Plesk Integration: Difference between revisions
No edit summary |
|||
(42 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
= Integrate Open-Xchange with Plesk = | = Integrate Open-Xchange with Plesk = | ||
This document describes how to integrate Open-Xchange with Plesk. | This document describes how to integrate Open-Xchange with Plesk. Please note that the Odin (former Parallels) service provider division has changed its name to Odin. This means that many of the products referred to on this page have also changed their name. | ||
== Requirements == | == Requirements == | ||
Line 8: | Line 8: | ||
This requires the following versions of Plesk and the APS package: | This requires the following versions of Plesk and the APS package: | ||
* Open-Xchange APS package version 7.'''2''' and above | * Open-Xchange APS package version 7.'''2''' and above | ||
* Parallels Plesk Panel version 11.5 and above | * Odin Plesk Panel (former Parallels Plesk Panel) version 11 (11.5 and above), version 12 not yet supported | ||
'''Older versions are not supported.''' | '''Older versions are not supported.''' | ||
Also note that the APS package does not contain an Open-Xchange server. | |||
The Open-Xchange server must be installed separately. | |||
== Changelog == | |||
{{OXAPSChangelog|mode=plesk}} | |||
== Known Issues and Limitations == | |||
The following features of the APS package are known to work only with POA and have either not | |||
been tested with Plesk or do not work at all. | |||
* Black/Whitelist management (OX6 UI only) | |||
* Spamhandling | |||
* Horde migration | |||
* Webmail accounts will get the same display name as the Plesk admin account (Bug has been reported for Plesk) | |||
* Webmail Account default settings cannot be changed. That means it is not possible to change the APS package default of the setting '''Open-Xchange module access level for Enduser''', which is set to ''groupware''. The settings ''Maximum size of all attachments in one message'' and ''Maximum size of one attachment, maximum size of one InfoStore item'' can't be changed as well. | |||
== Download == | == Download == | ||
Download the APS package from the [http:// | Download the APS package from the [http://dev.apsstandard.org/apps/?name=Open-Xchange APS catalogue] | ||
== Install and configure Open-Xchange == | == Install and configure Open-Xchange == | ||
Line 23: | Line 41: | ||
; One Open-Xchange installation for one Plesk Installation: You want to serve one Plesk system with one single Open-Xchange installation or you are the only one managing the Plesk servers. | ; One Open-Xchange installation for one Plesk Installation: You want to serve one Plesk system with one single Open-Xchange installation or you are the only one managing the Plesk servers. | ||
; One Open-Xchange installation | ; One Open-Xchange installation for many Plesk systems (Reseller Mode): You want to resell many Plesk systems but only use one single Open-Xchange installation. | ||
'''Note: Finding the correct scenario is important as it is hard to change later!''' | '''Note: Finding the correct scenario is important as it is hard to change later!''' | ||
Line 34: | Line 52: | ||
Fortunately, Open-Xchange has a solution for that. It is called the [[Reseller_Bundle]]. | Fortunately, Open-Xchange has a solution for that. It is called the [[Reseller_Bundle]]. | ||
Roughly summarised, if you are a Reseller you most likely need [[Plesk_Integration#One_Open- | Roughly summarised, if you are a Reseller you most likely need [[Plesk_Integration#One_Open-Xchange_installation_for_many_Plesk_systems_.28Reseller_Mode.29|one to many]] setup. | ||
=== DNS and Mail settings === | |||
Keep in mind that Open-Xchange will use the mail server as provided by Plesk to access mail. For that reason, | |||
the Open-Xchange system must have access to the same DNS settings as the individual Plesk systems have. | |||
That means that when one Plesk system has a mail domain ''example.com'' configured using the mail servers | |||
hostname ''mail.example.com'', Open-Xchange must be able to resolve the same name to be that Plesk system. | |||
The Open-Xchange APS package will hand over these names to the Open-Xchange backend when provisioning | |||
Open-Xchange accounts. | |||
=== SOAP Settings === | |||
Every Plesk system must be able to access at least one Open-Xchange server via SOAP. That means that you have to allow | |||
access from every Plesk system to the SOAP provisioning system. This can be configured via apache configuration. | |||
When you followed our guides, that will be in the file <tt>/etc/apache2/conf.d/proxy_http.conf</tt> on Debian or <tt>/etc/httpd/conf.d/proxy_http.conf</tt> | |||
in Redhat based systems. It might look like this | |||
<Location /webservices> | |||
# restrict access to the soap provisioning API | |||
Order Deny,Allow | |||
Deny from all | |||
Allow from 127.0.0.1 192.168 172.16.1.2 | |||
</Location> | |||
which would allow access to the SOAP provisioning on the network 192.168 and on the single hosts 127.0.0.1 and 172.16.1.2 | |||
== One Open-Xchange installation for one Plesk Installation == | == One Open-Xchange installation for one Plesk Installation == | ||
Line 43: | Line 86: | ||
open-xchange-parallels | open-xchange-parallels | ||
== One Open-Xchange installation | Now follow the instructions as written here [[Plesk_Integration#Plesk_Configuration]]. In this case, the '''Reseller Mode''' has to be | ||
kept '''off''', which is the default of the APS package. The '''Master Administrator''' login is the Open-Xchange "root" account. | |||
== One Open-Xchange installation for many Plesk systems (Reseller Mode) == | |||
Follow one of the [http://oxpedia.org/index.php?title=Main_Page_HESE Open-Xchange installation guides] to install Open-Xchange and in addition, | Follow one of the [http://oxpedia.org/index.php?title=Main_Page_HESE Open-Xchange installation guides] to install Open-Xchange and in addition, | ||
Line 49: | Line 95: | ||
open-xchange-parallels open-xchange-admin-soap-reseller | open-xchange-parallels open-xchange-admin-soap-reseller | ||
=== Create and manage subadmin accounts === | |||
As explained in more details in the article about the [[Reseller_Bundle|Reseller Bundle]], you have to create subadmins | |||
that you can hand over to your individual Plesk customers/resellers. This article explains on how to do that using the | |||
command line as provided by Open-Xchange. Of course the same management can be done via [[Open-Xchange_Provisioning_using_SOAP|SOAP]] and | |||
via [http://software.open-xchange.com/OX6/doc/RMI/ RMI]. | |||
After you finished setting up Open-Xchange including the initialisation of the restrictions, you are ready to create a subadmin | |||
account. This article assumes that your "root" account name in Open-Xchange is ''oxadminmaster'' and it's password is ''secret''. | |||
Please do NOT use this password in your environment! | |||
Lets create two new admin accounts: | |||
$ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer1 -p secret -d "My first customer" | |||
$ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer2 -p secret -d "My second customer" | |||
The login of these customers are ''pleskcustomer1'' and ''pleskcustomer2'', both receive the same password secret - again, do not use | |||
this password in production. | |||
Now to list these accounts, run | |||
$ /opt/open-xchange/sbin/listadmin -A oxadminmaster -P secret | |||
Id Name Displayname Parent Restrictions | |||
39 pleskcustomer1 My first customer 0 | |||
40 pleskcustomer2 My second customer 0 | |||
You can apply restrictions to these accounts as well. We can for example create a third user, which is only allowed to create | |||
100 contexts: | |||
$ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer3 -p secret -d "My third customer" \ | |||
-a Subadmin.MaxContext=100 | |||
$ /opt/open-xchange/sbin/listadmin -A oxadminmaster -P secret | |||
Id Name Displayname Parent Restrictions | |||
39 pleskcustomer1 My first customer 0 | |||
40 pleskcustomer2 My second customer 0 | |||
41 pleskcustomer3 My third customer 0 Subadmin.MaxContext=100 | |||
Please refer to the [[Reseller_Bundle|Reseller Bundle]] documentation for more restrictions and further details. | |||
=== Manage Contexts created via Open-Xchange APS package in Plesk === | |||
See [[Plesk_Integration#Plesk_Configuration_.28Admin_Role.29]] below on how customers create contexts | |||
via Plesk. This article assumes we are having a Plesk WebMaster account named john@example.com. | |||
Once that user installed the application for the domain example.com, we will see the following: | |||
$ /opt/open-xchange/sbin/listcontext -A oxadminmaster -P secret | |||
cid fid fname enabled qmax qused name lmappings CustomID Owner | |||
19 2 19_ctx_store true 1024 0 pleskcustomer1_24 pleskcustomer1_24,BRANDING||24||[...] pleskcustomer1 | |||
You can see, that we assigned the subadmin ''pleskcustomer1'' to this Plesk instances owner. In addition, the name of the context has been | |||
generated as ''pleskcustomer1_24''. This is happening in the '''Reseller Mode''' only. When this mode is turned off, the context name is | |||
the context id. | |||
'''Note:''' The output is not very readable to to the fact that the Open-Xchange makes intensive use of the lmappings. If you want to have | |||
a more readable list, you could use the --csv option and import the result into a spreadsheet. | |||
== General Open-Xchange Configuration == | == General Open-Xchange Configuration == | ||
{{POAPleskConfig}} | |||
== Plesk Configuration == | == Plesk Configuration (Admin Role) == | ||
=== Add Application via Application Vault === | === Add Application via Application Vault === | ||
Line 65: | Line 166: | ||
[[Image:Select from Catalog.png|600px]] | [[Image:Select from Catalog.png|600px]] | ||
=== Check version requirement === | |||
Check that the version of the APS package is at least 7.2. | |||
Older versions are neither supported nor will they work in all circumstances. | |||
[[Image:Check version.png|600px]] | |||
=== Set up the Open-Xchange package === | |||
[[Image:Settings Part1.png|600px]] | |||
[[Image:Settings Part2.png|600px]] | |||
== Plesk Configuration (Webmaster Role) == | |||
Once the Plesk Admin installed and configured the Open-Xchange APS package, you can e.g. assign a user the Webmaster role to | |||
install that application into one or more domains. | |||
[[Image:Webmaster Install Open-Xchange.png|600px]] | |||
[[Image:Webmaster Required fields.png|600px]] | |||
=== Understanding the Open-Xchange specific configuration data === | |||
[[Image:Webmaster Context created.png|600px]] | |||
=== Creating Webmail users === | |||
In the same configuration as shown above, existing mail accounts can be created as a webmail user. | |||
Once created in to Open-Xchange, the list of existing mail accounts will have a small Open-Xchange icon displayed | |||
for users, that have been created into Open-Xchange. Via a click on that icon, you can directly access Open-Xchange | |||
Webmail on behalf of that user. | |||
[[Image:Mail User with Open-Xchange.png|600px]] | |||
== Debugging == | |||
=== Plesk === | |||
Plesk errors can be found in <tt>/usr/local/psa/admin/logs/panel.log</tt>. If you turn on Debug mode in the APS package settings, you see even more | |||
information, but do NOT turn it on in production permanently. | |||
To have even more information, do the following on your Plesk system: | |||
$ cd /usr/local/psa/admin/conf/ | |||
$ mv panel.ini.sample panel.ini | |||
and set | |||
[log] | |||
filter.priority = 7 | |||
=== Open-Xchange === | |||
Open-Xchange errors can usually be found in <tt>/var/log/open-xchange/open-xchange.log.0</tt>. |
Latest revision as of 09:52, 15 October 2015
Integrate Open-Xchange with Plesk
This document describes how to integrate Open-Xchange with Plesk. Please note that the Odin (former Parallels) service provider division has changed its name to Odin. This means that many of the products referred to on this page have also changed their name.
Requirements
In order to integrate Open-Xchange with Plesk, the Open-Xchange APS package must be used. This requires the following versions of Plesk and the APS package:
- Open-Xchange APS package version 7.2 and above
- Odin Plesk Panel (former Parallels Plesk Panel) version 11 (11.5 and above), version 12 not yet supported
Older versions are not supported.
Also note that the APS package does not contain an Open-Xchange server. The Open-Xchange server must be installed separately.
Changelog
7.2-26
- Fixed OX6 gui preferences merging
7.2-25
- Added all available timezones in OX App Suite and removed the static time zone designators from the entries
7.2-24
- Fixed debug logging
- Do not use the obsolete syncml setting anymore in combination with "Mobile devices support"
7.2-20
- Fixed displayname uniqueness check
7.2-19
- Fix loginMapping in getContextWithId and context Id in getContextData
7.2-18
- Ability to change admin user login
7.2-14
- since primary mail setting cannot be changed directly, setting has been removed
- eleminated more php warnings
7.2-9
- Added note to Horde migration setting that it does not work on Plesk
- Shortened the presentation summary
- reduced warnings in php code
7.2-6
- Increasing filestore_quota via resource now possible
7.2-5
- Fixed problem with POA versions > 5.5 and public contact folder
- Increased default upload size values of attachments and infostore
- Bugfix: Disabling a user now working
7.2-1
- Reseller Mode for Plesk
- Ready for Plesk 11.5 and above
- No support for Open-Xchange Version 6.20 anymore
Known Issues and Limitations
The following features of the APS package are known to work only with POA and have either not been tested with Plesk or do not work at all.
- Black/Whitelist management (OX6 UI only)
- Spamhandling
- Horde migration
- Webmail accounts will get the same display name as the Plesk admin account (Bug has been reported for Plesk)
- Webmail Account default settings cannot be changed. That means it is not possible to change the APS package default of the setting Open-Xchange module access level for Enduser, which is set to groupware. The settings Maximum size of all attachments in one message and Maximum size of one attachment, maximum size of one InfoStore item can't be changed as well.
Download
Download the APS package from the APS catalogue
Install and configure Open-Xchange
Before you continue, you have to find out your requirements on how to integrate your Plesk instance(s) with Open-Xchange. There are two possible scenarios:
- One Open-Xchange installation for one Plesk Installation
- You want to serve one Plesk system with one single Open-Xchange installation or you are the only one managing the Plesk servers.
- One Open-Xchange installation for many Plesk systems (Reseller Mode)
- You want to resell many Plesk systems but only use one single Open-Xchange installation.
Note: Finding the correct scenario is important as it is hard to change later!
The main problem is, that usually on Open-Xchange, you have ONE single "root" account to provision contexts/tenants in Open-Xchange. The name of this account is usually oxadminmaster, but it can be renamed to what ever you like. Now imagine there's a scenario where not you, but your customers should create contexts. This is usually the case when you are a reseller. In this case you do not want to hand out that single "root" account to all your customers.
Fortunately, Open-Xchange has a solution for that. It is called the Reseller_Bundle.
Roughly summarised, if you are a Reseller you most likely need one to many setup.
DNS and Mail settings
Keep in mind that Open-Xchange will use the mail server as provided by Plesk to access mail. For that reason, the Open-Xchange system must have access to the same DNS settings as the individual Plesk systems have. That means that when one Plesk system has a mail domain example.com configured using the mail servers hostname mail.example.com, Open-Xchange must be able to resolve the same name to be that Plesk system. The Open-Xchange APS package will hand over these names to the Open-Xchange backend when provisioning Open-Xchange accounts.
SOAP Settings
Every Plesk system must be able to access at least one Open-Xchange server via SOAP. That means that you have to allow access from every Plesk system to the SOAP provisioning system. This can be configured via apache configuration. When you followed our guides, that will be in the file /etc/apache2/conf.d/proxy_http.conf on Debian or /etc/httpd/conf.d/proxy_http.conf in Redhat based systems. It might look like this
<Location /webservices> # restrict access to the soap provisioning API Order Deny,Allow Deny from all Allow from 127.0.0.1 192.168 172.16.1.2 </Location>
which would allow access to the SOAP provisioning on the network 192.168 and on the single hosts 127.0.0.1 and 172.16.1.2
One Open-Xchange installation for one Plesk Installation
Follow one of the Open-Xchange installation guides to install Open-Xchange and in addition, install the following package:
open-xchange-parallels
Now follow the instructions as written here Plesk_Integration#Plesk_Configuration. In this case, the Reseller Mode has to be kept off, which is the default of the APS package. The Master Administrator login is the Open-Xchange "root" account.
One Open-Xchange installation for many Plesk systems (Reseller Mode)
Follow one of the Open-Xchange installation guides to install Open-Xchange and in addition, install the following package:
open-xchange-parallels open-xchange-admin-soap-reseller
Create and manage subadmin accounts
As explained in more details in the article about the Reseller Bundle, you have to create subadmins that you can hand over to your individual Plesk customers/resellers. This article explains on how to do that using the command line as provided by Open-Xchange. Of course the same management can be done via SOAP and via RMI.
After you finished setting up Open-Xchange including the initialisation of the restrictions, you are ready to create a subadmin account. This article assumes that your "root" account name in Open-Xchange is oxadminmaster and it's password is secret. Please do NOT use this password in your environment!
Lets create two new admin accounts:
$ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer1 -p secret -d "My first customer" $ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer2 -p secret -d "My second customer"
The login of these customers are pleskcustomer1 and pleskcustomer2, both receive the same password secret - again, do not use this password in production.
Now to list these accounts, run
$ /opt/open-xchange/sbin/listadmin -A oxadminmaster -P secret Id Name Displayname Parent Restrictions 39 pleskcustomer1 My first customer 0 40 pleskcustomer2 My second customer 0
You can apply restrictions to these accounts as well. We can for example create a third user, which is only allowed to create 100 contexts:
$ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer3 -p secret -d "My third customer" \ -a Subadmin.MaxContext=100
$ /opt/open-xchange/sbin/listadmin -A oxadminmaster -P secret Id Name Displayname Parent Restrictions 39 pleskcustomer1 My first customer 0 40 pleskcustomer2 My second customer 0 41 pleskcustomer3 My third customer 0 Subadmin.MaxContext=100
Please refer to the Reseller Bundle documentation for more restrictions and further details.
Manage Contexts created via Open-Xchange APS package in Plesk
See Plesk_Integration#Plesk_Configuration_.28Admin_Role.29 below on how customers create contexts via Plesk. This article assumes we are having a Plesk WebMaster account named john@example.com. Once that user installed the application for the domain example.com, we will see the following:
$ /opt/open-xchange/sbin/listcontext -A oxadminmaster -P secret cid fid fname enabled qmax qused name lmappings CustomID Owner 19 2 19_ctx_store true 1024 0 pleskcustomer1_24 pleskcustomer1_24,BRANDING||24||[...] pleskcustomer1
You can see, that we assigned the subadmin pleskcustomer1 to this Plesk instances owner. In addition, the name of the context has been generated as pleskcustomer1_24. This is happening in the Reseller Mode only. When this mode is turned off, the context name is the context id.
Note: The output is not very readable to to the fact that the Open-Xchange makes intensive use of the lmappings. If you want to have a more readable list, you could use the --csv option and import the result into a spreadsheet.
General Open-Xchange Configuration
In /opt/open-xchange/etc/sessiond.properties set
com.openexchange.sessiond.autologin=true
If not, users will get the message The action "store" is disabled due to server configuration when they directly access Open-Xchange via POA.
In /opt/open-xchange/etc/login.properties add the new setting
com.openexchange.login.formLoginWithoutAuthId=true
In /opt/open-xchange/etc/plugin/hosting.properties set
CHECK_CONTEXT_LOGIN_MAPPING_REGEXP=[$%:\\.+a-zA-Z0-9@_\\/\\|-]
In /opt/open-xchange/etc/AdminUser.properties set
PRIMARY_MAIL_UNCHANGEABLE=false
Plesk Configuration (Admin Role)
Add Application via Application Vault
Check version requirement
Check that the version of the APS package is at least 7.2. Older versions are neither supported nor will they work in all circumstances.
Set up the Open-Xchange package
Plesk Configuration (Webmaster Role)
Once the Plesk Admin installed and configured the Open-Xchange APS package, you can e.g. assign a user the Webmaster role to install that application into one or more domains.
Understanding the Open-Xchange specific configuration data
Creating Webmail users
In the same configuration as shown above, existing mail accounts can be created as a webmail user. Once created in to Open-Xchange, the list of existing mail accounts will have a small Open-Xchange icon displayed for users, that have been created into Open-Xchange. Via a click on that icon, you can directly access Open-Xchange Webmail on behalf of that user.
Debugging
Plesk
Plesk errors can be found in /usr/local/psa/admin/logs/panel.log. If you turn on Debug mode in the APS package settings, you see even more information, but do NOT turn it on in production permanently.
To have even more information, do the following on your Plesk system:
$ cd /usr/local/psa/admin/conf/ $ mv panel.ini.sample panel.ini
and set
[log] filter.priority = 7
Open-Xchange
Open-Xchange errors can usually be found in /var/log/open-xchange/open-xchange.log.0.