2012-02-25 23:45:20 +01:00
< !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
< html xmlns = "http://www.w3.org/1999/xhtml" xml:lang = "en"
lang="en" dir="ltr">
< head >
< meta http-equiv = "Content-Type" content = "text/html; charset=utf-8" / >
< title > < / title >
<!-- metadata -->
< meta name = "generator" content = "Offline" / >
< meta name = "version" content = "Offline 0.1" / >
<!-- style sheet links -->
< link rel = "stylesheet" media = "all" type = "text/css" href = "../../../../css/all.css" / >
< link rel = "stylesheet" media = "screen" type = "text/css" href = "../../../../css/screen.css" / >
< link rel = "stylesheet" media = "print" type = "text/css" href = "../../../../css/print.css" / >
< / head >
< body >
< div class = "dokuwiki export" >
2015-06-08 16:57:58 +02:00
< h1 class = "sectionedit1" id = "obm" > OBM< / h1 >
2012-02-25 23:45:20 +01:00
< div class = "level1" >
< p >
2015-12-18 10:46:34 +01:00
< a href = "/_detail/applications/obm_logo.png?id=documentation%3A1.9%3Aapplications%3Aobm" class = "media" title = "applications:obm_logo.png" > < img src = "../../../../media/applications/obm_logo.png" class = "mediacenter" alt = "" / > < / a >
2012-02-25 23:45:20 +01:00
< / p >
< / div >
2015-06-08 16:57:58 +02:00
<!-- EDIT1 SECTION "OBM" [1 - 54] -->
< h2 class = "sectionedit2" id = "presentation" > Presentation< / h2 >
2012-02-25 23:45:20 +01:00
< div class = "level2" >
< p >
2015-06-08 16:57:58 +02:00
< a href = "http://obm.org" class = "urlextern" title = "http://obm.org" rel = "nofollow" > OBM< / a > is enterprise-class messaging and collaboration platform for workgroup or enterprises with many thousands users. OBM includes Groupware, messaging server, CRM, LDAP, Windows Domain, smartphone and PDA synchronization…
2012-02-25 23:45:20 +01:00
< / p >
< p >
2015-06-08 16:57:58 +02:00
OBM is shipped with a < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > plugin with these features:
2012-02-25 23:45:20 +01:00
< / p >
< ul >
2015-06-08 16:57:58 +02:00
< li class = "level1" > < div class = "li" > < abbr title = "Single Sign On" > SSO< / abbr > on OBM web interface< / div >
2012-02-25 23:45:20 +01:00
< / li >
< li class = "level1" > < div class = "li" > Logout< / div >
< / li >
< li class = "level1" > < div class = "li" > User provisioning (account auto creation at first connection)< / div >
< / li >
< / ul >
< / div >
2015-06-08 16:57:58 +02:00
<!-- EDIT2 SECTION "Presentation" [55 - 488] -->
< h2 class = "sectionedit3" id = "configuration" > Configuration< / h2 >
2012-02-25 23:45:20 +01:00
< div class = "level2" >
< / div >
2015-06-08 16:57:58 +02:00
<!-- EDIT3 SECTION "Configuration" [489 - 515] -->
< h3 class = "sectionedit4" id = "obm1" > OBM< / h3 >
2012-02-25 23:45:20 +01:00
< div class = "level3" >
< p >
2015-06-08 16:57:58 +02:00
To enable < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > authentication plugin, go in < code > /etc/obm/obm_conf.inc< / code > :
2012-02-25 23:45:20 +01:00
< / p >
< pre class = "code file php" > < span class = "re0" > $auth_kind< / span > < span class = "sy0" > =< / span > < span class = "st_h" > 'LemonLDAP'< / span > < span class = "sy0" > ;< / span >
< span class = "re0" > $lemonldap_config< / span > < span class = "sy0" > =< / span > < a href = "http://www.php.net/array" > < span class = "kw3" > Array< / span > < / a > < span class = "br0" > ( < / span >
< span class = "st0" > " auto_update" < / span > < span class = "sy0" > => < / span > < span class = "kw4" > true< / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " auto_update_force_user" < / span > < span class = "sy0" > => < / span > < span class = "kw4" > true< / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " auto_update_force_group" < / span > < span class = "sy0" > => < / span > < span class = "kw4" > false< / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " url_logout" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " https://OBMURL/logout" < / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " server_ip_address" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " localhost" < / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " server_ip_check" < / span > < span class = "sy0" > => < / span > < span class = "kw4" > false< / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " debug_level" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " NONE" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > // " debug_header_name" => " HTTP_OBM_UID" ,< / span >
< span class = "co1" > // " group_header_name" => " HTTP_OBM_GROUPS" ,< / span >
< span class = "st0" > " headers_map" < / span > < span class = "sy0" > => < / span > < a href = "http://www.php.net/array" > < span class = "kw3" > Array< / span > < / a > < span class = "br0" > ( < / span >
< span class = "co1" > //" userobm_gid" => " HTTP_OBM_GID" ,< / span >
< span class = "co1" > //" userobm_domain_id" => ,< / span >
< span class = "st0" > " userobm_login" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_UID" < / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " userobm_password" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_USERPASSWORD" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobm_password_type" => ,< / span >
< span class = "st0" > " userobm_perms" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_PERMS" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobm_kind" => ,< / span >
< span class = "st0" > " userobm_lastname" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_SN" < / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " userobm_firstname" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_GIVENNAME" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > // " userobm_title" => " HTTP_OBM_TITLE" ,< / span >
< span class = "st0" > " userobm_email" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_MAIL" < / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " userobm_datebegin" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_DATEBEGIN" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobm_account_dateexp" => ,< / span >
< span class = "co1" > //" userobm_delegation_target" => ,< / span >
< span class = "co1" > //" userobm_delegation" => ,< / span >
< span class = "st0" > " userobm_description" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_DESCRIPTION" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobm_archive" => ,< / span >
< span class = "co1" > //" userobm_hidden" => ,< / span >
< span class = "co1" > //" userobm_status" => ,< / span >
< span class = "co1" > //" userobm_local" => ,< / span >
< span class = "co1" > //" userobm_photo_id" => ,< / span >
< span class = "st0" > " userobm_phone" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_TELEPHONENUMBER" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobom_phone2" => ,< / span >
< span class = "co1" > //" userobm_mobile" => ,< / span >
< span class = "st0" > " userobm_fax" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_FACSIMILETELEPHONENUMBER" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobm_fax2" => ,< / span >
< span class = "st0" > " userobm_company" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_O" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobm_direction" => ,< / span >
< span class = "st0" > " userobm_service" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_OU" < / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " userobm_address1" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_POSTALADDRESS" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobm_address2" => ,< / span >
< span class = "co1" > //" userobm_address3" => ,< / span >
< span class = "st0" > " userobm_zipcode" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_POSTALCODE" < / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " userobm_town" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_L" < / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " userobm_zipcode" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_POSTALCODE" < / span > < span class = "sy0" > ,< / span >
< span class = "st0" > " userobm_town" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_L" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobm_expresspostal" => ,< / span >
< span class = "co1" > //" userobm_host_id" => ,< / span >
< span class = "co1" > //" userobm_web_perms" => ,< / span >
< span class = "co1" > //" userobm_web_list" => ,< / span >
< span class = "co1" > //" userobm_web_all" => ,< / span >
< span class = "co1" > //" userobm_mail_perms" => ,< / span >
< span class = "co1" > //" userobm_mail_ext_perms" => ,< / span >
< span class = "co1" > //" userobm_mail_server_id" => ,< / span >
< span class = "co1" > //" userobm_mail_server_hostname" => ,< / span >
< span class = "st0" > " userobm_mail_quota" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_MAILQUOTA" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobm_nomade_perms" => ,< / span >
< span class = "co1" > //" userobm_nomade_enable" => ,< / span >
< span class = "co1" > //" userobm_nomade_local_copy" => ,< / span >
< span class = "co1" > //" userobm_email_nomade" => ,< / span >
< span class = "co1" > //" userobm_vacation_enable" => ,< / span >
< span class = "co1" > //" userobm_vacation_datebegin" => ,< / span >
< span class = "co1" > //" userobm_vacation_dateend" => ,< / span >
< span class = "co1" > //" userobm_vacation_message" => ,< / span >
< span class = "co1" > //" userobm_samba_perms" => ,< / span >
< span class = "co1" > //" userobm_samba_home" => ,< / span >
< span class = "co1" > //" userobm_samba_home_drive" => ,< / span >
< span class = "co1" > //" userobm_samba_logon_script" => ,< / span >
< span class = "co1" > // ---- Unused values ? ----< / span >
< span class = "st0" > " userobm_ext_id" < / span > < span class = "sy0" > => < / span > < span class = "st0" > " HTTP_OBM_SERIALNUMBER" < / span > < span class = "sy0" > ,< / span >
< span class = "co1" > //" userobm_system" => ,< / span >
< span class = "co1" > //" userobm_nomade_datebegin" => ,< / span >
< span class = "co1" > //" userobm_nomade_dateend" => ,< / span >
< span class = "co1" > //" userobm_location" => ,< / span >
< span class = "co1" > //" userobm_education" => ,< / span >
< span class = "br0" > ) < / span > < span class = "sy0" > ,< / span >
< span class = "br0" > ) < / span > < span class = "sy0" > ;< / span > < / pre >
< p >
Parameters:
< / p >
< ul >
2015-06-08 16:57:58 +02:00
< li class = "level1" > < div class = "li" > < strong > url_logout< / strong > : < abbr title = "Uniform Resource Locator" > URL< / abbr > used by OBM to logout, will be caught by < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > < / div >
2012-02-25 23:45:20 +01:00
< / li >
2015-06-08 16:57:58 +02:00
< li class = "level1" > < div class = "li" > < strong > headers_map< / strong > : map OBM internal field to < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > header< / div >
2012-02-25 23:45:20 +01:00
< / li >
< / ul >
< p >
2015-06-08 16:57:58 +02:00
Edit also OBM Apache configuration to enable < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > Handler:
2012-02-25 23:45:20 +01:00
< / p >
2015-06-08 16:57:58 +02:00
< pre class = "code file apache" > < < span class = "kw3" > VirtualHost< / span > *:< span class = "nu0" > 80< / span > >
2012-02-25 23:45:20 +01:00
< span class = "kw1" > ServerName< / span > obm.example.com
< span class = "co1" > # SSO protection< / span >
2014-05-22 11:58:26 +02:00
PerlHeaderParserHandler Lemonldap::NG::Handler
2012-02-25 23:45:20 +01:00
< span class = "kw1" > DocumentRoot< / span > /usr/share/obm/php
...
< /< span class = "kw3" > VirtualHost< / span > > < / pre >
< p >
2015-12-18 10:46:34 +01:00
< p > < div class = "noteimportant" > OBM Apache configuration must be loaded < strong > after< / strong > < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > < a href = "../../../documentation/1.9/configlocation.html#apache" class = "wikilink1" title = "documentation:1.9:configlocation" > Apache configuration< / a > .
2012-02-25 23:45:20 +01:00
< / div > < / p >
< / p >
< / div >
2015-06-08 16:57:58 +02:00
<!-- EDIT4 SECTION "OBM" [516 - 6179] -->
< h3 class = "sectionedit5" id = "llng" > LL::NG< / h3 >
2012-02-25 23:45:20 +01:00
< div class = "level3" >
< / div >
2015-06-08 16:57:58 +02:00
< h4 id = "attributes_and_macros" > Attributes and macros< / h4 >
2012-02-25 23:45:20 +01:00
< div class = "level4" >
< p >
You will need to collect all attributes needed to create a user in OBM, this includes:
< / p >
< ul >
< li class = "level1" > < div class = "li" > First name< / div >
< / li >
< li class = "level1" > < div class = "li" > Last name< / div >
< / li >
< li class = "level1" > < div class = "li" > Login< / div >
< / li >
< li class = "level1" > < div class = "li" > Mail< / div >
< / li >
< li class = "level1" > < div class = "li" > …< / div >
< / li >
< / ul >
< p >
To add these attributes, go in Manager, < code > Variables< / code > » < code > Exported Variables< / code > .
< / p >
< p >
2015-12-18 10:46:34 +01:00
< p > < div class = "noteimportant" > If you plan to forward user' s password to OBM, then you have to < a href = "../../../documentation/1.9/passwordstore.html" class = "wikilink1" title = "documentation:1.9:passwordstore" > keep the password in session< / a > .
2012-02-25 23:45:20 +01:00
< / div > < / p >
< / p >
< p >
You may also create these macros to manage OBM administrator account (< code > Variables< / code > » < code > Macros< / code > ):
< / p >
2015-06-08 16:57:58 +02:00
< div class = "table sectionedit6" > < table class = "inline" >
< thead >
2012-02-25 23:45:20 +01:00
< tr class = "row0 roweven" >
< th class = "col0" > field < / th > < th class = "col1" > value < / th >
< / tr >
2015-06-08 16:57:58 +02:00
< / thead >
2012-02-25 23:45:20 +01:00
< tr class = "row1 rowodd" >
< td class = "col0" > uidR < / td > < td class = "col1 leftalign" > ($uid =~ /^admin0/i)[0] ? " admin0\@global.virt" : $uid < / td >
< / tr >
< tr class = "row2 roweven" >
< td class = "col0 leftalign" > mailR < / td > < td class = "col1 leftalign" > ($uid =~ /^admin0/i)[0] ? " " : ($mail =~ /^([^@]+)/)[0] . " \@example.com" < / td >
< / tr >
2015-06-08 16:57:58 +02:00
< / table > < / div >
<!-- EDIT6 TABLE [6693 - 6872] -->
2012-02-25 23:45:20 +01:00
< / div >
2015-06-08 16:57:58 +02:00
< h4 id = "virtual_host" > Virtual host< / h4 >
2012-02-25 23:45:20 +01:00
< div class = "level4" >
< p >
2015-06-08 16:57:58 +02:00
Create OBM virtual host (for example obm.example.com) in < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > configuration: < code > Virtual Hosts< / code > » < code > New virtual host< / code > .
2012-02-25 23:45:20 +01:00
< / p >
< p >
Then edit rules and headers.
< / p >
< / div >
2015-06-08 16:57:58 +02:00
< h5 id = "rules" > Rules< / h5 >
2012-02-25 23:45:20 +01:00
< div class = "level5" >
< p >
Define at least:
< / p >
< ul >
< li class = "level1" > < div class = "li" > < strong > Default rule< / strong > : who can access to the application< / div >
< / li >
< li class = "level1" > < div class = "li" > < strong > Logout rule< / strong > : catch OBM logout< / div >
< / li >
< li class = "level1" > < div class = "li" > < strong > Exceptions< / strong > : allow anonymous access for specific URLs (connectors, etc.)< / div >
< / li >
< / ul >
2015-06-08 16:57:58 +02:00
< div class = "table sectionedit7" > < table class = "inline" >
< thead >
2012-02-25 23:45:20 +01:00
< tr class = "row0 roweven" >
< th class = "col0" > field < / th > < th class = "col1" > value < / th >
< / tr >
2015-06-08 16:57:58 +02:00
< / thead >
2012-02-25 23:45:20 +01:00
< tr class = "row1 rowodd" >
< td class = "col0" > ^/logout< / td > < td class = "col1" > logout_sso< / td >
< / tr >
< tr class = "row2 roweven" >
< td class = "col0" > ^/obm-sync< / td > < td class = "col1" > unprotect< / td >
< / tr >
< tr class = "row3 rowodd" >
< td class = "col0" > ^/minig< / td > < td class = "col1" > unprotect< / td >
< / tr >
< tr class = "row4 roweven" >
< td class = "col0" > ^/Microsoft-Server-ActiveSync< / td > < td class = "col1" > unprotect< / td >
< / tr >
< tr class = "row5 rowodd" >
< td class = "col0" > ^/caldav< / td > < td class = "col1" > unprotect< / td >
< / tr >
< tr class = "row6 roweven" >
< td class = "col0" > default< / td > < td class = "col1" > accept (or whatever you want)< / td >
< / tr >
2015-06-08 16:57:58 +02:00
< / table > < / div >
<!-- EDIT7 TABLE [7254 - 7477] -->
2012-02-25 23:45:20 +01:00
< / div >
2015-06-08 16:57:58 +02:00
< h5 id = "headers" > Headers< / h5 >
2012-02-25 23:45:20 +01:00
< div class = "level5" >
< p >
Define headers used in OBM mapping, for example:
< / p >
2015-06-08 16:57:58 +02:00
< div class = "table sectionedit8" > < table class = "inline" >
< thead >
2012-02-25 23:45:20 +01:00
< tr class = "row0 roweven" >
< th class = "col0" > field < / th > < th class = "col1" > valeur < / th >
< / tr >
2015-06-08 16:57:58 +02:00
< / thead >
2012-02-25 23:45:20 +01:00
< tr class = "row1 rowodd" >
< td class = "col0" > OBM_GIVENNAME< / td > < td class = "col1" > $givenName< / td >
< / tr >
< tr class = "row2 roweven" >
< td class = "col0" > OBM_GROUPS< / td > < td class = "col1" > $groups< / td >
< / tr >
< tr class = "row3 rowodd" >
< td class = "col0" > OBM_UID< / td > < td class = "col1" > $uidR< / td >
< / tr >
< tr class = "row4 roweven" >
< td class = "col0" > OBM_MAIL< / td > < td class = "col1" > $mailR< / td >
< / tr >
< tr class = "row5 rowodd" >
< td class = "col0" > OBM_USERPASSWORD< / td > < td class = "col1" > $_password< / td >
< / tr >
2015-06-08 16:57:58 +02:00
< / table > < / div >
<!-- EDIT8 TABLE [7543 - 7671] -->
2012-02-25 23:45:20 +01:00
< / div >
2015-06-08 16:57:58 +02:00
< h4 id = "other" > Other< / h4 >
2012-02-25 23:45:20 +01:00
< div class = "level4" >
< p >
2015-12-18 10:46:34 +01:00
Do not forget to add OBM in < a href = "../../../documentation/1.9/portalmenu.html#categories_and_applications" class = "wikilink1" title = "documentation:1.9:portalmenu" > applications menu< / a > .
2012-02-25 23:45:20 +01:00
< / p >
< / div >
2015-06-08 16:57:58 +02:00
< / div > <!-- closes <div class="dokuwiki export"> -->