[CalendarServer-users] Calendarserver + LDAP
Oliver Werner
oliver.werner at kontrast.de
Tue May 28 02:52:00 PDT 2013
Thanks its war helps me.
Now i can Login and generate Calendars and entrys.
Maybe you know how i can add Users to my LDAP Groups?
calendar server knows my Groups and in ldap memberuid i have an entry for my user.
but server says no users are in group.
<key>groups</key>
<dict>
<key>rdn</key>
<string>ou=Kalender_Groups</string>
<key>attr</key>
<string>cn</string>
<key>emailSuffix</key>
<string></string>
<key>filter</key>
<string></string>
<key>mapping</key>
<dict>
<key>recordName</key>
<string>cn</string>
<key>fullName</key>
<string>cn</string>
<key>emailAddresses</key>
<string>mail</string>
<key>firstName</key>
<string>givenName</string>
<key>lastName</key>
<string>sn</string>
</dict>
</dict>
</dict>
<key>groupSchema</key>
<dict>
<key>membersAttr</key>
<string>memberuid</string>
<key>nestedGroupsAttr</key>
<string></string>
<key>memberIdAttr</key>
<string></string>
</dict>
<key>resourceSchema</key>
<dict>
<key>resourceInfoAttr</key>
<string></string>
<key>autoScheduleAttr</key>
<string></string>
<key>autoScheduleEnabledValue</key>
<string>yes</string>
<key>proxyAttr</key>
<string></string>
<key>readOnlyProxyAttr</key>
<string></string>
</dict>
</dict>
</dict>
--------------------------------------------------------------------------------------------------
Oliver Werner
SYSTEM-ADMINISTRATOR
Kontrast Communication Services GmbH
Grafenberger Allee 100, 40237 Düsseldorf, Germany
FON +49-211-91505-500 FAX +49-211-91505-530
WEB www.kontrast.de
AMTSGERICHT Düsseldorf, HRB 26934
GESCHÄFTSFÜHRER Joachim Fischer, Rolf D. Körner
--------------------------------------------------------------------------------------------------
FACEBOOK XING TWITTER YOUTUBE INSTAGRAM
--------------------------------------------------------------------------------------------------
Am 27.05.2013 um 17:09 schrieb Huy Nguyen <hn at huynguyen.fr>:
> Hi,
>
> I found that I needed to enable basic auth and disable digest auth in
> caldavd.plist order to be able to use calendarserver on Debian (at
> least in Wheezy) :
> <!--
> Authentication
> -->
>
> <key>Authentication</key>
> <dict>
>
> <!-- Clear text; best avoided -->
> <key>Basic</key>
> <dict>
> <key>Enabled</key>
> <true/>
> </dict>
>
> <!-- Digest challenge/response -->
> <key>Digest</key>
> <dict>
> <key>Enabled</key>
> <false/>
> <key>Algorithm</key>
> <string>md5</string>
> <key>Qop</key>
> <string></string>
> </dict>
>
> <!-- Kerberos/SPNEGO -->
> <key>Kerberos</key>
> <dict>
> <key>Enabled</key>
> <true/>
> <key>ServicePrincipal</key>
> <string></string>
> </dict>
>
> </dict>
>
> Regards
>
> Le lun. 27 mai 2013 17:01:06 CEST, Oliver Werner a écrit :
>> Hi I want to use calendarserver on Debian,
>>
>> I configured my caldavd.plist:
>>
>> <key>DirectoryService</key>
>> <dict>
>> <key>type</key>
>>
>> <string>twistedcaldav.directory.ldapdirectory.LdapDirectoryService</string>
>>
>> <key>params</key>
>> <dict>
>> <key>restrictEnabledRecords</key>
>> <false/>
>> <key>restrictToGroup</key>
>> <string>Kontrast</string>
>> <key>cacheTimeout</key>
>> <integer>30</integer>
>> <key>uri</key>
>> <string>ldap://my.server.com</string>
>> <key>tls</key>
>> <false/>
>> <key>tlsCACertFile</key>
>> <string></string>
>> <key>tlsCACertDir</key>
>> <string></string>
>> <key>tlsRequireCert</key>
>> <string>never</string>
>> <key>credentials</key>
>> <dict>
>> <key>dn</key>
>> <string>cn=my,dc=bind,dc=user</string>
>> <key>password</key>
>> <string>SECRET</string>
>> </dict>
>> <key>authMethod</key>
>> <string>LDAP</string>
>> <key>rdnSchema</key>
>> <dict>
>> <key>base</key>
>> <string>dc=my,dc=base</string>
>> <key>guidAttr</key>
>> <string>entryUUID</string>
>> <key>users</key>
>> <dict>
>> <key>rdn</key>
>> <string>ou=Users</string>
>> <key>attr</key>
>> <string>uid</string>
>> <key>emailSuffix</key>
>> <string>kontrast.de <http://kontrast.de></string>
>> <key>filter</key>
>> <string>(myfilter=1)</string>
>> <key>loginEnabledAttr</key>
>> <string></string>
>> <key>loginEnabledValue</key>
>> <string></string>
>> <key>mapping</key>
>> <dict>
>> <key>recordName</key>
>> <string>uid</string>
>> <key>fullName</key>
>> <string>cn</string>
>> <key>emailAddresses</key>
>> <string>mail</string>
>> <key>firstName</key>
>> <string>givenName</string>
>> <key>lastName</key>
>> <string>sn</string>
>> </dict>
>> </dict>
>> <key>groups</key>
>> <dict>
>> <key>rdn</key>
>> <string>ou=Groups</string>
>> <key>attr</key>
>> <string>cn</string>
>> <key>emailSuffix</key>
>> <string>kontrast.de <http://kontrast.de></string>
>> <key>filter</key>
>> <string></string>
>> <key>mapping</key>
>> <dict>
>> <key>recordName</key>
>> <string>cn</string>
>> <key>fullName</key>
>> <string>cn</string>
>> <key>emailAddresses</key>
>> <string>mail</string>
>> <key>firstName</key>
>> <string>givenName</string>
>> <key>lastName</key>
>> <string>sn</string>
>> </dict>
>> </dict>
>> </dict>
>> <key>groupSchema</key>
>> <dict>
>> <key>membersAttr</key>
>> <string>member</string>
>> <key>nestedGroupsAttr</key>
>> <string></string>
>> <key>memberIdAttr</key>
>> <string></string>
>> </dict>
>> <key>resourceSchema</key>
>> <dict>
>> <key>resourceInfoAttr</key>
>> <string></string>
>> <key>autoScheduleAttr</key>
>> <string></string>
>> <key>autoScheduleEnabledValue</key>
>> <string>yes</string>
>> <key>proxyAttr</key>
>> <string></string>
>> <key>readOnlyProxyAttr</key>
>> <string></string>
>> </dict>
>> </dict>
>> </dict>
>>
>>
>>
>> and with *calendarserver_manage_principals --list-principals users*
>> *
>> *
>> I got my LDAP-Users.
>>
>> When configure the Calendar-Client (e.g. iCal) Programm says
>> Calandarserver deny my user.
>>
>> In /var/log/caldavd/error.log I saw the error:
>>
>> Faulting record for attribute 'shortname' with value 'users:oliver.werner'
>> Could not find the principal resource for user id: users:oliver.werner
>>
>>
>> anyone can help my?
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> calendarserver-users mailing list
>> calendarserver-users at lists.macosforge.org
>> https://lists.macosforge.org/mailman/listinfo/calendarserver-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-users/attachments/20130528/7e00bf82/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1995 bytes
Desc: not available
URL: <http://lists.macosforge.org/pipermail/calendarserver-users/attachments/20130528/7e00bf82/attachment-0001.p7s>
More information about the calendarserver-users
mailing list