Product SiteDocumentation Site

ZCP trunk (build 52028)

Zarafa Collaboration Platform

The Administrator Manual

Edition 7.2

The Zarafa Team

Legal Notice

Copyright © 2016 Zarafa BV.
The text of and illustrations in this document are licensed by Zarafa BV under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at the website. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Red Hat®, Red Hat Enterprise Linux®, Fedora® and RHCE® are trademarks of Red Hat, Inc., registered in the United States and other countries.
Ubuntu® and Canonical® are registered trademarks of Canonical Ltd.
Debian® is a registered trademark of Software in the Public Interest, Inc.
SUSE® and eDirectory® are registered trademarks of Novell, Inc.
Microsoft® Windows®, Microsoft Office Outlook®, Microsoft Exchange® and Microsoft Active Directory® are registered trademarks of Microsoft Corporation in the United States and/or other countries.
The Trademark BlackBerry® is owned by BlackBerry and is registered in the United States and may be pending or registered in other countries. Zarafa BV is not endorsed, sponsored, affiliated with or otherwise authorized by BlackBerry.
All trademarks are the property of their respective owners.
Disclaimer: Although all documentation is written and compiled with care, Zarafa is not responsible for direct actions or consequences derived from using this documentation, including unclear instructions or missing information not contained in these documents.
The Zarafa Collaboration Platform (ZCP) combines the usability of Outlook with the stability and flexibility of a Linux server. It features a rich web-interface, the Zarafa WebAccess, and provides brilliant integration options with all sorts of clients including all most popular mobile platforms.
Most components of ZCP are open source, licensed under the AGPLv3, can therefore be downloaded freely as ZCP's Community Edition.
Several closed source components exist, most notably:
  • the Zarafa Windows Client providing Outlook integration,
  • the Zarafa ADS Plugin providing Active Directory integration, and
  • the Zarafa Backup Tools.
These components, together with several advanced features for large setups and hosters, are only available in combination with a support contract as part of ZCP's Commercial Editions.
Alternatively there is a wide selection of hosted ZCP offerings available.
This document, the Administrator Manual, describes how to install, upgrade, configure and maintain ZCP on your Linux server. In addition various advanced configurations and integration options are discussed.

1. Introduction
1.1. Intended Audience
1.2. Architecture
1.3. Components
1.4. Protocols and Connections
1.4.1. SOAP
1.4.2. Secure HTTP (HTTPS)
1.5. ZCP Editions and Licensing
1.5.1. The evaluation subscription
1.5.2. The ZCP Community Edition
1.5.3. Commercial Editions of ZCP
1.5.4. Active and non-active users
2. Installing
2.1. System Requirements
2.1.1. Hardware Recommendations
2.1.2. Connection/bandwidth Recommendation
2.1.3. Supported Platforms
2.1.4. Dependencies
2.2. Installation
2.2.1. Installing with the Install Script
2.2.2. Manually Installing Packages
2.3. Troubleshooting Installation Issues
2.3.1. Server processes
2.3.2. WebAccess & WebApp
2.4. Removing Zarafa
3. Upgrading
3.1. Preparing
3.2. Creating backups
3.3. ZCP7 dependencies
3.4. Performing the Upgrade on RPM based distributions
3.5. Performing the Upgrade on Debian based distributions
3.5.1. Pre 6.40 upgrade steps
3.5.2. From 6.40 to 7.0.0 and higher
3.5.3. From 7.0 to 7.1.0 and higher
3.6. Finalizing the upgrade
4. Configure ZCP Components
4.1. Configure the Zarafa Server
4.2. Configure language on RPM based distributions
4.3. Configure language on Debian based distributions
4.4. User Authentication
4.4.1. The DB Authentication Plugin
4.4.2. The Unix Authentication Plugin
4.4.3. The LDAP Authentication Plugin
4.5. Autoresponder
4.6. Storing attachments outside the database
4.7. SSL connections and certificates
4.8. Configure the License Manager
4.9. Configure the Zarafa Spooler
4.9.1. Configuration
4.10. Configure Zarafa Caldav
4.10.1. SSL/TLS
4.11. Configure Zarafa Gateway (IMAP and POP3)
4.11.1. SSL/TLS
4.11.2. Important notes
4.12. Configure Zarafa Quota Manager
4.12.1. Setup server-wide quota
4.12.2. Setup quota per user
4.12.3. Monitoring for quota exceeding
4.12.4. Quota warning templates
4.13. Configure Zarafa Search
4.13.1. Enabling the search service
4.13.2. Search configuration
4.13.3. Attachments
4.14. Configure Zarafa WebAccess
4.15. Configure Zarafa WebApp
5. Configure 3rd Party Components
5.1. Configure the Webserver
5.1.1. Configure PHP
5.1.2. Configure Apache
5.1.3. Apache as a HTTP Proxy
5.2. Configure ZCP OpenLDAP integration
5.2.1. Configuring OpenLDAP to use the Zarafa schema
5.2.2. LDAP indices
5.2.3. Configuring ZCP for OpenLDAP
5.2.4. User configuration
5.2.5. Group configuration
5.2.6. Addresslist configuration
5.2.7. Testing LDAP configuration
5.3. Configure ZCP Active Directory integration
5.3.1. Installing the Zarafa ADS Plugin and schema files
5.3.2. Configuring ZCP for ADS
5.3.3. User configuration
5.3.4. Group configuration
5.3.5. Addresslist configuration
5.3.6. Testing Active Directory configuration
5.4. ZCP Postfix integration
5.4.1. Configure ZCP Postfix integration with OpenLDAP
5.4.2. Configure ZCP Postfix integration with Active Directory
5.4.3. Configure ZCP Postfix integration with virtual users
5.4.4. Configure ZCP Postfix integration with the DB plugin
5.5. Configure Z-Push (Remote ActiveSync for Mobile Devices)
5.5.1. Compatibility
5.5.2. Security
5.5.3. Installation
5.5.4. Mobile Device Management
5.5.5. Upgrade
5.5.6. S/MIME
5.6. Configuring SSL for Windows Mobile and Windows Phone
5.7. Troubleshooting
6. Advanced Configurations
6.1. Running ZCP components beyond localhost
6.2. Multi-tenancy configurations
6.2.1. Support user plugins
6.2.2. Configuring the server
6.2.3. Managing tenant (company) spaces
6.2.4. Managing users and groups
6.2.5. Quota levels
6.2.6. Administrator users
6.3. Multi-server setup
6.3.1. Introduction
6.3.2. Prepare / setup the LDAP server for multi-server setup
6.3.3. Configuring the servers
6.3.4. Creating SSL certificates
6.4. Zarafa Windows Client Updater
6.4.1. Server-side configuration
6.4.2. Client-side configuration
6.4.3. MSI Options
6.5. Single Instance Attachment Storage
6.5.1. Single Instance Attachment Storage and LMTP
6.6. Running ZCP Services with regular user privileges
6.7. Single Sign On with ZCP
6.7.1. NTLM SSO with ADS
6.7.2. NTLM SSO with Samba 3
6.7.3. SSO with Kerberos
6.7.4. Up and running
6.8. Tracking messages with Zarafa Archiver
6.8.1. Archive on delivery
6.8.2. Archive on send
6.9. Zarafa Python plugin framework
6.9.1. How it works
6.9.2. General Options
6.9.3. How to use
6.9.4. Zarafa-DAgent plugins
6.9.5. Zarafa-Spooler plugins
6.9.6. Troubleshooting
6.10. Running ZCP multi-server behind Reverse Proxy
6.10.1. Description of redirection problem
6.10.2. Setup Prerequisites
6.10.3. Example Setup with Apache
7. Managing ZCP Services
7.1. Starting the services
7.1.1. Stopping the services
7.1.2. Reloading service configuration
7.2. Logging options
7.3. Security logging
7.3.1. Logging items
7.3.2. Configuration
7.4. Zarafa statistics monitoring
7.5. Soft Delete system
8. User Management
8.1. Public folder
8.2. General usage of Zarafa-admin tool
8.3. Users management with DB plugin
8.3.1. Creating users with DB plugin
8.3.2. Non-active users
8.3.3. Updating user information with DB plugin
8.3.4. Deleting users with DB plugin
8.3.5. Configuring ‘Send as’ permissions
8.3.6. Groups
8.4. Users management with UNIX plugin
8.4.1. Creating users with Unix plugin
8.4.2. Non-active users
8.4.3. Updating user information with Unix plugin
8.4.4. Deleting users with Unix plugin
8.4.5. Configuring ‘Send as’ permissions
8.4.6. Groups with Unix plugin
8.5. User Management with LDAP or Active Directory
8.5.1. The Zarafa user synchronization principle
8.5.2. User management from ADS
8.5.3. User management from OpenLDAP
8.6. LDAP Condition examples
8.7. Zarafa Feature management
8.7.1. Globally enabling features
8.7.2. Per-user en- or disabling features
8.8. Resource configuration
8.8.1. Resource booking methods
8.8.2. Meeting request (MR) booking
8.8.3. Setting the resource booking method
8.9. Out of office management
8.10. Mailbox Storage Relocator
8.10.1. Prerequisites
8.10.2. Invocation
8.10.3. Updating LDAP/ADS
8.10.4. Configuration
8.10.5. Post migration steps
9. Performance Tuning
9.1. Hardware Considerations
9.1.1. Memory usage
9.1.2. Hardware considerations
9.1.3. More Memory is More Speed
9.1.4. RAID 1/10 is faster than RAID 5
9.1.5. High rotation speed (RPMs) for better database performance
9.1.6. Hardware RAID
9.2. Memory Usage setup
9.2.1. Zarafa’s Cell Cache (cache_cell_size)
9.2.2. Zarafa’s object cache (cache_object_size)
9.2.3. Zarafa’s indexedobject cache (cache_indexedobject_size)
9.2.4. MySQL innodb_buffer_pool_size
9.2.5. MySQL innodb_log_file_size
9.2.6. MySQL innodb_log_buffer_size
9.2.7. MySQL query_cache_size
9.2.8. MySQL innodb_file_per_table
9.2.9. MySQL max_allowed_packet
9.3. Setup of modules on different servers
10. Backup & Restore
10.1. Softdelete restore
10.2. Full database dump
10.2.1. SQL dump through mysqldump
10.2.2. Binary data dump via LVM Snapshotting
10.2.3. Attachments backup
10.3. Brick-level backups
10.3.1. Backup format
10.3.2. Backup process
10.3.3. Restore process
11. Appendix A; Pre-5.2x upgrade strategies
11.1. Database upgrades from 4.1 or 4.2
11.2. Upgrades from 5.0 to 5.1x and up
11.3. Important changes since 4.x and 5.x
12. Appendix B; LDAP attribute description
13. Appendix C: Example LDIF