Sistemas‎ > ‎Linux‎ > ‎

CardDav com Active Directory usando SOGo

CardDav com Active Directory usando SOGo
Linux: Centos 7 (CentOS-7-x86_64-Minimal-1611.iso)
Versão: Sogo v3 com MySQL conectando no Active Directory (sogo-nightly-v3-rhel7)
Autor: Silvio Garbes em 10/07/2017
Fonte: https://sogo.nu/nc/support/faq/article/how-to-install-a-nightly-version-through-yum-2.html

# ------------- #
# Servidor MySQL #
# ------------- #


No servidor MySQL
  usuário: sogo
  senha: senhasogo
  banco: sogo

  CREATE USER 'sogo'@'192.168.1.1' IDENTIFIED WITH mysql_native_password;
  GRANT USAGE ON *.* TO 'sogo'@'192.168.1.1' REQUIRE NONE WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;
  SET PASSWORD FOR 'sogo'@'192.168.1.1' = '***';
  CREATE DATABASE IF NOT EXISTS `sogo`;
  GRANT ALL PRIVILEGES ON `sogo`.* TO 'sogo'@'192.168.1.1';

  CREATE TABLE `sogo_view` (
    `c_uid` varchar(20) NOT NULL,
    `c_name` varchar(50) NOT NULL,
    `c_password` varchar(32) NOT NULL,
    `c_cn` varchar(50) NOT NULL,
    `mail` varchar(50) NOT NULL
  ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

  INSERT INTO `sogo_view` (`c_uid`, `c_name`, `c_password`, `c_cn`, `mail`) VALUES
  ('silvio', 'silvio', 'e10adc3949ba59abbe56e057f20f883e', 'silvio', 'silvio@garbes.com.br');

  ALTER TABLE `sogo_view` ADD PRIMARY KEY (`c_uid`);


# ------------ #
# Servidor SOGo #
# ------------ #


# yum update
# vi /etc/selinux/config
SELINUX=disabled
# systemctl disable firewalld
# reboot
# vi /etc/yum.repos.d/SOGo.repo
[sogo-nightly-v3-rhel7]
name=Inverse SOGo Repository
baseurl=https://packages.inverse.ca/SOGo/nightly/3/rhel/7/$basearch
gpgcheck=1

# rpm --import "https://pgp.mit.edu/pks/lookup?op=get&search=0xCB2D3A2AA0030E2C"
# yum install sogo sope49-gdl1-mysql mod_ssl
# systemctl enable sogod
# systemctl enable httpd
# systemctl enable memcached

# vi /etc/sogo/sogo.conf

{
  /* *********************  Main SOGo configuration file  **********************
   *                                                                           *
   * Since the content of this file is a dictionary in OpenStep plist format,  *
   * the curly braces enclosing the body of the configuration are mandatory.   *
   * See the Installation Guide for details on the format.                     *
   *                                                                           *
   * C and C++ style comments are supported.                                   *
   *                                                                           *
   * This example configuration contains only a subset of all available        *
   * configuration parameters. Please see the installation guide more details. *
   *                                                                           *
   * ~sogo/GNUstep/Defaults/.GNUstepDefaults has precedence over this file,    *
   * make sure to move it away to avoid unwanted parameter overrides.          *
   *                                                                           *
   * **************************************************************************/

  /* Database configuration (mysql:// or postgresql://) */
  SOGoProfileURL = "mysql://sogo:senhasogo@sogodb.silviogarbes.com.br:3306/sogo/sogo_user_profile";
  OCSFolderInfoURL = "mysql://sogo:senhasogo@sogodb.silviogarbes.com.br:3306/sogo/sogo_folder_info";
  OCSSessionsFolderURL = "mysql://sogo:senhasogo@sogodb.silviogarbes.com.br:3306/sogo/sogo_sessions_folder";

  /* Mail */
  //SOGoDraftsFolderName = Drafts;
  //SOGoSentFolderName = Sent;
  //SOGoTrashFolderName = Trash;
  //SOGoIMAPServer = localhost;
  //SOGoSieveServer = sieve://127.0.0.1:4190;
  //SOGoSMTPServer = 127.0.0.1;
  //SOGoMailDomain = acme.com;
  //SOGoMailingMechanism = smtp;
  //SOGoForceExternalLoginWithEmail = NO;
  //SOGoMailSpoolPath = /var/spool/sogo;
  //NGImap4ConnectionStringSeparator = "/";

  /* Notifications */
  //SOGoAppointmentSendEMailNotifications = NO;
  //SOGoACLsSendEMailNotifications = NO;
  //SOGoFoldersSendEMailNotifications = NO;

  /* Authentication */
  //SOGoPasswordChangeEnabled = YES;

  /* LDAP authentication example */
  //SOGoUserSources = (
  //  {
  //    type = ldap;
  //    CNFieldName = cn;
  //    UIDFieldName = uid;
  //    IDFieldName = uid; // first field of the DN for direct binds
  //    bindFields = (uid, mail); // array of fields to use for indirect binds
  //    baseDN = "ou=users,dc=acme,dc=com";
  //    bindDN = "uid=sogo,ou=users,dc=acme,dc=com";
  //    bindPassword = qwerty;
  //    canAuthenticate = YES;
  //    displayName = "Shared Addresses";
  //    hostname = ldap://127.0.0.1:389;
  //    id = public;
  //    isAddressBook = YES;
  //  }
  //);

  /* LDAP AD/Samba4 example */
  //SOGoUserSources = (
  //  {
  //    type = ldap;
  //    CNFieldName = cn;
  //    UIDFieldName = sAMAccountName;
  //    baseDN = "CN=users,dc=domain,dc=tld";
  //    bindDN = "CN=sogo,CN=users,DC=domain,DC=tld";
  //    bindFields = (sAMAccountName, mail);
  //    bindPassword = password;
  //    canAuthenticate = YES;
  //    displayName = "Public";
  //    hostname = ldap://127.0.0.1:389;
  //    filter = "mail = '*'";
  //    id = directory;
  //    isAddressBook = YES;
  //  }
  //);


  /* SQL authentication example */
  /*  These database columns MUST be present in the view/table:
   *    c_uid - will be used for authentication -  it's the username or username@domain.tld)
   *    c_name - which can be identical to c_uid -  will be used to uniquely identify entries
   *    c_password - password of the user, plain-text, md5 or sha encoded for now
   *    c_cn - the user's common name - such as "John Doe"
   *    mail - the user's mail address
   *  See the installation guide for more details
   */
  //SOGoUserSources =
  //  (
  //    {
  //      type = sql;
  //      id = directory;
  //      viewURL = "postgresql://sogo:sogo@127.0.0.1:5432/sogo/sogo_view";
  //      canAuthenticate = YES;
  //      isAddressBook = YES;
  //      userPasswordAlgorithm = md5;
  //    }
  //  );
 
  domains = {
    mysql = {
      SOGoUserSources =
        (
          {
            type = sql;
            id = directorymysql;
            viewURL = "mysql://sogo:senhasogo@sogodb.silviogarbes.com.br:3306/sogo/sogo_view";
            canAuthenticate = YES;
            isAddressBook = No;
            userPasswordAlgorithm = md5;
          }
        );
    };
    activedirectory = {
      SOGoUserSources = (
        {
          type = ldap;
          CNFieldName = cn;
          UIDFieldName = sAMAccountName;
          baseDN = "ou=usuarios,dc=silviogarbes,dc=corp";
          bindDN = "cn=sogo,ou=sistema,ou=usuarios,dc=silviogarbes,dc=corp";
          bindFields = (sAMAccountName, mail);
          bindPassword = "SOGo@xpto";
          canAuthenticate = No;
          displayName = "Active Directory Silvio Garbes";
          hostname = ldap://ad.silviogarbes.com.br:389;
          filter = "mobile = '*'";
          id = directory;
          isAddressBook = YES;
        }
      );
    };
  };

  SOGoDomainsVisibility = ( (mysql, activedirectory) );

  /* Web Interface */
  //SOGoPageTitle = SOGo;
  //SOGoVacationEnabled = YES;
  //SOGoForwardEnabled = YES;
  //SOGoSieveScriptsEnabled = YES;
  //SOGoMailAuxiliaryUserAccountsEnabled = YES;
  //SOGoTrustProxyAuthentication = NO;
  //SOGoXSRFValidationEnabled = YES;

  /* General - SOGoTimeZone *MUST* be defined */
  SOGoLanguage = BrazilianPortuguese;
  SOGoTimeZone = America/Sao_Paulo;
  //SOGoCalendarDefaultRoles = (
  //  PublicDAndTViewer,
  //  ConfidentialDAndTViewer
  //);
  //SOGoSuperUsernames = (sogo1, sogo2); // This is an array - keep the parens!
  SxVMemLimit = 1024;
  //WOPidFile = "/var/run/sogo/sogo.pid";
  //SOGoMemcachedHost = "/var/run/memcached.sock";
  SOGoLoginModule = Contacts;
 
  /* Debug */
  //SOGoDebugRequests = YES;
  //SoDebugBaseURL = YES;
  //ImapDebugEnabled = YES;
  //LDAPDebugEnabled = YES;
  //PGDebugEnabled = YES;
  //MySQL4DebugEnabled = YES;
  //SOGoUIxDebugEnabled = YES;
  //WODontZipResponse = YES;
  //WOLogFile = /var/log/sogo/sogo.log;
}

# systemctl restart sogod
# systemctl restart httpd
# systemctl restart memcached

Acesse o link http://192.168.1.1/SOGo/
Acesse o link com https https://192.168.1.1/SOGo/

Ver logs
# tail /var/log/sogo/sogo.log
# tail /var/log/httpd/error_log

# ------------- #
# Cliente Android #
# ------------- #


Configurar cliente android

https://play.google.com/store/apps/details?id=org.dmfs.carddav.sync&hl=pt_BR
Nome do aplicativo: CardDAV-Sync free

Add account -> CardDAV
url: carddav.silviogarbes.com.br
Manter marcado Use SSL
Username: silvio
Password: silvio

Address book to sync:
Selecione Active Directory Silvio Garbes

Marque sync from server to phone only


Comments