Thanks, Now is calendarserver working with OpenLDAP, however there is still one issue - iMIP
For some reason, com.apple.calendarserver user cannot be authenticated against calendar server 2011-04-06 11:04:07+0200 [-] [caldav-8008] [AuthorizedHTTPGetter,client] [twistedcaldav.scheduling.imip#error] Could not do server-to-imip request : <twistedcaldav.scheduling.imip.ScheduleViaIMip object at 0x3990a50> Mail gateway not able to process reply; could not authenticate user com.apple.calendarserver with calendar server 2011-04-06 11:04:07+0200 [-] [caldav-8008] [AuthorizedHTTPGetter,client] [twistedcaldav.scheduling.scheduler.ScheduleResponseQueue#error] Error during PUT for mailto:xxx@xxxx: None User com.apple.calendarserver is in OpenLDAP configuration with dn: cn:com.apple.calendarserver,ou=people,dc=example,dc=com Using same account I am able to authenticate users without issue. I also get entryUUID and add it to admin principals, but it still doesn't work. Before I used openLDAP i was using account.xml file and there it was working just fine. Any advice? 2011/4/6, Fredrik Unger <[email protected]>: > Hi, > >> as I understand, there is possible to get together OpenLDAP and >> calendarserver. However it is not clear, how record in LDAP should >> looks like. >> From my initial test it seems, that structure in OpenLDAP has to be >> altered a little to support Apple UUIDs for groups and users. Or I >> simply doing anything wrong? > > I have so far been successful with a simple calendar accessed from Sunbird. > > My ldap setup is a standard ou=people,dc=example,dc=com structure filled > with OpenLDAPPersons. > The caldavd.plist section [1] was a simple rework for the one supplied by > Debian. > I am not using resources or location. > > # user, people, example.com > dn: uid=user,ou=people,dc=example,dc=com > givenName: Name > sn: Lastname > userPassword:: hashedpassword > loginShell: /bin/bash > uidNumber: NNNN > gidNumber: MMMM > mail: [email protected] > uid: user > objectClass: OpenLDAPperson > objectClass: posixAccount > cn: Name Lastname > homeDirectory: /home/user > > In this case it is also a posixAccount, but I do not think that makes a > difference. > >> Can anybody send me example of working OpenLDAP configuration with >> LDIF,caldavd.plist files. I also need working iMIP gateway. I was able >> to make it work with accounts.xml file, but I would like to see it in >> LDAP. > > I do not use iMIP. > >> I am using debian squeeze with calendarserver 2.4 > > Me too, still interested in hints how to get a workable solution for groups, > on 2.4. > http://www.mail-archive.com/[email protected]/msg01743.html > > > [1] > <key>DirectoryService</key> > <dict> > <key>type</key> > > <string>twistedcaldav.directory.ldapdirectory.LdapDirectoryService</string> > > <key>params</key> > <dict> > <key>cacheTimeout</key> > <integer>30</integer> > <key>realmName</key> > <string>Calendar Realm</string> > <key>uri</key> > <string>ldapi://%2fvar%2frun%2fslapd%2fldapi</string> > <!-- <string>ldaps://example.com/</string> --> > <key>tls</key> > <false/> > <key>tlsCACertFile</key> > <string></string> > <key>tlsCACertDir</key> > <string></string> > <key>tlsRequireCert</key> > <string>demand</string> > <key>credentials</key> > <dict> > <key>dn</key> > <string></string> > <key>password</key> > <string></string> > </dict> > <key>authMethod</key> > <string>LDAP</string> > <key>rdnSchema</key> > <dict> > <key>base</key> > <string>dc=example,dc=com</string> > <key>guidAttr</key> > <string>entryUUID</string> > <key>users</key> > <dict> > <key>rdn</key> > <string>ou=people</string> > <key>attr</key> > <string>uid</string> > <key>emailSuffix</key> > <string></string> > <key>filter</key> > <string>(objectClass=OpenLDAPPerson)</string> > </dict> > <key>groups</key> > <dict> > <key>rdn</key> > <string>ou=groups</string> > <key>attr</key> > <string>cn</string> > <key>emailSuffix</key> > <string></string> > <key>filter</key> > <string></string> > </dict> > <key>locations</key> > <dict> > <key>rdn</key> > <string>ou=Locations</string> > <key>attr</key> > <string>cn</string> > <key>emailSuffix</key> > <string></string> > <key>filter</key> > <string></string> > </dict> > <key>resources</key> > <dict> > <key>rdn</key> > <string>ou=Resources</string> > <key>attr</key> > <string>cn</string> > <key>emailSuffix</key> > <string></string> > <key>filter</key> > <string></string> > </dict> > </dict> > <key>groupSchema</key> > <dict> > <key>membersAttr</key> > <string>member</string> > <key>memberIdAttr</key> > <string></string> > </dict> > </dict> > </dict> > > _______________________________________________ > calendarserver-users mailing list > [email protected] > http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users > _______________________________________________ calendarserver-users mailing list [email protected] http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users
