Domain Integration in Carbonio

Creating and maintaining a global address book in a complex enterprise can be a challenging task for a system administrator. For example, if you need to provide access for users of one mail domain to the contact list of another, or make the contact list of several domains visible at once, so that the address book updates itself and can be used to autofill contacts, grant various access rights, etc. In this article, we will tell you how to implement such integration of domains in Carbonio. This instruction is also suitable for service providers whose clients may need to combine several domains.

This instruction is suitable for both users of the free version of Carbonio Community Edition and the commercial version of Carbonio.

Let's recall that we have previously written about the simplest ways to add new domains to the GAL. The method described earlier is suitable for adding contacts from all domains on the server, or subdomains, with a name that is one level higher than the original domain name to the global address book. But what if the task is to combine address books of domains with different names?

There are two ways to achieve address book merging. The first is the simplest and involves granting users of the target domain access to the global address book of the desired domain. This method has a limitation, since such access can only be granted if the galsync account that contains the address book of the desired domain is on the same AppServer node as the users of the target domain.

To grant the appropriate rights, search for galsync accounts and use its name to grant rights.

carbonio prov -l getAllAccounts | grep galsync

The command output will display all galsync accounts for all domains. Select an account in the domain you want to use and get a list of its folders.

carbonio prov selectMailbox galsync.st_9z7zub@carbonio.local getAllFolders

Find the folder in the list that contains the GAL of the domain you need and grant access to it to the users of the target domain.

carbonio prov selectMailbox galsync.st_9z7zub@carbonio.local modifyFolderGrant "_InternalGAL" domain carbonio.test r

After this, in the list of address books available for connection, in addition to the global address book of their domain, users of the carbonio.test domain will also have an address book available for connection with users of the carbonio.local domain, owned by the galsync account of the target domain. Given that the GAL is automatically updated, the system administrator will not have to make further efforts to keep it up to date.

The second method is to add a new source to the GAL of the target domain, which generates a list based on an LDAP query. This method is a little more complicated to implement, but it allows you to combine global address books even for those domains that are on different AppServer nodes.

To do this, find the galsync account name of the target domain

carbonio prov -l getAllAccounts | grep galsync

Add a new GAL source to it. In this case, we add a source named AnotherGAL, specify the domain it will be shared to, specify the folder where the found contacts will be placed, and also set the source update period.

zmgsautil addDataSource -a galsync@carbonio.test -n AnotherGAL --domain carbonio.test -t ldap -f _AnotherGAL -p 5m

After successfully creating a new source, we specify the search query that will be used to search for accounts.

carbonio prov modifyDataSource galsync@carbonio.test AnotherGAL zimbraGalSyncLdapBindDn uid=zimbra,cn=admins,cn=zimbra zimbraGalSyncLdapBindPassword ********** zimbraGalSyncLdapFilter '(|(&(mail=*)(zimbraAccountStatus=active)(!(zimbraHideInGAL=TRUE)))(&(mail=*)(objectClass=zimbraDistributionList)(!(zimbraHideInGAL=TRUE))))' zimbraGalSyncLdapSearchBase dc=carbonio,dc=local zimbraGalSyncLdapURL ldap://mail.carbonio.local:389

This command uses the galsync account name and source name from the previously obtained data. The zimbraGalSyncLdapBindDn and zimbraGalSyncLdapBindPassword parameters may differ depending on your Carbonio installation. You can find them at the end of the /opt/zextras/cog/localconfig.xml file.

The search query is formed in such a way that it includes only active accounts from the domain specified in the search database. The Carbonio LDAP address is also specified, in which the search for accounts is carried out.

After adding a new source, you should force it to synchronize

zmgsautil forceSync -a galsync@carbonio.test -n AnotherGAL

The result of the actions taken will be the appearance in the user's web client of two address books available for connection, the owner of which is the galsync account of the required domain.

After connecting folders with GAL of shared domains, contacts from them become available for auto-substitution, as well as for various interactions. For example, in Carbonio Chats it becomes possible to create dialogs with users of the integrated domain, and it also becomes possible to grant access rights to files and folders in Carbonio Files, including joint editing of documents, tables and presentations in Carbonio Docs.

Autofill also simplifies the process of sharing mail folders, calendars, and address books, and allows you to grant rights to send email on behalf of a user in one domain to a user in another domain. The only limitation in this case is that all accounts must be located on the same AppServer node.

For questions regarding testing, purchasing, licensing and consultations, please contact the exclusive partner Zextras at sales@svzcloud.ru.

You can get information and exchange information about Carbonio CE in groups in Telegram CarbonioMail And Carbonio CE Unofficial.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *