1
January 30, 2021Integration Active Directory for Authentication and Authorization
Zimbra
–
Nextcloud
–
Onlyoffice
–
Hotspot
–
Vpn
Author: ical redhat // alpuketmerah
2
January 30, 2021Spesifikasi & Requirement:
1. Windows Server 2008 R2:
CPU: 2core, Ram: 1GB,
install Active Directory Domain Services dan Network Policy Server, domain: alpuket-merah.com. ip address: 10.24.10.89
2. MikroTik RouterOS 6.40.1:
radius, hotspot, pptp, domain: router.alpuket-merah.com. ip address: 10.24.10.74, domain: hotspot.alpuket-merah.com. ip address: 192.168.56.100
3. Ubuntu Server 18.04.5 LTS:
CPU: 6core, Ram: 3GB, swap: 4GB,
install dnsmasq, zimbra_8.8.15, domain: mail.merah.com. ip address: 10.24.10.59 . mx: alpuket-merah.com
4. Ubuntu Server 20.04.1 LTS:
CPU: 4core, Ram: 2.5GB, swap: 2GB,
install onlyoffice documents, domain: doc.alpuket-merah.com. ip address: 10.24.10.93
5. Ubuntu Server 20.04.1 LTS:
CPU: 4core, Ram: 3GB, swap: 6GB,
install onlyoffice groups, domain: office.alpuket-merah.com. ip address: 10.24.10.73
6. Ubuntu Server 16.04.7 LTS:
CPU: 2core, Ram: 512MB, swap: 1GB,
install apache2, mariadb, php_7.2, nextcloud, domain: nextcloud.alpuket-merah.com. ip address: 10.24.10.72
7. Windows 7 Sp1:
CPU: 2core, Ram: 1GB, join domain, vpn client
Windows Server 2008 R2
{1}_Install Active Directory Domain Services (AD DS)
Active Directory (AD) adalah layanan yang dimiliki oleh sistem operasi windows untuk jaringan seperti Windows 2000 Server, Windows Server 2003, Windows Server 2008, Windows Server 2012, Windows Server 2016, dan Windows Server 2019. Active Directory terdiri atas basis data dan juga layanan direktori. Basis data yang dimiliki oleh Active Directory menyimpan segala sumber daya yang terdapat di dalam jaringan, seperti halnya komputer yang telah tergabung ke sebuah domain, daftar akun pengguna dan kelompok pengguna, folder yang di-share, dan lain-lain.
Pada tutorial ini menggunakan windows server 2008 r2 dikarenakan resource memory yang di gunakan relatif kecil jadi masih ringan dan sudah ada role network policy server (nps) yang nantinya akan digunakan untuk radius server. Bisa juga menggunakan windows server 2012, 2016, 2019.
3
January 30, 2021Ceklis Use advanced mode installation, Next >
4
January 30, 2021Masukan nama root domain sesuaikan dengan kebutuhan, misal: alpuket-merah.com , Next >
Domain NetBIOS name, biarkan default tidak usah dirubah, Next >
Pada forest functional level dan domain functional level, sesuaikan dengan versi OS windows servernya saja, Next >
5
January 30, 2021Ceklis DNS server, Next >
6
January 30, 2021Location Database, Log Files dan SYSVOL, biarkan default tidak usah dirubah, Next >
7
January 30, 20218
January 30, 2021{2}_Setting DNS Manager
Tambahkan record New Host (A or AAAA)…
FQDN: dc.alpuket-merah.com ip address: 10.24.10.89 FQDN: router.alpuket-merah.com ip address: 10.24.10.74 FQDN: doc.alpuket-merah.com ip address: 10.24.10.93 FQDN: office.alpuket-merah.com ip address: 10.24.10.73 FQDN: mail.alpuket-merah.com ip address: 10.24.10.59 FQDN: nextcloud.alpuket-merah.com ip address: 10.24.10.72 Tambahkan record New Mail Exchanger (MX)…
9
January 30, 2021{3}_Install Network Policy and Access Services
Buka Server Manager, Add Roles, Network Policy and Access Services, Next >
10
January 30, 2021Proses installasi role nps sudah selesai. Close.
{4}_Setting Network Policy Server (NPS)
11
January 30, 2021Setting port pada NPS (Local) properties, Authentication: 1812 dan Accounting: 1813
12
January 30, 2021Start NPS Service pada NPS (Local)
13
January 30, 2021Tambahkan radius client untuk windows server, Ceklis Enable this RADIUS client, masukan ip address windows server: 10.24.10.89, Shared secret misal: 123456 , vendor name: RADIUS Standard, OK.
Tambahkan radius client untuk mikrotik, Ceklis Enable this RADIUS client, masukan ip address mikrotik: 10.24.10.74, Shared secret misal: 123456 , vendor name: RADIUS Standard, OK.
14
January 30, 2021Tampilan RADIUS Client sesudah ditambahkan.
15
January 30, 2021Masukan policy name, misal: mikrotik hotspot, type: unspecified, Next.
16
January 30, 2021Add Groups… ketik: domain , Check Names, Pilih Domain Users, OK.
17
January 30, 2021Pilih Access granted, Next
Tambahkan EAP Type: Microsoft Protected EAP (PEAP), OK.
18
January 30, 2021Akan tampil seperti berikut, pilih No.
19
January 30, 2021Configure Settings, biarkan default, Next.
20
January 30, 2021Pastikan urutan network policy yang barusan di buat processing order no.1 paling atas.
{5}_Tambah Organizational Unit, Group, Users
Buka aplikasi Active Directory Users and Computers
21
January 30, 2021Masukan nama OU misal: UserDomain , OK.
Tambahkan User, New, User, misal: First name: super , initials: sa2008 , Last name: admin , Full name: super sa2008. admin , User logon name: sa2008 , Next. Kemudian masukan password user: P@ssw0rd! Ceklis password never expired. Kemudian properties user yang barusan di buat, masukan email dan tittle pada object user.
22
January 30, 2021Tambahkan Group, New, Group, misal: super admin, tambahkan Members: super sa2008. admin , Member Of: harus ada Domain Users dan RAS and IAS Servers. OK.
23
January 30, 2021Tes radius server pada windows server dengan tool: NTRadPing Test Utility Masukan radius server: 10.24.10.89 , port: 1812
RADIUS secret key: 123456 , username: sa2008 , password:
24
January 30, 2021
MikroTik RouterOS 6.40.1
{1}_Setting LAN
Pastikan jaringan LAN sudah selesai di setting dan terkoneksi ke internet, misal: ip address mikrotik yang mengarah ke arah server: 10.24.10.74 /24 , ip address mikrotik yang mengarah ke arah client dan hotspot: 192.168.56.100 /24. DNS server menggunakan ip: 10.24.10.89 (windows server 2008 r2)
{2}_Setting Radius
Tambahkan Radius, ceklis ppp dan hotspot,
address: 10.24.10.89 (ip windows server 2008 r2 sebagai radius server) secret: 123456 (harus sama dengan yang ada di NPS windows server 2008 r2)
Authentication port: 1812 (harus sama dengan yang ada di NPS windows server 2008 r2) Accounting port: 1813 (harus sama dengan yang ada di NPS windows server 2008 r2)
25
January 30, 2021{3}_Setting Hotspot
Setting hotspot samapai selesai, dan pada bagian Server Profiles, misal: Name: alpuket-merah
Hotspot address: 192.168.56.100 (ip mikrotik yang mengarah ke client) DNS name: hotspot.alpuket-merah.com
Login By: HTTP PAP
RADIUS: Use RADIUS dan Accounting. OK.
{4}_Setting VPN Server (PPTP)
Setting PPTP Server: Enable
Default Profiles: default-encryption,
Edit profiles default-ecnryption, misal: Local Address: 172.1.1.10 , Remote: Address: 172.1.1.20 , DNS Server: 10.24.10.89 (masukan ip windows server 2008 r2). OK.
26
January 30, 2021
Ubuntu Server 18.04.5 LTS
Install Zimbra Mail 8.8.15{1}_Setting ip address, hosts, hostname
root@doc:/home/ubuntu# nano /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system # For more information, see netplan(5).
network: version: 2 renderer: networkd ethernets: enp0s3: dhcp4: no addresses: [10.24.10.59/24] gateway4: 10.24.10.74 nameservers: addresses: [10.24.10.89] search: [alpuket-merah.com] root@mail:/home/ubuntu# netplan apply root@mail:/home/ubuntu# nano /etc/hosts
127.0.0.1 localhost
10.24.10.59 mail.alpuket-merah.com mail root@mail:/home/ubuntu# nano /etc/hostname
mail.alpuket-merah.com
{2}_Install dnsmasq
root@mail:/home/ubuntu# apt update && apt install dnsmasq -y root@mail:/home/ubuntu# nano /etc/dnsmasq
server=10.24.10.59 domain=alpuket-merah.com mx-host=alpuket-merah.com, mail.alpuket-merah.com, 1 listen-address=127.0.0.1 root@mail:/home/ubuntu# reboot {3}_Install Zimbra 8.8.15
root@mail:/home/ubuntu# wget https://files.zimbra.com/downloads/8.8.15_GA/zcs-8.8.15_GA_3869.UBUNTU18_64.20190918004220.tgz
root@mail:/home/ubuntu# tar -xvf zcs-8.8.15_GA_3869.UBUNTU18_64.20190918004220.tgz
root@mail:/home/ubuntu# cd zcs-8.8.15_GA_3869.UBUNTU18_64.20190918004220
root@mail:/home/ubuntu/ zcs-8.8.15_GA_3869.UBUNTU18_64.20190918004220# ./install.sh Do you agree with the terms of the software license agreement? [N] Y
Use Zimbra's package repository [Y] Y
Warning: apt-key output should not be parsed (stdout is not a terminal) Importing Zimbra GPG key
Configuring package repository Checking for installable packages
27
January 30, 2021Found zimbra-core (local) Found zimbra-ldap (local) Found zimbra-logger (local) Found zimbra-mta (local) Found zimbra-dnscache (local) Found zimbra-snmp (local) Found zimbra-store (local) Found zimbra-apache (local) Found zimbra-spell (local)
Found zimbra-memcached (repo) Found zimbra-proxy (local) Found zimbra-drive (repo) Found zimbra-imapd (local) Found zimbra-patch (repo) Found zimbra-mta-patch (repo) Found zimbra-proxy-patch (repo) Select the packages to install Install zimbra-ldap [Y] Y Install zimbra-logger [Y] Y Install zimbra-mta [Y] Y Install zimbra-dnscache [Y] N Install zimbra-snmp [Y] Y Install zimbra-store [Y] Y Install zimbra-apache [Y] Y Install zimbra-spell [Y] Y
Install zimbra-memcached [Y] Y Install zimbra-proxy [Y] Y Install zimbra-drive [Y] Y
Install zimbra-imapd (BETA - for evaluation only) [N] N Install zimbra-chat [Y] Y
Checking required space for zimbra-core Checking space for zimbra-store
Checking required packages for zimbra-store zimbra-store package check complete. Installing: zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-snmp zimbra-store zimbra-apache zimbra-spell
28
January 30, 2021 zimbra-memcached zimbra-proxy zimbra-drive zimbra-patch zimbra-mta-patch zimbra-proxy-patch zimbra-chatThe system will be modified. Continue? [N] Y
Beginning Installation - see /tmp/install.log.ftNRSHqo for details... zimbra-core-components will be downloaded and installed. zimbra-timezone-data will be installed.
zimbra-common-mbox-db will be installed. zimbra-common-mbox-docs will be installed. zimbra-common-core-jar will be installed. zimbra-common-mbox-conf will be installed. zimbra-common-mbox-conf-msgs will be installed. zimbra-common-mbox-conf-attrs will be installed. zimbra-common-mbox-native-lib will be installed. zimbra-common-mbox-conf-rights will be installed. zimbra-common-core-libs will be installed.
zimbra-core will be installed.
zimbra-ldap-components will be downloaded and installed. zimbra-ldap will be installed.
zimbra-logger will be installed.
zimbra-mta-components will be downloaded and installed. zimbra-mta will be installed.
zimbra-snmp-components will be downloaded and installed. zimbra-snmp will be installed.
zimbra-store-components will be downloaded and installed. zimbra-jetty-distribution will be downloaded and installed. zimbra-mbox-war will be installed.
zimbra-mbox-conf will be installed. zimbra-mbox-service will be installed.
zimbra-mbox-webclient-war will be installed. zimbra-mbox-store-libs will be installed.
zimbra-mbox-admin-console-war will be installed. zimbra-store will be installed.
zimbra-apache-components will be downloaded and installed. zimbra-apache will be installed.
zimbra-spell-components will be downloaded and installed. zimbra-spell will be installed.
zimbra-memcached will be downloaded and installed. zimbra-proxy-components will be downloaded and installed. zimbra-proxy will be installed.
zimbra-drive will be downloaded and installed (later). zimbra-patch will be downloaded and installed (later).
29
January 30, 2021zimbra-mta-patch will be downloaded and installed (later). zimbra-proxy-patch will be downloaded and installed (later). zimbra-chat will be downloaded and installed (later).
Downloading packages (10): zimbra-core-components zimbra-ldap-components zimbra-mta-components zimbra-snmp-components zimbra-store-components zimbra-jetty-distribution zimbra-apache-components zimbra-spell-components zimbra-memcached zimbra-proxy-components ...done Removing /opt/zimbra
Removing zimbra crontab entry...done. Cleaning up zimbra init scripts...done. Cleaning up /etc/security/limits.conf...done. Finished removing Zimbra Collaboration Server. Installing repo packages (10):
zimbra-core-components zimbra-ldap-components zimbra-mta-components zimbra-snmp-components zimbra-store-components zimbra-jetty-distribution zimbra-apache-components zimbra-spell-components zimbra-memcached zimbra-proxy-components ...done
Installing local packages (25): zimbra-timezone-data zimbra-common-mbox-db zimbra-common-mbox-docs zimbra-common-core-jar zimbra-common-mbox-conf zimbra-common-mbox-conf-msgs zimbra-common-mbox-conf-attrs zimbra-common-mbox-native-lib zimbra-common-mbox-conf-rights zimbra-common-core-libs zimbra-core
30
January 30, 2021 zimbra-ldap zimbra-logger zimbra-mta zimbra-snmp zimbra-mbox-war zimbra-mbox-conf zimbra-mbox-service zimbra-mbox-webclient-war zimbra-mbox-store-libs zimbra-mbox-admin-console-war zimbra-store zimbra-apache zimbra-spell zimbra-proxy ...doneInstalling extra packages (5): zimbra-drive zimbra-patch zimbra-mta-patch zimbra-proxy-patch zimbra-chat ...done
Running Post Installation Configuration:
Operations logged to /tmp/zmsetup.20210125-135759.log Installing LDAP configuration database...done.
Setting defaults...
DNS ERROR resolving MX for mail.alpuket-merah.com
It is suggested that the domain name have an MX record configured in DNS Re-Enter domain name? [Yes]
Create domain: [mail.alpuket-merah.com] alpuket-merah.com MX: mail.alpuket-merah.com (10.24.10.59)
Interface: 127.0.0.1 Interface: ::1
Interface: 10.24.10.59 done.
Checking for port conflicts Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled 3) zimbra-logger: Enabled 4) zimbra-mta: Enabled 5) zimbra-snmp: Enabled 6) zimbra-store: Enabled
31
January 30, 2021+Admin user to create: admin@alpuket-merah.com ******* +Admin Password UNSET
+Anti-virus quarantine user: virus-quarantine.fpc45mquof@alpuket-merah.com +Enable automated spam training: yes
+Spam training user: spam.y0hhpvloop@alpuket-merah.com +Non-spam(Ham) training user: ham.ichb2mizdu@alpuket-merah.com +SMTP host: mail.alpuket-merah.com
+Web server HTTP port: 8080 +Web server HTTPS port: 8443 +Web server mode: https +IMAP server port: 7143 +IMAP server SSL port: 7993 +POP server port: 7110 +POP server SSL port: 7995 +Use spell check server: yes
+Spell server URL: http://mail.alpuket-merah.com:7780/aspell.php +Enable version update checks: TRUE
+Enable version update notifications: TRUE
+Version update notification email: admin@alpuket-merah.com +Version update source email: admin@alpuket-merah.com +Install mailstore (service webapp): yes
+Install UI (zimbra,zimbraAdmin webapps): yes 7) zimbra-spell: Enabled 8) zimbra-proxy: Enabled 9) Default Class of Service Configuration:
s) Save config to file x) Expand menu q) Quit
Address unconfigured (**) items (? - help) 6 Store configuration
1) Status: Enabled 2) Create Admin User: yes
3) Admin user to create: admin@alpuket-merah.com ** 4) Admin Password UNSET
5) Anti-virus quarantine user: virus-quarantine.fpc45mquof@alpuket-merah.com 6) Enable automated spam training: yes
7) Spam training user: spam.y0hhpvloop@alpuket-merah.com 8) Non-spam(Ham) training user: ham.ichb2mizdu@alpuket-merah.com 9) SMTP host: mail.alpuket-merah.com
10) Web server HTTP port: 8080 11) Web server HTTPS port: 8443 12) Web server mode: https 13) IMAP server port: 7143 14) IMAP server SSL port: 7993 15) POP server port: 7110 16) POP server SSL port: 7995
32
January 30, 202117) Use spell check server: yes
18) Spell server URL: http://mail.alpuket-merah.com:7780/aspell.php 19) Enable version update checks: TRUE
20) Enable version update notifications: TRUE
21) Version update notification email: admin@alpuket-merah.com 22) Version update source email: admin@alpuket-merah.com 23) Install mailstore (service webapp): yes
24) Install UI (zimbra,zimbraAdmin webapps): yes Select, or 'r' for previous menu [r] 4
Password for admin@alpuket-merah.com (min 6 characters): [DRy4QxUxx] P@ssw0rd! Store configuration
1) Status: Enabled 2) Create Admin User: yes
3) Admin user to create: admin@alpuket-merah.com 4) Admin Password set
5) Anti-virus quarantine user: virus-quarantine.fpc45mquof@alpuket-merah.com 6) Enable automated spam training: yes
7) Spam training user: spam.y0hhpvloop@alpuket-merah.com 8) Non-spam(Ham) training user: ham.ichb2mizdu@alpuket-merah.com 9) SMTP host: mail.alpuket-merah.com
10) Web server HTTP port: 8080 11) Web server HTTPS port: 8443 12) Web server mode: https 13) IMAP server port: 7143 14) IMAP server SSL port: 7993 15) POP server port: 7110 16) POP server SSL port: 7995 17) Use spell check server: yes
18) Spell server URL: http://mail.alpuket-merah.com:7780/aspell.php 19) Enable version update checks: TRUE
20) Enable version update notifications: TRUE
21) Version update notification email: admin@alpuket-merah.com 22) Version update source email: admin@alpuket-merah.com 23) Install mailstore (service webapp): yes
24) Install UI (zimbra,zimbraAdmin webapps): yes Select, or 'r' for previous menu [r] r
Main menu 1) Common Configuration: 2) zimbra-ldap: Enabled 3) zimbra-logger: Enabled 4) zimbra-mta: Enabled 5) zimbra-snmp: Enabled 6) zimbra-store: Enabled 7) zimbra-spell: Enabled 8) zimbra-proxy: Enabled 9) Default Class of Service Configuration:
33
January 30, 2021s) Save config to file x) Expand menu q) Quit
*** CONFIGURATION COMPLETE - press 'a' to apply Select from menu, or press 'a' to apply config (? - help) a Save configuration data to a file? [Yes] Yes
Save config in file: [/opt/zimbra/config.13910] Saving config in /opt/zimbra/config.13910...done. The system will be modified - continue? [No] Yes
Operations logged to /tmp/zmsetup.20210125-135759.log Setting local config values...done.
Initializing core config...Setting up CA...done. Deploying CA to /opt/zimbra/conf/ca ...done. Creating SSL zimbra-store certificate...done. Creating new zimbra-ldap SSL certificate...done. Creating new zimbra-mta SSL certificate...done. Creating new zimbra-proxy SSL certificate...done. Installing mailboxd SSL certificates...done.
Installing MTA SSL certificates...done. Installing LDAP SSL certificate...done. Installing Proxy SSL certificate...done. Initializing ldap...done.
Setting replication password...done. Setting Postfix password...done. Setting amavis password...done. Setting nginx password...done.
Setting BES searcher password...done.
Creating server entry for mail.alpuket-merah.com...done. Setting Zimbra IP Mode...done.
Saving CA in ldap...done.
Saving SSL Certificate in ldap...done. Setting spell check URL...done.
Setting service ports on mail.alpuket-merah.com...done. Setting zimbraFeatureTasksEnabled=TRUE...done. Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
Checking current setting of zimbraReverseProxyAvailableLookupTargets Querying LDAP for other mailstores
Searching LDAP for reverseProxyLookupTargets...done.
Adding mail.alpuket-merah.com to zimbraReverseProxyAvailableLookupTargets Updating zimbraLDAPSchemaVersion to version '1557224584'
Setting TimeZone Preference...done.
Disabling strict server name enforcement on mail.alpuket-merah.com...done. Initializing mta config...done.
Setting services on mail.alpuket-merah.com...done.
Adding mail.alpuket-merah.com to zimbraMailHostPool in default COS...done. Creating domain alpuket-merah.com...done.
34
January 30, 2021Creating domain alpuket-merah.com...already exists.
Creating admin account admin@alpuket-merah.com...done. Creating root alias...done.
Creating postmaster alias...done.
Creating user spam.y0hhpvloop@alpuket-merah.com...done. Creating user ham.ichb2mizdu@alpuket-merah.com...done.
Creating user virus-quarantine.fpc45mquof@alpuket-merah.com...done. Setting spam training and Anti-virus quarantine accounts...done.
Initializing store sql database...done.
Setting zimbraSmtpHostname for mail.alpuket-merah.com...done. Configuring SNMP...done.
Setting up syslog.conf...done. Starting servers...done. Installing common zimlets...
com_zimbra_attachcontacts...done. com_zimbra_ymemoticons...done. com_zimbra_tooltip...done. com_zimbra_date...done. com_zextras_chat_open...done. com_zimbra_proxy_config...done. com_zimbra_email...done. com_zimbra_mailarchive...done. com_zextras_drive_open...done. com_zimbra_url...done. com_zimbra_viewmail...done. com_zimbra_webex...done. com_zimbra_bulkprovision...done. com_zimbra_phone...done. com_zimbra_clientuploader...done. com_zimbra_cert_manager...done. com_zimbra_srchhighlighter...done. com_zimbra_adminversioncheck...done. com_zimbra_attachmail...done.
Finished installing common zimlets. Restarting mailboxd...done.
Creating galsync account for default domain...done.
You have the option of notifying Zimbra of your installation.
This helps us to track the uptake of the Zimbra Collaboration Server. The only information that will be transmitted is:
The VERSION of zcs installed (8.8.15_GA_3869_UBUNTU18_64) The ADMIN EMAIL ADDRESS created (admin@alpuket-merah.com) Notify Zimbra of your installation? [Yes] Yes
Notifying Zimbra of installation via
http://www.zimbra.com/cgi-bin/notify.cgi?VER=8.8.15_GA_3869_UBUNTU18_64&MAIL=admin@alpuket-merah.com Notification complete
35
January 30, 2021Checking if the NG started running...done. Setting up zimbra crontab...done.
Moving /tmp/zmsetup.20210125-135759.log to /opt/zimbra/log Configuration complete - press return to exit
root@mail:/home/ubuntu/zcs-8.8.15_GA_3869.UBUNTU18_64.20190918004220# su - zimbra zimbra@mail:~$ zmcontrol status
Host mail.alpuket-merah.com amavis Running antispam Running antivirus Running ldap Running logger Running mailbox Running memcached Running mta Running opendkim Running proxy Running service webapp Running snmp Running spell Running stats Running zimbra webapp Running zimbraAdmin webappRunning zimlet webapp Running zmconfigd Running zimbra@mail:~$ exit
{4}_Setting Active Directory Authentication dan Create User
Login ke web admin zimbra dengan port 7071, sesuaikan dengan ip address jaringan / domain yang sudah dibuat di active directory, misal: https://mail.alpuket-merah.com:7071
Masukan user admin zimbra: admin@alpuket-merah.com dan password: P@ssw0rd! Tampilan web admin zimbra.
36
January 30, 2021Masuk menu Configure, Domains, Pilih domain alpuket-merah.com, Configure Authentication.
Pilih External Active Directory
37
January 30, 2021Masukan username active directory yang sudah di buat di windows server 2008 r2: sa2008 , password: Jika saat Test muncul keterangan Authentication test succeded, maka zimbra sudah berhasil terkoneksi dengan active directory yang ada pada windwos server 2008 r2. Nexts ampai Finish.
Create user, dari web admin zimbra, masuk menu Manage, Accounts, New.
Harus diperhatikan sebelum membuat user, pada isian account name harus sama dengan user logon name yang ada pada user active directory. Misal: sa2008 . Finish.
38
January 30, 2021Login ke web user zimbra dengan alamat: https://mail.alpuket-merah.com , masukan username dan password user.
39
January 30, 2021
Ubuntu 20.04.1 LTS
Install OnlyOffice Documents v6.1
{1}_Setting ip address, hosts, hostname
root@doc:/home/ubuntu# nano /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system # For more information, see netplan(5).
network: version: 2 renderer: networkd ethernets: enp0s3: dhcp4: no addresses: [10.24.10.93/24] gateway4: 10.24.10.1 nameservers: addresses: [10.24.10.89] search: [alpuket-merah.com] root@doc:/home/ubuntu# netplan apply root@doc:/home/ubuntu# nano /etc/hosts
127.0.0.1 localhost
10.24.10.93 doc.alpuket-merah.com doc 10.24.10.73 office.alpuket-merah.com office root@doc:/home/ubuntu# nano /etc/hostname
doc.alpuket-merah.com
{2}_Install PostgresSQL
root@doc:/home/ubuntu# apt-get install postgresql
The created database must have onlyoffice both for user and password
root@doc:/home/ubuntu# sudo -i -u postgres psql -c "CREATE DATABASE onlyoffice;"
root@doc:/home/ubuntu# sudo -i -u postgres psql -c "CREATE USER onlyoffice WITH password 'onlyoffice';"
root@doc:/home/ubuntu# sudo -i -u postgres psql -c "GRANT ALL privileges ON DATABASE onlyoffice TO onlyoffice;"
{3}_Install rabbitmq dan nginx-extras
root@doc:/home/ubuntu# apt install rabbitmq-server -y root@doc:/home/ubuntu# apt install nginx-extras
{4}_Change default port onlyoffice docs to 80
root@doc:/home/ubuntu# echo onlyoffice-documentserver onlyoffice/ds-port select 80 | sudo debconf-set-selections
{5}_Install OnlyOffice Docs
root@doc:/home/ubuntu# sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys CB2DE8E5
root@doc:/home/ubuntu# sudo echo "deb https://download.onlyoffice.com/repo/debian squeeze main" | sudo tee /etc/apt/sources.list.d/onlyoffice.list
root@doc:/home/ubuntu# apt update && apt install ttf-mscorefonts-installer -y root@doc:/home/ubuntu# apt install onlyoffice-documentserver -y
40
January 30, 2021
Ubuntu 20.04.1 LTS
Install OnlyOffice Groups v11.0{1}_Setting ip address, hosts, hostname
root@office:/home/ubuntu# nano /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system # For more information, see netplan(5).
network: version: 2 renderer: networkd ethernets: enp0s3: dhcp4: no addresses: [10.24.10.73/24] gateway4: 10.24.10.1 nameservers: addresses: [10.24.10.89] search: [alpuket-merah.com] root@office:/home/ubuntu# netplan apply root@office:/home/ubuntu# nano /etc/hosts
127.0.0.1 localhost
10.24.10.93 doc.alpuket-merah.com doc 10.24.10.73 office.alpuket-merah.com office root@office:/home/ubuntu# nano /etc/hostname
office.alpuket-merah.com
{2}_Download installation script file
root@office:/home/ubuntu# wget https://download.onlyoffice.com/install/install-Debian.sh
{3}_Install onlyoffice groups
root@office:/home/ubuntu# bash install-Debian.sh -it GROUPS
Tunggu hingga installasi selesai…
{4}_Welcome page onlyoffice portal
Create password admin onlyoffice: P@ssw0rd! Masukan email admin: admin@alpuket-merah.com
41
January 30, 2021{5}_Administrator Dashboard OnlyOffice
{6}_Setting Active Directory Authentication
Masuk Control Panel, LDAP, Enable LDAP Authentication, Server: LDAP://10.24.10.89
Port number: 389
User DN: DC=alpuket-merah,DC=com Login Attribute: sAMAccountName User Filter: (userPrincipalName=*)
42
January 30, 2021Attribute Mapping, Add Attribute Profile Photo : JpegPhoto Enable: Group Membership
Group DN: DC=alpuket-merah,DC=com User Attribute: distinguishedName Group Name Attribute: cn
Group Filter: (objectClass=group) Group Member Attribute: member
43
January 30, 2021Enable: Authentication
Login: sa2008@alpuket-merah.com Password: P@ssw0rd!
Ceklis: Send Welcome Letter Save
Enable: Auto Sync , Sync
{7}_Integration Document Service
Document Editing Service Address: http://doc.alpuket-merah.com Document Service Address: http://doc.alpuket-merah.com
44
January 30, 2021 {8}_Integration SMTP Settings Host: mail.alpuket-merah.com Port: 465 Ceklis: AuthenticationHost Login: no-reply@alpuket-merah.com Host Password: P@ssw0rd!
Sender Display name: [BOT] OnlyOffice Postman Sender Email Address: no-reply@alpuket-merah.com Ceklis: Enable SSL
Save, Send Test Mail.
{9}_Tes login dengan user active directory
Username: sa2008@alpuket-merah.com Password: P@ssw0rd!
45
January 30, 2021Dasboard User
{10}_Setting Mail Zimbra Connect to OnlyOffice
Masuk Mail, Settings, Account Management, +Set up the first account
Email: sa2008@alpuket-merah.com Receive mail
POP Server: mail.alpuket-merah.com
Port POP: 995 , Authentication type: Simple Password Login: sa2008@alpuket-merah.com
Password email: P@ssw0rd! Encryption for POP Server: SSL Send mail
SMTP Server: mail.alpuket-merah.com
Port SMTP: 465 , Authentication type: Simple Password Login: sa2008@alpuket-merah.com
Password email: P@ssw0rd! Encryption for SMTP Server: SSL
46
January 30, 2021Tampilan jika user onlyoffice sudah terkoneksi dengan mail zimbra maka akan terlihat list mail pada inbox.
{11}_Setting Documents Connect to Nextcloud file server
Masuk Documents, Setting, Connected clouds, +Connect
Connection url: http://nextcloud.alpuket-merah.com/remote.php* (url bisa dilihat di nextcloud)
Login: sa2008@alpuket-merah.com (user active directory, dengan catatan: nextcloud sudah terintegrasi dengan active directory)
Password:
47
January 30, 2021url WebDav pada nextcloud untuk mengintegrasikan dengan onlyoffice.
48
January 30, 2021{12}_Mengkoneksikan OnlyOffice Desktop Editor dengan server onlyoffice
Download OnlyOffice Desktop Editor:
https://download.onlyoffice.com/install/desktop/editors/windows/distrib/onlyoffice/DesktopEditors_x 86.exe?_ga=2.42085155.764533964.1595236576-1157782750.1587541027
Connect to cloud, pilih OnlyOffice, masukan alamat server only office: http://office.alpuket-merah.com, Connect now.
Login dengan user active directory
49
January 30, 2021
Ubuntu 16.04.7 LTS
Install Nextcloud{1}_Setting ip address, hosts, hostname
root@cloud:/home/ubuntu# nano /etc/network/interfaces source /etc/network/interfaces.d/*
# The loopback network interface auto lo
iface lo inet loopback
# The primary network interface auto enp0s3
iface enp0s3 inet static address 10.24.10.72 netmask 255.255.255.0 network 10.24.10.0 broadcast 10.24.10.255 gateway 10.24.10.1 dns-nameservers 10.24.10.89 search alpuket-merah.com
root@cloud:/home/ubuntu# /etc/init.d/networking restart root@cloud:/home/ubuntu# nano /etc/hosts
127.0.0.1 localhost
10.24.10.72 nextcloud.alpuket-merah.com nextcloud root@cloud:/home/ubuntu# nano /etc/hostname
cloud.alpuket-merah.com
{2}_Install Apache2
root@cloud:/home/ubuntu# apt update && apt install apache2 -y root@cloud:/home/ubuntu# systemctl stop apache2.service root@cloud:/home/ubuntu# systemctl start apache2.service root@cloud:/home/ubuntu# systemctl enable apache2.service
{3}_Install mariadb
root@cloud:/home/ubuntu# apt install mariadb-server mariadb-client -y root@cloud:/home/ubuntu# systemctl stop mysql.service
root@cloud:/home/ubuntu# systemctl start mysql.service root@cloud:/home/ubuntu# systemctl enable mysql.service root@cloud:/home/ubuntu# mysql_secure_installation
{4}_Install PHP7.2
root@cloud:/home/ubuntu# apt install software-properties-common -y
root@cloud:/home/ubuntu# add-apt-repository ppa:ondrej/php && sudo apt update
root@cloud:/home/ubuntu# apt install php7.2 libapache2-mod-php7.2 php7.2-common php7.2-curl mbstring xmlrpc mysql gd xml intl ldap php7.2-imagick php7.2-json php7.2-cli php7.2-zip php7.2-gd unzip -y
root@cloud:/home/ubuntu# nano /etc/php/7.2/apache2/php.ini file_uploads = On
50
January 30, 2021 short_open_tag = On memory_limit = 256M upload_max_filesize = 100M max_execution_time = 360 date.timezone = Asia/Jakartaroot@cloud:/home/ubuntu# systemctl restart apache2.service
{5}_Create Database
root@cloud:/home/ubuntu# mysql -u root -p MariaDB [(none)]> CREATE DATABASE nextcloud;
MariaDB [(none)]> CREATE USER 'user'@'localhost' IDENTIFIED BY 'password';
MariaDB [(none)]> GRANT ALL ON nextcloud.* TO 'user'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT;
{6}_Download Nextcloud 20.0.6
root@cloud:/home/ubuntu# wget https://download.nextcloud.com/server/releases/nextcloud-20.0.6.zip
root@cloud:/home/ubuntu# unzip nextcloud-20.0.6.zip
root@cloud:/home/ubuntu# mv nextcloud /var/www/html/nextcloud
root@cloud:/home/ubuntu# chown -R www-data:www-data /var/www/html/nextcloud/
root@cloud:/home/ubuntu# chmod 755 /var/www/html/nextcloud/
{7}_Create Virtual host
root@cloud:/home/ubuntu# nano /etc/apache2/sites-available/nextcloud.alpuket-merah.com.conf
<VirtualHost *:80> ServerAdmin admin@alpuket-merah.com DocumentRoot /var/www/html/nextcloud ServerName nextcloud.alpuket-merah.com <Directory /var/www/html/nextcloud/> Options FollowSymlinks AllowOverride All Require all granted </Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>
root@cloud:/home/ubuntu# a2ensite nextcloud.alpuket-merah.com.conf
root@cloud:/home/ubuntu# systemctl reload apache2.service
{8}_Install Nextcloud dari komputer client, akses: nextcloud.alpuket-merah.com
Create user: admin Password admin: User database: user
Password database: password Nama database: nextcloud Lokasi database: localhost
51
January 30, 2021Ceklis Install recommended apps, Finis setup
52
January 30, 2021Tampilan dashboard nextcloud
{9}_Setting LDAP
Enable module LDAP user and group backend di menu apps.
LDAP / AD integration
Server: alpuket-merah.com port: 389
User active directory: cn=super sa2008. admin,ou=UserDomain,dc=alpuket-merah,dc=com Password user:
Base DN: dc=alpuket-merah,=dc=com
53
January 30, 2021Cara mengetahui rumus user active directory dengan tool: Active Directory Explorer Pilih user sa2008, pada distinguihedName, akan terlihat
cn=super sa2008. admin,ou=UserDomain,dc=alpuket-merah,dc=com
Pada tab Users, pastikan Only these object classes: person
54
January 30, 2021Pada tab Login Attributes, ceklis LDAP / AD Username dan LDAP / AD Email Address.
Pastika attribute yang ada pada user active directory bagian Email di isi di sesuaikan dengan email yang sudah terdaftar di zimbra.
Pada tab Groups, pilih UserGroup pada Only from these groups. Jika di verify maka akan muncul 1 group found. Selesai.
55
January 30, 2021{10}_Mengkoneksikan Nextcloud Desktop dengan Nextcloud server
Download Nextcloud for Desktop:
https://github.com/nextcloud/desktop/releases/download/v3.1.1/Nextcloud-3.1.1-x64.msi
Masukan server address: http://nextcloud.alpuket-merah.com
Login to your Nextcloud, masukan username dan password, Log in, Grant access.
56
January 30, 2021{11}_Mengkoneksikan Nextcloud Mobile android dengan nextcloud server
Download aplikasi nextcloud dari play store android.
Masukan server address: http://nextcloud.alpuket-merah.com
57
January 30, 2021
Windows 7 SP1
{1}_Tes login hotspot dari komputer client menggunakan user active directory
Akses url: hotspot.alpuket-merah.com User: sa2008
Password: P@ssw0rd!
(Catatan: untuk username bisa menggunakan format seperti berikut)
{2}_Tes login vpn dari komputer client menggunakan user active directory
Create VPN client, username: sa2008@alpuket-merah.com, server: 192.168.56.100, Data encryption: Require encryption. Ceklis: Microsoft CHAP Version 2 (MS-CHAP v2).
58
January 30, 2021
REFERENSI
• Tutorial MikroTik https://gerakanopensource.wordpress.com/2016/01/03/konfigurasi-router-mikrotik-interface-ip- address-ip-route-ip-dns-ip-dhcp-server-ip-firewall-nat-ip-firewall-mangle-hotspot-server-radius-server-manajemen-bandwidth-queue-tree/• Template Login MikroTik
https://gerakanopensource.wordpress.com/2019/01/11/template-login-hotspot-mikrotik-responsive-bootstrap-design-premium/ • Tutorial Zimbra https://gerakanopensource.wordpress.com/2016/01/20/install-zimbra-mail-server-di-ubuntu-14-04/ • Onlyoffice Docs https://helpcenter.onlyoffice.com/installation/docs-community-install-ubuntu.aspx • Onlyoffice Groups https://helpcenter.onlyoffice.com/installation/groups-install-ubuntu.aspx • NextCloud https://nextcloud.com/install/#instructions-server • Zimbra https://www.zimbra.com/try/zimbra-collaboration-open-source/ • Tutorial OnlyOffice https://gerakanopensource.wordpress.com/2016/07/19/membangun-web-office-menggunakan-aplikasi-onlyoffice-berbasis-cloud-lengkap/ •