Difference between revisions of "Cool Solution - Kerio Connect"

From Univention Wiki

Jump to: navigation, search
Line 46: Line 46:
  cp kerio-mailserver.schema /usr/share/univention-ldap/schema/
  cp kerio-mailserver.schema /usr/share/univention-ldap/schema/
In the Univention-Info directory you have to register the schema:
In the Univention-Info directory you have to register the schema:
ls /etc/univention/templates/info/kerio-mailserver.info
echo /etc/univention/templates/info/kerio-mailserver.info

Revision as of 14:07, 23 January 2014

This article is stub and will be updated!!!

This article describes briefly the installation and configuration of Kerio Connect under UCS 3.2 on a DC Master. Setting: Master: - Desktop - DHCP - Samba 4


Create a Kerio-Useraccount with admin rights in the Univention-Management-Console.

Login & Download

Login on the master:

ssh root@master

Download the Kerio Connect software. For Debian and Ubuntu (64-bit) you can use:

wget http://download.kerio.com/dwn/connect/connect-8.2.2-2224/kerio-connect-8.2.2-2224-linux-amd64.deb

You can search for other applicable packages at Kerio download page.


Before installing check if there are any other mail server running (eg. postfix or sendmail):

/etc/init.d/postfix status

If this is the case stop them with:

/etc/init.d/postfix stop

And disable the autostart:

ucr set postfix/autostart=no

After that install the downloaded package with:

dpkg -i kerio-connect-8.2.2-2224-linux-amd64.deb

If the basic setup screen doesn't show up you have to start it manually with:

cd /opt/kerio/mailserver         
dpkg-reconfigure kerio-connect

Configure UCS

By default all non standard ports on the UCS Firewall are blocked. Therefor you need to open the port 4040 for the Kerio Connect administration interface. In the Univention Management Console or with:

ucr set security/packetfilter/package/kerioconnect/tcp/4040/all=ACCEPT
ucr set security/packetfilter/package/kerioconnect/tcp/4040/all/en="Kerio Connect administration interface"

Afterwards restart to let the settings take effect.

Adding LDAP Schema Extensions

On the master download and copy the LDAP Schema to the shared Univention-LDAP directory:

wget http://kb.kerio.com/assets/kerio-mailserver.schema
cp kerio-mailserver.schema /usr/share/univention-ldap/schema/

In the Univention-Info directory you have to register the schema: echo /etc/univention/templates/info/kerio-mailserver.info

und /etc/univention/templates/files/etc/ldap/slapd.conf.d/67kerioconnect_schema dann: ucr commit um dateien neu zu generieren anschließend udm settings/extended_attribute remove --dn "dn" In UCM gruppe anlegen und user hinzufügen, dann sollten in kerio erstmal user sichtbar sein

gal_openldap.map openldap.map und mailserver.cfg anpassen wie [1]

Configure Kerio

To configure the UCS Server you will need to do some customization. The Kerio Connect mailserver listen by default on 80/443 for the webmail user interface. This conflicts with the running Apache so that you need to switch to a different port or different IP address for the user interface. The section below describes how you can switch to a different port.

Setting up other IP.

Stop Kerio Connect with:

/etc/init.d/kerio-connect stop

Change LDAP-Ports 389 & 636 to 7389 & 7636 in:


Afterwards start Kerio Connect with:

/etc/init.d/kerio-connect start

On the backup login at:


Choose Configuration -> Domains -> YourDomain -> Edit -> Directory Service Check "Map user accounts and groups from a directory service to this domain" Choose Apple Open Directory (Kerberos 5 authentication) as Directory service type In the Directory server (domain controller) section choose:

Hostname: localhost:7389
Username: DN-KerioAdminUser from UMC
Password: xxxxx

and "Test Connection".


If you get an "Package not found error" like:

dpkg: Abhängigkeitsprobleme verhindern Konfiguration von kerio-connect:
kerio-connect hängt ab von sysstat; aber:
Paket sysstat ist nicht installiert.
dpkg: Fehler beim Bearbeiten von kerio-connect (--install):
Abhängigkeitsprobleme - verbleibt unkonfiguriert
Fehler traten auf beim Bearbeiten von:


univention-install packagename

Maybe it is also necessary to activate "unmaintained repositories" with:

ucr set repository/online/unmaintained='yes'

LDAP-Connection Problems can be tested with: ldapsearch -x -H ldap://localhost:7389 -D dn -w password

Kerio Log:


Ldap debugging:

/etc/init.d/slapd stop
slapd -d 1 -h ldap://

source: http://www.asconix.com/howtos/debian/kerio-connect-univention-ucs-howto http://kb.kerio.com/product/kerio-connect/installation-and-upgrade/installing-kerio-connect-1124.html

Personal tools