SOGo Installation Guide

version 2.2.
3
Installation and Confguration Guide
Copyright 2008-2014 Inverse inc. (http://inverse.ca)
Permission is grante to copy! istri"#te an/or moi$y this oc#ment #ner the terms o$ the
%&' (ree )oc#mentation *icense! +ersion 1.2 or any ,ater version p#",ishe "y the (ree
-o$t.are (o#nation/ .ith no Invariant -ections! no (ront-Cover 0e1ts! an no 2ac3-Cover 0e1ts.
P,ease re$er to http://....gn#.org/,icenses/$,-1.2.t1t $or the $#,, ,icense.
+ersion 2.2.4 5 6pri, 2014
Contents
Chapter 1 About this Guide 3
Chapter 2 Introduction 4
6rchitect#re an Compati"i,ity 7
Chapter 3 System Requirements 6
6ss#mptions 8
9inim#m :ar.are ;e<#irements =
>perating -ystem ;e<#irements 8
Chapter 4 Installation 9
-o$t.are )o.n,oas ?
-o$t.are Insta,,ation ?
Chapter Con!"uration 1#
%&'step @nvironment >vervie. 10
Pre$erences :ierarchy 11
%enera, Pre$erences 12
6#thentication #sing *)6P 18
*)6P 6ttri"#tes Ine1ing 24
*)6P 6ttri"#tes 9apping 24
6#thenticating #sing C.6.-. 28
6#thenticating #sing -69*2 2=
)ata"ase ConAg#ration 28
6#thentication #sing -B* 2?
-90P -erver ConAg#ration 42
I96P -erver ConAg#ration 42
Ce" Inter$ace ConAg#ration 44
->%o ConAg#ration -#mmary 41
9#,ti-omains ConAg#ration 42
6pache ConAg#ration 44
-tarting -ervices 44
CronDo" E @9ai, reminers 47
CronDo" E +acation messages e1piration 47
Chapter 6 $ana"in" %ser Accounts 46
Creating the ->%o 6ministrative 6cco#nt 48
Creating a 'ser 6cco#nt 4=
Chapter & $icroso't Acti(eSync 4)
Chapter ) %sin" S*Go #
->%o Ce" Inter$ace 70
9oFi,,a 0h#ner"ir an *ightning 70
6pp,e iCa, 71
6pp,e 6ress2oo3 71
9icroso$t 6ctive-ync / 9o"i,e )evices 74
Chapter 9 %p"radin" 4
Chapter 1# Additional In'ormation 6
Chapter 11 Commercial Support and Contact In'ormation &
Chapter 1
1 About this Guide
0his g#ie .i,, .a,3 yo# thro#gh the insta,,ation an conAg#ration o$ the ->%o so,#tion. It a,so
covers the insta,,ation an conAg#ration o$ ->%o 6ctive-ync s#pport 5 the so,#tion #se to
synchroniFe mo"i,e evices .ith ->%o.
0he instr#ctions are "ase on version 2.2.4 o$ ->%o.
0he ,atest version o$ this g#ie is avai,a",e at
http://....sogo.n#/o.n,oas/oc#mentation.htm,.
2008-2014 Inverse inc. 6"o#t this %#ie 4
Chapter 2
2 Introduction
->%o is a $ree an moern sca,a",e gro#p.are server. It o$$ers share ca,enars! aress "oo3s!
an emai,s thro#gh yo#r $avo#rite Ce" "ro.ser an "y #sing a native c,ient s#ch as 9oFi,,a
0h#ner"ir an *ightning.
->%o is stanar-comp,iant. It s#pports Ca,)6+! Car)6+! %ro#p)6+! i9IP an i0IP an
re#ses e1isting I96P! -90P an ata"ase servers - ma3ing the so,#tion easy to ep,oy an
interopera",e .ith many app,ications.
->%o $eat#res :
-ca,a",e architect#re s#ita",e $or ep,oyments $rom oFens to many tho#sans o$ #sers
;ich Ce"-"ase inter$ace that shares the ,oo3 an $ee,! the $eat#res an the ata o$ 9oFi,,a
0h#ner"ir an *ightning
Improve integration .ith 9oFi,,a 0h#ner"ir an *ightning "y #sing the ->%o Connector
an the ->%o Integrator
&ative compati"i,ity $or 9icroso$t >#t,oo3 2004! 200=! 2010! an 2014
0.o-.ay synchroniFation s#pport .ith any 9icroso$t 6ctive-ync-capa",e evice! or >#t,oo3
2014
->%o is eve,ope "y a comm#nity o$ eve,opers ,ocate main,y in &orth 6merica an
@#rope. 9ore in$ormation can "e $o#n at http://....sogo.n#
2008-2014 Inverse inc. Intro#ction 4
Chapter 2
Architecture and Compatibility
-tanar protoco,s s#ch as Ca,)6+! Car)6+! %ro#p)6+! :00P! I96P an -90P are #se to
comm#nicate .ith the ->%o p,at$orm or its s#"-components. 9o"i,e evices s#pporting the
9icroso$t 6ctive-ync protoco, are a,so s#pporte.
0o insta,, an conAg#re the native 9icroso$t >#t,oo3 compati"i,ity ,ayer! p,ease re$er to the
SOGo Native Microsoft Outlook Confguration Guide.
2008-2014 Inverse inc. Intro#ction 7
Chapter 4
3 System Requirements
Assumptions
->%o re#ses many components in an in$rastr#ct#re. 0h#s! it re<#ires the $o,,o.ing :
)ata"ase server (9y-B*! Postgre-B* or >rac,e)
*)6P server (>pen*)6P! &ove,, e)irectory! 9icroso$t 6ctive )irectory an others)
-90P server (PostA1! -enmai, an others)
I96P server (Co#rier! Cyr#s I96P -erver! )ovecot an others)
In this g#ie! .e ass#me that a,, those components are r#nning on the same server (i.e.!
GlocalhostH or G127.0.0.1H) that ->%o .i,, "e insta,,e on.
%oo #nerstaning o$ those #ner,ying components an %&'/*in#1 is re<#ire to insta,,
->%o. I$ yo# miss some o$ those re<#ire components! p,ease re$er to the appropriate
oc#mentation an procee .ith the insta,,ation an conAg#ration o$ these re<#irements "e$ore
contin#ing .ith this g#ie.
0he $o,,o.ing ta",e provies recommenations $or the re<#ire components! together .ith
version n#m"ers :
)ata"ase server Postgre-B* =.4 or ,ater
*)6P server >pen*)6P 2.4.1 or ,ater
-90P server PostA1 2.1
I96P server Cyr#s I96P -erver 2.4.1 or ,ater
9ore recent versions o$ the so$t.are mentione a"ove can a,so "e #se.
2008-2014 Inverse inc. -ystem ;e<#irements 8
Chapter 4
Minimum ard!are Requirements
0he $o,,o.ing ta",e provies har.are recommenations $or the server! es3tops an mo"i,e
evices :
-erver @va,#ation an testing
Inte,! 69)! or Po.erPC CP' 1 %:F
712 92 o$ ;69
1 %2 o$ is3 space
Pro#ction
Inte,! 69) or Po.erPC CP' 4 %:F
2048 92 o$ ;69
10 %2 o$ is3 space (e1c,#ing the mai, store)
)es3top %enera,
Inte,! 69)! or Po.erPC CP' 1.7 %:F
10241=88 monitor reso,#tion
712 92 o$ ;69
128 I"ps or higher net.or3 connection
9icroso$t Cino.s
9icroso$t Cino.s JP -P2 or +ista
6pp,e 9ac >- J
6pp,e 9ac >- J 10.2 or ,ater
*in#1
Ko#r $avo#rite %&'/*in#1 istri"#tion
9o"i,e )evice 6ny mo"i,e evice .hich s#pports Ca,)6+! Car)6+ or 9icroso$t
6ctive-ync.
2008-2014 Inverse inc. -ystem ;e<#irements =
Chapter 4
"peratin# System Requirements
0he $o,,o.ing 42-"it an 84-"it operating systems are c#rrent,y s#pporte "y ->%o :
;e :at @nterprise *in#1 (;:@*) -erver 7 an 8
Comm#nity @&0erprise >perating -ystem (Cent>-) 7 an 8
)e"ian %&'/*in#1 7.0 (*enny) to =.0 (CheeFy)
'"#nt# 10.04 (*#ci) to 12.04 (Precise)
9a3e s#re the re<#ire components are starte a#tomatica,,y at "oot time an that they are
r#nning "e$ore proceeing .ith the ->%o conAg#ration. 6,so ma3e s#re that yo# can insta,,
aitiona, pac3ages $rom yo#r stanar istri"#tion. (or e1amp,e! i$ yo# are #sing ;e :at
@nterprise *in#1 7! yo# have to "e s#"scri"e to the ;e :at &et.or3 "e$ore contin#ing .ith
the ->%o so$t.are insta,,ation.
0his oc#ment covers the insta,,ation o$ ->%o #ner ;:@* 8.
(or insta,,ation instr#ctions on )e"ian an '"#nt#! p,ease re$er irect,y to the ->%o .e"site at
http://....sogo.n#. 'ner the o.n,oas section! yo# .i,, An ,in3s $or insta,,ation steps $or
)e"ian an '"#nt#.
&ote that once the ->%o pac3ages are insta,,e #ner )e"ian an '"#nt#! this g#ie can "e
$o,,o.e in orer to $#,,y conAg#re ->%o.
2008-2014 Inverse inc. -ystem ;e<#irements 8
Chapter 4
$ Installation
0his section .i,, g#ie yo# thro#gh the insta,,ation o$ ->%o together .ith its epenencies. 0he
steps escri"e here app,y to an ;P9-"ase insta,,ation $or a ;e :at or Cent>- istri"#tion.
So%t!are &o!nloads
->%o can "e insta,,e #sing the yum #ti,ity. 0o o so! Arst create the
/etc/yum.repos.d/inverse.repo conAg#ration A,e .ith the $o,,o.ing content :
[SOGo]
name=Inverse SOGo epository
!aseurl=http"//inverse.ca/do#nloads/SOGo/$%&'/(!asearch
)p)chec*=0
-ome o$ the so$t.ares on .hich ->%o epens are avai,a",e $rom the repository o$ ;epo(orge
(previo#s,y 3no.n as ;P9$orge). 0o a ;epo(orge to yo#r pac3ages so#rces! o.n,oa an
insta,, the appropriate ;P9 pac3age $rom http://pac3ages.s.."e/rpm$orge-re,ease/. 6,so ma3e
s#re yo# ena",e the Grpm$orge-e1trasH repository.
(or more in$ormation on #sing ;epo(orge! visit http://repo$orge.org/#se/.
So%t!are Installation
>nce the y#m conAg#ration A,e has "een create! yo# are no. reay to insta,, ->%o an its
epenencies. 0o o so! procee .ith the $o,,o.ing comman :
yum install so)o
0his .i,, insta,, ->%o an its epenencies s#ch as %&'step! the ->P@ pac3ages an
memcache. >nce the "ase pac3ages are insta,,e! yo# nee to insta,, the proper ata"ase
connector s#ita",e $or yo#r environment. Ko# nee to insta,, sope+,-)dl1-post)res.l $or the
Postgre-B* ata"ase system! sope+,-)dl1-mys.l $or 9y-B* or sope+,-)dl1-oracle $or
>rac,e. 0he insta,,ation comman .i,, th#s ,oo3 ,i3e this :
yum install sope+,-)dl1-post)res.l
>nce comp,ete! ->%o .i,, "e $#,,y insta,,e on yo#r server. Ko# are no. reay to conAg#re it.
2008-2014 Inverse inc. Insta,,ation ?
Chapter 7
' Con(#uration
In this section! yo#L,, ,earn ho. to conAg#re ->%o to #se yo#r e1isting *)6P! -90P an
ata"ase servers. 6s previo#s,y mentione! .e ass#me that those components r#n on the same
server on .hich ->%o is "eing insta,,e. I$ this is not the case! p,ease aD#st the conAg#ration
parameters to reMect those changes.
G)*step +nvironment "vervie!
->%o ma3es #se o$ the %&'step environment. %&'step is a $ree so$t.are imp,ementation o$
the >pen-tep speciAcation .hich provies many $aci,ities $or "#i,ing a,, types o$ server an
es3top app,ications. 6mong those $aci,ities! there is a conAg#ration 6PI simi,ar to the N;egistryN
paraigm in 9icroso$t Cino.s. In >pen-0@P! %&'step an 9ac>- J! these are ca,,e the
N#ser e$a#,tsN.
In ->%o! the #serLs app,ications settings are store in /etc/so)o/so)o.con/. Ko# can #se
yo#r $avo#rite te1t eitor to moi$y the A,e.
0he so)o.con/ A,e is a seria,iFe property list. 0his simp,e $ormat encaps#,ates $o#r "asic ata
types: arrays! ictionaries (or hashes)! strings an n#m"ers. &#m"ers are represente as-is!
e1cept $or "oo,eans .hich can ta3e the #n<#ote va,#es GK@-H an G&>H. -trings are not
manatori,y <#ote! "#t oing so .i,, avoi yo# many pro",ems. 6 ictionary is a se<#ence o$
3ey an va,#e pairs separate in their mi,e .ith a GOH sign. It starts .ith a GPG an ens .ith a
corresponing GQH. @ach va,#e eAnition in a ictionary ens .ith a semico,on. 6n array is a
chain o$ va,#es starting .ith G(G an ening .ith G)H! .here the va,#es are separate .ith a G!H.
6,so! the A,e genera,,y $o,,o.s a C-sty,e inentation $or c,arity "#t this inentation is not
re<#ire! on,y recommene. 2,oc3 comments are e,imite "y /R an R/ an can span m#,tip,e
,ines .hi,e ,ine comments m#st start .ith //.
2008-2014 Inverse inc. ConAg#ration 10
Chapter 7
,re%erences ierarchy
->%o s#pports omain names segregation! meaning that yo# can separate m#,tip,e gro#ps o$
#sers .ithin one insta,,ation o$ ->%o. 6 #ser associate to a omain is ,imite to access on,y
the #sers ata $rom the same omain. Conse<#ent,y! the conAg#ration parameters o$ ->%o are
eAne on three ,eve,s:
@ach ,eve, inherits the pre$erences o$ the parent ,eve,. 0here$ore! omain pre$erences eAne the
e$a#,ts va,#es o$ the #ser pre$erences! an the system pre$erences eAne the e$a#,t va,#es o$
a,, omains pre$erences. 2oth system an omains pre$erences are eAne in the
/etc/so)o/so)o.con/! .hi,e the #sers pre$erences are conAg#ra",e "y the #ser an store in
->%oLs ata"ase.
0o ienti$y the ,eve, in .hich each parameter can "e eAne! .e #se the $o,,o.ing
a""reviations in the ta",es o$ this oc#ment :
- Parameter e1c,#sive to the system an not conAg#ra",e per omain
) Parameter e1c,#sive to a omain an not conAg#ra",e per #ser
' Parameter conAg#ra",e "y the #ser
;emem"er that the hierarchy paraigm a,,o. the e$a#,t va,#e o$ a parameter to "e eAne at a
parent ,eve,.
Chapter 7
General ,re%erences
0he $o,,o.ing ta",e escri"es the genera, parameters that can "e set :
- C>Cor3ersCo#nt 0he amo#nt o$ instances o$ ->%o that .i,, "e
spa.ne to han,e m#,tip,e re<#ests
sim#,taneo#s,y. Chen starte $rom the init
script! that amo#nt is overrien "y the
GP;@(>;IH va,#e in /etc/syscon/i)/so)o
or /etc/de/ault/so)o. 6 va,#e o$ 4 is a
reasona",e e$a#,t $or ,o. #sage. 0he
ma1im#m va,#e epens on the CP' an I>
po.er provie "y yo#r machine : a va,#e set
too high .i,, act#a,,y ecrease per$ormances
#ner high ,oa.
)e$a#,ts to 1 .hen #nset.
- C>*istenB#e#e-iFe 0his parameter contro,s the "ac3,og siFe o$ the
soc3et ,isten <#e#e. (or ,arge-sca,e
ep,oyments! this va,#e m#st "e aD#ste in
case a,, .or3ers are "#sy an the parent
processes receives ,ots o$ incoming
connections. )e$a#,ts to 7 .hen #nset.
- C>Port 0he 0CP ,istening aress an port #se "y the
->%o aemon. 0he $ormat is
ipaddress"port
)e$a#,ts to 12=.0.0.1:20000 .hen #nset.
- C>*og(i,e 0he A,e path .here to ,og messages. -peci$y -
to ,og to the conso,e.
)e$a#,ts to /var/lo)/so)o/so)o.lo).
- C>Pi(i,e 0he A,e path .here the parent process i .i,,
"e .ritten.
)e$a#,ts to /var/run/so)o/so)o.pid.
- C>Catch)og;e<#est0imeo#t 0his parameter speciAes the n#m"er o$ min#tes
a$ter .hich a "#sy chi, process .i,, "e 3i,,e
"y the parent process.
)e$a#,ts to 10 (min#tes).
)o not set this too ,o. as chi, processes
rep,ying to c,ients on a s,o. internet
connection co#, "e 3i,,e premat#re,y.
- -1+9em*imit Parameter #se to set the ma1im#m amo#nt o$
memory (in mega"ytes) that a chi, can #se.
;eaching that va,#e .i,, $orce chi,ren
processes to restart! in orer to preserve system
memory.
)e$a#,ts to 01+.
Chapter 7
- ->%o9emcache:ost Parameter #se to set the hostname an
optiona,,y the port o$ the memcache server.
6 path can a,so "e #se i$ the server m#st "e
reache via a 'ni1 soc3et.
)e$a#,ts to localhost.
-ee memcached2servers2parse304 $or etai,s
on the synta1.
- ->%oCacheC,ean#pInterva, Parameter #se to set the e1piration (in
secons) o$ each o"Dect in the cache.
)e$a#,ts to 000.
- ->%o6#thentication0ype Parameter #se to eAne the .ay "y .hich
#sers .i,, "e a#thenticate. (or C.6.-.! speci$y
GcasH. (or -69*2! speci$y Gsam,2H. (or
anything e,se! ,eave that va,#e empty.
->%o0r#stPro1y6#thentication Parameter #se to set .hether :00P #sername
sho#, "e tr#ste.
)e$a#,ts to 5O .hen #nset.
->%o@ncryptionIey Parameter #se to eAne a 3ey to encrypt the
pass.ors o$ remote Ce" ca,enars .hen
SOGoTrustProxyAutentication is ena",e.
- ->%oC6--ervice';* Chen #sing C.6.-. a#thentication! this
speciAes the "ase #r, $or reaching the C.6.-.
service. 0his .i,, "e #se "y ->%o to e#ce
the proper ,ogin page as .e,, as the other
C.6.-. services that ->%o .i,, #se.
- ->%oC6-*ogo#t@na",e 2oo,ean va,#e inicating .hether the G*ogo#tH
,in3 is ena",e .hen #sing C.6.-. as
a#thentication mechanism.
0he G*ogo#tH,in3 .i,, en #p ca,,ing
SOGo67SService8&/lo)out to terminate the
c,ientLs sing,e sign-on C.6.-. session.
- ->%o6ress2oo3)6+6ccess@na",e Parameter contro,,ing Ce")6+ access to the
Contacts co,,ections.
0his can "e #se to eny access to these
reso#rces $rom *ightning $or e1amp,e.
)e$a#,ts to 9%S .hen #nset.
- ->%oCa,enar)6+6ccess@na",e Parameter contro,,ing Ce")6+ access to the
Calendar co,,ections.
0his can "e #se to eny access to these
reso#rces $rom *ightning $or e1amp,e.
)e$a#,ts to 9%S .hen #nset.
- ->%o-69*2PrivateIey*ocation 0he ,ocation o$ the --* private 3ey A,e on the
A,esystem that is #se "y ->%o to sign an
encrypt comm#nications .ith the -69*2
ientity provier. 0his A,e m#st "e generate
$or each r#nning ->%o service (rather than
Chapter 7
host).
- ->%o-69*2Certiticate*ocation 0he ,ocation o$ the --* certiAcate A,e. 0his A,e
m#st "e generate $or each r#nning ->%o
service.
- ->%o-69*2Ip9etaata*ocation 0he ,ocation o$ the metaata A,e that escri"es
the services avai,a",e on the -69*2 ienti$y
provier.
- ->%o-69*2IpP#",icIey*ocation 0he ,ocation o$ the --* p#",ic 3ey A,e on the
A,esystem that is #se "y ->%o to sign an
encrypt comm#nications .ith the -69*2
ientity provier. 0his A,e sho#, "e part o$ the
set#p o$ yo#r ientity provier.
- ->%o-69*2IpCertiAcate*ocation 0he ,ocation o$ the --* certiAcate A,e. 0his A,e
sho#, "e part o$ the set#p o$ yo#r ientity
provier.
- ->%o-69*2*ogo#t@na",e 2oo,ean va,#e inicate .hether the G*ogo#tH
,in3 is ena",e .hen #sing -69*2 as
a#thentication mechanism.
) ->%o0imeSone Parameter #se to set a e$a#,t time Fone $or
#sers. 0he e$a#,t timeFone is set to 8:6. 0he
>,son ata"ase is a stanar ata"ase that
ta3es a,, the time Fones aro#n the .or, into
acco#nt an represents them a,ong .ith their
history. >n %&'/*in#1 systems! time Fone
eAnition A,es are avai,a",e #ner
/usr/share/;onein/o. *isting the avai,a",e
A,es .i,, give yo# the name o$ the avai,a",e
time Fones. 0his co#, "e 7merica/5e#29or*<
%urope/=erlin< 7sia/:o*yo or
7/rica/&u!um!ashi.
In o#r e1amp,e! .e set the time Fone to
7merica/>ontreal
) ->%o9ai,)omain Parameter #se to set the e$a#,t omain name
#se "y ->%o. ->%o #ses this parameter to
"#i, the ,ist o$ va,i emai, aresses $or #sers.
In o#r e1amp,e! .e set the e$a#,t omain to
acme.com
) ->%o6ppointment-en@9ai,&otiAcations Parameter #se to set .hether ->%o sens or
not emai, notiAcations to meeting participants.
Possi",e va,#es are :
T K@- 5 to sen notiAcations
T &> 5 to not sen notiAcations
) ->%o(o,ers-en@9ai,&otiAcations -ame as a"ove! "#t the notiAcations are
triggere on the creation o$ a ca,enar or an
aress "oo3.
Chapter 7
) ->%o6C*s-en@9ai,&otiAcations -ame as a"ove! "#t the notiAcations are sent to
the invo,ve #sers o$ a ca,enar or aress
"oo3Ls 6C*s.
) ->%oCa,enar)e$a#,t;o,es Parameter #se to eAne the e$a#,t ro,es .hen
giving permissions to a #ser to access a
ca,enar. )e$a#,ts ro,es are ignore $or p#",ic
accesses. 9#st "e an array o$ #p to Ave strings.
@ach string eAning a ro,e $or an event
category m#st "egin .ith one o$ those va,#es:
T P#",ic
T ConAentia,
T Private
6n each string m#st en .ith one o$ those
va,#es:
T +ie.er
T )6n0+ie.er
T 9oiAer
T ;esponer
0he array can a,so contain one or many o$ the
$o,,o.ing strings:
T >"DectCreator
T >"Dect@raser
@1amp,e: SOGo6alendar?e/aultoles =
3@O!Aect6reator@< @Bu!licCie#er@4D
)e$a#,ts to no ro,e .hen #nset. ;ecommene
va,#es are @Bu!licCie#er@ an
E6on/idential?7nd:Cie#erF.
) ->%oContacts)e$a#,t;o,es Parameter #se to eAne the e$a#,t ro,es .hen
giving permissions to a #ser to access an
aress "oo3. )e$a#,ts ro,es are ignore $or
p#",ic accesses. 9#st "e an array o$ one or
many o$ the $o,,o.ing strings:
T >"Dect+ie.er
T >"Dect@itor
T >"DectCreator
T >"Dect@raser
@1amp,e: SOGo6ontacts?e/aultoles =
3@O!Aect%ditor@4D
)e$a#,ts to no ro,e .hen #nset.
) ->%o-#per'sernames Parameter #se to set .hich #sernames re<#ire
aministrative privi,eges over a,, the #sers
ta",es. (or e1amp,e! this co#, "e #se to post
events in the #sers ca,enar .itho#t re<#iring
the #ser to conAg#re his/her 6C*s. In this case
yo# .i,, nee to speci$y those s#per#serLs
#sernames ,i3e this :
SOGoSuper8sernames = 3Gusername1H[<
Gusername2H< ...]4D
' ->%o*ang#age Parameter #se to set the e$a#,t ,ang#age #se
Chapter 7
in the Ce" inter$ace $or ->%o. Possi",e va,#es
are :
T 2raFi,ianPort#g#ese
T CFech
T )#tch
T @ng,ish
T (rench
T %erman
T :#ngarian
T Ita,ian
T ;#ssian
T -panish
T -.eish
T Ce,sh
) ->%o&oti$y>nPersona,9oiAcations Parameter #se to set .hether ->%o sens or
not emai, receipts .hen someone changes
his/her o.n ca,enar. Possi",e va,#es are :
)e$a#,ts to &> .hen #nset. 'ser can
over.rite this $rom the ca,enar properties
.ino..
) ->%o&oti$y>n@1terna,9oiAcations Parameter #se to set .hether ->%o sens or
not emai, receipts .hen a moiAcation is
"eing one to his/her o.n ca,enar "y
someone e,se. Possi",e va,#es are :
)e$a#,ts to &> .hen #nset. 'ser can
over.rite this $rom the ca,enar properties
.ino..
) ->%o*)6PContactIn$o6ttri"#te Parameter #se to speci$y an *)6P attri"#te
that sho#, "e isp,aye .hen a#to-
comp,eting #ser searches.
) ->%oiPhone(orce6,,)ay0ransparency Chen set to 9%S! this .i,, $orce a,,-ay events
sent over "y iPhone >- "ase evices to "e
transparent. 0his means that the a,,-ay events
.i,, not "e consiere #ring $ree"#sy
,oo3#ps. )e$a#,ts to 5O .hen #nset.
- ->%o@na",eP#",ic6ccess Parameter #se to a,,o. or not yo#r #sers to
share p#",ic,y (ie.! re<#iring not
a#thentication) their ca,enars an aress
"oo3s.
T K@- 5 to a,,o. them
T &> 5 to prevent them $rom oing so
Chapter 7
- ->%oPass.orChange@na",e Parameter #se to a,,o. or not #sers to change
their pass.ors $rom ->%o.
T K@- 5 to a,,o. them
T &> 5 to prevent them $rom oing so
(or this $eat#re to .or3 proper,y .hen
a#thenticating against 6) or -am"a4! the
*)6P connection must #se --*/0*-. -erver
sie restrictions can a,so ca#se the pass.or
change to $ai,! in .hich case ->%o .i,, on,y
,og a LConstraint violation !"x#$%L error. 0hese
restrictions inc,#e Pass.or too yo#ng!
comp,e1ity constraints not satisAe! #ser
cannot change pass.or! etc... 6,so note that
-am"a has a minim#m pass.or age o$ 1 ay
"y e$a#,t.
- ->%o-#pporte*ang#ages Parameter #se to conAg#re .hich ,ang#ages
are avai,a",e $rom ->%oLs Ce" inter$ace.
6vai,a",e ,ang#ages are speciAe as an array o$
string. 0he e$a#,t va,#e is :
3 @6;ech@< @Ielsh@< @%n)lish@<
@Spanish@< @Jrench@< @German@<
@Italian@< @$un)arian@< @?utch@<
@=ra;ilianBortu)uese@< @Bolish@<
@ussian@< 8*rainian@< @S#edish@ 4
) ->%o:ie-ystem@9ai, Parameter #se to contro, i$ ->%o sho#, hie
or not the system emai, aress
('I)(ie,&ame&SOGoMail'o(ain). 0his is
c#rrent,y ,imite to Ca,)6+ (calendar)user)
address)set).
) ->%o-earch9inim#mCor*ength Parameter #se to contro, the minim#m ,ength
to "e #se $or the search string (attenee
comp,etion! aress "oo3 search! etc.) prior
triggering the server-sie search operation.
)e$a#,ts to 2 .hen #nset 5 .hich means a
search operation .i,, "e triggere on the 4
r

type character.
- ->%o9a1im#m(ai,e*oginCo#nt Parameter #se to contro, the n#m"er o$ $ai,e
,ogin attempts re<#ire #ring
SOGoMaxi(u(*ailed+oginInterval secons or
more. I$ conitions are met! the acco#nt .i,,
"e ",oc3e $or SOGo*ailed+ogin,lockInterval
secons since the Arst $ai,e ,ogin attempt.
)e$a#,t va,#e is 0! or isa",e.
- ->%o9a1im#m(ai,e*oginInterva, &#m"er o$ secons! e$a#,ts to 10.
2008-2014 Inverse inc. ConAg#ration 1=
Chapter 7
- ->%o(ai,e*ogin2,oc3Interva, &#m"er o$ secons! e$a#,ts to 400 (or 7
min#tes). &ote that
SOGoCaceCleanupInterval m#st "e set to a
va,#e e<#a, or higher than
SOGo*ailed+ogin,lockInterval-
- ->%o9a1im#m9essage-#"missionCo#nt Parameter #se to contro, the n#m"er o$ emai,
messages a #ser can sen $rom ->%oLs
.e"mai, inter$ace! to
SOGoMaxi(u(.ecipientCount! in
SOGoMaxi(u(Su/(issionInterval secons or
more. I$ conitions are met or e1ceee! the
#ser .onLt "e a",e to sen mai,s $or
SOGoMessageSu/(ission,lockInterval
secons. )e$a#,t va,#e is 0! or isa",e.
- ->%o9a1im#m;ecipientCo#nt 9a1im#m n#m"er o$ recipients. )e$a#,t va,#e
is 0! or isa",e.
- ->%o9a1im#m-#"missionInterva, &#m"er o$ secons! e$a#,ts to 40.
- ->%o9essage-#"mission2,oc3Interva, &#m"er o$ secons! e$a#,t to 400 (or 7
min#tes). &ote that
SOGoCaceCleanupInterval m#st "e set to a
va,#e e<#a, or higher than
SOGo*ailed+ogin,lockInterval-
Authentication usin# -&A,
->%o can #se a *)6P server to a#thenticate #sers an! i$ esire! to provie g,o"a, aress
"oo3s. ->%o can a,so #se an -B* "ac3en $or this p#rpose (see the section Autentication
using S0+ ,ater in this oc#ment). Insert the $o,,o.ing te1t into yo#r conAg#ration A,e to
conAg#re an a#thentication an g,o"a, aress "oo3 #sing an *)6P irectory server :
SOGo8serSources = 3
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = uidD
8I?Jield5ame = uidD
I>7B$ostJield5ame = mail$ostD
!ase?5 = @ou=users<dc=acme<dc=com@D
!ind?5 = @uid=so)o<ou=users<dc=acme<dc=com@D
!indBass#ord = .#ertyD
can7uthenticate = 9%SD
display5ame = @Shared 7ddresses@D
hostname = @ldap"//127.0.0.1"01,@D
id = pu!licD
is7ddress=oo* = 9%SD
Chapter 7
L
4D
In o#r e1amp,e! .e #se a *)6P server r#nning on the same host .here ->%o is "eing insta,,e.
Ko# can a,so! #sing the A,ter attri"#te! restrict the res#,ts to match vario#s criteria. (or e1amp,e!
yo# co#, eAne! in yo#r .G58step?e/aults A,e! the $o,,o.ing A,ter to ret#rn on,y entries
"e,onging to the organiFation Inverse .ith a (ail aress an not inactive:
/ilter = @3o=MInverseM 75? mail=MNM 75? status GH MinactiveM4@D
-ince *)6P so#rces can serve as #ser repositories $or a#thentication as .e,, as aress "oo3s!
yo# can speci$y the $o,,o.ing $or each so#rce to ma3e them appear in the aress "oo3
mo#,e:
display5ame = @Ghuman identi/ication name o/ the address !oo*H@D
(or certain *)6P so#rces! ->%o a,so s#pports inirect "ins $or #ser a#thentication. :ere is an
e1amp,e :
SOGo8serSources = 3
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = cnD
8I?Jield5ame = s7>7ccount5ameD
!ase?5 = @cn=8sers<dc=acme<dc=com@D
!ind?5 = @cn=so)o<cn=8sers<dc=acme<dc=com@D
!indJields = 3s7>7ccount5ame4D
display5ame = @7ctive ?irectory@D
hostname = ldap"//10.0.0.1"01,D
id = directoryD
L
4D
In this e1amp,e! ->%o .i,, #se an inirect "in "y Arst etermining the #ser )&. 0hat va,#e is
$o#n "y oing a search on the Ae,s speciAe in !indJields. 9ost o$ the time! there .i,, "e
on,y one Ae, "#t it is possi",e to speci$y more in the $orm o$ an array ($or e1amp,e!
!indJields = 3s7>7ccount5ame< cn4 ). Chen #sing m#,tip,e Ae,s! on,y one o$ the Ae,s
nees to match the ,ogin name. In the a"ove e1amp,e! .hen a #ser ,ogs in! the ,ogin .i,, "e
chec3e against the s7>7ccount5ame entry in a,, the #ser cars! an once this car is $o#n!
the #ser )& o$ this car .i,, "e #se $or chec3ing the #serLs pass.or.
(ina,,y! ->%o s#pports *)6P-"ase gro#ps. %ro#ps m#st "e eAne ,i3e any other
a#thentication so#rces (ie.! can7uthenticate m#st "e set to 9%S an a gro#p m#st have a va,i
emai, aress). In orer $or ->%o to etermine i$ a speciAc *)6P entry is a gro#p! ->%o .i,,
,oo3 $or one o$ the $o,,o.ing o"DectC,ass attri"#tes :
2008-2014 Inverse inc. ConAg#ration 1?
Chapter 7
gro#p
gro#p>$&ames
gro#p>$'ni<#e&ames
posi1%ro#p
Ko# can set 6C*s "ase on gro#p mem"ership an invite a gro#p to a meeting (an the gro#p
.i,, "e ecompose to its ,ist o$ mem"ers #pon save "y ->%o). Ko# can a,so contro, the
visi"i,ity o$ the gro#p $rom the ,ist o$ share aress "oo3s or #ring mai, a#tocomp,etion "y
setting the is7ddress=oo* parameter to 9%S or 5O. 0he $o,,o.ing *)6P entry sho.s ho. a
typica, gro#p is eAne :
dn" cn=inverse<ou=)roups<dc=inverse<dc=ca
o!Aect6lass" )roupO/8ni.ue5ames
o!Aect6lass" top
o!Aect6lass" eOtensi!leO!Aect
uni.ue>em!er" uid=alice<ou=users<dc=inverse<dc=ca
uni.ue>em!er" uid=!ernard<ou=users<dc=inverse<dc=ca
uni.ue>em!er" uid=!o!<ou=users<dc=inverse<dc=ca
cn" inverse
structuralO!Aect6lass" )roupO/8ni.ue5ames
mail" inversePinverse.ca
0he corresponing ->%o'ser-o#rces entry to han,e gro#ps ,i3e this one .o#, "e :
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = cnD
8I?Jield5ame = cnD
!ase?5 = @ou=)roups<dc=inverse<dc=caFD
!ind?5 = @cn=so)o<ou=services<dc=inverse<dc=ca@D
!indBass#ord = ;otD
display5ame = EInverse GroupsFD
hostname = ldap"//127.0.0.1"01,D
id = inverse2)roupsD
L
0he $o,,o.ing ta",e escri"es the possi",e parameters re,ate to a *)6P so#rce :
) ->%o'ser-o#rces Parameter #se to set the *)6P an/or -B* so#rces #se
$or a#thentication an g,o"a, aress "oo3s. 9#,tip,e
so#rces can "e speciAe as an array o$ ictionaries. 6
ictionary that eAnes an *)6P so#rce can contain the
$o,,o.ing va,#es:
type the type o$ this #ser so#rce! set to ldap $or an *)6P
so#rce
i the ientiAcation name o$ the *)6P repository. 0his m#st
Chapter 7
"e #ni<#e 5 even .hen #sing m#,tip,e omains.
C&(ie,&ame the Ae, that ret#rns the comp,ete name
I)(ie,&ame the Ae, that starts a #ser )& i$ "in(ie,s is not #se.
0his Ae, m#st "e #ni<#e across the entire ->%o omain
'I)(ie,&ame the Ae, that ret#rns the ,ogin name o$ a #ser.
0he ret#rne va,#e must be unique across the whole
SOGo installation since it is #se to ienti$y the #ser in
the /older2in/o ata"ase ta",e.
9ai,(ie,&ames an array o$ Ae,s that ret#rns the #serLs emai, aresses
(e$a#,ts to mail .hen #nset)
-earch(ie,&ames an array o$ Ae,s to to match against the search string
.hen A,tering #sers (e$a#,ts to sn! display5ame! an
telephone5um!er .hen #nset)
I96P:ost(ie,&ame
(optiona,)
the Ae, that ret#rns either an ';I to the I96P server as
escri"e $or ->%oI96P-erver! or a simp,e server
hostname that .o#, "e #se as a rep,acement $or the
hostname part in the ';I provie "y the
->%oI96P-erver parameter
I96P*ogin(ie,&ame
(optiona,)
the Ae, that ret#rns the I96P ,ogin name $or the #ser
(e$a#,ts to the va,#e o$ 'I)(ie,&ame .hen #nset)
-ieve:ost(ie,&ame
(optiona,)
the Ae, that ret#rns either an ';I to the -I@+@ server as
escri"e $or ->%o-ieve-erver! or a simp,e server
hostname that .o#, "e #se as a rep,acement $or the
hostname part in the ';I provie "y the
->%o-ieve-erver parameter
"ase)& the "ase )& o$ yo#r #ser entries
Iin(ie,&ame (optiona,) i$ set! ->%o .i,, try to etermine i$ the va,#e o$ the Ae,
correspons to either Ggro#pH! G,ocationH or GthingH. I$
thatLs the case! ->%o .i,, consier the ret#rne entry to
"e a reso#rce.
(or *)6P-"ase so#rces! ->%o can a,so a#tomatica,,y
etermine i$ itLs a reso#rce i$ the entry has the
calendarresource o"DectC,ass set.
9#,tip,e2oo3ings(ie,&ame
(optiona,)
0he va,#e o$ this attri"#te is the ma1im#m n#m"er o$
conc#rrent events to .hich a reso#rce can "e part o$ at
any point in time.
I$ this is set to 0! or i$ the attri"#te is missing! it means no
,imit.
A,ter (optiona,) 0he A,ter to #se $or *)6P <#eries! it sho#, "e eAne as
an @>B#a,iAer. 0he $o,,o.ing operators are s#pporte:
GH ine1uality operator
= e1uality operator
9#,tip,e <#a,iAers can "e Doine "y #sing >; an 6&)!
Chapter 7
they can a,so "e gro#pe together "y #sing parenthesis.
6ttri"#te va,#es sho#, "e <#ote to avoi #ne1pecte
"ehavio#r.
(or e1amp,e:
/ilter = E3o!Aect6lass=Mmail8serM O
o!Aect6lass=MmailGroupM4 75?
accountStatus=MactiveM 75? uid GH MaliceMFD
scope (optiona,) either 26-@! >&@ or -'2
"in)& the )& o$ the ,ogin name to #se $or "ining to yo#r
server
"inPass.or its pass.or
"in6sC#rrent'ser i$ set to K@-! ->%o .i,, a,.ays 3eep "ining to the *)6P
server #sing the )& o$ the c#rrent,y a#thenticate #ser. I$
"in(ie,s is set! "in)& an "inPass.or .i,, sti,, "e
re<#ire to An the proper )& o$ the #ser.
"in(ie,s (optiona,) an array o$ Ae,s to #se .hen oing inirect "ins
hostname a space-e,imite ,ist o$ *)6P ';*s or *)6P hostnames.
*)6P ';*s are speciAe in ;(C 4718 an have the
$o,,o.ing genera, $ormat:
scheme"//host"port/?5Qattri!utesQscopeQ
/ilterQeOtensions
&ote that ->%o oesnLt c#rrent,y s#pport ?5!
attri!utes! scope an /ilter in s#ch ';*s. 'sing
them may have #neAne sie e$$ects.
';*s e1amp,es:
ldap"//127.0.0.1"001, ldaps"//127.0.0.1
ldap"//127.0.0.1/QQQQRStart:&S
port(eprecate) port n#m"er o$ the *)6P server.
6 non-e$a#,t port sho#, "e part o$ the ,ap ';* in the
hostname parameter.
encryption (eprecate) either --* or -06;00*-
--* sho#, "e speciAe as L,aps://L in the *)6P ';*.
-06;00*- sho#, "e speciAe as a *)6P @1tension in
the *)6P ';* (e1: ldap"//127.0.0.1/QQQQR
Start:&S)
#serPass.or6,gorithm 0he a,gorithm #se $or pass.or encryption .hen
changing pass.ors .itho#t Pass.or Po,icies ena",e.
Possi",e va,#es are: none! p,ain! crypt! m7! m7-crypt!
sm7! cram-m7 an sha! sha278! sha712 an
its ssha (e.g. ssha or ssha278) variants (p,#s setting o$ the
encoing .ith N."84N or N.he1N).
(or a more etai,e escription see
http://.i3i.ovecot.org/6#thentication/Pass.or-chemes.
&ote that cram-m7 is not act#a,,y #sing cram-m7 (#e
to the ,ac3 o$ cha,,enge-response mechanism)! its
Chapter 7
D#st saving the intermeiate 9)7 conte1t as )ovecot
stores in its ata"ase.
can6#thenticate I$ set to K@-! this *)6P so#rce is #se $or a#thentication
pass.orPo,icy I$ set to K@-! ->%o .i,, #se the e1tene *)6P Pass.or
Po,icies attri"#tes. I$ yo# *)6P server oes not s#pport
those an yo# activate this $eat#re! every *)6P re<#ests
.i,, $ai,.
is6ress2oo3 i$ set to K@-! this *)6P so#rce is #se as a share aress
"oo3 (.ith rea-on,y access). &ote that i$ set to &>!
a#tocomp,etion .i,, not .or3 $or entries in this so#rce
an th#s! $ree"#sy ,oo3#ps.
isp,ay&ame (optiona,) i$ set as an aress "oo3! the h#man ientiAcation name
o$ the *)6P repository
9o#,esConstraints (optiona,) ,imits the access o$ any mo#,e thro#gh a constraint
"ase on an *)6P attri"#te/ m#st "e a ictionary .ith
3eys >ail! an/or 6alendar! $or e1amp,e:
>odules6onstraints = K
6alendar = K
ou = employeesD
LD
LD
mapping 6 ictionary that maps contact attri"#tes #se "y ->%o
to the *)6P attri"#tes #se "y the schema o$ the *)6P
so#rce. @ach entry m#st have an attri"#te name as 3ey
an an array o$ strings as va,#e. 0his ena",es act#a, Ae,s
to "e mappe one a$ter another .hen $etching contact
in$ormations.
-ee the *)6P 6ttri"#te 9apping section "e,o. $or an
e1amp,e an a ,ist o$ s#pporte attri"#tes.
o"DectC,asses .hen the GmoiAersH ,ist (see "e,o.) is set! or .hen
#sing *)6P-"ase #ser aress"oo3s (see Ga">'H
"e,,o.)! this ,ist o$ o"Dect c,asses .i,, "e app,ie to ne.
recors as they are create
moiAers a ,ist (array) o$ #sernames that are a#thoriFe to per$orm
moiAcations to the aress "oo3 eAne "y this *)6P
so#rce
a">' this Ae, ena",es *)6P-"ase #ser aress"oo3s "y
speci$ying the va,#e o$ the aress "oo3 container
"eneath each #ser entry! $or e1amp,e:
ou=address!oo*s<uid=username<dc=domain
0he $o,,o.ing parameters can "e eAne a,ong the other 3eys o$ each entry o$ the
->%o'ser-o#rces! "#t can a,so eAne at the omain an/or system ,eve,s :
Chapter 7
) ->%o*)6PContactIn$o6ttri"#te Parameter #se to speci$y an attri"#te that
sho#, appear in a#tocomp,etion o$ the .e"
inter$ace.
) ->%o*)6PB#ery*imit Parameter #se to ,imit the n#m"er o$ ret#rne
res#,ts $rom the *)6P server .henever ->%o
per$orms a *)6P <#ery ($or e1amp,e! #ring
aresses comp,etion in a share aress "oo3).
) ->%o*)6PB#ery0imeo#t Parameter to eAne the timeo#t o$ *)6P
<#eries. 0he act#a, time ,imit $or operations is
a,so "o#ne "y the ma1im#m time that the
server is conAg#re to a,,o..
)e$a#,ts to 0 (#n,imite).
-&A, Attributes Inde.in#
0o ens#re proper per$ormance o$ the ->%o app,ication! the $o,,o.ing *)6P attri"#tes m#st "e
$#,,y ine1e :
given&ame
cn
mai,
sn
P,ease re$er to the oc#mentation o$ the so$t.are yo# #se in orer to ine1 those attri"#tes.
-&A, Attributes Mappin#
-ome *)6P attri"#tes are mappe to contacts attri"#tes in the ->%o 'I. 0he ta",e "e,o. ,ist
most o$ them. It is possi",e to overrie these "y #sing the (apping conAg#ration parameter.
(or e1amp,e! i$ the *)6P schema #ses the fax attri"#te to store the $a1 n#m"er! one co#, map
it to the facsi(ileteleponenu(/er attri"#te ,i3e this:
mappin) = K
/acsimiletelephonenum!er = 3@/aO@< @/acsimiletelephonenum!er@4D
LD
Chapter 7
&ame
(irst given&ame
*ast sn
)isp,ay&ame isp,ay&ame or cn or given&ame U sn
&ic3name moFi,,anic3name
Internet
@mai, mai,
-econary emai, moFi,,aseconemai,
-creen&ame nsaimi
Phones
Cor3 te,ephone&#m"er
:ome homephone
9o"i,e mo"i,e
(a1 $acsimi,ete,ephonen#m"er
Pager pager
:ome
6ress moFi,,ahomestreet U moFi,,ahomestreet2
City moFi,,ahome,oca,ityname
-tate/Province moFi,,ahomestate
Sip/Posta, Coe moFi,,ahomeposta,coe
Co#ntry moFi,,ahomeco#ntryname
Ce" page moFi,,ahome#r,
Cor3
0it,e tit,e
)epartment o#
>rganiFation o
6ress street U moFi,,a.or3street2
City ,
-tate/Province st
Sip/Posta, coe posta,Coe
Co#ntry c
Ce" page moFi,,a.or3#r,
>ther
2irthay "irthyear-"irthmonth-"irthay
&ote escription
Chapter 7
Authenticatin# usin# C.A.S.
->%o native,y s#pports C.6.-. a#thentication. (or activating C.6.-. a#thentication yo# nee
Arst to ma3e s#re that the SOGo7uthentication:ype setting is set to GcasH an that the
SOGo67SService8& setting is conAg#re appropriate,y.
0he tric3y part sho.s #p .hen #sing ->%o as a $ronten inter$ace to an I96P server as this
imposes constraints neee "y the C.6.-. protoco, to ens#re sec#re comm#nication "et.een
the i$$erent services. (ai,ing to ta3e those preca#tions .i,, prevent #sers $rom accessing their
mai,s! .hi,e sti,, granting "asic a#thentication to ->%o itse,$.
0he Arst constraint is that the amount of workers that SOGo uses must be higher than 1 in
order to enable the C.A.S. service to per$orm some va,iation re<#ests #ring I96P
a#thentication. 6 sing,e .or3er a,one .o#, not! "y eAnition! "e a",e to respon to the C.6.-.
re<#ests .hi,e treating the #ser re<#est that re<#ire the triggering o$ those re<#ests. Ko# m#st
there$ore conAg#re the IOIor*ers6ount setting appropriate,y.
0he secon constraint is that the SOGo service must be accessible and accessed via https.
9oreover! the certiAcate #se "y the ->%o server has to "e recogniFe an tr#ste "y the
C.6.-. service. In the case o$ a certiAcate iss#e "y a thir-party a#thority! there sho#, "e
nothing to .orry a"o#t. In the case o$ a se,$-signe certiAcate! the certiAcate m#st "e registere
in the tr#ste 3eystore o$ the C.6.-. app,ication. 0he proce#re to achieve this can "e
s#mmariFe as importing the certiAcate in the proper G3eystoreH #sing the *eytool #ti,ity an
speci$ying the path $or that 3eystore to the 0omcat instance .hich provies the C.6.-. service.
0his is one "y t.ea3ing the AavaO.net.ssl.trustStore setting! either in the
cata,ina.properties A,e or in the comman-,ine parameters. >n e"ian! the ->%o certiAcate can
a,so "e ae to the tr#ststore as $o,,o.s:
openssl OS0, -in /etc/ssl/certs/so)o-cert.pem -out/orm ?% T
-out /tmp/so)o-cert.der
*eytool -import -*eystore /etc/ssl/certs/Aava/cacerts T
-/ile /tmp/so)o-cert.der -alias so)o-cert
U :he *eystore pass#ord is Mchan)eitM
U tomcat must !e restarted a/ter this operation
The certicate used b! the CAS server must also be trusted b! SOGo. In case o$ a se,$-signe
certiAcate! this means e1porting tomcatLs certiAcate #sing the *eytool #ti,ity! converting it to
P@9 $ormat an appening it to the ca-certiAcates.crt A,e. (0he name an ,ocation o$ that A,e
i$$ers "et.een istri"#tions). 2asica,,y:
Chapter 7
U eOport tomcatMs cert to openssl /ormat
*eytool -*eystore /etc/tomcat7/*eystore -eOportcert -alias tomcat V T
openssl OS0, -in/orm der Htomcat.pem
%nter *eystore pass#ord" tomcat
U add the pem to the trusted certs
cp tomcat.pem /etc/ssl/certs
cat tomcat.pem HH/etc/ssl/certs/ca-certi/icates
I$ any o$ those constraints is not satisAe! the .e"mai, inter$ace o$ ->%o .i,, isp,ay an empty
emai, acco#nt. 'n$ort#nate,y! ->%o has no possi"i,ity to etect .hich one is the ca#se o$ the
pro",em. 0he on,y inicators are ,og messages that at ,east pinpoint the symptoms:
2failure to o/tain a PGT fro( te C-A-S- service3
-#ch an error .i,, sho. #p #ring a#thentication o$ the #ser to ->%o. It happens .hen the
a#thentication service has accepte the #ser a#thentication tic3et "#t has not ret#rne a GPro1y
%ranting 0ic3etH.
2a CAS failure occurred during operation----3
0his error inicate that an attempt .as mae to retrieve an a#thentication tic3et $or a thir-party
service s#ch as I96P or sieve. 9ost o$ the time! this happens as a conse<#ence to the pro",em
escri"e a"ove. 0o tro#",eshoot these iss#es! one sho#, "e tai,ing cas.,og! pam ,ogs an sogo
,ogs.
C#rrent,y! ->%o .i,, as3 $or a C6- tic3et #sing the same C6- service name $or "oth I96P an
-ieve. "hen CASif!ing sieve# this means that the -s parameter of pam2cas should be the
same for both $%A& and Sieve! other.ise the C6- server .i,, comp,ain:
%O [or).Aasi).cas.6entral7uthenticationServiceImpl] - Service:ic*et [S:-
017+0-hoC1!rhh#>5/n=*S>C8#-ocas] #ith service [imap"//myimapserver does not
match supplied service [sieve"//mysieveserver"2000]
(ina,,y! .hen #sing imappro1y to spee #p the imap accesses! the ->%oI96PC6--ervice&ame
sho#, "e set to the act#a, imap service name e1pecte "y pamVcas! other.ise it .i,, $ai, to
a#thenticate incoming connection proper,y.
Authenticatin# usin# SAM-2
->%o native,y s#pports -69*2 a#thentication. P,ease re$er to the oc#mentation o$ yo#r
ientity provier an the -69*2 conAg#ration 3eys that are ,iste a"ove $or proper set#p. >nce
a ->%o instance is conAg#re proper,y! the metaata $or that instance can "e retrieve $rom
http"//GhostnameH/SOGo/saml2-metadata $or registration .ith the ientity provier.
Chapter 7
In orer to re,ay a#thentication in$ormation to yo#r I96P server an i$ yo# ma3e #se o$ the
Cr#e-69* -6-* p,#gin! yo# nee to ma3e s#re that G&%Imap46#th9echanismH is conAg#re
to #se the SAM+ mechanism. I$ yo# ma3e #se o$ the Cr#e-69* P69 p,#gin! this va,#e may "e
,e$t empty.
&atabase Con(#uration
->%o re<#ires a re,ationa, ata"ase system in orer to store appointments! tas3s an contacts
in$ormation. It a,so #ses the ata"ase system to store persona, pre$erences o$ ->%o #sers. In this
g#ie! .e ass#me yo# #se Postgre-B* so commans provie the create the ata"ase are
re,ate to this app,ication. :o.ever! other ata"ase servers are s#pporte! s#ch as 9y-B* an
>rac,e.
(irst! ma3e s#re that yo#r Postgre-B* server has 0CP/IP connections s#pport ena",e.
Create the ata"ase #ser an schema #sing the $o,,o.ing commans :
su W post)res
createuser --no-superuser --no-created! W-no-createrole T
W-encrypted --p#prompt so)o
3speci/y Eso)oF as pass#ord4
created! -O so)o so)o
Ko# sho#, then aD#st the access rights to the ata"ase. 0o o so! moi$y the conAg#ration A,e
/var/li!/p)s.l/data/p)2h!a.con/ in orer to a the $o,,o.ing ,ine at the very "eginning
o$ the A,e:
host so)o so)o 127.0.0.1/02 mdS
>nce ae! restart the Postgre-B* ata"ase service. 0hen! moi$y the ->%o conAg#ration A,e
(/etc/so)o/so)o.con/) to reMect yo#r ata"ase settings :
SOGoBro/ile8& =
@post)res.l"//so)o"so)oPlocalhost"S+02/so)o/so)o2user2pro/ile@D
O6SJolderIn/o8& =
@post)res.l"//so)o"so)oPlocalhost"S+02/so)o/so)o2/older2in/o@D
O6SSessionsJolder8& =
@post)res.l"//so)o"so)oPlocalhost"S+02/so)o/so)o2sessions2/older@D
0he $o,,o.ing ta",e escri"es the parameters that .ere set :
) ->%oProA,e';* Parameter #se to set the ata"ase ';* so that ->%o can
retrieve #ser proA,es.
(or 9y-B*! set the ata"ase ';* to something ,i3e :
mys.l"//so)o"so)oPlocalhost"000'/so)o/so)o2user2p
ro/ile
) >C-(o,erIn$o';* Parameter #se to set the ata"ase ';* so that ->%o can
Chapter 7
retrieve the ,ocation o$ #ser $o,ers (aress "oo3s an
ca,enars)
(or >rac,e! set the ata"ase ';* to something ,i3e :
oracle"//so)o"so)oPlocalhost"1S2'/so)o/so)o2/olde
r2in/o
) >C--essions(o,er';* Parameter #se to set the ata"ase ';* so that ->%o can
store an retrieve sec#re #ser sessions in$ormation. (or
Postgre-B*! the ata"ase ';* co#, "e set to something
,i3e :
post)res.l"//so)o"so)oPlocalhost"S+02/so)o/so)o2s
essions2/older
) >C-@9ai,6,arms(o,er';* Parameter #se to set the ata"ase ';* $or emai,-"ase
a,arms (that can "e set on events an tas3s). 0his parameter is
re,evant on,y i$ ->%o@na",e@9ai,6,arms is set to K@-. (or
Postgre-B*! the ata"ase ';* co#, "e set to something
,i3e :
post)res.l"//so)o"so)oPlocalhost"S+02/so)o/so)o2a
larms2/older
-ee the G@9ai, reminersH section in this oc#ment $or more
in$ormation.
I$ yo#Lre #sing 9y-B*! ma3e s#re in yo#r my.cn/ A,e yo# have :
[mys.ld]
...
character2set2server=ut/1
character2set2client=ut/1
[client]
de/ault-character-set=ut/1
[mys.l]
de/ault-character-set=ut/1
an .hen yo# create the ->%o ata"ase! yo# correct,y speci$y the charset :
create data!ase so)o 6$7S%:=M8:J1MD
Authentication usin# S/-
->%o can #se a -B*-"ase ata"ase server $or a#thentication. 0he conAg#ration is very simi,ar
to *)6P-"ase a#thentication.
0he $o,,o.ing ta",e escri"es a,, the possi",e parameters re,ate to a -B* so#rce :
Chapter 7
) ->%o'ser-o#rces Parameter #se to set the -B* an/or *)6P so#rces #se $or
a#thentication an g,o"a, aress "oo3s. 9#,tip,e so#rces can
"e speciAe as an array o$ ictionaries. 6 ictionary that
eAnes a -B* so#rce can contain the $o,,o.ing va,#es :
type the type o$ this #ser so#rce! set to s.l $or a -B* so#rce
i the ientiAcation name o$ the -B* repository. 0his m#st "e
#ni<#e 5 even .hen #sing m#,tip,e omains.
vie.';* ata"ase ';* o$ the vie. #se "y ->%o. 0he vie. e1pects
co,#mns to "e present. ;e<#ire co,#mns are :
T c2uid : .i,, "e #se $or a#thentication 5 itLs a #sername
or #sernameWomain.t,
T c2name : .i,, "e #se to #ni<#e,y ienti$y entries 5 .hich
can "e ientica, to cV#i
T c2pass#ord : pass.or o$ the #ser! p,ain te1t! crypt! m7
or sha encoe
T c2cn : the #serLs common name
T mail : the #serLs emai, aress
>ther co,#mns can e1ist an .i,, act#a,,y "e mappe
a#tomatica,,y i$ they have the same name as pop#,ar *)6P
attri"#tes (s#ch as )iven5ame! sn! department! title!
telephone5um!er! etc.)
#serPass.or6,gorithm 0he e$a#,t a,gorithm #se $or pass.or encryption .hen
changing pass.ors.
Possi",e va,#es are: none! p,ain! crypt! m7! m7-crypt!
sm7! cram-m7! ,ap-m7! an sha! sha278! sha712 an
its ssha (e.g. ssha or ssha278) variants. Pass.ors can have
the scheme prepene in the $orm
KschemeLencryptedBass.
I$ no scheme is given! #serPass.or6,gorithm is #se
instea. 0he schemes ,iste a"ove $o,,o. the a,gorithms
escri"e in
http://.i3i.ovecot.org/6#thentication/Pass.or-chemes.
&ote that cram-m7 is not act#a,,y #sing cram-m7 (#e to
the ,ac3 o$ cha,,enge-response mechanism)! its
D#st saving the intermeiate 9)7 conte1t as )ovecot stores
in its ata"ase.
prepenPass.or-cheme 0he e$a#,t "ehavio#r is to store ne.,y set pass.ors
.itho#t the scheme (e$a#,t: prependBass#ordScheme =
5O) .
0his can "e overrien "y setting prependBass#ordScheme
to 9%S an .i,, res#,t in pass.ors store as
KschemeLencryptedBass.
can6#thenticate i$ set to 9%S! this -B* so#rce is #se $or a#thentication
is6ress2oo3 i$ set to K@-! this -B* so#rce is #se as a share aress
"oo3 (.ith rea-on,y access). &ote that i$ set to &>!
a#tocomp,etion .i,, not .or3 $or entries in this so#rce an
th#s! $ree"#sy ,oo3#ps.
Chapter 7
a#thentication(i,ter
(optiona,)
a A,ter that ,imits .hich #sers can a#thenticate $rom this
so#rce
isp,ay&ame (optiona,) i$ set as an aress "oo3! the h#man ientiAcation name o$
the -B* repository
*ogin(ie,&ames (optiona,) an array o$ Ae,s that speciAes the co,#mn names that
contain va,i a#thentication #sernames (e$a#,ts to c2uid
.hen #nset)
9ai,(ie,&ames (optiona,) an array o$ Ae,s that speciAes the co,#mn names that ho,
aitiona, emai, aresses ("esie the mail co,#mn) $or
each #ser
I96P:ost(ie,&ame
(optiona,)
the Ae, that ret#rns the I96P hostname $or the #ser
I96P*ogin(ie,&ame
(optiona,)
the Ae, that ret#rns the I96P ,ogin name $or the #ser
(e$a#,ts to c2uid .hen #nset)
-ieve:ost(ie,&ame
(optiona,)
the Ae, that ret#rns the -ieve hostname $or the #ser
Iin(ie,&ame (optiona,) i$ set! ->%o .i,, try to etermine i$ the va,#e o$ the Ae,
correspons to either Ggro#pH! G,ocationH or GthingH. I$
thatLs the case! ->%o .i,, consier the ret#rne entry to "e
a reso#rce.
9#,tip,e2oo3ings(ie,&am
e (optiona,)
0he va,#e o$ this Ae, is the ma1im#m n#m"er o$
conc#rrent events to .hich a reso#rce can "e part o$ at any
point in time.
I$ this is set to 0! or i$ the attri"#te is missing! it means no
,imit.
)omain(ie,&ame
(optiona,)
I$ set! ->%o .i,, #se the va,#e o$ that Ae, as the omain
associate to the #ser. -ee the G9#,ti-omains
ConAg#ration3 section in this oc#ment $or more
in$ormation.
:ere is an e1amp,e o$ an -B*-"ase a#thentication an aress "oo3 so#rce:
SOGo8serSources =
3
K
type = s.lD
id = directoryD
vie#8& = @post)res.l"//so)o"so)oP127.0.0.1"S+02/so)o/so)o2vie#@D
userBass#ord7l)orithm = mdSD
L
4D
Certain ata"ase co,#mns m#st "e present in the vie./ta",e! s#ch as :
Chapter 7
c2uid - .i,, "e #se $or a#thentication 5 itLs the #sername or #sernameWomain.t,)
c2name - .hich can "e ientica, to cV#i 5 .i,, "e #se to #ni<#e,y ienti$y entries
c2pass#ord 5 pass.or o$ the #ser! p,ain-te1t! m7 or sha encoe $or no.
c2cn - the #serLs common name 5 s#ch as GXohn )oeH
mail 5 the #serLs mai, aress
&ote that gro#ps are c#rrent,y not s#pporte $or -B*-"ase a#thentication so#rces.
SM0, Server Con(#uration
->%o ma3es #se o$ a -90P server to sen emai,s $rom the Ce" inter$ace! i9IP/i0IP messages
an vario#s notiAcations.
0he $o,,o.ing ta",e escri"es the re,ate parameters.
) ->%o9ai,ing9echanism Parameter #se to set ho. ->%o sens mai,
messages. Possi",e va,#es are :
X sendmail 5 to #se the senmai, "inary
X smtp 5 to #se the -90P protoco,
) ->%o-90P-erver 0he )&- name or IP aress o$ the -90P server #se
.hen SOGo>ailin)>echanism is set to smtp.
) ->%o-90P6#thentication0ype 6ctivate -90P a#thentication an speciAes .hich
type is in #se. C#rrent! on,y GP*6I&H is s#pporte
an other va,#es .i,, "e ignore.
- C>-en9ai, 0he path o$ the senmai, "inary.
)e$a#,ts to /usr/li!/sendmail.
) ->%o(orce@1terna,*oginCith@mai, Parameter #se to speci$y i$! .hen ,ogging in to the
-90P server! the primary emai, aress o$ the #ser
.i,, "e #se instea o$ the #sername. Possi",e va,#es
are :
T K@-
T &>
IMA, Server Con(#uration
->%o re<#ires an I96P server in orer to ,et #sers cons#,t their emai, messages! manage their
$o,ers an more.
0he $o,,o.ing ta",e escri"es the re,ate parameters.
' ->%o)ra$ts(o,er&ame Parameter #se to set the I96P $o,er name #se
Chapter 7
to store ra$ts messages.
)e$a#,ts to G)ra$tsH .hen #nset.
'se a G/H as a hierarchy separator i$ re$erring to
an I96P s#"$o,er.
(or e1amp,e : I5=OY/?ra/ts
' ->%o-ent(o,er&ame Parameter #se to set the I96P $o,er name #se
to store sent messages. )e$a#,ts to G-entH .hen
#nset.
an I96P s#"$o,er.
(or e1amp,e : I5=OY/Sent
' ->%o0rash(o,er&ame Parameter #se to set the I96P $o,er name #se
to store e,ete messages. )e$a#,ts to G0rashH
.hen #nset.
an I96P s#"$o,er.
(or e1amp,e : I5=OY/:rash
) ->%oI96PC6--ervice&ame Parameter #se to set the C6- service name (';*)
o$ the imap service. 0his is #se$#, i$ ->%o is
connecting to the I96P service thro#gh a pro1y.
Chen #sing pam2cas! this parameter sho#, "e
set to the same va,#e as the -s arg#ment o$ the
imap pam service.
) ->%oI96P-erver Parameter #se to set the )&- name or IP aress
o$ the I96P server #se "y ->%o. Ko# can a,so
#se --* or 0*- "y proviing a va,#e #sing an ';*!
s#ch as :
T imaps"//localhost",,0
T imaps"//localhost"1+0/Qtls=9%S
) ->%o-ieve-erver Parameter #se to set the )&- name or IP aress
o$ the -ieve (managesieve) server #se "y ->%o.
Ko# m#st #se an ';* s#ch as:
T sieve"//localhost
T sieve"//localhost"2000
T sieve"//localhost"2000/Qtls=9%S
&ote that 0*- is s#pporte "#t --* is not.
' ->%o9ai,-ho.-#"scri"e(o,ers>n,y Parameter #se to speci$y i$ the Ce" inter$ace
sho#, on,y sho. s#"scri"e I96P $o,ers.
T K@-
T &>
) ->%oI96P6c,-ty,e Parameter #se to speci$y .hich ;(C the I96P
server imp,ements .ith respect to 6C*s. Possi",e
va,#es are :
T r/c201'
T r/c+01+
Chapter 7
)e$a#,ts to r/c+01+ .hen #nset.
) ->%oI96P6c,Con$orms0oI96P@1t Parameter #se to speci$y i$ the I96P server
imp,ements the Internet 9essage 6ccess Protoco,
@1tension. Possi",e va,#es are :
T K@-
T &>
) ->%o(orce@1terna,*oginCith@mai, Parameter #se to speci$y i$! .hen ,ogging in to
the I96P server! the primary emai, aress o$ the
#ser .i,, "e #se instea o$ the #sername.
T K@-
T &>
) ->%o9ai,-poo,Path Parameter #se to set the path .here temporary
emai, ra$ts are .ritten. I$ yo# change this va,#e!
yo# m#st a,so moi$y the ai,y cronDo" so)o-
tmp#atch.
)e$a#,ts to /var/spool/so)o.
- &%Imap4Connection-tring-eparator Parameter #se to set the I96P mai,"o1 separator.
-etting this .i,, a,so have an impact on the
mai,"o1 separator #se "y -ieve A,ters. 0he e$a#,t
separator is G/H.
- &%Imap46#th9echanism 0rigger the #se o$ the I96P G6'0:@&0IC60@H
comman .ith the speciAe -6-* mechanism.
P,ease note that $eat#re might "e ,imite at this
time.
) &%Imap4Connection%ro#pPreA1 PreA1 to prepen to names in I96P 6C*
transactions! to inicate the name is a gro#p name
not a #ser name. ;(C4414 gives e1amp,es .here
gro#p names are preA1e .ith LYL. )ovecot! $or
one! $o,,o.s this scheme! an .i,,! $or e1amp,e!
app,y permissions $or LYaminsL to a,, #sers in
gro#p LaminsL in the a"sence o$ speciAc
permissions $or the inivi#a, #ser. 0he e$a#,t
preA1 is LYL.
1eb Inter%ace Con(#uration
0he $o,,o.ing aitiona, parameters on,y a$$ect the Ce" inter$ace "ehavio#r o$ ->%o.
Chapter 7
- ->%oPage0it,e Parameter #se to eAne the Ce" page tit,e.
)e$a#,ts to SOGo .hen #nset.
Chapter 7
' ->%o*ogin9o#,e Parameter #se to speci$y .hich mo#,e to
sho. a$ter ,ogin. Possi",e va,#es are :
T 6alendar
T >ail
T 6ontacts
)e$a#,ts to 6alendar .hen #nset.
- ->%o(avicon;e,ative';* Parameter #se to speci$y the re,ative ';* o$
the site $avion.
Chen #nset! e$a#,ts to the A,e so)o.ico
#ner the e$a#,t .e" reso#rces irectory.
- ->%oSipPath Parameter #se to speci$y the path o$ the Fip
"inary #se to archive messages. )e$a#,ts to
/usr/!in/;ip #hen #nset.
) ->%o-o$tB#ota;atio Parameter #se to change the <#ota ret#rne
"y the I96P server "y m#,tip,ying it "y the
speciAe ratio. 6cts as a so$t <#ota. @1amp,e:
0.1
' ->%o9ai,'se>#t,oo3-ty,e;ep,ies
(not c#rrent,y eita",e in Ce" inter$ace)
Parameter #se to set i$ emai, rep,ies sho#,
#se >#t,oo3Ls sty,e. )e$a#,ts to &> .hen
#nset.
' ->%o9ai,*ist+ie.Co,#mns>rer
(not c#rrent,y eita",e in Ce" inter$ace)
Parameter #se to speci$y the e$a#,t orer o$
the co,#mns $rom the ->%o .e"mai, inter$ace.
0he parameter is an array! $or e1amp,e :
-OGo>ail&istCie#6olumnsOrder =
3Jla))ed< 7ttachment< Briority< Jrom<
Su!Aect< 8nread< ?ate< Si;e4D
) ->%o+acation@na",e Parameter #se to activate the eition $rom the
pre$erences .ino. o$ a vacation message.
;e<#ires -ieve script s#pport on the I96P host.
)e$a#,ts to &> .hen #nset.
Chen ena",ing this parameter! one m#st a,so
ena",e the associate cronDo" in
/etc/cron./sogo in orer to activate a#tomatic
vacation message e1piration.
-ee the GCron4o/ E +acation messages
e1pirationH section "e,o. $or etai,s.
) ->%o(or.ar@na",e Parameter #se to activate the eition $rom the
pre$erences .ino. o$ a $or.aring emai,
aress. ;e<#ires -ieve script s#pport on the
I96P host.
) ->%o-ieve-cripts@na",e Parameter #se to activate the eition $rom the
pre$erences .ino.s o$ server-sie mai, A,ters.
;e<#ires -ieve script s#pport on the I96P host.
Chapter 7
) ->%o9ai,Po,,ingInterva,s Parameter #se to eAne the mai, po,,ing
interva,s (in min#tes) avai,a",e to the #ser. 0he
parameter is an array that can contain the
$o,,o.ing n#m"ers:
T 1
T 2
T S
T 10
T 20
T 00
T '0
)e$a#,ts to the ,ist a"ove .hen #nset.
' ->%o9ai,9essageChec3 Parameter #se to eAne the mai, po,,ing
interva, at .hich the I96P server is <#erie $or
ne. messages. Possi",e va,#es are :
T manually
T every2minute
T every222minutes
T every2S2minutes
T every2102minutes
T every2202minutes
T every2002minutes
T once2per2hour
)e$a#,ts to manually .hen #nset.
) ->%o9ai,6#1i,iary'ser6cco#nts@na",e Parameter #se to activate the a#1i,iary I96P
acco#nts in ->%o. Chen set to K@-! #sers can
a other I96P acco#nts that .i,, "e visi",e
$rom the ->%o Ce"mai, inter$ace.
' ->%o)e$a#,tCa,enar Parameter #se to speci$y .hich ca,enar is
#se .hen creating an event or a tas3. Possi",e
va,#es are :
T selected
T personal
T /irst
)e$a#,ts to selected .hen #nset.
' ->%o)ay-tart0ime 0he ho#r at .hich the ay starts (0 thro#gh 12).
' ->%o)ay@n0ime 0he ho#r at .hich the ay ens (12 thro#gh
24).
' ->%o(irst)ay>$Cee3 0he ay at .hich the .ee3 starts in the .ee3
an month vie.s (0 thro#gh 8). 0 inicates
-#nay.
' ->%o(irstCee3>$Kear Parameter #se to eAne ho. is ientiAe the
Arst .ee3 o$ the year. Possi",e va,#es are :
Chapter 7
T Zanuary1
T Jirst+?ayIee*
T JirstJullIee*
)e$a#,ts to Zanuary1 .hen #nset.
' ->%o0ime(ormat 0he $ormat #se to isp,ay time in the time,ine
o$ the ay an .ee3 vie.s. P,ease re$er to the
oc#mentation $or the date comman or the
strfti(e C $#nction $or the ,ist o$ avai,a",e
$ormat se<#ence.
)e$a#,ts to [$"[>.
' ->%oCa,enarCategories Parameter #se to eAne the categories that can
"e associate to events. 0his parameter is an
array o$ ar"itrary strings.
)e$a#,ts to a ,ist that epens on the ,ang#age.
' ->%oCa,enar)e$a#,tCategoryCo,or Parameter #se to eAne the e$a#,t co,o#r o$
categories.
)e$a#,ts to UJ0J0J0 .hen #nset.
' ->%oCa,enar@vents)e$a#,tC,assiAcation Parameter #se to eAne the e$a#,t
c,assiAcation $or ne. events. Possi",e va,#es
are :
T B8=&I6
T 6O5JI?%5:I7&
T BIC7:%
)e$a#,ts to B8=&I6 .hen #nset.
' ->%oCa,enar0as3s)e$a#,tC,assiAcation Parameter #se to eAne the e$a#,t
c,assiAcation $or ne. tas3s. Possi",e va,#es
are :
T B8=&I6
T 6O5JI?%5:I7&
T BIC7:%
)e$a#,ts to B8=&I6 .hen #nset.
' ->%oCa,enar)e$a#,t;eminer Parameter #se to eAne a e$a#,t reminer
$or ne. events. Possi",e va,#es are :
T -B:S>
T -B:10>
T -B:1S>
T -B:00>
T -P0479
T -B:1$
T -B:2$
T -B:S$
T -B:1S$
T -B1?
T -B2?
T -B1I
) ->%o(ree2#sy)e$a#,tInterva, 0he n#m"er o$ ays to inc,#e in the $ree "#sy
in$ormation. 0he parameter is an array o$ t.o
Chapter 7
n#m"ers! the Arst "eing the n#m"er o$ ays
prior to the c#rrent ay an the secon "eing
the n#m"er o$ ays $o,,o.ing the c#rrent ay.
)e$a#,ts to 37< 74 .hen #nset.
' ->%o2#sy>$$:o#rs Parameter #se to speci$y i$ o$$-ho#rs sho#, "e
a#tomatica,,y ae to the $ree-"#sy
in$ormation. >$$ ho#rs inc,#e .ee3ens an
perios covere "et.een SOGo?ay%nd:ime
an SOGo?ayStart:ime.
' ->%o9ai,9essage(or.aring 0he metho the message is to "e $or.are.
T inline
T attached
)e$a#,ts to inline .hen #nset.
' ->%o9ai,C#stom(#,,&ame 0he string to #se as $#,, name .hen composing
an emai,! i$ SOGo>ail6ustomJrom%na!led is
set in the #serLs omain e$a#,ts. Chen #nset!
the $#,, name speciAe in the #ser so#rces $or
the #ser is #se instea.
' ->%o9ai,C#stom@mai, 0he string to #se as emai, aress .hen
composing an emai,! i$
SOGo>ail6ustomJrom%na!led is set in the
#serLs omain e$a#,ts. Chen #nset! the emai,
speciAe in the #ser so#rces $or the #ser is #se
instea.
' ->%o9ai,;ep,yP,acement 0he rep,y p,acement .ith respect to the <#ote
message. Possi",e va,#es are :
T a!ove
T !elo#
)e$a#,ts to !elo#.
' ->%o9ai,;ep,y0o 0he emai, aress to #se in the Grep,y-toH
heaer Ae, .hen the #ser sens a message.
Ignore .hen empty.
' ->%o9ai,-ignat#reP,acement 0he p,acement o$ the signat#re .ith respect to
the <#ote message. Possi",e va,#es are :
T a!ove
T !elo#
)e$a#,ts to !elo#.
' ->%o9ai,Compose9essage0ype 0he message composition $ormat. Possi",e
va,#es are :
T teOt
T html
)e$a#,ts to teOt.
- ->%o@na",e@9ai,6,arms Parameter #se to ena",e emai,-"ase a,arms
on events an tas3s.
Chapter 7
(or this $eat#re to .or3 correct,y! one m#st a,so
set the >C-@9ai,6,arms(o,er';* parameter
an ena",e the associate cron4o/.
-ee the GCron4o/ E @9ai, reminersH section
$rom this oc#ment $or more in$ormation.
' ->%oContactsCategories Parameter #se to eAne the categories that can
"e associate to contacts. 0his parameter is an
array o$ ar"itrary strings.
)e$a#,ts to a ,ist that epens on the ,ang#age.
) ->%o'I6itiona,X-(i,es Parameter #se to eAne a ,ist o$ aitiona,
Xava-cript A,es ,oae "y ->%o $or a,,
isp,aye .e" pages. 0his parameter is an array
o$ strings corresponing o$ paths to the
ar"itrary Xava-cript A,es. 0he paths are re,ative
to the Ie!Serveresources irectory! .hich
is #s#a,,y $o#n #ner
/usr/li!/G58step/SOGo/.
) ->%o9ai,C#stom(rom@na",e Parameter #se to a,,o. or not #sers to speci$y
c#stom G(romH aresses $rom ->%oLs
pre$erences pane,.
) ->%o'I16itiona,Pre$erences Parameter #se to ena",e an e1tra pre$erences
ta" #sing the content o$ the temp,ate name
8IO7dditionalBre/erences.#oO. 0his
temp,ate sho#, "e p#t #ner
Zso)o/G58step/&i!rary/SOGo/:emplates/
Bre/erences8I/.
Chapter 7
S"Go Con(#uration Summary
0he comp,ete ->%o conAg#ration A,e /etc/so)o/so)o.con/ sho#, ,oo3 ,i3e this :
K
SOGoBro/ile8& =
O6SJolderIn/o8& =
SOGo7ppointmentSend%>ail5oti/ications = 9%SD
SOGo6alendar?e/aultoles = 3
Bu!licCie#er<
6on/idential?7nd:Cie#er
4D
SOGo&an)ua)e = %n)lishD
SOGo>ail?omain = acme.comD
SOGo?ra/tsJolder5ame = ?ra/tsD
SOGoI>7BServer = localhostD
SOGo8serSources = 3
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = uidD
8I?Jield5ame = uidD
hostname = localhostD
id = pu!licD
port = 01,D
L
4D
SOGo>ailin)>echanism = smtpD
SOGoS>:BServer = 127.0.0.1D
SOGoSentJolder5ame = SentD
SOGo:ime\one = 7merica/>ontrealD
SOGo:rashJolder5ame = :rashD
L
Chapter 7
Multi2domains Con(#uration
I$ yo# .ant yo#r insta,,ation to iso,ate t.o gro#ps o$ #sers! yo# m#st eAne a istinct
a#thentication so#rce $or each do(ain. (o,,o.ing is the same conAg#ration that no. inc,#es
t.o omains (acme.com an coyote.com) :
K
SOGoBro/ile8& =
O6SJolderIn/o8& =
SOGo7ppointmentSend%>ail5oti/ications = 9%SD
SOGo6alendar?e/aultoles = 3
Bu!licCie#er<
6on/idential?7nd:Cie#er
4D
SOGo&an)ua)e = %n)lishD
SOGo>ailin)>echanism = smtpD
SOGoS>:BServer = 127.0.0.1D
SOGoSentJolder5ame = SentD
SOGo:ime\one = 7merica/>ontrealD
SOGo:rashJolder5ame = :rashD
SOGoI>7BServer = localhostD
domains = K
acme = K
SOGo>ail?omain = acme.comD
SOGo?ra/tsJolder5ame = ?ra/tsD
SOGo8serSources = 3
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = uidD
8I?Jield5ame = uidD
id = pu!lic2acmeD
port = 01,D
L
4D
LD
coyote = K
SOGo>ail?omain = coyote.comD
Chapter 7
SOGoI>7BServer = imap.coyote.comD
SOGo8serSources = 3
K
type = ldapD
65Jield5ame = cnD
I?Jield5ame = uidD
8I?Jield5ame = uidD
!ase?5 = @ou=users<dc=coyote<dc=com@D
!ind?5 = @uid=so)o<ou=users<dc=coyote<dc=com@D
id = pu!lic2coyoteD
port = 01,D
L
4D
LD
LD
L
0he $o,,o.ing aitiona, parameters on,y a$$ect ->%o .hen #sing m#,tip,e omains.
- ->%o@na",e)omain2ase'I) Parameter #se to activate #ser ientiAcation "y
omain. 'sers .i,, "e a",e (.itho#t "eing
re<#ire) to ,ogin #sing the $orm
usernamePdomain! meaning that va,#es o$
8I?Jield5ame no ,onger have to "e #ni<#e
among a,, omains "#t on,y .ithin the same
omain. Interna,,y! #sers .i,, a,.ays "e ientiAe
"y the concatenation o$ their #sername an
omain. Conse<#ent,y! activating this parameter
on an e1isting system imp,ies that #ser ientiAers
.i,, change an their previo#s ca,enars an
aress "oo3s .i,, no ,onger "e accessi",e #n,ess
a conversion is per$orme.
- ->%o*ogin)omains Parameter #se to eAne .hich omains sho#,
"e se,ecta",e $rom the ,ogin page. 0his parameter
is an array o$ 3eys $rom the domains ictionary.
)e$a#,ts to an empty array! .hich means that no
omains appear on the ,ogin page. I$ yo# pre$er
having the omain names ,iste! D#st #se these as
3eys $or the the domains ictionary.
- ->%o)omains+isi"i,ity Parameter #se to set omains visi",e among
themse,ves. 0his parameter is an array o$ arrays.
@1amp,e: SOGo?omainsCisi!ility = 33acme<
coyote44D
Chapter 7
)e$a#,ts to an empty array! .hich means omains
are iso,ate $rom each other.
Apache Con(#uration
0he ->%o conAg#ration $or 6pache is ,ocate in /etc/httpd/con/.d/SOGo.con/.
'pon ->%o insta,,ation! a e$a#,t conAg#ration A,e is create .hich is s#ita",e $or most
conAg#rations.
Ko# m#st a,so conAg#re the $o,,o.ing parameters in the ->%o conAg#ration A,e $or 6pache in
orer to have a .or3ing insta,,ation :
e.uest$eader set @O-#e!o!Aects-server-port@ @10@
e.uest$eader set @O-#e!o!Aects-server-name@ @yourhostname@
e.uest$eader set @O-#e!o!Aects-server-url@ @http"//yourhostname@
Ko# may consier ena",ing --* on top o$ this c#rrent insta,,ation to sec#re access to yo#r ->%o
insta,,ation.
-ee http://http.apache.org/ocs/2.2/ss,/ $or etai,s.
Ko# might a,so have to aD#st the conAg#ration i$ yo# have -@*in#1 ena",e.
0he e$a#,t conAg#ration .i,, #se mod2proOy an mod2headers to re,ay re<#ests to the so)od
parent process. 0his is s#ita",e $or sma,, to mei#m ep,oyments.
Startin# Services
>nce ->%o i$ $#,,y insta,,e an conAg#re! start the services #sing the $o,,o.ing comman :
service so)od start
Ko# may veri$y #sing the chkconfig comman that the ->%o service is a#tomatica,,y starte
at "oot time. ;estart the 6pache service since mo#,es an conAg#ration A,es .ere ae :
service httpd restart
(ina,,y! yo# sho#, a,so ma3e s#re that the memcached service is starte an that it is a,so
a#tomatica,,y starte at "oot time.
Chapter 7
Cronjob 3 +Mail reminders
->%o a,,o.s yo# to set emai,-"ase reminers $or events an tas3s. 0o ena",e this! yo# m#st
ena",e the SOGo%na!le%>ail7larms pre$erence an set the O6S%>ail7larmsJolder8&
pre$erence accoring,y.
>nce yo#Lve correct,y set those t.o pre$erences! yo# m#st create a cron4o/ that .i,, r#n #ner
the GsogoH #ser. 0his cron4o/ sho#, "e r#n every min#te.
6 commente o#t e1amp,e sho#, have "een insta,,e in /etc/cron.d/so)o! to ena",e it!
simp,y #ncomment it.
6s a re$erence! the cron4o/ sho#, e eAne ,i3e this:
N N N N N /usr/s!in/so)o-ealarms-noti/y
I$ yo#r mai, server re<#ires #se o$ -90P 6'0:! speci$y a creentia, A,e #sing -p
/path/to/credJile. 0his A,e sho#, contain the #sername an pass.or! separate "y a
co,on (#sername:pass.or)
Cronjob 3 4acation messa#es e.piration
Chen vacation messages are ena",e (see the parameter SOGoCacation%na!led)! #sers can set
an e1piration ate to messages a#to-rep,y. (or this $eat#re to .or3! yo# m#st r#n a cron4o/
#ner the GsogoH #ser.
6 commente o#t e1amp,e sho#, have "een insta,,e in /etc/cron.d/so)o. 0o .or3
correct,y this too, m#st ,ogin as an aministrative #ser on the sieve server. 0he re<#ire
creentia,s m#st "e speciAe in a A,e "y #sing -p /path/to/credJile. 0his A,e sho#,
contain the #sername an pass.or! separate "y a co,on (#sername:pass.or)
0he cron4o/ sho#, ,oo3 ,i3e this :
0 0 N N N so)o /usr/s!in/so)o-tool eOpire-autoreply -p
/etc/so)o/sieve.creds
Chapter 8
5 Mana#in# *ser Accounts
Creatin# the S"Go Administrative Account
(irst! create the ->%o aministrative acco#nt in yo#r *)6P server. 0he $o,,o.ing *)I( A,e
(so)o.ldi/) can "e #se as an e1amp,e :
dn" uid=so)o<ou=users<dc=acme<dc=com
o!Aect6lass" top
o!Aect6lass" inetOr)Berson
o!Aect6lass" person
o!Aect6lass" or)ani;ationalBerson
uid" so)o
cn" SOGo 7dministrator
mail" so)oPacme.com
sn" 7dministrator
)iven5ame" SOGo
*oa the *)I( A,e insie yo#r *)6P server #sing the $o,,o.ing comman :
ldapadd -/ so)o.ldi/ -O -# .#erty -? cn=>ana)er<dc=acme<dc=com
(ina,,y! set the pass.or (to the va,#e G<.ertyH) o$ the ->%o aministrative acco#nt #sing the
$o,,o.ing comman :
ldappass#d -h localhost -O -# .#erty -? cn=>ana)er<dc=acme<dc=com
uid=so)o<ou=users<dc=acme<dc=com -s .#erty
2008-2014 Inverse inc. 9anaging 'ser 6cco#nts 48
Chapter 8
Creatin# a *ser Account
->%o #ses *)6P irectories to a#thenticate #sers. 'se the $o,,o.ing *)I( A,e (Adoe.ldi/) as
an e1amp,e to create a ->%o #ser acco#nt :
dn" uid=Adoe<ou=users<dc=acme<dc=com
o!Aect6lass" top
o!Aect6lass" inetOr)Berson
o!Aect6lass" person
o!Aect6lass" or)ani;ationalBerson
uid" Adoe
cn" Zohn ?oe
mail" AdoePacme.com
sn" ?oe
)iven5ame" Zohn
*oa the *)I( A,e insie yo#r *)6P server #sing the $o,,o.ing comman :
ldapadd -/ Adoe.ldi/ -O -# .#erty -? cn=>ana)er<dc=acme<dc=com
(ina,,y! set the pass.or (to the va,#e G<.ertyH) o$ the ->%o aministrative acco#nt #sing the
$o,,o.ing comman :
ldappass#d -h localhost -O -# .#erty -? cn=>ana)er<dc=acme<dc=com
uid=Adoe<ou=users<dc=acme<dc=com -s .#erty
6s an a,ternative to #sing comman-,ine too,s! yo# can a,so #se *)6P eitors s#ch as +u(a or
Apace 'irectory Studio to ma3e yo#r .or3 easier. 0hese %'I #ti,ities can ma3e #se o$
temp,ates to create an pre-conAg#re typica, #ser acco#nts or any stanariFe *)6P recor!
a,ong .ith the correct o"Dect c,asses! Ae,s an e$a#,t va,#es.
2008-2014 Inverse inc. 9anaging 'ser 6cco#nts 4=
Chapter =
6 Microso%t ActiveSync
->%o s#pports the 9icroso$t 6ctive-ync protoco,.
6ctive-ync c,ients can $#,,y synchroniFe contacts! emai,s! events an tas3s .ith ->%o.
(ree"#sy an %6* ,oo3#ps are a,so s#pporte! as .e,, as G-mart rep,yH an G-mart $or.arH
operations.
0o ena",e 9icroso$t 6ctive-ync s#pport in ->%o! yo# m#st insta,, the re<#ire pac3ages.
yum install so)o-activesync li!#!Oml
>nce insta,,e! simp,y #ncomment the $o,,o.ing ,ines $rom yo#r ->%o 6pache conAg#ration:
BroOyBass />icroso/t-Server-7ctiveSync T
http"//127.0.0.1"20000/SOGo/>icroso/t-Server-7ctiveSync T
retry='0 connectiontimeout=S timeout=0'0
;estart 6pache a$ter.ars.
0he $o,,o.ing aitiona, parameters on,y a$$ect ->%o .hen #sing 6ctive-ync:
- ->%o9a1im#mPingInterva, Parameter #se to set the ma1im#m amo#nt o$
time! in secons! ->%o .i,, .ait "e$ore rep,ying
to a Ping comman. I$ not set! it e$a#,ts to 7
secons.
- ->%o9a1im#m-yncInterva, Parameter #se to set the ma1im#m amo#nt o$
time! in secons! ->%o .i,, .ait "e$ore rep,ying
to a -ync comman. I$ not set! it e$a#,ts to 40
secons.
- ->%oInterna,-yncInterva, Parameter #se to set the ma1im#m amo#nt o$
time! in secons! ->%o .i,, .ait "e$ore oing an
interna, chec3 $or ata changes (a! e,ete! an
#pate). 0his parameter m#st "e ,o.er than
SOGo>aOimumSyncInterval. I$ not set! it e$a#,ts
to 10 secons.
2008-2014 Inverse inc. 9icroso$t 6ctive-ync 48
Chapter =
P,ease "e a.are o$ the $o,,o.ing ,imitations:
C#rrent,y! on,y the persona, ca,enar an aress "oo3 are synchroniFe. 6ing s#pport $or a,,
$o,ers is p,ane.
Chen creating an >#t,oo3 2014 proA,e! yo# m#st act#a,,y 3i,, >#t,oo3 "e$ore the en o$ the
creation process. -ee http://....vion",og.com/connect-Fim"ra-comm#nity-.ith-o#t,oo3-2014
$or a proce#re e1amp,e.
>#t,oo3 2014 oes not search the %6*. >ne possi",e a,ternative so,#tion is to conAg#re
>#t,oo3 to #se a *)6P server (over --*) .ith a#thentication. 6,ternative,y! .hen s#pporting
more than D#st the persona, aress "oo3! .eL,, a,so "e a",e to e1pose the *)6P/-B* "ase
aress "oo3s in ->%o over 6ctive-ync.
9a3e s#re yo# o not #se a se,$-signe certiAcate. Chi,e this .i,, .or3! >#t,oo3 .i,, .or3
intermittent,y as it .i,, raise pop#ps $or certiAcate va,iation! sometimes in "ac3gro#n!
preventing the #ser to see the .arning an th#s! preventing any synchroniFation to happen.
>#t,oo3 2014 creates #p,icates .hen yo# move messages $rom one $o,er to the other one.
0he target $o,er .i,, sho. t.o instances o$ each mai,! .hi,e on the I96P server yo# .i,, on,y
see one.
6ctive-ync c,ients 3eep connections open $or a .hi,e. @ach connection .i,, gra" a ho, on a
sogo process so yo# .i,, nee a ,ot o$ processes to han,e many c,ients. 0his ,imitation .i,,
event#a,,y "e overcome in ->%o.
;epetitive events .ith occ#rrences e1ceptions are c#rrent,y not s#pporte.
>#t,oo3 2014 6#toiscovery is c#rrent,y not s#pporte.
>#t,oo3 2014 $ree"#sy ,oo3#ps are s#pport #sing the Internet (ree/2#sy $eat#re o$ >#t,oo3
2014. P,ease see http://s#pport.microso$t.com/3"/2?1821 $or conAg#ration instr#ctions. >n the
->%o sie! SOGo%na!leBu!lic7ccess m#st "e set to K@- an the ';* to #se m#st "e o$ the
$o,,o.ing $ormat: http"//GhostnameH/SOGo/dav/pu!lic/[57>%[//ree!usy.i/!
In orer to #se the ->%o 6ctive-ync s#pport coe in pro#ction environments! yo# nee to get
a proper #sage ,icense $rom 9icroso$t. P,ease contact them irect,y to negotiate the $ees
associate to yo#r #ser "ase.
0o contact 9icroso$t! p,ease visit:
http://....microso$t.com/en-
#s/,ega,/inte,,ect#a,property/IP*icensing/Programs/e1changeactivesyncprotoco,.asp1
an sen an emai, to ip,icre<Wmicroso$t.com
Inverse inc. provies this so$t.are $or $ree! "#t is not responsi",e $or anything re,ate to its
#sage.
2008-2014 Inverse inc. 9icroso$t 6ctive-ync 4?
Chapter 8
7 *sin# S"Go
S"Go 1eb Inter%ace
0o acces the ->%o Ce" Inter$ace! point yo#r Ce" "ro.ser! .hich is r#nning $rom the same
server .here ->%o .as insta,,e! to the $o,,o.ing ';* : http://,oca,host/->%o
*og in #sing the GDoeH #ser an the G<.ertyH pass.or. 0he #ner,ying ata"ase ta",es .i,,
a#tomatica,,y "e create "y ->%o.
Mo8illa 0hunderbird and -i#htnin#
6,ternative,y! yo# can access ->%o .ith a %ro#p)6+ an a Ca,)6+ c,ient. 6 typica, .e,,-
integrate set#p is to #se 9oFi,,a 0h#ner"ir an 9oFi,,a *ightning a,ong .ith InverseLs SOGo
Connector p,#g in to synchroniFe yo#r aress "oo3s an the InverseLs SOGo Integrator p,#g in
to provie a comp,ete integration o$ the $eat#res o$ ->%o into 0h#ner"ir an *ightning. ;e$er
to the oc#mentation o$ 0h#ner"ir to conAg#re an initia, I96P acco#nt pointing to yo#r
->%o server an #sing the #ser name an pass.or mentione a"ove.
Cith the ->%o Integrator p,#g in! yo#r ca,enars an aress "oo3s .i,, "e a#tomatica,,y
iscovere .hen yo# ,ogin in 0h#ner"ir. 0his p,#g in can a,so propagate speciAc e1tensions
an e$a#,t #ser settings among yo#r site. :o.ever! "e a.are that in orer to #se the ->%o
Integrator p,#g in! yo# .i,, nee to repac3age it .ith speciAc moiAcations. P,ease re$er to the
oc#mentation p#",ishe on,ine:
http://....sogo.n#/o.n,oas/oc#mentation.htm,.
I$ yo# on,y #se the ->%o Connector p,#g in! yo# can sti,, easi,y access yo#r ata.
0o access yo#r persona, aress "oo3:
Choose %o [ 6ress 2oo3.
Choose (i,e [ &e. [ ;emote 6ress 2oo3.
@nter a signiAcant name $or yo#r ca,enar in the &ame Ae,.
0ype the $o,,o.ing ';* in the ';* Ae,:
http://\hostname[/->%o/av/Doe/Contacts/persona,/
2008-2014 Inverse inc. 'sing ->%o 70
Chapter 8
C,ic3 on >I.
0o access yo#r persona, ca,enar:
Choose %o [ Ca,enar.
Choose Ca,enar [ &e. Ca,enar.
-e,ect >n the &et.or3 an c,ic3 on Contin#e.
-e,ect Ca,)6+.
0ype the $o,,o.ing ';* in the ';* Ae,:
http://,oca,host/->%o/av/Doe/Ca,enar/persona,/
C,ic3 on Contin#e.
Apple iCal
6pp,e iCa, can a,so "e #se as a c,ient app,ication $or ->%o.
0o conAg#re it so it .or3s .ith ->%o! create a ne. acco#nt an speci$y! as the 6cco#nt ';*!
an ';* s#ch as :
http://,oca,host/->%o/av/Doe/
&ote that the trai,ing s,ash is important $or 6pp,e iCa, 4.
Apple Address9oo:
-ince 9ac >- J 10.8 (-no. *eopar)! 6pp,e 6ress2oo3 can "e conAg#re to #se ->%o.
In orer to ma3e this .or3! yo# m#st a a ne. virt#a, host in yo#r 6pache conAg#ration A,e to
,isten on port 8800 an han,e re<#ests coming $rom i>- evices.
0he virt#a, host sho#, "e eAne ,i3e :
GCirtual$ost N"1100H
e#rite%n)ine O//
BroOye.uests O//
Set%nv proOy-no*eepalive 1
BroOyBreserve$ost On
BroOyBassInterpolate%nv On
BroOyBass /principals http"//127.0.0.1"20000/SOGo/dav/ interpolate
BroOyBass /SOGo http"//127.0.0.1"20000/SOGo interpolate
BroOyBass / http"//127.0.0.1"20000/SOGo/dav/ interpolate
Chapter 8
G&ocation /H
Order allo#<deny
7llo# /rom all
G/&ocationH
GBroOy http"//127.0.0.1"20000H
e.uest$eader set @O-#e!o!Aects-server-port@ @1100@
e.uest$eader set @O-#e!o!Aects-server-name@ @acme.com"1100@
e.uest$eader set @O-#e!o!Aects-server-url@ @http"//acme.com"1100@
e.uest$eader set @O-#e!o!Aects-server-protocol@ @$::B/1.0@
e.uest$eader set @O-#e!o!Aects-remote-host@ @127.0.0.1@
7dd?e/ault6harset 8:J-1
G/BroOyH
%rror&o) /var/lo)/apache2/a!-error.lo)
6ustom&o) /var/lo)/apache2/a!-access.lo) com!ined
G/Cirtual$ostH
0his conAg#ration is a,so re<#ire i$ yo# .ant to conAg#re a Car)6+ acco#nt on a 6pp,e i>-
evice (version 4.0 an ,ater).
Chapter 8
Microso%t ActiveSync ; Mobile &evices
Ko# can synchroniFe contacts! emai,s! events an tas3s $rom ->%o .ith any mo"i,e evices
that s#pport 9icroso$t 6ctive-ync. 9icroso$t >#t,oo3 2014 is a,so s#pporte.
0he 9icroso$t 6ctive-ync server ';* is genera,,y something ,i3e: http://\hostname[/9icroso$t-
6ctive--ync .
Chapter ?
< *p#radin#
0his section escri"es .hat nees to "e one .hen #pgraing to the c#rrent version o$ ->%o
$rom the previo#s re,ease.
'.(.)
0he conAg#ration is no. store in /etc/sogo/sogo.con$. Per$orm the $o,,o.ing commans as
root to migrate yo#r previo#s #ser e$a#,ts:
install -d -m 7S0 -o so)o -) so)o /etc/so)o
sudo -u so)o so)o-tool dump-de/aults H /etc/so)o/so)o.con/
cho#n root"so)o /etc/so)o/so)o.con/
chmod '+0 /etc/so)o/so)o.con/
sudo -u so)o mv ]/G58step/?e/aults/.G58step?e/aults T
]/G58step/?e/aults/G58step?e/aults.old
'.(.*
0he parameter SOGoJorceI>7B&o)inIith%mail is no. eprecate an is rep,ace "y
SOGoJorce%Oternal&o)inIith%mail (.hich e1tens the $#nctiona,ity to -90P
a#thentication). 'pate yo#r conAg#ration i$ yo# #se this parameter.
0he sogo #ser is no. a system #ser. (or ne. insta,,s! this means that Gsu - so)oG .onLt .or3
anymore. P,ease #se Gsudo -u so)o GcmdHH instea. I$ #se in scripts $rom cronDo"s!
re1uiretty m#st "e isa",e in s#oers.
1.+.1,
;#n the she,, script s.l-update-1.0.1'2to21.0.17.sh or s.l-update-
1.0.1'2to21.0.17-mys.l.sh (i$ yo# #se 9y-B*).
0his .i,, gro. the Gcyc,e in$oH Ae, o$ ca,enar ta",es to a ,arger siFe.
1.+.1'
>nce yo# have #pate an restarte ->%o! r#n the she,, script s.l-update-
1.0.112to21.0.12.sh or s.l-update-1.0.112to21.0.12-mys.l.sh 3i$ yo# #se
9y-B*).
0his .i,, gro. the GcontentH Ae, o$ ca,enar an aress"oo3 ta",es to a ,arger siFe an A1
the primary 3ey o$ the session ta",e.
1.+.-
(or ;e :at-"ase istri"#tions! version 1.24 o$ %&'step .i,, "e insta,,e. -ince the ,ocation
2008-2014 Inverse inc. 'pgraing 74
Chapter ?
o$ the Ce" reso#rces changes! the 6pache conAg#ration A,e (->%o.con$) has "een aapte.
+eri$y yo#r 6pache conAg#ration i$ yo# have c#stomiFe this A,e.
2008-2014 Inverse inc. 77
Chapter 10
1= Additional In%ormation
(or more in$ormation! p,ease cons#,t the on,ine (6Bs ((re<#ent,y 6s3e B#estions) :
http://....sogo.n#/eng,ish/s#pport/$a<.htm,
Ko# can a,so rea the mai,ing archives or post yo#r <#estions to it. (or etai,s! see :
https:// ,ists. inverse.ca/sogo
2008-2014 Inverse inc. 6itiona, In$ormation 78
Chapter 11
11 Commercial Support and Contact
In%ormation
(or any <#estions or comments! o not hesitate to contact #s "y .riting an emai, to :
s#pportWinverse.ca
Inverse (http://inverse.ca) o$$ers pro$essiona, services aro#n ->%o to he,p organiFations ep,oy
the so,#tion an migrate $rom their ,egacy systems.
2008-2014 Inverse inc. Commercia, -#pport an Contact In$ormation 7=

SOGo Installation Guide

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SOGo Installation Guide

Uploaded by

Copyright:

Available Formats

version 2.2.

You might also like