Hello
I am running sogo 1.3.12 on a debian squeeze. I have ldap
authentification and mysql. I met some trouble with agenda
- shared agendas do not appear anymore within iCal, they still appear
with thunderbird
- with iCal 4.0.4, the users cannot be found (LDAP server authentication), but
with iCal 5.0.1 it says the server cannot delegate at all
- it takes a very long time to identify each time through the certificate,
I did already send emails about this trouble but despite help from some of you
trouble is still here.
For investigation i configure memcache to have verbose log. My name's account is
mathilde and i suscribed to dardelet'agenda. in memcache.log i can see "
get mathilde+defaults
28 sending key mathilde+defaults
28 END
<28 get dardelet+settings
28 END
<28 set dardelet+settings 0 300 426
28 STORED
<28 get mathilde+settings
28 sending key mathilde+settings
28 END
<28 get dardelet+attributes
28 sending key dardelet+attributes0 0 280
"
If someone cuold help me. i did work fine before (i think with sogo1.3.9).
Mathilde
This is my apache configuration file :
<VirtualHost *:80>
ServerName sogo.icsn.cnrs-gif.fr
ServerAdmin [email protected]
<Location />
Redirect 301 / https://sogo.icsn.cnrs-gif.fr/SOGo
</Location>
ErrorLog ${APACHE_LOG_DIR}/http-default-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/http-default-access.log combined
</VirtualHost>
<VirtualHost *:8800>
ServerAdmin [email protected]
RewriteEngine Off
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
ProxyPassInterpolateEnv On
ProxyPass /principals http://127.0.0.1:20000/SOGo/dav/ interpolate
ProxyPass /SOGo http://127.0.0.1:20000/SOGo interpolate
ProxyPass / http://127.0.0.1:20000/SOGo/dav/ interpolate
<Location />
Order allow,deny
Allow from all
</Location>
<Proxy http://127.0.0.1:20000>
RequestHeader set "x-webobjects-server-port" "8800"
RequestHeader set "x-webobjects-server-name"
"sogo.icsn.cnrs-gif.fr:8800"
RequestHeader set "x-webobjects-server-url"
"http://sogo.icsn.cnrs-gif.fr:8800";
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
RequestHeader set "x-webobjects-remote-host" "127.0.0.1"
AddDefaultCharset UTF-8
</Proxy>
ErrorLog /var/log/apache2/sogo-ab-error.log
LogLevel warn
CustomLog /var/log/apache2/sogo-ab-access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName sogo.icsn.cnrs-gif.fr
ServerAdmin [email protected]
ErrorLog ${APACHE_LOG_DIR}/https-sogo-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/https-sogo-access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/cert-1140-sogo.icsn.cnrs-gif.fr.pem
SSLCertificateChainFile /etc/apache2/ssl/chain-1140-sogo.icsn.cnrs-gif.fr.pem
SSLCertificateKeyFile /etc/apache2/ssl/key-1140-sogo.icsn.cnrs-gif.fr.pem
#Cipher Order Fix for BEAST Attack Vector
SSLHonorCipherOrder on
SSLCipherSuite !aNULL:!eNULL:!EXPORT:!DSS:!DES:RC4-SHA:RC4-MD5:ALL
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
DocumentRoot /usr/lib/GNUstep/SOGo/WebServerResources/
ServerSignature Off
Alias /SOGo.woa/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*)
/usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2
<Directory /usr/lib/GNUstep/SOGo/>
AllowOverride None
Order deny,allow
Allow from all
</Directory>
<LocationMatch
"^/SOGo/so/ControlPanel/Products/.*UI/Resources/.*\.(jpg|png|gif|css|js)">
SetHandler default-handler
</LocationMatch>
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0
<Proxy http://127.0.0.1:20000/SOGo>
RequestHeader set "x-webobjects-server-port" "443"
RequestHeader set "x-webobjects-server-name" "sogo.icsn.cnrs-gif.fr"
RequestHeader set "x-webobjects-server-url" "https://sogo.icsn.cnrs-gif.fr";
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
RequestHeader set "x-webobjects-remote-host" "127.0.0.1"
AddDefaultCharset UTF-8
Order allow,deny
Allow from all
</Proxy>
RewriteEngine On
RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_ADDR},PT]
Redirect permanent /index.html https://sogo.icsn.cnrs-gif.fr/SOGo
</VirtualHost>
</ifModule>
<ifModule mod_ssl.c>
<VirtualHost *:8443>
ServerAdmin [email protected]
ServerName sogo.icsn.cnrs-gif.fr
Alias /SOGo.woa/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/ /usr/lib/GNUstep/SOGo/WebServerResources/
AliasMatch /SOGo/so/ControlPanel/Products/(.*)/Resources/(.*)
/usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/cert-1140-sogo.icsn.cnrs-gif.fr.pem
SSLCertificateChainFile /etc/apache2/ssl/chain-1140-sogo.icsn.cnrs-gif.fr.pem
SSLCertificateKeyFile /etc/apache2/ssl/key-1140-sogo.icsn.cnrs-gif.fr.pem
#Cipher Order Fix for BEAST Attack Vector
SSLHonorCipherOrder on
SSLCipherSuite !aNULL:!eNULL:!EXPORT:!DSS:!DES:RC4-SHA:RC4-MD5:ALL
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown downgrade-1.0
force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [7-9]" ssl-unclean-shutdown
# this virtualhost is only for caldav on Mac
RewriteEngine On
RewriteRule ^/.well-known/caldav$ /SOGo/dav/ [R]
RewriteRule ^/principals/users/(.*)$ /proxy/$1 [PT]
RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_ADDR},PT]
ProxyPreserveHost On
ProxyPassInterpolateEnv On
ProxyPass /proxy http://127.0.0.1:20000/SOGo/dav/ interpolate
ProxyPass /SOGo http://127.0.0.1:20000/SOGo interpolate
ProxyPass / http://127.0.0.1:20000/SOGo/dav/ interpolate
<Proxy http://127.0.0.1:20000/SOGo>
RequestHeader set "x-webobjects-server-port" "8443"
RequestHeader set "x-webobjects-server-name" "sogo.icsn.cnrs-gif.fr:8443"
RequestHeader set "x-webobjects-server-url"
"https://sogo.icsn.cnrs-gif.fr:8443";
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
RequestHeader set "x-webobjects-remote-host" "127.0.0.1"
AddDefaultCharset UTF-8
Order allow,deny
Allow from all
</Proxy>
ErrorLog /var/log/apache2/ical-error.log
LogLevel error
Customlog /var/log/apache2/ical-access.log combined
</VirtualHost>
</ifModule>
And my Gnustep :
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//GNUstep//DTD plist 0.9//EN"
"http://www.gnustep.org/plist-0_9.xml";>
<plist version="0.9">
<dict>
<key>NSGlobalDomain</key>
<dict>
</dict>
<key>sogod</key>
<dict>
<key>GCSFolderDebugEnable</key>
<string>NO</string>
<key>GCSFolderStoreDebugEnabled</key>
<string>NO</string>
<key>LDAPDebugEnabled</key>
<string>NO</string>
<key>NGUseUTF8AsURLEncoding</key>
<string>YES</string>
<key>OCSFolderInfoURL</key>
<string>mysql://sogo:[email protected]:3306/sogo/sogo_folder_info</string>
<key>OCSSessionsFolderURL</key>
<string>mysql://sogo:[email protected]:3306/sogo/sogo_sessions_folder</string>
<key>SOGoACLsSendEMailNotifications</key>
<string>YES</string>
<key>SOGoAppointmentSendEMailNotifications</key>
<string>YES</string>
<key>SOGoAuthenticationMethod</key>
<string>LDAP</string>
<key>SOGoCalendarDefaultRoles</key>
<array>
<string>PublicDandTViewer</string>
<string>ConfidentialDandTViewer</string>
<string>PrivateDandTViewer</string>
</array>
<key>SOGoDraftsFolderName</key>
<string>INBOX.Drafts</string>
<key>SOGoFirstDayOfWeek</key>
<string>1</string>
<key>SOGoFoldersSendEMailNotifications</key>
<string>YES</string>
<key>SOGoIMAPServer</key>
<string>imaps://mailhost</string>
<key>SOGoLanguage</key>
<string>French</string>
<key>SOGoMailDomain</key>
<string>icsn.cnrs-gif.fr</string>
<key>SOGoMailingMechanism</key>
<string>smtp</string>
<key>SOGoMemcachedHost</key>
<string>127.0.0.1</string>
<key>SOGoPasswordChangeEnabled</key>
<string>NO</string>
<key>SOGoProfileURL</key>
<string>mysql://sogo:[email protected]:3306/sogo/sogo_user_profile</string>
<key>SOGoSMTPServer</key>
<string>smtp-ext</string>
<key>SOGoSentFolderName</key>
<string>INBOX.Sent</string>
<key>SOGoSieveScriptsEnabled</key>
<string>YES</string>
<key>SOGoSieveServer</key>
<string>sieve://nantes:2000</string>
<key>SOGoSuperUsernames</key>
<array>
<string>mathilde</string>
</array>
<key>SOGoTimeZone</key>
<string>Europe/Paris</string>
<key>SOGoTrashFolderName</key>
<string>INBOX.Trash</string>
<key>SOGoUserSources</key>
<array>
<dict>
<key>CNFieldName</key>
<string>cn</string>
<key>IDFieldName</key>
<string>cn</string>
<key>UIDFieldName</key>
<string>uid</string>
<key>baseDN</key>
<string>ou=people,dc=icsn,dc=cnrs-gif,dc=fr</string>
<key>bindDN</key>
<string>cn=admin,dc=icsn,dc=cnrs-gif,dc=fr</string>
<key>bindFields</key>
<array>
<string>uid</string>
</array>
<key>bindPassword</key>
<string>secretpw</string>
<key>canAuthenticate</key>
<string>YES</string>
<key>displayName</key>
<string>Adresses partagees</string>
<key>encryption</key>
<string>ssl</string>
<key>hostname</key>
<string>nantes.icsn.cnrs-gif.fr</string>
<key>id</key>
<string>public</string>
<key>isAddressBook</key>
<string>YES</string>
<key>passPolicy</key>
<string>NO</string>
<key>passwordPolicy</key>
<string>NO</string>
<key>port</key>
<string>636</string>
<key>scope</key>
<string>SUB</string>
<key>type</key>
<string>ldap</string>
</dict>
</array>
<key>SOGoVacationEnabled</key>
<string>YES</string>
<key>WOPort</key>
<string>127.0.0.1:20000</string>
</dict>
</dict>
</plist>
--
Mathilde Rousseau tel: 01 69 82 45 84/ 06 10 27 96 32
Responsable du Service Informatique Commun,
ICSN UPR2301, Bâtiment 27
CNRS, 1 Av de la terrasse mail: [email protected]
91198 Gif sur Yvette cedex
--
[email protected]
https://inverse.ca/sogo/lists
