Plesk Integration: Difference between revisions

From Open-Xchange
No edit summary
 
(26 intermediate revisions by 2 users not shown)
Line 1: Line 1:
= Integrate Open-Xchange with Plesk =
= Integrate Open-Xchange with Plesk =


'''WORK IN PROGRESS'''
This document describes how to integrate Open-Xchange with Plesk. Please note that the Odin (former Parallels) service provider division has changed its name to Odin. This means that many of the products referred to on this page have also changed their name.
 
This document describes how to integrate Open-Xchange with Plesk.


== Requirements ==
== Requirements ==
Line 10: Line 8:
This requires the following versions of Plesk and the APS package:
This requires the following versions of Plesk and the APS package:


* Open-Xchange APS package version 7.'''2''' and above '''(Not yet available)'''.
* Open-Xchange APS package version 7.'''2''' and above
* Parallels Plesk Panel version 11.5 and above
* Odin Plesk Panel (former Parallels Plesk Panel) version 11 (11.5 and above), version 12 not yet supported


'''Older versions are not supported.'''
'''Older versions are not supported.'''
Also note that the APS package does not contain an Open-Xchange server.
The Open-Xchange server must be installed separately.
== Changelog ==
{{OXAPSChangelog|mode=plesk}}
== Known Issues and Limitations ==
The following features of the APS package are known to work only with POA and have either not
been tested with Plesk or do not work at all.
* Black/Whitelist management (OX6 UI only)
* Spamhandling
* Horde migration
* Webmail accounts will get the same display name as the Plesk admin account (Bug has been reported for Plesk)
* Webmail Account default settings cannot be changed. That means it is not possible to change the APS package default of the setting '''Open-Xchange module access level for Enduser''', which is set to ''groupware''. The settings ''Maximum size of all attachments in one message'' and ''Maximum size of one attachment, maximum size of one InfoStore item'' can't be changed as well.


== Download ==
== Download ==


Download the APS package from the [http://www.apsstandard.org/applications#searchterm=open-xchange APS catalogue]
Download the APS package from the [http://dev.apsstandard.org/apps/?name=Open-Xchange APS catalogue]


== Install and configure Open-Xchange ==
== Install and configure Open-Xchange ==
Line 36: Line 52:
Fortunately, Open-Xchange has a solution for that. It is called the [[Reseller_Bundle]].
Fortunately, Open-Xchange has a solution for that. It is called the [[Reseller_Bundle]].


Roughly summarised, if you are a Reseller you most likely need [[Plesk_Integration#One_Open-Xchange_installation_fo_many_Plesk_systems]]
Roughly summarised, if you are a Reseller you most likely need [[Plesk_Integration#One_Open-Xchange_installation_for_many_Plesk_systems_.28Reseller_Mode.29|one to many]] setup.
 
=== DNS and Mail settings ===
 
Keep in mind that Open-Xchange will use the mail server as provided by Plesk to access mail. For that reason,
the Open-Xchange system must have access to the same DNS settings as the individual Plesk systems have.
That means that when one Plesk system has a mail domain ''example.com'' configured using the mail servers
hostname ''mail.example.com'', Open-Xchange must be able to resolve the same name to be that Plesk system.
The Open-Xchange APS package will hand over these names to the Open-Xchange backend when provisioning
Open-Xchange accounts.
 
=== SOAP Settings ===
 
Every Plesk system must be able to access at least one Open-Xchange server via SOAP. That means that you have to allow
access from every Plesk system to the SOAP provisioning system. This can be configured via apache configuration.
When you followed our guides, that will be in the file <tt>/etc/apache2/conf.d/proxy_http.conf</tt> on Debian or <tt>/etc/httpd/conf.d/proxy_http.conf</tt>
in Redhat based systems. It might look like this
 
<Location /webservices>
    # restrict access to the soap provisioning API
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1 192.168 172.16.1.2
</Location>
 
which would allow access to the SOAP provisioning on the network 192.168 and on the single hosts 127.0.0.1 and 172.16.1.2


== One Open-Xchange installation for one Plesk Installation ==
== One Open-Xchange installation for one Plesk Installation ==
Line 94: Line 135:


Please refer to the [[Reseller_Bundle|Reseller Bundle]] documentation for more restrictions and further details.
Please refer to the [[Reseller_Bundle|Reseller Bundle]] documentation for more restrictions and further details.
=== Manage Contexts created via Open-Xchange APS package in Plesk ===
See [[Plesk_Integration#Plesk_Configuration_.28Admin_Role.29]] below on how customers create contexts
via Plesk.  This article assumes we are having a Plesk WebMaster account named john@example.com.
Once that user installed the application for the domain example.com, we will see the following:
$ /opt/open-xchange/sbin/listcontext -A oxadminmaster -P secret
cid fid fname        enabled qmax qused name              lmappings                                CustomID        Owner
19  2  19_ctx_store true    1024    0 pleskcustomer1_24 pleskcustomer1_24,BRANDING||24||[...]                    pleskcustomer1
You can see, that we assigned the subadmin ''pleskcustomer1'' to this Plesk instances owner. In addition, the name of the context has been
generated as ''pleskcustomer1_24''. This is happening in the '''Reseller Mode''' only. When this mode is turned off, the context name is
the context id.
'''Note:''' The output is not very readable to to the fact that the Open-Xchange makes intensive use of the lmappings. If you want to have
a more readable list, you could use the --csv option and import the result into a spreadsheet.


== General Open-Xchange Configuration ==
== General Open-Xchange Configuration ==


Add the parameter
{{POAPleskConfig}}
com.openexchange.login.formLoginWithoutAuthId=true
to <tt>/opt/open-xchange/etc/login.properties</tt>


== Plesk Configuration (Admin Role) ==
== Plesk Configuration (Admin Role) ==
Line 132: Line 188:


[[Image:Webmaster Required fields.png|600px]]
[[Image:Webmaster Required fields.png|600px]]
=== Understanding the Open-Xchange specific configuration data ===


[[Image:Webmaster Context created.png|600px]]
[[Image:Webmaster Context created.png|600px]]
=== Creating Webmail users ===
In the same configuration as shown above, existing mail accounts can be created as a webmail user.
Once created in to Open-Xchange, the list of existing mail accounts will have a small Open-Xchange icon displayed
for users, that have been created into Open-Xchange. Via a click on that icon, you can directly access Open-Xchange
Webmail on behalf of that user.
[[Image:Mail User with Open-Xchange.png|600px]]


== Debugging ==
== Debugging ==


* Plesk errors can be found in <tt>/usr/local/psa/admin/logs/panel.log</tt>.
=== Plesk ===
* Open-Xchange errors can usually be found in <tt>/var/log/open-xchange/open-xchange.log.0</tt>.
 
Plesk errors can be found in <tt>/usr/local/psa/admin/logs/panel.log</tt>. If you turn on Debug mode in the APS package settings, you see even more
information, but do NOT turn it on in production permanently.
 
To have even more information, do the following on your Plesk system:
 
$ cd /usr/local/psa/admin/conf/
$ mv panel.ini.sample panel.ini
 
and set
 
[log]
filter.priority = 7
 
=== Open-Xchange ===
 
Open-Xchange errors can usually be found in <tt>/var/log/open-xchange/open-xchange.log.0</tt>.

Latest revision as of 09:52, 15 October 2015

Integrate Open-Xchange with Plesk

This document describes how to integrate Open-Xchange with Plesk. Please note that the Odin (former Parallels) service provider division has changed its name to Odin. This means that many of the products referred to on this page have also changed their name.

Requirements

In order to integrate Open-Xchange with Plesk, the Open-Xchange APS package must be used. This requires the following versions of Plesk and the APS package:

  • Open-Xchange APS package version 7.2 and above
  • Odin Plesk Panel (former Parallels Plesk Panel) version 11 (11.5 and above), version 12 not yet supported

Older versions are not supported.

Also note that the APS package does not contain an Open-Xchange server. The Open-Xchange server must be installed separately.

Changelog

7.2-26

  • Fixed OX6 gui preferences merging

7.2-25

  • Added all available timezones in OX App Suite and removed the static time zone designators from the entries

7.2-24

  • Fixed debug logging
  • Do not use the obsolete syncml setting anymore in combination with "Mobile devices support"

7.2-20

  • Fixed displayname uniqueness check

7.2-19

  • Fix loginMapping in getContextWithId and context Id in getContextData

7.2-18

  • Ability to change admin user login

7.2-14

  • since primary mail setting cannot be changed directly, setting has been removed
  • eleminated more php warnings

7.2-9

  • Added note to Horde migration setting that it does not work on Plesk
  • Shortened the presentation summary
  • reduced warnings in php code

7.2-6

  • Increasing filestore_quota via resource now possible

7.2-5

  • Fixed problem with POA versions > 5.5 and public contact folder
  • Increased default upload size values of attachments and infostore
  • Bugfix: Disabling a user now working

7.2-1

  • Reseller Mode for Plesk
  • Ready for Plesk 11.5 and above
  • No support for Open-Xchange Version 6.20 anymore


Known Issues and Limitations

The following features of the APS package are known to work only with POA and have either not been tested with Plesk or do not work at all.

  • Black/Whitelist management (OX6 UI only)
  • Spamhandling
  • Horde migration
  • Webmail accounts will get the same display name as the Plesk admin account (Bug has been reported for Plesk)
  • Webmail Account default settings cannot be changed. That means it is not possible to change the APS package default of the setting Open-Xchange module access level for Enduser, which is set to groupware. The settings Maximum size of all attachments in one message and Maximum size of one attachment, maximum size of one InfoStore item can't be changed as well.

Download

Download the APS package from the APS catalogue

Install and configure Open-Xchange

Before you continue, you have to find out your requirements on how to integrate your Plesk instance(s) with Open-Xchange. There are two possible scenarios:

One Open-Xchange installation for one Plesk Installation
You want to serve one Plesk system with one single Open-Xchange installation or you are the only one managing the Plesk servers.
One Open-Xchange installation for many Plesk systems (Reseller Mode)
You want to resell many Plesk systems but only use one single Open-Xchange installation.

Note: Finding the correct scenario is important as it is hard to change later!

The main problem is, that usually on Open-Xchange, you have ONE single "root" account to provision contexts/tenants in Open-Xchange. The name of this account is usually oxadminmaster, but it can be renamed to what ever you like. Now imagine there's a scenario where not you, but your customers should create contexts. This is usually the case when you are a reseller. In this case you do not want to hand out that single "root" account to all your customers.

Fortunately, Open-Xchange has a solution for that. It is called the Reseller_Bundle.

Roughly summarised, if you are a Reseller you most likely need one to many setup.

DNS and Mail settings

Keep in mind that Open-Xchange will use the mail server as provided by Plesk to access mail. For that reason, the Open-Xchange system must have access to the same DNS settings as the individual Plesk systems have. That means that when one Plesk system has a mail domain example.com configured using the mail servers hostname mail.example.com, Open-Xchange must be able to resolve the same name to be that Plesk system. The Open-Xchange APS package will hand over these names to the Open-Xchange backend when provisioning Open-Xchange accounts.

SOAP Settings

Every Plesk system must be able to access at least one Open-Xchange server via SOAP. That means that you have to allow access from every Plesk system to the SOAP provisioning system. This can be configured via apache configuration. When you followed our guides, that will be in the file /etc/apache2/conf.d/proxy_http.conf on Debian or /etc/httpd/conf.d/proxy_http.conf in Redhat based systems. It might look like this

<Location /webservices>
   # restrict access to the soap provisioning API
   Order Deny,Allow
   Deny from all
   Allow from 127.0.0.1 192.168 172.16.1.2
</Location>

which would allow access to the SOAP provisioning on the network 192.168 and on the single hosts 127.0.0.1 and 172.16.1.2

One Open-Xchange installation for one Plesk Installation

Follow one of the Open-Xchange installation guides to install Open-Xchange and in addition, install the following package:

open-xchange-parallels

Now follow the instructions as written here Plesk_Integration#Plesk_Configuration. In this case, the Reseller Mode has to be kept off, which is the default of the APS package. The Master Administrator login is the Open-Xchange "root" account.

One Open-Xchange installation for many Plesk systems (Reseller Mode)

Follow one of the Open-Xchange installation guides to install Open-Xchange and in addition, install the following package:

open-xchange-parallels open-xchange-admin-soap-reseller

Create and manage subadmin accounts

As explained in more details in the article about the Reseller Bundle, you have to create subadmins that you can hand over to your individual Plesk customers/resellers. This article explains on how to do that using the command line as provided by Open-Xchange. Of course the same management can be done via SOAP and via RMI.

After you finished setting up Open-Xchange including the initialisation of the restrictions, you are ready to create a subadmin account. This article assumes that your "root" account name in Open-Xchange is oxadminmaster and it's password is secret. Please do NOT use this password in your environment!

Lets create two new admin accounts:

$ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer1 -p secret -d "My first customer"
$ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer2 -p secret -d "My second customer"

The login of these customers are pleskcustomer1 and pleskcustomer2, both receive the same password secret - again, do not use this password in production.

Now to list these accounts, run

$ /opt/open-xchange/sbin/listadmin -A oxadminmaster -P secret
Id Name           Displayname        Parent Restrictions
39 pleskcustomer1 My first customer  0
40 pleskcustomer2 My second customer 0

You can apply restrictions to these accounts as well. We can for example create a third user, which is only allowed to create 100 contexts:

$ /opt/open-xchange/sbin/createadmin -A oxadminmaster -P secret -u pleskcustomer3 -p secret -d "My third customer" \
   -a Subadmin.MaxContext=100
$ /opt/open-xchange/sbin/listadmin -A oxadminmaster -P secret
Id Name           Displayname        Parent Restrictions
39 pleskcustomer1 My first customer  0
40 pleskcustomer2 My second customer 0
41 pleskcustomer3 My third customer  0      Subadmin.MaxContext=100

Please refer to the Reseller Bundle documentation for more restrictions and further details.

Manage Contexts created via Open-Xchange APS package in Plesk

See Plesk_Integration#Plesk_Configuration_.28Admin_Role.29 below on how customers create contexts via Plesk. This article assumes we are having a Plesk WebMaster account named john@example.com. Once that user installed the application for the domain example.com, we will see the following:

$ /opt/open-xchange/sbin/listcontext -A oxadminmaster -P secret
cid fid fname        enabled qmax qused name              lmappings                                CustomID         Owner
19  2   19_ctx_store true    1024     0 pleskcustomer1_24 pleskcustomer1_24,BRANDING||24||[...]                     pleskcustomer1

You can see, that we assigned the subadmin pleskcustomer1 to this Plesk instances owner. In addition, the name of the context has been generated as pleskcustomer1_24. This is happening in the Reseller Mode only. When this mode is turned off, the context name is the context id.

Note: The output is not very readable to to the fact that the Open-Xchange makes intensive use of the lmappings. If you want to have a more readable list, you could use the --csv option and import the result into a spreadsheet.

General Open-Xchange Configuration

In /opt/open-xchange/etc/sessiond.properties set

com.openexchange.sessiond.autologin=true

If not, users will get the message The action "store" is disabled due to server configuration when they directly access Open-Xchange via POA.

In /opt/open-xchange/etc/login.properties add the new setting

com.openexchange.login.formLoginWithoutAuthId=true

In /opt/open-xchange/etc/plugin/hosting.properties set

CHECK_CONTEXT_LOGIN_MAPPING_REGEXP=[$%:\\.+a-zA-Z0-9@_\\/\\|-]

In /opt/open-xchange/etc/AdminUser.properties set

PRIMARY_MAIL_UNCHANGEABLE=false

Plesk Configuration (Admin Role)

Add Application via Application Vault

Application Vault.png

Add App.png

Select from Catalog.png

Check version requirement

Check that the version of the APS package is at least 7.2. Older versions are neither supported nor will they work in all circumstances.

Check version.png

Set up the Open-Xchange package

Settings Part1.png

Settings Part2.png

Plesk Configuration (Webmaster Role)

Once the Plesk Admin installed and configured the Open-Xchange APS package, you can e.g. assign a user the Webmaster role to install that application into one or more domains.

Webmaster Install Open-Xchange.png

Webmaster Required fields.png

Understanding the Open-Xchange specific configuration data

Webmaster Context created.png

Creating Webmail users

In the same configuration as shown above, existing mail accounts can be created as a webmail user. Once created in to Open-Xchange, the list of existing mail accounts will have a small Open-Xchange icon displayed for users, that have been created into Open-Xchange. Via a click on that icon, you can directly access Open-Xchange Webmail on behalf of that user.

Mail User with Open-Xchange.png


Debugging

Plesk

Plesk errors can be found in /usr/local/psa/admin/logs/panel.log. If you turn on Debug mode in the APS package settings, you see even more information, but do NOT turn it on in production permanently.

To have even more information, do the following on your Plesk system:

$ cd /usr/local/psa/admin/conf/
$ mv panel.ini.sample panel.ini

and set

[log]
filter.priority = 7

Open-Xchange

Open-Xchange errors can usually be found in /var/log/open-xchange/open-xchange.log.0.