Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
On Tue, 30 Oct 2018 21:40:07 +0100 Rene Schroth wrote: > Could it be that in order to use both LDAP and SQL user sources some > further configurations have to be performed? Ok, I read in your other post, that you're using LDAP for resources with proper attributes now. I think the LDAP / mySQL order doesn't matter, but there was probably a syntax error if the webserver fails. - Chris -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
Hi Irma, in SOGo you can set a superuser in sogo.conf then under that user you can set rights to any calendar in SOGo Web GUI. Alternatively set a password to your resource and login into its SOGo Web GUI. Kind Regards, Michal Dne 02.11.2018 v 17:14 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Hi Michal, the question was, how are you able to set the ACL, if you cannot login with your resource's account into SOGo Web GUI in order to manipulate the "Sharing" settings. BR Irma ___ Am 02.11.2018 um 16:05 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, use the email attribute with your resource and use any email address. For me "View Time and Date" for "All Authenticated Users" was sufficient. You can set higher rights for certain users so they can see event details. Regards, Michal Dne 02.11.2018 v 12:06 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Hi Michal, > It's not important whether you have mailGroup objectClass or not I know. Any oC providing the mail attribute is required. >Just > review the objectClasses you mentioned for the email attribute and > choose one. My LDIF has objectClass mailUser and inetOrgPerson. Both of them provide the mail attribute. How do you set the ACL for the resource's calendar in order to make it readable for the other users? BR Irma ___ Am 02.11.2018 um 09:38 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, It's not important whether you have mailGroup objectClass or not. You need to add any objectClass that contains an email attribute. Just review the objectClasses you mentioned for the email attribute and choose one. Then check all attributes of the objectClasses, some attributes can be mandatory and some are optional. Choose an objectClass ideally with no mandatory attributes or mandatory attributes that already exist in your resource definition (sn, uid, ...) then just add the email attribute. Regards Michal Dne 01.11.2018 v 20:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Hi Michal, thank you very much for your reply. Great to know, that generally LDAP calendar resources in SOGo work without restriction. I guess that you do not use the iRedMail OpenLDAP server, because I do and there's no objectClass mailGroup available. My iRedMail OpenLDAP installation provides these mail-related objectClasses: - mailAdmin - mailAlias - mailDomain - mailExternalUser - mailList - mailUser BTW: If you use mailGroup, how do you login with the resource's account into SOGo in order to set the ACL? Are group accounts capable to login to SOGo in your environment? BR Irma ___ Am 31.10.2018 um 13:16 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, we use LDAP for users and resources. Just to comment some entries, Multiplebookings attribute works as expected the resource can be booked only once if set to 1, free/busy is shown correctly. We use mailgroup class so that our resource can have its own email address, the email address is fictitious. With mailgroup class comes email attribute. Additionally our resource is located in the same tree (ou=People,dc=example,dc=com) as the other users. As a result when creating a new event with the resource as a participant we get a hint (name of the resource) after writing first three letters (Mee...). It's given by the fact that SOGo offers hints only from the first configured LDAP resource in sogo.conf. It works in SOGo web interface and in Thunderbird with SOGo Integrator. The calendar has set the following right "View Time and Date" for "All Authenticated Users". Here is our LDAP entry - LDIF: dn: cn=Meeting Room,ou=People,dc=example,dc=com Multiplebookings: 1 Kind: location cn: Meeting Room objectClass: top objectClass: person objectClass: organizationalPerson objectClass: calendarresource objectClass: calEntry objectClass: account objectClass: mailgroup mail: meetingro...@example.com sn: meetingrooom uid: meetingrooom userPassword: parentid: 4 creatorsname: cn=directory manager nsuniqueid: 741f2031-e1b221e6-81e6eeab-baae8424 entryid: 106 hassubordinates: FALSE entrydn: cn=Meeting Room,ou=People,dc=example,dc=com numsubordinates: 0 subschemasubentry: cn=schema modifiersname: cn=directory manager Kind Regards, Michal Dne 30.10.2018 v 14:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Approved that it is an LDAP issue: - Removed objectClasses calEntry and CalendarResource from Meetingroom's LDAP set. - Result: Free/Busy times are being displayed during event creation! Again the question: Is there anybody with a working LDAP resources setup who could provide a sample LDIF of a resource? Thank you! BR Irma My resources' Free/Busy times still won't work. For
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
Hi Michal, the question was, how are you able to set the ACL, if you cannot login with your resource's account into SOGo Web GUI in order to manipulate the "Sharing" settings. BR Irma ___ Am 02.11.2018 um 16:05 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, use the email attribute with your resource and use any email address. For me "View Time and Date" for "All Authenticated Users" was sufficient. You can set higher rights for certain users so they can see event details. Regards, Michal Dne 02.11.2018 v 12:06 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Hi Michal, > It's not important whether you have mailGroup objectClass or not I know. Any oC providing the mail attribute is required. >Just > review the objectClasses you mentioned for the email attribute and > choose one. My LDIF has objectClass mailUser and inetOrgPerson. Both of them provide the mail attribute. How do you set the ACL for the resource's calendar in order to make it readable for the other users? BR Irma ___ Am 02.11.2018 um 09:38 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, It's not important whether you have mailGroup objectClass or not. You need to add any objectClass that contains an email attribute. Just review the objectClasses you mentioned for the email attribute and choose one. Then check all attributes of the objectClasses, some attributes can be mandatory and some are optional. Choose an objectClass ideally with no mandatory attributes or mandatory attributes that already exist in your resource definition (sn, uid, ...) then just add the email attribute. Regards Michal Dne 01.11.2018 v 20:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Hi Michal, thank you very much for your reply. Great to know, that generally LDAP calendar resources in SOGo work without restriction. I guess that you do not use the iRedMail OpenLDAP server, because I do and there's no objectClass mailGroup available. My iRedMail OpenLDAP installation provides these mail-related objectClasses: - mailAdmin - mailAlias - mailDomain - mailExternalUser - mailList - mailUser BTW: If you use mailGroup, how do you login with the resource's account into SOGo in order to set the ACL? Are group accounts capable to login to SOGo in your environment? BR Irma ___ Am 31.10.2018 um 13:16 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, we use LDAP for users and resources. Just to comment some entries, Multiplebookings attribute works as expected the resource can be booked only once if set to 1, free/busy is shown correctly. We use mailgroup class so that our resource can have its own email address, the email address is fictitious. With mailgroup class comes email attribute. Additionally our resource is located in the same tree (ou=People,dc=example,dc=com) as the other users. As a result when creating a new event with the resource as a participant we get a hint (name of the resource) after writing first three letters (Mee...). It's given by the fact that SOGo offers hints only from the first configured LDAP resource in sogo.conf. It works in SOGo web interface and in Thunderbird with SOGo Integrator. The calendar has set the following right "View Time and Date" for "All Authenticated Users". Here is our LDAP entry - LDIF: dn: cn=Meeting Room,ou=People,dc=example,dc=com Multiplebookings: 1 Kind: location cn: Meeting Room objectClass: top objectClass: person objectClass: organizationalPerson objectClass: calendarresource objectClass: calEntry objectClass: account objectClass: mailgroup mail: meetingro...@example.com sn: meetingrooom uid: meetingrooom userPassword: parentid: 4 creatorsname: cn=directory manager nsuniqueid: 741f2031-e1b221e6-81e6eeab-baae8424 entryid: 106 hassubordinates: FALSE entrydn: cn=Meeting Room,ou=People,dc=example,dc=com numsubordinates: 0 subschemasubentry: cn=schema modifiersname: cn=directory manager Kind Regards, Michal Dne 30.10.2018 v 14:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Approved that it is an LDAP issue: - Removed objectClasses calEntry and CalendarResource from Meetingroom's LDAP set. - Result: Free/Busy times are being displayed during event creation! Again the question: Is there anybody with a working LDAP resources setup who could provide a sample LDIF of a resource? Thank you! BR Irma My resources' Free/Busy times still won't work. For normal users, Free/Busy times work fine! Here's more detail about the configurations. (1) Resource 'meetingroom' created in LDAP, resides in the same OU as the normal users. Has same objectClasses and attributes as normal user accounts PLUS objectClasses 'calEntry' and 'CalendarResource' with their attributes
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
Hi Irma, use the email attribute with your resource and use any email address. For me "View Time and Date" for "All Authenticated Users" was sufficient. You can set higher rights for certain users so they can see event details. Regards, Michal Dne 02.11.2018 v 12:06 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Hi Michal, > It's not important whether you have mailGroup objectClass or not I know. Any oC providing the mail attribute is required. >Just > review the objectClasses you mentioned for the email attribute and > choose one. My LDIF has objectClass mailUser and inetOrgPerson. Both of them provide the mail attribute. How do you set the ACL for the resource's calendar in order to make it readable for the other users? BR Irma ___ Am 02.11.2018 um 09:38 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, It's not important whether you have mailGroup objectClass or not. You need to add any objectClass that contains an email attribute. Just review the objectClasses you mentioned for the email attribute and choose one. Then check all attributes of the objectClasses, some attributes can be mandatory and some are optional. Choose an objectClass ideally with no mandatory attributes or mandatory attributes that already exist in your resource definition (sn, uid, ...) then just add the email attribute. Regards Michal Dne 01.11.2018 v 20:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Hi Michal, thank you very much for your reply. Great to know, that generally LDAP calendar resources in SOGo work without restriction. I guess that you do not use the iRedMail OpenLDAP server, because I do and there's no objectClass mailGroup available. My iRedMail OpenLDAP installation provides these mail-related objectClasses: - mailAdmin - mailAlias - mailDomain - mailExternalUser - mailList - mailUser BTW: If you use mailGroup, how do you login with the resource's account into SOGo in order to set the ACL? Are group accounts capable to login to SOGo in your environment? BR Irma ___ Am 31.10.2018 um 13:16 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, we use LDAP for users and resources. Just to comment some entries, Multiplebookings attribute works as expected the resource can be booked only once if set to 1, free/busy is shown correctly. We use mailgroup class so that our resource can have its own email address, the email address is fictitious. With mailgroup class comes email attribute. Additionally our resource is located in the same tree (ou=People,dc=example,dc=com) as the other users. As a result when creating a new event with the resource as a participant we get a hint (name of the resource) after writing first three letters (Mee...). It's given by the fact that SOGo offers hints only from the first configured LDAP resource in sogo.conf. It works in SOGo web interface and in Thunderbird with SOGo Integrator. The calendar has set the following right "View Time and Date" for "All Authenticated Users". Here is our LDAP entry - LDIF: dn: cn=Meeting Room,ou=People,dc=example,dc=com Multiplebookings: 1 Kind: location cn: Meeting Room objectClass: top objectClass: person objectClass: organizationalPerson objectClass: calendarresource objectClass: calEntry objectClass: account objectClass: mailgroup mail: meetingro...@example.com sn: meetingrooom uid: meetingrooom userPassword: parentid: 4 creatorsname: cn=directory manager nsuniqueid: 741f2031-e1b221e6-81e6eeab-baae8424 entryid: 106 hassubordinates: FALSE entrydn: cn=Meeting Room,ou=People,dc=example,dc=com numsubordinates: 0 subschemasubentry: cn=schema modifiersname: cn=directory manager Kind Regards, Michal Dne 30.10.2018 v 14:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Approved that it is an LDAP issue: - Removed objectClasses calEntry and CalendarResource from Meetingroom's LDAP set. - Result: Free/Busy times are being displayed during event creation! Again the question: Is there anybody with a working LDAP resources setup who could provide a sample LDIF of a resource? Thank you! BR Irma My resources' Free/Busy times still won't work. For normal users, Free/Busy times work fine! Here's more detail about the configurations. (1) Resource 'meetingroom' created in LDAP, resides in the same OU as the normal users. Has same objectClasses and attributes as normal user accounts PLUS objectClasses 'calEntry' and 'CalendarResource' with their attributes [values] 'Kind' [location] and 'Multiplebookings' [1]. Meetingroom's full LDAP set: # dn: mail=meetingr...@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com mail: meetingr...@mycompany.com mailQuota: 1048576
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
Hi Michal, > It's not important whether you have mailGroup objectClass or not I know. Any oC providing the mail attribute is required. >Just > review the objectClasses you mentioned for the email attribute and > choose one. My LDIF has objectClass mailUser and inetOrgPerson. Both of them provide the mail attribute. How do you set the ACL for the resource's calendar in order to make it readable for the other users? BR Irma ___ Am 02.11.2018 um 09:38 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, It's not important whether you have mailGroup objectClass or not. You need to add any objectClass that contains an email attribute. Just review the objectClasses you mentioned for the email attribute and choose one. Then check all attributes of the objectClasses, some attributes can be mandatory and some are optional. Choose an objectClass ideally with no mandatory attributes or mandatory attributes that already exist in your resource definition (sn, uid, ...) then just add the email attribute. Regards Michal Dne 01.11.2018 v 20:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Hi Michal, thank you very much for your reply. Great to know, that generally LDAP calendar resources in SOGo work without restriction. I guess that you do not use the iRedMail OpenLDAP server, because I do and there's no objectClass mailGroup available. My iRedMail OpenLDAP installation provides these mail-related objectClasses: - mailAdmin - mailAlias - mailDomain - mailExternalUser - mailList - mailUser BTW: If you use mailGroup, how do you login with the resource's account into SOGo in order to set the ACL? Are group accounts capable to login to SOGo in your environment? BR Irma ___ Am 31.10.2018 um 13:16 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, we use LDAP for users and resources. Just to comment some entries, Multiplebookings attribute works as expected the resource can be booked only once if set to 1, free/busy is shown correctly. We use mailgroup class so that our resource can have its own email address, the email address is fictitious. With mailgroup class comes email attribute. Additionally our resource is located in the same tree (ou=People,dc=example,dc=com) as the other users. As a result when creating a new event with the resource as a participant we get a hint (name of the resource) after writing first three letters (Mee...). It's given by the fact that SOGo offers hints only from the first configured LDAP resource in sogo.conf. It works in SOGo web interface and in Thunderbird with SOGo Integrator. The calendar has set the following right "View Time and Date" for "All Authenticated Users". Here is our LDAP entry - LDIF: dn: cn=Meeting Room,ou=People,dc=example,dc=com Multiplebookings: 1 Kind: location cn: Meeting Room objectClass: top objectClass: person objectClass: organizationalPerson objectClass: calendarresource objectClass: calEntry objectClass: account objectClass: mailgroup mail: meetingro...@example.com sn: meetingrooom uid: meetingrooom userPassword: parentid: 4 creatorsname: cn=directory manager nsuniqueid: 741f2031-e1b221e6-81e6eeab-baae8424 entryid: 106 hassubordinates: FALSE entrydn: cn=Meeting Room,ou=People,dc=example,dc=com numsubordinates: 0 subschemasubentry: cn=schema modifiersname: cn=directory manager Kind Regards, Michal Dne 30.10.2018 v 14:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Approved that it is an LDAP issue: - Removed objectClasses calEntry and CalendarResource from Meetingroom's LDAP set. - Result: Free/Busy times are being displayed during event creation! Again the question: Is there anybody with a working LDAP resources setup who could provide a sample LDIF of a resource? Thank you! BR Irma My resources' Free/Busy times still won't work. For normal users, Free/Busy times work fine! Here's more detail about the configurations. (1) Resource 'meetingroom' created in LDAP, resides in the same OU as the normal users. Has same objectClasses and attributes as normal user accounts PLUS objectClasses 'calEntry' and 'CalendarResource' with their attributes [values] 'Kind' [location] and 'Multiplebookings' [1]. Meetingroom's full LDAP set: # dn: mail=meetingr...@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com mail: meetingr...@mycompany.com mailQuota: 1048576 objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: mailUser objectClass: shadowAccount objectClass: amavisAccount objectClass: person objectClass: posixAccount objectClass: top objectClass: calEntry objectClass: CalendarResource storageBaseDirectory: /data/mboxes enabledService: indexer-worker
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
Hi Irma, It's not important whether you have mailGroup objectClass or not. You need to add any objectClass that contains an email attribute. Just review the objectClasses you mentioned for the email attribute and choose one. Then check all attributes of the objectClasses, some attributes can be mandatory and some are optional. Choose an objectClass ideally with no mandatory attributes or mandatory attributes that already exist in your resource definition (sn, uid, ...) then just add the email attribute. Regards Michal Dne 01.11.2018 v 20:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Hi Michal, thank you very much for your reply. Great to know, that generally LDAP calendar resources in SOGo work without restriction. I guess that you do not use the iRedMail OpenLDAP server, because I do and there's no objectClass mailGroup available. My iRedMail OpenLDAP installation provides these mail-related objectClasses: - mailAdmin - mailAlias - mailDomain - mailExternalUser - mailList - mailUser BTW: If you use mailGroup, how do you login with the resource's account into SOGo in order to set the ACL? Are group accounts capable to login to SOGo in your environment? BR Irma ___ Am 31.10.2018 um 13:16 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, we use LDAP for users and resources. Just to comment some entries, Multiplebookings attribute works as expected the resource can be booked only once if set to 1, free/busy is shown correctly. We use mailgroup class so that our resource can have its own email address, the email address is fictitious. With mailgroup class comes email attribute. Additionally our resource is located in the same tree (ou=People,dc=example,dc=com) as the other users. As a result when creating a new event with the resource as a participant we get a hint (name of the resource) after writing first three letters (Mee...). It's given by the fact that SOGo offers hints only from the first configured LDAP resource in sogo.conf. It works in SOGo web interface and in Thunderbird with SOGo Integrator. The calendar has set the following right "View Time and Date" for "All Authenticated Users". Here is our LDAP entry - LDIF: dn: cn=Meeting Room,ou=People,dc=example,dc=com Multiplebookings: 1 Kind: location cn: Meeting Room objectClass: top objectClass: person objectClass: organizationalPerson objectClass: calendarresource objectClass: calEntry objectClass: account objectClass: mailgroup mail: meetingro...@example.com sn: meetingrooom uid: meetingrooom userPassword: parentid: 4 creatorsname: cn=directory manager nsuniqueid: 741f2031-e1b221e6-81e6eeab-baae8424 entryid: 106 hassubordinates: FALSE entrydn: cn=Meeting Room,ou=People,dc=example,dc=com numsubordinates: 0 subschemasubentry: cn=schema modifiersname: cn=directory manager Kind Regards, Michal Dne 30.10.2018 v 14:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Approved that it is an LDAP issue: - Removed objectClasses calEntry and CalendarResource from Meetingroom's LDAP set. - Result: Free/Busy times are being displayed during event creation! Again the question: Is there anybody with a working LDAP resources setup who could provide a sample LDIF of a resource? Thank you! BR Irma My resources' Free/Busy times still won't work. For normal users, Free/Busy times work fine! Here's more detail about the configurations. (1) Resource 'meetingroom' created in LDAP, resides in the same OU as the normal users. Has same objectClasses and attributes as normal user accounts PLUS objectClasses 'calEntry' and 'CalendarResource' with their attributes [values] 'Kind' [location] and 'Multiplebookings' [1]. Meetingroom's full LDAP set: # dn: mail=meetingr...@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com mail: meetingr...@mycompany.com mailQuota: 1048576 objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: mailUser objectClass: shadowAccount objectClass: amavisAccount objectClass: person objectClass: posixAccount objectClass: top objectClass: calEntry objectClass: CalendarResource storageBaseDirectory: /data/mboxes enabledService: indexer-worker enabledService: doveadm enabledService: dsync enabledService: shadowaddress enabledService: displayedInGlobalAddressBook enabledService: mail enabledService: forwarding enabledService: deliver enabledService: lda enabledService: lmtp enabledService: smtp enabledService: smtpsecured enabledService: imap enabledService: imapsecured enabledService: imaptls enabledService: managesieve enabledService: managesievesecured enabledService: sogo enabledService: sieve enabledService: sievesecured enabledService: forward enabledService: senderbcc enabledService: recipientbcc
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
> On Nov 1, 2018, at 8:47 PM, Rene Schroth (rene.schr...@mmlab.de) > wrote: > > it would be great if you could confirm that iRedMail/OpenLDAP/SOGo is > defective regarding the calendar resources' FREE/BUSY times. > As we figured out, running SOGo with different LDAP servers, the calendar > resources work without issues. Hi Rene, I’m not sure what the “defective” means. A LDAP server just offers you key-value pairs, and that’s OpenLDAP in iRedMail does. SOGo reads/writes required LDAP attributes/values to implement this feature. What we need is a document to clearly explain which ldap attribute/values SOGo needs, and how it works, then we can add required attributes/values, maybe tuning ACL is required also. > Maybe it helps you if I tell you what is the "breaking" point regarding > FREE/BUSY times: > > As soon as you add the calEntry or calendarResource objectClass to an LDAP > user account, the BUSY time is not being displayed correctly anymore. It will > always show FREE! > Removing the objectClass again, BUSY time is being shown correctly, but of > course the account is no resource anymore and auto-accept on invitation won't > work anymore. Would you mind sending me an email (zhb _at_ iredmail _dot_ org)? let’s work together to figure it out if it’s not a SOGo bug. Zhang Huangbin, founder of iRedMail project: https://www.iredmail.org/ Time zone: GMT+2 (Slovenia/Ljubljana). Available on Telegram: https://t.me/iredmail -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
Hi Huangbin, it would be great if you could confirm that iRedMail/OpenLDAP/SOGo is defective regarding the calendar resources' FREE/BUSY times. As we figured out, running SOGo with different LDAP servers, the calendar resources work without issues. Maybe it helps you if I tell you what is the "breaking" point regarding FREE/BUSY times: As soon as you add the calEntry or calendarResource objectClass to an LDAP user account, the BUSY time is not being displayed correctly anymore. It will always show FREE! Removing the objectClass again, BUSY time is being shown correctly, but of course the account is no resource anymore and auto-accept on invitation won't work anymore. BR Irma ___ Am 23.10.2018 um 15:30 schrieb Zhang Huangbin (z...@iredmail.org): On Oct 23, 2018, at 11:29 AM, Christian Mack (christian.m...@uni-konstanz.de) wrote: multiplebookings set to -1 or 0 will not restrict overbooking at all, -1 will only show it booked already. multiple bookings set to 1 will only accept an invitation automatically, if there is no event already at that time. Check if that blocking event has "show time as free" set. In that case it will not block overbooking. I once had a problem with a client who had set a non existing time zone in his client, while inviting. Just for completeness: Overbooking is always possible by the owner of that account and everyone who have direct write privileges. Only invitations of that account are restricted. MultipleBookingsFieldName is only used, if you do not use the standard calendarResource and calEntry schemas. Then you can give another LDAP attribute name for looking up the MultipleBookings value. Hi Christian, How about add this info to the official SOGo document? Zhang Huangbin, founder of iRedMail project: https://www.iredmail.org/ Time zone: GMT+2 (Slovenia/Ljubljana). Available on Telegram: https://t.me/iredmail -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
Hi Michal, thank you very much for your reply. Great to know, that generally LDAP calendar resources in SOGo work without restriction. I guess that you do not use the iRedMail OpenLDAP server, because I do and there's no objectClass mailGroup available. My iRedMail OpenLDAP installation provides these mail-related objectClasses: - mailAdmin - mailAlias - mailDomain - mailExternalUser - mailList - mailUser BTW: If you use mailGroup, how do you login with the resource's account into SOGo in order to set the ACL? Are group accounts capable to login to SOGo in your environment? BR Irma ___ Am 31.10.2018 um 13:16 schrieb Michal Kminek (mkmi...@getnet.cz): Hi Irma, we use LDAP for users and resources. Just to comment some entries, Multiplebookings attribute works as expected the resource can be booked only once if set to 1, free/busy is shown correctly. We use mailgroup class so that our resource can have its own email address, the email address is fictitious. With mailgroup class comes email attribute. Additionally our resource is located in the same tree (ou=People,dc=example,dc=com) as the other users. As a result when creating a new event with the resource as a participant we get a hint (name of the resource) after writing first three letters (Mee...). It's given by the fact that SOGo offers hints only from the first configured LDAP resource in sogo.conf. It works in SOGo web interface and in Thunderbird with SOGo Integrator. The calendar has set the following right "View Time and Date" for "All Authenticated Users". Here is our LDAP entry - LDIF: dn: cn=Meeting Room,ou=People,dc=example,dc=com Multiplebookings: 1 Kind: location cn: Meeting Room objectClass: top objectClass: person objectClass: organizationalPerson objectClass: calendarresource objectClass: calEntry objectClass: account objectClass: mailgroup mail: meetingro...@example.com sn: meetingrooom uid: meetingrooom userPassword: parentid: 4 creatorsname: cn=directory manager nsuniqueid: 741f2031-e1b221e6-81e6eeab-baae8424 entryid: 106 hassubordinates: FALSE entrydn: cn=Meeting Room,ou=People,dc=example,dc=com numsubordinates: 0 subschemasubentry: cn=schema modifiersname: cn=directory manager Kind Regards, Michal Dne 30.10.2018 v 14:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Approved that it is an LDAP issue: - Removed objectClasses calEntry and CalendarResource from Meetingroom's LDAP set. - Result: Free/Busy times are being displayed during event creation! Again the question: Is there anybody with a working LDAP resources setup who could provide a sample LDIF of a resource? Thank you! BR Irma My resources' Free/Busy times still won't work. For normal users, Free/Busy times work fine! Here's more detail about the configurations. (1) Resource 'meetingroom' created in LDAP, resides in the same OU as the normal users. Has same objectClasses and attributes as normal user accounts PLUS objectClasses 'calEntry' and 'CalendarResource' with their attributes [values] 'Kind' [location] and 'Multiplebookings' [1]. Meetingroom's full LDAP set: # dn: mail=meetingr...@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com mail: meetingr...@mycompany.com mailQuota: 1048576 objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: mailUser objectClass: shadowAccount objectClass: amavisAccount objectClass: person objectClass: posixAccount objectClass: top objectClass: calEntry objectClass: CalendarResource storageBaseDirectory: /data/mboxes enabledService: indexer-worker enabledService: doveadm enabledService: dsync enabledService: shadowaddress enabledService: displayedInGlobalAddressBook enabledService: mail enabledService: forwarding enabledService: deliver enabledService: lda enabledService: lmtp enabledService: smtp enabledService: smtpsecured enabledService: imap enabledService: imapsecured enabledService: imaptls enabledService: managesieve enabledService: managesievesecured enabledService: sogo enabledService: sieve enabledService: sievesecured enabledService: forward enabledService: senderbcc enabledService: recipientbcc enabledService: internal enabledService: lib-storage amavisLocal: TRUE accountStatus: active shadowLastChange: 0 mailHost: localhost cn: Meetingroom gidNumber: 2104 homeDirectory: /data/mboxes/vmail1/mycompany.com/meetingroom/ mailMessageStore: vmail1/mycompany.com/meetingroom/ loginShell: /sbin/nologin sn: Meetingroom uid: meetingroom uidNumber: 2104 userPassword: {CRYPT}$6$ncaXAOch$FuQ9weAfqMUvbKlsam2X/e13t0cIMrnvz/S7q/XqrWq4xyK OigNGjMPYuvBvzVYrZRJPEUPatnFlHx5rhz74O1 displayName: Meetingroom Multiplebookings: 1 Kind: location ### (2) ACL
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
Hi Irma, we use LDAP for users and resources. Just to comment some entries, Multiplebookings attribute works as expected the resource can be booked only once if set to 1, free/busy is shown correctly. We use mailgroup class so that our resource can have its own email address, the email address is fictitious. With mailgroup class comes email attribute. Additionally our resource is located in the same tree (ou=People,dc=example,dc=com) as the other users. As a result when creating a new event with the resource as a participant we get a hint (name of the resource) after writing first three letters (Mee...). It's given by the fact that SOGo offers hints only from the first configured LDAP resource in sogo.conf. It works in SOGo web interface and in Thunderbird with SOGo Integrator. The calendar has set the following right "View Time and Date" for "All Authenticated Users". Here is our LDAP entry - LDIF: dn: cn=Meeting Room,ou=People,dc=example,dc=com Multiplebookings: 1 Kind: location cn: Meeting Room objectClass: top objectClass: person objectClass: organizationalPerson objectClass: calendarresource objectClass: calEntry objectClass: account objectClass: mailgroup mail: meetingro...@example.com sn: meetingrooom uid: meetingrooom userPassword: parentid: 4 creatorsname: cn=directory manager nsuniqueid: 741f2031-e1b221e6-81e6eeab-baae8424 entryid: 106 hassubordinates: FALSE entrydn: cn=Meeting Room,ou=People,dc=example,dc=com numsubordinates: 0 subschemasubentry: cn=schema modifiersname: cn=directory manager Kind Regards, Michal Dne 30.10.2018 v 14:37 Rene Schroth (rene.schr...@mmlab.de) napsal(a): Approved that it is an LDAP issue: - Removed objectClasses calEntry and CalendarResource from Meetingroom's LDAP set. - Result: Free/Busy times are being displayed during event creation! Again the question: Is there anybody with a working LDAP resources setup who could provide a sample LDIF of a resource? Thank you! BR Irma My resources' Free/Busy times still won't work. For normal users, Free/Busy times work fine! Here's more detail about the configurations. (1) Resource 'meetingroom' created in LDAP, resides in the same OU as the normal users. Has same objectClasses and attributes as normal user accounts PLUS objectClasses 'calEntry' and 'CalendarResource' with their attributes [values] 'Kind' [location] and 'Multiplebookings' [1]. Meetingroom's full LDAP set: # dn: mail=meetingr...@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com mail: meetingr...@mycompany.com mailQuota: 1048576 objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: mailUser objectClass: shadowAccount objectClass: amavisAccount objectClass: person objectClass: posixAccount objectClass: top objectClass: calEntry objectClass: CalendarResource storageBaseDirectory: /data/mboxes enabledService: indexer-worker enabledService: doveadm enabledService: dsync enabledService: shadowaddress enabledService: displayedInGlobalAddressBook enabledService: mail enabledService: forwarding enabledService: deliver enabledService: lda enabledService: lmtp enabledService: smtp enabledService: smtpsecured enabledService: imap enabledService: imapsecured enabledService: imaptls enabledService: managesieve enabledService: managesievesecured enabledService: sogo enabledService: sieve enabledService: sievesecured enabledService: forward enabledService: senderbcc enabledService: recipientbcc enabledService: internal enabledService: lib-storage amavisLocal: TRUE accountStatus: active shadowLastChange: 0 mailHost: localhost cn: Meetingroom gidNumber: 2104 homeDirectory: /data/mboxes/vmail1/mycompany.com/meetingroom/ mailMessageStore: vmail1/mycompany.com/meetingroom/ loginShell: /sbin/nologin sn: Meetingroom uid: meetingroom uidNumber: 2104 userPassword: {CRYPT}$6$ncaXAOch$FuQ9weAfqMUvbKlsam2X/e13t0cIMrnvz/S7q/XqrWq4xyK OigNGjMPYuvBvzVYrZRJPEUPatnFlHx5rhz74O1 displayName: Meetingroom Multiplebookings: 1 Kind: location ### (2) ACL settings on Meetingroom's SOGo Personal Calendar: Any Authenticated User: - Public / View All - Confidential / View All - Private / View All - This person can create objects in my calendar: NOT CHECKED - This person can erase objects from my calendar: NOT CHECKED (3) ACL settings on all Testusers' SOGo Personal Calendars: Any Authenticated User: - Public / View the Date & Time - Confidential / View the Date & Time - Private / View the Date & Time - This person can create objects in my calendar: NOT CHECKED - This person can erase objects from my calendar: NOT CHECKED Scenario: - Testuser us...@mycompany.com creates event1 on his SOGo Personal Calendar, inviting testuser us...@mycompany.com and meetingr...@mycompany.com. -
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
Hi Chris, thanks for your suggestion using SQL for calendar resources. I added it to my sogo.conf to give it a try. Unfortunately, the SOGo Web Interface is not accessible anymore having added it (502 Bad Gateway). Could it be that in order to use both LDAP and SQL user sources some further configurations have to be performed? BR Irma ___ Am 22.10.2018 um 20:58 schrieb Chris: On Mon, 22 Oct 2018 16:00:16 +0200 In the SOGo Installation manual https://sogo.nu/files/docs/SOGoInstallationGuide.html I read about a further attrbute called 'MultipleBookingsFieldName'. BUT: LDAP does not provide this attribute! If one modified the schema, maybe it would work, I don't know. I'm using LDAP for users, but mySQL for ressources: { type = sql; id = Ressourcen; displayName = "Ressourcen"; viewURL = "mysql://sogo:pass@localhost:3306/sogo/sogo_users"; canAuthenticate = YES; isAddressBook = YES; userPasswordAlgorithm = md5; KindFieldName = kind; MultipleBookingsFieldName = multiple_bookings; listRequiresDot = NO; } - Chris -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] SOGo Calendar Resources | Free/Busy Times
Approved that it is an LDAP issue: - Removed objectClasses calEntry and CalendarResource from Meetingroom's LDAP set. - Result: Free/Busy times are being displayed during event creation! Again the question: Is there anybody with a working LDAP resources setup who could provide a sample LDIF of a resource? Thank you! BR Irma My resources' Free/Busy times still won't work. For normal users, Free/Busy times work fine! Here's more detail about the configurations. (1) Resource 'meetingroom' created in LDAP, resides in the same OU as the normal users. Has same objectClasses and attributes as normal user accounts PLUS objectClasses 'calEntry' and 'CalendarResource' with their attributes [values] 'Kind' [location] and 'Multiplebookings' [1]. Meetingroom's full LDAP set: # dn: mail=meetingr...@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com mail: meetingr...@mycompany.com mailQuota: 1048576 objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: mailUser objectClass: shadowAccount objectClass: amavisAccount objectClass: person objectClass: posixAccount objectClass: top objectClass: calEntry objectClass: CalendarResource storageBaseDirectory: /data/mboxes enabledService: indexer-worker enabledService: doveadm enabledService: dsync enabledService: shadowaddress enabledService: displayedInGlobalAddressBook enabledService: mail enabledService: forwarding enabledService: deliver enabledService: lda enabledService: lmtp enabledService: smtp enabledService: smtpsecured enabledService: imap enabledService: imapsecured enabledService: imaptls enabledService: managesieve enabledService: managesievesecured enabledService: sogo enabledService: sieve enabledService: sievesecured enabledService: forward enabledService: senderbcc enabledService: recipientbcc enabledService: internal enabledService: lib-storage amavisLocal: TRUE accountStatus: active shadowLastChange: 0 mailHost: localhost cn: Meetingroom gidNumber: 2104 homeDirectory: /data/mboxes/vmail1/mycompany.com/meetingroom/ mailMessageStore: vmail1/mycompany.com/meetingroom/ loginShell: /sbin/nologin sn: Meetingroom uid: meetingroom uidNumber: 2104 userPassword: {CRYPT}$6$ncaXAOch$FuQ9weAfqMUvbKlsam2X/e13t0cIMrnvz/S7q/XqrWq4xyK OigNGjMPYuvBvzVYrZRJPEUPatnFlHx5rhz74O1 displayName: Meetingroom Multiplebookings: 1 Kind: location ### (2) ACL settings on Meetingroom's SOGo Personal Calendar: Any Authenticated User: - Public / View All - Confidential / View All - Private / View All - This person can create objects in my calendar: NOT CHECKED - This person can erase objects from my calendar: NOT CHECKED (3) ACL settings on all Testusers' SOGo Personal Calendars: Any Authenticated User: - Public / View the Date & Time - Confidential / View the Date & Time - Private / View the Date & Time - This person can create objects in my calendar: NOT CHECKED - This person can erase objects from my calendar: NOT CHECKED Scenario: - Testuser us...@mycompany.com creates event1 on his SOGo Personal Calendar, inviting testuser us...@mycompany.com and meetingr...@mycompany.com. - Meetingroom auto-accepts invitation and adds event to its SOGo Personal Calendar. - User2 gets invitation mail and event with dashed line in his mailbox and SOGo Personal Calendar respectively. - User2 accepts invitation (manual action). Event's line continuous now. - User1 gets confirmation mail and event status on all involved calendars show that both Meetingroom and User2 have accepted invitation. - Testuser us...@mycompany.com creates event2 overlapping event1's times, inviting User2, User4 and Meetingroom: -- Free/Busy times of User2 show: BLOCKED -- Free/Busy times of User4 show: FREE -- Free/Busy times of Meetingroom: FREE Conclusion: Everything works like expected, excepted Meetingroom's Free/Busy times. It should show BLOCKED on the 2nd event! Does anybody have OpenLDAP resources work correctly on SOGo? Thank you very much! BR Irma -- users@sogo.nu https://inverse.ca/sogo/lists __ Information from mm-lab IT security __The message was checked by ESET Mail Security. -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] SOGo Calendar Resources | Free/Busy Times
My resources' Free/Busy times still won't work. For normal users, Free/Busy times work fine! Here's more detail about the configurations. (1) Resource 'meetingroom' created in LDAP, resides in the same OU as the normal users. Has same objectClasses and attributes as normal user accounts PLUS objectClasses 'calEntry' and 'CalendarResource' with their attributes [values] 'Kind' [location] and 'Multiplebookings' [1]. Meetingroom's full LDAP set: # dn: mail=meetingr...@mycompany.com,ou=Users,domainName=mycompany.com,o=domains,dc=mycompany,dc=com mail: meetingr...@mycompany.com mailQuota: 1048576 objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: mailUser objectClass: shadowAccount objectClass: amavisAccount objectClass: person objectClass: posixAccount objectClass: top objectClass: calEntry objectClass: CalendarResource storageBaseDirectory: /data/mboxes enabledService: indexer-worker enabledService: doveadm enabledService: dsync enabledService: shadowaddress enabledService: displayedInGlobalAddressBook enabledService: mail enabledService: forwarding enabledService: deliver enabledService: lda enabledService: lmtp enabledService: smtp enabledService: smtpsecured enabledService: imap enabledService: imapsecured enabledService: imaptls enabledService: managesieve enabledService: managesievesecured enabledService: sogo enabledService: sieve enabledService: sievesecured enabledService: forward enabledService: senderbcc enabledService: recipientbcc enabledService: internal enabledService: lib-storage amavisLocal: TRUE accountStatus: active shadowLastChange: 0 mailHost: localhost cn: Meetingroom gidNumber: 2104 homeDirectory: /data/mboxes/vmail1/mycompany.com/meetingroom/ mailMessageStore: vmail1/mycompany.com/meetingroom/ loginShell: /sbin/nologin sn: Meetingroom uid: meetingroom uidNumber: 2104 userPassword: {CRYPT}$6$ncaXAOch$FuQ9weAfqMUvbKlsam2X/e13t0cIMrnvz/S7q/XqrWq4xyK OigNGjMPYuvBvzVYrZRJPEUPatnFlHx5rhz74O1 displayName: Meetingroom Multiplebookings: 1 Kind: location ### (2) ACL settings on Meetingroom's SOGo Personal Calendar: Any Authenticated User: - Public / View All - Confidential / View All - Private / View All - This person can create objects in my calendar: NOT CHECKED - This person can erase objects from my calendar: NOT CHECKED (3) ACL settings on all Testusers' SOGo Personal Calendars: Any Authenticated User: - Public / View the Date & Time - Confidential / View the Date & Time - Private / View the Date & Time - This person can create objects in my calendar: NOT CHECKED - This person can erase objects from my calendar: NOT CHECKED Scenario: - Testuser us...@mycompany.com creates event1 on his SOGo Personal Calendar, inviting testuser us...@mycompany.com and meetingr...@mycompany.com. - Meetingroom auto-accepts invitation and adds event to its SOGo Personal Calendar. - User2 gets invitation mail and event with dashed line in his mailbox and SOGo Personal Calendar respectively. - User2 accepts invitation (manual action). Event's line continuous now. - User1 gets confirmation mail and event status on all involved calendars show that both Meetingroom and User2 have accepted invitation. - Testuser us...@mycompany.com creates event2 overlapping event1's times, inviting User2, User4 and Meetingroom: -- Free/Busy times of User2 show: BLOCKED -- Free/Busy times of User4 show: FREE -- Free/Busy times of Meetingroom: FREE Conclusion: Everything works like expected, excepted Meetingroom's Free/Busy times. It should show BLOCKED on the 2nd event! Does anybody have OpenLDAP resources work correctly on SOGo? Thank you very much! BR Irma -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
> On Oct 23, 2018, at 11:29 AM, Christian Mack (christian.m...@uni-konstanz.de) > wrote: > > multiplebookings set to -1 or 0 will not restrict overbooking at all, -1 > will only show it booked already. > > multiple bookings set to 1 will only accept an invitation automatically, > if there is no event already at that time. > > Check if that blocking event has "show time as free" set. > In that case it will not block overbooking. > > I once had a problem with a client who had set a non existing time zone > in his client, while inviting. > > > Just for completeness: > Overbooking is always possible by the owner of that account and everyone > who have direct write privileges. > Only invitations of that account are restricted. > > MultipleBookingsFieldName is only used, if you do not use the standard > calendarResource and calEntry schemas. > Then you can give another LDAP attribute name for looking up the > MultipleBookings value. Hi Christian, How about add this info to the official SOGo document? Zhang Huangbin, founder of iRedMail project: https://www.iredmail.org/ Time zone: GMT+2 (Slovenia/Ljubljana). Available on Telegram: https://t.me/iredmail -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
Hello Am 22.10.18 um 16:00 schrieb Rene Schroth (rene.schr...@mmlab.de): > Hi SOGo Users and Admins! > > My setup consists of iRedMail (current version) with OpenLDAP and SOGo > Groupware. > > I almost implemented the calendar resources, using calendarResource and > calEntry objectClassings. > > Only remaining issue is, that the resource's (for instance: meetingroom) > FREE/BUSSY tines are not being displayes correctly during invitiation > creation - i.e. the already booked meetingroom is not being displayed as > BUSY! > > I tried all three values '-1', '0' and '1' for the meetingroom's > 'multiplebookings' LDAP attribute, but it won't show BUSY! > > In the SOGo Installation manual > https://sogo.nu/files/docs/SOGoInstallationGuide.html I read about a > further attrbute called 'MultipleBookingsFieldName'. BUT: LDAP does not > provide this attribute! > Is it a SOGo attribute which has to be configured somewhere in the SOGo > config files? > > Thank you very much! > multiplebookings set to -1 or 0 will not restrict overbooking at all, -1 will only show it booked already. multiple bookings set to 1 will only accept an invitation automatically, if there is no event already at that time. Check if that blocking event has "show time as free" set. In that case it will not block overbooking. I once had a problem with a client who had set a non existing time zone in his client, while inviting. Just for completeness: Overbooking is always possible by the owner of that account and everyone who have direct write privileges. Only invitations of that account are restricted. MultipleBookingsFieldName is only used, if you do not use the standard calendarResource and calEntry schemas. Then you can give another LDAP attribute name for looking up the MultipleBookings value. Kind regards, Christian Mack -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung Basisdienste 78457 Konstanz +49 7531 88-4416 smime.p7s Description: S/MIME Cryptographic Signature
Re: [SOGo] SOGo Calendar Resources | Free/Busy Times
On Mon, 22 Oct 2018 16:00:16 +0200 Rene Schroth wrote: > In the SOGo Installation manual > https://sogo.nu/files/docs/SOGoInstallationGuide.html I read about a > further attrbute called 'MultipleBookingsFieldName'. BUT: LDAP does > not provide this attribute! If one modified the schema, maybe it would work, I don't know. I'm using LDAP for users, but mySQL for ressources: { type = sql; id = Ressourcen; displayName = "Ressourcen"; viewURL = "mysql://sogo:pass@localhost:3306/sogo/sogo_users"; canAuthenticate = YES; isAddressBook = YES; userPasswordAlgorithm = md5; KindFieldName = kind; MultipleBookingsFieldName = multiple_bookings; listRequiresDot = NO; } - Chris -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] SOGo Calendar Resources | Free/Busy Times
Hi SOGo Users and Admins! My setup consists of iRedMail (current version) with OpenLDAP and SOGo Groupware. I almost implemented the calendar resources, using calendarResource and calEntry objectClassings. Only remaining issue is, that the resource's (for instance: meetingroom) FREE/BUSSY tines are not being displayes correctly during invitiation creation - i.e. the already booked meetingroom is not being displayed as BUSY! I tried all three values '-1', '0' and '1' for the meetingroom's 'multiplebookings' LDAP attribute, but it won't show BUSY! In the SOGo Installation manual https://sogo.nu/files/docs/SOGoInstallationGuide.html I read about a further attrbute called 'MultipleBookingsFieldName'. BUT: LDAP does not provide this attribute! Is it a SOGo attribute which has to be configured somewhere in the SOGo config files? Thank you very much! Best Regards, Irma -- users@sogo.nu https://inverse.ca/sogo/lists