Discussion:
[devinfo] LDAP add new OU
John Crisp
2017-10-04 12:03:26 UTC
Permalink
I am messing about with a sync between vTiger and LDAP so I can sync my
vTiger Contacts into LDAP for Thunderbird

Can someone give me some pointers on how to create a new Organizational
Unit ?

I can see in phpldapadmin I can create a Thunderbird address record, but
want it in its own OU so it doesn't get mixed with local users etc.

Any advice appreciated......

B. Rgds
John
_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at https://lists.contribs.org/mailman/public/devinfo/
Daniel Berteaud
2017-10-04 12:21:22 UTC
Permalink
Post by John Crisp
I am messing about with a sync between vTiger and LDAP so I can sync my
vTiger Contacts into LDAP for Thunderbird
Can someone give me some pointers on how to create a new Organizational
Unit ?
I can see in phpldapadmin I can create a Thunderbird address record, but
want it in its own OU so it doesn't get mixed with local users etc.
phpldapadmin should let you create new OU. I can't see a reason for any
SME script to touch an additional OU, so it should be fine.
Or you can use any other LDAP browser to create it (gq, luma, or ldapvi
for example). You'll need to use your LDAP admin credentials

See grep root /etc/openldap/slapd.conf for the credentials to use. Note
that if you try to use an LDAP browser from somewhere else than the
loopback, you'll need to use TLS (or you can use an SSH tunnel if you
prefer)

Let me know if you can get it done, or if you need more info on this.

Cheers,
Daniel
--
Logo FWS

*Daniel Berteaud*

FIREWALL-SERVICES SAS.
Société de Services en Logiciels Libres
Tel : 05 56 64 15 32 <tel:0556641532>
Visio : http://vroom.fws.fr/dani
/www.firewall-services.com/
John Crisp
2017-10-04 12:22:08 UTC
Permalink
Post by John Crisp
Any advice appreciated......
Ahh I can sein phpldaadmin I can 'Create New Entry' and then pick
Generic Organisational Unit

However I get permission denied. I think I might need Kamikaze enabled
to allow that ?


_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at https://lists.contribs.org/mailman/public/devinfo/
Daniel Berteaud
2017-10-04 12:23:53 UTC
Permalink
Post by John Crisp
Ahh I can sein phpldaadmin I can 'Create New Entry' and then pick
Generic Organisational Unit
However I get permission denied. I think I might need Kamikaze enabled
to allow that ?
Mmmm, I don't use this contrib. Can you check which LDAP credentials are
being used ?

++
--
Logo FWS

*Daniel Berteaud*

FIREWALL-SERVICES SAS.
Société de Services en Logiciels Libres
Tel : 05 56 64 15 32 <tel:0556641532>
Visio : http://vroom.fws.fr/dani
/www.firewall-services.com/
John Crisp
2017-10-04 12:27:43 UTC
Permalink
Post by Daniel Berteaud
Post by John Crisp
Ahh I can sein phpldaadmin I can 'Create New Entry' and then pick
Generic Organisational Unit
However I get permission denied. I think I might need Kamikaze enabled
to allow that ?
Mmmm, I don't use this contrib. Can you check which LDAP credentials are
being used ?
OK, you can do it but need to set it to Kamikaze mode.

Managed to create a new OU in the LDAP directory.

OK, onwards and upwards thanks
_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at
Daniel Berteaud
2017-10-04 12:22:47 UTC
Permalink
Post by John Crisp
I am messing about with a sync between vTiger and LDAP so I can sync my
vTiger Contacts into LDAP for Thunderbird
Slightly off topic, but it might be better to try to sync your Vtiger
contacts to a CardDav server (SOGo would do the job). This way, not only
Thunderbird can use them (using the sogo-connector extension) but any
mobile device too

++
--
Logo FWS

*Daniel Berteaud*

FIREWALL-SERVICES SAS.
Société de Services en Logiciels Libres
Tel : 05 56 64 15 32 <tel:0556641532>
Visio : http://vroom.fws.fr/dani
/www.firewall-services.com/
John Crisp
2017-10-04 12:30:00 UTC
Permalink
Post by Daniel Berteaud
Post by John Crisp
I am messing about with a sync between vTiger and LDAP so I can sync my
vTiger Contacts into LDAP for Thunderbird
Slightly off topic, but it might be better to try to sync your Vtiger
contacts to a CardDav server (SOGo would do the job). This way, not only
Thunderbird can use them (using the sogo-connector extension) but any
mobile device too
A god point, but the reason I looked is I found some code that would
sync with LDAP. We really only need it for desktops in the Office as you
can use vTiger mobile when out.

But I will see what else I can find for CardDAV
_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at https://lists
Michael Doerner | Technologywise
2017-10-04 18:08:48 UTC
Permalink
Post by John Crisp
Post by Daniel Berteaud
Post by John Crisp
I am messing about with a sync between vTiger and LDAP so I can sync my
vTiger Contacts into LDAP for Thunderbird
Slightly off topic, but it might be better to try to sync your Vtiger
contacts to a CardDav server (SOGo would do the job). This way, not only
Thunderbird can use them (using the sogo-connector extension) but any
mobile device too
A god point, but the reason I looked is I found some code that would
sync with LDAP. We really only need it for desktops in the Office as you
can use vTiger mobile when out.
But I will see what else I can find for CardDAV
I very much like Daniel's approach and would prefer to do it that way
(we use SOGo intensively) and have the contacts available for mobile
device users too.
Vtiger mobile seems too clumsy to me although I might not be up to date
with its latest version.

Michael
_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at https://lists.contribs.org/mailman/publi
John Crisp
2017-10-05 09:47:03 UTC
Permalink
Post by Michael Doerner | Technologywise
Post by John Crisp
But I will see what else I can find for CardDAV
I very much like Daniel's approach and would prefer to do it that way
(we use SOGo intensively) and have the contacts available for mobile
device users too.
We don't use SOGo at all (I have complete aversion to webmail), so it
means I have to install all that just for CardDav which is a lot of work
yadeeya. I have had a look at a simple stand-alone CardDav server but
nothing looks that easy.

I just thought I might as well try and use what I already have.

LDAP is there and I now know how to add a separate OU, and there is some
code to sync vTiger -> LDAP. Thunderbird can then just access the LDAP
directory.
Post by Michael Doerner | Technologywise
Vtiger mobile seems too clumsy to me although I might not be up to date
with its latest version.
Indeed it is - CoreBOS have quite a nice Mobile UI now which is pretty
useable and would work when out and about for picking up numbers. But we
are out so rarely it isn't a pressing issue.

http://demo.corebos.com/modules/Mobile/index.php

admin/admin

We are going to migrate to that in the not too distant future (finally
giving up on vTiger itself)

B. Rgds
John

PS Not long til beer o'clock Michael ;-)
_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at https://lists.contribs.org/mailman/public/devinfo/
Daniel Berteaud
2017-10-05 09:56:30 UTC
Permalink
Post by John Crisp
We don't use SOGo at all (I have complete aversion to webmail), so it
means I have to install all that just for CardDav which is a lot of work
yadeeya. I have had a look at a simple stand-alone CardDav server but
nothing looks that easy.
SOGo is mainly a very good Caldav/Carddav/ActiveSync server. It happens
to also include a webmail, but you don't have to use it (I use SOGo
extensively, but only touch its webmail once a month or so)

++
--
Logo FWS

*Daniel Berteaud*

FIREWALL-SERVICES SAS.
Société de Services en Logiciels Libres
Tel : 05 56 64 15 32 <tel:0556641532>
Visio : http://vroom.fws.fr/dani
/www.firewall-services.com/
John Crisp
2017-10-05 10:59:45 UTC
Permalink
Post by Daniel Berteaud
SOGo is mainly a very good Caldav/Carddav/ActiveSync server. It happens
to also include a webmail, but you don't have to use it (I use SOGo
extensively, but only touch its webmail once a month or so)
OK. I'll need to find some code to sync vTiger to CardDav ;-)
_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at https://lists.contribs.org/mailman/public/devinfo/
r***@vielnascher.net
2017-10-05 11:39:26 UTC
Permalink
Hi Everybody,
as of the next few weeks some Browsers like Chrome and Safari will mark websites that are not reachable via SSL as unsafe. Other Browsers will follow.
Beside that, Google starts to punish websites without SSL Certificates and soon wants to ban them from the search results.
So, as i know at the moment there can only be one SSL Certificat per Server installed. But i use this system for Hostings and so i have many ibays with many more domains on each server. And i do not think that i am the only one using this system this way.
So my question: in Version 10 or even for older Versions .. are there Solutions?
Best
Rudi
Pascal Schirrmann
2017-10-05 19:36:21 UTC
Permalink
Post by r***@vielnascher.net
Hi Everybody,
Hi Rudy,
Post by r***@vielnascher.net
So my question: in Version 10 or even for older Versions .. are there Solutions?
For SME 10, there is a free and complete solution : Let's encrypt.

I did see a contribs, but didn't use it (no real reasons,apartthat I'll
probably have to use Let's Encrypt outside SME world).

The Let's encrypt script browse the htttpd.conf and create one
certificate with all entries.

Two drawbacks :

1) As the certificate is unique for all sites, a quick look in it give
the list of all websites. Depending on your situation, this can be
allowed or not (two conccurent clients on the same server could dislike
that).
2) The cert only certifies that the connection is secure. But nothing
about the real person(s) behind the website. I'm a little bit reluctant
to use it for my workplace, I think it's alittle bit unclear.

If you really want to use more than one certificate on one IP address,
there is only one way : SNI. But this means that all your users use
fairly recent browsers.
Post by r***@vielnascher.net
Best
Rudi
Regards,
Pascal
Jean-Philippe PIALASSE
2017-10-10 01:06:49 UTC
Permalink
Post by Pascal Schirrmann
Post by r***@vielnascher.net
Hi Everybody,
Hi Rudy,
Hi Pascal and Rudy,

Pascal was pretty much to the point and give a pretty good answer,  I
Post by Pascal Schirrmann
Post by r***@vielnascher.net
 
So my question: in Version 10 or even for older Versions .. are there Solutions?
For SME 10, there is a free and complete solution : Let's encrypt.
In fact the contribs is for SME v9.

SME 10 is still pretty alpha, but letsencrypt should be included in base
in a near future.

 
Post by Pascal Schirrmann
I did see a contribs, but didn't use it (no real reasons,apartthat
I'll probably have to use Let's Encrypt outside SME world).
The Let's encrypt script browse the htttpd.conf and create one
certificate with all entries.
1) As the certificate is unique for all sites, a quick look in it give
the list of all websites. Depending on your situation, this can be
allowed or not (two conccurent clients on the same server could
dislike that).
2) The cert only certifies that the connection is secure. But nothing
about the real person(s) behind the website. I'm a little bit
reluctant to use it for my workplace, I think it's alittle bit unclear.
If you really want to use more than one certificate on one IP address,
there is only one way : SNI. But this means that all your users use
fairly recent browsers.
both way needs a pretty recent browser :
- either one supporting SNI
- either one supporting multiple domain per certificate

*_for SNI according to digicert_*
Desktop Browsers

    Internet Explorer 7 and later
    Firefox 2
    Opera 8 with TLS 1.1 enabled
    Google Chrome:
        Supported on Windows XP on Chrome 6 and later
        Supported on Vista and later by default
        OS X 10.5.7 in Chrome Version 5.0.342.0 and later
    Safari 2.1 and later (requires OS X 10.5.6 and later or Windows
Vista and later).
    Note: No versions of Internet Explorer on Windows XP support SNI


Mobile Browsers

    Mobile Safari for iOS 4.0
    Android 3.0 (Honeycomb) and later
    Windows Phone 7


_*for let's encrypt certificates:*_

Known Compatible

    Mozilla Firefox >= v2.0
    Google Chrome
    Internet Explorer on Windows XP SP3 and higher
    Microsoft Edge
    Android OS >= v2.3.6
    Safari >= v4.0 on macOS
    Safari on iOS >= v3.1
    Debian Linux >= v6
    Ubuntu Linux >= v12.04
    NSS Library >= v3.11.9
    Amazon FireOS (Silk Browser)
    Cyanogen > v10
    Jolla Sailfish OS > v1.1.2.16
    Kindle > v3.4.1
    Java 7 >= 7u111
    Java 8 >= 8u101
    Blackberry >= 10.3.3
    PS4 game console with firmware >= 5.00

Known Incompatible

    Blackberry < v10.3.3
    Android < v2.3.6
    Nintendo 3DS
    Windows XP prior to SP3
        cannot handle SHA-2 signed certificates
    Java 7 < 7u111
    Java 8 < 8u101
    Windows Live Mail (2012 mail client, not webmail)
        cannot handle certificates without a CRL
    PS3 game console
    PS4 game console with firmware < 5.00


Jean-Philippe

Dave Liquorice
2017-10-05 18:17:46 UTC
Permalink
I have SoGO purely as a means of transparently syncing calendars and contacts between my phone and tablet. I very rarely access SoGO directly. This uses DAVDroid on both devices and it "just works", on Android... Stock calendar and contacts apps.
--
Cheers
Dave.


-----Original Message-----
From: Michael Doerner | Technologywise <***@tw.co.nz>
To: ***@lists.contribs.org
Sent: Wed, 04 Oct 2017 19:10
Subject: Re: [devinfo] LDAP add new OU
Post by John Crisp
Post by Daniel Berteaud
Post by John Crisp
I am messing about with a sync between vTiger and LDAP so I can sync my
vTiger Contacts into LDAP for Thunderbird
Slightly off topic, but it might be better to try to sync your Vtiger
contacts to a CardDav server (SOGo would do the job). This way, not only
Thunderbird can use them (using the sogo-connector extension) but any
mobile device too
A god point, but the reason I looked is I found some code that would
sync with LDAP. We really only need it for desktops in the Office as you
can use vTiger mobile when out.
But I will see what else I can find for CardDAV
I very much like Daniel's approach and would prefer to do it that way
(we use SOGo intensively) and have the contacts available for mobile
device users too.
Vtiger mobile seems too clumsy to me although I might not be up to date
with its latest version.

Michael
_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at https://lists.contribs.org/mailman/public/devinfo/
_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at htt
Loading...