Hello,
I wanted to share for the benefit of other windows-based users, how you can get devices to Sync using Z-Push. This works for syncing your calendar, e-mail and tasks. There are obvious indicators that Group Office was designed with linux in mind, so for those of us on Windows servers it can be very frustrating to find the way through to making these things work. My success was under the following configuration. Anytime I make edits inside a config file that changes a default value or original programming code, I leave a simple reference so that I can do a quick Search-Find inside the file to find those places where I made such changes.. hence the presence of the "PDEDIT" comments in my configs below, that's my flag.
Windows Server 2008 R2
Apache 2.4.4 32bit
PHP 5.4.9 thread safe, 32-bit (x86) running as an apache module (LoadModule php5_module "modules/php5apache2_4.dll")
Group Office 5.0.44
ionCube loader4.5.3 (Feb 2014) (in FIRST line of your php.ini zend_extension = "C:\php\ext\ioncube_loader_win_5.4.dll")
Z-Push 2.1.1788
As per the Wiki at https://www.group-office.com/wiki/Z-push_2.1 , you do follow these same initial steps:
1. Download z-push from http://zarafa-deutschland.de/z-push-download/final/2.1/
2. Unpack the archive and put it in the "modules" directory of Group-Office.
3. rename the folder to "z-push21"
4. Copy the folder called "go" from modules/sync/z-push21/backend/go/ over to modules/z-push21/backend/
5. Copy modules/sync/z-push21/config.php to modules/z-push21/config.php
6. Edit your Apache http.conf file or your http-vhost.conf (if you host multiple domains) as per the following
EDIT http.conf
Alias /Microsoft-Server-ActiveSync "DRIVELETTER:/path/to/groupoffice/modules/z-push21/index.php"
# Remember Windows people, you need to include the drive letter, and the full path, AND the index.php file name for this alias to work and it does need to be inside quotes.
RewriteEngine On
Options +FollowSymlinks
# PD Edit - Next two lines force ALL connections to be SSL secure for any page in the site
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
# This code above tells ALL your website traffic to use your SSL certificate. This is a GOOD thing, even for regular pages. This is important later on for connecting your device because I found that the built in option on the Android to tell it to use SSL would make the effort to communicate FAIL. I had to instead make sure the web server was just always talking in SSL.. and why not? Give your visitors that little extra privacy in their visit to your website! So anyone who just types in http://mysite.com will automatically and without any intervention by them, be re-directed to https://mysite.com
EDIT modules\z-push21\config.php
I edited z-push21\config.php to have this around line 104. These lines are, in fact, the original lines of config.php that come in the z-push archive and GO has you replace that file with one they made specifically for itself as per step 5. But this specific part I think was important to restore to its original style to make it easier for me to define where my logs are.
// PDEDIT Note to self I changed this for our needs
define('LOGFILEDIR', 'c:/apache/logs/z-push21/'); (you choose your own drive/path here)
define('LOGFILE', LOGFILEDIR . 'z-push.log');
define('LOGERRORFILE', LOGFILEDIR . 'z-push-error.log');
define('LOGLEVEL', LOGLEVEL_INFO);
define('LOGAUTHFAIL', false);
EDIT modules\z-push21\backend\searchldap
The default content of this file around line 45 is for ldap (your active directory user lookup) to call on local host (127.0.0.1) but if like me, your web server is NOT a domain controller, and you instead call upon an ldap server somewhere else in your network, then you need to edit these lines. Very important - if you are stuck in a single label domain (your domain way back was setup internally on your network as just "mydomain" and not "mydomain.local" on your domain controllers) this will also alleviate problems that come up with that.
// PDEDIT Note to self I changed this for our needs
// LDAP host and port
// define("LDAP_HOST", "ldap://127.0.0.1/");
// define("LDAP_PORT", "389");
// Original two lines above.. your two lines would be
define("LDAP_HOST", "ldap://yourservername");
define("LDAP_PORT", "3268");
// PDEDIT Note to self I changed this for our needs
// Set USER and PASSWORD if not using anonymous bind
// define("ANONYMOUS_BIND", true);
// define("LDAP_BIND_USER", "cn=searchuser,dc=test,dc=net");
// define("LDAP_BIND_PASSWORD", "");
// If you do NOT use anonymous LDAP lookups (I don't!) then define the generic username and password for allowing lookups
// Note the Your Username has a space in it - this does work!
// Note the MyDomain works for a single label domain
// Note there is only ONE "dc" here instead of the original above that has two entries for dc= because of the single label domain condition, but if you have .local or otherwise, you do need dc=.local as well)
define("ANONYMOUS_BIND", false);
define("LDAP_BIND_USER", "CN=Your Username,CN=Users,dc=MyDomain");
define("LDAP_BIND_PASSWORD", "yourpassword");
// PDEDIT Note to self I changed this for our needs
// Search base & filter
// the SEARCHVALUE string is substituded by the value inserted into the search field
// define("LDAP_SEARCH_BASE", "ou=global,dc=test,dc=net");
// define("LDAP_SEARCH_FILTER", "(|(cn=*SEARCHVALUE*)(mail=*SEARCHVALUE*))");
// Here I'm saying exactly which Organization Unit we want LDAP to look for user accounts within
define("LDAP_SEARCH_BASE", "CN=Your_OU_Name_ToSearchForUsers,dc=MyDomain");
define("LDAP_SEARCH_FILTER", "(|(cn=*SEARCHVALUE*)(mail=*SEARCHVALUE*))");
EDIT modules\z-push21\index.php
Around line 142 you will find this code.
// Stop here if this is an OPTIONS request
// PDEDIT commented out next line based on info from form at
// https://forums.zarafa.com/showthread.ph ... -wont-work
// so it says to put in replacement code as per below
// if (Request::IsMethodOPTIONS()) THIS WAS ORIGINAL LINE
if (Request::IsMethodOPTIONS() || strtolower(Request::GetCommand()) == "options")
throw new NoPostRequestException("Options request", NoPostRequestException::OPTIONS_REQUEST);
EDITmodules\z-push21\lib\utils\utils.php around line 887
Windows does NOT use or have a posix equal to linux, so this next chunk of code kept causing things to stop working entirely. It drove me nuts trying to find this particular problem! You need to comment out the section entirely. Leave the function call, but just use the /* and */ comment syntax to make the function do nothing and instead just "return" for your Windows based system.
public static function FixFileOwner($file) {
/*
PDEDIT - Removed this entire section because WINDOWS does not have posix available in PHP!
if(posix_getuid() == 0 && file_exists($file)) {
$dir = dirname($file);
$perm_dir = stat($dir);
$perm_log = stat($file);
if($perm_dir[4] !== $perm_log[4] || $perm_dir[5] !== $perm_log[5]) {
chown($file, $perm_dir[4]);
chgrp($file, $perm_dir[5]);
}
}
*/
return true;
}
NOW..
Now you've edited those files, Stop and then Restart your apache to make all the changes kick in. If you don't, apache will not know about your Alias config for the Microsoft-Server-ActiveSync or the https redirection.
ON THE DEVICE
This is steps for the built-in S-Planner app that came with my phone, but you could try stuff like the Google app for free from the Play Store.
Open S-Planner
Open the app menu and go to Calendars
Tap Add Account near the top right
You get a list of account types - choose Microsoft Exchange Activesync (part of the end of that name is cut off on my device display)
Enter your e-mail address ( myname@mydomain.org )
Enter your password
Tap next and the app will try to auto-detect some server settings
You might see a prompt about your site certificate - so long as it looks to be the right one for you, tap Continue
On the next screen you should now see pre-populated fields and all of them should be pretty much right
Username you should see something like \myname and that IS correct (don't put your domain in front of the slash as the format of the prompt proposes in example text above that field)
REMOVE the check mark for "Use SSL" - your web server is now already configured to do ALL communications encrypted as per above. I found if this was ON it caused total failure to communicate.
The next steps I can't recall exactly off the top of my head, but you will get prompted for also setting up your e-mail sync right here. Accept the request for the remote server to have the means to be an Admin to that e-mail and calendar on your phone. If you as an Admin or the person as a user change, add or deletes events or messages from somewhere else like a browser on a desktop computer, this ensures your device will be made to sync up those changes too.
That should be it. In a few moments, once your phone has caught up with all the content it's needing to get from your group office system, your S Planner and your E-mail app (not the Gmail app, there are 2 on android) should show you your calendar and messages. You can, inside each of those apps, adjust how frequently your phone requests those updates, including setting "Peak" times. So for example, between 8am and 5pm when your server is more busy from Monday to Friday, you might want your mobile users to space out their automatic syncs to avoid pounding the hell out of your server with remote connections.. you could set sync checks to happen every 30 minutes instead of the default of about 10. Or you could even set it to manual, and in S Planner for example, you would use the App Menu to tap the "Sync Now" option to force syncs every so often. I do this for me, because while I do live by my calendar, I don't actually make many changes to it at all.. so its a terrible waste of data and connectivity and work on the server for it to ask for updates every 15 or 30 minutes. I just sync manually myself when I go to look at my calendar to be sure it's up to date just when I need it.
I hope that helps others out there. I spent a ton of time and wrote up excel sheets to track every connection test step by step for device settings and config files to find my way through to making this work. It was a pain in the ass, and no offense, but the Group Office wiki is almost useless to most admin information needs on configurations. It's out of date, missing critical information about basic edits that need to be made to config.php files if you don't use anonymous binds or work with a windows environment and so on. If you have other tips to share please do post here.
