Back to "Samba and Kolab
Groupware integration" article...
# ./kolab_bootstrap -b
KOLAB BOOTSTRAP
Check for running webserver on port 80
Check for running webserver on port 443
Check for running imap server on port 143
Check for running imap server on port 220
Check for running imap server on port 585
Check for running imap server on port 993
Check for running pop3 server on port 109
Check for running pop3 server on port 110
Check for running pop3 server on port 473
Check for running pop3 server on port 995
Check for running smtp server on port 25
Check for running smtp server on port 465
Check for running ftp server on port 21
Check for running Amavis Virus Scanner Interface on port 10024
Check for running Kolab daemon on port 9999
Check for running OpenLDAP server on port 636
Check for running OpenLDAP server on port 389
Check for running Sieve server on port 2000
Excellent all required Ports are available!
LDAP repository is empty - assuming fresh install
Please enter Hostname including Domain Name (e.g. thishost.domain.tld)
[SERVER-KOLAB]: kolab.contact.de
Proceeding with Hostname kolab.contact.de
Do you want to set up (1) a master Kolab server or (2) a slave [1]
(1/2): 1
Proceeding with master server setup
Please enter your Maildomain - if you do not know your mail domain use
the fqdn from above [contact.de]:
proceeding with Maildomain contact.de
Kolab primary email addresses will be of the type user@contact.de
Generating default configuration:
base_dn : dc=contact,dc=de
bind_dn : cn=Manager,dc=contact,dc=de
Please choose a manager password [LXJ9sDNJy9f6qAni]: LDAP_PASSWORD
bind_pw : LDAP_PASSWORD
done modifying /kolab/etc/kolab/kolab.conf
IMPORTANT NOTE:
use login=manager and passwd=LDAP_PASSWORD when you log into the
webinterface!
Enter fully qualified hostname of slave kolab server e.g.
thishost.domain.tld [empty when done]:
prepare LDAP database...
temporarily starting slapd
Waiting for OpenLDAP to start
no dc=contact,dc=de object found, creating one
mynetworkinterfaces: 127.0.0.0/8
LDAP setup finished
Create initial config files for postfix, apache, proftpd, cyrus imap,
saslauthd
running /kolab/sbin/kolabconf -n
kolabconf - Kolab Configuration Generator
Version: 2.0
Copyright (c) 2004 Klaraelvdalens Datakonsult AB
Copyright (c) 2003 Code Fusion cc
Copyright (c) 2003 Tassilo Erlewein, Martin
Konold, Achim Frank, erfrakon
This is free software; see the source for copying conditions.
There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
kill temporary slapd
OpenPKG: stop: openldap.
Creating RSA keypair for resource password encryption
/kolab/bin/openssl genrsa -out /kolab/etc/kolab/res_priv.pem 1024
Generating RSA private key, 1024 bit long modulus
...........++++++
........++++++
e is 65537 (0x10001)
/kolab/bin/openssl rsa -in /kolab/etc/kolab/res_priv.pem -pubout -out
/kolab/etc/kolab/res_pub.pem
writing RSA key
chown kolab:kolab-n /kolab/etc/kolab/res_pub.pem
/kolab/etc/kolab/res_priv.pem
Kolab can create an manage a certificate authority that can be
used to create SSL certificates for use within the Kolab environment.
You can choose to skip this section if you already have certificates
for the Kolab server.
Do you want to create CA and certificates [y] (y/n): y
Now we need to create a cerificate authority (CA) for Kolab and a server
certificate. You will be prompted for a passphrase for the CA.
################################################################################
/kolab/etc/kolab/kolab_ca.sh -newca kolab.contact.de
Enter organization name [Kolab]: Contact
Enter organizational unit [Test-CA]: Contact
Using subject O=Contact,OU=Contact,CN=kolab.contact.de
Using dn
CA certificate filename (or enter to create)
Making CA certificate ...
Generating a 1024 bit RSA private key
..........................................++++++
..++++++
writing new private key to '/kolab/etc/kolab/ca/private/cakey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
/kolab/etc/kolab
/kolab/etc/kolab/kolab_ca.sh -newkey kolab.contact.de
/kolab/etc/kolab/key.pem
Using dn
Generating RSA private key, 1024 bit long modulus
.........................++++++
.......................++++++
e is 65537 (0x10001)
writing RSA key
/kolab/etc/kolab
/kolab/etc/kolab/kolab_ca.sh -newreq kolab.contact.de
/kolab/etc/kolab/key.pem /kolab/etc/kolab/newreq.pem
Using dn
Request is in /kolab/etc/kolab/newreq.pem and private key is in
/kolab/etc/kolab/key.pem
/kolab/etc/kolab
/kolab/etc/kolab/kolab_ca.sh -sign /kolab/etc/kolab/newreq.pem
/kolab/etc/kolab/cert.pem
Using dn
Using configuration from /kolab/etc/kolab/kolab-ssl.cnf
Enter pass phrase for /kolab/etc/kolab/ca/private/cakey.pem:
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Aug 29 11:22:39 2005 GMT
Not After : Aug 27 11:22:39 2015 GMT
Subject:
commonName
= kolab.contact.de
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
39:21:D8:CF:D3:11:C2:C4:38:A7:73:0B:AC:9E:5D:47:F7:7E:CB:11
X509v3 Authority Key Identifier:
DirName:/O=Contact/OU=Contact/CN=kolab.contact.de
serial:00
Certificate is to be certified until Aug 27 11:22:39 2015 GMT (3650
days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
Signed certificate is in /kolab/etc/kolab/cert.pem
/kolab/etc/kolab
chgrp kolab-r /kolab/etc/kolab/key.pem;
chmod 0640 /kolab/etc/kolab/key.pem;
chgrp kolab-r /kolab/etc/kolab/cert.pem;
chmod 0640 /kolab/etc/kolab/cert.pem;
################################################################################
CA and certificate creation complete.
You can install /kolab/etc/kolab/ca/cacert.pem on your clients to allow
them
to verify the validity of your server certificates.
kolab is now ready to run!
please run '/kolab/bin/openpkg rc all start'
Use login=manager and passwd=LDAP_PASSWORD when you log into
the webinterface https://kolab.contact.de/admin !
Back to "Samba and Kolab Groupware integration" article...