Hey, I want to create groupcalendars. As creating them as the group (which is possible when you add userPassword to the group) works bad (SOGo will refuse to add an ACL for the group on the calendar if it is owned by the group), I decided to create a fakeuser and use ACLs.
Defining the ACLs works fine, however when I try to access the calendar as a member of the group it won't show up (except of course when I enable public access, but then I am not granted modify-rights). The only interesting part of my log could be: Oct 13 01:34:50 sogod [25003]: |SOGo| lookup name: junge-piraten Oct 13 01:34:50 sogod [25003]: |SOGo| did not find key 'junge-piraten' in SoClass: <0x0xb8f39788[SoObjCClass]: super=0x0xb8f37810 objc=SOGo slots=connect,GET,view,casProxy,index,saml2-signon-post,changePassword,saml2-metadata,loading,toolbar> Oct 13 01:34:50 sogod [25003]: |SOGo| looked up value: (null) Oct 13 01:34:50 sogod [25003]: |SOGo| lookup in root object: (null) Oct 13 01:34:50 sogod [25003]: |SOGo| GOT: (null) ("junge-piraten" is the name of my fakeuser containing shared calendars. I get related messages with "prauscher", which is the name of the accessing user) My SOGoUserSources = ( { type = ldap; CNFieldName = sn; UIDFieldName = cn; IDFieldName = cn; baseDN = "ou=Groups,o=Junge Piraten,c=DE"; bindDN = "cn=sogo,o=Junge Piraten,c=DE"; bindPassword = "xxxxxxxxx"; canAuthenticate = YES; displayName = "Gruppen"; hostname = ldap://storage:389; id = jupis_groups; isAddressBook = YES; SearchFieldNames = (cn,sn,mail); }, { type = ldap; CNFieldName = cn; UIDFieldName = uid; IDFieldName = uid; // first field of the DN for direct binds baseDN = "ou=People,o=Junge Piraten,c=DE"; bindDN = "cn=sogo,o=Junge Piraten,c=DE"; bindPassword = "xxxxxxxx"; canAuthenticate = YES; displayName = "Personen"; hostname = ldap://storage:389; id = jupis_people; isAddressBook = YES; SearchFieldNames = (uid,cn,givenName,sn,mail); } ); As you may guess, all our Groups are stored as objectClass=groupOfNames,extensibleObject with a mail-Attribute. Users are stored as inetOrgPerson. Our OpenLDAPd has the memberOf-overlay activated (and it works). If I can provide you more information just tell me! Thanks for your help, prauscher PS: When writing the Groupmembers individually to the ACL, everything works. It is just the decomposing of the Group. -- Diese Mail wurde nicht zwangsweise von dressierten Affen verfasst. -- users@sogo.nu https://inverse.ca/sogo/lists