[CalendarServer-users] Errors with group based access control

Josh Wisenbaker macshome at afp548.com
Thu Dec 14 09:45:10 PST 2006

On Thu, December 14, 2006 9:00 am, Frank Strauß wrote:
> Josh Wisenbaker wrote:
>> On Thu, December 14, 2006 8:09 am, Frank Strauß wrote:
>>> This happens when I try to "get details" in Mulberry on a group's
>>> directory, no matter whether I am a member of that group or not.
>>> (I am using the XML directory backend as long as I don't know how to
>>> use
>>> LDAP.)
>> No idea on the get details issue, but as soon as I get my lab set back
>> up
>> after my move I plan to evaluate the new trunk and then write my article
>> on LDAP integration.
>> The only bit that wasn't working for me was kerb, which I realized
>> doesn't
>> matter as I haven't seen any kerberized caldav clients to use. :)
>> The basics are...
>> 1. Extend your schema to add a calendar principal attribute.
>> 2. Rebuild and install PyOpenDirectory with your custom attribute.
> Thanks, Josh!
> You motivate me to give it another try... :-) But I have some further
> questions:
> Where did you take the OID from? Is it
> kind of official? Does it matter in any way which OID we use (as long as
> we are testing it in our own environments)?

That's based on Apple's assignment. The "" means private
enterprise and the "63" means Apple. I've submitted a request to IANA for
a AFP548.com number to use.

I suppose it really doesn't matter as long as Apple never conflicted
anything with it.

> What values do you put into calendarPrincipalURI attributes? Full URIs
> with a "http://cal.example.com:8008" prefix or just something like
> "/principals/user/josh"?

The FQDN of the principal.

I was planning on doing a script or dsimport template for the article to
batch add the attributes.

> I'm no Python guru. Do you know how this warning can be avoided?
> Probably at some place, my Tiger Python-2.3 stuff is used, although 2.5
> is available and the first in my $PATH.
> 2006/12/14 15:49 +0200 [-]
> /private/var/automount/home/strauss/Developer/CalendarServer/twistedcaldav/directory/appleopendirectory.py:30:
> exceptions.RuntimeWarning: Python C API version mismatch for module
> opendirectory: This Python has API version 1013, module opendirectory
> has version 1012.

No clue! :)


Josh Wisenbaker
U, U, D, D, L, R, L, R, B, A, Start for your server

More information about the calendarserver-users mailing list