CardDav com Active Directory usando SOGo

CardDav com Active Directory usando SOGo

Linux: Centos 7 (CentOS-7-x86_64-Minimal-1611.iso)

Versão: Sogo v3 com MySQL conectando no Active Directory (sogo-nightly-v3-rhel7)

Autor: Silvio Garbes em 10/07/2017

Fonte: https://sogo.nu/nc/support/faq/article/how-to-install-a-nightly-version-through-yum-2.html

# ------------- #

# Servidor MySQL #

# ------------- #

No servidor MySQL

usuário: sogo

senha: senhasogo

banco: sogo

CREATE USER 'sogo'@'192.168.1.1' IDENTIFIED WITH mysql_native_password;

GRANT USAGE ON *.* TO 'sogo'@'192.168.1.1' REQUIRE NONE WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;

SET PASSWORD FOR 'sogo'@'192.168.1.1' = '***';

CREATE DATABASE IF NOT EXISTS `sogo`;

GRANT ALL PRIVILEGES ON `sogo`.* TO 'sogo'@'192.168.1.1';

CREATE TABLE `sogo_view` (

`c_uid` varchar(20) NOT NULL,

`c_name` varchar(50) NOT NULL,

`c_password` varchar(32) NOT NULL,

`c_cn` varchar(50) NOT NULL,

`mail` varchar(50) NOT NULL

) ENGINE=InnoDB DEFAULT CHARSET=utf8;

INSERT INTO `sogo_view` (`c_uid`, `c_name`, `c_password`, `c_cn`, `mail`) VALUES

('silvio', 'silvio', 'e10adc3949ba59abbe56e057f20f883e', 'silvio', 'silvio@garbes.com.br');

ALTER TABLE `sogo_view` ADD PRIMARY KEY (`c_uid`);

# ------------ #

# Servidor SOGo #

# ------------ #

# yum update

# vi /etc/selinux/config

SELINUX=disabled

# systemctl disable firewalld

# reboot

# vi /etc/yum.repos.d/SOGo.repo

[sogo-nightly-v3-rhel7]

name=Inverse SOGo Repository

baseurl=https://packages.inverse.ca/SOGo/nightly/3/rhel/7/$basearch

gpgcheck=1

# rpm --import "https://pgp.mit.edu/pks/lookup?op=get&search=0xCB2D3A2AA0030E2C"

# yum install sogo sope49-gdl1-mysql mod_ssl

# systemctl enable sogod

# systemctl enable httpd

# systemctl enable memcached

# vi /etc/sogo/sogo.conf

{

/* ********************* Main SOGo configuration file **********************

* *

* Since the content of this file is a dictionary in OpenStep plist format, *

* the curly braces enclosing the body of the configuration are mandatory. *

* See the Installation Guide for details on the format. *

* *

* C and C++ style comments are supported. *

* *

* This example configuration contains only a subset of all available *

* configuration parameters. Please see the installation guide more details. *

* *

* ~sogo/GNUstep/Defaults/.GNUstepDefaults has precedence over this file, *

* make sure to move it away to avoid unwanted parameter overrides. *

* *

* **************************************************************************/

/* Database configuration (mysql:// or postgresql://) */

SOGoProfileURL = "mysql://sogo:senhasogo@sogodb.silviogarbes.com.br:3306/sogo/sogo_user_profile";

OCSFolderInfoURL = "mysql://sogo:senhasogo@sogodb.silviogarbes.com.br:3306/sogo/sogo_folder_info";

OCSSessionsFolderURL = "mysql://sogo:senhasogo@sogodb.silviogarbes.com.br:3306/sogo/sogo_sessions_folder";

/* Mail */

//SOGoDraftsFolderName = Drafts;

//SOGoSentFolderName = Sent;

//SOGoTrashFolderName = Trash;

//SOGoIMAPServer = localhost;

//SOGoSieveServer = sieve://127.0.0.1:4190;

//SOGoSMTPServer = 127.0.0.1;

//SOGoMailDomain = acme.com;

//SOGoMailingMechanism = smtp;

//SOGoForceExternalLoginWithEmail = NO;

//SOGoMailSpoolPath = /var/spool/sogo;

//NGImap4ConnectionStringSeparator = "/";

/* Notifications */

//SOGoAppointmentSendEMailNotifications = NO;

//SOGoACLsSendEMailNotifications = NO;

//SOGoFoldersSendEMailNotifications = NO;

/* Authentication */

//SOGoPasswordChangeEnabled = YES;

/* LDAP authentication example */

//SOGoUserSources = (

// {

// type = ldap;

// CNFieldName = cn;

// UIDFieldName = uid;

// IDFieldName = uid; // first field of the DN for direct binds

// bindFields = (uid, mail); // array of fields to use for indirect binds

// baseDN = "ou=users,dc=acme,dc=com";

// bindDN = "uid=sogo,ou=users,dc=acme,dc=com";

// bindPassword = qwerty;

// canAuthenticate = YES;

// displayName = "Shared Addresses";

// hostname = ldap://127.0.0.1:389;

// id = public;

// isAddressBook = YES;

// }

//);

/* LDAP AD/Samba4 example */

//SOGoUserSources = (

// {

// type = ldap;

// CNFieldName = cn;

// UIDFieldName = sAMAccountName;

// baseDN = "CN=users,dc=domain,dc=tld";

// bindDN = "CN=sogo,CN=users,DC=domain,DC=tld";

// bindFields = (sAMAccountName, mail);

// bindPassword = password;

// canAuthenticate = YES;

// displayName = "Public";

// hostname = ldap://127.0.0.1:389;

// filter = "mail = '*'";

// id = directory;

// isAddressBook = YES;

// }

//);

/* SQL authentication example */

/* These database columns MUST be present in the view/table:

* c_uid - will be used for authentication - it's the username or username@domain.tld)

* c_name - which can be identical to c_uid - will be used to uniquely identify entries

* c_password - password of the user, plain-text, md5 or sha encoded for now

* c_cn - the user's common name - such as "John Doe"

* mail - the user's mail address

* See the installation guide for more details

*/

//SOGoUserSources =

// (

// {

// type = sql;

// id = directory;

// viewURL = "postgresql://sogo:sogo@127.0.0.1:5432/sogo/sogo_view";

// canAuthenticate = YES;

// isAddressBook = YES;

// userPasswordAlgorithm = md5;

// }

// );

domains = {

mysql = {

SOGoUserSources =

(

{

type = sql;

id = directorymysql;

viewURL = "mysql://sogo:senhasogo@sogodb.silviogarbes.com.br:3306/sogo/sogo_view";

canAuthenticate = YES;

isAddressBook = No;

userPasswordAlgorithm = md5;

}

);

};

activedirectory = {

SOGoUserSources = (

{

type = ldap;

CNFieldName = cn;

UIDFieldName = sAMAccountName;

baseDN = "ou=usuarios,dc=silviogarbes,dc=corp";

bindDN = "cn=sogo,ou=sistema,ou=usuarios,dc=silviogarbes,dc=corp";

bindFields = (sAMAccountName, mail);

bindPassword = "SOGo@xpto";

canAuthenticate = No;

displayName = "Active Directory Silvio Garbes";

hostname = ldap://ad.silviogarbes.com.br:389;

filter = "mobile = '*'";

id = directory;

isAddressBook = YES;

}

);

};

};

SOGoDomainsVisibility = ( (mysql, activedirectory) );

/* Web Interface */

//SOGoPageTitle = SOGo;

//SOGoVacationEnabled = YES;

//SOGoForwardEnabled = YES;

//SOGoSieveScriptsEnabled = YES;

//SOGoMailAuxiliaryUserAccountsEnabled = YES;

//SOGoTrustProxyAuthentication = NO;

//SOGoXSRFValidationEnabled = YES;

/* General - SOGoTimeZone *MUST* be defined */

SOGoLanguage = BrazilianPortuguese;

SOGoTimeZone = America/Sao_Paulo;

//SOGoCalendarDefaultRoles = (

// PublicDAndTViewer,

// ConfidentialDAndTViewer

//);

//SOGoSuperUsernames = (sogo1, sogo2); // This is an array - keep the parens!

SxVMemLimit = 1024;

//WOPidFile = "/var/run/sogo/sogo.pid";

//SOGoMemcachedHost = "/var/run/memcached.sock";

SOGoLoginModule = Contacts;

/* Debug */

//SOGoDebugRequests = YES;

//SoDebugBaseURL = YES;

//ImapDebugEnabled = YES;

//LDAPDebugEnabled = YES;

//PGDebugEnabled = YES;

//MySQL4DebugEnabled = YES;

//SOGoUIxDebugEnabled = YES;

//WODontZipResponse = YES;

//WOLogFile = /var/log/sogo/sogo.log;

}

# systemctl restart sogod

# systemctl restart httpd

# systemctl restart memcached

Acesse o link http://192.168.1.1/SOGo/

Acesse o link com https https://192.168.1.1/SOGo/

Ver logs

# tail /var/log/sogo/sogo.log

# tail /var/log/httpd/error_log

# ------------- #

# Cliente Android #

# ------------- #

Configurar cliente android

https://play.google.com/store/apps/details?id=org.dmfs.carddav.sync&hl=pt_BR

Nome do aplicativo: CardDAV-Sync free

Add account -> CardDAV

url: carddav.silviogarbes.com.br

Manter marcado Use SSL

Username: silvio

Password: silvio

Address book to sync:

Selecione Active Directory Silvio Garbes

Marque sync from server to phone only