[CalendarServer-users] OpenLDAP & calendarserver
Ladislav Wartha
lwartha at gmail.com
Wed Apr 6 02:21:24 PDT 2011
Thanks,
Now is calendarserver working with OpenLDAP, however there is still
one issue - iMIP
For some reason, com.apple.calendarserver user cannot be authenticated
against calendar server
2011-04-06 11:04:07+0200 [-] [caldav-8008]
[AuthorizedHTTPGetter,client] [twistedcaldav.scheduling.imip#error]
Could not do server-to-imip request :
<twistedcaldav.scheduling.imip.ScheduleViaIMip object at 0x3990a50>
Mail gateway not able to process reply; could not authenticate user
com.apple.calendarserver with calendar server
2011-04-06 11:04:07+0200 [-] [caldav-8008]
[AuthorizedHTTPGetter,client]
[twistedcaldav.scheduling.scheduler.ScheduleResponseQueue#error] Error
during PUT for mailto:xxx at xxxx: None
User com.apple.calendarserver is in OpenLDAP configuration with dn:
cn:com.apple.calendarserver,ou=people,dc=example,dc=com
Using same account I am able to authenticate users without issue. I
also get entryUUID and add it to admin principals, but it still
doesn't work.
Before I used openLDAP i was using account.xml file and there it was
working just fine.
Any advice?
2011/4/6, Fredrik Unger <fred at tree.se>:
> Hi,
>
>> as I understand, there is possible to get together OpenLDAP and
>> calendarserver. However it is not clear, how record in LDAP should
>> looks like.
>> From my initial test it seems, that structure in OpenLDAP has to be
>> altered a little to support Apple UUIDs for groups and users. Or I
>> simply doing anything wrong?
>
> I have so far been successful with a simple calendar accessed from Sunbird.
>
> My ldap setup is a standard ou=people,dc=example,dc=com structure filled
> with OpenLDAPPersons.
> The caldavd.plist section [1] was a simple rework for the one supplied by
> Debian.
> I am not using resources or location.
>
> # user, people, example.com
> dn: uid=user,ou=people,dc=example,dc=com
> givenName: Name
> sn: Lastname
> userPassword:: hashedpassword
> loginShell: /bin/bash
> uidNumber: NNNN
> gidNumber: MMMM
> mail: user at example.com
> uid: user
> objectClass: OpenLDAPperson
> objectClass: posixAccount
> cn: Name Lastname
> homeDirectory: /home/user
>
> In this case it is also a posixAccount, but I do not think that makes a
> difference.
>
>> Can anybody send me example of working OpenLDAP configuration with
>> LDIF,caldavd.plist files. I also need working iMIP gateway. I was able
>> to make it work with accounts.xml file, but I would like to see it in
>> LDAP.
>
> I do not use iMIP.
>
>> I am using debian squeeze with calendarserver 2.4
>
> Me too, still interested in hints how to get a workable solution for groups,
> on 2.4.
> http://www.mail-archive.com/calendarserver-users@lists.macosforge.org/msg01743.html
>
>
> [1]
> <key>DirectoryService</key>
> <dict>
> <key>type</key>
>
> <string>twistedcaldav.directory.ldapdirectory.LdapDirectoryService</string>
>
> <key>params</key>
> <dict>
> <key>cacheTimeout</key>
> <integer>30</integer>
> <key>realmName</key>
> <string>Calendar Realm</string>
> <key>uri</key>
> <string>ldapi://%2fvar%2frun%2fslapd%2fldapi</string>
> <!-- <string>ldaps://example.com/</string> -->
> <key>tls</key>
> <false/>
> <key>tlsCACertFile</key>
> <string></string>
> <key>tlsCACertDir</key>
> <string></string>
> <key>tlsRequireCert</key>
> <string>demand</string>
> <key>credentials</key>
> <dict>
> <key>dn</key>
> <string></string>
> <key>password</key>
> <string></string>
> </dict>
> <key>authMethod</key>
> <string>LDAP</string>
> <key>rdnSchema</key>
> <dict>
> <key>base</key>
> <string>dc=example,dc=com</string>
> <key>guidAttr</key>
> <string>entryUUID</string>
> <key>users</key>
> <dict>
> <key>rdn</key>
> <string>ou=people</string>
> <key>attr</key>
> <string>uid</string>
> <key>emailSuffix</key>
> <string></string>
> <key>filter</key>
> <string>(objectClass=OpenLDAPPerson)</string>
> </dict>
> <key>groups</key>
> <dict>
> <key>rdn</key>
> <string>ou=groups</string>
> <key>attr</key>
> <string>cn</string>
> <key>emailSuffix</key>
> <string></string>
> <key>filter</key>
> <string></string>
> </dict>
> <key>locations</key>
> <dict>
> <key>rdn</key>
> <string>ou=Locations</string>
> <key>attr</key>
> <string>cn</string>
> <key>emailSuffix</key>
> <string></string>
> <key>filter</key>
> <string></string>
> </dict>
> <key>resources</key>
> <dict>
> <key>rdn</key>
> <string>ou=Resources</string>
> <key>attr</key>
> <string>cn</string>
> <key>emailSuffix</key>
> <string></string>
> <key>filter</key>
> <string></string>
> </dict>
> </dict>
> <key>groupSchema</key>
> <dict>
> <key>membersAttr</key>
> <string>member</string>
> <key>memberIdAttr</key>
> <string></string>
> </dict>
> </dict>
> </dict>
>
> _______________________________________________
> calendarserver-users mailing list
> calendarserver-users at lists.macosforge.org
> http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users
>
More information about the calendarserver-users
mailing list