Open-Xchange on RedHat 9 and Fedora Core 1/2/3/4 How-to

Version 1.6 (2005/09/26)

... will try to help you to setup Open-Xchange on your RedHat 9, Fedora Core 1, 2 3 or 4 box.

Open-Xchange ("OX") is a GPL Groupware solution provided by Netline. It's the "community" version of Novell/SUSE LINUX Openexchange Server ("SLOX").

Important: the way the software is installed here is good enough for testing purposes, but certainly not for a production environment (weak passwords, too many things done with the root user ...) !!! You have been warned ...

Copyright (c) 2004 Laurent FRANCOISE.
Copyright (c) 2004-2005 Sietse Visser.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License".

The license is here.

I am not responsible of the possible data losses caused by the use of this document ... blablabla ...

The following chapters show the howto for RedHat 9. Click below for another distribution.

Show Show RedHat 9 howto
Show Show Fedora Core 1 howto
Show Show Fedora Core 2 howto
Show Show Fedora Core 3 howto
Show Show Fedora Core 4 howto

The Open-Xchange software will be installed in$OX_INSTALL. For instance, OX_INSTALL=/usr/local/ox.

Most software is installed using apt-get and rpm.

I assume that you use a fresh install of RH9, FC1 or FC2, updated with atrpm from atrpms.net.

I suppose that your web host is called "myhost".

First, make a fresh RedHat 9 installation. Then go to atrpms.net, install the signing key, find the kickstart package from the installation page and install it.
Run apt-get update && apt-get dist-upgrade 3 times to update your system.
Then, add some lines in your /etc/apt/sources.list, and install some RPM's.

For RedHat 9:

# Copy the next 5 lines to /etc/apt/sources.list
# jpackage.org; http://jpackage.org/repos.php
rpm             http://mirrors.sunsite.dk/jpackage 1.5/generic free
rpm-src         http://mirrors.sunsite.dk/jpackage 1.5/generic free non-free
rpm             http://mirrors.sunsite.dk/jpackage 1.5/redhat-9 free
rpm-src         http://mirrors.sunsite.dk/jpackage 1.5/redhat-9 free
rpm             http://apt.sw.be redhat/9/en/i386 dag


#Update rpm database, and install some RPM's:
apt-get update
apt-get install postgresql postgresql-server postgresql-libs
apt-get install httpd httpd-manual
apt-get install xerces-j2
apt-get install jdom
apt-get install postgresql-jdbc
apt-get install mod_jk-ap20
apt-get install perl-Convert-ASN1
apt-get install perl-ldap
apt-get install perl-IO-Socket-SSL
apt-get install perl-Net-SSLeay
apt-get install perl-Authen-SASL
apt-get install perl-XML-NamespaceSupport
apt-get install perl-XML-SAX
apt-get source java-1.4.2-sun
apt-get source javamail
apt-get source jaf
apt-get source jta

The RedHat 9 LDAP server is not compiled with --enable-aci, so I downloaded the source rpm, edited the openldap.spec file (it is here for the curious), and generated new RPM's.
Download openldap-clients-2.0.27-8.i386.rpm and openldap-servers-2.0.27-8.i386.rpm and then:

I found documentation for most needed javastuff on http://docs.indymedia.org/view/Local/UkDevServer.

Here is the short version.

Download the following software from Sun and put them in /usr/src/redhat/SOURCES:

This installation will trigger a lot of other packages; just install them.

And check it works in your favorite web Browser: the URL is http://myhost:8080 or http://myhost:8080/manager.

First, start postgres:

Edit the file /var/lib/pgsql/data/postgresql.conf and make sure there is a line with:

Edit the file /var/lib/pgsql/data/pg_hba.conf and make sure the following is in there:

local   all         all                                             trust
host    all         all         127.0.0.1         255.255.255.255   trust

Now restart postgres:

We need a few users and groups on Unix and Postgres to make the installation go without an error message.

Go to http://mirror.open-xchange.org/ox/EN/community/download.htm and download open-xchange-0.8.0-5.tar.bz2
Make sure you set $OX_INSTALL to a sensible value, e.g. /usr/local/ox.

You can safely ignore the error message on 'missing' when running configure.

Try to enter the login screen, the URL is http://myhost/cgi-bin/login.pl

If you have an "Internal server error", check your apache logfiles and perl config.

Copy intranet.class and webmail.class in the tomcat webapps tree :

Now we need the file web.xml in /var/lib/tomcat5/webapps/servlet/WEB-INF. Here's mine: web.xml
Then, restart Tomcat.

Now, go to the URL http://myhost:8080/servlet/intranet. You should see a message "No running Server found" : it means that all is OK.

Otherwise, try to have a look at the Manager: http://myhost:8080/manager/html

To be able to pass the login prompt, you have to edit the file /etc/tomcat5/tomcat-users.xml and add a line like this:

You must now explain to Apache that he has to work with Tomcat.

Then restart Apache :

You should now be able to go to the URL http://myhost/servlet/intranet and obtain again "No running server found"

It is time to populate the database :

Edit your /etc/openldap/slapd.conf and from line 81 (RH9) or line 101 (FC1) or 68 (FC2/3) on make it look like:

database        ldbm
#suffix         "dc=my-domain,dc=com"
#rootdn         "cn=Manager,dc=my-domain,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoided.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
# rootpw                secret
# rootpw                {crypt}ijFYNcSNctBYg

# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/lib/ldap

# Indices to maintain for this database
#index objectClass                       eq,pres
#index ou,cn,mail,surname,givenname      eq,pres,sub
#index uidNumber,gidNumber,loginShell    eq,pres
#index uid,memberUid                     eq,pres,sub
#index nisMapName,nisMapEntry            eq,pres,sub

# Replicas of this database
#replogfile /var/lib/ldap/openldap-master-replog
#replica host=ldap-1.example.com:389 tls=yes
#     bindmethod=sasl saslmech=GSSAPI
#     authcId=host/ldap-master.example.com@EXAMPLE.COM

include         $OX_INSTALL/share/openxchange.schema

suffix "dc=example,dc=org"
rootdn "cn=Manager,dc=example,dc=org"
rootpw secret

index uid,mailEnabled,cn,sn,givenname,lnetMailAccess,alias,loginDestination eq,sub

Verify your path to openxchange.schema - you cannot use the varialbe $OX_INSTALL there!
Also, if you changed the basedn and rootdn during the configure step of OpenXchange, you must change suffix and rootdn here also.

Now create a password as stated in the INSTALL file :

Edit $OX_INSTALL/share/init_ldap.ldif and modify the line ...

... to the result of the perl command. In my example it is:

Now insert the LDAP data :

If you have an error, check your config and try again until it works ... If you need to reset the LDAP database, here's the solution :

Now modify your /etc/openldap/ldap.conf like this :

Again, if you don't want to spend another hour checking a stupid bug, don't put any space after the comma in dc=example,dc=org !!!
If you changed basedn during the configure of OpenXchange, you have to change BASE here also.

Create symbolic links like this :

First, fix a bug in $OX_INSTALL/sbin/addusersql_ox: change /bin/java in /usr/bin/java.
Then, try your PostgreSQL / LDAP config by adding a user :

Check carefully the feedback of the command. Even if you have a green "OK" message, you can have an error message ... If this is the case, don't go further until it is corrected !

If we still follow the INSTALL file, we now add a openxchange group:

Perform the following steps to install webdav. It seems to work, but I have not tested it very well.

Three other steps have already been done elsewhere:

• the --enable-webdav switch for ./configure;
• servlet definitions in web.xml
• JkMount in /etc/httpd/conf.d/mod_jk.conf.

Now, all should be OK for starting. First, start the openxchange service :

Then open the login page http://myhost/cgi-bin/login.pl, and login with the username and password supplied previously to the command adduser_ox :

To show off webdav: install Mozilla Calendaring, go to mozilla broswer, type in the url http://localhost/servlet/webdav.ical and see what happens!

Webmail works out-of-the-box if you have an imap server on the same machine as open-xchange, and the user-id's and passwords of open-xchange and the imap server match.
In case your imap server is somewhere else, the easiest way is to globally change the mailserver for open-xchange:

Still make sure the userid's and passwords match.

My acknowledgement goes to Laurent Francoise - I stole this document from him and made it into a Fedora document. He also put me on the right track for LDAP, I would never have found out...

• Version 0.1 -- First release
• Version 0.2 -- Added license sections
• Version 0.3 -- Fixed jta downloads and build
• Version 0.4 -- Move to ox 0.7.1; fix ldap for webmail; add icons
• Version 0.5 -- Removed manual perl module install by rpm's
• Version 0.6 -- More RPM's, less manual stuff. Added RH9 and FC2 stuff
• Version 0.7 -- Add webdav install
• Version 0.8 -- Add webmail section
• Version 0.9 -- FC2 updates, thanks to Micah Quinn. He also provided the openldap binaries for FC2. No more jsdk20. Move to 0.7.2
• Version 1.0 -- More FC2 updates - I have a FC2 box now, and got everything compiling. Move to 0.7.4
• Version 1.1 -- More FC2 updates after I had to re-install the machine...
• Version 1.2 -- Update for all kinds of packages, including OX. Also reogranised howto: distribution is selectable
• Version 1.3 -- Added FC3. Also, only show selected distribution.
• Version 1.4 -- Added FC4.
• Version 1.5 -- umin is now working; new web.xml downloadble
• Version 1.6 -- added missing newline