Messages

1

Installation problems / Re: Is it possible to prevent use of CRAM-MD5 and DIGEST-MD5?

« on: November 13, 2015, 09:36:57 am »

Somewhere between FengOffice 3.1.x and FengOffice 3.4 it became possible to disable CramMD5 and DigestMD5 authentication as follows:

Edit OC/library/Pear/Net/IMAPProtocol.php

on line 38, change this:

Code: [Select]

var $supportedAuthMethods = array('DIGEST-MD5', 'CRAM-MD5','LOGIN');

To this:

Code: [Select]

var $supportedAuthMethods = array('LOGIN');

Finally, after 4 years, I can begin to evaluate FengOffice ;-)

2

Installation problems / Re: Is it possible to prevent use of CRAM-MD5 and DIGEST-MD5?

« on: November 01, 2014, 11:04:33 am »

FYI -

I finally (FO 2.7.1.6) learned that everything works if I disable DIGEST-MD5 and CRAM-MD5 on my mail server during email account setup in FO.

That is, I did this:
1) disable DIGEST-MD5 and CRAM-MD5 authentication on my mail server
2) Setup my email account in fengoffice
3) re-enable DIGEST-MD5 and CRAM-MD5 on the mail server

... and everything works OK.

The root of this problem (I believe) is that my Kerio Connect mail server supports DIGEST-MD5 and CRAM-MD5, but *also* supports external authentication mechanisms (Active Directory and Open Directory) that do not.  Consequently, the server must advertise the availability of these protocols in case the remote user is authenticating against the local user database, but then the authentication fails for my active-directory-integrated account:
http://manuals.kerio.com/connect/adminguide/en/sect-advanced.html

3

How To's / Re: How to tell Feng version from database?

« on: November 29, 2012, 10:20:39 am »

I can't find anything as convenient as a "schema version" in my databases.

Perhaps you could:
- download 1.75
- locate the sql upgrade scripts, to identify the schema changes between 1.74 and 1.75 (or download both 1.75 and 1.74 and compare the sql scripts to create new databases)
- look for the new data items in your db: if you have them, you're at 1.75; if you don't, you're at 1.74.


...or, (perhaps simpler) - attempt to "upgrade" to v1.75 -- if the upgrader does something or not, you're done.

4

Getting Started / Re: Email query

« on: September 28, 2012, 09:22:38 am »

I thought there was a check-box during email account setup to control this?

"Delete mails from server Enable this option in order to delete mails from server after desired time."

5

Announcements / Re: Feng Office 2.1 BETA released!!!

« on: July 14, 2012, 10:38:17 am »

I noticed that the sql schema contained in <feng root>/public/install/installation/templates/sql/mysql_schema.php included two columns in the "fo_project_tasks" table that did not exist in my version.

Adding the two missing columns to fo_project_tasks restored my ability to see tasks in FO 2.1.

I added those columns to using these commands in mysql:

Code: [Select]

alter table fo_project_tasks add column original_task_id int(10) unsigned null default '0';
alter table fo_project_tasks add column type_content enum('text','html') not NULL default 'text';

[random guess]
I think I ran into this problem because my table prefix before the upgrade was 'fo_', while 'complete_migration.php' seems to assume that my old table prefix is 'og_' (and probably also assumes that the new databases were created using the new schema with a prefix of 'fo_').
[/random guess]

6

Announcements / Re: Feng Office 2.1 BETA released!!!

« on: July 14, 2012, 09:27:58 am »

I use version 2.0.0.8
Upgrading was OK.
When I login and go to Tasks tab, error has occured
Other tabs work without errors

I, too, upgraded from 2.0.0.8 to 2.1., and get this error if I click on the 'tasks' tab -- but only if I have 'view all' selected under 'workspaces', or if I select a workspace that actually has tasks.  If I select any workspace that has no tasks, I do not get the error.

7

Feng Office 2 / Re: Feng Office 2.0 + LDAP + SSL/TLS? (Works w/out SSL, but *need* SSL)

« on: March 13, 2012, 08:26:03 am »

Anyone know how to use "ldap_set_option" to debug the connection?

You might be able to set the debug option using something like this:

Code: [Select]

  $config_ldap = array (
      'binddn'    => '',
      'bindpw'    => '',
      'starttls'  => false,
      'ssl'   => true,
      'basedn'    => 'ou=People,dc=domain,dc=com',
      'host'      => 'ldap.domain.com',
      'port'      => '636',
      'uid'       => 'uid',
      'options'       => array( 'debug' =>'true')
  );

Since 'starttls' is (sometimes) referred to as 'SSL V3', can you get what you want by enabling starttls?

I have also successfully used an ssh tunnel to encrypt ldap traffic, using a command like this:
ssh user@ldap-server-address -L 6389:localhost:389
* then configure Net_LDAP2 to use port 6389
* I already had an LDAP server on the feng host, hence the alternate port
* configure public key passwordless connections for ssh in order to allow ssh to connect in a script without stopping to ask for a password.

8

How To's / Re: File syncronization

« on: January 25, 2012, 12:40:18 pm »

You can easily reconfigure Feng to use a file system for file storage by going to:
Administration -> Configuration -> General

And setting:
File Storage -> 'File system'.

However, I don't think that feng document lists will automatically include new files added to the selected folder - I think you still need to upload files through Feng in order to create the associated meta-data records for each file in the database.

So, while you can make the change described above, I think it would then only be safe to expose the feng file storage folder in read-only mode.

Finally, the actual filenames stored in Feng are changed (presumably for increased security) to something that looks like "<FENGROOT>/upload/128/e07/5b1/dbeb003103b1b725ba51ce2d08a92a4", which is unlikely to mean much to your users.

The most promising option I know of is the 'WebDAV' capability that is possibly coming in v2.0 (search here in the forums for more info).

9

How To's / Re: What's the Pricing Plan?

« on: December 06, 2011, 09:07:18 am »

[caveat]
I am a casual Feng Office user with no knowledge of this beyond what I've read on the website and forums
[/caveat]

The Feng Office download from SourceForge is the 'Community Edition', which is free for you to install and use on your own hardware.

The pricing plan covers hosted service, or managed service on your hardware (see www-dot-fengoffice-dot-com/web/buy-onsite.php).

The Feng team stays pretty busy, so fixes and new features are more likely to make it into the core if you pay to get them there.

The paid, 'Professional' version also seems to include some non-open-source add-ins that increase functionality.

What Open Source license does Feng Office use?
Feng Office Community Edition is AGPLv3. That means you can do pretty much anything with it - with a few obligations.

The Professional Edition Suite bundles several add-ins that are not Open Source licensed. We encourage Businesses that plan to offer Feng Office-based services to contact us and seek a Partnership agreement.

For those who do not want to officially partner, we recommend you research the rights and obligations of the AGPLv3 license carefully.

10

Installation problems / Re: LDAP Authentication in fengoffice

« on: November 30, 2011, 10:40:46 am »

Look in <FENG ROOT>/config - you should find 'ldap.config.example.php'.

Copy this file to 'ldap.config.php'.

Edit the copy to contain appropriate values for your LDAP directory.

Once configured, you will still need to pre-create users in feng.

So, for my Active Directory network, my settings look like this:

Code: [Select]

<?php

  /**
  * ldap.config.example.php is sample configuration file for ldap authentication.
  * Rename it in ldap.config.php and change the values acconrding to your env.
  *
  * @author Luca Corbo <luca.corbo@2bopen.org>
  */

  // The configuration array:
  $config_ldap = array (
      'binddn'    => 'CN=LDAP-Bind-User,OU=myorg.org,DC=myorg,DC=org,DC=local',
      'bindpw'    => 'password-for-bind-user',
      'basedn'    => 'OU=Users,OU=myorg.org,DC=myorg,DC=org,DC=local',
      'host'      => 'localhost:3893',
      'uid'       => 'sAMAccountName' //Change in according with your settings to match the userid entry
  );
  return true;

?>
* My user accounts are contained in the Organizational Unit 'myorg.org'
* the user account 'LDAP-Bind-User' has full read rights to my AD
* In my case, I am tunneling traffic from port 3893 to my actual AD controller's port 389 using ssh (hence the odd 'host' setting).
* with 'uid' set to 'sAMAccountName', I need to pre-create user accounts in Feng that match the network user names that users enter when logging in to their windows workstations.  Feng then finds these users in LDAP and authenticates them if the correct password is entered.

11

Installation problems / Re: Stuck on step 3

« on: November 14, 2011, 09:30:48 am »

Is there anything in the Feng logfile at <FENG>/cache/log.php? (search the feng wiki for 'debugging' for more info).

You say that your install fails at Step 3 - on my install, the screen labeled 'Step 3' is where I enter the credentials that allow Feng to connect to my sql server.  If I enter incorrect credentials, I get a red error box saying 'Failed to connect to database with data you provided: Access denied for user 'fo_user'@'localhost' (using password: YES)'.  Are you getting any on-screen error at this point?

I create my webapp databases differently than you did; here are the commands I use.  I don't know enough msql to know if this is functionally the same as what you did.  I also don't know if I need 'with grant option'...

Code: [Select]

create database feng;
grant all privileges on feng.* to fo_user@localhost identified by 'password' with grant option;

After installing feng, I wanted to go back and get the settings I'd used for Step 3 to post here.  In order to re-run the install script, I had to delete <FENG>/config/config.php.

After creating the database using the command shown above, I used the following settings on the 'Step 3: System Settings' screen:
Database type: MySQL
Host name: localhost
Username: fo_user
Password: password
Database name: feng
Table prefix: fo_
Database engine: InnoDB
Absolute script URL: (I didn't change this)

12

Feng Office 2 / LDAP Authentication in fengoffice 2.0beta2

« on: November 02, 2011, 09:38:24 am »

Attempting to use LDAP authentication in fengoffice 2.0beta 2 generates the following error in my system's '/var/log/messages':

Code: [Select]

PHP Fatal error:  Call to undefined method Contact::isValidPasswordLdap() in <FENGROOT>/application/controllers/AccessController.class.php on line 115
To fix this, I added the 'isValidPasswordLdap' function from the ldap 1.6.2 patch into <FENGROOT>/application/models/contacts/Contact.class.php, which eliminated the above error.

That is, after applying the patch described below, I can authenticate pre-created users against an LDAP server as defined in <FENGROOT>/config/ldap.config.php.

Code: [Select]

diff -u application/models/contacts/Contact.class.php.2.0beta2 application/models/contacts/Contact.class.php produces the following output:

Code: [Select]

--- application/models/contacts/Contact.class.php.2.0beta2      2011-11-02 08:18:45.000000000 -0400
+++ application/models/contacts/Contact.class.php       2011-11-02 08:22:11.000000000 -0400
@@ -461,6 +461,44 @@
                return sha1 ( $this->getSalt () . $check_password ) == $this->getToken ();
        } // isValidPassword

+        /**
+         * Check if $check_password is valid LDAP user password
+         *
+         * @param string $check_password
+         * @return boolean
+         */
+        function isValidPasswordLdap($user, $password, $config) {
+
+                // Connecting using the configuration:
+                require_once "Net/LDAP2.php";
+
+                $ldap = Net_LDAP2::connect($config);
+
+                // Testing for connection error
+                if (PEAR::isError($ldap)) {
+                    return false;
+                }
+                $filter = Net_LDAP2_Filter::create($config['uid'], 'equals', $user);
+                $search = $ldap->search(null, $filter, null);
+
+                if (Net_LDAP2::isError($search)) {
+                    return false;
+                }
+
+                if ($search->count() != 1) {
+                    return false;
+                }
+
+                // User exists so we may rebind to authenticate the password
+                $entries = $search->entries();
+                $bind_result = $ldap->bind( $entries[0]->dn(), $password);
+
+                if (PEAR::isError($bind_result)) {
+                        return false;
+                }
+                return true;
+        } // isValidPasswordLdap
+

        /**
         * Check if $twisted_token is valid for this user account


13

How To's / Re: Problem after update to 1.7.4

« on: June 02, 2011, 09:23:03 am »

Check your system's permissions for /var/www/virtual/fo.dst.by/tmp/:

- The account used to run the web server process needs read/write access to /var/www/virtual/fo.dst.by/tmp/

and/or

- the PHP "open_basedir" variable needs to include /var/www/virtual/fo.dst.by/tmp/

14

How To's / Re: Problem after update to 1.7.4

« on: May 30, 2011, 09:06:48 am »

Try the debugging suggestions in the wiki, and see if there's anything useful in the log file.

15

General Discussion / Re: Database Limitation?

« on: May 27, 2011, 07:54:28 am »

As using MySQL Cluster can only protect the data stored in database, thus, I hope the documents can save in another location.

Why not set 'File Storage' to 'Database (MySQL)' (instead of 'File system') in Administration / Configuration / General?

As for moving file storage to serverC - simply mount <FENG>/upload to a share on serverC from both serverA and serverB.