Activesync on WebTop

After update to 6.7, I have installed WebTop and tried to use ActiveSync connection on Android. I have followed the documentation, but without success so far. Any advice? Is there any log that would help?
In the WebTop interface, the Global Settings, all connections do not use ssl. Should I force WebTop to use only ssl connections?
Thank you

Hi, you should first check that your user has enabled sync looking at the synchronization tab in user settings.
Once that checkbox is enabled and options saved, you just need to use port 443 on your device, and select
"SSL/TLS (accepts any certificate)".
Beware also that the user login name is the complete email (not just “name”, but “name@domain.tld”).

To check if authentication on ActiveSync is working for your user, you can also use a browser.
The URL is: https://[your-server-name]/Microsoft-Server-ActiveSync
Proceed on the possible certificate warning and give credentials (name@domain.tld and its password).
If you get “GET not supported”, it means authentication works.

1 Like

I have enabled sync, but the url check loops into user authentification…
“Access denied. Username or password incorrect”

Be sure to use your webtop login name + domain when authenticating on ActiveSync: if you login
as “nick.name” in Webtop, and your domain is defined as “mydomain.com”, use nick.name@mydomain.com as your
login to AS.

I have always had a problem with my domain. My server is at home, with a dynamic IP from my provider. To keep the same dns, I use a dynamic dns service. I am on “aaa.ddns.net”. In the Nethserver configuration, I use “aaa.ddns.net” as domain and “aaa” as hostname. Maybe that’s wrong, but it has been working for the time being. In the admin settings of WebTop, some fields were set as “aaa.aaa.ddns.net”, which I changed to “aaa.ddns.net”.
Do you have advices to clean up my configuration?
Thank you

ok, webtop and activesync will use the domain stated in the domain panel of webtop.
So, login in webtop as “admin”, open the domains tree and click your domain: the opening pane will show
the “internet domain”.

Use that internet domain as the domain of your login to AS.
Also, if you have access to the nethserver filesystem, check if you can read these two files, and maybe you will find informations on the error:

/var/log/z-push/z-push.log
/var/log/z-push/z-push-error.log

Internet domain is right "aaa.ddns.net"
Z-push logs are empty… I don’t know what does that mean!

probably logging is just not enabled.

try to login in Webtop using same credentials (login with domain and password, all same as with AS)

to see how loggin is configured in z-push, you may even look at the file:

/usr/share/webtop/z-push/config.php

look for a line starting with:

define(‘LOGLEVEL’…

Right now LOGLEVEL_ERROR, which I change to LOGLEVEL_DEBUG ?

try, and see if next access show something there

Hello, I am new here. I know this conversation is old, however I have the same problem and I think I may have discovered at least part of the problem.

This is what I tried so far:-

  • I set the debug level in the z-push conf.php file to debug and looked at results in z-push.log. I could see that imap auth was ok but ldap bind was not, indicating tasks.php:769
  • I added a LOGLEVEL_INFO line to check the credentials and saw that $ldaprdn variable contained some values that seem incorrect for domain. In my case dc=multicomqld.com,dc=au which I think should be dc=multicomqld,dc=com,dc=au.
  • I manually changed the variable and now z-push.log indicates a ldap bind error in calendar.php:1522

I believe the code is wrong at the beginning of the ldap_authenticate function in these (and probably other) files. The domain string separation assumes only 2 levels (eg. test@test.com) but in my case there are 3.

I notice the original poster “loic” mentions an internet domain of “aaa.ddnt.net” which would explain the problem as well.

I don’t have time right now to look at how many files use the same domain substring code. If someone knows which files do, i will be happy to temporarily edit them to see if Webtop z-push works properly for 3 level domain names.

I can confirm that by temporarily editing the code in ‘function ldap_authenticate’ in tasks.php, calendar.php and vcarddir.php resolves the problem. i.e. When I test at https://[your-server-name]/Microsoft-Server-ActiveSync, I now receive “GET not supported” as expected.

Thanks Greg. I gave up using Webtop, not only because of this issue, but also because I understood Webtop was not suited to clients like Thunderbird or Outlook.
By the way, I have understood that having my server at home with a dynamic IP and so a dyn dns is sometime a problem with nethserver. I will try as you say when I have some time.
Loïc

Hi friends, how about updated version of WebTop4?
@lucag maybe you can shed the light on it?

Hi, I confirm that those zpush files are configured for a 2 levels domain name.
We will see if we can find an easy way to support different levels, without requiring you to edit as you did.

Please @loic , what do you mean with “Webtop is not suited to clients like Thunderbird or Outlook”?
Actually we mean it as a web replacement, with added integrated services and functionalities.
We understand of the existence of some missing feature: would you let us know which ones actually are you missing?

thanks

@Nas, what features are you expecting on the next update?

I changed a few lines of code in the 3 z-push backend files which seems to work ok for both 2 and 3 level domain names. This is in the function “ldap_authenticate” of tasks.php, calendar.php and vcarddir.php.

Original first few lines:
$et = strrpos($username, “@”);
$p = $this->lastIndexOf($username, “.”);
$et_dom = substr($username, $et + 1, $p - strlen($username));
$dot_ext = substr($username, $p + 1, strlen($username));
$username = substr($username, 0, $et);
$ldaprdn = “uid=$username,ou=people,dc=” . $et_dom . “,dc=” . $dot_ext;

Changed to this:
$et = strrpos($username, “@”);
$et_dom = substr($username, $et + 1);
$et_dom = str_replace(".",",dc=",$et_dom);
$username = substr($username, 0, $et);
$ldaprdn = “uid=$username,ou=people,dc=” . $et_dom;

Maybe someone knows if this is good enough or whether other changes are necessary to correct the issue.

1 Like

as @gabriele_bulfon has already requested, would you mind to explain this sentence better? I’m keen to hear what do you think about