Re: [SOGo] SOGo resources

2017-02-06 Thread Christoph Kreutzer
, Christoph > Am 06.02.2017 um 16:48 schrieb Gerald Brandt (g...@majentis.com) > <users@sogo.nu>: > > > > On 2017-02-05 02:09 PM, Christoph Kreutzer (kreutzer.christ...@gmail.com) > wrote: >> Hi Gerald, >> >> yes - just create a SQL user so

Re: [SOGo] SOGo resources

2017-02-06 Thread Christoph Kreutzer
(g...@majentis.com) > <users@sogo.nu>: > > > > On 2017-02-06 10:03 AM, Christoph Kreutzer (kreutzer.christ...@gmail.com) > wrote: >> Hi, >> >> In my opinion, you can just leave the AD part out. >> A resource is identified using an email address, but i

Re: [SOGo] SOGo resources

2017-02-05 Thread Christoph Kreutzer
Hi Gerald, yes - just create a SQL user source with the necessary options for resources :) Regards, Christoph > Am 05.02.2017 um 16:40 schrieb Gerald Brandt (g...@majentis.com) > : > > Hi, > > I have SOGo running against Active Directory (details below*). Is it possible > to

Re: [SOGo] end user passwd change in /SOGo

2017-01-31 Thread Christoph Kreutzer
Hi Ralf, hi MJ, Thanks for the answers up to now! According to the docs [1] there is the following option for LDAP user sources: bindAsCurrentUser If set to YES, SOGo will always keep binding to the LDAP server using the DN of the currently authenticated user. If bindFields is set, bindDN and

Re: [SOGo] Alarm notify - repeating events

2017-01-24 Thread Christoph Kreutzer
You would think so, but no :D The query in the cronjob is rounding down to the full minute and then takes the range from then to -5 mins. So the alarm may come a bit late (at the event start time or shortly after), but it is sent. Since I have only a small setup and use these notifications

Re: [SOGo] end user passwd change in /SOGo

2017-01-30 Thread Christoph Kreutzer
Hi MJ, haven't checked that, but when not using User binding but giving a bind dn, probably the bind User is used for this action. Probably you can check that in the AD logs. Also, you can probably give the user only the right to modify the userPassword attribute - at least in openldap that's

Re: [SOGo] Alarm notify - repeating events

2017-01-20 Thread Christoph Kreutzer
Hi Fabio, I’m testing this functionality also. I think in my case the update to the new time is working, as the most reminders are now scheduled for the next week. But I also have entries from the first week of january. What I also observed was that the reminder with the default cron job

Re: [SOGo] Change WebServerResources URL

2016-09-21 Thread Christoph Kreutzer
AFAIK not. But how about making a (301) redirect in your web servers config? It will still touch your web server the first time, but usually the 301’s should be cached by the browser. > Am 21.09.2016 um 19:45 schrieb Jason Mooradian (cow...@gmail.com) > : > > Is there anyway to

Re: [SOGo] SAML2 authentication requirements

2016-09-18 Thread Christoph Kreutzer
> Am 16.09.2016 um 19:11 schrieb Christoph Kreutzer > <kreutzer.christ...@gmail.com>: > > How could you resolve this, Stephen? I found it out (after adding a consent:Consent to simpleSAMLphp): As the Shibboleth SP wants OID attributes, I had added a name2oid Attribute

[SOGo] Application specific password authentication

2016-09-22 Thread Christoph Kreutzer
Hello, I’m currently working on the implementation of application specific passwords for my mail server (like Googles: https://support.google.com/accounts/answer/185833 ). My main authentication/user source is LDAP, but I don’t want my users

Re: [SOGo] Autodiscovery + Openchange + SOGo

2016-09-22 Thread Christoph Kreutzer
Hi! I use a custom implementation based on this guide/code (as I don’t use Zentyal): https://www.kernel-error.de/postfix/autodiscover My observations: - Different clients use different upper-/lowercase - I personally map all request to

Re: [SOGo] SAML2 authentication requirements

2016-09-16 Thread Christoph Kreutzer
> Am 01.07.2013 um 20:10 schrieb Stephen Ingram : > > On Sat, Jun 29, 2013 at 6:13 AM, Ludovic Marcotte > wrote: > On 2013-06-29 1:57 AM, Stephen Ingram wrote: >> The makefile in SoObjects/SOGo (line 149) indicates the

Re: [SOGo] SAML2 authentication requirements

2016-10-20 Thread Christoph Kreutzer
m 19.09.2016 um 14:53 schrieb Stephen Ingram <sbing...@gmail.com>: > > On Sun, Sep 18, 2016 at 4:09 AM, Christoph Kreutzer > <kreutzer.christ...@gmail.com <mailto:kreutzer.christ...@gmail.com>> wrote: > >> Am 16.09.2016 um 19:11 schrieb Christoph Kreutzer

Re: [SOGo] Problem with sharing

2016-11-25 Thread Christoph Kreutzer
Hi Alex, Problem 1: Did you define the several domains as different domains in sogo.conf? If it's only one, it's default behaviour. Problem 2: You can set default access rights in sogo.conf, please take a look at the docs, I don't remember them right now. Sth. like PublicDandTViewer etc. Best

Re: [SOGo] sogo / dovecot / saml

2016-11-26 Thread Christoph Kreutzer
Hi MJ, Your welcome! > Thanks for the above. Nice that we're both on dovecot. Are you using the > regular jessie packages? Yes, I’m using the default Debian repositories (+ backports, but I’m not sure if Dovecot is in there). > No, same here, but on the other hand: the whole crudesaml

Re: [SOGo] sogo / dovecot / saml

2016-11-25 Thread Christoph Kreutzer
Hi MJ, I’m probably one of the few that got it working. I’m using it on Debian 8, what is your OS? crudesaml was not working for me, since it needs at least a patched liblasso (you find more on that in the archive, I’ve posted all my findings some weeks ago). My solution was relatively fast

Re: [SOGo] Logwatch - Spamd error

2016-11-28 Thread Christoph Kreutzer
Hi, Looks like the update mechanism: It downloads new signatures and restarts the server afterwards to pick them up. > Am 27.11.2016 um 20:19 schrieb postmaster (postmas...@tayzee.xyz) > : > > Hey All, > > I seem to have the below in my logwatch everyday. Can anyone explain

Re: [SOGo] sogo / dovecot / saml

2016-12-03 Thread Christoph Kreutzer
Hello MJ Please see the first of my mails again. There is an option beginning with NGImap... in my configuration example doing exactly that :) Good luck! Regards, Christoph > Am 03.12.2016 um 21:21 schrieb mj (li...@merit.unu.edu) : > > > >> On 12/03/2016 07:52 PM, mj

Re: [SOGo] AD avatar - How to?

2017-01-09 Thread Christoph Kreutzer
Hi Alex, That's easy. SOGo by default uses the photo LDAP attribute. You need to create a Mapping from photo to thumbnailPhoto or jpegPhoto, or both. See the documentation for LDAP UserSource mapping, I don't have it in my mind. It should look somehow like photo = ("thumbnailPhoto",

Re: [SOGo] multi-domain and identical usernames

2017-01-08 Thread Christoph Kreutzer
Hi, in my experience your configuration is just not possible (however I’m unable to find it specifically written in the docs). But there are several parts about it: - see SOGoEnableDomainBasedUID, - „c_uid - will be used for authentication“ - „c_name - which can be identical to c_uid - will be

Re: [SOGo] Integrate SOGo with a OTP Solution

2017-04-04 Thread Christoph Kreutzer
Hello, I am (mostly) successfully using the SAML authentication with SOGo. You can read about my experiences on the mailing ist ;-) I also don’t know LinOTP, but would recommend privacyID3A (https://www.privacyidea.org/ ) and SimpleSAMLphp

Re: [SOGo] Activesync not bringing in Global Address List

2017-03-06 Thread Christoph Kreutzer
Hello Gerald, ActiveSync does by default only sync the personal address books. I don’t know if there is a way to add the global address book, but if it was, you would find a solution in the mailing list archives. I remember it has been discussed before. Regards, Christoph > Am 06.03.2017 um

Re: [SOGo] saml2

2018-04-10 Thread Christoph Kreutzer
Hi MJ, That option directly correlates with how long the session is valid (as the SAML assertion will be removed from cache after this time, and can no longer be sent to Dovecot). 3600 would be one hour. You may want to set it higher, so that the user will stay logged in for a business day

Re: [SOGo] webmail login attacks - captcha?

2018-04-25 Thread Christoph Kreutzer
Hi, If the IPs are all 127.0.0.1 in SOGos log, then you did not correctly configure Apache to forward the IPs like proxies do. I think that is mentioned in the manual. Christoph > Am 24.04.2018 um 21:48 schrieb Sergio Cesar winc (ser...@winc.net) > : > > I wonder if one could

Re: [SOGo] Upcoming SOGo v4 release

2018-03-05 Thread Christoph Kreutzer
Hi Martin, There is a DB migration script in the usual location (don‘t remember it atm). At least on Debian the message is shown after upgrading. Otherwise there were no manual steps required to update. @Ludovic: Thanks for the hard work, works without problems since last thursday! Best

Re: [SOGo] Alias for all mailboxes

2019-01-25 Thread Christoph Kreutzer
Hi, I implemented something like that in the backend, too. I’m using OpenLDAP. I have a script (PHP CLI script as part of a Zend Framework management frontend) that uses a config file containing some LDAP searches to automatically add/remove users to/from groups based on some attributes. That

Re: [SOGo] Alias for all mailboxes

2019-01-25 Thread Christoph Kreutzer
postmap on the file (see the doc above). Best regards, Christoph > Am 25.01.2019 um 17:24 schrieb Pedro Antunes : > > Thanks for your help. > > Without LDAP, I can restrict senders? > > Exists any config file to this? > > Regards, > Pedro Antunes > > From