Hi folks, We're trying to setup a multi-domain Sogo and have run into an issue with ActiveSync - the http/https requests http://hostname.dom/Microsoft-Server-ActiveSync immediately fail with a 403 forbidden error without even attempting/requesting a login.
The Sogo login and autodiscover login both work fine.
I just can't seem to see where the issue is - looks like an apache error as
it's not even getting to the Sogo/Openchange debug logs.
Can anyone see any glaring errors in the SOGo.conf below? Are there any other
config files that could be the issue?
Thanks in advance,
-Craig
----------------------
Alias /SOGo.woa/WebServerResources/ \
/usr/lib/GNUstep/SOGo/WebServerResources/
Alias /SOGo/WebServerResources/ \
/usr/lib/GNUstep/SOGo/WebServerResources/
Redirect /Autodiscover/Autodiscover.xml /autodiscover/autodiscover.xml
Redirect /AutoDiscover/AutoDiscover.xml /autodiscover/autodiscover.xml
<Directory /usr/lib/GNUstep/SOGo/>
AllowOverride None
<IfVersion < 2.4>
Order deny,allow
Allow from all
</IfVersion>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
# Explicitly allow caching of static content to avoid browser specific
behavior.
# A resource's URL MUST change in order to have the client load the new
version.
<IfModule expires_module>
ExpiresActive On
ExpiresDefault "access plus 1 year"
</IfModule>
</Directory>
## Uncomment the following to enable proxy-side authentication, you will then
## need to set the "SOGoTrustProxyAuthentication" SOGo user default to YES and
## adjust the "x-webobjects-remote-user" proxy header in the "Proxy" section
## below.
#
## For full proxy-side authentication:
#<Location /SOGo>
# AuthType XXX
# Require valid-user
# SetEnv proxy-nokeepalive 1
# Allow from all
#</Location>
#
## For proxy-side authentication only for CardDAV and GroupDAV from external
## clients:
#<Location /SOGo/dav>
# AuthType XXX
# Require valid-user
# SetEnv proxy-nokeepalive 1
# Allow from all
#</Location>
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
# When using CAS, you should uncomment this and install cas-proxy-validate.py
# in /usr/lib/cgi-bin to reduce server overloading
#
# ProxyPass /SOGo/casProxy http://localhost/cgi-bin/cas-proxy-validate.py
# <Proxy http://localhost/app/cas-proxy-validate.py>
# Order deny,allow
# Allow from your-cas-host-addr
# </Proxy>
# Enable to use Microsoft ActiveSync support
# Note that you MUST have many sogod workers to use ActiveSync.
# See the SOGo Installation and Configuration guide for more details.
#
ProxyPass /Microsoft-Server-ActiveSync \
http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync \
retry=60 connectiontimeout=5 timeout=360
ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0
<Proxy http://127.0.0.1:20000/SOGo>
## adjust the following to your configuration
RequestHeader set "x-webobjects-server-port" "443"
RequestHeader set "x-webobjects-server-name" "%{HTTP_HOST}e" env=HTTP_HOST
RequestHeader set "x-webobjects-server-url" "https://%{HTTP_HOST}e";
env=HTTP_HOST
# RequestHeader set "x-webobjects-server-port" "80"
# RequestHeader set "x-webobjects-server-name"
"exchange-xxx-x.smtp-engine.com"
# RequestHeader set "x-webobjects-server-url"
"http://exchange-xxx-x.smtp-engine.com";
## When using proxy-side autentication, you need to uncomment and
## adjust the following line:
# RequestHeader unset "x-webobjects-remote-user"
# RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e"
env=REMOTE_USER
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
# RequestHeader set "x-webobjects-remote-host" %{REMOTE_HOST}e
env=REMOTE_HOST
AddDefaultCharset UTF-8
<IfVersion < 2.4>
Order deny,allow
Allow from all
</IfVersion>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
</Proxy>
# For Apple autoconfiguration
<IfModule rewrite_module>
RewriteEngine On
RewriteRule ^/.well-known/caldav/?$ /SOGo/dav [R=301]
RewriteRule ^/.well-known/carddav/?$ /SOGo/dav [R=301]
</IfModule>
---------------------------
smime.p7s
Description: S/MIME cryptographic signature
