Free Busy Interop for Exchange

From Zimbra :: Wiki

Jump to: navigation, search
Admin Article

Article Information

This article applies to the following ZCS versions.
  ZCS 5.0 Article  ZCS 5.0

Contents

Free/busy Provider Framework

Zimbra provides a framework where the interop with Exchange servers can be added via an extension. Through the extension, Zimbra server can query the free/busy schedule of users on Exchange servers and also propagate free/busy schedule of a Zimbra user to the Exchange server.

Interop with Exchange 2003

Zimbra server has a default implementation of Exchange free busy provider. The Zimbra server can pull the free/busy schedule of a user on Exchange, and also push the free/busy schedule of a Zimbra user to the Exchange server. The retrieval of free/busy (Exchange to Zimbra) is done via a REST interface on the Exchange server. The propagation of free/busy (Zimbra to Exchange) is done via WebDAV interface on the Exchange server. In both cases, Zimbra needs to authenticate to the Exchange server via HTTP basic authentication or HTML form based authentication ala OWA.

In order to enable the default Exchange free busy interop implementation, the following conditions need to be met.

  1. There should be a single AD in the system or Global Catalog is available.
  2. Zimbra server can access HTTP(S) port of IIS on at least one of the Exchange server.
  3. The Web interface to Exchange public folders (http://server/public/) needs to be available via IIS.
  4. Zimbra users need to be provisioned as a contact on Active Directory using the same administrative group for each mail domain.
  5. The Exchange username must be provisioned in the account attribute zimbraForeignPrincipal for all the Zimbra users.

The conditions 4 and 5 are required only for Zimbra → Exchange free/busy replication. With the first three condition met, Exchange → Zimbra free/busy lookup is still possible.

After creating the contacts, the legacyExchangeDN attribute can be verified by running ADSI Edit tool, open the contact object. Search for the attribute legacyExchangeDN for the contact. For example the attribute value would be:

legacyExchangeDN : /o=First Organization/ou=First Administrative Group/cn=Recipients/cn=james

The substrings left and right of /cn=Recipients are important, and need to be consistent across the Zimbra contacts. The left part /o=First Organization/ou=First Administrative Group corresponds to the domain attribute zimbraFreebusyExchangeUserOrg. The value of cn corresponds to the Exchange account name specified in zimbraForeignPrincipal.

There are five global configuration variables on Zimbra to enable the interop with Exchange server.

  • zimbraFreebusyExchangeAuthUsername
  • zimbraFreebusyExchangeAuthPassword
  • zimbraFreebusyExchangeAuthScheme
  • zimbraFreebusyExchangeURL
  • zimbraFreebusyExchangeUserOrg

The zimbraFreebusyExchangeAuthUsername and zimbraFreebusyExchangeAuthPassword attributes are used to authenticate against Exchange server on REST and WebDAV interface. The zimbraFreebusyExchangeAuthScheme attribute can be set to basic or form, depending on how Exchange server is configured. When set to basic, Zimbra will attempt HTTP basic authentication. When set to form, it will POST HTML form to /exchweb/bin/auth/owaauth.dll to get the auth Cookie set. The zimbraFreebusyExchangeURL attribute should be set to the URL of the Exchange server. The zimbraFreebusyExchangeUserOrg attribute is the first part of the administrative group. Typically they are set to /o=First Organization/ou=First Administrative Group. Note that the value Org is from the legacyExchangeDN attribute of the user, not the DN of the user object.

Use the zmprov CLI tool to set the global configuration variables. For example, assuming the user zimbra exists on the Exchange server on exchange.mycompany.com with the password changeme:

# zmprov mcf zimbraFreebusyExchangeAuthUsername zimbra
# zmprov mcf zimbraFreebusyExchangeAuthPassword changeme
# zmprov mcf zimbraFreebusyExchangeAuthScheme basic
# zmprov mcf zimbraFreebusyExchangeURL http://exchange.mycompany.com
# zmprov mcf zimbraFreebusyExchangeUserOrg "/o=First Organization/ou=First Administrative Group"

Add the Zimbra account to Exchange account mapping to the zimbraForeignPrincipal attribute. Note that zimbraForeignPrincipal is a multi value attribute. Be careful not to wipe out the existing values when adding a new one. Use the prefix ad: in front of the Exchange account username to indicate the usage for Active Directory.

# zmprov ma james@mycompany.com zimbraForeignPrincipal ad:james

If there is more than one mail domain, zimbraFreebusyExchangeUserOrg can be set for each domain.

# zmprov md anotherdomain.com zimbraFreebusyExchangeUserOrg "/o=AnotherDomain/ou=First Administrative Group"

Interop with Exchange 2007

See http://wiki.zimbra.com/index.php?title=Setting_Up_Free_Busy_Interop_with_Exchange_2007

Interop with Exchange 2010

See http://wiki.zimbra.com/wiki/Setting_Up_Free_Busy_Interop_with_Exchange_2010

Complex Exchange Environment

If the Exchange environment does not meet the requirement for above, the default Exchange provider needs to be extended to work in such environment. Zimbra provides a Java interface.

com.zimbra.cs.fb.ExchangeFreeBusyProvider.ExchangeResolver

The interface requires one method.

public ServerInfo getServerInfo(String emailAddr);

The resolver implementation should take an email address of a user on AD, then return ServerInfo object. If the user is not found in AD it should return null. ServerInfo is defined as:

    public static class ServerInfo {
        public String url;
        public String org;
        public String cn;
        public String authUsername;
        public String authPassword;
        public AuthScheme scheme;  // basic or form
    }

Finally, the bootstrapping of the exchange provider can be done via ZimbraExtension. Following is an example to illustrate how this can be implemented.

    public class FbExtension implements ZimbraExtension {
        public void init() {
            ExchangeFreeBusyProvider.registerResolver(new ExchangeUserResolver() {
                public ServerInfo getServerInfo(String emailAddr) {
                    ServerInfo info = new ServerInfo();
                    info.url = "http://exchange.mycompany.com";
                    info.authUsername = "zimbra";
                    info.authPassword = "changeme";
                    info.scheme = AuthScheme.basic;
                    info.org = "/o=First Organization/ou=First Administrative Group";
                    info.cn = emailAddr;
                    if (emailAddr.indexOf('@') > 0)
                        info.cn = emailAddr.substring(0, emailAddr.indexOf('@'));
                    return info;
                }
            }, 0);
        }
    
        public void destroy() {
        }
        
        public String getName() {
            return "ExtensionFbProvider";
        }
    }



Troubleshooting

See http://wiki.zimbra.com/index.php?title=Troubleshooting_Exchange_Freebusy_Interop


Verified Against: 5.0.3 Date Created: 10/15/2008
Article ID: http://wiki.zimbra.com/index.php?title=Free_Busy_Interop_for_Exchange Date Modified: 03/22/2011
Personal tools