Horde 5 Applikation Adressbuch: Turba unter CentOS 7.x

Als nächste Applikation installieren wir uns die Anwendung Turba. Diese Anwendung stellt uns zentrale und auch persönliche Adressbücher zur Verfügung. Informationen zu Installation und Konfiguration findet man auch auf der offiziellen Doku-Seite.

Die Installation der Applikation Nag können wir ganz einfach über das Paketverwaltungswerkzeug yum vornehmen.

 # yum install php-horde-turba -y

Was uns das Paket php-horde-turba alles mitgebracht hat zeigt uns der folgende Aufruf.

Neben der Konfiguration der Anwendung selbst, müssen wir der Anwendung Turba auch noch mitteilen, wie und zu welchem Datenbankbackend-System sich die Anwendung verbinden soll.

Die mitgelieferte Konfigurationsdatei backends.php lassen wir unangetastet. Die Konfiguration nehmen wir über die lokale Kopie backends.local.php vor.

 # cp -a /etc/horde/turba/backends.php /etc/horde/turba/backends.local.php

Die Personalisierung der Anzeigen sind in der Konfigurationsdatei mit dem Bearbeiter Django und dem Datum gekennzeichnet.

 # vim /etc/horde/turba/backends.local.php
 * This file is where you specify the sources of contacts available to users
 * at your installation. It contains a large number of EXAMPLES. Please
 * remove or comment out those examples that YOU DON'T NEED. There are a
 * number of properties that you can set for each server, including:
 * Local overrides MUST be placed in backends.local.php or backends.d/.
 * If the 'vhosts' setting has been enabled in Horde's configuration, you can
 * use backends-servername.php.
 * Example backends.local.php configuration file that enables the LDAP address
 * book and adds a composite field to the SQL address book:
 * <?php
 * $cfgSources['localldap']['disabled'] = false;
 * $cfgSources['localldap']['params']['server'] = 'localhost';
 * $cfgSources['localldap']['params']['root'] = 'cn=contacts,dc=horde,dc=org';
 * $cfgSources['localldap']['params']['bind_dn'] = 'cn=admin,ou=users,dc=horde,dc=org';
 * $cfgSources['localldap']['params']['bind_password'] = 'somesecret';
 * $cfgSources['localsql']['map']['homeAddress'] = array(
 *     'fields' => array(
 *         'homeStreet',
 *         'homePostalCode',
 *         'homeCity',
 *         'homeCountry'
 *     ),
 *     'format' => "%s\n%s %s\n%s"
 * );
 * Properties that can be set for each server:
 * disabled: (boolean) If true, the config entry is disabled.
 * title: (string) This is the common (user-visible) name that you want
 *        displayed in the contact source drop-down box.
 * type: (string) The types 'ldap', 'sql', 'kolab', 'imsp', 'group',
 *       'favourites' and 'prefs' are currently supported. Kolab address books
 *       can be used with any IMAP server that supports METADATA.
 *       Preferences-based address books are not intended for production
 *       installs unless you really know what you're doing - they are not
 *       searchable, and they won't scale well if a user has a large number of
 *       entries.
 * params: (array) These are the connection parameters specific to the contact
 *         source.
 *         General settings:
 *           - charset: (string) The character set that the backend stores
 *                      data in. Many LDAP servers use utf-8. Database servers
 *                      typically use iso-8859-1.
 *           - filter: (string) Filter your result based on certain condition
 *                     in SQL and LDAP backends. A filter can be specified to
 *                     avoid some unwanted data. For example, if the source is
 *                     an external SQL database, to select records with the
 *                     delete flag = 0: 'filter' => 'deleted=0'.
 *                     Don't enclose 'filter' in brackets - this will done
 *                     automatically. Also keep in mind that a full filter
 *                     line will be built from 'filter' and 'objectclass'
 *                     parameters.
 *         Settings that only apply to LDAP servers:
 *           - bind_dn: (string) Only applies to LDAP servers which do not
 *                      allow anonymous connections. Active Directory servers
 *                      do not allow it by default, so before using one as a
 *                      Turba source, you must create a "rightless" user,
 *                      which is only allowed to connect to the server, and
 *                      set the 'bind_dn' parameter like
 *                      'rightless@example.com' (not
 *                      'cn=rightless,dc=example,dc=com').
 *           - bind_password: (string) Only applies to LDAP servers which do
 *                            not allow anonymous connection. You should set
 *                            this to the cleartext password for the user
 *                            specified in 'bind_dn'.
 *           - checkrequired: (boolean) If true, consult the LDAP schema for
 *                            any attributes that are required by the given
 *                            objectclass(es). Required attributes will be
 *                            provided automatically if the
 *                            'checkrequired_string' parameter is present.
 *           - checksyntax: (boolean) If present, inspect the LDAP schema for
 *                          particular attributes by the type defined in the
 *                          corresponding schema.
 *           - deref: (integer) One of:
 *                      - LDAP_DEREF_NEVER
 *                      - LDAP_DEREF_SEARCHING
 *                      - LDAP_DEREF_FINDING
 *                      - LDAP_DEREF_ALWAYS
 *                     This setting tells the LDAP server when to dereference
 *                     aliases. See http://www.php.net/ldap for more
 *                     information.
 *           - dn: (array) Defines the list of LDAP attributes that build a
 *                 valid DN.
 *           - objectclass: (array) Defines a list of objectclasses that
 *                          contacts must belong to, and that new objects will
 *                          be created with.
 *           - referrals: (integer) Either 0 or 1. See the LDAP documentation
 *                        about the corresponding parameter REFERRALS. Windows
 *                        2003 Server requires that you set this parameter to
 *                        0.
 *           - root: (string) Defines the base DN where to start the search
 *                   (i.e. dc=example,dc=com).
 *           - scope: (string) Can be set to 'one' to search one level of the
 *                    LDAP directory, or 'sub' to search all levels. 'one'
 *                    will work for most setups and should be much faster.
 *                    However we default to 'sub' for backwards compatibility.
 *           - sizelimit: (integer) Limit the search to this number of
 *                        entries. Empty value or 0 means no limit. Keep in
 *                        mind that servers can impose their own search
 *                        limits.
 *           - tls: (boolean) If true, try to use a TLS connection to the
 *                  server.
 *           - version: (integer) Specifies LDAP server version: either 2 or
 *                      3. Active Directory servers require version 3.
 * map: (array) A list of mappings from the Turba attribute names (keys) to
 *              the attribute names by which they are known in this contact
 *              source (values).
 *              Turba also supports composite fields. A composite field is
 *              defined by mapping the field name to an array containing a
 *              list of component fields and a format string (similar to a
 *              printf() format string; however, note that positioned
 *              parameters like %1$s will NOT work).
 *              'attribute' defines where the composed value is saved, and is
 *              optional.
 *              'parse' defines a list of format strings and field names that
 *              should be used for splitting up composite fields, in the order
 *              of precedence, and is optional.
 *              An example:
 *                ...
 *                'name' => array(
 *                    'fields' => array('firstname', 'lastname'),
 *                    'format' => '%s %s',
 *                    'attribute' => 'object_name'
 *                ),
 *                'firstname' => 'object_firstname',
 *                'lastname' => 'object_lastname',
 *                ...
 *              Standard Turba attributes are:
 *                - __key: [REQUIRED] A backend-specific ID for the entry (any
 *                         value as long as it is unique inside that source).
 *                - __members: Serialized PHP array with list of Group
 *                             members.
 *                - __owner: User name of the contact's owner
 *                - __type: Either 'Object' or 'Group'
 *                - __uid: Globally unique ID of the entry (used for
 *                         synchronizing and must be able to be set to any
 *                         value).
 *              More Turba attributes are defined in config/attributes.php.
 * tabs: (array) All fields can be grouped into tabs with this optional entry.
 *       This list is multidimensional hash; keys are the tab titles.
 *       Example:
 *         'tabs' => array(
 *             'Addresses' => array(
 *                 'homeAddress',
 *                 'workAddress'
 *             ),
 *             'Names' => array(
 *                 'firstname',
 *                 'lastname',
 *                 'alias'
 *             )
 *         );
 * search: (array) A list of Turba attribute names that can be searched for
 *         this source.
 * strict: (array) A list of native field/attribute names that must always be
 *              matched exactly in a search.
 * approximate: (array) Only applies to LDAP servers. If set, should be an
 *              array of native field/attribute names to search
 *              "approximately" (for example, "S�nchez", "Sanchez", and
 *              "Sanch�z" will all match a search string of "sanchez").
 * export: (boolean) If true, this source will appear on the Export menu,
 *         allowing users to export the contacts to a CSV (etc.) file.
 * browse: (boolean) If true, this source will be browseable via the Browse
 *         menu item, and empty searches against the source will return all
 *         contacts.
 * use_shares: (boolean) If true, Horde_Share functionality will be enabled
 *             for this source - allowing users to share their personal
 *             address books as well as to create new ones.
 *             Since Turba only supports having one backend configured for
 *             creating new shares, use the 'shares' configuration option to
 *             specify which backend will be used for creating new shares.  All
 *             permission checking will be done against Horde_Share, but note
 *             that any 'extended' permissions (such as max_contacts) will
 *             still be enforced. Also note that the backend driver must have
 *             support for using this. Supported: SQL, IMAP/Kolab, and IMSP.
 * all_shares: (boolean) If true (and 'use_shares' is true) the corresponding
 *             source will be assumed to handle all shares that are not
 *             explicitly assigned to another source. Supported: IMAP/Kolab.
 * list_name_field: (string) Taken as the field to store contact list names
 *                  in. This is required when using a composite field as the
 *                  'name' field.
 * alternative_name: (string) Taken as the field to use an alternative in case
 *                   the name field is empty.
// Django : 2014-09-12 Adressbuch personalisiert
// default: 'title' => _("Shared Address Books"),
$cfgSources['localsql']['disabled'] = false;
// ENABLED by default
// Django : 2014-09-12 Adressbuch (Favoriten) deaktiviert
$cfgSources['favourites']['disabled'] = true;
$cfgSources['favourites']['title'] = _("pers. Adressbuch (Favoriten)");

Bei der Installation des RPMs wurde die Apache-Konfigurationsdatei /etc/httpd/conf.d/php-horde-turba.conf mitgebracht. Da wir bereits in der zentralen Konfigurationsdatei den passenden Konfigurationsabschnitt berücksichtigt haben, können wir den Inhalt der Datei /etc/httpd/conf.d/php-horde-turba.conf komplett disablen.

 # vim /etc/httpd/conf.d/php-horde-turba.conf
# Django : 2014-09-15
# default: <DirectoryMatch /usr/share/horde/turba/(config|lib|locale|scripts|templates)>
#               Deny from all
#          </DirectoryMatch>
# Wird über die nachfolgende Directive in der globalen vHost-Konfigurationsdatei von Horde erledigt:
#        # Deny access to directories that are not served directly by the webserver
#        <DirectoryMatch "^/usr/shared/horde/(.*/)?(config|lib|locale|po|scripts|templates)/(.*)?">
#                Require all denied
#        </DirectoryMatch>

Anschließend reloaden wir den Apache-Daemon einmal.

 # systemctl reload httpd.service

Die Konfiguration der Applikation Turba erfolgt dann über die GUI des Web-Frameworks. Dazu rufen wir unseren angelegten VHOST im Webbrowser auf.

 $ firefox https://horde.sec-mail.guru/admin/config/

Bild: Bildschirmhardcopy Horde "Configuration"

Da wir die Anwendung Turba noch nicht konfiguriert haben und auch die nötigen mySQL-Datenbanktabellen angelegt haben, sind die beiden Fehlermeldungen normal.

Als erstes legen wir die notwendigen Datenbanktabellen an. Hierzu klicken wir auf den Punkt Update all DB schemas.

Bild: Bildschirmhardcopy Horde "Configuration"

Nun fehlt nur noch die Konfiguration vom Adressbuch Turba, diese legen wir nun an, in dem wir auf den Punkt Address Book (turba) klicken.

Bild: Bildschirmhardcopy Horde "Turba Configuration"

Hier erfolgt nun die Konfiguration der Horde-Applikation Turba.

$conf[menu][import_export]                                                     [✔]


$conf[client][addressbook]                                                     None

Exchange GAL

$conf[gal][addressbook]                                                        None


$conf[shares][source]                                                          localsql


$conf[comments][allow]                                                         [✔]

Virtual File Storage

 $conf[documents][type]                                                        Horde defaults

Am Ende unserer Konfigurationsarbeit, sichern wir die Konfiguration mit einem Klick auf die Schaltfläche Bild: Schaltfläche "Generate Address Book Configuration". Die erfolgreiche Sicherung wird uns entsprechend angezeigt.

Bild: Bestätigung der erfolgreichen Sicherung


