...

 

There are several things to keep in mind.

First, make sure username and password you use for ox is equal to the password for your imap-server.

Second ox tries to connect your imap server per imap protocol default - not per imapS. 

If you just have imapS listening make sure to edit your /etc/open-xchange/webmail/webmail.properties

Hope that helps

----------

## Dark_Hunter

 *sonix wrote:*   

> 
> 
> I'm wondering how i can reset this (i really dont think its necessary)
> 
> 

 

One nice way is to make your apache redirect you in that directory.

The problem with necessary is, other web-apps installed by portage get their own directory with that way.

It is also possible to virtual hosting several different websites (I mean different URLs) on one apache.

This solution makes it possible to install ox one time for your complete sever and then "deploy" it for each virtual hosted server you want.

 *sonix wrote:*   

> 
> 
> slapadd -l /usr/share/open-xchange/init_ldap.ldif
> 
> slapadd: could not add entry dn="dc=vexelmedia,dc=com" (line=6): txn_aborted! DB_KEYEXIST: Key/data pair already exists (-30996

 

EDIT: rm /var/lib/openldap-data/* should do it.

[/quote]

try 

```
slapadd -c -l /usr/share/open-xchange/init_ldap.ldif
```

This try to going on with slapadd "ignoring" all failures.

 *sonix wrote:*   

> 
> 
> I checked /etc/open-xchange/admintools.conf, slapd.conf, ldap.conf and even saslauthd.conf and made the pass match in all cases. still no idea. i could not figure out at all how to get logging working with ldap. also, for some reason i CANNOT stop slapd after i started it. even after unmerging it and emerging again. i checked /var/lib/open-ldap/ permissions and made sure ldap:ldap owned those files. i think now would be a good time to study physics instead.

 

Did you change the backend for OpenLDAP. Do you've got a firewall blocking all.

Do you use ip-address or name and is it resolveable?

Hope that helps.

----------

## sonix

 */var/log/messages wrote:*   

> Oct 11 06:17:40 lenin slapd[25960]: @(#) $OpenLDAP: slapd 2.2.28 (Oct 10 2005 20:35:00) $       root@lenin:/var/tmp/portage/openldap-2.2.28/work/openldap-2.2.28/servers/slapd
> 
> Oct 11 06:17:40 lenin slapd[25960]: sql_select option missing
> 
> Oct 11 06:17:40 lenin slapd[25960]: auxpropfunc error no mechanism available
> ...

 

eh? sql plugin? i dont remember any note concerning that in the emerge howto for slapd.conf

here's my slapd.conf

 */etc/openldap/slapd.conf wrote:*   

> include         /etc/openldap/schema/core.schema
> 
> include         /etc/openldap/schema/cosine.schema
> 
> include         /etc/openldap/schema/inetorgperson.schema
> ...

 

Adding index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub, backend         bdb seemed to make me able to start and stop slapd. which is nice. I really think that the emerge tutorial needs some serious work. double // in the instructions will confuse some users. i'm wondering if there is any saslauthd configs i should touch.

----------

## bitwh0re

To Dark_Hunter and all others helping on this forum topic,

THANK YOU!!!

I haven't had much time lately to participate on this forum or keep the HOWTO up to date.  It's refreshing to see this discussion continue on even though I've been pretty much absent.  Again, thank you, without your help there would be a lot of frustrated Gentoo users without a running OX installation.

Mike.

----------

## sonix

I'm here to say, mucho gracias brethren! I have my ox running all nice. Gonna be notifying my users about it and im sure they will be very excited and very grateful for the help i've received from the community.

Here are some issues that could be easily addressed in a script (maybe modify adduser_ox?)

- add user to ox then add user to cyrus

- create Sent folder in cyrus

- set permanently delete deleted mail.

Best of luck to anyone who hasnt gotten ox running yet. I highly recommend using the portage tree to emerge ox. I will stick around to try to help.

Helpful tips:

USE="-ssl" emerge open-xchange << ssl works but you would have to check the gentoo wiki on open-xchange

to reset your postgres db:

 /etc/init.d/postgresql stop   << VERY IMPORTANT if you forget to do this, you will definitely run into problems stopping postgres later.

 su - postgres

 rm -R data

 mkdir data

 initdb data

 exit

 /etc/init.d/postgresql start

 then run the command under HOWTO: Setup database (following commands) which should have appeared after you emerged, and ran the ebuild command.

to reset your ldap tables:

 /etc/init.d/slapd stop

 rm /var/lib/openldap-data/*

 slapadd -l /usr/share/open-xchange/init_ldap.ldif

 chown ldap:ldap /var/lib/openldap-data/*  << if you get ldap_bind: Can't contact LDAP server (-1) error after you adduser, this could be your problem.

 /etc/init.d/slapd restart

to create your matching imap user after you created your ox user

 cyradm -user cyrus domain.com

 cm user.<user>

 cm user.<user>.Sent << creates sent folder you could do the same if you wanted a Draft or Spam folder.

you would have to manually go to the email acct options, subscribe to the new sent folder and set it to save your sent mail to the sent folder. might be wise to set permanently delete deleted mail in the options there as well.

look at my slapd.conf which i posted earlier. check it against yours. they should be pretty much identical.

once again, 

Merci.Last edited by sonix on Wed Dec 28, 2005 12:32 am; edited 2 times in total

----------

## sammo

hi to all. i'm trying to setup ox with these software:

smtp-> qmail-ldap

imap-> dovecot

now i'm fighting wit webmail i'm unable to send message. the error i see in webmail is:

unable to store message copy. Undefine error occured: A2 NO: nested expression is: com.sun.iap.CommandFaildeException A2 NO

Your message has been sent.

But in fact no message are delivered.

investigatin with loglevel 10 i found this:

Exception in ComposeMessage/storeMessageCopy

Unable to store message copy.

javax.mail.MessagingException: A2 NO ;

  nested exception is:

        com.sun.mail.iap.CommandFailedException: A2 NO

        at com.sun.mail.imap.IMAPFolder.doCommand(IMAPFolder.java:2065)

        at com.sun.mail.imap.IMAPFolder.exists(IMAPFolder.java:386)

        at com.openexchange.webmail.ComposeMessage.storeMessageCopy(ComposeMessage.java:1853)

        at com.openexchange.webmail.ComposeMessage.sendMessage(ComposeMessage.java:1638)

        at com.openexchange.webmail.Management.onBeforeHtmlLoad(Management.java:389)

        at com.openexchange.thread.ComfireThread.validateSession(ComfireThread.java:407)

        at com.openexchange.thread.ComfireThread.run(ComfireThread.java:162)

        at java.lang.Thread.run(Thread.java:534)

someone can help? thank in advice!

----------

## Dark_Hunter

Try to open the "Options" section in webmail, go to the folder section and set the default folders, after that try it again.

Hope that helps =)

----------

## SB

Sorry to crosspost from my thread, but I am also having a problem...  :Confused: 

I'm trying to add a user, but get the error:

"Undefined ERROR - LDAP CODE implementation specific"

I can't see what I've done wrong to cause this error. If I echo the LDAPCONN ( -H ldap://xxx -D cn=xxx,dc=xxx,dc=xxx -w xxx -x), and use the same connection parameters into ldapsearch, I get a list of all the LDAP objects, so I guess it's authenticating fine.

It's obviously tripping up on something, but I don't have a clue what. It's odd that it's not throwing an error code which should be LDAP CODE xx implementation specific. The users are definately not being added - the only user in the LDAP tree is the mailman user. OX was emerged without ssl support.

If anyone has any suggestions, I'd greatly appreciate it.

----------

## Dark_Hunter

Which LDAP do you've got?

----------

## sammo

now i've got open-xchange sending emails.

so i went to fight with ssl support.

i get this error:

localhost openexchange: INTERNAL TLS Support: ON

error loading CA: error:02001002:system library:fopen:No such file or directory

seems to me that ox can't open ca file. i'm sure the .pem file is in the right place ad i've tryed changing permissions.

----------

## Dark_Hunter

@sammo:

Which ox version do you use? Do you use the ebuild or by hand?

I know it is functioning with ox 0.8.0.6 except the umin part.

For the webmail part please create a symlink from /etc/open-xchange/groupware/sslcerts/ to /etc/open-xchange/webmail/sslcerts.

The groupware certs and keys get also (ab)used as webmail certs and keys.

----------

## sammo

 *Dark_Hunter wrote:*   

> @sammo:
> 
> Which ox version do you use? Do you use the ebuild or by hand?
> 
> I know it is functioning with ox 0.8.0.6 except the umin part.

 

i use the ebuild and i've installed 0.8.0.6 (modified ebuild) and 0.8.1.6. 

 *Dark_Hunter wrote:*   

> @sammo:
> 
> For the webmail part please create a symlink from /etc/open-xchange/groupware/sslcerts/ to /etc/open-xchange/webmail/sslcerts.
> 
> The groupware certs and keys get also (ab)used as webmail certs and keys.

 

i try this. thanks

----------

## amigafan

hmmm....  I have reinstalled my ox after a liitle time. I unmerged tomcat, openldap, postgres, and removed all its configs and directories. Then I (again) followed Mikes how-to and every step went fine - not one error message. No I want to login and.. "ERROR: Authentification failed"

Whats going on here?

During login my syslog says:

```
Oct 14 19:16:19 h9121 slapd[30240]: conn=5 fd=9 ACCEPT from IP=127.0.0.1:32845 (IP=0.0.0.0:389)

Oct 14 19:16:19 h9121 slapd[30240]: conn=5 op=0 BIND dn="" method=128

Oct 14 19:16:19 h9121 slapd[30240]: conn=5 op=0 RESULT tag=97 err=0 text=

Oct 14 19:16:19 h9121 slapd[30240]: conn=5 op=1 BIND dn="uid=web1p1,ou=Users,ou=OxObjects,dc=servergeeks,dc=de" method=128

Oct 14 19:16:19 h9121 slapd[30240]: conn=5 op=1 RESULT tag=97 err=49 text=

Oct 14 19:16:19 h9121 slapd[30240]: conn=5 op=2 BIND dn="" method=128

Oct 14 19:16:19 h9121 slapd[30240]: conn=5 op=2 RESULT tag=97 err=0 text=

Oct 14 19:16:19 h9121 slapd[30240]: conn=5 op=3 BIND dn="uid=web1p1,ou=Users,ou=OxObjects,dc=servergeeks,dc=de" method=128

Oct 14 19:16:19 h9121 slapd[30240]: conn=5 op=3 RESULT tag=97 err=49 text=

```

----------

## Dark_Hunter

 *amigafan wrote:*   

> hmmm....  I have reinstalled my ox after a liitle time. I unmerged tomcat, openldap, postgres, and removed all its configs and directories. Then I (again) followed Mikes how-to and every step went fine - not one error message. No I want to login and.. "ERROR: Authentification failed"
> 
> 

 

Which ldap version do you use? If you use 2.1* have you compiled if with aci support?

----------

## amigafan

 *Quote:*   

> Which ldap version do you use? If you use 2.1* have you compiled if with aci support?

 Hi, I am using 2.2.28 with its included support vor ACI. I've redone the whole installation part and this time it works - so I've made an mistake somewhere in my first setup. I saw that I forgot to delete the old login.pl / login.pm files from my old installation - maybe they were not overwritten and caused this error!? Thank you anyway!

This time even the outlook connector works and it does not create all my contacts twice  :Smile:  Now my phpldapadim doesn't work - I need it to correct my email-adress. To bad that the free version of ox doesn't have a usable admin interface for such things...

----------

## sammo

tls still not working. somone has tls-working setup with open-xchange?

----------

## Dark_Hunter

yes, I got ox working with ox 0.8.0.6 except the setup part in the groupware.

The ebuild will be updated soon  :Wink: 

For ox 0.8.1* is currently no way - I'm sitting and debugging  :Sad: 

----------

## Dark_Hunter

 *SB wrote:*   

> 
> 
> "Undefined ERROR - LDAP CODE implementation specific"
> 
> 

 

You already slapadded the ldif file, or? Where their any problems?

And questioning again, which ldap version do you've got?

Are their any messages in the logfiles (/var/log/messages)?

----------

## sammo

 *Dark_Hunter wrote:*   

> yes, I got ox working with ox 0.8.0.6 except the setup part in the groupware.
> 
> The ebuild will be updated soon 
> 
> For ox 0.8.1* is currently no way - I'm sitting and debugging 

 

can you post your configuration files (ldap.conf)? how did you generate the certificates and where you place them?

----------

## sammo

ok, some step ahead. now i resolved the issue open-xchange can't load ca. ad seems tls is working with ox-0.8.0.6.

----------

## Dark_Hunter

oh sorry, forgot to post something:

here is the bug at ox:

http://www.open-xchange.org/cgi-bin/bugzilla/show_bug.cgi?id=734

Some good (debugging) steps:

add "-w" to the shebang in login.pl (this gave me the importand informations for the buggy login.pm in the apache-log, if you use the ox ebuild this should be fixed)

increase the debug level in the ox components

create a symlink from the groupware/sslcerts to webmail/sslcerts directory so you can also use ssl in webmail

----------

## sammo

 *Dark_Hunter wrote:*   

> oh sorry, forgot to post something:
> 
> here is the bug at ox:
> 
> http://www.open-xchange.org/cgi-bin/bugzilla/show_bug.cgi?id=734
> ...

 

in the link posted abowe i see:

you can create a dynamic link from the webmail/sslcerts directory to the

groupware/sslcerts directory. Because the certitificates are the same.

To the Umin problem. Please check if all jar files are in the webapps/umin

directory are equals with the jar files from $PREFIX/lib.

this will fix the setup part of groupware working?

----------

## sonix

i dont seem to be receiving any mail. i have no problem sending outgoing mail. sending mail to hotmail works fine but not to myself. Inbox is always empty but Sentbox  gets updated when i send a new msg. 

 */etc/imapd.conf wrote:*   

> ## change below to suit your setup.
> 
> sasl_sql_user: mailsqluser
> 
> sasl_sql_passwd: password
> ...

 

 */var/log/open-xchange/groupware.log wrote:*   

> Oct 17 23:24:32 mail.com openexchange: No LDAP Addressbook Config-file found!
> 
> ...
> 
> openexchange: WARN: uid=producer, can't load settings '/var/open-xchange/settings/intranet/producer'. File not found or not readable.
> ...

 

chown tomcat:tomcat /var/open-xchange/settings fixed the permissions problem. but i am not sure what LDAP Addressbook is.

----------

## sammo

ok. now all seems working with tls: also the setup groupware section. the brute force solution i've found is to copy

all /usr/lib/open-xchange/ files in /opt/*-jdk-bin-*/jre/bin/ and setup correct permission. 

anyone more experienced with tomcat/java has a different solution, such as setting some environment variable to help java vm to find  the correc classes?

----------

## sammo

another question. I've found no way to get ox to talk with openldap with tls/ssl. i have two ldap server (master/slave with slurpd replication). the master server is on a remote host, so i wish to get some security with encryption. the only solution i get to work is to use stunnel to encrypt the communication between ox and the ldap master. anyone has another solution?

----------

## slaapkop

 *Dark_Hunter wrote:*   

>  *slaapkop wrote:*   Hi,
> 
> When i try too log in via a browser, i get a screen wich says: 
> 
> WebMail - OPEN-XCHANGE 0.8.1-3
> ...

 

Hi haven't tried to get the webmail running, but i realy want to.

So a view questions.

You mean the same password, the cyrus user and the password in /etc/imap.conf?

Or the password when creating the user with OX_Adduser (don't know the exact syntax)?

And how can i find out how the mailserver is listening, via imap or imaps? And how can i change that and put it in the right way in the /etc/open-xchange/webmail/webmail.properties file?

Thanks...

----------

## sonix

 *slaapkop wrote:*   

> You mean the same password, the cyrus user and the password in /etc/imap.conf?
> 
> Or the password when creating the user with OX_Adduser (don't know the exact syntax)?

 

actually, when you make your cyrus user, you will not make a password. you will only make an inbox with the cm user.<username> command. So when you login in groupware (ox) there will be a mail button that will lead you to webmail.

----------

## slaapkop

Hi,

Do have to give a password in the webmail section then?

If log into groupware and go to the email section i get the same message as when i try to log in to the webmail section.

----------

## sonix

 *slaapkop wrote:*   

> Do have to give a password in the webmail section then?
> 
> If log into groupware and go to the email section i get the same message as when i try to log in to the webmail section.

 

what is the message? you are not supposed to see any message. when you click on WEBMAIL you're supposed to be taken straight into your mailbox. no password reentry.

----------

## Dark_Hunter

Hi for the webmail section,

I updated the following section in the Wiki

http://gentoo-wiki.com/HOWTO_Open-Xchange#Configure_webmail

hope that helps you =)

----------

## sammo

hi to all. i switched from qmail-ldap + courier-imap to postfix+cyrus-imapd to have server side filtering with sieve. i've installed smartsieve-ox found in open-xchange-wiki and everithing works, but smartsieve is very slow. it works but is slow. i've look in log but no error is given. someone has smartsieve-ox working?

----------

## sonix

whats ssl support like now in  0.8.1.5? I am having some trouble with the ssl tips in http://gentoo-wiki.com/HOWTO_Open-Xchange

 *Quote:*   

> # /etc/ssl/misc/CA.pl -sign
> 
> Using configuration from /etc/ssl/openssl.cnf
> 
> Error opening CA private key ./demoCA/private/cakey.pem
> ...

 

----------

## Dark_Hunter

Sorry, made a mistake.

The first command for ssl key creation should be

```
/etc/ssl/misc/CA.pl -newca
```

I've forgot the "-newca" option.

----------

## forums

Hi All,

I'm gradually making headway on open-xchange. Many thanks to Mike for his howto and the many contributors.

I've been twising my head for ages over sql insertion via adduser_ox.

When I run the command to add a user I get the following output:

LDAP Success

SQL Error

Deleting User

The postgres log shows:

ERROR:  permission denied for relation oxfolder_specialfolders

ERROR:  permission denied for relation prg_date_notification

ERROR:  permission denied for relation prg_date_notification

The SQL portion of admintools.conf looks like this:

#################### SQL Stuff #####################

DEFAULT_SQL_HOST="localhost"

DEFAULT_SQL_DB="open_xchange"

DEFAULT_SQL_USER="open-xchange"

DEFAULT_SQL_PASS="oxen"

# Default Table where we store the Rights

RIGHTS_TABLE="usr_general_rights"

# Default Template Table where the template is stored!

TEMPLATE_TABLE="sys_gen_rights_template"

# Default Template for creating Users.

# Must exist in the DB

DEFAULT_TEMPLATE_NAME="default_template"

####################################################

Are there a set of permissions I'm missing out? postgres:postgres are the owners of /var/lib/postgres/data/*

ldap:ldap own everything in /var/lib/openldap-data. admintools.conf is world readable (while I troubleshoot)

I've tried adding a few different postgres users and changing admintools.conf appropriately but to no effect.

So yes, Mike: much head scratching as described   :Rolling Eyes: 

Any clues people?

Ta muchly

(note: I have previously encountered a postgres error whyby the DB "open_xchange" could not be found. I had previously setup with a different DB name but for some strange reason the DB name open_xchange _appeared_ to be hard-coded - so I created the DB name as the error logs detailed  - and injected the sql tables - and now this! I thought I would mention this in case it bares any relevance to the current error)

----------

## forums

 *forums wrote:*   

> 
> 
> (note: I have previously encountered a postgres error whyby the DB "open_xchange" could not be found. I had previously setup with a different DB name but for some strange reason the DB name open_xchange _appeared_ to be hard-coded - so I created the DB name as the error logs detailed  - and injected the sql tables - and now this! I thought I would mention this in case it bares any relevance to the current error)

 

ahh yes well. that would be dbinit_ox   :Embarassed: 

that said, the problem persists . . .

----------

## Dark_Hunter

Hi "forums",

you could also try the ebuild in portage. It is currently masked but could help you a little bit.

If you encounter any problems please post it here or drop me a private message.

----------

## forums

Hi mate,

I did use the masked ebuild  :Smile: 

I followed your excellent howto but used the open-xchange ebuild - I then continued to follow your howto  :Smile: 

I'm in the process of building from scratch once more. I expect I've messed something up somewhere. If you have any suggestions about the error I've reported, in the meantime, I'd love if you'd post 'em.

Cheers,

: n)

----------

## Dark_Hunter

 *forums wrote:*   

> Hi mate,
> 
> I did use the masked ebuild 
> 
> 

 

Fine, did you execute

```
emerge --config open-xchange
```

and went through all the steps. This should setup a fully working environment for you.

Oh yes, I've forgotten, if you compiled open-xchange with SSL support you should create the keys and certificates

http://gentoo-wiki.com/HOWTO_Open-Xchange#HowTo_Create_Certs_and_Keys or open-xchange won't start.

----------

## forums

 *Dark_Hunter wrote:*   

> 
> 
> Fine, did you execute
> 
> ```
> ...

 

All I can say is: Thanks

I did run the config command originally but I had changed the username since then - I was troubleshooting some other errors. Doh! I didn't even remember what the open-xchange configure script did (was probably installing at some stupid hour in the morning)

So I ran the config again - and hey presto!

Thanks again mate  :Smile: 

----------

## sonix

 *Dark_Hunter wrote:*   

> Oh yes, I've forgotten, if you compiled open-xchange with SSL support you should create the keys and certificates
> 
> http://gentoo-wiki.com/HOWTO_Open-Xchange#HowTo_Create_Certs_and_Keys or open-xchange won't start.

 

you should let people know before they start making their certs they should double check #hostname and #hostname -fqdn return proper results or else none of the components will make use of any of the certs. i think.... i would double check this if you could.

----------

## sonix

what does this mean??

 *sessiond.log wrote:*   

> Dec 25 21:08:44 localhost openexchange: oxsessiond init (localhost:33333) objectstream=false
> 
> Dec 25 21:08:44 localhost openexchange: INTERNAL TLS Support: ON
> 
> error loading certificate: error:0906D06C:PEM routines:PEM_read_bio:no start line
> ...

 

it means i screwed up my passwords for the CA and the key. I updated the ssl section of the wiki how-to so its easier to follow.

----------

## viol8r

open-xchange-0.8.1-6 came out a few weeks ago. 

Any ETA on an ebuild in portage?

Thanks

----------

## sonix

 */var/log/open-xchange/groupware.log wrote:*   

> Dec 30 21:51:25 localhost openexchange: Netline Application Server [NAS 5.0]
> 
> Dec 30 21:51:25 localhost openexchange: (c) Netline Internet Service GmbH
> 
> Dec 30 21:51:25 stalin.ussr openexchange: Linux i386 2.6.12-gentoo-r9
> ...

 

are these warnings?

hurray for the ox team. check the gentoo ox wiki.

----------

## dkr

Hokahey,

first of all thanks for the great job you all are doing.

My OX-Box is up and running, but when i try to add an contact i got the message:

```
- The contact has been created in the Database but couldn't be inserted into the LDAP addressbook: Naming err in ContactLdap javax.naming.NoPermissionException: [LDAP: error code 50 - no write access to parent]; remaining name 'uid=27,ou=addr,uid=dkr,ou=Users,ou=OxObjects'
```

I found in my /var/log/messages the followoing lines:

```

SQL engine 'mysql' not supported

Jan  1 22:04:26 rosa imap[22602]: auxpropfunc error no mechanism available

Jan  1 22:04:26 rosa imap[22602]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Jan  1 22:04:26 rosa imap[22602]: accepted connection

Jan  1 22:04:26 rosa slapd[16718]: conn=32 fd=12 ACCEPT from IP=192.168.0.3:47306 (IP=0.0.0.0:389)

Jan  1 22:04:26 rosa slapd[17121]: conn=22 op=1 UNBIND

Jan  1 22:04:26 rosa slapd[17121]: conn=22 fd=14 closed

Jan  1 22:04:26 rosa slapd[17122]: conn=32 op=0 BIND dn="cn=Manager,dc=idkonsil,dc=de" method=128

Jan  1 22:04:26 rosa slapd[17122]: conn=32 op=0 RESULT tag=97 err=49 text=

Jan  1 22:04:26 rosa saslauthd[16994]: Authentication failed for dkr: Bind to ldap server failed (invalid user/password or insufficient access) (-7)

Jan  1 22:04:26 rosa saslauthd[16994]: do_auth         : auth failure: [user=dkr] [service=imap] [realm=] [mech=ldap] [reason=Unknown]

Jan  1 22:04:26 rosa imap[22602]: badlogin: localhost [127.0.0.1] plaintext dkr SASL(-13): authentication failure: checkpass failed

```

Any idea whats wrong with the ldap ?

LL&P

d,

----------

## sonix

 *dkr wrote:*   

> when i try to add an contact i got the message:
> 
> ```
> - The contact has been created in the Database but couldn't be inserted into the LDAP addressbook: Naming err in ContactLdap javax.naming.NoPermissionException: [LDAP: error code 50 - no write access to parent]; remaining name 'uid=27,ou=addr,uid=dkr,ou=Users,ou=OxObjects'
> ```
> ...

 

post your /etc/openldap/sldap.conf and ldap.conf

----------

## dkr

Hi sonix,

/etc/openldap/ldap.conf

```

#

# LDAP Defaults

#

# See ldap.conf(5) for details

# This file should be world readable but not world writable.

BASE    dc=idkonsil,dc=de

URI     ldap://idkonsil.de

HOST    idkonsil.de

#SIZELIMIT      12

#TIMELIMIT      15

#DEREF          never

```

/etc/openldap/slapd.conf:

```

include         /etc/openldap/schema/core.schema

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/inetorgperson.schema

include         /etc/openldap/schema/openldap.schema

include         /etc/openldap/schema/misc.schema

include         /etc/openldap/schema/nis.schema

include         /etc/openldap/schema/openxchange.schema

allow bind_v2

backend bdb

password-hash {CRYPT}

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

#######################################################################

# BDB database definitions

#######################################################################

database        bdb

checkpoint      32      30 # <kbyte> <min>

suffix          "dc=idkonsil,dc=de"

rootdn          "cn=Manager,dc=idkonsil,dc=de"

rootpw          {CRYPT}<output of perl commandl>

directory       /var/lib/openldap-data

index   objectClass     pres,eq

index   gidNumber,memberUid     eq

index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub

```

/var/lib/openldap-data exists with 700 for user ldap:ldap

Happy new year and thanks for your help.

d.

EDIT:

It look like a problem beetween saslauth and imap.

```

testsaslauthd -u dkr -p pass

saslauthd[10474] :rel_accept_lock : released accept lock

saslauthd[10475] :get_accept_lock : acquired accept lock

saslauthd[10474] :do_auth         : auth failure: [user=dkr] [service=imap] [realm=] [mech=ldap] [reason=Unknown]

saslauthd[10474] :do_request      : response: NO

0: NO "authentication failed"

```

----------

## sonix

add

 *slapd.conf wrote:*   

> include         /etc/openldap/schema/openldap.schema
> 
> include         /etc/openldap/slapd.ox.inc

 

my indicies are slightly different, though i havent used ox enough to verify which is correct

 *slapd.conf wrote:*   

> index   objectClass     eq
> 
> index gidNumber,memberUid eq
> 
> index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub

 

check http://www.mikefetherston.ca/OX/html/index.html for sasl config.

----------

## dkr

Hi Sonix,

i've added /etc/openldap/slapd.ox.inc into slapd.conf. During the restart i got the following message:

```

/etc/openldap/slapd.ox.inc: line 3: bad DN "uid=root,ou=Users,ou=OxObjects,@basedn@" in by DN clause

<access clause> ::= access to <what> [ by <who> <access> [ <control> ] ]+

<what> ::= * | [dn[.<dnstyle>]=<DN>] [filter=<filter>] [attrs=<attrlist>]

<attrlist> ::= <attr> [val[.<style>]=<value>] | <attr> , <attrlist>

<attr> ::= <attrname> | entry | children

<who> ::= [ * | anonymous | users | self | dn[.<dnstyle>]=<DN> ]

        [dnattr=<attrname>]

        [group[/<objectclass>[/<attrname>]][.<style>]=<group>]

        [peername[.<peernamestyle>]=<peer>] [sockname[.<style>]=<name>]

        [domain[.<domainstyle>]=<domain>] [sockurl[.<style>]=<url>]

        [aci=<attrname>]

        [ssf=<n>] [transport_ssf=<n>] [tls_ssf=<n>] [sasl_ssf=<n>]

<dnstyle> ::= base | exact | one(level) | sub(tree) | children | regex

<style> ::= regex | base | exact

<peernamestyle> ::= regex | exact | ip | path

<domainstyle> ::= regex | base | exact | sub(tree)

<access> ::= [self]{<level>|<priv>}

<level> ::= none | auth | compare | search | read | write

<priv> ::= {=|+|-}{w|r|s|c|x|0}+

<control> ::= [ stop | continue | break ]

```

I'll check the config against http://www.mikefetherston.ca/OX/html/index.html  tonight.

LL&P

d.

----------

## sonix

dkr, i am afriad your errors are rather creepy. have you used the gentoo open-xchange wiki to install ox through portage? When checking against mike's website, keep in mind he did not use portage and his guide is rather not-so-up-to-date by now. If you start fresh with the ox ebuild on portage and follow the gentoo ox wiki you will have better luck. I had just got mine setup for the second time successfully and updated the wiki with the Tips section. 

et, voila.

http://gentoo-wiki.com/HOWTO_Open-Xchange

----------

## dkr

 *sonix wrote:*   

> dkr, i am afriad your errors are rather creepy. have you used the gentoo open-xchange wiki to install ox through portage? When checking against mike's website, keep in mind he did not use portage and his guide is rather not-so-up-to-date by now. If you start fresh with the ox ebuild on portage and follow the gentoo ox wiki you will have better luck. I had just got mine setup for the second time successfully and updated the wiki with the Tips section. 
> 
> et, voila.
> 
> http://gentoo-wiki.com/HOWTO_Open-Xchange

 

Hi sonix,

i tried the ebuild way and got an library error while adding a user into the datebase.

After that i tried mike's way and i got the described errors.

But now, after another sleeless night  :Smile:  i fixed my problems. There were 2 problems at my side. 

First i had troubles with the passwords at slapd.conf, admintools.conf and i think in the initial ldif file. I've replaced all of the {CRYPT} stuff and runs the initial LDAP load and et voila it works.

Then i run into a problem with the ACLS, that mean's that i wasn't able to change my properties or add an contact to the ldap.

For this i found a souliton In the OX forum.

I'v added the following lines into my slapd.conf.

```

# ACL für OX

access to dn.subtree="ou=Users,ou=OxObjects,dc=idkonsil,dc=de"

        by self write

        by users write

        by anonymous auth

access to dn.subtree="ou=Groups,ou=OxObjects,dc=idkonsil,dc=de"

        by self write

        by users write

        by anonymous auth

```

Ok my box is running fine now. My next step is to reinstall my box and give the ebuild and your wiki a second chance   :Exclamation:  .

Thanks for your idea's and your help, and last but not least thanks for your great job with the wiki. 

LL&P

david

----------

## sonix

dkr, glad to hear of your success. Inspire others.

Dark_Hunter, do you have a word for us concerning proper setup of ACL? Maybe update the wiki on that.

----------

## SilentShadow

hi, I installed open-xchange with the 8.1.5 ebuild and hack it to fit my need on the sql and ldap side.

My postgresql server (where I have put the db) run on the 5430 port so I made this change to the various configuration and script files:

```

/etc/open-xchange/admintools.conf

where

   DEFAULT_SQL_HOST="192.168.0.253"

add after

   DEFAULT_SQL_PORT="5430"

/usr/sbin/addusersql_ox

where

   if [ "$SQL_HOST" = "" ]

   then

           SQL_HOST=$DEFAULT_SQL_HOST

   fi

add after

   if [ "$SQL_PORT" = "" ]

   then

           SQL_PORT=$DEFAULT_SQL_PORT

   fi

where

   echo `$SQL_BIN -h $SQL_HOST -U $SQL_USER ......

modify

   echo `$SQL_BIN -h $SQL_HOST -p $SQL_PORT -U $SQL_USER.....

/usr/sbin/deluser_ox

where

   SQL_INSERT=`$SQL_BIN -h $DEFAULT_SQL_HOST -U $DEFAULT_SQL_USER

modify

   SQL_INSERT=`$SQL_BIN -h $DEFAULT_SQL_HOST -p $DEFAULT_SQL_PORT -U $DEFAULT_SQL_USER

/var/lib/tomcat-5/default/webapps/umin/WEB-INF/classes/oxuserminconfig.properties

where

   ############### SQL CONFIGURATION ###############

   SQL_SERVER_GROUPWARE=192.168.0.253

add after

   SQL_SERVER_GROUPWARE_PORT=5430

```

the last file "/var/lib/tomcat-5/default/webapps/umin/WEB-INF/classes/oxuserminconfig.properties" make me litle crazy, I found it because an ACCESS DENIED error in the setup link in the groupware.

Now I have this error "Show toolbar:  	ERROR!Could not read from database!"  in the " Groupware Settings" I'm sure the problem is related to the previouse file but I didn't find the software part where there is the DB call. Have you any suggestions?

thanks Dario

----------

## Olimaus

Hi, 

I am trying to install Open-Xchange on my box but I just don' get it...

If I try to install 0.8.1.5 I get an error.

Its on amd64 so maybe that is the problem.

```

compilewebdav:

    [javac] Compiling 491 source files to /var/tmp/portage/open-xchange-0.8.1.5/work/open-xchange-0.8.1-5/build

    [javac] The system is out of resources.

    [javac] Consult the following stack trace for details.

    [javac] java.lang.OutOfMemoryError

BUILD FAILED

/var/tmp/portage/open-xchange-0.8.1.5/work/open-xchange-0.8.1-5/build.xml:57: Compile failed; see the compiler error output for details.
```

I think 1.5Gig should be enoug.

So my second problem ist (now trying 0.8.0.6)

I got it running so far, but I can't create a user.

Thats my output

olinux open-xchange # adduser_ox --username="oli" --passwd="blabla" --name="oliver" --sname="schneider" --maildomain="olinux.local" --ox_timezone="Europe/Berlin"

ldap_bind: Can't contact LDAP server (-1)

LDAP Success

SQL Success

--

So first it tells me, that it can't contact the ldap server.

And after that it tells my succses?

So, whats wrong with it?

----------

## SilentShadow

hi Olimaus,

try

```

export ANT_OPTS="-Xmx256m"

emerge open-xchange

```

see: https://bugs.gentoo.org/show_bug.cgi?id=81924 or https://forums.gentoo.org/viewtopic-t-387521-highlight-java+lang+outofmemoryerror.html

bye Dario

----------

## Olimaus

Thank you, that fixed the build error.

The ldap problem still remains.

Oli

----------

## SilentShadow

hi, I'm not an expert but to have more log from the LDAP part of this software try this modification to the file:

/etc/open-xchange/admintools.conf

```

else

        # Note that the -x -should- be a last resort, not the default

        LDAPCONN="-d 1 -H $LDAPURI -D $BINDDN -w $BINDPW -x"   # -x is deprecated

fi

```

note: -d1 request a debug whit lot of information, in my case this let me better understand the problem with ldap

also the log of slapd may be too interesting

eventualy try to post some log..

bye dario

----------

## Olimaus

Hello again,

so I've got ldap working somehow.

Now I can add my user and I can add a group to ldap without errors.

The only problem I got now is, that I can't login --> ERROR: Authentication failed

mailadmin with the password from the ldif file doesn't work, too.

Here is a some logging output from sessiond.log

```

Jan 21 16:08:23 localhost openexchange: INTERNAL TLS Support: ON

Jan 21 16:08:24 localhost openexchange: oxsessiond init (localhost:33335) objectstream=true

Jan 21 16:12:25 localhost openexchange: Missing HOST and URI in directory service configuration.

Jan 21 16:12:25 localhost openexchange: SocketHandler.doAuthentification: java.lang.NullPointerException

java.lang.NullPointerException

        at com.openexchange.tools.ldap.LdapPool.createContext(LdapPool.java:350)

        at com.openexchange.tools.ldap.LdapPool.createContext(LdapPool.java:335)

        at com.openexchange.tools.ldap.LdapPool.get(LdapPool.java:291)

        at com.openexchange.tools.ldap.LdapPool.get(LdapPool.java:199)

        at com.openexchange.groupware.ldap.GlobalLdapPool.getContext(GlobalLdapPool.java:102)

        at com.openexchange.groupware.ldap.Factory.newAuthenticationSupport(Factory.java:280)

        at com.openexchange.sessiond.SocketHandler.doAuthentification(SocketHandler.java:539)

        at com.openexchange.sessiond.SocketHandler.runStream(SocketHandler.java:391)

        at com.openexchange.sessiond.SocketHandler.run(SocketHandler.java:227)

        at java.lang.Thread.run(Thread.java:534)

Jan 21 16:12:25 localhost openexchange: Authentication failed for user: oli

Jan 21 16:12:25 localhost openexchange: ERROR: Authentication failed

Jan 21 17:08:24 localhost openexchange: SocketHandler.doAuthentification: java.lang.NullPointerException

java.lang.NullPointerException

        at com.openexchange.tools.ldap.LdapPool.createContext(LdapPool.java:350)

        at com.openexchange.tools.ldap.LdapPool.createContext(LdapPool.java:335)

        at com.openexchange.tools.ldap.LdapPool.get(LdapPool.java:291)

        at com.openexchange.tools.ldap.LdapPool.get(LdapPool.java:199)

        at com.openexchange.groupware.ldap.GlobalLdapPool.getContext(GlobalLdapPool.java:102)

        at com.openexchange.groupware.ldap.Factory.newAuthenticationSupport(Factory.java:280)

        at com.openexchange.sessiond.SocketHandler.doAuthentification(SocketHandler.java:539)

        at com.openexchange.sessiond.SocketHandler.runStream(SocketHandler.java:391)

        at com.openexchange.sessiond.SocketHandler.run(SocketHandler.java:227)

        at java.lang.Thread.run(Thread.java:534)

Jan 21 17:08:24 localhost openexchange: Authentication failed for user: oli

Jan 21 17:08:24 localhost openexchange: ERROR: Authentication failed

```

----------

## SilentShadow

 *Quote:*   

> INTERNAL TLS Support: ON

 

if U use the 8.1.5 version TLS is buggy read some old post on this thread for more information:

to resolve this problem I had to do this:

1)  first off all don't use the ssl use flag

```

emerge -pv open-xchange

These are the packages that I would merge, in order:

Calculating dependencies ...done!

[ebuild   R   ] www-apps/open-xchange-0.8.1.5  -doc -ssl +vhosts +webdav 0 kB [1]

```

2) if U use ldap for other application (like me) probably U have the file /etc/openldap/ldap.con the setting for tls like

```

BASE dc=xxx,dc=it

URI ldaps://server.xxx.it

tls_checkpeer yes

tls_cacertfile /etc/openldap/ssl/root.crt

TLS_CACERT /etc/openldap/ssl/root.crt

TLS_REQCERT demand

```

note: the use of ldaps:// instead of ldap

so I copy this file over the link presente in "/etc/open-xchange/groupware/" and change it to use the non encrypted protocol. 

 *Quote:*   

> 
> 
> BASE dc=xxx,dc=it
> 
> URI ldap://server.xxx.it
> ...

 

bye DArio

----------

## djscribble

Does anyone know how to make it so that sieve authenticates against the same ldap database that openexchange and cyrus authenticates against?

thanks

----------

## Cheesefoam

Hey all:  I thought I would let the rest of you know that OX 0.8.2_RC2 does work with MySQL.  I've switched my install from PostgreSQL over to MySQL, and while there is the occasional minor hiccup with OX (such as an occasional "permission denied" when trying to access webmail - which is easily fixed by restarting OX), it works like a charm.

I've posted the details in the OX bug report on bugs.gentoo.org, but I haven't had time to write a modified ebuild for it yet, other than the very ugly kludged one I am using right now.

UPDATE:  I've posted a much cleaner ebuild on bugs.gentoo.org, as well as a modified init.d script which will automatically check for Tomcat crashes on startup and attempt to bring Tomcat back up before starting OX.

----------

## ptfoof

I'm using the guide at http://www.mikefetherston.ca/OX/html/index.html.  Needless to say I have never used most of the required packages, but it is going OK.  Just a few things to change for my setup.  I have successfully completed the install and all tests up to the point where the database is being setup, "Database Setup".  

```
postgres@foobar ~ $ createuser -pwprompt

Enter name of user to add: open-xchange

Enter password for new user: oxen

Enter it again: oxen

Shall the new user be allowed to create databases? (y/n) y

Shall the new user be allowed to create more new users? (y/n) n

```

When I run the "createdb command" I get:

```
postgres@foobar ~ $ createdb -O ox_user -E UNICODE ox_db

createdb: database creation failed: ERROR:  user "ox_user" does not exist

```

What is the "ox_user" versus the "open-xchange" user created in this step?  Where is the "ox_user" user   :Shocked:   created?  Are they supposed to be different?  Is there supposed to be a "ox_user" and an "open-xchange" user?

----------

## soviet/funk

I'm at the exact same spot right now (createdb), and luckily i'd done it before... I su'd to postgres on the old server and scrolled back through my bash history. I did this last time: 

```
createdb -O open-xchange -E UNICODE openexchange
```

where owner/user is open-xchange and db is openexchange. These should match DEFAULT_SQL_USER and DEFAULT_SQL_DB in /usr/local/open-xchange/etc/admintools.conf, AND they should match the user created with createuser in the previous command.. 

The problem is that the manual (OX for gentoo) has user "open-xchange" created in the command just before createdb->in which the author would have you enter the username specified previously in admintools.conf, which was "ox_user". So this is a case of juggled username variables in the manual. 

If the author of the guide is reading this, first: EXCELLENT!, second: clean up the use of passwords throughout the guide. The first time i did this install procedure i copied blindly things like "ldapsecretpassword" (yes, i know it was I who was stupid). Add a paragraph to "Conventions" where you list the passwords the installing person needs to keep track of. I have the guide printed out and write my own passwords in the margin. 

I would also like to add that i have had no problems (so far) running OX on amd64. I had to substitute sun jdk for blackdown and change a few paths during the install, but otherwise ... sweeeeet. 

kevin

----------

## ptfoof

 *Quote:*   

> THIS WAS A MISTAKE IN MY PASSWORD IN ADMINTOOLS.CONF!  I STARED AT IT SO MANY 
> 
> TIMES I GUESS I REALLY DIDN'T LOOK AT IT DIGIT/LETTER BY DIGIT/LETTER.  ALTHOUGH I 
> 
> WASTED MY TIME WORKING THIS OUT I DID LEARN A LOT AND THE RESULTS HERE SHOULD
> ...

 

Hi,

I got everything working in Open Xchange and added five users.  I have tested the functionality 

and found it to be good enough for now (there are a few issues with sat/sunday recurring events, 

but that is for another time).  I added several people to my contact list for fun and played around 

with the mail and other aspects.  Looked good!

As I have seen, there are a lot of problems with SASL/LDAP and I am no exceptions.  After all this 

testing I thought I was good to go, but I can't add any new users with 'adduser_ox'!

Although I might have missed something I have checked out the following extensively...

/etc/imapd.conf

/usr/local/open-xchange/etc/admintools.conf

/etc/openldap/slapd.conf

/etc/openldap/lapd.conf

/usr/local/open-xchange/share/init_ldap.ldif

```

# /usr/local/open-xchange/sbin/adduser_ox --username="test" \

--passwd="test_pw" --name="Test" --sname="Lastname" \

--maildomain="pz.com" --ox_timezone="EST"

ldap_bind: Invalid credentials (49)

LDAP Success

SQL Success

gazoo ldplay #

```

I looked in the adduser_ox script and it seems to be line 257 that is causing this problem, but I 

can't find out why:

```
CURRENT_UID=`$LDAPSEARCH_BIN -h $LDAPHOST -D $BINDDN -w $BINDPW -x 

-b $USER_BASEDN "(uid=*)" uidNumber | $GREP_BIN uidNumber | 

$SED_BIN -e 's/^uidNumber://' | $SORT_BIN -nr | $HEAD_BIN -n 1 | $AWK_BIN {'print $1'}`
```

I am surprised to see the '-x' setting which disables SASL!  I guess that this is always assumed

to be done locally.

I checked out my BINDPW and BINDPW settings and they allow me to login using Softerra's free 

and really cool (http://www.softerra.com/products.htm) LDAP Browser 2.6 with the 

BINDDN and BINDPW settings.

results from my ldapsearch...

```

gazoo ldplay # ldapsearch -h pz.com -D cn=Manager,dc=pz,dc=com -w mypasswd -x \

                      -b ou=Users,ou=OxObjects,dc=pz,dc=com "(uid=*)" >> tmp

#

# LDAPv3

# base <ou=Users,ou=OxObjects,dc=pz,dc=com> with scope sub

# filter: (uid=*)

# requesting: ALL

#

# mailadmin, Users, OxObjects, pz.com

dn: uid=mailadmin,ou=Users,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: shadowAccount

objectClass: posixAccount

objectClass: person

objectClass: inetOrgPerson

objectClass: OXUserObject

uidNumber: 501

homeDirectory: /home/mailadmin/

loginShell: /bin/bash

mailEnabled: OK

gidNumber: 500

...snip...

# search result

search: 2

result: 0 Success

# numResponses: 9

# numEntries: 8

```

I did a lot of googling and found a lot of links, but no luck.  Here are my file outputs...

/etc/imapd.conf

```

# Don't forget to use chattr +S (if you are using ext[23])

# when you change these directories (read the docs).

configdirectory:        /var/imap

partition-default:      /var/spool/imap

sievedir:               /var/imap/sieve

tls_ca_path:            /etc/ssl/certs

tls_cert_file:          /etc/ssl/cyrus/server.crt

tls_key_file:           /etc/ssl/cyrus/server.key

# Don't use an everyday user as admin.

admins:                 cyrus

hashimapspool:          yes

allowanonymouslogin:    no

allowplaintext:         yes

# Allow renaming of top-level mailboxes.

#allowusermoves:         yes

# Use this if sieve-scripts could be in ~user/.sieve.

#sieveusehomedir:       yes

# Use saslauthd if you want to use pam for imap.

# But be warned: login with DIGEST-MD5 or CRAM-MD5

# is not possible using pam.

sasl_pwcheck_method:    saslauthd

####################################################

## This is a recommended authentication method if you

## emerge cyrus-sasl with 'postgres' or 'mysql'

## To use with mysql database uncomment those lines below.

#sasl_pwcheck_method: auxprop

#sasl_auxprop_plugin: sql

## possible values for sasl_auxprop_plugin 'mysql', 'pgsql', 'sqlite'.

#sasl_sql_engine: mysql

## all possible values.

sasl_mech_list: LOGIN PLAIN CRAM-MD5 DIGEST-MD5 NTLM

## or limit to CRAM-MD5 only

#sasl_mech_list: CRAM-MD5

## change below to suit your setup.

#sasl_sql_user: mailsqluser

#sasl_sql_passwd: mypasswd 

#sasl_sql_database: mailsqldb

#sasl_sql_hostnames: localhost

#sasl_sql_hostnames: pz.com

#sasl_sql_select: SELECT clear FROM users WHERE email = '%u@%r'

lmtp_downcase_rcpt: yes

```

/usr/local/open-xchange/etc/admintools.conf

```

#!/bin/sh

#

# (c) 2004-2100 ;)

# Author: cutmasta AT netline-is D0T de

#

# OX-SCRIPTS - CONFIGURATION PARAMETER :)

#

############## GENERAL CONFIG STUFF ###############

# Your Company Name

# To which Organisation new User belong!

ORGA="PZ"

# OXBASE

OXBASE=`grep -v '^#' /usr/local/open-xchange/etc/groupware/ldap.conf | grep -i BASE | head -n 1 | awk {'print $2'}`

# LDAP Server

LDAPHOST=`grep -v '^#' /usr/local/open-xchange/etc/groupware/ldap.conf | grep -i HOST | head -n 1 | awk {'print $2'}`

# LDAP Admin

BINDDN="cn=Manager,dc=pz,dc=com"

# LDAP Admin Passwd

#BINDPW={CRYPT}<encrypted output>

#BINDPW=qKeBeq7QH50GY

BINDPW="f6v52n4"

#BINDPW="secret"

# OX LDAP Leaf, where is the "OxObjects" leaf?

OX_LEAF="ou=OxObjects,$OXBASE"

# Default Language

DEFAULT_PREF_LANG="EN"

# Default mail is enabled

DEFAULT_MAIL_ENAB="OK"

# Default the user can send mail to the internet

DEFAULT_INET_MAIL="TRUE"

# Default days of displaying appointments

DEFAULT_OX_APP_DAYS=5

# Default days of displaying tasks

DEFAULT_OX_TASK_DAYS=5

# default the user can write in the global adressbook

DEFAULT_WRITE_GLOBAL_ADDR="TRUE"

# The used Tools - should work on most Systems!

LDAPADD_BIN="ldapadd"

LDAPDELETE_BIN="ldapdelete"

LDAPMODIFY_BIN="ldapmodify"

LDAPSEARCH_BIN="ldapsearch"

GREP_BIN="grep"

SED_BIN="sed"

EXPR_BIN="expr"

SORT_BIN="sort"

HEAD_BIN="head"

TAIL_BIN="tail"

AWK_BIN="awk"

SQL_BIN="psql"

##################################################

###### CONVERT ALL USERNAMES TO LOWERCASE #########

CASE_IGNORE="yes"

##################################################

#################### SQL Stuff #####################

DEFAULT_SQL_HOST="localhost"

DEFAULT_SQL_DB="ox_db"

DEFAULT_SQL_USER="ox_user"

DEFAULT_SQL_PASS="mypasswd "

# Default Table where we store the Rights

RIGHTS_TABLE="usr_general_rights"

# Default Template Table where the template is stored!

TEMPLATE_TABLE="sys_gen_rights_template"

# Default Template for creating Users.

# Must exist in the DB

DEFAULT_TEMPLATE_NAME="default_template"

####################################################

####################### LDAP #######################

# Where are the OX Users

USER_BASEDN="ou=Users,$OX_LEAF"

# Where are the OX Groups

GROUP_BASEDN="ou=Groups,$OX_LEAF"

# Where are the OX Resources

RESOURCES_BASEDN="ou=Resources,ou=ResourceObjects,$OX_LEAF"

# Where are the OX Resource Groups

RESOURCE_GROUPS_BASEDN="ou=ResourceGroups,ou=ResourceObjects,$OX_LEAF"

# Where is the Global Adressbook

GLOBAL_ADDRESSBOOKDN="o=AddressBook,$OX_LEAF"

# where are the adressbook admins

GLOBAL_ADDRESSBOOK_ADMINSDN="cn=AddressAdmins,$GLOBAL_ADDRESSBOOKDN"

# TEMPORARY FILE

TMPDIF="/usr/local/open-xchange/var/temporary_ldap_scripts.ldif"

####################################################

####################################################

HOME_DIR="/home/"

DEFAULT_USR_SHELL="/bin/bash"

SHADOW_EXPIRE=0

SHADOW_MIN=0

SHADOW_MAX=9999

SHADOW_WARN=7

STD_GID=500

MIN_UID=501

MIN_GID=500

####################################################

```

/etc/openldap/slapd.conf

```

#

# See slapd.conf(5) for details on configuration options.

# This file should NOT be world readable.

#

include /etc/openldap/schema/core.schema

include /etc/openldap/schema/cosine.schema

include /etc/openldap/schema/inetorgperson.schema

include /etc/openldap/schema/openldap.schema

include /etc/openldap/schema/misc.schema

include /etc/openldap/schema/nis.schema

include /etc/openldap/schema/openxchange.schema

#include /etc/openldap/slapd.ox.inc

allow bind_v2

backend bdb

password-hash {CRYPT}

loglevel 9

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory

# service AND an understanding of referrals.

#referral       ldap://root.openldap.org

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

# Load dynamic backend modules:

# modulepath    /usr/lib/openldap/openldap

# moduleload    back_bdb.la

# moduleload    back_ldap.la

# moduleload    back_ldbm.la

# moduleload    back_passwd.la

# moduleload    back_shell.la

# Sample security restrictions

#       Require integrity protection (prevent hijacking)

#       Require 112-bit (3DES or better) encryption for updates

#       Require 63-bit encryption for simple bind

# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:

#       Root DSE: allow anyone to read it

#       Subschema (sub)entry DSE: allow anyone to read it

#       Other DSEs:

#               Allow self write access

#               Allow authenticated users read access

#               Allow anonymous users to authenticate

#       Directives needed to implement policy:

# access to dn.base="" by * read

# access to dn.base="cn=Subschema" by * read

# access to *

#       by self write

#       by users read

#       by anonymous auth

#

# if no access controls are present, the default policy

# allows anyone and everyone to read anything but restricts

# updates to rootdn.  (e.g., "access to * by * read")

#

# rootdn can always read and write EVERYTHING!

access to dn.base=""

        by * read

access to dn.base="cn=Subschema"

        by * read

# protect the userPassword attribute

access to attrs=userPassword

        by self write

        by anonymous auth

        by * none

# global address book

access to dn.subtree="o=AddressBook,ou=OxObjects,dc=pz,dc=com"

        by group.exact="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=pz,dc=com" write

        by users read

# personal address book

access to dn.regex="^ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,dc=pz,dc=com)$" attrs=children

        by dn.exact,expand="$1" write

access to dn.regex="^uid=([^,]+),ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,dc=pz,dc=com)$" attrs=entry

        by dn.exact,expand="$2" write

# default rule allowing users full access to their own entries

access to *

        by self write

        by users read

        by anonymous auth

## Just for allowing anyone anything

#access to *

#       by * write

#       by users read

#       by anonymous auth

#######################################################################

# BDB database definitions

#######################################################################

database        bdb

checkpoint      32      30 # <kbyte> <min>

suffix          "dc=pz,dc=com"

rootdn          "cn=Manager,dc=pz,dc=com"

# Cleartext passwords, especially for the rootdn, should

# be avoid.  See slappasswd(8) and slapd.conf(5) for details.

# Use of strong authentication encouraged.

#rootpw {CRYPT}<encrypted output>

rootpw mypasswd 

# The database directory MUST exist prior to running slapd AND

# should only be accessible by the slapd and slap tools.

# Mode 700 recommended.

directory       /var/lib/openldap-data

# Indices to maintain

index objectClass       pres,eq

index gidNumber,memberUid eq

index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub

```

/etc/openldap/ldap.conf

```

## We want the requests to go locally for LDAP, but we need to access the correct database

BASE    dc=pz,dc=com

URI     ldap://pz.com

HOST    localhost

#SIZELIMIT  12

#TIMELIMIT  15

#DEREF      never

```

/usr/local/open-xchange/share/init_ldap.ldif

```

dn: dc=pz,dc=com

objectClass: dcObject

objectClass: organization

dc: pz

o: PZ

dn: ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: OxObjects

dn: ou=Users,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: Users

dn: ou=Groups,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: Groups

dn: ou=ResourceObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: ResourceObjects

dn: ou=ResourceGroups,ou=ResourceObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: ResourceGroups

dn: ou=Resources,ou=ResourceObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: Resources

dn: ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: AdminObjects

dn: ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: SMTPObjects

dn: ou=DNSObjects,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: DNSObjects

dn: o=AddressBook,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organization

o: AddressBook

dn: cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: groupOfNames

cn: AddressAdmins

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=pz,dc=com

dn: cn=users,ou=Groups,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: posixGroup

cn: users

gidNumber: 500

dn: cn=OXSMTPAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: groupOfNames

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=pz,dc=com

cn: OXSMTPAdmins

dn: cn=OXUserAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: groupOfNames

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=pz,dc=com

cn: OXUserAdmins

dn: cn=OXGroupAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: groupOfNames

cn: OXGroupAdmins

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=pz,dc=com

dn: cn=OXDNSAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: groupOfNames

cn: OXDNSAdmins

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=pz,dc=com

dn: cn=OXResourceAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: groupOfNames

cn: OXResourceAdmins

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=pz,dc=com

dn: cn=OXIMAPAdmins,ou=Administration,ou=Groups,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: groupOfNames

member: uid=mailadmin,ou=Users,ou=OxObjects,dc=pz,dc=com

cn: OXIMAPAdmins

dn: ou=Administration,ou=Groups,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: Administration

dn: uid=mailadmin,ou=Users,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: shadowAccount

objectClass: posixAccount

objectClass: person

objectClass: inetOrgPerson

objectClass: OXUserObject

OpenLDAPaci: 1#entry#grant;r,w,s,c;cn,initials,mail,title,ou,l,birthday,description,street,postalcode,st,c,oxtimezone,homephone,mobile,pager,facsimiletelephonenumber,telephonenumber,labeleduri,jpegphoto,loginDestination,sn,givenname,;r,s,c;[all]#self#

uidNumber: 501

homeDirectory: /home/mailadmin/

loginShell: /bin/bash

mailEnabled: OK

gidNumber: 500

mailDomain: pz.com

ou: Administration

uid: mailadmin

sn: Admin

preferredLanguage: EN

mail: mailadmin@pz.com

o: PZ

smtpServer: localhost

imapServer: localhost

alias: postmaster@pz.com

alias: root@pz.com

givenName: Admin

cn: Admin Admin

shadowMin: 0

shadowMax: 9999

shadowWarning: 7

shadowExpire: 0

userPassword: secret

#userPassword: mypasswd 

OXAppointmentDays: 5

OXGroupID: 500

OXTaskDays: 5

OXTimeZone: Europe/Berlin

dn: ou=addr,uid=mailadmin,ou=Users,ou=OxObjects,dc=pz,dc=com

ou: addr

objectClass: top

objectClass: organizationalUnit

dn: ou=MailTransports,ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: MailTransports

dn: smtpDomain=pz.com,ou=MailTransports,ou=SMTPObjects,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

smtpDomainTransportNexthop: smtp:192.168.32.134

smtpDomain: pz.com

objectClass: top

objectClass: OXMailTransportObject

cn: example transport map entry

dn: ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: AvailableServers

description: List of available Servers for OX

dn: ou=directoryServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: directoryServer

dn: ou=webmailServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: webmailServer

dn: ou=smtpServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: smtpServer

dn: ou=SharedFolder,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: SharedFolder

dn: ou=imapServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: imapServer

dn: domainName=pz.com,ou=DNSObjects,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: OXVDomainObject

MTALocaldomain: TRUE

domainName: pz.com

dn: ou=groupwareServer,ou=AvailableServers,ou=AdminObjects,ou=OxObjects,dc=pz,dc=com

objectClass: top

objectClass: organizationalUnit

ou: groupwareServer

```

If no one can give me a simple answer then perhaps you could suggest an approach to debug this 

problem.  Thanks in advance for the help... - Pete

----------

## cpunchin

A new stable version 0.8.2 has been released!

http://mirror.open-xchange.org/ox/EN/community/download.htm

I'll try to install it this weekend!

----------

## cpunchin

 *Quote:*   

> If no one can give me a simple answer then perhaps you could suggest an approach to debug this
> 
> problem. Thanks in advance for the help... - Pete

 

Pete: It seems to me an encrypted LDAP password issue. Try using an unencrypted password in /etc/openldap/slapd.conf under the rootpw param and comment the 'password-hash {CRYPT}' line.

Hope this helps.

----------

## rickvernam

I think this is more an ldap question than anything else...

but I've got a bunch of users (well, a few more than a dozen I think) that have all been created with a certain domain name.  now, I want to change that domain name, and move all the existing users over to the new domain name.

ldapmodify maybe?  but I don't know if such a change is possible even...?

any ideas?

Thanks...

----------

## mgvanbochove

[quote="bitwh0re"] *odborg wrote:*   

> I managed to get to page 18 in the pdf. When i try web i receive internal server error 500. I the start the procces manually and get this when i start openexchange-sessiond:
> 
> [code]oxsessiond init (Port=<33333>)
> 
> Exception in thread "main" java.lang.UnsatisfiedLinkError: /usr/lib/open-xchange/liboxssl.so: /usr/lib/open-xchange/liboxssl.so: undefined symbol: BIO_s_mem
> ...

 

I had the same problem and fixed it by re emerging openssl and open-xchange:

# emerge openssl open-xchange

----------

## giulianoz

Hi,

 i followed the v0.25 tutorial and I'm at the end of the whoole thing. I'm trying to login using the http://myserver/cgi-bin/login.pl page. the login procedure works fine (I think) because I'm rejected if I use a bad login, but when I use a good login I get the following page:

```

HTTP Status 500 -

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

javax.servlet.ServletException: Servlet execution threw an exception

root cause

java.lang.NoClassDefFoundError

   com.openexchange.thread.Sdc.createSSLSocket(Sdc.java:124)

   webmail.doGet(webmail.java:187)

   javax.servlet.http.HttpServlet.service(HttpServlet.java:689)

   javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

note The full stack trace of the root cause is available in the Apache Tomcat/5.0.27 logs.

Apache Tomcat/5.0.27

```

this is the tomcat logs 

```

2006-07-20 14:09:32 StandardWrapperValve[webmail]: Servlet.service() for servlet webmail threw exception

java.lang.NoClassDefFoundError

        at com.openexchange.thread.Sdc.createSSLSocket(Sdc.java:124)

        at webmail.doGet(webmail.java:187)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)

        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)

        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

        at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)

        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)

        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)

        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)

        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)

        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)

        at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)

        at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:300)

        at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:374)

        at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:743)

        at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:675)

        at org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:866)

        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)

        at java.lang.Thread.run(Thread.java:534)

```

I looked in the ox forums and in google but I've found a lot of similar problems with tons of different solutions, but nothing that's almost the same as this one  :Sad: 

I never used java for development so I don't know how to read this error log, but I think the "java.lang.NoClassDefFoundError" refer to a missing class definition, but how can I know what class is missing ?

thanks

giuliano

----------

## dashnu

I'm back... I was away from this thread for some time because I used gentoo & OX 0.7.5 in production for some time but upgrades at the time were un-do-able.. So I bought OX 5 and have been running that for the past year at my current job.

Two days ago I decided to install OX on gentoo again at home for a small business I am trying to set up.

So now two days later I have a (almost) fully working OX system using cyrus-imad, postgresql, postfix, and sasl. I even setup amavis-new / spamassassin using pyzor razor dcc and bayes.. Still need to set up a shared imap folder for Spam and one for Ham so I can teach bayes but that should be easy... 

Anyways I am pretty happy with the progress of this ebuild. The only thing I cant seem to get working is smartsieve. I access that page and it just hangs... I am sure this is due to my USE flags. I am anal and use -* in my make.conf and use packages.use for all other use flags. Does someone know what use flags i need for php to make this work? I have already figured out the following.

apache2 cli pcre xml zlib session

One last question. Can I allow mailadmin to see the calendar, if so how? Or how can I delete a Public folder from ldap or postgresql ?

Thanks.

----------

## facundooz

Hi,

     I've installed open-xchange version 0.8.2-p1 from https://bugs.gentoo.org/show_bug.cgi?id=62197 because I have a persistent error: Whenever I click at "setup" link in the groupware I get this classloader error:

 *Quote:*   

> 
> 
> 2006-09-13 12:24:26 StandardWrapperValve[Login]: Servlet.service() para servlet Login lanzó excepción
> 
> java.lang.UnsatisfiedLinkError: Native Library /usr/lib/open-xchange/liboxssl.so.1.0.0 already loaded in another classloader
> ...

 

I have tomcat 5.0.27 (I 've reinstalled it a lot of times, already) , blackdown-jdk-1.4.2.03 and sun-jdk-1.5.0.08.

I guess it's a configuration mistake, because open-xchange tries to load again th module liboxssl....  :Idea: 

Can sombody help me? I need to put in production right now...   :Crying or Very sad:   :Crying or Very sad:   :Crying or Very sad: 

Thanks in advance...

----------

## dashnu

If you want to disable ssl

try this...

vi /var/lib/tomcat-5.5/webapps/umin/WEB-INF/classes/oxuserminconfig.properties

add " SESSIOND_ENABLESSL=NO "

If that does not work try this..

vi <apache_dir>/cgi-bin/login.pm

change "my $connection_mode = 2;" to 

           "my $connection_mode = 3;" 

Also in groupware/system.properties & webmail/system.properties they have a TLS option

ENABLETLS:yes" to "ENABLETLS:no"

IMHO if the services are all running on the same box you do not to use ssl between daemons..

----------

## facundooz

Hi,

    I am having some errors when I try to add a new user, exactly when the script tries to make an insert in the postgresql database:

 *Quote:*   

> 
> 
> mail ~ # /usr/sbin/addusersql_ox --username=pepe@domain.com --lang=EN
> 
> org.postgresql.util.PSQLException: Operation requires a scrollable ResultSet, but this ResultSet is FORWARD_ONLY.
> ...

 

   The same happens when I try to add a new entry at the calendar. Maybe a problem in the jdbc3-postgresql package?

In addition of this, it results to me very strange the last log line:

ERROR:  duplicate key violates unique constraint "usr_general_rights_pkey"

I cannot delete this index, because in the webmin page it gives me an error message...

thanks in advance

----------

## blh

* Addition to HOWTO:

The project Gantt Chart is depending on a few X11 libraries. If you, as I didn't have X11 installed, you have to emerge the following packages:

 *Quote:*   

> x11-libs/libXt
> 
> x11-libs/libXp
> 
> x11-libs/libXtst

 

I've also got a question regarding the user "setup". It doesnt seem to work for me and the only error i've been able to find is this, from the sessiond.log.

 *Quote:*   

> Nov 14 21:09:37 localhost openexchange: SockerHandler.run: SSLException:com.openexchange.ssl.SSLException:
> 
> 26278:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:562:
> 
> ssl server fails to process ssl handshake
> ...

 

Any clue what I could have been doing wrong? Oh yes, the setup right is granted in the postgres database.

blh.

----------

## harmon

Is there a chance that this HOW-TO will be upgraded in the near future? I tried following the steps, but since it has been about a year (I believe) since the last edition, some of the configurations do not seem to be working on the newer versions of the various bits of software.

Also, it might be a good idea to make it clear what needs to be copied exactly and what the installer would need to change. For example, instead of merely writing ox-domain.tld have it italized, ox-domain.tld. This way the installer would know they need to input their own information.

Thanks for the guide!

 *bitwh0re wrote:*   

> Good day all,
> 
> I've finished a rough draft outlining how to get OX installed on Gentoo using:
> 
> - Postfix / Cyrus / SASL
> ...

 

----------

## gorynychalex

When clicking on "Setup" the following exception occurs :

------------------------------------------------------------------------

Setup

HTTP Status 500 -

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

javax.servlet.ServletException: Servlet execution threw an exception

root cause

java.lang.NoClassDefFoundError

	com.openexchange.thread.Sdc.createSSLSocket(Sdc.java:124)

	com.openexchange.umin.Login.userAuthenticated(Login.java:95)

	com.openexchange.umin.Login.doPost(Login.java:79)

	com.openexchange.umin.Login.doGet(Login.java:73)

	javax.servlet.http.HttpServlet.service(HttpServlet.java:743)

	com.openexchange.umin.OXUsermin.service(OXUsermin.java:86)

	javax.servlet.http.HttpServlet.service(HttpServlet.java:856)

note The full stack trace of the root cause is available in the Apache Tomcat/5.5 logs.

------------------------------------------------------------------------

/var/log/tomcat-5.5/localhost.2006-12-18.log:

Dec 18, 2006 12:22:01 PM org.apache.catalina.core.StandardWrapperValve invoke

SEVERE: Servlet.service() for servlet Login threw exception

java.lang.NoClassDefFoundError

        at com.openexchange.thread.Sdc.createSSLSocket(Sdc.java:124)

        at com.openexchange.umin.Login.userAuthenticated(Login.java:95)

        at com.openexchange.umin.Login.doPost(Login.java:79)

        at com.openexchange.umin.Login.doGet(Login.java:73)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)

        at com.openexchange.umin.OXUsermin.service(OXUsermin.java:86)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)

        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)

 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)

        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)

        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)

        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)

        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)

        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)

        at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:199)

        at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:282)

        at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767)

        at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697)

at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:889)

        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)

        at java.lang.Thread.run(Thread.java:595)

----------------------------------------------------------------------

I DON'T WANT DISABLE SSL !!!

----------------------------------------------------------------------

Sysem:

GENTOO

Linux 2.6.16.19 #1 SMP Wed Jun 7 11:21:34 VLAST 2006 x86_64 Intel(R) Xeon(TM) CPU 2.80GHz GNU/Linux

open-xchange-0.8.2_p1

openldap-2.3.27

postgresql-8.1.4

apache-2.0.59

tomcat-5.5.20

----------

