[CalendarServer-users] Multi-user XMLDirectoryService

Cyrus Daboo cdaboo at apple.com
Thu Mar 20 07:10:07 PDT 2008 

Hi Alan,
Points well taken. Some comments below:

--On March 20, 2008 3:11:12 PM +0200 Alan Levin <alan at futureperfect.co.za> 
wrote:

>> I've been playing around with multi-user access under the
>> XMLDirectoryService and had the following questions:
>
> We've been playing around with this for over 18 months and I apologise
> for any negative sentiment here, but I suggest that Apple have not
> been very helpful in this project. Cyrus, maybe you can tell us a
> little about how your time is spent on this?

Obviously I can't describe in any detail specifics of what is happening at 
Apple, but rest assured CalendarServer is an important product for us. 
Remember, the code you see on MacOSForge is what we have in OS X Server.

> I've been following this list since Aug 2006 and last year I was
> disappointed that we had to wait for Leopard to make use of this
> software. Now that I've installed Leopard and spent many hours playing
> with the config files I have lost confidence in this project.

CalendarServer obviously works best with Leopard where the setup and 
configuration really is minimal when tied to the directory service. There 
has not been a lot of work on the "static" XML accounts directory piece. 
Right now that is mainly used for doing unit testing etc.

> There is no doubt that the world needs a good calendar server as MS
> Exchange seems to be the only viable option (and I cannot bring myself
> to using it for clients - we just do not like supporting the MS
> platform). Zimbra seems to be a potential alternative but too
> expensive. DAViCal looks interesting but really just experimental.

Some points (this is written in my role as one of the CalDAV spec 
co-authors): CalDAV is still a relatively new protocol. It is still in some 
flux with some major changes expected to the scheduling model (the 
specification for which is still only a "draft"). As we and others start to 
deploy this we gain experience of what the "missing pieces" are. Bear in 
mind that at the time CalDAV was a "pragmatic" solution to several failed 
attempts to define a standards-based calendar protocol. We started with the 
goal of putting the minimal pieces together to give a protocol that would 
be quick to implement.

The good news is that there are now a lot of vendors (certainly on the 
server side) implementing this stuff and a lot of momentum behind it. On 
going work in the Calendaring and Scheduling Consortium (of which Apple is 
of course a member) is helping to address the missing pieces of the 
protocol via extensions. Of course this will take some time to do, but in 
the meantime we should still have a viable solution.

> Gerald asks superb questions, and definitely the same position we're
> in right now:
>
>> - Is it possible to allow users to access the calendar of other
>> users? Either read-only or read-write but without sharing
>> credentials. I can see how this can be done using <location> via
>> <proxies>, but can it be done directly as a user? Or do I need to
>> hack it using a resource or location? Is there a recommended way of
>> doing this?
>>
>> - What's the difference between a resource and a location?
>>
>> - What's the meaning of the <password> field for groups, locations
>> and resources?
>>
>> - Under <proxies>, what are valid <member type=... values and what's
>> their meaning? Is this where I can use groups?
>
> His questions reflect some other observations:
> - Lacking of documentations

Yes - we need more documentation on the XML directory setup.

> - If you search apples web site for calendarserver = no results

To be fair I did get 186 hits when I searched for "calendar server". Also, 
Apple's site is geared towards "iCal Server" which is what Calendar Server 
is called in Leopard OS X Server.

> - After more than 2 years, this is simply not scalable in it's current
> form

Can you discuss your scaleability issues? We do want to hear about these 
concerns and experiences so we can try and address them (and we certainly 
DO want to address them).

> - The project makes use of outdated or bloated components

Which ones in particular?

> I really hope that there is a way to salvage this. The idea in
> principle is superb.

Something that will be happening soon (and I know I promised this a few 
months back): I have been working on an open source toolset that will allow 
command-line management of key features such as access control and 
delegates/proxies. These will allow setting up of shared calendars etc 
without having to use iCal or being tied to the OD directory service. There 
is also a basic tool to manage the XML directory file too. Simple actions 
such as "list users", "add user", "delete user" etc. The goal is to build 
that up into something that will avoid the need to ever edit the XML file 
directly.

Hopefully this will help in the short term and provide a basis for people 
to build e.g. web-based administration tools using this code on the back 
end to provide better administration for the open source users.

-- 
Cyrus Daboo

More information about the calendarserver-users mailing list