Zarafa Groupware on Ubuntu Linux

This article describes my way for implementing a Zarafa Groupware instance onto a Ubuntu Linux virtual machine.

System configuration

Install Ubuntu 8.04 LTS Server. I did it as a domU. Configure the network interface (/etc/hostname/etc/network/interfaces/etc/resolv.conf), activate the SSH daemon (# apt-get install openssh-server) and configure the Syslog daemon (/etc/syslog.conf).

Install Zarafa

Download the Zarafa Community Edition (zarafa-6.30.1-ubuntu8.04-i386.tar.gz).

Install the Zarafa dependancies:

# sudo apt-get install mysql-server apache2-mpm-prefork libapache2-mod-php5

Decompress the Zarafa archive:

# tar xzf zarafa-6.30.1-ubuntu8.04-i386.tar.gz

Enter the zarafa-6.30.1-ubuntu8.04-i386 directory and run the installer:

# sudo ./install.sh

When asked for the Server serial number, just leave empty for none as the Community Edition does not require any serial.

Fill-in the MySQL configuration parameters.

Select syslog as a Log method each time you’re asked. This enables sending the log outside Zarafa.

Answer y when asked Do you wish to run the Zarafa gateway as well?. The zarafa-gateway program provides POP3 and IMAP support.

Accept to start the server and the configured services now.

Edit /etc/php5/apache2/php.ini and configure magic_quotes_gpc = Off.

Restart Apache to validate the change:

# sudo /etc/init.d/apache2 restart

Freeze some librairies Zarafa depends on which could be upgraded by a system upgrade:

# sudo sh -c ‘echo libvmime0 hold | dpkg –set-selections’
# sudo sh -c ‘echo libical0 hold | dpkg –set-selections’

That’s it! Zarafa is installed.

Tune Zarafa’s install

Run as an unpriviledged user

Create the Zarafa user and group:

# sudo groupadd -g 1002 zarafa
# sudo useradd -u 1002 -g zarafa -c ‘Zarafa user’ -s /bin/false -d /nonexistent zarafa

Change log permissions:

# sudo chown -R zarafa:zarafa /var/log/zarafa

Modify the configurations files (except licensed.cfg because of permissions issue in the init.d script) to run as the zarafa user:

# sudo egrep "run_as|syslog$" /etc/zarafa/*
/etc/zarafa/dagent.cfg:log_method	=	syslog
/etc/zarafa/dagent.cfg:run_as_user = zarafa
/etc/zarafa/dagent.cfg:run_as_group = zarafa
/etc/zarafa/gateway.cfg:run_as_user = zarafa
/etc/zarafa/gateway.cfg:run_as_group = zarafa
/etc/zarafa/gateway.cfg:log_method	=	syslog
/etc/zarafa/ical.cfg:run_as_user = zarafa
/etc/zarafa/ical.cfg:run_as_group = zarafa
/etc/zarafa/licensed.cfg:run_as_user		=
/etc/zarafa/licensed.cfg:run_as_group		= zarafa
/etc/zarafa/licensed.cfg:log_method		= syslog
/etc/zarafa/monitor.cfg:run_as_user = zarafa
/etc/zarafa/monitor.cfg:run_as_group = zarafa
/etc/zarafa/monitor.cfg:log_method	=	syslog
/etc/zarafa/server.cfg:run_as_user		= zarafa
/etc/zarafa/server.cfg:run_as_group		= zarafa
/etc/zarafa/server.cfg:log_method		= syslog
/etc/zarafa/spooler.cfg:run_as_user = zarafa
/etc/zarafa/spooler.cfg:run_as_group = zarafa
/etc/zarafa/spooler.cfg:log_method	=	syslog

Enable LMTP delivery:

# grep ENABLED /etc/init.d/zarafa-dagent
ENABLED=0

Remove the vmail user from the local admins:

# vim /etc/zarafa/server.cfg
local_admin_users = root

Strengthening the services

Remove POP3 access and replace IMAP with IMAPS.

Enable “Over the Air” (OTA)

Z-Push is an Open Source implementation of Microsoft’s ActiveSync protocol.

Fetch the z-push package and untar the archive in the Apache directory:

# sudo tar xzf z-push-1.2.2.tar.gz -C /var/www/

Modify the permissions:

# chmod 755 /var/www/z-push/state
# chown www-data.www-data /var/www/z-push/state

Add an alias definition to the Apache configuration:

--- /etc/apache2/sites-available/default.orig	2009-08-18 16:13:41.000000000 +0200
+++ /etc/apache2/sites-available/default	2009-09-07 23:30:39.000000000 +0200
@@ -41,3 +41,5 @@
     </Directory>

+    Alias /Microsoft-Server-ActiveSync /var/www/z-push/index.php
+
 </VirtualHost>

Install the PEAR-Mail package:

# sudo apt-get install php-mail

Create users

Create the users from the shell:

# sudo zarafa-admin -c login -p DifficultPassword -f ‘Full Name’ -e email@address.tld -a no
# sudo zarafa-admin -c another -f ‘Password not written on Shell Command’ -e email@address.tld -a no -P

Note: on my LDAP-based installation, the creation of a user entry in the LDAP branch is enough to create the Zarafa user.

Delete users

On my LDAP-based installation, deleting a user from the LDAP branch leads to the deletion of the Zarafa user.

Configuring SMTP backend

Install Postfix to enable mail delivery:

# sudo apt-get install postfix postfix-ldap

When asked, choose the No Configuration profile and install the default configuration file:

# sudo cp -p /usr/share/postfix/main.cf.debian /etc/postfix/main.cf

Update /etc/postfix/main.cf:

--- main.cf.orig	2008-09-10 01:55:08.000000000 +0200
+++ main.cf	2009-09-07 22:47:29.000000000 +0200
@@ -17,2 +17,12 @@

 readme_directory = no
+
+myhostname = zarafa.tumfatig.net
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+mydestination = $myhostname, localhost.$mydomain
+relayhost = gwmail.tumfatig.net
+mynetworks = 127.0.0.0/8
+#mailbox_size_limit = 0
+#recipient_delimiter = +
+
+virtual_transport = lmtp:127.0.0.1:2003
+virtual_mailbox_domains = tumfatig.net, carnat.net
+
+virtual_mailbox_maps = ldap:ldap-users
+ldap-users_server_host = ldap.tumfatig.net
+ldap-users_search_base = ou=users,dc=tumfatig,dc=net
+ldap-users_scope = sub
+ldap-users_query_filter = (mail=%s)
+ldap-users_result_attribute = uid
+#
+virtual_alias_maps = ldap:ldap-alias
+ldap-alias_server_host = ldap.tumfatig.net
+ldap-alias_search_base = ou=users,dc=tumfatig,dc=net
+ldap-alias_scope = sub
+ldap-alias_query_filter = (mailAlternateAddress=%s)
+ldap-alias_result_attribute = mail

Create the vmail user:

# sudo groupadd -g 1001 vmail
# sudo useradd -u 1001 -g vmail -c ‘Virtual E-Mail user’ -s /bin/false -d /nonexistent vmail

Start Postfix and begin sending mail. Configure the MX and/or gateway to start recieving emails.

Connecting users

Microsoft Outlook

Install Outlook (2007 SP2).

Download and install the Zarafa Client.

Create a new mail profil and name it Zarafa.

Check the manual configuration option and click “Next”.

Choose the “Other” messaging system type and select “Zarafa 6 Server” ; then click “Next.”

Fill-in the configuration parameters and click “OK”:

  • Server name: the server’s FQDN;
  • Port: 443;
  • Activate HTTPS: yes;
  • Login: the user login;
  • Password: the user password;
  • Connection type: cache mode.

Start Outlook and use it.

The folders are created using the server’s language settings. If your user does not speak that particular language, you can tell outlook to convert the folder name to it’s language. Just run outlook.exe /resetfoldernames and you’re done.

Mozilla Thunderbird and Lightning

Install Mozilla Thunderbird (2.0.0.23 for Windows) and create an IMAP account.

  • Enter the Zarafa server’s hostname as the IMAP server;
  • Enter the Zarafa server’s hostname as the SMTP server;
  • Fill-in the login and password;
  • Correct the folder name if you want to use the same folders in WebAccess.

Install the Lightning (0.9) plugin.

Create a New Agenda.

Select the located on network option.

Choose the CalDAV format and fill-in the URL (http://zarafa.tumfatig.net:8080/caldav).

If you want to access a shared calendar, use the http://zarafa.tumfatig.net:8080/caldav/otheruser URL.

Apple Mail and iCal

Start Mail and configure an IMAP account.

Start iCal and open the Preferences:

  • Goto the Accounts section and click the + (plus) sign;
  • Select the CalDAV account type;
  • Fill-in your user login and password;
  • Fill-in the server address (http://zarafa.tumfatig.net:8080/caldav);
  • Click Create.

Mail migration

To synchronise email (via IMAP) between the old and the new mail system, you can use the imapsync tool:

# sudo apt-get install imapsync
# /usr/bin/imapsync 
--host1 _OLD_SERVER --ssl1 
--user1 _OLD_USER --authmech1 LOGIN --password1 _OLD_PASSWD 
--host2 _NEW_SERVER 
--user2 _NEW_USER --authmech2 LOGIN --password2 _NEW_PASSWD 
--noauthmd5 
--sep2 "/" --prefix2 "" 
--syncinternaldates --skipsize 
--useheader subject --useheader date

Backup

To backup the data, use the mysqldump command :

# mysqldump -u root –single-transaction -p zarafa > zarafa.dump

Upgrade

To upgrade the Zarafa software version:

  • Backup the system disk: stop the domU, copy the disk image in some safe place and start the domU;
  • Backup the SQL data;
  • Log onto Zarafa server, download and untar the new archive then process to the upgrade:

    # cd zarafa-6.30.4-ubuntu8.04-i386
    # sudo /etc/init.d/zarafa-server stop
    # sudo dpkg -i zarafa* libvmime* libical*

  • Install the new configuration files and modify them to match you configuration:

    # sudo vim /etc/zarafa/server.cfg
    # sudo vim /etc/zarafa/spooler.cfg

  • Start the zarafa server and check the logs.

Note: Once, a directory permissions were screwed. Apache told me that it couldn’t reach some directory:

[Tue Nov 10 21:22:33 2009] [error] [client 10.0.0.50] script '/var/www/webaccess/zarafa.php' not found or unable to stat, referer: https://www.tumfatig.net/webaccess/index.php

The solution was to add an execute permission :

# sudo chmod o+x /var/lib/zarafa

Then restart Apache.

Note: When upgrading to Zarafa 6.30.9-18385 (or maybe MySQL 5.0.88), I got the following error message:

Jan 18 20:24:35 zarafa zarafa-server[3796]: 08632410: SQL Failed: SESSION variable max_allowed_packet is read-only. Use SET GLOBAL max_allowed_packet to assign the value, Query: "SET SESSION max_allowed_packet = 16777216"

The solution is to connect to the MySQL server and issue the following command:

mysql@gt; SET GLOBAL max_allowed_packet=16777216;

Sources

No Comments

Leave a Reply

%d bloggers like this: