Hi I'm not a real expert, but I hope I can answer you a few questions
Am 28.04.2009 um 16:10 schrieb Jochen Grotepass:
Hello List,
please apologize for questions that might have been answered
already. I
read thru the list until August 2008 and did not find answers to my
questions below.
Upfront some information on what I try to archive and what we have...
More than three years ago we went away from Exchange into a more
multi-OS solution. We have different sort of OS - namely OSX (10.5.x),
Debian (Sidux), Windows (XP). Our internal Calendarserver is right
now a
DavICal (formerly RSCDS) setup running on a Debian server. As one of
the
Mac users I was always looking into the progress of Calendarserver. We
were now asked by some small companies and non-profit organization to
provide Email and Calenderservice. Thats when I realized that
meanwhile
Debian has the Calendarserver Package. So I give it a try and
installed
it. Playing a bit arround I found it working. Right now, I use the
XML-based accounts structure because the nss-ldap based implementation
had too many issues related to our naming structure. Creating the
accounts.xml automagically from the ldap directory for our users is a
pretty easy task (except the Password ;) ) - so I gave that solution
the
first try.
Thats my way as well, I didn't manage to get the NSS-Thing working. So
a wrote a shell script to create the account.xml from LDAP Database
Here now my questions:
1. Multidomain Calserver
Based on the service we were asked for, we setup the Email service for
an multi-domain scenario. Start to think how the Calendarserver might
work with it, started the first questions. As far as I understand from
the mailing list and some other internet sources, the caldavd.plist
defines the location of the calendar files in the "DocumentRoot" Tag.
Because I wanted to seperate the principals based on their domain to
prevent security side effects I have had no idea at the first sight.
So
I thought about to setup different servers listening on different
ports
and use an apache reverse proxy to point to the propper service.
Q: Is this a feasible plan or does anybody here has a better solution?
Security effects? What do you mean. My calendarserver is running on
its own virtual server. I do not understand
2. Permissions
I have read that giving read-permissions on user/group based calendars
is a task that the client software should provide. We use currently
Lightning (still 0.9 because of Thunderbird 2) and I have no chance to
provide any permissions using this client.
Q: Is there any command-line based tool that I can use? - If so, I
would
create an admin/user Interface to provide the permissions dialogue.
As I understand there is a way to set permissions with iCal e.g. but
this is not implemented on server-side. There is a tool called
ClientLibrary. Since a few days this tools allows kerberos-logins as
well. But I haven't tried this out yet. If it works one can think of
setting permission that are stored in LDAP
3. Authentication
As of now, I used the Digest Authentication (not sure if Lightning
provides Kerberos Authentication).
Digist is not good ;-) Lighning does Kerberos! You have to set
network.negotiate...something to your caldav-URL
Every hour I got requested to provide
a new Login via Lightning. As far as I have read thru the list, I knew
that Lightning might not be the best solution because of still open
bugs
in the CalDav implementation. However the error I can see in the error
log says that the "nonce value is invalid". Searching through google I
have not found a solution yet.
I use lighning on some machines with kerberos. And this is working
very well
Q: Does anybody have a clue on these messages:
2009-04-28 13:44:11+0200 [-] [caldav-8008] [HTTPChannel,
240,127.0.0.1]
'Authentication failed: Digest credentials expired'
2009-04-28 13:44:11+0200 [-] [caldav-8008] [HTTPChannel,
241,127.0.0.1]
PROPFIND /calendars/groups/Familie/calendar/ HTTP/1.1
2009-04-28 13:44:11+0200 [-] [caldav-8008] [HTTPChannel,
241,127.0.0.1]
'Authentication failed: Invalid nonce value:
19270429311356917781566817204'
4. iCal Client Error
Because I wanted to play with the item 2 (Permissions) I tried to use
the iCal client on my mac. Unfortunately I got an error that blocks me
from creating that Calendar in iCal. The Error Message
"Bei der Anfrage ist ein unerwarteter Fehler aufgetreten (Domain
„CalDAV
No Calendar Home Error“/Fehler 1)." (sorry for the German message) -
keeps me away from testing with iCal. I checked in the access log and
the error log and cannot see any difference in the path to the
Lightnng
URL.
Q: Can somebody give me a hint what this error mean?
Maybe there is omething wrong in you accounts.xml or the path you have
used is bad. The path you have to use in iCal differs from that in
lightning. I'm using https://<hostname>:8443/principals/groups/e4/ in
iCal but https://<hostname>:8443/calendars/groups/e4/<calendarname> in
lightning
Sorry for the long list of questions. I would really like to use this
package if I could see a clear path to solve my current issues/
challenges...
Thanks for any advice or hint that helps me to solve those
questions...
I guess the docuentation is still bad. I have had lots of problems in
the beginnin as well. I want to start using person-based calendars,
not group based, but I'm still working on it. Do you have any
expertise in this?
Georg
Jochen
_______________________________________________
calendarserver-users mailing list
calendarserver-users@lists.macosforge.org
http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users
_______________________________________________
calendarserver-users mailing list
calendarserver-users@lists.macosforge.org
http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users
