Open-Xchange on RedHat 9 and Fedora Core 1/2/3/4 How-to

Version 1.6 (2005/09/26)

... will try to help you to setup Open-Xchange on your RedHat 9, Fedora Core 1, 2 3 or 4 box.

Open-Xchange ("OX") is a GPL Groupware solution provided by Netline. It's the "community" version of Novell/SUSE LINUX Openexchange Server ("SLOX").

Important: the way the software is installed here is good enough for testing purposes, but certainly not for a production environment (weak passwords, too many things done with the root user ...) !!! You have been warned ...

Copyright (c) 2004 Laurent FRANCOISE.
Copyright (c) 2004-2005 Sietse Visser.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License".

The license is here.

I am not responsible of the possible data losses caused by the use of this document ... blablabla ...

The following chapters show the howto for Fedora Core 3. Click below for another distribution.

Show Show RedHat 9 howto
Show Show Fedora Core 1 howto
Show Show Fedora Core 2 howto
Show Show Fedora Core 3 howto
Show Show Fedora Core 4 howto

The Open-Xchange software will be installed in$OX_INSTALL. For instance, OX_INSTALL=/usr/local/ox.

Most software is installed using yum and rpm.

I assume that you use a fresh install of FC3, updated with 'yum dist-upgrade'.

I suppose that your web host is called "myhost".

For Fedora Core 3:

We need packages from Dag Wieer's and the jpackage repository, so we install his key.
Please note, it took me ages to figure out the correct order for the installation of the packages. So if you divert from the order below, things may go wrong.

# Install dag.wieers his key
rpm --import http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt

# Get the repo definitions for jpackage
cd /etc/yum.repos.d
wget http://jpackage.org/jpackage.repo

yum update

Now let's install the Sun JDK, and make rpm's out of javamail, jaf and jta.

cp <jdk linux bin file> /usr/src/redhat/SOURCES/jdk-1_5_0_04-linux-i586.bin
cp <javamail file> /usr/src/redhat/SOURCES/javamail-1_3_2.zip
cp <jaf file> /usr/src/redhat/SOURCES/jaf-1_0_2-upd.zip
cp <jta classes file> /usr/src/redhat/SOURCES/jta-1_0_1B-classes.zip
cp <jta doc file> /usr/src/redhat/SOURCES/jta-1_0_1B-doc.zip

rpm -Uvh http://mirrors.dotsrc.org/jpackage/1.6/generic/non-free/SRPMS/jaf-1.0.2-4jpp.nosrc.rpm \
         http://mirrors.dotsrc.org/jpackage/1.6/generic/non-free/SRPMS/jta-1.0.1-0.b.4jpp.nosrc.rpm \
         http://mirrors.dotsrc.org/jpackage/1.6/generic/non-free/SRPMS/javamail-1.3.2-1jpp.nosrc.rpm \
         http://mirrors.dotsrc.org/jpackage/1.6/generic/non-free/SRPMS/java-1.5.0-sun-1.5.0.04-1jpp.nosrc.rpm

cd /usr/src/redhat/SPECS
rpmbuild -ba java-1.5.0-sun.spec
yum install xorg-x11-deprecated-libs
rpm -Uvh /usr/src/redhat/RPMS/*/java-1.5.0-sun*

rpmbuild -ba javamail.spec
rpmbuild -ba jaf.spec
rpmbuild -ba jta.spec
rpm -Uvh ../RPMS/noarch/jaf* ../RPMS/noarch/jta* ../RPMS/noarch/javamail*

# Install some OX-required packages
rpm -Uvh http://apt.sw.be/packages/perl-Net-SSLeay/perl-Net-SSLeay-1.25-1.1.fc3.rf.i386.rpm \
         http://apt.sw.be/packages/perl-IO-Socket-SSL/perl-IO-Socket-SSL-0.96-1.1.fc3.rf.noarch.rpm \
         http://apt.sw.be/packages/perl-Authen-SASL/perl-Authen-SASL-2.08-1.1.fc3.rf.noarch.rpm

yum install \
    postgresql postgresql-server postgresql-libs httpd httpd-manual \
    xerces-j2 jdom mod_jk-ap20 perl-Convert-ASN1 perl-XML-NamespaceSupport  ant \
    tomcat5 tomcat5-admin-webapps xml-commons-apis

rpm -Uvh http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/i386/postgresql-jdbc-7.4.8-1.FC3.1.i386.rpm

service tomcat5 start

The FC3 LDAP server is not compiled with --enable-aci, so Micah Quinn downloaded the source rpm, edited the openldap.spec file (it is here for the curious), and generated new RPM's.
Install openldap-servers-2.2.13_aci-2.i386.rpm:

rpm -e openldap-servers # Just in case, remove old version first
rpm -Uvh http://sietse.net/exoops/modules/OpenXchange/fc3/openldap-servers-2.2.13_aci-2.i386.rpm
yum install openldap-clients
service ldap start

First, start postgres:

Edit the file /var/lib/pgsql/data/postgresql.conf and make sure there is a line with:

Edit the file /var/lib/pgsql/data/pg_hba.conf and make sure the following is in there:

local   all         all                                             trust
host    all         all         127.0.0.1         255.255.255.255   trust

Now restart postgres:

We need a few users and groups on Unix and Postgres to make the installation go without an error message.

Go to http://mirror.open-xchange.org/ox/EN/community/download.htm and download open-xchange-0.8.0-5.tar.bz2
Make sure you set $OX_INSTALL to a sensible value, e.g. /usr/local/ox.

You can safely ignore the error message on 'missing' when running configure.

Try to enter the login screen, the URL is http://myhost/cgi-bin/login.pl

If you have an "Internal server error", check your apache logfiles and perl config.

Copy intranet.class and webmail.class in the tomcat webapps tree :

Now we need the file web.xml in /var/lib/tomcat5/webapps/servlet/WEB-INF. Here's mine: web.xml
Then, restart Tomcat.

Now, go to the URL http://myhost:8080/servlet/intranet. You should see a message "No running Server found" : it means that all is OK.

Otherwise, try to have a look at the Manager: http://myhost:8080/manager/html

To be able to pass the login prompt, you have to edit the file /etc/tomcat5/tomcat-users.xml and add a line like this:

You must now explain to Apache that he has to work with Tomcat.

Then restart Apache :

You should now be able to go to the URL http://myhost/servlet/intranet and obtain again "No running server found"

It is time to populate the database :

Edit your /etc/openldap/slapd.conf and from line 81 (RH9) or line 101 (FC1) or 68 (FC2/3) on make it look like:

database        ldbm
#suffix         "dc=my-domain,dc=com"
#rootdn         "cn=Manager,dc=my-domain,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# rootpw                secret
# rootpw                {crypt}ijFYNcSNctBYg

# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/lib/ldap

# Indices to maintain for this database
#index objectClass                       eq,pres
#index ou,cn,mail,surname,givenname      eq,pres,sub
#index uidNumber,gidNumber,loginShell    eq,pres
#index uid,memberUid                     eq,pres,sub
#index nisMapName,nisMapEntry            eq,pres,sub

# Replicas of this database
#replogfile /var/lib/ldap/openldap-master-replog
#replica host=ldap-1.example.com:389 tls=yes
#     bindmethod=sasl saslmech=GSSAPI
#     authcId=host/ldap-master.example.com@EXAMPLE.COM

include         $OX_INSTALL/share/openxchange.schema

suffix "dc=example,dc=org"
rootdn "cn=Manager,dc=example,dc=org"
rootpw secret

index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub

Verify your path to openxchange.schema - you cannot use the varialbe $OX_INSTALL there!
Also, if you changed the basedn and rootdn during the configure step of OpenXchange, you must change suffix and rootdn here also.

Now create a password as stated in the INSTALL file :

Edit $OX_INSTALL/share/init_ldap.ldif and modify the line ...

... to the result of the perl command. In my example it is:

Now insert the LDAP data :

If you have an error, check your config and try again until it works ... If you need to reset the LDAP database, here's the solution :

Now modify your /etc/openldap/ldap.conf like this :

Again, if you don't want to spend another hour checking a stupid bug, don't put any space after the comma in dc=example,dc=org !!!
If you changed basedn during the configure of OpenXchange, you have to change BASE here also.

Create symbolic links like this :

First, fix a bug in $OX_INSTALL/sbin/addusersql_ox: change /bin/java in /usr/bin/java.
Then, try your PostgreSQL / LDAP config by adding a user :

Check carefully the feedback of the command. Even if you have a green "OK" message, you can have an error message ... If this is the case, don't go further until it is corrected !

If we still follow the INSTALL file, we now add a openxchange group:

Perform the following steps to install webdav. It seems to work, but I have not tested it very well.

Three other steps have already been done elsewhere:

• the --enable-webdav switch for ./configure;
• servlet definitions in web.xml
• JkMount in /etc/httpd/conf.d/mod_jk.conf.

Now, all should be OK for starting. First, start the openxchange service :

Then open the login page http://myhost/cgi-bin/login.pl, and login with the username and password supplied previously to the command adduser_ox :

To show off webdav: install Mozilla Calendaring, go to mozilla broswer, type in the url http://localhost/servlet/webdav.ical and see what happens!

Webmail works out-of-the-box if you have an imap server on the same machine as open-xchange, and the user-id's and passwords of open-xchange and the imap server match.
In case your imap server is somewhere else, the easiest way is to globally change the mailserver for open-xchange:

Still make sure the userid's and passwords match.

My acknowledgement goes to Laurent Francoise - I stole this document from him and made it into a Fedora document. He also put me on the right track for LDAP, I would never have found out...

• Version 0.1 -- First release
• Version 0.2 -- Added license sections
• Version 0.3 -- Fixed jta downloads and build
• Version 0.4 -- Move to ox 0.7.1; fix ldap for webmail; add icons
• Version 0.5 -- Removed manual perl module install by rpm's
• Version 0.6 -- More RPM's, less manual stuff. Added RH9 and FC2 stuff
• Version 0.7 -- Add webdav install
• Version 0.8 -- Add webmail section
• Version 0.9 -- FC2 updates, thanks to Micah Quinn. He also provided the openldap binaries for FC2. No more jsdk20. Move to 0.7.2
• Version 1.0 -- More FC2 updates - I have a FC2 box now, and got everything compiling. Move to 0.7.4
• Version 1.1 -- More FC2 updates after I had to re-install the machine...
• Version 1.2 -- Update for all kinds of packages, including OX. Also reogranised howto: distribution is selectable
• Version 1.3 -- Added FC3. Also, only show selected distribution.
• Version 1.4 -- Added FC4.
• Version 1.5 -- umin is now working; new web.xml downloadble
• Version 1.6 -- added missing newline