Kolab Intermediate 2.4 Release

Heiner Markert mephisto at gmx.net
Wed May 9 19:21:51 CEST 2012


Am Wednesday 09 May 2012 17:57:52 schrieb Jeroen van Meeuwen (Kolab Systems):
> On 2012-05-09 16:46, Heiner Markert wrote:
> > That worked, thank you!
> > Maybe I just do not see the option, but when I log into the admin
> > interface and select "Users", I do not see any possibility to 
> > actually
> > add a user...
> > All I can do is search for existing users, configure the search,
> > reset the search, switch to "Groups" or "About" view, and log out.
> >
> > The apache error log states
> > sh: /usr/lib64/mozldap/ldapsearch: Permission denied
> > when logging into the web interface or when opening the
> > "Groups"-panel, but no errors appear when loading the "Users" panel.
> >
> 
> Permission denied - is SELinux set to enforce the targeted policy by 
> any change?
> 
> The mozldap/ldapsearch tool is used (because PHP LDAP is lacking 
> support for the getEffectiveRights() control) to determine whether the 
> logged in user is allowed to create/delete entries from the user and 
> group base_dn.
> 
> Kind regards,
> 
> Jeroen van Meeuwen
> 

Thank you again for the hint. I set SELinux mode to permissive, and it worked.
I found two additional issues:

1) When creating a new user, the cyrus mailbox is not created - I hat to manually invoke cyradm and create the mailbox for the user.
2) the file /etc/imapd.conf contains the ldap password as plain text and is word readable. It would perhaps be better to change the file ownership to the cyrus user and restrict access.

I have one additional question: Is it possible to access the calendar as ics-stream in some way? Horde used to support this, and "plain" roundcube calendar seems to support it as well, but I didn't find a way to do that in kolab-roundcube...

Best regards
Heiner




More information about the users mailing list