Activesync on WebTop

Be sure to use your webtop login name + domain when authenticating on ActiveSync: if you login
as “nick.name” in Webtop, and your domain is defined as “mydomain.com”, use nick.name@mydomain.com as your
login to AS.

I have always had a problem with my domain. My server is at home, with a dynamic IP from my provider. To keep the same dns, I use a dynamic dns service. I am on “aaa.ddns.net”. In the Nethserver configuration, I use “aaa.ddns.net” as domain and “aaa” as hostname. Maybe that’s wrong, but it has been working for the time being. In the admin settings of WebTop, some fields were set as “aaa.aaa.ddns.net”, which I changed to “aaa.ddns.net”.
Do you have advices to clean up my configuration?
Thank you

ok, webtop and activesync will use the domain stated in the domain panel of webtop.
So, login in webtop as “admin”, open the domains tree and click your domain: the opening pane will show
the “internet domain”.

Use that internet domain as the domain of your login to AS.
Also, if you have access to the nethserver filesystem, check if you can read these two files, and maybe you will find informations on the error:

/var/log/z-push/z-push.log
/var/log/z-push/z-push-error.log

Internet domain is right "aaa.ddns.net"
Z-push logs are empty… I don’t know what does that mean!

probably logging is just not enabled.

try to login in Webtop using same credentials (login with domain and password, all same as with AS)

to see how loggin is configured in z-push, you may even look at the file:

/usr/share/webtop/z-push/config.php

look for a line starting with:

define(‘LOGLEVEL’…

Right now LOGLEVEL_ERROR, which I change to LOGLEVEL_DEBUG ?

try, and see if next access show something there

Hello, I am new here. I know this conversation is old, however I have the same problem and I think I may have discovered at least part of the problem.

This is what I tried so far:-

  • I set the debug level in the z-push conf.php file to debug and looked at results in z-push.log. I could see that imap auth was ok but ldap bind was not, indicating tasks.php:769
  • I added a LOGLEVEL_INFO line to check the credentials and saw that $ldaprdn variable contained some values that seem incorrect for domain. In my case dc=multicomqld.com,dc=au which I think should be dc=multicomqld,dc=com,dc=au.
  • I manually changed the variable and now z-push.log indicates a ldap bind error in calendar.php:1522

I believe the code is wrong at the beginning of the ldap_authenticate function in these (and probably other) files. The domain string separation assumes only 2 levels (eg. test@test.com) but in my case there are 3.

I notice the original poster “loic” mentions an internet domain of “aaa.ddnt.net” which would explain the problem as well.

I don’t have time right now to look at how many files use the same domain substring code. If someone knows which files do, i will be happy to temporarily edit them to see if Webtop z-push works properly for 3 level domain names.

I can confirm that by temporarily editing the code in ‘function ldap_authenticate’ in tasks.php, calendar.php and vcarddir.php resolves the problem. i.e. When I test at https://[your-server-name]/Microsoft-Server-ActiveSync, I now receive “GET not supported” as expected.

Thanks Greg. I gave up using Webtop, not only because of this issue, but also because I understood Webtop was not suited to clients like Thunderbird or Outlook.
By the way, I have understood that having my server at home with a dynamic IP and so a dyn dns is sometime a problem with nethserver. I will try as you say when I have some time.
Loïc

Hi friends, how about updated version of WebTop4?
@lucag maybe you can shed the light on it?

Hi, I confirm that those zpush files are configured for a 2 levels domain name.
We will see if we can find an easy way to support different levels, without requiring you to edit as you did.

Please @loic , what do you mean with “Webtop is not suited to clients like Thunderbird or Outlook”?
Actually we mean it as a web replacement, with added integrated services and functionalities.
We understand of the existence of some missing feature: would you let us know which ones actually are you missing?

thanks

@Nas, what features are you expecting on the next update?

I changed a few lines of code in the 3 z-push backend files which seems to work ok for both 2 and 3 level domain names. This is in the function “ldap_authenticate” of tasks.php, calendar.php and vcarddir.php.

Original first few lines:
$et = strrpos($username, “@”);
$p = $this->lastIndexOf($username, “.”);
$et_dom = substr($username, $et + 1, $p - strlen($username));
$dot_ext = substr($username, $p + 1, strlen($username));
$username = substr($username, 0, $et);
$ldaprdn = “uid=$username,ou=people,dc=” . $et_dom . “,dc=” . $dot_ext;

Changed to this:
$et = strrpos($username, “@”);
$et_dom = substr($username, $et + 1);
$et_dom = str_replace(".",",dc=",$et_dom);
$username = substr($username, 0, $et);
$ldaprdn = “uid=$username,ou=people,dc=” . $et_dom;

Maybe someone knows if this is good enough or whether other changes are necessary to correct the issue.

1 Like

as @gabriele_bulfon has already requested, would you mind to explain this sentence better? I’m keen to hear what do you think about

I guess that @lucag should be interested in

Sorry for the delay. I’m quite full these days.
I am looking for a personal server for my family, with shared calendars and that can be accessed from different platforms: Android (Exchange at best, otherwise Dav) and Windows (Thunderbird, Outlook and Mail/Contact/Calendar of W10).
My remark was related to what I understood from Webtop, which is mainly designed to be used in a browser. I need to access my accounts from Thunderbird and Outlook (clients) and possibly Mail/Contact/Calendar of W10.
Did I understand well the capabilities of Webtop?
For the time being, I use Sogo, with is limited with the Exchange protocol.

I am also evaluating Webtop for the similar reasons stated above.

To that end, I have created a brand new load (NS 7 Beta 1). Loaded email and weptop. Went into the weptop admin, enabled webtop access for two test accounts. Logged into to the test accounts to create one contact, calendar and task. Enabled sync on the test accounts.

The Problem:
ActiveSync is not responding to Outlook or BB10. When I use the web url https://[myserver]/Microsoft-Server-ActiveSync the response is 403 - Forbidden.

Ideas?

Since