SOGo configuration for NethServer.

SOGo offers multiple ways to access the calendaring and messaging data. Your users can either use a web browser, Microsoft Outlook, Mozilla Thunderbird, Apple iCal, or a mobile device to access the same information.

• mysql, slapd, sogod, memcached configuration
• apache2 configuration to access SOGo web interface at https://<hostname>/SOGo/
• daily cronjob to check auto-reply expiration
• custom addressbooks in /var/lib/nethserver/db/sogo_sources (undocumented)
• extension for Thunderbird intergration (see [[sogo-frontends]])

Special properties:

• AdminUsers: Parameter used to set which usernames require administrative privileges over all the users tables.
• DraftsFolder: name of draft folder, default is ‘Drafts’
• SentFolder: name of the sent folder, default is ‘Sent’
• TrashFolder: name of the trash folder, default is ‘Trash’
• WOWorkersCount: The amount of instances of SOGo that will be spawned to handle multiple requests simultaneously
• MailAuxiliaryUserAccountsEnabled: Parameter used to activate the auxiliary IMAP accounts in SOGo. When set to YES, users can add other IMAP accounts that will be visible from the SOGo Webmail interface.
• Notifications: enabled notifications. The value is a comma separated list. Default value is “Appointment, EMail”

sogod=service
    ...
    AdsLdapServer=
    AdsCredentials=
    AdminUsers=admin
    DraftsFolder=Drafts
    Notifications=Appointment,ACLs
    SentFolder=Sent
    TrashFolder=Trash
    VirtualHosts=

memcached=service
    ...

• AdsLdapServer Customized Active Directory LDAP server URI (see description below)
• AdsCredentials Active Directory LDAP credentials required to browse the directory (see description below)
• AdminUsers comma separated list of accounts allowed to bypass SOGo ACLs. See SOGoSuperUsernames key
• Notifications comma separated list of values (no spaces between commas). Known item names are ACLs, Folders, Appointments. See SOGoSendEMailNotifications
• {Drafts,Sent,Trash}Folder See respective SOGoFolderName parameters
• VirtualHosts comma separated list of host keys in hosts DB, with type=self. SOGo is reachable from the default host name plus any host listed here (see #2371).

SOGo configuration is stored in an internal database (XML format) under /var/lib/sogo/GNUstep/ directory. All database manipulations are performed through /usr/bin/defaults command.

To dump the current configuration type:

# su -s '/bin/bash' -c 'defaults read' sogo

To modify a value:

# su -s '/bin/bash' -c 'defaults write sogod SxVMemLimit 512' - sogo

For instance, to see LDAP queries add the following custom fragment:

mkdir -p /etc/e-smith/templates-custom/sogo-config
echo -n "{ \$S{LDAPDebugEnabled} = 'YES'; ''; }"  > /etc/e-smith/templates-custom/sogo-config/80logverbose
signal-event nethserver-sogo-update

Read the SOGo FAQ for other debugging features.

To make SOGo accessible with a public DNS hostname:

• In “DNS and DHCP” UI module (Hosts), create the DNS host name as a server alias (i.e. public.example.com)
• Add the host name to sogod/VirtualHosts prop list:

# config setprop sogod VirtualHosts public.example.com
# signal-event nethserver-sogo-update

Same rule applies if SOGo must be accessible using server IP address. For example:

# config setprop sogod VirtualHosts 192.168.1.1
# signal-event nethserver-sogo-update

[This section is extracted from issue #2000]

1. [[nethserver-samba|Join]] an Active Directory domain

2. In AD, create a user (ie sogoad) under CN=Users container, with a non-expiring password (ie PASSWORD). This is needed by SOGo to browse AD LDAP. Choose a password that does not contain the percent % symbol.

3. Save sogoad credentials in configuration DB:

   # config setprop sogod AdsCredentials ‘sogoad%PASSWORD’
   # signal-event nethserver-sogo-update
   

To disable SOGo AD integration

# config setprop sogod AdsCredentials ''
# signal-event nethserver-sogo-update

WARNING

In ADS mode SOGo uses simple LDAP binds on Active Directory LDAP, that means users’ passwords are sent in clear text over the network.

If you have LDAP SSL enabled or you know how to set up a persistent encrypted tunnel, the AdsLdapServer prop can help:

# config setprop sogod AdsLdapServer PROTO://DOMAIN:PORTNUMBER
# signal-event nethserver-sogo-update

Where

• PROTO:// can be ldap:// or ldaps:// (optional)
• DOMAIN should be the lowercased realm
• PORTNUMBER default 389 (optional)

Also STARTTLS should be supported. Refer to the SOGo documentation about hostname parameter.

SOGo comes with a recompiled version of GNUStep packages that may conflict with EPEL versions. From SOGo install FAQ:

add the following line to the EPEL repo definition:

[epel]
…
exclude=gnustep-\*

However, gnustep-make and gnustep-base packages should be rarely installed on a server system.