SOGo Installation Guide PDF

version 2.2.
5
Installation and Confguration Guide
Copyright 2008-2014 Inverse inc. (http://inverse.ca)
Permission is grante to copy! istri"#te an/or moi$y this oc#ment #ner the terms o$ the
%&' (ree )oc#mentation *icense! +ersion 1.2 or any ,ater version p#",ishe "y the (ree
-o$t.are (o#nation/ .ith no Invariant -ections! no (ront-Cover 0e1ts! an no 2ac3-Cover 0e1ts.
P,ease re$er to http://....gn#.org/,icenses/$,-1.2.t1t $or the $#,, ,icense.
+ersion 2.2.4 5 6ay 2014
Contents
Chapter 1 About this Guide 3
Chapter 2 Introduction 4
7rchitect#re an Compati"i,ity 4
Chapter 3 System Requirements 6
7ss#mptions 8
6inim#m 9ar.are :e;#irements <
=perating -ystem :e;#irements 8
Chapter 4 Installation 9
-o$t.are )o.n,oas >
-o$t.are Insta,,ation >
Chapter Con!"uration 1#
%&'step ?nvironment =vervie. 10
Pre$erences 9ierarchy 11
%enera, Pre$erences 12
7#thentication #sing *)7P 18
*)7P 7ttri"#tes Ine1ing 24
*)7P 7ttri"#tes 6apping 24
7#thenticating #sing C.7.-. 28
7#thenticating #sing -76*2 2<
)ata"ase Con@g#ration 28
7#thentication #sing -A* 2>
-60P -erver Con@g#ration B2
I67P -erver Con@g#ration B2
Ce" Inter$ace Con@g#ration B4
-=%o Con@g#ration -#mmary 40
6#,ti-omains Con@g#ration 41
7pache Con@g#ration 4B
-tarting -ervices 4B
CronDo" E ?6ai, reminers 44
CronDo" E +acation messages e1piration 44
Chapter 6 $ana"in" %ser Accounts 4
Creating the -=%o 7ministrative 7cco#nt 44
Creating a 'ser 7cco#nt 48
Chapter & $icroso't Acti(eSync 4&
Chapter ) %sin" S*Go 49
-=%o Ce" Inter$ace 4>
6oFi,,a 0h#ner"ir an *ightning 4>
7pp,e iCa, 40
7pp,e 7ress2oo3 40
6icroso$t 7ctive-ync / 6o"i,e )evices 42
Chapter 9 %p"radin" 3
Chapter 1# Additional In'ormation
Chapter 11 Commercial Support and Contact In'ormation 6
Chapter 1
1 About this Guide
0his g#ie .i,, .a,3 yo# thro#gh the insta,,ation an con@g#ration o$ the -=%o so,#tion. It a,so
covers the insta,,ation an con@g#ration o$ -=%o 7ctive-ync s#pport 5 the so,#tion #se to
synchroniFe mo"i,e evices .ith -=%o.
0he instr#ctions are "ase on version 2.2.4 o$ -=%o.
0he ,atest version o$ this g#ie is avai,a",e at
http://....sogo.n#/o.n,oas/oc#mentation.htm,.
2008-2014 Inverse inc. 7"o#t this %#ie B
Chapter 2
2 Introduction
-=%o is a $ree an moern sca,a",e gro#p.are server. It o$$ers share ca,enars! aress "oo3s!
an emai,s thro#gh yo#r $avo#rite Ce" "ro.ser an "y #sing a native c,ient s#ch as 6oFi,,a
0h#ner"ir an *ightning.
-=%o is stanar-comp,iant. It s#pports Ca,)7+! Car)7+! %ro#p)7+! i6IP an i0IP an
re#ses e1isting I67P! -60P an ata"ase servers - ma3ing the so,#tion easy to ep,oy an
interopera",e .ith many app,ications.
-=%o $eat#res :
-ca,a",e architect#re s#ita",e $or ep,oyments $rom oFens to many tho#sans o$ #sers
:ich Ce"-"ase inter$ace that shares the ,oo3 an $ee,! the $eat#res an the ata o$ 6oFi,,a
0h#ner"ir an *ightning
Improve integration .ith 6oFi,,a 0h#ner"ir an *ightning "y #sing the -=%o Connector
an the -=%o Integrator
&ative compati"i,ity $or 6icroso$t =#t,oo3 200B! 200<! 2010! an 201B
0.o-.ay synchroniFation s#pport .ith any 6icroso$t 7ctive-ync-capa",e evice! or =#t,oo3
201B
-=%o is eve,ope "y a comm#nity o$ eve,opers ,ocate main,y in &orth 7merica an
?#rope. 6ore in$ormation can "e $o#n at http://....sogo.n#
2008-2014 Inverse inc. Intro#ction 4
Chapter 2
Architecture and Compatibility
-tanar protoco,s s#ch as Ca,)7+! Car)7+! %ro#p)7+! 900P! I67P an -60P are #se to
comm#nicate .ith the -=%o p,at$orm or its s#"-components. 6o"i,e evices s#pporting the
6icroso$t 7ctive-ync protoco, are a,so s#pporte.
0o insta,, an con@g#re the native 6icroso$t =#t,oo3 compati"i,ity ,ayer! p,ease re$er to the
SOGo Native Microsoft Outlook Confguration Guide.
2008-2014 Inverse inc. Intro#ction 4
Chapter B
3 System Requirements
Assumptions
-=%o re#ses many components in an in$rastr#ct#re. 0h#s! it re;#ires the $o,,o.ing :
)ata"ase server (6y-A*! Postgre-A* or =rac,e)
*)7P server (=pen*)7P! &ove,, e)irectory! 6icroso$t 7ctive )irectory an others)
-60P server (Post@1! -enmai, an others)
I67P server (Co#rier! Cyr#s I67P -erver! )ovecot an others)
In this g#ie! .e ass#me that a,, those components are r#nning on the same server (i.e.!
GlocalhostH or G127.0.0.1H) that -=%o .i,, "e insta,,e on.
%oo #nerstaning o$ those #ner,ying components an %&'/*in#1 is re;#ire to insta,,
-=%o. I$ yo# miss some o$ those re;#ire components! p,ease re$er to the appropriate
oc#mentation an procee .ith the insta,,ation an con@g#ration o$ these re;#irements "e$ore
contin#ing .ith this g#ie.
0he $o,,o.ing ta",e provies recommenations $or the re;#ire components! together .ith
version n#m"ers :
)ata"ase server Postgre-A* <.4 or ,ater
*)7P server =pen*)7P 2.B.1 or ,ater
-60P server Post@1 2.1
I67P server Cyr#s I67P -erver 2.B.1 or ,ater
6ore recent versions o$ the so$t.are mentione a"ove can a,so "e #se.
2008-2014 Inverse inc. -ystem :e;#irements 8
Chapter B
inimum !ard"are Requirements
0he $o,,o.ing ta",e provies har.are recommenations $or the server! es3tops an mo"i,e
evices :
-erver ?va,#ation an testing
Inte,! 76)! or Po.erPC CP' 1 %9F
412 62 o$ :76
1 %2 o$ is3 space
Pro#ction
Inte,! 76) or Po.erPC CP' B %9F
2048 62 o$ :76
10 %2 o$ is3 space (e1c,#ing the mai, store)
)es3top %enera,
Inte,! 76)! or Po.erPC CP' 1.4 %9F
10241<88 monitor reso,#tion
412 62 o$ :76
128 I"ps or higher net.or3 connection
6icroso$t Cino.s
6icroso$t Cino.s JP -P2 or +ista
7pp,e 6ac =- J
7pp,e 6ac =- J 10.2 or ,ater
*in#1
Ko#r $avo#rite %&'/*in#1 istri"#tion
6o"i,e )evice 7ny mo"i,e evice .hich s#pports Ca,)7+! Car)7+ or 6icroso$t
7ctive-ync.
2008-2014 Inverse inc. -ystem :e;#irements <
Chapter B
#peratin$ System Requirements
0he $o,,o.ing B2-"it an 84-"it operating systems are c#rrent,y s#pporte "y -=%o :
:e 9at ?nterprise *in#1 (:9?*) -erver 4 an 8
Comm#nity ?&0erprise =perating -ystem (Cent=-) 4 an 8
)e"ian %&'/*in#1 4.0 (*enny) to <.0 (CheeFy)
'"#nt# 10.04 (*#ci) to 14.04 (0r#sty)
6a3e s#re the re;#ire components are starte a#tomatica,,y at "oot time an that they are
r#nning "e$ore proceeing .ith the -=%o con@g#ration. 7,so ma3e s#re that yo# can insta,,
aitiona, pac3ages $rom yo#r stanar istri"#tion. (or e1amp,e! i$ yo# are #sing :e 9at
?nterprise *in#1 4! yo# have to "e s#"scri"e to the :e 9at &et.or3 "e$ore contin#ing .ith
the -=%o so$t.are insta,,ation.
0his oc#ment covers the insta,,ation o$ -=%o #ner :9?* 8.
(or insta,,ation instr#ctions on )e"ian an '"#nt#! p,ease re$er irect,y to the -=%o .e"site at
http://....sogo.n#. 'ner the o.n,oas section! yo# .i,, @n ,in3s $or insta,,ation steps $or
)e"ian an '"#nt#.
&ote that once the -=%o pac3ages are insta,,e #ner )e"ian an '"#nt#! this g#ie can "e
$o,,o.e in orer to $#,,y con@g#re -=%o.
2008-2014 Inverse inc. -ystem :e;#irements 8
Chapter 4
% Installation
0his section .i,, g#ie yo# thro#gh the insta,,ation o$ -=%o together .ith its epenencies. 0he
steps escri"e here app,y to an :P6-"ase insta,,ation $or a :e 9at or Cent=- istri"#tion.
So&t"are 'o"nloads
-=%o can "e insta,,e #sing the yum #ti,ity. 0o o so! @rst create the
/etc/yum.repos.d/inverse.repo con@g#ration @,e .ith the $o,,o.ing content :
[SOGo]
name=Inverse SOGo epository
!aseurl=http"//inverse.ca/do#nloads/SOGo/$%&'/(!asearch
)p)chec*=0
-ome o$ the so$t.ares on .hich -=%o epens are avai,a",e $rom the repository o$ :epo(orge
(previo#s,y 3no.n as :P6$orge). 0o a :epo(orge to yo#r pac3ages so#rces! o.n,oa an
insta,, the appropriate :P6 pac3age $rom http://pac3ages.s.."e/rpm$orge-re,ease/. 7,so ma3e
s#re yo# ena",e the Grpm$orge-e1trasH repository.
(or more in$ormation on #sing :epo(orge! visit http://repo$orge.org/#se/.
So&t"are Installation
=nce the y#m con@g#ration @,e has "een create! yo# are no. reay to insta,, -=%o an its
epenencies. 0o o so! procee .ith the $o,,o.ing comman :
yum install so)o
0his .i,, insta,, -=%o an its epenencies s#ch as %&'step! the -=P? pac3ages an
memcache. =nce the "ase pac3ages are insta,,e! yo# nee to insta,, the proper ata"ase
connector s#ita",e $or yo#r environment. Ko# nee to insta,, sope+,-)dl1-post)res.l $or the
Postgre-A* ata"ase system! sope+,-)dl1-mys.l $or 6y-A* or sope+,-)dl1-oracle $or
=rac,e. 0he insta,,ation comman .i,, th#s ,oo3 ,i3e this :
yum install sope+,-)dl1-post)res.l
=nce comp,ete! -=%o .i,, "e $#,,y insta,,e on yo#r server. Ko# are no. reay to con@g#re it.
2008-2014 Inverse inc. Insta,,ation >
Chapter 4
5 Con($uration
In this section! yo#L,, ,earn ho. to con@g#re -=%o to #se yo#r e1isting *)7P! -60P an
ata"ase servers. 7s previo#s,y mentione! .e ass#me that those components r#n on the same
server on .hich -=%o is "eing insta,,e. I$ this is not the case! p,ease aD#st the con@g#ration
parameters to reMect those changes.
G)*step +nvironment #vervie"
-=%o ma3es #se o$ the %&'step environment. %&'step is a $ree so$t.are imp,ementation o$
the =pen-tep speci@cation .hich provies many $aci,ities $or "#i,ing a,, types o$ server an
es3top app,ications. 7mong those $aci,ities! there is a con@g#ration 7PI simi,ar to the N:egistryN
paraigm in 6icroso$t Cino.s. In =pen-0?P! %&'step an 6ac=- J! these are ca,,e the
N#ser e$a#,tsN.
In -=%o! the #serLs app,ications settings are store in /etc/so)o/so)o.con/. Ko# can #se
yo#r $avo#rite te1t eitor to moi$y the @,e.
0he so)o.con/ @,e is a seria,iFe property list. 0his simp,e $ormat encaps#,ates $o#r "asic ata
types: arrays! ictionaries (or hashes)! strings an n#m"ers. &#m"ers are represente as-is!
e1cept $or "oo,eans .hich can ta3e the #n;#ote va,#es GK?-H an G&=H. -trings are not
manatori,y ;#ote! "#t oing so .i,, avoi yo# many pro",ems. 7 ictionary is a se;#ence o$
3ey an va,#e pairs separate in their mi,e .ith a GOH sign. It starts .ith a GPG an ens .ith a
corresponing GQH. ?ach va,#e e@nition in a ictionary ens .ith a semico,on. 7n array is a
chain o$ va,#es starting .ith G(G an ening .ith G)H! .here the va,#es are separate .ith a G!H.
7,so! the @,e genera,,y $o,,o.s a C-sty,e inentation $or c,arity "#t this inentation is not
re;#ire! on,y recommene. 2,oc3 comments are e,imite "y /R an R/ an can span m#,tip,e
,ines .hi,e ,ine comments m#st start .ith //.
2008-2014 Inverse inc. Con@g#ration 10
Chapter 4
,re&erences !ierarchy
-=%o s#pports omain names segregation! meaning that yo# can separate m#,tip,e gro#ps o$
#sers .ithin one insta,,ation o$ -=%o. 7 #ser associate to a omain is ,imite to access on,y
the #sers ata $rom the same omain. Conse;#ent,y! the con@g#ration parameters o$ -=%o are
e@ne on three ,eve,s:
?ach ,eve, inherits the pre$erences o$ the parent ,eve,. 0here$ore! omain pre$erences e@ne the
e$a#,ts va,#es o$ the #ser pre$erences! an the system pre$erences e@ne the e$a#,t va,#es o$
a,, omains pre$erences. 2oth system an omains pre$erences are e@ne in the
/etc/so)o/so)o.con/! .hi,e the #sers pre$erences are con@g#ra",e "y the #ser an store in
-=%oLs ata"ase.
0o ienti$y the ,eve, in .hich each parameter can "e e@ne! .e #se the $o,,o.ing
a""reviations in the ta",es o$ this oc#ment :
- Parameter e1c,#sive to the system an not con@g#ra",e per omain
) Parameter e1c,#sive to a omain an not con@g#ra",e per #ser
' Parameter con@g#ra",e "y the #ser
:emem"er that the hierarchy paraigm a,,o. the e$a#,t va,#e o$ a parameter to "e e@ne at a
parent ,eve,.
Chapter 4
General ,re&erences
0he $o,,o.ing ta",e escri"es the genera, parameters that can "e set :
- C=Cor3ersCo#nt 0he amo#nt o$ instances o$ -=%o that .i,, "e
spa.ne to han,e m#,tip,e re;#ests
sim#,taneo#s,y. Chen starte $rom the init
script! that amo#nt is overrien "y the
GP:?(=:IH va,#e in /etc/syscon/i)/so)o
or /etc/de/ault/so)o. 7 va,#e o$ B is a
reasona",e e$a#,t $or ,o. #sage. 0he
ma1im#m va,#e epens on the CP' an I=
po.er provie "y yo#r machine : a va,#e set
too high .i,, act#a,,y ecrease per$ormances
#ner high ,oa.
)e$a#,ts to 1 .hen #nset.
- C=*istenA#e#e-iFe 0his parameter contro,s the "ac3,og siFe o$ the
soc3et ,isten ;#e#e. (or ,arge-sca,e
ep,oyments! this va,#e m#st "e aD#ste in
case a,, .or3ers are "#sy an the parent
processes receives ,ots o$ incoming
connections. )e$a#,ts to 4 .hen #nset.
- C=Port 0he 0CP ,istening aress an port #se "y the
-=%o aemon. 0he $ormat is
ipaddress"port
)e$a#,ts to 12<.0.0.1:20000 .hen #nset.
- C=*og(i,e 0he @,e path .here to ,og messages. -peci$y -
to ,og to the conso,e.
)e$a#,ts to /var/lo)/so)o/so)o.lo).
- C=Pi(i,e 0he @,e path .here the parent process i .i,,
"e .ritten.
)e$a#,ts to /var/run/so)o/so)o.pid.
- C=Catch)og:e;#est0imeo#t 0his parameter speci@es the n#m"er o$ min#tes
a$ter .hich a "#sy chi, process .i,, "e 3i,,e
"y the parent process.
)e$a#,ts to 10 (min#tes).
)o not set this too ,o. as chi, processes
rep,ying to c,ients on a s,o. internet
connection co#, "e 3i,,e premat#re,y.
- -1+6em*imit Parameter #se to set the ma1im#m amo#nt o$
memory (in mega"ytes) that a chi, can #se.
:eaching that va,#e .i,, $orce chi,ren
processes to restart! in orer to preserve system
memory.
)e$a#,ts to 01+.
Chapter 4
- -=%o6emcache9ost Parameter #se to set the hostname an
optiona,,y the port o$ the memcache server.
7 path can a,so "e #se i$ the server m#st "e
reache via a 'ni1 soc3et.
)e$a#,ts to localhost.
-ee memcached2servers2parse304 $or etai,s
on the synta1.
- -=%oCacheC,ean#pInterva, Parameter #se to set the e1piration (in
secons) o$ each o"Dect in the cache.
)e$a#,ts to 000.
- -=%o7#thentication0ype Parameter #se to e@ne the .ay "y .hich
#sers .i,, "e a#thenticate. (or C.7.-.! speci$y
GcasH. (or -76*2! speci$y Gsam,2H. (or
anything e,se! ,eave that va,#e empty.
-=%o0r#stPro1y7#thentication Parameter #se to set .hether 900P #sername
sho#, "e tr#ste.
)e$a#,ts to 5O .hen #nset.
-=%o?ncryptionIey Parameter #se to e@ne a 3ey to encrypt the
pass.ors o$ remote Ce" ca,enars .hen
SOGoTrustProxyAutentication is ena",e.
- -=%oC7--ervice':* Chen #sing C.7.-. a#thentication! this
speci@es the "ase #r, $or reaching the C.7.-.
service. 0his .i,, "e #se "y -=%o to e#ce
the proper ,ogin page as .e,, as the other
C.7.-. services that -=%o .i,, #se.
- -=%oC7-*ogo#t?na",e 2oo,ean va,#e inicating .hether the G*ogo#tH
,in3 is ena",e .hen #sing C.7.-. as
a#thentication mechanism.
0he G*ogo#tH,in3 .i,, en #p ca,,ing
SOGo67SService8&/lo)out to terminate the
c,ientLs sing,e sign-on C.7.-. session.
- -=%o7ress2oo3)7+7ccess?na",e Parameter contro,,ing Ce")7+ access to the
Contacts co,,ections.
0his can "e #se to eny access to these
reso#rces $rom *ightning $or e1amp,e.
)e$a#,ts to 9%S .hen #nset.
- -=%oCa,enar)7+7ccess?na",e Parameter contro,,ing Ce")7+ access to the
Calendar co,,ections.
0his can "e #se to eny access to these
reso#rces $rom *ightning $or e1amp,e.
)e$a#,ts to 9%S .hen #nset.
- -=%o-76*2PrivateIey*ocation 0he ,ocation o$ the --* private 3ey @,e on the
@,esystem that is #se "y -=%o to sign an
encrypt comm#nications .ith the -76*2
ientity provier. 0his @,e m#st "e generate
$or each r#nning -=%o service (rather than
2008-2014 Inverse inc. Con@g#ration 1B
Chapter 4
host).
- -=%o-76*2Certiticate*ocation 0he ,ocation o$ the --* certi@cate @,e. 0his @,e
m#st "e generate $or each r#nning -=%o
service.
- -=%o-76*2Ip6etaata*ocation 0he ,ocation o$ the metaata @,e that escri"es
the services avai,a",e on the -76*2 ienti$y
provier.
- -=%o-76*2IpP#",icIey*ocation 0he ,ocation o$ the --* p#",ic 3ey @,e on the
@,esystem that is #se "y -=%o to sign an
encrypt comm#nications .ith the -76*2
ientity provier. 0his @,e sho#, "e part o$ the
set#p o$ yo#r ientity provier.
- -=%o-76*2IpCerti@cate*ocation 0he ,ocation o$ the --* certi@cate @,e. 0his @,e
sho#, "e part o$ the set#p o$ yo#r ientity
provier.
- -=%o-76*2*ogo#t?na",e 2oo,ean va,#e inicate .hether the G*ogo#tH
,in3 is ena",e .hen #sing -76*2 as
a#thentication mechanism.
) -=%o0imeSone Parameter #se to set a e$a#,t time Fone $or
#sers. 0he e$a#,t timeFone is set to 8:6. 0he
=,son ata"ase is a stanar ata"ase that
ta3es a,, the time Fones aro#n the .or, into
acco#nt an represents them a,ong .ith their
history. =n %&'/*in#1 systems! time Fone
e@nition @,es are avai,a",e #ner
/usr/share/;onein/o. *isting the avai,a",e
@,es .i,, give yo# the name o$ the avai,a",e
time Fones. 0his co#, "e 7merica/5e#29or*<
%urope/=erlin< 7sia/:o*yo or
7/rica/&u!um!ashi.
In o#r e1amp,e! .e set the time Fone to
7merica/>ontreal
) -=%o6ai,)omain Parameter #se to set the e$a#,t omain name
#se "y -=%o. -=%o #ses this parameter to
"#i, the ,ist o$ va,i emai, aresses $or #sers.
In o#r e1amp,e! .e set the e$a#,t omain to
acme.com
) -=%o7ppointment-en?6ai,&oti@cations Parameter #se to set .hether -=%o sens or
not emai, noti@cations to meeting participants.
Possi",e va,#es are :
T K?- 5 to sen noti@cations
T &= 5 to not sen noti@cations
) -=%o(o,ers-en?6ai,&oti@cations -ame as a"ove! "#t the noti@cations are
triggere on the creation o$ a ca,enar or an
aress "oo3.
Chapter 4
) -=%o7C*s-en?6ai,&oti@cations -ame as a"ove! "#t the noti@cations are sent to
the invo,ve #sers o$ a ca,enar or aress
"oo3Ls 7C*s.
) -=%oCa,enar)e$a#,t:o,es Parameter #se to e@ne the e$a#,t ro,es .hen
giving permissions to a #ser to access a
ca,enar. )e$a#,ts ro,es are ignore $or p#",ic
accesses. 6#st "e an array o$ #p to @ve strings.
?ach string e@ning a ro,e $or an event
category m#st "egin .ith one o$ those va,#es:
T P#",ic
T Con@entia,
T Private
7n each string m#st en .ith one o$ those
va,#es:
T +ie.er
T )7n0+ie.er
T 6oi@er
T :esponer
0he array can a,so contain one or many o$ the
$o,,o.ing strings:
T ="DectCreator
T ="Dect?raser
?1amp,e: SOGo6alendar?e/aultoles =
3@O!Aect6reator@< @Bu!licCie#er@4D
)e$a#,ts to no ro,e .hen #nset. :ecommene
va,#es are @Bu!licCie#er@ an
E6on/idential?7nd:Cie#erF.
) -=%oContacts)e$a#,t:o,es Parameter #se to e@ne the e$a#,t ro,es .hen
giving permissions to a #ser to access an
aress "oo3. )e$a#,ts ro,es are ignore $or
p#",ic accesses. 6#st "e an array o$ one or
many o$ the $o,,o.ing strings:
T ="Dect+ie.er
T ="Dect?itor
T ="DectCreator
T ="Dect?raser
?1amp,e: SOGo6ontacts?e/aultoles =
3@O!Aect%ditor@4D
)e$a#,ts to no ro,e .hen #nset.
) -=%o-#per'sernames Parameter #se to set .hich #sernames re;#ire
aministrative privi,eges over a,, the #sers
ta",es. (or e1amp,e! this co#, "e #se to post
events in the #sers ca,enar .itho#t re;#iring
the #ser to con@g#re his/her 7C*s. In this case
yo# .i,, nee to speci$y those s#per#serLs
#sernames ,i3e this :
SOGoSuper8sernames = 3Gusername1H[<
Gusername2H< ...]4D
' -=%o*ang#age Parameter #se to set the e$a#,t ,ang#age #se
Chapter 4
in the Ce" inter$ace $or -=%o. Possi",e va,#es
are :
T 2raFi,ianPort#g#ese
T CFech
T )#tch
T ?ng,ish
T (rench
T %erman
T 9#ngarian
T Ita,ian
T :#ssian
T -panish
T -.eish
T Ce,sh
) -=%o&oti$y=nPersona,6oi@cations Parameter #se to set .hether -=%o sens or
not emai, receipts .hen someone changes
his/her o.n ca,enar. Possi",e va,#es are :
)e$a#,ts to &= .hen #nset. 'ser can
over.rite this $rom the ca,enar properties
.ino..
) -=%o&oti$y=n?1terna,6oi@cations Parameter #se to set .hether -=%o sens or
not emai, receipts .hen a moi@cation is
"eing one to his/her o.n ca,enar "y
someone e,se. Possi",e va,#es are :
)e$a#,ts to &= .hen #nset. 'ser can
over.rite this $rom the ca,enar properties
.ino..
) -=%o*)7PContactIn$o7ttri"#te Parameter #se to speci$y an *)7P attri"#te
that sho#, "e isp,aye .hen a#to-
comp,eting #ser searches.
) -=%oiPhone(orce7,,)ay0ransparency Chen set to 9%S! this .i,, $orce a,,-ay events
sent over "y iPhone =- "ase evices to "e
transparent. 0his means that the a,,-ay events
.i,, not "e consiere #ring $ree"#sy
,oo3#ps. )e$a#,ts to 5O .hen #nset.
- -=%o?na",eP#",ic7ccess Parameter #se to a,,o. or not yo#r #sers to
share p#",ic,y (ie.! re;#iring not
a#thentication) their ca,enars an aress
"oo3s.
T K?- 5 to a,,o. them
T &= 5 to prevent them $rom oing so
Chapter 4
- -=%oPass.orChange?na",e Parameter #se to a,,o. or not #sers to change
their pass.ors $rom -=%o.
T K?- 5 to a,,o. them
T &= 5 to prevent them $rom oing so
(or this $eat#re to .or3 proper,y .hen
a#thenticating against 7) or -am"a4! the
*)7P connection must #se --*/0*-. -erver
sie restrictions can a,so ca#se the pass.or
change to $ai,! in .hich case -=%o .i,, on,y
,og a LConstraint violation !"x#$%L error. 0hese
restrictions inc,#e Pass.or too yo#ng!
comp,e1ity constraints not satis@e! #ser
cannot change pass.or! etc... 7,so note that
-am"a has a minim#m pass.or age o$ 1 ay
"y e$a#,t.
- -=%o-#pporte*ang#ages Parameter #se to con@g#re .hich ,ang#ages
are avai,a",e $rom -=%oLs Ce" inter$ace.
7vai,a",e ,ang#ages are speci@e as an array o$
string. 0he e$a#,t va,#e is :
3 @6;ech@< @Ielsh@< @%n)lish@<
@Spanish@< @Jrench@< @German@<
@Italian@< @$un)arian@< @?utch@<
@=ra;ilianBortu)uese@< @Bolish@<
@ussian@< 8*rainian@< @S#edish@ 4
) -=%o9ie-ystem?6ai, Parameter #se to contro, i$ -=%o sho#, hie
or not the system emai, aress
('I)(ie,&ame&SOGoMail'o(ain). 0his is
c#rrent,y ,imite to Ca,)7+ (calendar)user)
address)set).
) -=%o-earch6inim#mCor*ength Parameter #se to contro, the minim#m ,ength
to "e #se $or the search string (attenee
comp,etion! aress "oo3 search! etc.) prior
triggering the server-sie search operation.
)e$a#,ts to 2 .hen #nset 5 .hich means a
search operation .i,, "e triggere on the B
r

type character.
- -=%o6a1im#m(ai,e*oginCo#nt Parameter #se to contro, the n#m"er o$ $ai,e
,ogin attempts re;#ire #ring
SOGoMaxi(u(*ailed+oginInterval secons or
more. I$ conitions are met! the acco#nt .i,,
"e ",oc3e $or SOGo*ailed+ogin,lockInterval
secons since the @rst $ai,e ,ogin attempt.
)e$a#,t va,#e is 0! or isa",e.
- -=%o6a1im#m(ai,e*oginInterva, &#m"er o$ secons! e$a#,ts to 10.
2008-2014 Inverse inc. Con@g#ration 1<
Chapter 4
- -=%o(ai,e*ogin2,oc3Interva, &#m"er o$ secons! e$a#,ts to B00 (or 4
min#tes). &ote that
SOGoCaceCleanupInterval m#st "e set to a
va,#e e;#a, or higher than
SOGo*ailed+ogin,lockInterval-
- -=%o6a1im#m6essage-#"missionCo#nt Parameter #se to contro, the n#m"er o$ emai,
messages a #ser can sen $rom -=%oLs
.e"mai, inter$ace! to
SOGoMaxi(u(.ecipientCount! in
SOGoMaxi(u(Su/(issionInterval secons or
more. I$ conitions are met or e1ceee! the
#ser .onLt "e a",e to sen mai,s $or
SOGoMessageSu/(ission,lockInterval
secons. )e$a#,t va,#e is 0! or isa",e.
- -=%o6a1im#m:ecipientCo#nt 6a1im#m n#m"er o$ recipients. )e$a#,t va,#e
is 0! or isa",e.
- -=%o6a1im#m-#"missionInterva, &#m"er o$ secons! e$a#,ts to B0.
- -=%o6essage-#"mission2,oc3Interva, &#m"er o$ secons! e$a#,t to B00 (or 4
min#tes). &ote that
SOGoCaceCleanupInterval m#st "e set to a
va,#e e;#a, or higher than
SOGo*ailed+ogin,lockInterval-
Authentication usin$ -'A,
-=%o can #se a *)7P server to a#thenticate #sers an! i$ esire! to provie g,o"a, aress
"oo3s. -=%o can a,so #se an -A* "ac3en $or this p#rpose (see the section Autentication
using S0+ ,ater in this oc#ment). Insert the $o,,o.ing te1t into yo#r con@g#ration @,e to
con@g#re an a#thentication an g,o"a, aress "oo3 #sing an *)7P irectory server :
SOGo8serSources = 3
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = uidD
8I?Jield5ame = uidD
I>7B$ostJield5ame = mail$ostD
!ase?5 = @ou=users<dc=acme<dc=com@D
!ind?5 = @uid=so)o<ou=users<dc=acme<dc=com@D
!indBass#ord = .#ertyD
can7uthenticate = 9%SD
display5ame = @Shared 7ddresses@D
hostname = @ldap"//127.0.0.1"01,@D
id = pu!licD
is7ddress=oo* = 9%SD
Chapter 4
L
4D
In o#r e1amp,e! .e #se a *)7P server r#nning on the same host .here -=%o is "eing insta,,e.
Ko# can a,so! #sing the @,ter attri"#te! restrict the res#,ts to match vario#s criteria. (or e1amp,e!
yo# co#, e@ne! in yo#r .G58step?e/aults @,e! the $o,,o.ing @,ter to ret#rn on,y entries
"e,onging to the organiFation Inverse .ith a (ail aress an not inactive:
/ilter = @3o=MInverseM 75? mail=MNM 75? status GH MinactiveM4@D
-ince *)7P so#rces can serve as #ser repositories $or a#thentication as .e,, as aress "oo3s!
yo# can speci$y the $o,,o.ing $or each so#rce to ma3e them appear in the aress "oo3
mo#,e:
display5ame = @Ghuman identi/ication name o/ the address !oo*H@D
(or certain *)7P so#rces! -=%o a,so s#pports inirect "ins $or #ser a#thentication. 9ere is an
e1amp,e :
SOGo8serSources = 3
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = cnD
8I?Jield5ame = s7>7ccount5ameD
!ase?5 = @cn=8sers<dc=acme<dc=com@D
!ind?5 = @cn=so)o<cn=8sers<dc=acme<dc=com@D
!indJields = 3s7>7ccount5ame4D
display5ame = @7ctive ?irectory@D
hostname = ldap"//10.0.0.1"01,D
id = directoryD
L
4D
In this e1amp,e! -=%o .i,, #se an inirect "in "y @rst etermining the #ser )&. 0hat va,#e is
$o#n "y oing a search on the @e,s speci@e in !indJields. 6ost o$ the time! there .i,, "e
on,y one @e, "#t it is possi",e to speci$y more in the $orm o$ an array ($or e1amp,e!
!indJields = 3s7>7ccount5ame< cn4 ). Chen #sing m#,tip,e @e,s! on,y one o$ the @e,s
nees to match the ,ogin name. In the a"ove e1amp,e! .hen a #ser ,ogs in! the ,ogin .i,, "e
chec3e against the s7>7ccount5ame entry in a,, the #ser cars! an once this car is $o#n!
the #ser )& o$ this car .i,, "e #se $or chec3ing the #serLs pass.or.
(ina,,y! -=%o s#pports *)7P-"ase gro#ps. %ro#ps m#st "e e@ne ,i3e any other
a#thentication so#rces (ie.! can7uthenticate m#st "e set to 9%S an a gro#p m#st have a va,i
emai, aress). In orer $or -=%o to etermine i$ a speci@c *)7P entry is a gro#p! -=%o .i,,
,oo3 $or one o$ the $o,,o.ing o"DectC,ass attri"#tes :
2008-2014 Inverse inc. Con@g#ration 1>
Chapter 4
gro#p
gro#p=$&ames
gro#p=$'ni;#e&ames
posi1%ro#p
Ko# can set 7C*s "ase on gro#p mem"ership an invite a gro#p to a meeting (an the gro#p
.i,, "e ecompose to its ,ist o$ mem"ers #pon save "y -=%o). Ko# can a,so contro, the
visi"i,ity o$ the gro#p $rom the ,ist o$ share aress "oo3s or #ring mai, a#tocomp,etion "y
setting the is7ddress=oo* parameter to 9%S or 5O. 0he $o,,o.ing *)7P entry sho.s ho. a
typica, gro#p is e@ne :
dn" cn=inverse<ou=)roups<dc=inverse<dc=ca
o!Aect6lass" )roupO/8ni.ue5ames
o!Aect6lass" top
o!Aect6lass" eOtensi!leO!Aect
uni.ue>em!er" uid=alice<ou=users<dc=inverse<dc=ca
uni.ue>em!er" uid=!ernard<ou=users<dc=inverse<dc=ca
uni.ue>em!er" uid=!o!<ou=users<dc=inverse<dc=ca
cn" inverse
structuralO!Aect6lass" )roupO/8ni.ue5ames
mail" inversePinverse.ca
0he corresponing -=%o'ser-o#rces entry to han,e gro#ps ,i3e this one .o#, "e :
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = cnD
8I?Jield5ame = cnD
!ase?5 = @ou=)roups<dc=inverse<dc=caFD
!ind?5 = @cn=so)o<ou=services<dc=inverse<dc=ca@D
!indBass#ord = ;otD
display5ame = EInverse GroupsFD
hostname = ldap"//127.0.0.1"01,D
id = inverse2)roupsD
L
0he $o,,o.ing ta",e escri"es the possi",e parameters re,ate to a *)7P so#rce :
) -=%o'ser-o#rces Parameter #se to set the *)7P an/or -A* so#rces #se
$or a#thentication an g,o"a, aress "oo3s. 6#,tip,e
so#rces can "e speci@e as an array o$ ictionaries. 7
ictionary that e@nes an *)7P so#rce can contain the
$o,,o.ing va,#es:
type the type o$ this #ser so#rce! set to ldap $or an *)7P
so#rce
i the ienti@cation name o$ the *)7P repository. 0his m#st
Chapter 4
"e #ni;#e 5 even .hen #sing m#,tip,e omains.
C&(ie,&ame the @e, that ret#rns the comp,ete name
I)(ie,&ame the @e, that starts a #ser )& i$ "in(ie,s is not #se.
0his @e, m#st "e #ni;#e across the entire -=%o omain
'I)(ie,&ame the @e, that ret#rns the ,ogin name o$ a #ser.
0he ret#rne va,#e must be unique across the whole
SOGo installation since it is #se to ienti$y the #ser in
the /older2in/o ata"ase ta",e.
6ai,(ie,&ames an array o$ @e,s that ret#rns the #serLs emai, aresses
(e$a#,ts to mail .hen #nset)
-earch(ie,&ames an array o$ @e,s to to match against the search string
.hen @,tering #sers (e$a#,ts to sn! display5ame! an
telephone5um!er .hen #nset)
I67P9ost(ie,&ame
(optiona,)
the @e, that ret#rns either an ':I to the I67P server as
escri"e $or -=%oI67P-erver! or a simp,e server
hostname that .o#, "e #se as a rep,acement $or the
hostname part in the ':I provie "y the
-=%oI67P-erver parameter
I67P*ogin(ie,&ame
(optiona,)
the @e, that ret#rns the I67P ,ogin name $or the #ser
(e$a#,ts to the va,#e o$ 'I)(ie,&ame .hen #nset)
-ieve9ost(ie,&ame
(optiona,)
the @e, that ret#rns either an ':I to the -I?+? server as
escri"e $or -=%o-ieve-erver! or a simp,e server
hostname that .o#, "e #se as a rep,acement $or the
hostname part in the ':I provie "y the
-=%o-ieve-erver parameter
"ase)& the "ase )& o$ yo#r #ser entries
Iin(ie,&ame (optiona,) i$ set! -=%o .i,, try to etermine i$ the va,#e o$ the @e,
correspons to either Ggro#pH! G,ocationH or GthingH. I$
thatLs the case! -=%o .i,, consier the ret#rne entry to
"e a reso#rce.
(or *)7P-"ase so#rces! -=%o can a,so a#tomatica,,y
etermine i$ itLs a reso#rce i$ the entry has the
calendarresource o"DectC,ass set.
6#,tip,e2oo3ings(ie,&ame
(optiona,)
0he va,#e o$ this attri"#te is the ma1im#m n#m"er o$
conc#rrent events to .hich a reso#rce can "e part o$ at
any point in time.
I$ this is set to 0! or i$ the attri"#te is missing! it means no
,imit.
@,ter (optiona,) 0he @,ter to #se $or *)7P ;#eries! it sho#, "e e@ne as
an ?=A#a,i@er. 0he $o,,o.ing operators are s#pporte:
GH ine1uality operator
= e1uality operator
6#,tip,e ;#a,i@ers can "e Doine "y #sing =: an 7&)!
Chapter 4
they can a,so "e gro#pe together "y #sing parenthesis.
7ttri"#te va,#es sho#, "e ;#ote to avoi #ne1pecte
"ehavio#r.
(or e1amp,e:
/ilter = E3o!Aect6lass=Mmail8serM O
o!Aect6lass=MmailGroupM4 75?
accountStatus=MactiveM 75? uid GH MaliceMFD
scope (optiona,) either 27-?! =&? or -'2
"in)& the )& o$ the ,ogin name to #se $or "ining to yo#r
server
"inPass.or its pass.or
"in7sC#rrent'ser i$ set to K?-! -=%o .i,, a,.ays 3eep "ining to the *)7P
server #sing the )& o$ the c#rrent,y a#thenticate #ser. I$
"in(ie,s is set! "in)& an "inPass.or .i,, sti,, "e
re;#ire to @n the proper )& o$ the #ser.
"in(ie,s (optiona,) an array o$ @e,s to #se .hen oing inirect "ins
hostname a space-e,imite ,ist o$ *)7P ':*s or *)7P hostnames.
*)7P ':*s are speci@e in :(C 4418 an have the
$o,,o.ing genera, $ormat:
scheme"//host"port/?5Qattri!utesQscopeQ
/ilterQeOtensions
&ote that -=%o oesnLt c#rrent,y s#pport ?5!
attri!utes! scope an /ilter in s#ch ':*s. 'sing
them may have #ne@ne sie e$$ects.
':*s e1amp,es:
ldap"//127.0.0.1"001, ldaps"//127.0.0.1
ldap"//127.0.0.1/QQQQRStart:&S
port(eprecate) port n#m"er o$ the *)7P server.
7 non-e$a#,t port sho#, "e part o$ the ,ap ':* in the
hostname parameter.
encryption (eprecate) either --* or -07:00*-
--* sho#, "e speci@e as L,aps://L in the *)7P ':*.
-07:00*- sho#, "e speci@e as a *)7P ?1tension in
the *)7P ':* (e1: ldap"//127.0.0.1/QQQQR
Start:&S)
#serPass.or7,gorithm 0he a,gorithm #se $or pass.or encryption .hen
changing pass.ors .itho#t Pass.or Po,icies ena",e.
Possi",e va,#es are: none! p,ain! crypt! m4! m4-crypt!
sm4! cram-m4 an sha! sha248! sha412 an
its ssha (e.g. ssha or ssha248) variants (p,#s setting o$ the
encoing .ith N."84N or N.he1N).
(or a more etai,e escription see
http://.i3i.ovecot.org/7#thentication/Pass.or-chemes.
&ote that cram-m4 is not act#a,,y #sing cram-m4 (#e
to the ,ac3 o$ cha,,enge-response mechanism)! its
Chapter 4
D#st saving the intermeiate 6)4 conte1t as )ovecot
stores in its ata"ase.
can7#thenticate I$ set to K?-! this *)7P so#rce is #se $or a#thentication
pass.orPo,icy I$ set to K?-! -=%o .i,, #se the e1tene *)7P Pass.or
Po,icies attri"#tes. I$ yo# *)7P server oes not s#pport
those an yo# activate this $eat#re! every *)7P re;#ests
.i,, $ai,.
is7ress2oo3 i$ set to K?-! this *)7P so#rce is #se as a share aress
"oo3 (.ith rea-on,y access). &ote that i$ set to &=!
a#tocomp,etion .i,, not .or3 $or entries in this so#rce
an th#s! $ree"#sy ,oo3#ps.
isp,ay&ame (optiona,) i$ set as an aress "oo3! the h#man ienti@cation name
o$ the *)7P repository
6o#,esConstraints (optiona,) ,imits the access o$ any mo#,e thro#gh a constraint
"ase on an *)7P attri"#te/ m#st "e a ictionary .ith
3eys >ail! an/or 6alendar! $or e1amp,e:
>odules6onstraints = K
6alendar = K
ou = employeesD
LD
LD
mapping 7 ictionary that maps contact attri"#tes #se "y -=%o
to the *)7P attri"#tes #se "y the schema o$ the *)7P
so#rce. ?ach entry m#st have an attri"#te name as 3ey
an an array o$ strings as va,#e. 0his ena",es act#a, @e,s
to "e mappe one a$ter another .hen $etching contact
in$ormations.
-ee the *)7P 7ttri"#te 6apping section "e,o. $or an
e1amp,e an a ,ist o$ s#pporte attri"#tes.
o"DectC,asses .hen the Gmoi@ersH ,ist (see "e,o.) is set! or .hen
#sing *)7P-"ase #ser aress"oo3s (see Ga"='H
"e,,o.)! this ,ist o$ o"Dect c,asses .i,, "e app,ie to ne.
recors as they are create
moi@ers a ,ist (array) o$ #sernames that are a#thoriFe to per$orm
moi@cations to the aress "oo3 e@ne "y this *)7P
so#rce
a"=' this @e, ena",es *)7P-"ase #ser aress"oo3s "y
speci$ying the va,#e o$ the aress "oo3 container
"eneath each #ser entry! $or e1amp,e:
ou=address!oo*s<uid=username<dc=domain
0he $o,,o.ing parameters can "e e@ne a,ong the other 3eys o$ each entry o$ the
-=%o'ser-o#rces! "#t can a,so e@ne at the omain an/or system ,eve,s :
Chapter 4
) -=%o*)7PContactIn$o7ttri"#te Parameter #se to speci$y an attri"#te that
sho#, appear in a#tocomp,etion o$ the .e"
inter$ace.
) -=%o*)7PA#ery*imit Parameter #se to ,imit the n#m"er o$ ret#rne
res#,ts $rom the *)7P server .henever -=%o
per$orms a *)7P ;#ery ($or e1amp,e! #ring
aresses comp,etion in a share aress "oo3).
) -=%o*)7PA#ery0imeo#t Parameter to e@ne the timeo#t o$ *)7P
;#eries. 0he act#a, time ,imit $or operations is
a,so "o#ne "y the ma1im#m time that the
server is con@g#re to a,,o..
)e$a#,ts to 0 (#n,imite).
-'A, Attributes Inde.in$
0o ens#re proper per$ormance o$ the -=%o app,ication! the $o,,o.ing *)7P attri"#tes m#st "e
$#,,y ine1e :
given&ame
cn
mai,
sn
P,ease re$er to the oc#mentation o$ the so$t.are yo# #se in orer to ine1 those attri"#tes.
-'A, Attributes appin$
-ome *)7P attri"#tes are mappe to contacts attri"#tes in the -=%o 'I. 0he ta",e "e,o. ,ist
most o$ them. It is possi",e to overrie these "y #sing the (apping con@g#ration parameter.
(or e1amp,e! i$ the *)7P schema #ses the fax attri"#te to store the $a1 n#m"er! one co#, map
it to the facsi(ileteleponenu(/er attri"#te ,i3e this:
mappin) = K
/acsimiletelephonenum!er = 3@/aO@< @/acsimiletelephonenum!er@4D
LD
Chapter 4
&ame
(irst given&ame
*ast sn
)isp,ay&ame isp,ay&ame or cn or given&ame U sn
&ic3name moFi,,anic3name
Internet
?mai, mai,
-econary emai, moFi,,aseconemai,
-creen&ame nsaimi
Phones
Cor3 te,ephone&#m"er
9ome homephone
6o"i,e mo"i,e
(a1 $acsimi,ete,ephonen#m"er
Pager pager
9ome
7ress moFi,,ahomestreet U moFi,,ahomestreet2
City moFi,,ahome,oca,ityname
-tate/Province moFi,,ahomestate
Sip/Posta, Coe moFi,,ahomeposta,coe
Co#ntry moFi,,ahomeco#ntryname
Ce" page moFi,,ahome#r,
Cor3
0it,e tit,e
)epartment o#
=rganiFation o
7ress street U moFi,,a.or3street2
City ,
-tate/Province st
Sip/Posta, coe posta,Coe
Co#ntry c
Ce" page moFi,,a.or3#r,
=ther
2irthay "irthyear-"irthmonth-"irthay
&ote escription
Chapter 4
Authenticatin$ usin$ C.A.S.
-=%o native,y s#pports C.7.-. a#thentication. (or activating C.7.-. a#thentication yo# nee
@rst to ma3e s#re that the SOGo7uthentication:ype setting is set to GcasH an that the
SOGo67SService8& setting is con@g#re appropriate,y.
0he tric3y part sho.s #p .hen #sing -=%o as a $ronten inter$ace to an I67P server as this
imposes constraints neee "y the C.7.-. protoco, to ens#re sec#re comm#nication "et.een
the i$$erent services. (ai,ing to ta3e those preca#tions .i,, prevent #sers $rom accessing their
mai,s! .hi,e sti,, granting "asic a#thentication to -=%o itse,$.
0he @rst constraint is that the amount of workers that SOGo uses must be higher than 1 in
order to enable the C.A.S. service to per$orm some va,iation re;#ests #ring I67P
a#thentication. 7 sing,e .or3er a,one .o#, not! "y e@nition! "e a",e to respon to the C.7.-.
re;#ests .hi,e treating the #ser re;#est that re;#ire the triggering o$ those re;#ests. Ko# m#st
there$ore con@g#re the IOIor*ers6ount setting appropriate,y.
0he secon constraint is that the SOGo service must be accessible and accessed via https.
6oreover! the certi@cate #se "y the -=%o server has to "e recogniFe an tr#ste "y the
C.7.-. service. In the case o$ a certi@cate iss#e "y a thir-party a#thority! there sho#, "e
nothing to .orry a"o#t. In the case o$ a se,$-signe certi@cate! the certi@cate m#st "e registere
in the tr#ste 3eystore o$ the C.7.-. app,ication. 0he proce#re to achieve this can "e
s#mmariFe as importing the certi@cate in the proper G3eystoreH #sing the *eytool #ti,ity an
speci$ying the path $or that 3eystore to the 0omcat instance .hich provies the C.7.-. service.
0his is one "y t.ea3ing the AavaO.net.ssl.trustStore setting! either in the
cata,ina.properties @,e or in the comman-,ine parameters. =n e"ian! the -=%o certi@cate can
a,so "e ae to the tr#ststore as $o,,o.s:
openssl OS0, -in /etc/ssl/certs/so)o-cert.pem -out/orm ?% T
-out /tmp/so)o-cert.der
*eytool -import -*eystore /etc/ssl/certs/Aava/cacerts T
-/ile /tmp/so)o-cert.der -alias so)o-cert
U :he *eystore pass#ord is Mchan)eitM
U tomcat must !e restarted a/ter this operation
The certicate used b! the CAS server must also be trusted b! SOGo. In case o$ a se,$-signe
certi@cate! this means e1porting tomcatLs certi@cate #sing the *eytool #ti,ity! converting it to
P?6 $ormat an appening it to the ca-certi@cates.crt @,e. (0he name an ,ocation o$ that @,e
i$$ers "et.een istri"#tions). 2asica,,y:
Chapter 4
U eOport tomcatMs cert to openssl /ormat
*eytool -*eystore /etc/tomcat7/*eystore -eOportcert -alias tomcat V T
openssl OS0, -in/orm der Htomcat.pem
%nter *eystore pass#ord" tomcat
U add the pem to the trusted certs
cp tomcat.pem /etc/ssl/certs
cat tomcat.pem HH/etc/ssl/certs/ca-certi/icates
I$ any o$ those constraints is not satis@e! the .e"mai, inter$ace o$ -=%o .i,, isp,ay an empty
emai, acco#nt. 'n$ort#nate,y! -=%o has no possi"i,ity to etect .hich one is the ca#se o$ the
pro",em. 0he on,y inicators are ,og messages that at ,east pinpoint the symptoms:
2failure to o/tain a PGT fro( te C-A-S- service3
-#ch an error .i,, sho. #p #ring a#thentication o$ the #ser to -=%o. It happens .hen the
a#thentication service has accepte the #ser a#thentication tic3et "#t has not ret#rne a GPro1y
%ranting 0ic3etH.
2a CAS failure occurred during operation----3
0his error inicate that an attempt .as mae to retrieve an a#thentication tic3et $or a thir-party
service s#ch as I67P or sieve. 6ost o$ the time! this happens as a conse;#ence to the pro",em
escri"e a"ove. 0o tro#",eshoot these iss#es! one sho#, "e tai,ing cas.,og! pam ,ogs an sogo
,ogs.
C#rrent,y! -=%o .i,, as3 $or a C7- tic3et #sing the same C7- service name $or "oth I67P an
-ieve. "hen CASif!ing sieve# this means that the -s parameter of pam2cas should be the
same for both $%A& and Sieve! other.ise the C7- server .i,, comp,ain:
%O [or).Aasi).cas.6entral7uthenticationServiceImpl] - Service:ic*et [S:-
017+0-hoC1!rhh#>5/n=*S>C8#-ocas] #ith service [imap"//myimapserver does not
match supplied service [sieve"//mysieveserver"2000]
(ina,,y! .hen #sing imappro1y to spee #p the imap accesses! the -=%oI67PC7--ervice&ame
sho#, "e set to the act#a, imap service name e1pecte "y pamVcas! other.ise it .i,, $ai, to
a#thenticate incoming connection proper,y.
Authenticatin$ usin$ SA-2
-=%o native,y s#pports -76*2 a#thentication. P,ease re$er to the oc#mentation o$ yo#r
ientity provier an the -76*2 con@g#ration 3eys that are ,iste a"ove $or proper set#p. =nce
a -=%o instance is con@g#re proper,y! the metaata $or that instance can "e retrieve $rom
http"//GhostnameH/SOGo/saml2-metadata $or registration .ith the ientity provier.
2008-2014 Inverse inc. Con@g#ration 2<
Chapter 4
In orer to re,ay a#thentication in$ormation to yo#r I67P server an i$ yo# ma3e #se o$ the
Cr#e-76* -7-* p,#gin! yo# nee to ma3e s#re that G&%Imap47#th6echanismH is con@g#re
to #se the SAM+ mechanism. I$ yo# ma3e #se o$ the Cr#e-76* P76 p,#gin! this va,#e may "e
,e$t empty.
'atabase Con($uration
-=%o re;#ires a re,ationa, ata"ase system in orer to store appointments! tas3s an contacts
in$ormation. It a,so #ses the ata"ase system to store persona, pre$erences o$ -=%o #sers. In this
g#ie! .e ass#me yo# #se Postgre-A* so commans provie the create the ata"ase are
re,ate to this app,ication. 9o.ever! other ata"ase servers are s#pporte! s#ch as 6y-A* an
=rac,e.
(irst! ma3e s#re that yo#r Postgre-A* server has 0CP/IP connections s#pport ena",e.
Create the ata"ase #ser an schema #sing the $o,,o.ing commans :
su W post)res
createuser --no-superuser --no-created! W-no-createrole T
W-encrypted --p#prompt so)o
3speci/y Eso)oF as pass#ord4
created! -O so)o so)o
Ko# sho#, then aD#st the access rights to the ata"ase. 0o o so! moi$y the con@g#ration @,e
/var/li!/p)s.l/data/p)2h!a.con/ in orer to a the $o,,o.ing ,ine at the very "eginning
o$ the @,e:
host so)o so)o 127.0.0.1/02 mdS
=nce ae! restart the Postgre-A* ata"ase service. 0hen! moi$y the -=%o con@g#ration @,e
(/etc/so)o/so)o.con/) to reMect yo#r ata"ase settings :
SOGoBro/ile8& =
@post)res.l"//so)o"so)oPlocalhost"S+02/so)o/so)o2user2pro/ile@D
O6SJolderIn/o8& =
@post)res.l"//so)o"so)oPlocalhost"S+02/so)o/so)o2/older2in/o@D
O6SSessionsJolder8& =
@post)res.l"//so)o"so)oPlocalhost"S+02/so)o/so)o2sessions2/older@D
0he $o,,o.ing ta",e escri"es the parameters that .ere set :
) -=%oPro@,e':* Parameter #se to set the ata"ase ':* so that -=%o can
retrieve #ser pro@,es.
(or 6y-A*! set the ata"ase ':* to something ,i3e :
mys.l"//so)o"so)oPlocalhost"000'/so)o/so)o2user2p
ro/ile
) =C-(o,erIn$o':* Parameter #se to set the ata"ase ':* so that -=%o can
Chapter 4
retrieve the ,ocation o$ #ser $o,ers (aress "oo3s an
ca,enars)
(or =rac,e! set the ata"ase ':* to something ,i3e :
oracle"//so)o"so)oPlocalhost"1S2'/so)o/so)o2/olde
r2in/o
) =C--essions(o,er':* Parameter #se to set the ata"ase ':* so that -=%o can
store an retrieve sec#re #ser sessions in$ormation. (or
Postgre-A*! the ata"ase ':* co#, "e set to something
,i3e :
post)res.l"//so)o"so)oPlocalhost"S+02/so)o/so)o2s
essions2/older
) =C-?6ai,7,arms(o,er':* Parameter #se to set the ata"ase ':* $or emai,-"ase
a,arms (that can "e set on events an tas3s). 0his parameter is
re,evant on,y i$ -=%o?na",e?6ai,7,arms is set to K?-. (or
Postgre-A*! the ata"ase ':* co#, "e set to something
,i3e :
post)res.l"//so)o"so)oPlocalhost"S+02/so)o/so)o2a
larms2/older
-ee the G?6ai, reminersH section in this oc#ment $or more
in$ormation.
I$ yo#Lre #sing 6y-A*! ma3e s#re in yo#r my.cn/ @,e yo# have :
[mys.ld]
...
character2set2server=ut/1
character2set2client=ut/1
[client]
de/ault-character-set=ut/1
[mys.l]
de/ault-character-set=ut/1
an .hen yo# create the -=%o ata"ase! yo# correct,y speci$y the charset :
create data!ase so)o 6$7S%:=M8:J1MD
Authentication usin$ S/-
-=%o can #se a -A*-"ase ata"ase server $or a#thentication. 0he con@g#ration is very simi,ar
to *)7P-"ase a#thentication.
0he $o,,o.ing ta",e escri"es a,, the possi",e parameters re,ate to a -A* so#rce :
2008-2014 Inverse inc. Con@g#ration 2>
Chapter 4
) -=%o'ser-o#rces Parameter #se to set the -A* an/or *)7P so#rces #se $or
a#thentication an g,o"a, aress "oo3s. 6#,tip,e so#rces can
"e speci@e as an array o$ ictionaries. 7 ictionary that
e@nes a -A* so#rce can contain the $o,,o.ing va,#es :
type the type o$ this #ser so#rce! set to s.l $or a -A* so#rce
i the ienti@cation name o$ the -A* repository. 0his m#st "e
#ni;#e 5 even .hen #sing m#,tip,e omains.
vie.':* ata"ase ':* o$ the vie. #se "y -=%o. 0he vie. e1pects
co,#mns to "e present. :e;#ire co,#mns are :
T c2uid : .i,, "e #se $or a#thentication 5 itLs a #sername
or #sernameWomain.t,
T c2name : .i,, "e #se to #ni;#e,y ienti$y entries 5 .hich
can "e ientica, to cV#i
T c2pass#ord : pass.or o$ the #ser! p,ain te1t! crypt! m4
or sha encoe
T c2cn : the #serLs common name
T mail : the #serLs emai, aress
=ther co,#mns can e1ist an .i,, act#a,,y "e mappe
a#tomatica,,y i$ they have the same name as pop#,ar *)7P
attri"#tes (s#ch as )iven5ame! sn! department! title!
telephone5um!er! etc.)
#serPass.or7,gorithm 0he e$a#,t a,gorithm #se $or pass.or encryption .hen
changing pass.ors.
Possi",e va,#es are: none! p,ain! crypt! m4! m4-crypt!
sm4! cram-m4! ,ap-m4! an sha! sha248! sha412 an
its ssha (e.g. ssha or ssha248) variants. Pass.ors can have
the scheme prepene in the $orm
KschemeLencryptedBass.
I$ no scheme is given! #serPass.or7,gorithm is #se
instea. 0he schemes ,iste a"ove $o,,o. the a,gorithms
escri"e in
http://.i3i.ovecot.org/7#thentication/Pass.or-chemes.
&ote that cram-m4 is not act#a,,y #sing cram-m4 (#e to
the ,ac3 o$ cha,,enge-response mechanism)! its
D#st saving the intermeiate 6)4 conte1t as )ovecot stores
in its ata"ase.
prepenPass.or-cheme 0he e$a#,t "ehavio#r is to store ne.,y set pass.ors
.itho#t the scheme (e$a#,t: prependBass#ordScheme =
5O) .
0his can "e overrien "y setting prependBass#ordScheme
to 9%S an .i,, res#,t in pass.ors store as
KschemeLencryptedBass.
can7#thenticate i$ set to 9%S! this -A* so#rce is #se $or a#thentication
is7ress2oo3 i$ set to K?-! this -A* so#rce is #se as a share aress
"oo3 (.ith rea-on,y access). &ote that i$ set to &=!
a#tocomp,etion .i,, not .or3 $or entries in this so#rce an
th#s! $ree"#sy ,oo3#ps.
2008-2014 Inverse inc. Con@g#ration B0
Chapter 4
a#thentication(i,ter
(optiona,)
a @,ter that ,imits .hich #sers can a#thenticate $rom this
so#rce
isp,ay&ame (optiona,) i$ set as an aress "oo3! the h#man ienti@cation name o$
the -A* repository
*ogin(ie,&ames (optiona,) an array o$ @e,s that speci@es the co,#mn names that
contain va,i a#thentication #sernames (e$a#,ts to c2uid
.hen #nset)
6ai,(ie,&ames (optiona,) an array o$ @e,s that speci@es the co,#mn names that ho,
aitiona, emai, aresses ("esie the mail co,#mn) $or
each #ser
I67P9ost(ie,&ame
(optiona,)
the @e, that ret#rns the I67P hostname $or the #ser
I67P*ogin(ie,&ame
(optiona,)
the @e, that ret#rns the I67P ,ogin name $or the #ser
(e$a#,ts to c2uid .hen #nset)
-ieve9ost(ie,&ame
(optiona,)
the @e, that ret#rns the -ieve hostname $or the #ser
Iin(ie,&ame (optiona,) i$ set! -=%o .i,, try to etermine i$ the va,#e o$ the @e,
correspons to either Ggro#pH! G,ocationH or GthingH. I$
thatLs the case! -=%o .i,, consier the ret#rne entry to "e
a reso#rce.
6#,tip,e2oo3ings(ie,&am
e (optiona,)
0he va,#e o$ this @e, is the ma1im#m n#m"er o$
conc#rrent events to .hich a reso#rce can "e part o$ at any
point in time.
I$ this is set to 0! or i$ the attri"#te is missing! it means no
,imit.
)omain(ie,&ame
(optiona,)
I$ set! -=%o .i,, #se the va,#e o$ that @e, as the omain
associate to the #ser. -ee the G6#,ti-omains
Con@g#ration3 section in this oc#ment $or more
in$ormation.
9ere is an e1amp,e o$ an -A*-"ase a#thentication an aress "oo3 so#rce:
SOGo8serSources =
3
K
type = s.lD
id = directoryD
vie#8& = @post)res.l"//so)o"so)oP127.0.0.1"S+02/so)o/so)o2vie#@D
userBass#ord7l)orithm = mdSD
L
4D
Certain ata"ase co,#mns m#st "e present in the vie./ta",e! s#ch as :
Chapter 4
c2uid - .i,, "e #se $or a#thentication 5 itLs the #sername or #sernameWomain.t,)
c2name - .hich can "e ientica, to cV#i 5 .i,, "e #se to #ni;#e,y ienti$y entries
c2pass#ord 5 pass.or o$ the #ser! p,ain-te1t! m4 or sha encoe $or no.
c2cn - the #serLs common name 5 s#ch as GXohn )oeH
mail 5 the #serLs mai, aress
&ote that gro#ps are c#rrent,y not s#pporte $or -A*-"ase a#thentication so#rces.
S0, Server Con($uration
-=%o ma3es #se o$ a -60P server to sen emai,s $rom the Ce" inter$ace! i6IP/i0IP messages
an vario#s noti@cations.
0he $o,,o.ing ta",e escri"es the re,ate parameters.
) -=%o6ai,ing6echanism Parameter #se to set ho. -=%o sens mai,
messages. Possi",e va,#es are :
X sendmail 5 to #se the senmai, "inary
X smtp 5 to #se the -60P protoco,
) -=%o-60P-erver 0he )&- name or IP aress o$ the -60P server #se
.hen SOGo>ailin)>echanism is set to smtp.
) -=%o-60P7#thentication0ype 7ctivate -60P a#thentication an speci@es .hich
type is in #se. C#rrent! on,y GP*7I&H is s#pporte
an other va,#es .i,, "e ignore.
- C=-en6ai, 0he path o$ the senmai, "inary.
)e$a#,ts to /usr/li!/sendmail.
) -=%o(orce?1terna,*oginCith?mai, Parameter #se to speci$y i$! .hen ,ogging in to the
-60P server! the primary emai, aress o$ the #ser
.i,, "e #se instea o$ the #sername. Possi",e va,#es
are :
T K?-
T &=
IA, Server Con($uration
-=%o re;#ires an I67P server in orer to ,et #sers cons#,t their emai, messages! manage their
$o,ers an more.
0he $o,,o.ing ta",e escri"es the re,ate parameters.
' -=%o)ra$ts(o,er&ame Parameter #se to set the I67P $o,er name #se
Chapter 4
to store ra$ts messages.
)e$a#,ts to G)ra$tsH .hen #nset.
'se a G/H as a hierarchy separator i$ re$erring to
an I67P s#"$o,er.
(or e1amp,e : I5=OY/?ra/ts
' -=%o-ent(o,er&ame Parameter #se to set the I67P $o,er name #se
to store sent messages. )e$a#,ts to G-entH .hen
#nset.
an I67P s#"$o,er.
(or e1amp,e : I5=OY/Sent
' -=%o0rash(o,er&ame Parameter #se to set the I67P $o,er name #se
to store e,ete messages. )e$a#,ts to G0rashH
.hen #nset.
an I67P s#"$o,er.
(or e1amp,e : I5=OY/:rash
) -=%oI67PC7--ervice&ame Parameter #se to set the C7- service name (':*)
o$ the imap service. 0his is #se$#, i$ -=%o is
connecting to the I67P service thro#gh a pro1y.
Chen #sing pam2cas! this parameter sho#, "e
set to the same va,#e as the -s arg#ment o$ the
imap pam service.
) -=%oI67P-erver Parameter #se to set the )&- name or IP aress
o$ the I67P server #se "y -=%o. Ko# can a,so
#se --* or 0*- "y proviing a va,#e #sing an ':*!
s#ch as :
T imaps"//localhost",,0
T imaps"//localhost"1+0/Qtls=9%S
) -=%o-ieve-erver Parameter #se to set the )&- name or IP aress
o$ the -ieve (managesieve) server #se "y -=%o.
Ko# m#st #se an ':* s#ch as:
T sieve"//localhost
T sieve"//localhost"2000
T sieve"//localhost"2000/Qtls=9%S
&ote that 0*- is s#pporte "#t --* is not.
) -=%o-ieve(o,er?ncoing Parameter #se to speci$y .hich encoing is #se
$or I67P $o,er names in -ieve @,ters. )e$a#,ts to
G'0(-<H. 0he other possi",e va,#e is G'0(-8H.
' -=%o6ai,-ho.-#"scri"e(o,ers=n,y Parameter #se to speci$y i$ the Ce" inter$ace
sho#, on,y sho. s#"scri"e I67P $o,ers.
T K?-
T &=
) -=%oI67P7c,-ty,e Parameter #se to speci$y .hich :(C the I67P
server imp,ements .ith respect to 7C*s. Possi",e
2008-2014 Inverse inc. Con@g#ration BB
Chapter 4
va,#es are :
T r/c201'
T r/c+01+
)e$a#,ts to r/c+01+ .hen #nset.
) -=%oI67P7c,Con$orms0oI67P?1t Parameter #se to speci$y i$ the I67P server
imp,ements the Internet 6essage 7ccess Protoco,
?1tension. Possi",e va,#es are :
T K?-
T &=
) -=%o(orce?1terna,*oginCith?mai, Parameter #se to speci$y i$! .hen ,ogging in to
the I67P server! the primary emai, aress o$ the
#ser .i,, "e #se instea o$ the #sername.
T K?-
T &=
) -=%o6ai,-poo,Path Parameter #se to set the path .here temporary
emai, ra$ts are .ritten. I$ yo# change this va,#e!
yo# m#st a,so moi$y the ai,y cronDo" so)o-
tmp#atch.
)e$a#,ts to /var/spool/so)o.
- &%Imap4Connection-tring-eparator Parameter #se to set the I67P mai,"o1 separator.
-etting this .i,, a,so have an impact on the
mai,"o1 separator #se "y -ieve @,ters. 0he e$a#,t
separator is G/H.
- &%Imap47#th6echanism 0rigger the #se o$ the I67P G7'09?&0IC70?H
comman .ith the speci@e -7-* mechanism.
P,ease note that $eat#re might "e ,imite at this
time.
) &%Imap4Connection%ro#pIPre@1 Pre@1 to prepen to names in I67P 7C*
transactions! to inicate the name is a gro#p name
not a #ser name. :(C4B14 gives e1amp,es .here
gro#p names are pre@1e .ith LYL. )ovecot! $or
one! $o,,o.s this scheme! an .i,,! $or e1amp,e!
app,y permissions $or LYaminsL to a,, #sers in
gro#p LaminsL in the a"sence o$ speci@c
permissions $or the inivi#a, #ser. 0he e$a#,t
pre@1 is LYL.
1eb Inter&ace Con($uration
0he $o,,o.ing aitiona, parameters on,y a$$ect the Ce" inter$ace "ehavio#r o$ -=%o.
Chapter 4
- -=%oPage0it,e Parameter #se to e@ne the Ce" page tit,e.
)e$a#,ts to SOGo .hen #nset.
' -=%o*ogin6o#,e Parameter #se to speci$y .hich mo#,e to
sho. a$ter ,ogin. Possi",e va,#es are :
T 6alendar
T >ail
T 6ontacts
)e$a#,ts to 6alendar .hen #nset.
- -=%o(avicon:e,ative':* Parameter #se to speci$y the re,ative ':* o$
the site $avion.
Chen #nset! e$a#,ts to the @,e so)o.ico
#ner the e$a#,t .e" reso#rces irectory.
- -=%oSipPath Parameter #se to speci$y the path o$ the Fip
"inary #se to archive messages. )e$a#,ts to
/usr/!in/;ip #hen #nset.
) -=%o-o$tA#ota:atio Parameter #se to change the ;#ota ret#rne
"y the I67P server "y m#,tip,ying it "y the
speci@e ratio. 7cts as a so$t ;#ota. ?1amp,e:
0.1
' -=%o6ai,'se=#t,oo3-ty,e:ep,ies
(not c#rrent,y eita",e in Ce" inter$ace)
Parameter #se to set i$ emai, rep,ies sho#,
#se =#t,oo3Ls sty,e. )e$a#,ts to &= .hen
#nset.
' -=%o6ai,*ist+ie.Co,#mns=rer
(not c#rrent,y eita",e in Ce" inter$ace)
Parameter #se to speci$y the e$a#,t orer o$
the co,#mns $rom the -=%o .e"mai, inter$ace.
0he parameter is an array! $or e1amp,e :
-OGo>ail&istCie#6olumnsOrder =
3Jla))ed< 7ttachment< Briority< Jrom<
Su!Aect< 8nread< ?ate< Si;e4D
) -=%o+acation?na",e Parameter #se to activate the eition $rom the
pre$erences .ino. o$ a vacation message.
:e;#ires -ieve script s#pport on the I67P host.
)e$a#,ts to &= .hen #nset.
Chen ena",ing this parameter! one m#st a,so
ena",e the associate cronDo" in
/etc/cron./sogo in orer to activate a#tomatic
vacation message e1piration.
-ee the GCron4o/ E +acation messages
e1pirationH section "e,o. $or etai,s.
) -=%o(or.ar?na",e Parameter #se to activate the eition $rom the
pre$erences .ino. o$ a $or.aring emai,
aress. :e;#ires -ieve script s#pport on the
I67P host.
Chapter 4
) -=%o-ieve-cripts?na",e Parameter #se to activate the eition $rom the
pre$erences .ino.s o$ server-sie mai, @,ters.
:e;#ires -ieve script s#pport on the I67P host.
) -=%o6ai,Po,,ingInterva,s Parameter #se to e@ne the mai, po,,ing
interva,s (in min#tes) avai,a",e to the #ser. 0he
parameter is an array that can contain the
$o,,o.ing n#m"ers:
T 1
T 2
T S
T 10
T 20
T 00
T '0
)e$a#,ts to the ,ist a"ove .hen #nset.
' -=%o6ai,6essageChec3 Parameter #se to e@ne the mai, po,,ing
interva, at .hich the I67P server is ;#erie $or
ne. messages. Possi",e va,#es are :
T manually
T every2minute
T every222minutes
T every2S2minutes
T every2102minutes
T every2202minutes
T every2002minutes
T once2per2hour
)e$a#,ts to manually .hen #nset.
) -=%o6ai,7#1i,iary'ser7cco#nts?na",e Parameter #se to activate the a#1i,iary I67P
acco#nts in -=%o. Chen set to K?-! #sers can
a other I67P acco#nts that .i,, "e visi",e
$rom the -=%o Ce"mai, inter$ace.
' -=%o)e$a#,tCa,enar Parameter #se to speci$y .hich ca,enar is
#se .hen creating an event or a tas3. Possi",e
va,#es are :
T selected
T personal
T /irst
)e$a#,ts to selected .hen #nset.
' -=%o)ay-tart0ime 0he ho#r at .hich the ay starts (0 thro#gh 12).
' -=%o)ay?n0ime 0he ho#r at .hich the ay ens (12 thro#gh
2B).
' -=%o(irst)ay=$Cee3 0he ay at .hich the .ee3 starts in the .ee3
an month vie.s (0 thro#gh 8). 0 inicates
Chapter 4
-#nay.
' -=%o(irstCee3=$Kear Parameter #se to e@ne ho. is ienti@e the
@rst .ee3 o$ the year. Possi",e va,#es are :
T Zanuary1
T Jirst+?ayIee*
T JirstJullIee*
)e$a#,ts to Zanuary1 .hen #nset.
' -=%o0ime(ormat 0he $ormat #se to isp,ay time in the time,ine
o$ the ay an .ee3 vie.s. P,ease re$er to the
oc#mentation $or the date comman or the
strfti(e C $#nction $or the ,ist o$ avai,a",e
$ormat se;#ence.
)e$a#,ts to [$"[>.
' -=%oCa,enarCategories Parameter #se to e@ne the categories that can
"e associate to events. 0his parameter is an
array o$ ar"itrary strings.
)e$a#,ts to a ,ist that epens on the ,ang#age.
' -=%oCa,enar)e$a#,tCategoryCo,or Parameter #se to e@ne the e$a#,t co,o#r o$
categories.
)e$a#,ts to UJ0J0J0 .hen #nset.
' -=%oCa,enar?vents)e$a#,tC,assi@cation Parameter #se to e@ne the e$a#,t
c,assi@cation $or ne. events. Possi",e va,#es
are :
T B8=&I6
T 6O5JI?%5:I7&
T BIC7:%
)e$a#,ts to B8=&I6 .hen #nset.
' -=%oCa,enar0as3s)e$a#,tC,assi@cation Parameter #se to e@ne the e$a#,t
c,assi@cation $or ne. tas3s. Possi",e va,#es
are :
T B8=&I6
T 6O5JI?%5:I7&
T BIC7:%
)e$a#,ts to B8=&I6 .hen #nset.
' -=%oCa,enar)e$a#,t:eminer Parameter #se to e@ne a e$a#,t reminer
$or ne. events. Possi",e va,#es are :
T -B:S>
T -B:10>
T -B:1S>
T -B:00>
T -P0446
T -B:1$
T -B:2$
T -B:S$
T -B:1S$
T -B1?
2008-2014 Inverse inc. Con@g#ration B<
Chapter 4
T -B2?
T -B1I
) -=%o(ree2#sy)e$a#,tInterva, 0he n#m"er o$ ays to inc,#e in the $ree "#sy
in$ormation. 0he parameter is an array o$ t.o
n#m"ers! the @rst "eing the n#m"er o$ ays
prior to the c#rrent ay an the secon "eing
the n#m"er o$ ays $o,,o.ing the c#rrent ay.
)e$a#,ts to 37< 74 .hen #nset.
' -=%o2#sy=$$9o#rs Parameter #se to speci$y i$ o$$-ho#rs sho#, "e
a#tomatica,,y ae to the $ree-"#sy
in$ormation. =$$ ho#rs inc,#e .ee3ens an
perios covere "et.een SOGo?ay%nd:ime
an SOGo?ayStart:ime.
' -=%o6ai,6essage(or.aring 0he metho the message is to "e $or.are.
T inline
T attached
)e$a#,ts to inline .hen #nset.
' -=%o6ai,C#stom(#,,&ame 0he string to #se as $#,, name .hen composing
an emai,! i$ SOGo>ail6ustomJrom%na!led is
set in the #serLs omain e$a#,ts. Chen #nset!
the $#,, name speci@e in the #ser so#rces $or
the #ser is #se instea.
' -=%o6ai,C#stom?mai, 0he string to #se as emai, aress .hen
composing an emai,! i$
SOGo>ail6ustomJrom%na!led is set in the
#serLs omain e$a#,ts. Chen #nset! the emai,
speci@e in the #ser so#rces $or the #ser is #se
instea.
' -=%o6ai,:ep,yP,acement 0he rep,y p,acement .ith respect to the ;#ote
message. Possi",e va,#es are :
T a!ove
T !elo#
)e$a#,ts to !elo#.
' -=%o6ai,:ep,y0o 0he emai, aress to #se in the Grep,y-toH
heaer @e, .hen the #ser sens a message.
Ignore .hen empty.
' -=%o6ai,-ignat#reP,acement 0he p,acement o$ the signat#re .ith respect to
the ;#ote message. Possi",e va,#es are :
T a!ove
T !elo#
)e$a#,ts to !elo#.
' -=%o6ai,Compose6essage0ype 0he message composition $ormat. Possi",e
va,#es are :
T teOt
Chapter 4
T html
)e$a#,ts to teOt.
- -=%o?na",e?6ai,7,arms Parameter #se to ena",e emai,-"ase a,arms
on events an tas3s.
(or this $eat#re to .or3 correct,y! one m#st a,so
set the =C-?6ai,7,arms(o,er':* parameter
an ena",e the associate cron4o/.
-ee the GCron4o/ E ?6ai, reminersH section
$rom this oc#ment $or more in$ormation.
' -=%oContactsCategories Parameter #se to e@ne the categories that can
"e associate to contacts. 0his parameter is an
array o$ ar"itrary strings.
)e$a#,ts to a ,ist that epens on the ,ang#age.
) -=%o'I7itiona,X-(i,es Parameter #se to e@ne a ,ist o$ aitiona,
Xava-cript @,es ,oae "y -=%o $or a,,
isp,aye .e" pages. 0his parameter is an array
o$ strings corresponing o$ paths to the
ar"itrary Xava-cript @,es. 0he paths are re,ative
to the Ie!Serveresources irectory! .hich
is #s#a,,y $o#n #ner
/usr/li!/G58step/SOGo/.
) -=%o6ai,C#stom(rom?na",e Parameter #se to a,,o. or not #sers to speci$y
c#stom G(romH aresses $rom -=%oLs
pre$erences pane,.
) -=%o'I17itiona,Pre$erences Parameter #se to ena",e an e1tra pre$erences
ta" #sing the content o$ the temp,ate name
8IO7dditionalBre/erences.#oO. 0his
temp,ate sho#, "e p#t #ner
Zso)o/G58step/&i!rary/SOGo/:emplates/
Bre/erences8I/.
2008-2014 Inverse inc. Con@g#ration B>
Chapter 4
S#Go Con($uration Summary
0he comp,ete -=%o con@g#ration @,e /etc/so)o/so)o.con/ sho#, ,oo3 ,i3e this :
K
SOGoBro/ile8& =
O6SJolderIn/o8& =
SOGo7ppointmentSend%>ail5oti/ications = 9%SD
SOGo6alendar?e/aultoles = 3
Bu!licCie#er<
6on/idential?7nd:Cie#er
4D
SOGo&an)ua)e = %n)lishD
SOGo>ail?omain = acme.comD
SOGo?ra/tsJolder5ame = ?ra/tsD
SOGoI>7BServer = localhostD
SOGo8serSources = 3
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = uidD
8I?Jield5ame = uidD
hostname = localhostD
id = pu!licD
port = 01,D
L
4D
SOGo>ailin)>echanism = smtpD
SOGoS>:BServer = 127.0.0.1D
SOGoSentJolder5ame = SentD
SOGo:ime\one = 7merica/>ontrealD
SOGo:rashJolder5ame = :rashD
L
Chapter 4
ulti2domains Con($uration
I$ yo# .ant yo#r insta,,ation to iso,ate t.o gro#ps o$ #sers! yo# m#st e@ne a istinct
a#thentication so#rce $or each do(ain. (o,,o.ing is the same con@g#ration that no. inc,#es
t.o omains (acme.com an coyote.com) :
K
SOGoBro/ile8& =
O6SJolderIn/o8& =
SOGo7ppointmentSend%>ail5oti/ications = 9%SD
SOGo6alendar?e/aultoles = 3
Bu!licCie#er<
6on/idential?7nd:Cie#er
4D
SOGo&an)ua)e = %n)lishD
SOGo>ailin)>echanism = smtpD
SOGoS>:BServer = 127.0.0.1D
SOGoSentJolder5ame = SentD
SOGo:ime\one = 7merica/>ontrealD
SOGo:rashJolder5ame = :rashD
SOGoI>7BServer = localhostD
domains = K
acme = K
SOGo>ail?omain = acme.comD
SOGo?ra/tsJolder5ame = ?ra/tsD
SOGo8serSources = 3
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = uidD
8I?Jield5ame = uidD
id = pu!lic2acmeD
port = 01,D
L
4D
LD
coyote = K
SOGo>ail?omain = coyote.comD
Chapter 4
SOGoI>7BServer = imap.coyote.comD
SOGo8serSources = 3
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = uidD
8I?Jield5ame = uidD
!ase?5 = @ou=users<dc=coyote<dc=com@D
!ind?5 = @uid=so)o<ou=users<dc=coyote<dc=com@D
id = pu!lic2coyoteD
port = 01,D
L
4D
LD
LD
L
0he $o,,o.ing aitiona, parameters on,y a$$ect -=%o .hen #sing m#,tip,e omains.
- -=%o?na",e)omain2ase'I) Parameter #se to activate #ser ienti@cation "y
omain. 'sers .i,, "e a",e (.itho#t "eing
re;#ire) to ,ogin #sing the $orm
usernamePdomain! meaning that va,#es o$
8I?Jield5ame no ,onger have to "e #ni;#e
among a,, omains "#t on,y .ithin the same
omain. Interna,,y! #sers .i,, a,.ays "e ienti@e
"y the concatenation o$ their #sername an
omain. Conse;#ent,y! activating this parameter
on an e1isting system imp,ies that #ser ienti@ers
.i,, change an their previo#s ca,enars an
aress "oo3s .i,, no ,onger "e accessi",e #n,ess
a conversion is per$orme.
- -=%o*ogin)omains Parameter #se to e@ne .hich omains sho#,
"e se,ecta",e $rom the ,ogin page. 0his parameter
is an array o$ 3eys $rom the domains ictionary.
)e$a#,ts to an empty array! .hich means that no
omains appear on the ,ogin page. I$ yo# pre$er
having the omain names ,iste! D#st #se these as
3eys $or the the domains ictionary.
- -=%o)omains+isi"i,ity Parameter #se to set omains visi",e among
themse,ves. 0his parameter is an array o$ arrays.
?1amp,e: SOGo?omainsCisi!ility = 33acme<
coyote44D
Chapter 4
)e$a#,ts to an empty array! .hich means omains
are iso,ate $rom each other.
Apache Con($uration
0he -=%o con@g#ration $or 7pache is ,ocate in /etc/httpd/con/.d/SOGo.con/.
'pon -=%o insta,,ation! a e$a#,t con@g#ration @,e is create .hich is s#ita",e $or most
con@g#rations.
Ko# m#st a,so con@g#re the $o,,o.ing parameters in the -=%o con@g#ration @,e $or 7pache in
orer to have a .or3ing insta,,ation :
e.uest$eader set @O-#e!o!Aects-server-port@ @10@
e.uest$eader set @O-#e!o!Aects-server-name@ @yourhostname@
e.uest$eader set @O-#e!o!Aects-server-url@ @http"//yourhostname@
Ko# may consier ena",ing --* on top o$ this c#rrent insta,,ation to sec#re access to yo#r -=%o
insta,,ation.
-ee http://http.apache.org/ocs/2.2/ss,/ $or etai,s.
Ko# might a,so have to aD#st the con@g#ration i$ yo# have -?*in#1 ena",e.
0he e$a#,t con@g#ration .i,, #se mod2proOy an mod2headers to re,ay re;#ests to the so)od
parent process. 0his is s#ita",e $or sma,, to mei#m ep,oyments.
Startin$ Services
=nce -=%o i$ $#,,y insta,,e an con@g#re! start the services #sing the $o,,o.ing comman :
service so)od start
Ko# may veri$y #sing the chkconfig comman that the -=%o service is a#tomatica,,y starte
at "oot time. :estart the 7pache service since mo#,es an con@g#ration @,es .ere ae :
service httpd restart
(ina,,y! yo# sho#, a,so ma3e s#re that the memcached service is starte an that it is a,so
a#tomatica,,y starte at "oot time.
Chapter 4
Cronjob 3 +ail reminders
-=%o a,,o.s yo# to set emai,-"ase reminers $or events an tas3s. 0o ena",e this! yo# m#st
ena",e the SOGo%na!le%>ail7larms pre$erence an set the O6S%>ail7larmsJolder8&
pre$erence accoring,y.
=nce yo#Lve correct,y set those t.o pre$erences! yo# m#st create a cron4o/ that .i,, r#n #ner
the GsogoH #ser. 0his cron4o/ sho#, "e r#n every min#te.
7 commente o#t e1amp,e sho#, have "een insta,,e in /etc/cron.d/so)o! to ena",e it!
simp,y #ncomment it.
7s a re$erence! the cron4o/ sho#, e e@ne ,i3e this:
N N N N N /usr/s!in/so)o-ealarms-noti/y
I$ yo#r mai, server re;#ires #se o$ -60P 7'09! speci$y a creentia, @,e #sing -p
/path/to/credJile. 0his @,e sho#, contain the #sername an pass.or! separate "y a
co,on (#sername:pass.or)
Cronjob 3 4acation messa$es e.piration
Chen vacation messages are ena",e (see the parameter SOGoCacation%na!led)! #sers can set
an e1piration ate to messages a#to-rep,y. (or this $eat#re to .or3! yo# m#st r#n a cron4o/
#ner the GsogoH #ser.
7 commente o#t e1amp,e sho#, have "een insta,,e in /etc/cron.d/so)o. 0o .or3
correct,y this too, m#st ,ogin as an aministrative #ser on the sieve server. 0he re;#ire
creentia,s m#st "e speci@e in a @,e "y #sing -p /path/to/credJile. 0his @,e sho#,
contain the #sername an pass.or! separate "y a co,on (#sername:pass.or)
0he cron4o/ sho#, ,oo3 ,i3e this :
0 0 N N N so)o /usr/s!in/so)o-tool eOpire-autoreply -p
/etc/so)o/sieve.creds
Chapter 8
5 ana$in$ *ser Accounts
Creatin$ the S#Go Administrative Account
(irst! create the -=%o aministrative acco#nt in yo#r *)7P server. 0he $o,,o.ing *)I( @,e
(so)o.ldi/) can "e #se as an e1amp,e :
dn" uid=so)o<ou=users<dc=acme<dc=com
o!Aect6lass" top
o!Aect6lass" inetOr)Berson
o!Aect6lass" person
o!Aect6lass" or)ani;ationalBerson
uid" so)o
cn" SOGo 7dministrator
mail" so)oPacme.com
sn" 7dministrator
)iven5ame" SOGo
*oa the *)I( @,e insie yo#r *)7P server #sing the $o,,o.ing comman :
ldapadd -/ so)o.ldi/ -O -# .#erty -? cn=>ana)er<dc=acme<dc=com
(ina,,y! set the pass.or (to the va,#e G;.ertyH) o$ the -=%o aministrative acco#nt #sing the
$o,,o.ing comman :
ldappass#d -h localhost -O -# .#erty -? cn=>ana)er<dc=acme<dc=com
uid=so)o<ou=users<dc=acme<dc=com -s .#erty
2008-2014 Inverse inc. 6anaging 'ser 7cco#nts 44
Chapter 8
Creatin$ a *ser Account
-=%o #ses *)7P irectories to a#thenticate #sers. 'se the $o,,o.ing *)I( @,e (Adoe.ldi/) as
an e1amp,e to create a -=%o #ser acco#nt :
dn" uid=Adoe<ou=users<dc=acme<dc=com
o!Aect6lass" top
o!Aect6lass" inetOr)Berson
o!Aect6lass" person
o!Aect6lass" or)ani;ationalBerson
uid" Adoe
cn" Zohn ?oe
mail" AdoePacme.com
sn" ?oe
)iven5ame" Zohn
*oa the *)I( @,e insie yo#r *)7P server #sing the $o,,o.ing comman :
ldapadd -/ Adoe.ldi/ -O -# .#erty -? cn=>ana)er<dc=acme<dc=com
(ina,,y! set the pass.or (to the va,#e G;.ertyH) o$ the -=%o aministrative acco#nt #sing the
$o,,o.ing comman :
ldappass#d -h localhost -O -# .#erty -? cn=>ana)er<dc=acme<dc=com
uid=Adoe<ou=users<dc=acme<dc=com -s .#erty
7s an a,ternative to #sing comman-,ine too,s! yo# can a,so #se *)7P eitors s#ch as +u(a or
Apace 'irectory Studio to ma3e yo#r .or3 easier. 0hese %'I #ti,ities can ma3e #se o$
temp,ates to create an pre-con@g#re typica, #ser acco#nts or any stanariFe *)7P recor!
a,ong .ith the correct o"Dect c,asses! @e,s an e$a#,t va,#es.
2008-2014 Inverse inc. 6anaging 'ser 7cco#nts 48
Chapter <
6 icroso&t ActiveSync
-=%o s#pports the 6icroso$t 7ctive-ync protoco,.
7ctive-ync c,ients can $#,,y synchroniFe contacts! emai,s! events an tas3s .ith -=%o.
(ree"#sy an %7* ,oo3#ps are a,so s#pporte! as .e,, as G-mart rep,yH an G-mart $or.arH
operations.
0o ena",e 6icroso$t 7ctive-ync s#pport in -=%o! yo# m#st insta,, the re;#ire pac3ages.
yum install so)o-activesync li!#!Oml
=nce insta,,e! simp,y #ncomment the $o,,o.ing ,ines $rom yo#r -=%o 7pache con@g#ration:
BroOyBass />icroso/t-Server-7ctiveSync T
http"//127.0.0.1"20000/SOGo/>icroso/t-Server-7ctiveSync T
retry='0 connectiontimeout=S timeout=0'0
:estart 7pache a$ter.ars.
0he $o,,o.ing aitiona, parameters on,y a$$ect -=%o .hen #sing 7ctive-ync:
- -=%o6a1im#mPingInterva, Parameter #se to set the ma1im#m amo#nt o$
time! in secons! -=%o .i,, .ait "e$ore rep,ying
to a Ping comman. I$ not set! it e$a#,ts to 4
secons.
- -=%o6a1im#m-yncInterva, Parameter #se to set the ma1im#m amo#nt o$
time! in secons! -=%o .i,, .ait "e$ore rep,ying
to a -ync comman. I$ not set! it e$a#,ts to B0
secons.
- -=%oInterna,-yncInterva, Parameter #se to set the ma1im#m amo#nt o$
time! in secons! -=%o .i,, .ait "e$ore oing an
interna, chec3 $or ata changes (a! e,ete! an
#pate). 0his parameter m#st "e ,o.er than
SOGo>aOimumSyncInterval. I$ not set! it e$a#,ts
to 10 secons.
- -=%o6a1im#m-yncCino.-iFe Parameter #se to over.rite the ma1im#m n#m"er
o$ items ret#rne #ring a -ync operation.
)e$a#,ts to 0! .hich means no over.rite is
per$orme. -etting this parameter to a va,#e
greater than 412 .i,, have #ne1pecte "ehavio#r
.ith vario#s 7ctive-ync c,ients.
2008-2014 Inverse inc. 6icroso$t 7ctive-ync 4<
Chapter <
P,ease "e a.are o$ the $o,,o.ing ,imitations:
C#rrent,y! on,y the persona, ca,enar an aress "oo3 are synchroniFe. 7ing s#pport $or a,,
$o,ers is p,anne.
Chen creating an =#t,oo3 201B pro@,e! yo# m#st act#a,,y 3i,, =#t,oo3 "e$ore the en o$ the
creation process. -ee http://....vion",og.com/connect-Fim"ra-comm#nity-.ith-o#t,oo3-201B
$or a proce#re e1amp,e.
=#t,oo3 201B oes not search the %7*. =ne possi",e a,ternative so,#tion is to con@g#re
=#t,oo3 to #se a *)7P server (over --*) .ith a#thentication. 7,ternative,y! .hen s#pporting
more than D#st the persona, aress "oo3! .eL,, a,so "e a",e to e1pose the *)7P/-A* "ase
aress "oo3s in -=%o over 7ctive-ync.
6a3e s#re yo# o not #se a se,$-signe certi@cate. Chi,e this .i,, .or3! =#t,oo3 .i,, .or3
intermittent,y as it .i,, raise pop#ps $or certi@cate va,iation! sometimes in "ac3gro#n!
preventing the #ser to see the .arning an th#s! preventing any synchroniFation to happen.
7ctive-ync c,ients 3eep connections open $or a .hi,e. ?ach connection .i,, gra" a ho, on a
sogo process so yo# .i,, nee a ,ot o$ processes to han,e many c,ients. 0his ,imitation .i,,
event#a,,y "e overcome in -=%o.
:epetitive events .ith occ#rrences e1ceptions are c#rrent,y not s#pporte.
=#t,oo3 201B 7#toiscovery is c#rrent,y not s#pporte.
=#t,oo3 201B $ree"#sy ,oo3#ps are s#pporte #sing the Internet (ree/2#sy $eat#re o$ =#t,oo3
201B. P,ease see http://s#pport.microso$t.com/3"/2>1821 $or con@g#ration instr#ctions. =n the
-=%o sie! SOGo%na!leBu!lic7ccess m#st "e set to K?- an the ':* to #se m#st "e o$ the
$o,,o.ing $ormat: http"//GhostnameH/SOGo/dav/pu!lic/[57>%[//ree!usy.i/!
In orer to #se the -=%o 7ctive-ync s#pport coe in pro#ction environments! yo# nee to get
a proper #sage ,icense $rom 6icroso$t. P,ease contact them irect,y to negotiate the $ees
associate to yo#r #ser "ase.
0o contact 6icroso$t! p,ease visit:
http://....microso$t.com/en-
#s/,ega,/inte,,ect#a,property/IP*icensing/Programs/e1changeactivesyncprotoco,.asp1
an sen an emai, to ip,icre;Wmicroso$t.com
Inverse inc. provies this so$t.are $or $ree! "#t is not responsi",e $or anything re,ate to its
#sage.
2008-2014 Inverse inc. 6icroso$t 7ctive-ync 48
Chapter 8
7 *sin$ S#Go
S#Go 1eb Inter&ace
0o acces the -=%o Ce" Inter$ace! point yo#r Ce" "ro.ser! .hich is r#nning $rom the same
server .here -=%o .as insta,,e! to the $o,,o.ing ':* : http://,oca,host/-=%o
*og in #sing the GDoeH #ser an the G;.ertyH pass.or. 0he #ner,ying ata"ase ta",es .i,,
a#tomatica,,y "e create "y -=%o.
o8illa 0hunderbird and -i$htnin$
7,ternative,y! yo# can access -=%o .ith a %ro#p)7+ an a Ca,)7+ c,ient. 7 typica, .e,,-
integrate set#p is to #se 6oFi,,a 0h#ner"ir an 6oFi,,a *ightning a,ong .ith InverseLs SOGo
Connector p,#g in to synchroniFe yo#r aress "oo3s an the InverseLs SOGo Integrator p,#g in
to provie a comp,ete integration o$ the $eat#res o$ -=%o into 0h#ner"ir an *ightning. :e$er
to the oc#mentation o$ 0h#ner"ir to con@g#re an initia, I67P acco#nt pointing to yo#r
-=%o server an #sing the #ser name an pass.or mentione a"ove.
Cith the -=%o Integrator p,#g in! yo#r ca,enars an aress "oo3s .i,, "e a#tomatica,,y
iscovere .hen yo# ,ogin in 0h#ner"ir. 0his p,#g in can a,so propagate speci@c e1tensions
an e$a#,t #ser settings among yo#r site. 9o.ever! "e a.are that in orer to #se the -=%o
Integrator p,#g in! yo# .i,, nee to repac3age it .ith speci@c moi@cations. P,ease re$er to the
oc#mentation p#",ishe on,ine:
http://....sogo.n#/o.n,oas/oc#mentation.htm,.
I$ yo# on,y #se the -=%o Connector p,#g in! yo# can sti,, easi,y access yo#r ata.
0o access yo#r persona, aress "oo3:
Choose %o [ 7ress 2oo3.
Choose (i,e [ &e. [ :emote 7ress 2oo3.
?nter a signi@cant name $or yo#r ca,enar in the &ame @e,.
0ype the $o,,o.ing ':* in the ':* @e,:
http://\hostname[/-=%o/av/Doe/Contacts/persona,/
2008-2014 Inverse inc. 'sing -=%o 4>
Chapter 8
C,ic3 on =I.
0o access yo#r persona, ca,enar:
Choose %o [ Ca,enar.
Choose Ca,enar [ &e. Ca,enar.
-e,ect =n the &et.or3 an c,ic3 on Contin#e.
-e,ect Ca,)7+.
0ype the $o,,o.ing ':* in the ':* @e,:
http://,oca,host/-=%o/av/Doe/Ca,enar/persona,/
C,ic3 on Contin#e.
Apple iCal
7pp,e iCa, can a,so "e #se as a c,ient app,ication $or -=%o.
0o con@g#re it so it .or3s .ith -=%o! create a ne. acco#nt an speci$y! as the 7cco#nt ':*!
an ':* s#ch as :
http://,oca,host/-=%o/av/Doe/
&ote that the trai,ing s,ash is important $or 7pp,e iCa, B.
Apple Address9oo:
-ince 6ac =- J 10.8 (-no. *eopar)! 7pp,e 7ress2oo3 can "e con@g#re to #se -=%o.
In orer to ma3e this .or3! yo# m#st a a ne. virt#a, host in yo#r 7pache con@g#ration @,e to
,isten on port 8800 an han,e re;#ests coming $rom i=- evices.
0he virt#a, host sho#, "e e@ne ,i3e :
GCirtual$ost N"1100H
e#rite%n)ine O//
BroOye.uests O//
Set%nv proOy-no*eepalive 1
BroOyBreserve$ost On
BroOyBassInterpolate%nv On
BroOyBass /principals http"//127.0.0.1"20000/SOGo/dav/ interpolate
BroOyBass /SOGo http"//127.0.0.1"20000/SOGo interpolate
BroOyBass / http"//127.0.0.1"20000/SOGo/dav/ interpolate
2008-2014 Inverse inc. 'sing -=%o 40
Chapter 8
G&ocation /H
Order allo#<deny
7llo# /rom all
G/&ocationH
GBroOy http"//127.0.0.1"20000H
e.uest$eader set @O-#e!o!Aects-server-port@ @1100@
e.uest$eader set @O-#e!o!Aects-server-name@ @acme.com"1100@
e.uest$eader set @O-#e!o!Aects-server-url@ @http"//acme.com"1100@
e.uest$eader set @O-#e!o!Aects-server-protocol@ @$::B/1.0@
e.uest$eader set @O-#e!o!Aects-remote-host@ @127.0.0.1@
7dd?e/ault6harset 8:J-1
G/BroOyH
%rror&o) /var/lo)/apache2/a!-error.lo)
6ustom&o) /var/lo)/apache2/a!-access.lo) com!ined
G/Cirtual$ostH
0his con@g#ration is a,so re;#ire i$ yo# .ant to con@g#re a Car)7+ acco#nt on an 7pp,e i=-
evice (version 4.0 an ,ater).
Chapter 8
icroso&t ActiveSync ; obile 'evices
Ko# can synchroniFe contacts! emai,s! events an tas3s $rom -=%o .ith any mo"i,e evices
that s#pport 6icroso$t 7ctive-ync. 6icroso$t =#t,oo3 201B is a,so s#pporte.
0he 6icroso$t 7ctive-ync server ':* is genera,,y something ,i3e: http://\hostname[/6icroso$t-
7ctive--ync .
Chapter >
< *p$radin$
0his section escri"es .hat nees to "e one .hen #pgraing to the c#rrent version o$ -=%o
$rom the previo#s re,ease.
'.(.)
0he con@g#ration is no. store in /etc/sogo/sogo.con$. Per$orm the $o,,o.ing commans as
root to migrate yo#r previo#s #ser e$a#,ts:
install -d -m 7S0 -o so)o -) so)o /etc/so)o
sudo -u so)o so)o-tool dump-de/aults H /etc/so)o/so)o.con/
cho#n root"so)o /etc/so)o/so)o.con/
chmod '+0 /etc/so)o/so)o.con/
sudo -u so)o mv ]/G58step/?e/aults/.G58step?e/aults T
]/G58step/?e/aults/G58step?e/aults.old
'.(.*
0he parameter SOGoJorceI>7B&o)inIith%mail is no. eprecate an is rep,ace "y
SOGoJorce%Oternal&o)inIith%mail (.hich e1tens the $#nctiona,ity to -60P
a#thentication). 'pate yo#r con@g#ration i$ yo# #se this parameter.
0he sogo #ser is no. a system #ser. (or ne. insta,,s! this means that Gsu - so)oG .onLt .or3
anymore. P,ease #se Gsudo -u so)o GcmdHH instea. I$ #se in scripts $rom cronDo"s!
re1uiretty m#st "e isa",e in s#oers.
1.+.1,
:#n the she,, script s.l-update-1.0.1'2to21.0.17.sh or s.l-update-
1.0.1'2to21.0.17-mys.l.sh (i$ yo# #se 6y-A*).
0his .i,, gro. the Gcyc,e in$oH @e, o$ ca,enar ta",es to a ,arger siFe.
1.+.1'
=nce yo# have #pate an restarte -=%o! r#n the she,, script s.l-update-
1.0.112to21.0.12.sh or s.l-update-1.0.112to21.0.12-mys.l.sh 3i$ yo# #se
6y-A*).
0his .i,, gro. the GcontentH @e, o$ ca,enar an aress"oo3 ta",es to a ,arger siFe an @1
the primary 3ey o$ the session ta",e.
1.+.-
(or :e 9at-"ase istri"#tions! version 1.2B o$ %&'step .i,, "e insta,,e. -ince the ,ocation
2008-2014 Inverse inc. 'pgraing 4B
Chapter >
o$ the Ce" reso#rces changes! the 7pache con@g#ration @,e (-=%o.con$) has "een aapte.
+eri$y yo#r 7pache con@g#ration i$ yo# have c#stomiFe this @,e.
2008-2014 Inverse inc. 44
Chapter 10
1= Additional In&ormation
(or more in$ormation! p,ease cons#,t the on,ine (7As ((re;#ent,y 7s3e A#estions) :
http://....sogo.n#/eng,ish/s#pport/$a;.htm,
Ko# can a,so rea the mai,ing archives or post yo#r ;#estions to it. (or etai,s! see :
https:// ,ists. inverse.ca/sogo
2008-2014 Inverse inc. 7itiona, In$ormation 44
Chapter 11
11 Commercial Support and Contact
In&ormation
(or any ;#estions or comments! o not hesitate to contact #s "y .riting an emai, to :
s#pportWinverse.ca
Inverse (http://inverse.ca) o$$ers pro$essiona, services aro#n -=%o to he,p organiFations ep,oy
the so,#tion an migrate $rom their ,egacy systems.
2008-2014 Inverse inc. Commercia, -#pport an Contact In$ormation 48

SOGo Installation Guide PDF

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

SOGo Installation Guide PDF

Hochgeladen von

Copyright:

Verfügbare Formate

version 2.2.

Das könnte Ihnen auch gefallen