Tools Kolab iRony Lead image: Lead Image © Pablo Hidalgo, 123RF.com

Kolab iRony with CalDAV and CardDAV support

Group iRony

Open standards and open source are requisite in Kolab groupware. The alpha release of version 3.1 hugely extended the number of compatible clients with the CalDAV and CardDAV protocols, making Kolab data available on iOS and Mac OS X and in Thunderbird and Evolution. By Andrej Radonic, Markus Feilner

As mobile clients become more popular, admins find it increasingly difficult to avoid offering remote access to calendars and address data to their users. Despite being open source and open standards-driven groupware, Kolab [1] has had little to offer in this scenario. Only its own clients (Kontact; the Horde web interface and, later, Roundcube; and some proprietary Outlook plugins) can use the central calendar and address book. Mobile devices needed Microsoft's ActiveSync protocol or (up to Kolab 3) the outdated SyncML to connect with the open source groupware.

As of version 3.1, the Kolab team from Swiss-based Kolab Systems added the CalDAV and CardDAV open protocol standards for the exchange of appointments, tasks, and contacts to the server, allowing admins to turn to many existing groupware-enabled clients, such as the Lightning Thunderbird extension, Evolution, OS X applications like Apple's iCal (Calendar since Mountain Lion), as well as iOS and Android systems.

For this to work, the Kolab team did not reinvent the wheel; rather, they integrated the proven PHP package by SabreDAV [2] (Figure 1), which implements the WebDAV protocol stack as a server. The newly created protocol layer in Kolab goes by the name "iRony" [3] and is an integral part of the groupware package as of version 3.1, which was the most recent available at the time of writing; stable version 3.2 has since been released [4].

Figure 1: Kolab Systems offers a web service that includes all the features of the Kolab groupware. This figure shows the file browser, which is provided by SabreDAV.

Installation

A complete test installation of Kolab 3.0 and later is a matter of one or two cups of coffee and does not impose too many requirements on the admin. The Kolab developers recommend a recent CentOS (preferably 6.4) as the basis. Only a few preliminary requirements must be met: a fully qualified domain name and SELinux running in permissive mode.

The budding Kolab administrator needs to install the three RPMs in Listing 1 and then enter

yum install kolab

to launch the convenient installer for the entire groupware package. The configuration step is launched by typing setup-kolab to define the admin passwords for services, among other tasks.

Listing 1: Installing Kolab 3.2 on CentOS

# Install EPEL
rpm -Uhv http://url/to/epel-release.rpm
# Install the Kolab Groupware repository configuration
cd /etc/yum.repos.d/
wget http://obs.kolabsys.com:82/Kolab:/3.2/CentOS_6/Kolab:3.2.repo
wget http://obs.kolabsys.com:82/Kolab:/3.2:/Updates/CentOS_6/Kolab:3.2:Updates.repo

Default Configuration Pitfalls

Once installed and set up, you should be able to access the administrative GUI at http://<Kolab-Server>/kolab-webadmin. You can log in as cn=Directory Manager and use the previously defined admin password.

As a first administrative task, you are advised to set up a normal user account. You can then use this account to log in to Roundcube Webmail, the Kolab web client, which is accessible on http://<Kolab-Server>/roundcubemail. The username for logging can be one of your aliases or an email address. Working as the new user, you can quickly create some calendars, contacts, and tasks that provide test material for connecting with WebDAV clients.

The version that we tested still had a configuration problem when this issue went to press, which at first prevented the use of iRony. Kolab publishes its DAV services on http://<Kolab-Server>/iRony. This step initially returned a URL exception (Listing 2), which was easy to fix with some help from the Kolab mailing list: In the iRony configuration file (/etc/iRony/dav.inc.php) just replace the value of the $rcmail_config['base_uri'] configuration parameter with '/iRony/' and restart the Kolab daemon by typing service kolabd restart. After this, Kolab is ready to exchange data via the iRony protocol stack.

Listing 2: iRony Fights Back

<d:error>
<s:exception>Sabre\DAV\Exception\Forbidden</s:exception>
<s:message>Requested uri (/iRony/) is out of base uri (ony/public_html/)</s:message>
<s:sabredav-version>1.8.6</s:sabredav-version>
</d:error>

Trying to Connect

One item on the checklist involves your chosen client trying to connect with Kolab using one of the DAV protocols. Basically, you need to enter the Kolab server URL using the following pattern:

http://<Kolab-Server>/iRony

Alternatively, you can even leave out the subdirectory in theory; after all, standards-compliant clients first look for the principal address below ../.well-known/caldav.

The Kolab iRony configuration for Apache includes corresponding redirects that beam this call to /iRony/. The username requested in this way also helps locate the correct user directory – in theory.

Thunder, Lightning, and Evolution

In practice, widespread groupware clients, such as Lightning (Thunderbird) and Evolution tend to be pretty quirky in this scenario, in that they do not – or at least do not correctly – support service discovery. For clients affected by this issue, users need to specify the full calendar or address book URL.

If users have several calendars, they need to configure each calendar separately. Again, it is evident that many mail clients were never intended for enterprise groupware operations (e.g., Thunderbird) or that too few developers work on it (Evolution).

Unfortunately, users currently can only display the ICS (Internet Connection Sharing) address in Roundcube, not the CalDAV URL of each calendar. You thus need a different approach to discover the URL of your Kolab calendar. The obvious method would be to elicit the Kolab server's DAV directory structure by calling the iRony URL.

Fractious Interface

When you first call http://<Kolab-Server>/iRony, the Kolab interface turns out to be quite recalcitrant, responding to calls with the message shown in Listing 3. Although this response only shows that the interface is working correctly and is therefore not regarded as a fault, it is extremely impractical for test purposes. To improve the module's behavior, you need to add a SetEnv DAVBROWSER 1 to the Apache configuration for iRony in /etc/httpd/conf.d/iRony.conf. After an httpd restart, you can finally call the iRony URL and explore the user-specific directory structure (Figure 2).

Figure 2: iRony needs a little convincing to reveal its inner structure.

Listing 3: (No ) Error Message

<d:error>
<s:exception>Sabre\DAV\Exception\NotImplemented</s:exception>
<s:message>GET is only implemented on File objects</s:message>
<s:sabredav-version>1.8.6</s:sabredav-version>
</d:error>

Thunderbird as Client

Now you can install Lightning as the calendar plugin [5] for Mozilla's Thunderbird email client and connect with the groupware. The latest Thunderbird is advisable, as is a recent version of Lightning. In the taskbar, choose New | Calendar; then, in the configuration dialog, select Network as the type and CalDAV as the format before defining your calendar with the CalDAV URL you determined previously.

Finally, Thunderbird prompts you for user data, as shown in Figure 3. If the data is correct, Lightning synchronizes your appointments with the Kolab server without complaint (Figure 4). However, many features are still missing, such as support for tasks. If Thunderbird users want to access Kolab address books in their mail clients, they need to install SOGo Connector [6], an additional plugin retrofits the CardDAV support that the Mozilla mailer lacks.

Figure 3: Kolab authorization – Thunderbird, Lightning, and Kolab cooperating via SabreDAV. However, this does not always work smoothly.

Figure 4: Roundcube, the Kolab webmail client on the left; the same calendar in Thunderbird on the right. Because Mozilla's mailer was not meant for corporate use, it shows weaknesses as a groupware client.

Evolution sans Revolution

Evolution groupware client [7] (Figure 5), which is also popular with Gnome users, can initially connect seamlessly with Kolab and impresses with native support for both CalDAV and CardDAV. The problems come later. For Evolution, too, you always need to specify the complete URL when configuring the DAV services. The dialogs for this can be found in File | New | <Name of service>. For the calendar and tasks, you need to select CalDAV, and WebDAV for the address book. Note that, in the latter case, a bug in Evolution does not let you create contacts on CardDAV servers [8].

Figure 5: Evolution works – with some restrictions: Creating contacts does not work, but the calendar does. All told, not so many developers seem to be working on the Gnome groupware anymore.

EM Client on Windows

The Windows-only eM Client [9] (Figure 6) shows that cleanly implemented web interfaces also exist in the Microsoft world. Autodiscovery works without ado; you just need to enter the Kolab URL during configuration. To do this, go to Tools | Accounts | Create an Account and create a Calendar/CalDAV account type. You then need to set the correct permissions for every user with Delegation in the context menu.

Figure 6: The Windows eM Client tool provides the best connection to the CalDAV/CardDAV server.

The client automatically lists all shared calendars. Tasks also appear without any further action, including tags defined and assigned in Kolab. Thunderbird or Evolution users would love this. To synchronize contacts, eM users create a separate account in the same way, but choose the Contacts/CardDAV option. The integrated error log proves very helpful by ensuring transparency if you need to troubleshoot a problem.

Apple Mobile Devices

Apple's mobile devices iPhone and iPad work extremely well with Kolab's iRony service (Figure 7). However, contact synchronization via CardDAV needs some special treatment: The iOS address book cannot cope with CardDAV not residing in the web server root directory. The Kolab team provides an example of a virtual host configuration that fixes the problem for Apple clients (Listing 4).

Figure 7: The calendar on an iPad. iRony helps owners of Apple devices connect to Kolab the first time.

Listing 4: kolab-caldav-vhost.conf

01 <VirtualHost *:443>
02     ServerName caldav.yourkolab.com
03     ServerAdmin support@yourkolab.com
04
05     DocumentRoot /usr/share/iRony/public_html/
06
07     ErrorLog logs/caldav.yourkolab.com-error_log
08     CustomLog logs/caldav.yourkolab.com-access_log combined
09
10     <Directory "/usr/share/iRony/public_html/">
11         AllowOverride All
12         Order Allow,Deny
13         Allow from All
14
15         RewriteEngine On
16         RewriteBase /
17         RewriteRule ^\.well-known/caldav   / [R,L]
18         RewriteRule ^\.well-known/carddav  / [R,L]
19
20         RewriteCond  %{REQUEST_FILENAME}  !-f
21         RewriteCond  %{REQUEST_FILENAME}  !-d
22         RewriteRule  (.*)                 index.php  [qsappend,last]
23
24     </Directory>
25
26 </VirtualHost>

In system settings below Mail, Contacts, Calendar, where you create a new account, you configure the device in the normal way. As the server address, enter the base URL of the Kolab server and, as for the other clients, specify the Kolab mail address as the username. Besides syncing the calendar and contacts, this also synchronizes tasks, which iOS manages in the Reminders app (Figure 8).

Figure 8: The iPhone Reminders app syncs all tasks with the Kolab server upon request.

Presentable: Mac OS X

iRony also supports the second widespread proprietary platform on the desktop: Apple's Mac OS X with the default Calendar application (Figure 9). The setup is fairly straightforward; after following the how-to on MyKolab.com [10], everything works out of the box – a fact the manufacturer is quite proud of (see the "Macs at Kolab Systems" box). The integration of iBooks and iMacs, in addition to mobile devices, must have been one of the main drivers behind iRony, and the quality of the connector is thus unsurprising. The market of affluent Apple customers is too big and lucrative for Kolab to ignore permanently.

Figure 9: Mac OS X talks iRony: Contacts, calendar, tasks, and email all can be integrated into Apple's tools (e.g., Apple Mail, Contacts, Calendar).

Macs at Kolab Systems

When Linux Magazine inquired, Thorsten Grote, the "Kolab evangelist" and a member of Kolab Systems' staff, confirmed: "One of our iRony developers has a Mac; this is probably why this platform is best supported. Personally, I also find it a little sad that Evolution and Thunderbird are faltering; iRony makes their perspectives so much better. There used to be a Thunderbird SyncKolab extension, but this is no longer recommended. We thus advise readers to use the DAV protocols, and even if all of this is fairly easy to install, we still recommend our hosted service. Everything is pre-configured, especially for users who do not want to run their own server."

The problems are mainly caused by the clients. In particular, the partial, patchy implementation of service discovery can make life difficult even for experienced users.

Thanks to SabreDAV, Kolab's release 3.1 supported WebDAV, thus making it so much easier to manage files via the integrated web client. By using middleware, you can tap into various types of file storage and even integrate with ownCloud or Dropbox.

Conclusions: Positive

The newcomer iRony carries out its work exactly as it should: inconspicuously and reliably. After a few preparatory steps for the administrator, which should not be necessary now that version 3.2 has been released, you can look forward to a powerful, standards-based interface for sharing calendars, contacts, and tasks. iRony thus opens a plethora of established clients to Kolab.