Re: [SOGo] Re: ldap SOGoUserSources for groups
On 10/12/2012 08:00 PM, mourik jan heupink wrote:
Could you tell us (me, anyway) how you make it work with
MailFieldNames? I'm guessing your goal was to send an email to a group
of users defined in ldap?
Curious...
(because how I see it, the only way now is to use extensibleObject,
and then add mail attributes to your ldap-groups. And extensibleObject
is not a very nice solution...)
It's only working partially. It seems there is a bug. What does work is
the sources. So I've made an groupOfNames with members. The cn for the
groupOfNames is in the form i...@example.org. It finds these fine and
populates fields of emails and calendars. However, it does not, as
advertised, expand to a list of members. This is not cool. Though, I've
set up postfix to work for sending mails to these groups. SOGo itself
does not expand them. Which is unfortunate. It seems to be a bug or I've
configured something wrong.
We shall find out: http://www.sogo.nu/bugs/view.php?id=2032
Using the cn is not ideal, but it's alright. Here is my SOGoUserSources
for groups:
{type=ldap;CNFieldName = cn;IDFieldName = cn;UIDFieldName = cn;
MailFieldNames=(cn, mail); scope=SUB; KindFieldName=group;baseDN =
ou=departments,ou=groups,dc=example,dc=com;bindDN=cn=admin,dc=example,dc=com;
bindPassword=secret;canAuthenticate = YES;displayName = Departments;
hostname=192.168.1.5; id=departments; isAddressBook=YES; port=389;}
BTW, none of my SOGoUserSources that show in the address book have
entries. Perhaps this the problem. Though the ZEG is like that too.
Another bug?
Simon
--
users@sogo.nu
https://inverse.ca/sogo/lists
Re: [SOGo] Re: ldap SOGoUserSources for groups
On 10/12/2012 08:00 PM, mourik jan heupink wrote:
Hi Simon,
Never mind most of my questioning. I made it work with MailFieldNames,
though I had already applied for a PEN - jumped the gun I suppose.
I'm still wondering about #2.
Could you tell us (me, anyway) how you make it work with
MailFieldNames? I'm guessing your goal was to send an email to a group
of users defined in ldap?
Curious...
(because how I see it, the only way now is to use extensibleObject,
and then add mail attributes to your ldap-groups. And extensibleObject
is not a very nice solution...)
Seeing the previous problem I have with the group members not expanding
(decomposing), I tried it your way with extensibleObject and mail. Now
this time I cannot save the event because the server hangs (crashes?). Logs:
2012-10-15 17:46:51.305 sogod[3311] Note: Using UTF-8 as URL encoding in
NGExtensions.
Oct 15 17:46:51 sogod [3311]: 0x0x9c62d80[SOGoCache] Cache cleanup
interval set every 300.00 seconds
Oct 15 17:46:51 sogod [3311]: 0x0x9c62d80[SOGoCache] Using host(s)
'localhost' as server(s)
2012-10-15 17:46:51.313 sogod[3311] Note(SoObject): SoDebugKeyLookup is
enabled!
2012-10-15 17:46:51.314 sogod[3311] Note(SoObject): SoDebugBaseURL is
enabled!
2012-10-15 17:46:51.314 sogod[3311] Note(SoObject): relative base URLs
are enabled.
Oct 15 17:46:51 sogod [3311]: [WARN] 0x0x9e2ee08[SOGoWebDAVAclManager]
entry '{DAV:}write' already exists in DAV permissions table
Oct 15 17:46:51 sogod [3311]: [WARN] 0x0x9e2ee08[SOGoWebDAVAclManager]
entry '{DAV:}write-properties' already exists in DAV permissions table
Oct 15 17:46:51 sogod [3311]: [WARN] 0x0x9e2ee08[SOGoWebDAVAclManager]
entry '{DAV:}write-content' already exists in DAV permissions table
2012-10-15 17:46:51.350 sogod[3311] ERROR(-[NGBundleManager
bundleWithPath:]): could not create bundle for path:
'/usr/share/GNUstep/Libraries/gnustep-base/Versions/1.22/Resources/SSL.bundle'
2012-10-15 17:46:51.378 sogod[3311] WOxElemBuilder: could not locate
builders: WOxExtElemBuilder,WOxExtElemBuilder
2012-10-15 17:46:51.378 sogod[3311] WOCompoundElement: pool embedding is on.
2012-10-15 17:46:51.378 sogod[3311] WOCompoundElement: id logging is on.
EXCEPTION: NSException: 0xa0009a8 NAME:NSInvalidArgumentException
REASON:GSCBufferString(instance) does not recognize count INFO:(null)
Oct 15 17:46:51 sogod [3255]: 0x0x9badff0[WOWatchDogChild] child 3311
exited
Oct 15 17:46:51 sogod [3255]: 0x0x9badff0[WOWatchDogChild] (terminated
due to signal 6)
Oct 15 17:46:51 sogod [3255]: 0x0x9badff0[WOWatchDogChild] avoiding to
respawn child before 2012-10-15 17:46:56 +0900
Oct 15 17:46:56 sogod [3255]: 0x0x9c97228[WOWatchDog] child spawned
with pid 3313
I think there are some unrelated issues I have sort out. I can't find
what is related to the crash. Perhaps does not recognize count INFO?
Is this method working for you? Are the members properly being decomposed?
BTW, just sending email to a group of users, Postfix can handle. But it
must be decomposed to work for invitations. Otherwise user
i...@example.com will be invited, and not si...@example.com and
greg...@example.com. No go.
Regards,
Simon
--
users@sogo.nu
https://inverse.ca/sogo/lists
Re: [SOGo] Re: ldap SOGoUserSources for groups
Hello Simon Walter On 2012-10-15 09:15, Simon Walter wrote: ... BTW, none of my SOGoUserSources that show in the address book have entries. Perhaps this the problem. Though the ZEG is like that too. Another bug? No, they are not listed, because you only can search in them. Just use the search field in the upper right corner. Kind regards, Christian Mack -- Christian Mack Gruppe Informationsdienste Rechenzentrum Universität Konstanz -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Re: ldap SOGoUserSources for groups
On 10/15/2012 07:37 PM, Christian Mack wrote: Hello Simon Walter On 2012-10-15 09:15, Simon Walter wrote: ... BTW, none of my SOGoUserSources that show in the address book have entries. Perhaps this the problem. Though the ZEG is like that too. Another bug? No, they are not listed, because you only can search in them. Just use the search field in the upper right corner. Aha. I see. That is true. It works as you described. Is there a way to make it behave like the personal address book? (all contents visible) Regards, Simon -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Re: ldap SOGoUserSources for groups
On 2012-10-15 13:04, Simon Walter wrote: On 10/15/2012 07:37 PM, Christian Mack wrote: Hello Simon Walter On 2012-10-15 09:15, Simon Walter wrote: ... BTW, none of my SOGoUserSources that show in the address book have entries. Perhaps this the problem. Though the ZEG is like that too. Another bug? No, they are not listed, because you only can search in them. Just use the search field in the upper right corner. Aha. I see. That is true. It works as you described. Is there a way to make it behave like the personal address book? (all contents visible) No, you only can set SOGoLDAPQueryLimit to a number bigger than your user count and then search with searchstring . (dot without quotes). But be aware, that this can use a lot of time and bandwidth, if you have a big user base. There is an enhancement bug related to this: http://www.sogo.nu/bugs/view.php?id=438 Kind regards, Christian Mack -- Christian Mack Gruppe Informationsdienste Rechenzentrum Universität Konstanz -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] Re: ldap SOGoUserSources for groups
On 10/12/2012 06:54 PM, Simon Walter wrote: In the SOGo documentation it states: Finally, SOGo supports LDAP-based groups. Groups must be defined like any other authentication sources (ie., canAuthenticate must be set to YES and a group must have a valid email address). In order for SOGo to determine if a specific LDAP entry is a group, SOGo will look for one of the following objectClass attributes : group groupOfNames groupOfUniqueNames posixGroup I have to ask why: 1. canAuthenticate must be set to YES 2. a group must have a valid email address What if I have a group that is used only for addresses and not authentication? Never mind most of my questioning. I made it work with MailFieldNames, though I had already applied for a PEN - jumped the gun I suppose. I'm still wondering about #2. Cheers, Simon -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Re: ldap SOGoUserSources for groups
Hi Simon, Never mind most of my questioning. I made it work with MailFieldNames, though I had already applied for a PEN - jumped the gun I suppose. I'm still wondering about #2. Could you tell us (me, anyway) how you make it work with MailFieldNames? I'm guessing your goal was to send an email to a group of users defined in ldap? Curious... (because how I see it, the only way now is to use extensibleObject, and then add mail attributes to your ldap-groups. And extensibleObject is not a very nice solution...) Regards, MJ -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Re: ldap SOGoUserSources for groups
(because how I see it, the only way now is to use extensibleObject, and then add mail attributes to your ldap-groups. And extensibleObject is not a very nice solution...) It would seem so much more logical to 'automatically' treat all ldap-groups as email groups, and simply use: groupname@domain as an address. That way: no extensibleObject required... -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Re: ldap SOGoUserSources for groups
Le Fri, Oct 12, 2012 at 01:05:34PM +0200, mourik jan heupink écrivait: That way: no extensibleObject required... Why are you so critical with extensibleObject? This feature is standardized and described in RFC4512 section 4.3. What's wrong with it? -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Re: ldap SOGoUserSources for groups
Why are you so critical with extensibleObject? This feature is standardized and described in RFC4512 section 4.3. What's wrong with it? The problem with extensibleObject is that this is basically a hack. When you add this object class then you can add any attribute. It turns of schema checking. -- users@sogo.nu https://inverse.ca/sogo/lists
