Plesk Integration: Difference between revisions
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
= Integrate Open-Xchange with Plesk = | = Integrate Open-Xchange with Plesk = | ||
This document describes how to integrate Open-Xchange with Plesk. | This document describes how to integrate Open-Xchange with Plesk. |
Revision as of 11:14, 9 October 2013
Integrate Open-Xchange with Plesk
This document describes how to integrate Open-Xchange with Plesk.
Requirements
In order to integrate Open-Xchange with Plesk, the Open-Xchange APS package must be used. This requires the following versions of Plesk and the APS package:
- Open-Xchange APS package version 7.2 and above (Not yet available).
- Parallels Plesk Panel version 11.5 and above
Older versions are not supported.
Changelog
7.2-26
- Fixed OX6 gui preferences merging
7.2-25
- Added all available timezones in OX App Suite and removed the static time zone designators from the entries
7.2-24
- Fixed debug logging
- Do not use the obsolete syncml setting anymore in combination with "Mobile devices support"
7.2-20
- Fixed displayname uniqueness check
7.2-19
- Fix loginMapping in getContextWithId and context Id in getContextData
7.2-18
- Ability to change admin user login
7.2-14
- since primary mail setting cannot be changed directly, setting has been removed
- eleminated more php warnings
7.2-9
- Added note to Horde migration setting that it does not work on Plesk
- Shortened the presentation summary
- reduced warnings in php code
7.2-6
- Increasing filestore_quota via resource now possible
7.2-5
- Fixed problem with POA versions > 5.5 and public contact folder
- Increased default upload size values of attachments and infostore
- Bugfix: Disabling a user now working
7.2-1
- Reseller Mode for Plesk
- Ready for Plesk 11.5 and above
- No support for Open-Xchange Version 6.20 anymore
Known Issues and Limitations
The following features of the APS package are known to work only with POA and have either not been tested with Plesk or do not work at all.
- Black/Whitelist management (OX6 UI only)
- Spamhandling
- Horde migration
Download
Download the APS package from the APS catalogue
Install and configure Open-Xchange
Before you continue, you have to find out your requirements on how to integrate your Plesk instance(s) with Open-Xchange. There are two possible scenarios:
- One Open-Xchange installation for one Plesk Installation
- You want to serve one Plesk system with one single Open-Xchange installation or you are the only one managing the Plesk servers.
- One Open-Xchange installation for many Plesk systems (Reseller Mode)
- You want to resell many Plesk systems but only use one single Open-Xchange installation.
Note: Finding the correct scenario is important as it is hard to change later!
The main problem is, that usually on Open-Xchange, you have ONE single "root" account to provision contexts/tenants in Open-Xchange. The name of this account is usually oxadminmaster, but it can be renamed to what ever you like. Now imagine there's a scenario where not you, but your customers should create contexts. This is usually the case when you are a reseller. In this case you do not want to hand out that single "root" account to all your customers.
Fortunately, Open-Xchange has a solution for that. It is called the Reseller_Bundle.
Roughly summarised, if you are a Reseller you most likely need one to many setup.
DNS and Mail settings
Keep in mind that Open-Xchange will use the mail server as provided by Plesk to access mail. For that reason, the Open-Xchange system must have access to the same DNS settings as the individual Plesk systems have. That means that when one Plesk system has a mail domain example.com configured using the mail servers hostname mail.example.com, Open-Xchange must be able to resolve the same name to be that Plesk system. The Open-Xchange APS package will hand over these names to the Open-Xchange backend when provisioning Open-Xchange accounts.
SOAP Settings
Every Plesk system must be able to access at least one Open-Xchange server via SOAP. That means that you have to allow access from every Plesk system to the SOAP provisioning system. This can be configured via apache configuration. When you followed our guides, that will be in the file /etc/apache2/conf.d/proxy_http.conf on Debian or /etc/httpd/conf.d/proxy_http.conf in Redhat based systems. It might look like this
<Location /webservices> # restrict access to the soap provisioning API Order Deny,Allow Deny from all Allow from 127.0.0.1 192.168 172.16.1.2 </Location>
which would allow access to the SOAP provisioning on the network 192.168 and on the single hosts 127.0.0.1 and 172.16.1.2
One Open-Xchange installation for one Plesk Installation
Follow one of the Open-Xchange installation guides to install Open-Xchange and in addition, install the following package:
open-xchange-parallels
Now follow the instructions as written here Plesk_Integration#Plesk_Configuration. In this case, the Reseller Mode has to be kept off, which is the default of the APS package. The Master Administrator login is the Open-Xchange "root" account.
One Open-Xchange installation for many Plesk systems (Reseller Mode)
Follow one of the Open-Xchange installation guides to install Open-Xchange and in addition, install the following package:
open-xchange-parallels open-xchange-admin-soap-reseller
Create and manage subadmin accounts
As explained in more details in the article about the Reseller Bundle, you have to create subadmins that you can hand over to your individual Plesk customers/resellers. This article explains on how to do that using the command line as provided by Open-Xchange. Of course the same management can be done via SOAP and via RMI.
After you finished setting up Open-Xchange including the initialisation of the restrictions, you are ready to create a subadmin account. This article assumes that your "root" account name in Open-Xchange is oxadminmaster and it's password is secret. Please do NOT use this password in your environment!
Lets create two new admin accounts:
$ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer1 -p secret -d "My first customer" $ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer2 -p secret -d "My second customer"
The login of these customers are pleskcustomer1 and pleskcustomer2, both receive the same password secret - again, do not use this password in production.
Now to list these accounts, run
$ /opt/open-xchange/sbin/listadmin -A oxadminmaster -P secret Id Name Displayname Parent Restrictions 39 pleskcustomer1 My first customer 0 40 pleskcustomer2 My second customer 0
You can apply restrictions to these accounts as well. We can for example create a third user, which is only allowed to create 100 contexts:
$ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer3 -p secret -d "My third customer" \ -a Subadmin.MaxContext=100
$ /opt/open-xchange/sbin/listadmin -A oxadminmaster -P secret Id Name Displayname Parent Restrictions 39 pleskcustomer1 My first customer 0 40 pleskcustomer2 My second customer 0 41 pleskcustomer3 My third customer 0 Subadmin.MaxContext=100
Please refer to the Reseller Bundle documentation for more restrictions and further details.
Manage Contexts created via Open-Xchange APS package in Plesk
See Plesk_Integration#Plesk_Configuration_.28Admin_Role.29 below on how customers create contexts via Plesk. This article assumes we are having a Plesk WebMaster account named john@example.com. Once that user installed the application for the domain example.com, we will see the following:
$ /opt/open-xchange/sbin/listcontext -A oxadminmaster -P secret cid fid fname enabled qmax qused name lmappings CustomID Owner 19 2 19_ctx_store true 1024 0 pleskcustomer1_24 pleskcustomer1_24,BRANDING||24||[...] pleskcustomer1
You can see, that we assigned the subadmin pleskcustomer1 to this Plesk instances owner. In addition, the name of the context has been generated as pleskcustomer1_24. This is happening in the Reseller Mode only. When this mode is turned off, the context name is the context id.
Note: The output is not very readable to to the fact that the Open-Xchange makes intensive use of the lmappings. If you want to have a more readable list, you could use the --csv option and import the result into a spreadsheet.
General Open-Xchange Configuration
In /opt/open-xchange/etc/sessiond.properties set
com.openexchange.sessiond.autologin=true
If not, users will get the message The action "store" is disabled due to server configuration when they directly access Open-Xchange via POA.
In /opt/open-xchange/etc/login.properties add the new setting
com.openexchange.login.formLoginWithoutAuthId=true
In /opt/open-xchange/etc/plugin/hosting.properties set
CHECK_CONTEXT_LOGIN_MAPPING_REGEXP=[$%:\\.+a-zA-Z0-9@_\\/\\|-]
In /opt/open-xchange/etc/AdminUser.properties set
PRIMARY_MAIL_UNCHANGEABLE=false
Plesk Configuration (Admin Role)
Add Application via Application Vault
Check version requirement
Check that the version of the APS package is at least 7.2. Older versions are neither supported nor will they work in all circumstances.
Set up the Open-Xchange package
Plesk Configuration (Webmaster Role)
Once the Plesk Admin installed and configured the Open-Xchange APS package, you can e.g. assign a user the Webmaster role to install that application into one or more domains.
Understanding the Open-Xchange specific configuration data
Creating Webmail users
In the same configuration as shown above, existing mail accounts can be created as a webmail user. Once created in to Open-Xchange, the list of existing mail accounts will have a small Open-Xchange icon displayed for users, that have been created into Open-Xchange. Via a click on that icon, you can directly access Open-Xchange Webmail on behalf of that user.
Debugging
Plesk
Plesk errors can be found in /usr/local/psa/admin/logs/panel.log. If you turn on Debug mode in the APS package settings, you see even more information, but do NOT turn it on in production permanently.
To have even more information, do the following on your Plesk system:
$ cd /usr/local/psa/admin/conf/ $ mv panel.ini.sample panel.ini
and set
[log] filter.priority = 7
Open-Xchange
Open-Xchange errors can usually be found in /var/log/open-xchange/open-xchange.log.0.