Locations & resources in LDAP in version 3.2?
Hello.... I'm running caldavd v. 3.2 as packaged on Debian Wheezy. I get my users from LDAP. I would also like to get my locations and resources from LDAP. However, when I do a search for, say, locations, with calendarserver_manage_principals I see no traffic to the LDAP server? I only seem to be able to add locations to the system by defining them in resources.xml. How are resources and locations to be configured for LDAP? I see the configuration of this in caldavd.plist has changed quite a lot since version 2.* Regards, Tobias Balle-Petersen -- View this message in context: http://old.nabble.com/Locations---resources-in-LDAP-in-version-3.2--tp341503... Sent from the Calendar Server - Users mailing list archive at Nabble.com.
By default, users and groups come from the configured directory service, while locations and resources are stored in XML. To get all 4 types from LDAP modify the caldavd.plist as follows: 1) Disable the resource/location XML service by changing "ResourceService > Enabled" to false: <key>ResourceService</key> <dict> <key>Enabled</key> <false/> 2) Configure the directory service to handle all 4 types by adding a "recordTypes" key to the "DirectoryService > params" dictionary: <key>DirectoryService</key> <dict> <key>type</key> <string>twistedcaldav.directory.ldapdirectory.LdapDirectoryService</string> <key>params</key> <dict> <key>recordTypes</key> <array> <string>users</string> <string>groups</string> <string>locations</string> <string>resources</string> </array> Hope that helps, ~morgen On Jul 12, 2012, at 3:51 AM, Tobias Balle-Petersen <tobiasbp@gmail.com> wrote:
Hello....
I'm running caldavd v. 3.2 as packaged on Debian Wheezy.
I get my users from LDAP. I would also like to get my locations and resources from LDAP. However, when I do a search for, say, locations, with calendarserver_manage_principals I see no traffic to the LDAP server? I only seem to be able to add locations to the system by defining them in resources.xml.
How are resources and locations to be configured for LDAP? I see the configuration of this in caldavd.plist has changed quite a lot since version 2.*
Regards, Tobias Balle-Petersen -- View this message in context: http://old.nabble.com/Locations---resources-in-LDAP-in-version-3.2--tp341503... Sent from the Calendar Server - Users mailing list archive at Nabble.com.
_______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo/calendarserver-users
Morgen Sagen wrote:
2) Configure the directory service to handle all 4 types by adding a "recordTypes" key to the "DirectoryService > params" dictionary: <key>DirectoryService</key> <dict> <key>type</key>
<string>twistedcaldav.directory.ldapdirectory.LdapDirectoryService</string>
<key>params</key> <dict> <key>recordTypes</key> <array> <string>users</string> <string>groups</string> <string>locations</string> <string>resources</string> </array>
Thank you for your suggestions, but groups works without adding your suggestions? Why? Also, how would i proceed to define where the server should look for my locations & resources having added the recordTypes? Thanks, Tobias -- View this message in context: http://old.nabble.com/Locations---resources-in-LDAP-in-version-3.2--tp341503... Sent from the Calendar Server - Users mailing list archive at Nabble.com.
I just added a new wiki page linked-to from our FAQ. Please see: https://trac.calendarserver.org/wiki/ConfiguringLDAP Your groups probably just worked because the default RDN being used matches your LDAP server (?) On Jul 12, 2012, at 8:58 AM, Tobias Balle-Petersen <tobiasbp@gmail.com> wrote:
Morgen Sagen wrote:
2) Configure the directory service to handle all 4 types by adding a "recordTypes" key to the "DirectoryService > params" dictionary: <key>DirectoryService</key> <dict> <key>type</key>
<string>twistedcaldav.directory.ldapdirectory.LdapDirectoryService</string>
<key>params</key> <dict> <key>recordTypes</key> <array> <string>users</string> <string>groups</string> <string>locations</string> <string>resources</string> </array>
Thank you for your suggestions, but groups works without adding your suggestions? Why? Also, how would i proceed to define where the server should look for my locations & resources having added the recordTypes?
Thanks, Tobias
-- View this message in context: http://old.nabble.com/Locations---resources-in-LDAP-in-version-3.2--tp341503... Sent from the Calendar Server - Users mailing list archive at Nabble.com.
_______________________________________________ calendarserver-users mailing list calendarserver-users@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo/calendarserver-users
Morgen Sagen wrote:
I just added a new wiki page linked-to from our FAQ. Please see:
Great stuff, thank you so much. I can now see my locations as found in LDAP. I can not, however, control auto-schedule and proxies from LDAP. Using the configuration below, I see no proxies for "room1" and auto-schedule is disabled (I'm using calendarserver_manage_principals to look up data) for the room. Here are the relevant (I think) bits from caldavd.plist: <key>locations</key> <dict> <key>rdn</key> <string>ou=people,o=locations,o=calendar</string> <key>mapping</key> <dict> <key>recordName</key> <string>uid</string> <key>fullName</key> <string>homePostalAddress</string> <key>emailAddresses</key> <string></string> <key>firstName</key> <string></string> <key>lastName</key> <string></string> </dict> </dict> <key>resourceSchema</key> <dict> <key>resourceInfoAttr</key> <string></string> <!-- Leaving this empty should make caldavd use the attributes below --> <key>autoScheduleAttr</key> <string>homePhone</string> <key>autoScheduleEnabledValue</key> <string>yes</string> <key>proxyAttr</key> <string>personalTitle</string> <key>readOnlyProxyAttr</key> <string>academicTitle</string> </dict> My LDAP record: ObjectClasses top person organizationalPerson inetOrgPerson gosaAccount Attributes cn: room1 room1 givenName: room1 homePhone: yes homePostalAddress: Description here personalTitle: I have a users guid here uid: room1 On the wiki, maybe you should/could update this: <key>guidAttr</key> <string>GUID</string> to: <key>guidAttr</key> <string>entryUUID</string> as openLDAP automatically generates a uuid for all objects. Regards, Tobias Balle-Petersen -- View this message in context: http://old.nabble.com/Locations---resources-in-LDAP-in-version-3.2--tp341503... Sent from the Calendar Server - Users mailing list archive at Nabble.com.
Tobias Balle-Petersen wrote:
I can now see my locations as found in LDAP.
I can see my locations using "calendarserver_manage_principals --list-principals locations" but the clients (iCal) can not look up the locations. If I reconfigure to use the resources.xml file, clients (iCal) can look up the locations as configured in the xml file. So, why don't I bite the bullet and configure in resources.xml? I need to enable auto-schedule, but I can not. As far as I can see, setting auto-schedule in resources is no longer allowed (That's what I did in v. 2.4) in resources.xml. If I try to use calendarserver_manage_principals i get errors (It tries to contact my ldap server even if locations are in the xml file) ?: root@wheezy32:/etc/caldavd# calendarserver_manage_principals -v --set-auto-schedule=true 6ffc0cf2-1cc2-4c9d-b974-144211a11edd [twistedcaldav.directory.ldapdirectory.LdapDirectoryService#info] Connecting to LDAP 'ldap://********/' Setting auto-schedule to true for "Møde: Køkkenet" (locations:kokkenet) Unhandled error in Deferred: Unhandled error in Deferred: Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1187, in unwindGenerator return _inlineCallbacks(None, gen, Deferred()) File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1045, in _inlineCallbacks result = g.send(result) File "/usr/lib/python2.7/dist-packages/calendarserver/tools/principals.py", line 695, in action_setAutoSchedule **principal.record.extras File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1187, in unwindGenerator return _inlineCallbacks(None, gen, Deferred()) --- <exception caught here> --- File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1045, in _inlineCallbacks result = g.send(result) File "/usr/lib/python2.7/dist-packages/calendarserver/tools/principals.py", line 810, in updateRecord record = directory.updateRecord(recordType, **kwargs) File "/usr/lib/python2.7/dist-packages/twistedcaldav/directory/aggregate.py", line 251, in updateRecord password=password, **kwargs) File "/usr/lib/python2.7/dist-packages/twistedcaldav/directory/xmlfile.py", line 520, in updateRecord self._persistRecords(accountsElement) File "/usr/lib/python2.7/dist-packages/twistedcaldav/directory/xmlfile.py", line 402, in _persistRecords self.xmlFile.setContent(elementToXML(element)) File "/usr/lib/python2.7/dist-packages/twisted/python/filepath.py", line 1104, in setContent f = sib.open('w') File "/usr/lib/python2.7/dist-packages/twisted/python/filepath.py", line 639, in open return self.create() File "/usr/lib/python2.7/dist-packages/twisted/python/filepath.py", line 1141, in create fdint = os.open(self.path, _CREATE_FLAGS) exceptions.OSError: [Errno 13] Permission denied: '/etc/caldavd/EOQ_35AEdGmHCbBEresources.xml.new' Unhandled Error Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1187, in unwindGenerator return _inlineCallbacks(None, gen, Deferred()) File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1045, in _inlineCallbacks result = g.send(result) File "/usr/lib/python2.7/dist-packages/calendarserver/tools/principals.py", line 695, in action_setAutoSchedule **principal.record.extras File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1187, in unwindGenerator return _inlineCallbacks(None, gen, Deferred()) --- <exception caught here> --- File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1045, in _inlineCallbacks result = g.send(result) File "/usr/lib/python2.7/dist-packages/calendarserver/tools/principals.py", line 810, in updateRecord record = directory.updateRecord(recordType, **kwargs) File "/usr/lib/python2.7/dist-packages/twistedcaldav/directory/aggregate.py", line 251, in updateRecord password=password, **kwargs) File "/usr/lib/python2.7/dist-packages/twistedcaldav/directory/xmlfile.py", line 520, in updateRecord self._persistRecords(accountsElement) File "/usr/lib/python2.7/dist-packages/twistedcaldav/directory/xmlfile.py", line 402, in _persistRecords self.xmlFile.setContent(elementToXML(element)) File "/usr/lib/python2.7/dist-packages/twisted/python/filepath.py", line 1104, in setContent f = sib.open('w') File "/usr/lib/python2.7/dist-packages/twisted/python/filepath.py", line 639, in open return self.create() File "/usr/lib/python2.7/dist-packages/twisted/python/filepath.py", line 1141, in create fdint = os.open(self.path, _CREATE_FLAGS) exceptions.OSError: [Errno 13] Permission denied: '/etc/caldavd/EOQ_35AEdGmHCbBEresources.xml.new' Main loop terminated. -- View this message in context: http://old.nabble.com/Locations---resources-in-LDAP-in-version-3.2--tp341503... Sent from the Calendar Server - Users mailing list archive at Nabble.com.
I have since realized that the calendarserver_manage_principals command must be run as user caldavd (On my Debian Wheezy) like this to work: su caldavd -p -c "calendarserver_manage_principals --list-principals locations" I have not been able to solve the problem of the iCal client not being able to look-up/auto-complete locations if they are stored in LDAP. For that reason i have been forced to define locations locally in resources.xml
On Aug 23, 2012, at 8:18 AM, tobiasbp <tobiasbp@gmail.com> wrote:
I have not been able to solve the problem of the iCal client not being able to look-up/auto-complete locations if they are stored in LDAP.
For that reason i have been forced to define locations locally in resources.xml
My guess is your caldavd plist settings for LDAP don't match your LDAP server settings. See this page for an example DirectoryService plist section: http://trac.calendarserver.org/wiki/ConfiguringLDAP ...especially the locations > mapping section -- make sure the values in that mapping match the LDAP attributes from your server.
On Thu, Jul 12, 2012 at 1:26 PM, Morgen Sagen <sagen@apple.com> wrote:
I just added a new wiki page linked-to from our FAQ. Please see:
Is there documentation on setting things up to work in postgres rather than filesystem? Actually, here's a quick question: if I use postgres, does that mean that I DO NOT need a filesystem with extended attributes? -- Chris Cleeland
participants (4)
-
Chris Cleeland
-
Morgen Sagen
-
Tobias Balle-Petersen
-
tobiasbp