Configure Kolab with setup-kolab [Obsolete]

Published by Mads Petersen on

After having installed kolab (following the appropriate install guide in this knowledge base) it needs to be configured. The script ‘setup-kolab’ is distributed with the out-of-the-box installation and is taking care of the basic configuration, but a successful configuration is depending on the environment that Kolab is installed into. Many aspects and variables will have an impact on the configuration. This guide is only touching on the absolute basics. For information and assistance with more complex installation scenarios, please contact contact@apheleia-it.ch

The Kolab server host needs to have a fully qualified domain name as hostname:

[root@maipo ~]# hostname
maipo.kolab.io

If the server needs to communicate with the internet, the network needs to be configured to ensure that reverse DNS lookups are responded to in an appropriate fashion:

[root@maipo ~]# host maipo.kolab.io
maipo.kolab.io has address 95.135.58.46
[root@maipo ~]# host 95.135.58.46
46.58.135.95.in-addr.arpa domain name pointer maipo.kolab.io.

If applicable, ‘selinux’ needs to be in ‘permissive’ mode:

[root@maipo ~]# getenforce
Permissive

If firewalls are enabled, the appropriate ports need to be open. The following is a standard list of ports. Most of those are opened in a default linux installation, but more configuration of firewalls can be necessary. On RedHat’ish distributions this can be done with firewalld:

25 - SMTP
80 - HTTP
110 - POP3
143 - IMAP
443 - HTTPS
465 - SMTPS (Not configured in default setup)
587 - Submission
993 - IMAPS
995 - POP3S
4190 - Sieve

Running the script ‘setup-kolab’ is going to configure the installed components with a standard configuration and create the needed users, roles and databases.

It is recommended that you run setup-kolab with the default parameters like so:

[root@maipo ~]# setup-kolab --default --timezone=Europe/Zurich --mysqlserver=new --directory-manager-pwd=MyAdminPassword --fqdn=maipo.kolab.io --domain=maipo.kolab.io

Alternatively you can use the interactive mode which will prompt for input of desired usernames and passwords – though suggestions are provided:

[root@maipo ~]# setup-kolab
Created symlink from /etc/systemd/system/multi-user.target.wants/guam.service to /usr/lib/systemd/system/guam.service.

Please supply a password for the LDAP administrator user 'admin', used to login
to the graphical console of 389 Directory server.

Administrator password [Ckhtj23S4QK7lOO]: 
Confirm Administrator password:

Please supply a password for the LDAP Directory Manager user, which is the
administrator user you will be using to at least initially log in to the Web
Admin, and that Kolab uses to perform administrative tasks.

Directory Manager password [nOI7btemU4Pjk7l]: 
Confirm Directory Manager password:

Please choose the system user and group the service should use to run under.
These should be existing, unprivileged, local system POSIX accounts with no
shell.

User [dirsrv]: 
Group [dirsrv]:

This setup procedure plans to set up Kolab Groupware for the following domain
name space. This domain name is obtained from the reverse DNS entry on your
network interface. Please confirm this is the appropriate domain name space.

kolab.io [Y/n]: y

The standard root dn we composed for you follows. Please confirm this is the root
dn you wish to use.

dc=kolab,dc=io [Y/n]: y

Setup is now going to set up the 389 Directory Server. This may take a little
while (during which period there is no output and no progress indication).

Created symlink from /etc/systemd/system/multi-user.target.wants/dirsrv.target to /usr/lib/systemd/system/dirsrv.target.

Please supply a Cyrus Administrator password. This password is used by Kolab to
execute administrative tasks in Cyrus IMAP. You may also need the password
yourself to troubleshoot Cyrus IMAP and/or perform other administrative tasks
against Cyrus IMAP directly.

Cyrus Administrator password [Ch1VQL3yLF4PMTc]: 
Confirm Cyrus Administrator password:

Please supply a Kolab Service account password. This account is used by various
services such as Postfix, and Roundcube, as anonymous binds to the LDAP server
will not be allowed.

Kolab Service password [n-AcTIyYnEQ7dof]: 
Confirm Kolab Service password: 

Created symlink from /etc/systemd/system/multi-user.target.wants/amavisd.service to /usr/lib/systemd/system/amavisd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/clamd@amavisd.service to /etc/systemd/system/clamd@.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/wallace.service to /usr/lib/systemd/system/wallace.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
What MySQL server are we setting up?
- 1: Existing MySQL server (with root password already set).
- 2: New MySQL server (needs to be initialized).
Choice: 2

Please supply a root password for MySQL. This password will be the administrative
user for this MySQL server, and it should be kept a secret. After this setup
process has completed, Kolab is going to discard and forget about this password,
but you will need it for administrative tasks in MySQL.

MySQL root password [7zple-R09LcNex-]: 
Confirm MySQL root password:

Please supply a password for the MySQL user 'kolab'. This password will be used
by Kolab services, such as the Web Administration Panel.

MySQL kolab password [ZEFNA1GuYm2cvaK]: 
Confirm MySQL kolab password:

Please supply the timezone PHP should be using. You have to use a Continent or
Country / City locality name like 'Europe/Berlin', but not just 'CEST'.

Timezone ID [UTC]: Europe/Zurich

Please supply a password for the MySQL user 'roundcube'. This password will be
used by the Roundcube webmail interface.

MySQL roundcube password [A5H-4FF8313TV3A]: 
Confirm MySQL roundcube password: 
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/kolab-saslauthd.service to /usr/lib/systemd/system/kolab-saslauthd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/cyrus-imapd.service to /usr/lib/systemd/system/cyrus-imapd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/kolabd.service to /usr/lib/systemd/system/kolabd.service.
[root@maipo ~]#

After successfully running ‘setup-kolab’:

  • The web admin panel is available at http://FQDN/kolab-webadmin
  • The webclient is available at: http://FQDN/webmail

After having configured Kolab, you probably want to secure it with SSL/TLS. You can use certificates from LETSECRYPT

Categories: Uncategorized

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Uncategorized

Generic Client Settings

Open Standards As long as your client application is using standard protocols supported by Kolab, it can be used to connect to Kolab. Below is an overview of the various protocols we support along with Read more…

Uncategorized

Connecting Android to a Kolab server via ActiveSync

The world is full of Android apps and a large number of these are email clients. App creators are very creative, and it is not all clients that stick to the standards. For the purpose Read more…

Uncategorized

Connecting an iPhone to a Kolab server via ActiveSync

This article will guide you through the process of connecting an iPhone client via ActiveSync to a Kolab server.