Hi, > On Mar 31, 2016, at 12:54 PM, Maximiliano Sbrocca > <maximiliano.sbro...@santexgroup.com> wrote: > > Many thanks Andre for your reply. For sure that this helps. > > One more question. As you said, in my tests I'm using the XMLs where I > previously created the users I need (I would use the default ones too). I saw > that if you try to sync a Calendar client for an account or user that doesn't > exist, you'll get an error. > > My question is: if you choose as auth method LDAP are the users inside the > server synchronized automatically?
Yes, although I wouldn't use the word 'synchronized' as that implies (to me anyway) that CalendarServer maintains a complete copy of everything that is also in LDAP, and that is not the case. When configured to use LDAP, CalendarServer will query LDAP for any and all principal lookups. All the LDAP interactions are funneled through a 'sidecar' process we call the DirectoryProxy - this process does not service CalDAV requests, and exists only to serve other CalendarServer processes. The communication between CalDAV processes and the DirectoryProxy happens over a unix domain socket. We maintain two levels of caching of LDAP data, to reduce LDAP traffic, both with configurable timeouts. One cache is in the sidecar, and another is in each individual CalDAV daemon. So although CalendarServer can use any of the records in LDAP, it will only fetch and cache records that are used by clients or otherwise referenced by calendar data. To customize the cache timeouts, use the following caldavd.plist options <http://trac.calendarserver.org/browser/CalendarServer/trunk/conf/caldavd-stdconfig.plist#L1701>. If not specified, the default values shown below will be used. <key>DirectoryProxy</key> <dict> <key>InProcessCachingSeconds</key> <integer>60</integer> <key>InSidecarCachingSeconds</key> <integer>120</integer> </dict> Cheers, -dre > > Regards! > Maxi > > On Thu, Mar 31, 2016 at 3:43 PM, Andre LaBranche <d...@apple.com > <mailto:d...@apple.com>> wrote: > Hello, > > Replies inline. > >> On Mar 31, 2016, at 6:41 AM, Maximiliano Sbrocca >> <maximiliano.sbro...@santexgroup.com >> <mailto:maximiliano.sbro...@santexgroup.com>> wrote: >> >> Hello everybody, >> >> >> My name is Maxi and I'm analyzing caldav servers to implement in the >> company I'm working for. The company has an app where events are created. >> Once it happen, emails are sent with ICS files. The idea is to also save the >> events in the caldav server. I've this part working (dev mode) by calling >> the Darwin API (http://localhost:8008/calendars/users/ >> <http://localhost:8008/calendars/users/><USER>/calendar/<ICS-File>.ics and >> the ics file content in the request body). Then users will be able to sync >> their events against the caldav server. (This is also working. I was able to >> sync my events using Evolution and Thunderbird). >> >> What I need now, is some help with the API part for users creation. > > There is no such API. CalendarServer itself does not act as a directory > service; instead it accesses an existing directory service in a read-only > fashion to acquire the various record types used by the service. The options > for the directory backend are: XML files, such as the ones you see in the SVN > checkout under conf/auth, or LDAP. > > The calendarserver_manage_princinpals tool does allow for creating location, > resource, or 'address' records (address records are used to support newer geo > features), but not user records. For production uses, we generally don't > recommend using the XML file method as it's not very interoperable. The > interoperable, production-grade option is LDAP. You are still free to spin > your own workflow around modification of the XML files, which might still be > the path of least resistance if you don't need to interoperate with a lot of > other things. > > Hope this helps, > -dre > >> Logged as the admin (admin/admin) I'm making PUT calls to: >> >> http://localhost:8008/calendars/users/ >> <http://localhost:8008/calendars/users/> >> >> The request header has Authorization - Basic for admin/admin and the >> body I'm sending is: >> >> <record type="user"> >> <short-name>maxi.sbrocca</short-name> >> <uid>maxi.sbrocca</uid> >> <password>password</password> >> <full-name>Maxi Sbrocca</full-name> >> <email>maximiliano.sbro...@santexgroup.com >> <mailto:maximiliano.sbro...@santexgroup.com></email> >> </record> >> >> >> And the response error I'm getting is: >> >> <?xml version='1.0' encoding='UTF-8'?> >> <error xmlns='DAV:'> >> <need-privileges> >> <resource> >> <href>/calendars/users/</href> >> <privilege> >> <write-content/> >> </privilege> >> </resource> >> </need-privileges> >> </error> >> >> I'm not seeing any console log error: >> >> 2016-03-31T10:40:24-0300 [caldav-0] [txweb2.server#info] PUT >> /calendars/users/ HTTP/1.1 >> >> Could you please help me to find out what I'm doing wrong? >> >> Thanks in advance, >> -- >> Sbrocca Hector Maximiliano >> Software Engineer >> >> >> >> Vélez Sársfield 576 4° piso. >> Córdoba, Argentina. >> +54 (0351) 589 7070 >> www.santexgroup.com <http://www.santexgroup.com/> >> >> Follow us >> >> <https://www.facebook.com/SantexGroup> <https://twitter.com/santexgroup> >> <https://plus.google.com/+Santexgroup/posts> >> <https://www.linkedin.com/company/129740?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A129740%2Cidx%3A1-1-1%2CtarId%3A1442929736721%2Ctas%3Asantex> >> <https://www.youtube.com/user/TheSantexChannel> >> <http://santexgroup.com/blog/>_______________________________________________ >> calendarserver-dev mailing list >> calendarserver-dev@lists.macosforge.org >> <mailto:calendarserver-dev@lists.macosforge.org> >> https://lists.macosforge.org/mailman/listinfo/calendarserver-dev >> <https://lists.macosforge.org/mailman/listinfo/calendarserver-dev> > > > > > -- > Sbrocca Hector Maximiliano > Software Engineer > > > > Vélez Sársfield 576 4° piso. > Córdoba, Argentina. > +54 (0351) 589 7070 > www.santexgroup.com <http://www.santexgroup.com/> > > Follow us > > <https://www.facebook.com/SantexGroup> <https://twitter.com/santexgroup> > <https://plus.google.com/+Santexgroup/posts> > <https://www.linkedin.com/company/129740?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A129740%2Cidx%3A1-1-1%2CtarId%3A1442929736721%2Ctas%3Asantex> > <https://www.youtube.com/user/TheSantexChannel> > <http://santexgroup.com/blog/>
_______________________________________________ calendarserver-dev mailing list calendarserver-dev@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/calendarserver-dev