Frequently Asked Questions

Using the zarafa-admin tool you can modify user information.

Log on to the Zarafa server using PuTTY (or another SSH client) or directly with a console and give the following command:

zarafa-admin -u <username>	[-U <new username>]
	[-p <new password>]

The settings between [ ] are optional and can be used to modify the following properties:

-U <new username>	Modify a users username.
-p <new password>	Modify a users password.
-e <e-mail>	Modify a users primary email address.
-f <full name>	Modify a users full name.
-a <0|1>	With this option you can set whether a user is an administrator. 0 disables admin rights, 1 enables admin rights.

 

Hints and tips

If you don’t know the exact username in Zarafa, you can view all users by giving the following command:

zarafa-admin –l

The Zarafa server use by default port 236. To use an encrypted connection you need to enable port 237 and create ssl certificates.

The webaccess runs on the a default Apache webserver, so port 80 or 443.

When SELinux is enabled, this is blocking your connection from the webserver to the Zarafa server.

You may solve this by allowing Apache to make network connections:

setsebool httpd_can_network_connect=1

or by disabling SELinux altogether:

setenforce permissive

When you choose to disable SELinux, you will also want to edit /etc/sysconfig/selinux to disable it for reboots too.

Hints en Tips

More information about Selinux can be found here: http://fedora.redhat.com/docs/selinux-faq/

A update from Debian GNU/Linux 4.0r3 "Etch" and Ubuntu 8.04 will remove Zarafa, by upgrading libvmime0

Calculating upgrade... Done
The following packages will be REMOVED:
zarafa zarafa-webaccess
The following NEW packages will be installed:
libgsasl7
The following packages will be upgraded:
libvmime0
1 upgraded, 1 newly installed, 2 to remove and 0 not upgraded.
Need to get 944kB of archives.
After unpacking 16.2MB disk space will be freed.
Do you want to continue [Y/n]?

Since the libvmime API of 0.7 and 0.8 is completely different, we indeed hold the upgrade from Debian Etch back.

However, this is not an issue, since no other package in Debian depends on 0.8. You can set the libvmime0 package on hold with the command

echo libvmime0 hold | dpkg --set-selections

To upgrade a single company to a multicompany environment where all existing users are placed into the same company, the following actions must be taken:

Make a backup of the Zarafa database. Enable multicompany in the Zarafa configuration files. Restart the Zarafa server. Create a new company, using LDAP or the zarafa-admin tool.

Use zarafa-admin --list-companies to make sure the new company is visible in the new environment. Stop the Zarafa server. Execute the following SQL queries in the Zarafa database:

* UPDATE users SET company = (SELECT id FROM users WHERE object_type=4) WHERE (object_type = 1 OR object_type = 2 OR object_type = 5) AND id > 2;
* UPDATE stores SET company = (SELECT id FROM users WHERE object_type=4) WHERE user_id > 2;

* UPDATE stores SET user_id = (SELECT id FROM users WHERE object_type=4) , user_name = (SELECT externid FROM users WHERE object_type=4) WHERE user_id = 1;

When using the DB plugin, the following query is also required:

* SELECT p.value FROM object AS o JOIN objectproperty AS p ON o.id=p.objectid WHERE o.objecttype = 4 AND p.propname='companyname'

* INSERT INTO objectproperty (objectid, propname, `value`) SELECT id, 'companyid', (SELECT p.value FROM object AS o JOIN objectproperty AS p ON o.id=p.objectid WHERE o.objecttype = 4 AND p.propname='companyname') FROM object WHERE objecttype != 4;

After this the Zarafa server can be started again, and the users should be visible with 'zarafa-admin -l' again.

Make sure you have a correct backup before doing this!

There are three different user plug-ins for Zarafa; the UNIX, the LDAP and the internal DB plug-in:

* The UNIX plug-in uses information from /etc/passwd, /etc/group and /etc/shadow. This means that only the Linux users can get access to Zarafa. By setting a uid range of wich users are added to Zarafa. In the same way you can add groups to Zarafa. Users with a special shell (default /bin/false) will be added as non-active user. With the Unix plug-in is it necessary to add additional information like email address, admin option and user quota settings in the database. This information needs to be added to the database with the Zarafa-admin tool. The uid would be stored in the data to make a link between the Linux users and the information in the database.

* The LDAP plug-in uses information from a LDAP or ADS server. All information about users, groups and membership can be retrieved from the LDAP or ADS server. The managing of the users and groups has to be done in LDAP or ADS. Only the uid would be stored in the Zarafa database, other data would receive from LDAP or ADS.

* The DB plug-in would be installed by default and need no more configuration. All user information would store in the database. The managing has to be done with the zarafa-admin tool.

Sending a file of 2Mb or larger using the Webaccess is not possible by default. This is caused by a limitation in PHP, which is the language used to build the Webaccess. The limit of PHP can be enlarged, but this should be done in the PHP configuration file.

When you want to send an email with an attachment larger than 8 MB, you can still use Outlook which doesn't have this limitation.

The value which needs to be changed in the php.ini file is: 'max_upload_filesize'.

max_upload_filesize = 16M

Technically this is possible, but you always need to have the Zarafa-professional package for Outlook support. This package is available for the default supported distributions.

Zarafa has been developed purely for Linux. However, if you are a developer, you may help us by providing the probably small but necessary changes to Zarafa, so it will run on your platform.

No, the Zarafa 6.0x and 6.1x clients are forward compatible with the new 6.20 version. However, you will still need a license.

When a new user is added to the server, the standard folders are created in the language of the server. When you want to change the standard folders for a user to a different language, you have to change the /etc/zarafa/userscript/createuser script. This has to be done before the user is created in the Zarafa database.
If you want to change the standard folders to, for example, Dutch (nl_NL) you can add the following line to the createuser script:

export LC_MESSAGE=nl_NL.utf8

or replace ‘zarafa-admin --create-store "${ZARAFA_USER}"’ with:

zarafa-admin --lang nl_NL.utf8 --create-store "${ZARAFA_USER}"

When you are using Debian, you have to install the locales before you change the createuser file:

dpkg-reconfigure locales

When the standard folders of an existing user are in the wrong language, they can be changed with Outlook (XP/2003 or higher) to the correct language. It is important that the language of Outlook is the same as the language that you want for your standard folders.

* Close Outlook
* Click on Start > Run
* Type here: Outlook.exe /resetfoldernames

Outlook will start with the standard folders in the same language as Outlook. From now on the standard folders will be in this language.

To upgrade a single company to a multicompany environment where all existing users are placed into the same company, the following actions must be taken:

Make a backup of the Zarafa database. Enable multicompany in the Zarafa configuration files. Restart the Zarafa server. Create a new company, using LDAP or the zarafa-admin tool.
Use zarafa-admin --list-companies to make sure the new company is visible in the new environment. Stop the Zarafa server.

Note: The following 3 queries are only needed when the server has version 6.1x or 6.2x.

Execute the following SQL queries in the Zarafa database:

UPDATE users SET company = (SELECT id FROM users WHERE object_type=4)
WHERE (object_type = 1 OR object_type = 2 OR object_type = 5) AND id > 2;

UPDATE stores SET company = (SELECT id FROM users WHERE object_type=4)
WHERE user_id > 2;

UPDATE stores SET user_id = (SELECT id FROM users WHERE object_type=4) ,
user_name = (SELECT externid FROM users WHERE object_type=4) WHERE user_id = 1;

Note: The following query needs to be executed for every multicompany version (6.1x and up).
When using the DB plugin, the following query is also required:

SELECT p.value FROM object AS o JOIN objectproperty AS p ON o.id=p.objectid
WHERE o.objecttype = 4 AND p.propname='companyname'

INSERT INTO objectproperty (objectid, propname, `value`) SELECT id,
'companyid', (SELECT p.value FROM object AS o JOIN objectproperty AS p ON
o.id=p.objectid WHERE o.objecttype = 4 AND p.propname='companyname') FROM
object WHERE objecttype != 4;

After this the Zarafa server can be started again, and the users should be, once again, visible with:

'zarafa-admin -l'

Because of an issue with libxml2 and php5 in SLES 11 will not be supported by Zarafa at the moment.

The result of this issue is that every email sent from the webaccess that contains HTML will be mangled, and not readable by the receiver.

This issue is not only exposed by Zarafa, but by other webapplications as well. Until Novell resolves the issue, Zarafa will not build packages for SLES 11.

I am using Active Directory for user information for Zarafa. With the commando ‘zarafa-admin –l’ can I retrieve a list with Zarafa users, however it is not possible for (certain) users to log in into the webaccess or Outlook, what is wrong?

In Active Directory it is possible to set, for every user on which computer he/she may login. For verification of the username and password of a user, a computer will bind to the Active Directory. When the name or ip-address is not in the list of computers, the username and password is not verified by the Active Directory. The same would happen when the name or ip-address of the Zarafa server is not available in the list of computers, so the user cannot login to Zarafa.

For checking/changing this, you can take the following steps:

• Open the active directory users and groups configuration window.
• Open the settings of a user, by double clicking on the username.
• Go to the tab ‘Account’ and click on the ‘Log On To’ button.
• Add the name or ip-address of the Zarafa server by ‘computer name’ if the option ‘the following computers’ is selected. When ‘All computers’ is selected, it should be possible for this user to login on all the computers in the network, including the Zarafa server.

To integrate Zarafa with an Active Directory server, you need to specify the LDAP search queries in the ldap.cfg file. From these search queries, Zarafa can locate the users and groups in the ADS.

To ensure the LDAP search queries are as fast as possible, we advise you to specify a subfolder in the LDAP structure, where all users are located. By specifying the subfolder in the ADS, the LDAP search does not need to search the complete tree.

By default, Zarafa generates an Outlook store for every found user in the LDAP tree. When users in the ADS do not use Zarafa, you should put them in a separate folder in the ADS, where Zarafa does not search for users.

To specify groups for Zarafa, we advise you to create a separate folder in the LDAP tree and create all the Zarafa groups in this folder. By creating a specific folder for groups, not all the Windows system groups are visible in Zarafa.

An example ADS configuration file is found in /usr/share/zarafa/ads.cfg. This file can be used as a template for ADS servers.

Read more about Active Directory integration in the Zarafa LDAP whitepaper.

When the data from LDAP is used for Zarafa, only the value of the unique LDAP attribute is stored in the Zarafa database. When other user data is needed, Zarafa retrieves this from LDAP by searching on the value of the unique LDAP attribute. When a user is removed from LDAP, that value of the unique LDAP attribute will also be removed from LDAP. To make sure that the users which are removed from LDAP will also be removed from Zarafa, Zarafa will look to the existing values of the unique LDAP attribute. When one of those values is removed from LDAP the user will also be removed from Zarafa. When there is a new value, a new user would be created in Zarafa.

When the value of the unique attribute is changed, for Zarafa this means that the user is deleted and a new user is created.  This will result in deleting the ‘old’ store of the user and creating a new store. The old store will move to the Admin folder in the public store.

In the LDAP documentation you can find the solution to change the unique attribute for groups, as well as for users.

To upgrade from a demo version of Zarafa to a full license, you only need to replace the following file in the demo license key, with a full license key:

/etc/zarafa/license/base

The Zarafa base license is default located in /etc/zarafa/license/base.

When you want to add Client Access License to the server, you need to do the following steps:

1.Add a new file in the license directory:

touch /etc/zarafa/license/1

2.Register the CAL on the Zarafa Portal and add the CAL serial to this file:

echo 379AS24442 > /etc/zarafa/license/1

When you have more than one CAL, you have to create an extra file with the corresponding serial.

The first three users that connect to the community versions with Outlook can only use Outlook. All other users can only connect via webaccess, imap/pop3 or Z-Push.

Serials can be converted on the Zarafa Portal. To access the Zarafa Portal you need a login account.

On the Zarafa Portal you can also download the Zarafa Professional software.

Unfortuantely this is not possible. When you want to use a Zarafa commercial version you have to buy an license/subscription for all users that are created in your Zarafa system.

This is a provider issue, probably caused by the proxying of the data by the telecom operator.

Many mobiles may show the ‘Bad request from mobile’ error when synchronizing their mobile with a server via z-push. This is not a problem with z-push or the mobile, but is caused by proxy-software run by your telecom operator.

Workaround: Due to the way that SSL works, you can setup your connection to use SSL, and your connection will not be proxied by your telecom operator. Set up your z-push server to accept SSL connections, and set your PDA to use the  SSL-encrypted connection.

Use debconf to configure Exim4 for which domains Exim should consider itself as the final destination. You can do this with the following command:

dpkg-reconfigure plow exim4

Create a file called 700_exim4-config_zarafa in the directory /etc/exim4/conf.d/router. Add the following text in the file:

zarafa:

debug_print = "R: zarafa for $local_part@$domain"

driver = accept

domains = +local_domains

check_local_user

transport = zarafa_pipe

require_files = +/usr/bin/zarafa-dagent

no_verify

no_expn

Create a file called 30_exim4-config_zarafa_pipe in the directory /etc/exim4/conf.d/transport. Add the following lines to the file:

zarafa_pipe:

debug_print = "T: zarafa_pipe for $local_part@$domain"

driver = pipe

path = "/bin:/usr/bin:/usr/local/bin"

command = "/usr/bin/zarafa-dagent $local_part"

return_path_add

delivery_date_add

envelope_to_add

Finally you need to add the following line to the file /etc/exim4/update-exim4.conf:

dc_localdelivery=zarafa_pipe

Now start the update-exim4.conf script and reload Exim4 with the following commands:

update-exim4.conf

etc/init.d/exim4 restart 

When you do not have a local MTA configured on the server with Zarafa installed, you need to run the Zarafa-dagent via Fetchmail. In fetchmail configuration file you should at the following option: mda "/usr/sbin/zarafa-dagent username"

See a full example fetchmail configuration below:

  poll 192.168.1.254
    localdomains zarafa.com
    protocol pop3
    no dns
    username john
    password 'password'
    to *
    smtpaddress zarafa.com
    fetchall
    forcecr
    set postmaster user
    mda "/usr/bin/zarafa-dagent john"

The fetchmail configuration should be made for every user individual.

See here for more information about Fetchmail.

To run both Zarafa and Cyrus on a single machine, please follow these steps:

• To use Postfix with multiple transport providers you need to use a transport table. Add the following line to the Postfix master.cf file:
  

  zarafa  unix   -      n       n       -       -      
  pipe user=vmail argv=/usr/bin/zarafa-dagent ${user} 

• Comment the mailbox_command and mailbox_transport in the Postfix main.cf. Add the following line to the Postfix main.cf:
  

  transport_maps = hash:/etc/postfix/transport 

• In the file /etc/postfix/transport you can add email addresses with the corresponding transport provider. For example:
  

  m.oostergo@zarafa.com   zarafa 
  j.lewis@zarafa.com      cyrus 

• After you have made changes to the transport table you need to run the command "postmap /etc/postfix/transport" to create the hash file.
   

Now all mail for m.oostergo@zarafa.com is delivered to Zarafa and the email for j.lewis@zarafa.com is delivered to Cyrus.

It is possible to configure sendmail to use the zarafa-dagent directly. The configuration files for sendmail can usually be found in /etc/mail, The required m4 files can be found in /usr/share/sendmail/cf or /usr/share/sendmail-cf (the exact location is distribution specific). The instructions below assume the m4 files are located in /usr/share/sendmail/cf/, so please make sure the files created below are stored in the for your distribution correct location.

First, the sendmail zarafa mailer needs to be created. To do this, a new file should be created which contains the data below. This file should be saved to /usr/share/sendmail/cf/mailer/zarafa.m4:

PUSHDIVERT(-1)
#
#   Mailer for Zarafa
#

ifdef(`ZARAFA_MAILER_ARGS',,
        `define(`ZARAFA_MAILER_ARGS', zarafa-dagent $u)')
ifdef(`ZARAFA_MAILER_PATH',,
        `define(`ZARAFA_MAILER_PATH',
/usr/local/bin/zarafa-dagent)')
POPDIVERT
#######################################
###   Zarafa Mailer specification   ###
#######################################

VERSIONID(`@(#)zarafa.m4        31-Aug-2007')

MZARAFA,                P=ZARAFA_MAILER_PATH, F=DFMhu,
S=15, R=25, T=X-Phone/X-ZARAFA/X-Unix,
                A=ZARAFA_MAILER_ARGS

LOCAL_CONFIG
CPZARAFA

Secondly, the local_zarafa feature needs to be created. This feature will allow the zarafa-dagent to deliver mail from localhost. Save the data below to /usr/share/sendmail/cf/feature/local_zarafa.m4:

divert(-1)
divert(0)

VERSIONID(`@(#)zarafa.m4        31-Aug-2007')

divert(-1)

ifdef(`_MAILER_local_',
        `errprint(`*** FEATURE(local_zarafa) must
occur before MAILER(local)
')')dnl

define(`LOCAL_MAILER_PATH',
        ifelse(defn(`_ARG_'), `',

                ifdef(`ZARAFA_MAILER_PATH',
                        ZARAFA_MAILER_PATH,
                        `/usr/local/bin/zarafa-dagent'),
                _ARG_))
define(`LOCAL_MAILER_ARGS',
ifelse(len(X`'_ARG2_), `1', `zarafa-dagent $u', _ARG2_))
undefine(`_LOCAL_PROCMAIL_')
undefine(`_LOCAL_LMTP_')
undefine(`LOCAL_MAILER_DSN_DIAGNOSTIC_CODE')

The last part is enabling the Zarafa dagent in sendmail. To enable the Zarafa dagent delivery from localhost, add the following lines to /etc/mail/sendmail.mc:

FEATURE(`local_zarafa')
MAILER(`local')

To enable the Zarafa dagent for all other deliveries add the following lines to sendmail.mc:

MAILER(`zarafa')

After the creation and editing of these files, the configuration needs to be activated. Execute the following command:

sendmailconfig

This will generate the sendmail.cf file and reload sendmail. If the zarafa-spooler was already running, this too needs to be restarted:

/etc/init.d/zarafa-spooler restart

In the postfix configuration file "master.cf", add the following rule:

zarafa unix - n n - - pipe 
 flags= user=vmail argv=/usr/bin/procmail -a ${user}

After that, edit the postfix configuration file "main.cf" and add the following line:

mailbox_transport = zarafa 

When that is completed, edit the procmail configuration file "/etc/procmailrc" and add the following lines:

 USER=$1
:0w* ^X-Spam-Status: Yes 
| zarafa-dagent -j $USER
EXITCODE=$?

:0w
| zarafa-dagent $USER
EXITCODE=$?

After this, restart postfix by issuing the command: 

/etc/init.d/postfix reload 

To adjust the column width, follow these steps:
 

• Click Start and click Run.
• In the Open box, type regedit, and then click OK.
• In the Registry Editor navigate to the following key:
• HKEY_CURRENT_USER\Software\Microsoft\Exchange\Client\Options
• With the Options subkey selected, on the Edit menu, point to New, and then click DWORD Value.
• For the name, type AddressBookColWidth, and then press ENTER.
• Double-click AddressBookColWidth, and in the Value data box, type the width you want. You may have to change this setting until you arrive at the number that best suits your needs. A recommended starting point is 79.
• Click OK to save your entry.

 
Leave the Registry Editor open and switch to Outlook. Open the Address Book and see if the column width is acceptable.
If not, close the Address Book, leave Outlook running, and switch back to the Registry Editor to adjust the DWORD Value until you arrive at the column width you want.
As you make adjustments all column widths in the Address Book are adjusted. If the value is too large, such as 1025, you may notice some of the right-most columns disappear.
 

The complete mailbox added to the Folder list can be removed from Outlook. This can be done by navigating in Outlook to: Tools > Email Accounts > Remove or display existing accounts > Next Here, select Zarafa client and click Change.... A new window will be opened. Click the tab Advanced, select the name of the user of which the mailbox should be removed and click the Delete button. When you select OK and Finish you will leave the window and Outlook will be available again.

If after the creation of the user profiles in Outlook the public store is created, this store will not be visible to the users whose Outlook profile have been previously created. Without access to the public store, the freebusy times will not be available either. The same problem can occur when migrating from old pst files, where the same profile is being used with Zarafa. The profile will reuse the old data which do not contain the public store. In order to make the freebusy data available again, new profiles should be created.

There are several ways to copy the current data from Outlook to Zarafa, depending on how Outlook is currently being used and how the data is stored. In most cases the data is stored on an IMAP server, on a MS Exchange server, or in a .pst file.

Note: You must create the new user in Zarafa before attempting to copy the current data from Outlook, otherwise the transfer will not be possible.

Copying data from an IMAP server <!-- br-->The best way to copy data from an IMAP server is to use well-tested and proven tools for copying emails from IMAP to IMAP. It is necessary to start the Zarafa-gateway before the data can be copied.

Copying data from MS Exchange <!-- br-->There is a tool available from Microsoft (ExMerge) which can copy the data from the user’s store, on a MS Exchange server, to a .pst file. After this it is possible to import data from the .pst file into the Zarafa database with the Zarafa Migration tool. To download the Zarafa Migration tool go to the download-community-page. For more information about the Zarafa Migration tool go the documentation-page.

Copying data from a PST file
When the data is in a .pst file it can easily be copied to Zarafa by using the Zarafa Migration Tool. This is a special tool for copying data from a .pst file to Zarafa. To download the Zarafa Migration tool go to the download-community-page. For more information about the Zarafa Migration tool go the documentation-page.

Warning!: The Zarafa Migration tool does not work with Outlook 2007.

Hits and Tips

In Outlook it is also possible to export and import the data with a .pst file.

Export:

File > Import and Export > Export to file >
      Personal folder(.pst)

Import:

File > Import and export > Import from file >
      Personal folder(.pst)

A .pst file can also be added to the current profile for coping the data manually to the .pst file:

File > Outlook data file > Add > Personal folder(.pst)

When you want to copy all of your calendar items it is recommended that you use the calendar view by category. This will show all calendar items in a list.

Problem: I just updated Zarafa to a new version and now I get reminders that I didn't ask for.

Solution: Outlook has a table for all reminders.This table will be completed during the update with reminder information for all possible calendar items with a reminder. Old reminders will be (re-)activated and are hard to remove.

To remove these old reminders, close Outlook and perform the following steps: Click on Start > Run and enter: outlook.exe /cleanreminders. Then click OK to start Outlook. During start-up, Outlook will clean the reminder table.

If reminders do not work at all after this command, you will need to close Outlook again, and perform the following steps:Click on Start > Run and enter: outlook.exe /resetfolders. Then, click OK to start Outlook. After this step, your reminders should work as expected.

When SELinux is enabled, this is blocking your connection from the webserver to the Zarafa server.

You may solve this by allowing Apache to make network connections:

setsebool httpd_can_network_connect=1

or by disabling SELinux altogether:

setenforce permissive

When you choose to disable SELinux, you will also want to edit /etc/sysconfig/selinux to disable it for reboots too.

Hints en Tips

More information about Selinux can be found here: http://fedora.redhat.com/docs/selinux-faq/

Sending a file of 2Mb or larger using the Webaccess is not possible by default. This is caused by a limitation in PHP, which is the language used to build the Webaccess. The limit of PHP can be enlarged, but this should be done in the PHP configuration file.

When you want to send an email with an attachment larger than 8 MB, you can still use Outlook which doesn't have this limitation.

The value which needs to be changed in the php.ini file is: 'max_upload_filesize'.

max_upload_filesize = 16M

The following browsers are officially supported by Zarafa:

• Firefox 2
• Firefox 3
• Internet Explorer 6
• Internet Explorer 7

It is possible that other web browser works as well, however there is no guarantee that it would work and they are not officially supported.

This happening because the option ‘Allow script to: Disable or replace context menus’ is disabled in FireFox. To enable this option go to:

Tools > Options > Content 

Make sure that 'Enable JavaScript' and click on the button ‘Advanced’ behind ‘Enable JavaScript’. Here is it possible to enable the option ‘Disable or replace context menus’.