[CalendarServer-users] Calendarserver + LDAP

Mon May 27 08:09:30 PDT 2013

Hi,

I found that I needed to enable basic auth and disable digest auth in 
caldavd.plist order to be able to use calendarserver on Debian (at 
least in Wheezy) :
    <!--
        Authentication
      -->

    <key>Authentication</key>
    <dict>

      <!-- Clear text; best avoided -->
      <key>Basic</key>
      <dict>
        <key>Enabled</key>
        <true/>
      </dict>

      <!-- Digest challenge/response -->
      <key>Digest</key>
      <dict>
        <key>Enabled</key>
        <false/>
        <key>Algorithm</key>
        <string>md5</string>
        <key>Qop</key>
        <string></string>
      </dict>

      <!-- Kerberos/SPNEGO -->
      <key>Kerberos</key>
      <dict>
        <key>Enabled</key>
        <true/>
        <key>ServicePrincipal</key>
        <string></string>
      </dict>

    </dict>

Regards

Le lun. 27 mai 2013 17:01:06 CEST, Oliver Werner a écrit :
> Hi I want to use calendarserver on Debian,
>
> I configured my caldavd.plist:
>
> <key>DirectoryService</key>
>     <dict>
>       <key>type</key>
>
> <string>twistedcaldav.directory.ldapdirectory.LdapDirectoryService</string>
>
>       <key>params</key>
>       <dict>
>         <key>restrictEnabledRecords</key>
>         <false/>
>         <key>restrictToGroup</key>
>         <string>Kontrast</string>
>         <key>cacheTimeout</key>
>         <integer>30</integer>
>         <key>uri</key>
>         <string>ldap://my.server.com</string>
>         <key>tls</key>
>         <false/>
>         <key>tlsCACertFile</key>
>         <string></string>
>         <key>tlsCACertDir</key>
>         <string></string>
>         <key>tlsRequireCert</key>
>         <string>never</string>
>         <key>credentials</key>
>         <dict>
>           <key>dn</key>
>           <string>cn=my,dc=bind,dc=user</string>
>           <key>password</key>
>           <string>SECRET</string>
>         </dict>
>         <key>authMethod</key>
>         <string>LDAP</string>
>         <key>rdnSchema</key>
>         <dict>
>           <key>base</key>
>           <string>dc=my,dc=base</string>
>           <key>guidAttr</key>
>           <string>entryUUID</string>
>           <key>users</key>
>           <dict>
>             <key>rdn</key>
>             <string>ou=Users</string>
>             <key>attr</key>
>             <string>uid</string>
>             <key>emailSuffix</key>
>             <string>kontrast.de <http://kontrast.de></string>
>             <key>filter</key>
>             <string>(myfilter=1)</string>
>             <key>loginEnabledAttr</key>
>             <string></string>
>             <key>loginEnabledValue</key>
>             <string></string>
>             <key>mapping</key>
>             <dict>
>               <key>recordName</key>
>               <string>uid</string>
>               <key>fullName</key>
>               <string>cn</string>
>               <key>emailAddresses</key>
>               <string>mail</string>
>               <key>firstName</key>
>               <string>givenName</string>
>               <key>lastName</key>
>               <string>sn</string>
>             </dict>
>           </dict>
> <key>groups</key>
>           <dict>
>             <key>rdn</key>
>             <string>ou=Groups</string>
>             <key>attr</key>
>             <string>cn</string>
>             <key>emailSuffix</key>
>             <string>kontrast.de <http://kontrast.de></string>
>             <key>filter</key>
>             <string></string>
>             <key>mapping</key>
>             <dict>
>               <key>recordName</key>
>               <string>cn</string>
>               <key>fullName</key>
>               <string>cn</string>
>               <key>emailAddresses</key>
>               <string>mail</string>
>               <key>firstName</key>
>               <string>givenName</string>
>               <key>lastName</key>
>               <string>sn</string>
>             </dict>
>           </dict>
>         </dict>
>         <key>groupSchema</key>
>         <dict>
>           <key>membersAttr</key>
>           <string>member</string>
>           <key>nestedGroupsAttr</key>
>           <string></string>
>           <key>memberIdAttr</key>
>           <string></string>
>         </dict>
>   <key>resourceSchema</key>
>         <dict>
>           <key>resourceInfoAttr</key>
>           <string></string>
>           <key>autoScheduleAttr</key>
>           <string></string>
>           <key>autoScheduleEnabledValue</key>
>           <string>yes</string>
>           <key>proxyAttr</key>
>           <string></string>
>           <key>readOnlyProxyAttr</key>
>           <string></string>
>         </dict>
>       </dict>
>     </dict>
>
>
>
> and with *calendarserver_manage_principals --list-principals users*
> *
> *
> I got my LDAP-Users.
>
> When configure the Calendar-Client (e.g. iCal) Programm says
> Calandarserver deny my user.
>
> In /var/log/caldavd/error.log I saw the error:
>
> Faulting record for attribute 'shortname' with value 'users:oliver.werner'
> Could not find the principal resource for user id: users:oliver.werner
>
>
> anyone can help my?
>
>
>
>
>
>
> _______________________________________________
> calendarserver-users mailing list
> calendarserver-users at lists.macosforge.org
> https://lists.macosforge.org/mailman/listinfo/calendarserver-users