Thanks, Now is calendarserver working with OpenLDAP, however there is still one issue - iMIP For some reason, com.apple.calendarserver user cannot be authenticated against calendar server 2011-04-06 11:04:07+0200 [-] [caldav-8008] [AuthorizedHTTPGetter,client] [twistedcaldav.scheduling.imip#error] Could not do server-to-imip request : <twistedcaldav.scheduling.imip.ScheduleViaIMip object at 0x3990a50> Mail gateway not able to process reply; could not authenticate user com.apple.calendarserver with calendar server 2011-04-06 11:04:07+0200 [-] [caldav-8008] [AuthorizedHTTPGetter,client] [twistedcaldav.scheduling.scheduler.ScheduleResponseQueue#error] Error during PUT for mailto:xxx@xxxx: None User com.apple.calendarserver is in OpenLDAP configuration with dn: cn:com.apple.calendarserver,ou=people,dc=example,dc=com Using same account I am able to authenticate users without issue. I also get entryUUID and add it to admin principals, but it still doesn't work. Before I used openLDAP i was using account.xml file and there it was working just fine. Any advice? 2011/4/6, Fredrik Unger <fred@tree.se>:
Hi,
as I understand, there is possible to get together OpenLDAP and calendarserver. However it is not clear, how record in LDAP should looks like. From my initial test it seems, that structure in OpenLDAP has to be altered a little to support Apple UUIDs for groups and users. Or I simply doing anything wrong?
I have so far been successful with a simple calendar accessed from Sunbird.
My ldap setup is a standard ou=people,dc=example,dc=com structure filled with OpenLDAPPersons. The caldavd.plist section [1] was a simple rework for the one supplied by Debian. I am not using resources or location.
# user, people, example.com dn: uid=user,ou=people,dc=example,dc=com givenName: Name sn: Lastname userPassword:: hashedpassword loginShell: /bin/bash uidNumber: NNNN gidNumber: MMMM mail: user@example.com uid: user objectClass: OpenLDAPperson objectClass: posixAccount cn: Name Lastname homeDirectory: /home/user
In this case it is also a posixAccount, but I do not think that makes a difference.
Can anybody send me example of working OpenLDAP configuration with LDIF,caldavd.plist files. I also need working iMIP gateway. I was able to make it work with accounts.xml file, but I would like to see it in LDAP.
I do not use iMIP.
I am using debian squeeze with calendarserver 2.4
Me too, still interested in hints how to get a workable solution for groups, on 2.4. http://www.mail-archive.com/calendarserver-users@lists.macosforge.org/msg017...
[1] <key>DirectoryService</key> <dict> <key>type</key>
<string>twistedcaldav.directory.ldapdirectory.LdapDirectoryService</string>
<key>params</key> <dict> <key>cacheTimeout</key> <integer>30</integer> <key>realmName</key> <string>Calendar Realm</string> <key>uri</key> <string>ldapi://%2fvar%2frun%2fslapd%2fldapi</string> <!-- <string>ldaps://example.com/</string> --> <key>tls</key> <false/> <key>tlsCACertFile</key> <string></string> <key>tlsCACertDir</key> <string></string> <key>tlsRequireCert</key> <string>demand</string> <key>credentials</key> <dict> <key>dn</key> <string></string> <key>password</key> <string></string> </dict> <key>authMethod</key> <string>LDAP</string> <key>rdnSchema</key> <dict> <key>base</key> <string>dc=example,dc=com</string> <key>guidAttr</key> <string>entryUUID</string> <key>users</key> <dict> <key>rdn</key> <string>ou=people</string> <key>attr</key> <string>uid</string> <key>emailSuffix</key> <string></string> <key>filter</key> <string>(objectClass=OpenLDAPPerson)</string> </dict> <key>groups</key> <dict> <key>rdn</key> <string>ou=groups</string> <key>attr</key> <string>cn</string> <key>emailSuffix</key> <string></string> <key>filter</key> <string></string> </dict> <key>locations</key> <dict> <key>rdn</key> <string>ou=Locations</string> <key>attr</key> <string>cn</string> <key>emailSuffix</key> <string></string> <key>filter</key> <string></string> </dict> <key>resources</key> <dict> <key>rdn</key> <string>ou=Resources</string> <key>attr</key> <string>cn</string> <key>emailSuffix</key> <string></string> <key>filter</key> <string></string> </dict> </dict> <key>groupSchema</key> <dict> <key>membersAttr</key> <string>member</string> <key>memberIdAttr</key> <string></string> </dict> </dict> </dict>
_______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users