Difference between revisions of "OXSE4UCS Installation en"

(Optional: Univention Corporate Server SAML-SSO Configuration with OX App Suite)
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
= Introduction=
 
 
 
= First Step: Installation Univention Corporate Server =
 
= First Step: Installation Univention Corporate Server =
As OX App Suite / Server Edition for UCS is an expansion pack for the Univention Corporate Server, one or more UCS server(s) must be installed firstly.
+
As OX App Suite is available as App for Univention App Center Univention Corporate Server (UCS). One or more UCS server(s) must be installed first. There are several possible different installation scenarios. In principle, OX App Suite can be installed on all UCS domain controller server roles: DC master, DC backup or DC slave. Installation on the server roles member server or base system is not currently possible.
There are several possible different installation scenarios. In principle, OX App Suite / Server Edition for UCS can be installed on all UCS domain controller server roles: DC master, DC backup or DC slave. Installation on the server roles member server or base system is not currently possible.
 
  
To start, the Univention Corporate Server systems are installed as usual with UCS 3.x.  
+
To start, the Univention Corporate Server systems are installed with the latest UCS version that is currently supported by OX App Suite.
  
'''Download the UCS Installation DVD Image here:'''  [https://www.univention.de/en/download-and-support/ https://www.univention.de/en/download-and-support/]
+
'''Download the UCS Installation ISO Image here:'''  [https://www.univention.com/downloads/download-ucs/ https://www.univention.com/downloads/download-ucs/]
  
If several systems are in the UCS domain, a check must be performed that the join procedure has been run on all servers. This is usually done at the end of the installation procedure. Further information on the installation of UCS can be found in the UCS manual: [https://www.univention.de/en/download-and-support/documentation/ https://www.univention.de/en/download-and-support/documentation/]
+
If several systems are in the UCS domain, a check must be performed that the join procedure has been run on all servers. This is usually done at the end of the installation procedure. Further information on the installation of UCS can be found in the UCS manual: [https://docs.software-univention.de/manual.html https://docs.software-univention.de/manual.html]
  
= Second Step: Installation OX App Suite / Server Edition for UCS =
+
= Second Step: Installation OX App Suite =
  
Since UCS 3.x the Open-Xchange OX App Suite / Server Edition has to be installed via the Univention App Center. To start the Univention App Center, log into Univention Management Console and open the UMC module '''App Center'''.  
+
Since UCS 3.x OX App Suite has to be installed via the Univention App Center. To start the Univention App Center, log into Univention Management Console and open the UMC module App Center. In the Univention App Center you need to select the application OX App Suite and click on Install.
In the Univention App Center you need to select the application ''Open-Xchange OX App Suite / Server Edition'' and click on Install.  
 
  
Download, installation and configuration of OX App Suite / Server Edition for UCS may take several minutes. Please do not shut down or restart the UCS system until the installation is complete.
+
Download, installation and configuration of OX App Suite may take several minutes. Please do not shut down or restart the UCS system until the installation is complete.
  
=Updating=
+
Besides of the installation of OX App Suite, all necessary components for the extension OX Drive clients will be installed automatically. The OX Drive client lets you store and share your photos, files, documents and videos, anytime, anywhere. Access any file you save to OX Drive from all your computers, iPhone, iPad or from within OX App Suite itself.
 
 
The following steps are necessary to update a UCS 3.0-2 system with OX SE for UCS 6.20.7 to UCS 3.1 with OXSE v6.22.2 / App Suite v7.2.1 for UCS:
 
 
 
* Update to UCS 3.1-1: The update can be started by the UMC module Online update or by the command line tool univention-upgrade. Further details about the update are described in the UCS manual. After the update to UCS 3.1, the OXSE for UCS installation will be automatically reconfigured to use the Univention App Center for further updates.
 
* Installation of the latest UCS errata updates: The errata updates can be installed with UMC module Online update → Package Updates or by the command line tool Univention-upgrade.
 
* Update of the “Open-Xchange Server Edition” via the App Center: Now the “Open-Xchange Server Edition” can be updated to version 7.2 with the UMC module App Center. Where necessary, a key identification (Key ID) has to be added to the UCS license. This is done via a special wizard when updating or installing the “Open-Xchange Server Edition” in the App Center.
 
* Installation of Package Updates: The last step is to ensure, that the latest package updates are installed (with the UMC module Online Update → Package Updates or via the command line tool univention-upgrade).
 
 
 
All further updates for OX SE / App Suite for UCS will be available in Univention App Center. Please check the UMC module App Center for updates of the application Open-Xchange Server Edition / OX App Suite.
 
  
 
=Administration=
 
=Administration=
 
==Frontend selection==
 
 
During installation two versions of the Open-Xchange frontend have been configured: OX6 and AppSuite. In default configuration these frontends are shown on the overview page (https://<IP address of the OX system>/) and may be used simultaneously.
 
 
By setting UCR variables either of those frontends may be deactivated. For disabling the AppSuite
 
frontend run the following command:
 
 
$ ucr set ox/frontend/appsuite/enabled=no
 
and for disabling the OX6 frontend the following command has to be called:
 
$ ucr set ox/frontend/ox6/enabled=no
 
  
 
== UMC module “Licence management” ==
 
== UMC module “Licence management” ==
Line 46: Line 22:
 
The license management module supports you in the configuration of an Open-Xchange account and the selection of a suitable Open-Xchange license key. It is necessary to specify an Open-Xchange account to be able to select a license key previously saved in the account and install the UCS license. In addition, the account is also required for the installation of version and security updates from the Open-Xchange online repository, as this requires authentication.
 
The license management module supports you in the configuration of an Open-Xchange account and the selection of a suitable Open-Xchange license key. It is necessary to specify an Open-Xchange account to be able to select a license key previously saved in the account and install the UCS license. In addition, the account is also required for the installation of version and security updates from the Open-Xchange online repository, as this requires authentication.
  
In this account, the same combination of username and password is required which was also used for the license database http://ldb.open-xchange.com.
+
In this account, the same combination of username and password is required which was also used for the license database https://www.open-xchange.com/customer-portal/
  
On an unconfigured system, the license management module displays the first configuration step directly, as shown in the figure. In all other cases, an overview of the current configuration is displayed.
+
On an unconfigured system, the license management module displays the first configuration step directly. In all other cases, an overview of the current configuration is displayed.
  
The first step involves entering the username and password of the Open-Xchange account. After continuing to the second configuration step via the ''Next'' button, the entered account information is automatically verified. Should it prove necessary to reset the password for an account, the ''Reset password'' button can be used to reset the password for an account. The username must be entered in the dialogue which opens; the password must be entered twice. On confirmation, an e-mail is sent to the e-mail address specified for the account containing a confirmation link, which can be opened in the browser of your choice to complete the process.
+
The first step involves entering the username and password of the Open-Xchange account. After continuing to the second configuration step via the Next button, the entered account information is automatically verified. Should it prove necessary to reset the password for an account, the Reset password button can be used to reset the password for an account. The username must be entered in the dialogue which opens; the password must be entered twice. On confirmation, an e-mail is sent to the e-mail address specified for the account containing a confirmation link, which can be opened in the browser of your choice to complete the process.
  
 
The second and final step requires to select a suitable Open-Xchange license key. A variety of information is stored in the license database for a license key (e.g., the primary mail domain or the number of licensed users). In addition, a UCS license is saved for every license key in the license database, which is downloaded from the LDB server and installed on the local system when this wizard is finished.
 
The second and final step requires to select a suitable Open-Xchange license key. A variety of information is stored in the license database for a license key (e.g., the primary mail domain or the number of licensed users). In addition, a UCS license is saved for every license key in the license database, which is downloaded from the LDB server and installed on the local system when this wizard is finished.
 
 
If several keys are saved in the specified account, it is important to select the correct key, as it will otherwise not be possible to complete the configuration if the information saved in the license database does not correspond to the local system.
 
If several keys are saved in the specified account, it is important to select the correct key, as it will otherwise not be possible to complete the configuration if the information saved in the license database does not correspond to the local system.
  
 
When performing the configuration for the first time, you may be prompted to confirm the end user license agreement (EULA) for the selected product via the checkbox.
 
When performing the configuration for the first time, you may be prompted to confirm the end user license agreement (EULA) for the selected product via the checkbox.
  
After clicking on the ''Finish'' button, the UCS license is downloaded and installed. The Open-Xchange license key is then configured on the local system. This procedure can take a few seconds.
+
After clicking on the Finish button, the UCS license is downloaded and installed. The Open-Xchange license key is then configured on the local system. This procedure can take a few seconds.
  
 
Once the configuration is complete, the module redirects to the overview page. This page displays the currently configured Open-Xchange account, the status of the specified user data (valid/invalid), the license key selected for this system and the LDAP base of the installed system.
 
Once the configuration is complete, the module redirects to the overview page. This page displays the currently configured Open-Xchange account, the status of the specified user data (valid/invalid), the license key selected for this system and the LDAP base of the installed system.
  
Following successful configuration, it is possible to ''Switch to the Online Update module'' directly from here and install the available updates.
+
Following successful configuration, it is possible to Switch to the Online Update module directly from here and install the available updates.
  
If it proves necessary to change the Open-Xchange account or it has been relicensed, you can open the configuration wizard again using the ''Change settings'' button. For relicensing, it is necessary to perform the configuration procedure anew so that the modified license information is adopted on the local system.
+
If it proves necessary to change the Open-Xchange account or it has been relicensed, you can open the configuration wizard again using the Change settings button. For relicensing, it is necessary to perform the configuration procedure anew so that the modified license information is adopted on the local system.
  
 
 
== User and group management ==
 
== User and group management ==
  
 
New users and groups can be created using the Univention Management Console (UMC). The UMC can be accessed on the DC master via a web browser at https://<IP address of DC master>/umc/. It is possible to log in as the Administrator user using the password specified during the installation.
 
New users and groups can be created using the Univention Management Console (UMC). The UMC can be accessed on the DC master via a web browser at https://<IP address of DC master>/umc/. It is possible to log in as the Administrator user using the password specified during the installation.
  
When creating a user, the ''open-xchange groupware account'' user template should be selected. This preselects all Open-Xchange specific settings.
+
When creating a user, the open-xchange groupware account user template should be selected. This preselects all Open-Xchange specific settings.
  
 
== System messages ==
 
== System messages ==
Line 84: Line 58:
 
It is possible to log in as the oxadmin user in the Open-Xchange web interface using the password from the ''/etc/ox-secrets/context10.secret'' file.
 
It is possible to log in as the oxadmin user in the Open-Xchange web interface using the password from the ''/etc/ox-secrets/context10.secret'' file.
  
[[Category: OX6]]
+
==  Optional: Univention Corporate Server SAML-SSO Configuration with OX App Suite ==
 +
 
 +
Further information on the optional Univention Corporate Server SAML-SSO Configuration with OX App Suite, can be found here: https://oxpedia.org/wiki/index.php?title=AppSuite:UCS_SAML_SSO_with_OX_App_Suite

Revision as of 09:31, 18 May 2021

First Step: Installation Univention Corporate Server

As OX App Suite is available as App for Univention App Center Univention Corporate Server (UCS). One or more UCS server(s) must be installed first. There are several possible different installation scenarios. In principle, OX App Suite can be installed on all UCS domain controller server roles: DC master, DC backup or DC slave. Installation on the server roles member server or base system is not currently possible.

To start, the Univention Corporate Server systems are installed with the latest UCS version that is currently supported by OX App Suite.

Download the UCS Installation ISO Image here: https://www.univention.com/downloads/download-ucs/

If several systems are in the UCS domain, a check must be performed that the join procedure has been run on all servers. This is usually done at the end of the installation procedure. Further information on the installation of UCS can be found in the UCS manual: https://docs.software-univention.de/manual.html

Second Step: Installation OX App Suite

Since UCS 3.x OX App Suite has to be installed via the Univention App Center. To start the Univention App Center, log into Univention Management Console and open the UMC module App Center. In the Univention App Center you need to select the application OX App Suite and click on Install.

Download, installation and configuration of OX App Suite may take several minutes. Please do not shut down or restart the UCS system until the installation is complete.

Besides of the installation of OX App Suite, all necessary components for the extension OX Drive clients will be installed automatically. The OX Drive client lets you store and share your photos, files, documents and videos, anytime, anywhere. Access any file you save to OX Drive from all your computers, iPhone, iPad or from within OX App Suite itself.

Administration

UMC module “Licence management”

The license management module supports you in the configuration of an Open-Xchange account and the selection of a suitable Open-Xchange license key. It is necessary to specify an Open-Xchange account to be able to select a license key previously saved in the account and install the UCS license. In addition, the account is also required for the installation of version and security updates from the Open-Xchange online repository, as this requires authentication.

In this account, the same combination of username and password is required which was also used for the license database https://www.open-xchange.com/customer-portal/

On an unconfigured system, the license management module displays the first configuration step directly. In all other cases, an overview of the current configuration is displayed.

The first step involves entering the username and password of the Open-Xchange account. After continuing to the second configuration step via the Next button, the entered account information is automatically verified. Should it prove necessary to reset the password for an account, the Reset password button can be used to reset the password for an account. The username must be entered in the dialogue which opens; the password must be entered twice. On confirmation, an e-mail is sent to the e-mail address specified for the account containing a confirmation link, which can be opened in the browser of your choice to complete the process.

The second and final step requires to select a suitable Open-Xchange license key. A variety of information is stored in the license database for a license key (e.g., the primary mail domain or the number of licensed users). In addition, a UCS license is saved for every license key in the license database, which is downloaded from the LDB server and installed on the local system when this wizard is finished. If several keys are saved in the specified account, it is important to select the correct key, as it will otherwise not be possible to complete the configuration if the information saved in the license database does not correspond to the local system.

When performing the configuration for the first time, you may be prompted to confirm the end user license agreement (EULA) for the selected product via the checkbox.

After clicking on the Finish button, the UCS license is downloaded and installed. The Open-Xchange license key is then configured on the local system. This procedure can take a few seconds.

Once the configuration is complete, the module redirects to the overview page. This page displays the currently configured Open-Xchange account, the status of the specified user data (valid/invalid), the license key selected for this system and the LDAP base of the installed system.

Following successful configuration, it is possible to Switch to the Online Update module directly from here and install the available updates.

If it proves necessary to change the Open-Xchange account or it has been relicensed, you can open the configuration wizard again using the Change settings button. For relicensing, it is necessary to perform the configuration procedure anew so that the modified license information is adopted on the local system.

User and group management

New users and groups can be created using the Univention Management Console (UMC). The UMC can be accessed on the DC master via a web browser at https://<IP address of DC master>/umc/. It is possible to log in as the Administrator user using the password specified during the installation.

When creating a user, the open-xchange groupware account user template should be selected. This preselects all Open-Xchange specific settings.

System messages

The mail/alias/root UCS variable must be set so that system messages can be delivered. To do this, either a new account can be created or, alternatively, oxadmin@DOMAIN is provided for this purpose:

$ ucr set mail/alias/root=oxadmin@ucs.local
$ newaliases
$ /etc/init.d/postfix reload

It is possible to log in as the oxadmin user in the Open-Xchange web interface using the password from the /etc/ox-secrets/context10.secret file.

Optional: Univention Corporate Server SAML-SSO Configuration with OX App Suite

Further information on the optional Univention Corporate Server SAML-SSO Configuration with OX App Suite, can be found here: https://oxpedia.org/wiki/index.php?title=AppSuite:UCS_SAML_SSO_with_OX_App_Suite