How to configure Multi-tenancy on Zimbra Talk


How to configure Multi-tenancy on Zimbra Talk

   KB 22703        Last updated on 09/20/2016  




0.00
(0 votes)
Article-check.png  - This is certified documentation and is protected for editing by Zimbra Employees & Moderators only.

Zimbra Talk specializes in providing services for real time communication and it includes several components. In minimal installation a Zimbra environment and a single additional server (the Talk server) are required. At the moment the only supported platform for the Talk Server is Ubuntu 14.04 (64bit).

The Zimbra Talk system enables its users to perform text chat, text conference, video chat & video conference as well as online document collaboration between the participants of a Zimbra Talk session, using Zimbra Zimlet technology.

Zimbra Collaboration Multi tenancy diagram.png

Limitations

  • For a full-featured experience with Zimbra Talk the usage of the Google Chrome >=34.0 web-browser is recommended. Chromium >=34.0 will also work on most operating systems, except Debian Testing due to Debian specifc changes in the sandbox handling
  • The Safari web-browser and Microsoft’s Internet Explorer are supported as well, when the Temasys WebRTC plugin is installed for the respective browser. Firefox is currently not fully supported
  • A functional webcam, microphone & headphones are also needed for videoconferences.
  • Another limitation is the bandwidth which is available for the user. If many users, e.g. more than 6 users, are using the videochat application at the same time, the complete uplink and downlink bandwidth of a slow Internet

connection (<= 16000Mbit/s) could be saturated, affecting the quality of the conversation.

Prerequisites

Before performing the configuration for multi-tenancy on Zimbra Talk, these prerequisites must be fulfilled:

  • A working Zimbra 8.6 or above environment
  • A working Zimbra Talk environment
  • Knowledge and understanding of your network infrastructure setup, especially in regard to your Firewall and DNS settings
  • Access to DNS management to create the required DNS settings per each tenant domain
  • Access to Firewall management to enable required communication between Zimbra server/s and Zimbra Talk server/s
  • Root access to the Zimbra and Talk Server.
  • Have added the domain, or domains, correctly to Zimbra Collaboration, and have some users on it

System Requirements

Wiki-zimbra-talk-001.png

Preparing Zimbra Environment

Preauth key per domain

When you want to configure multi-tenancy on Zimbra Talk, you might want to allow it for some domains on Zimbra, but doesn't allow it for others domains. For those domains you want to enable Zimbra Talk, you need to create a preauth key (this command take some time before complete):

zmprov gdpak example2.net

Configuring Zimbra Talk

Updating Prosody configuration

Zimbra Talk Prosody component must be updated per each new domain you add to Zimbra Collaboration.

  • Note 1: All the domains you had before install Zimbra Talk will be per-configured on the Zimbra Talk Prosody component
  • Note 2: You can add a domain, or a batch of domains before update the Zimbra Talk Prosody configuration, you can run the Prosody update as many times as you need (when you add a new domain or domains)
cd /usr/share/ztalk/libexec/
./update-prosody-conf
zimbraDefaultDomainName: example.com
updating domains in ini from ldap
updated Rosterfilter for Domain example.com
Parameter not found: ZIMBRA_URL_MODE
updated Rosterfilter for Domain example2.net
Parameter not found: ZIMBRA_URL
Parameter not found: ZIMBRA_URL_MODE

Checking the new Prosody configuration

Check the Zimbra Talk Prosody configuration is a good method to check if we have all the needed domains properly configured:

more /etc/zimbra-talk/talk.defaults.cfg

You will be able to see all the domains after the [global] configuration part:

[domain:example.com]
RosterFilter = (&(objectClass=zimbraDistributionList)(uid=*))
zimbraPreAuthKey = a5694038280572f799223ac5457890d60e697e8965942b0f0428b2323112
ZIMBRA_URL = https://mail.example.com

[domain:example2.net]
RosterFilter = (&(objectClass=zimbraDistributionList)(uid=*))
zimbraPreAuthKey = f569403825689433f45545ac5457890d60e697e8965942b0f042856788445
ZIMBRA_URL = https://mail.example2.net

Another place to check if you have the proper configuration per each tenant domain, is by checking the Zimbra Talk Prosody configuration directory:

root@zimbratalk:/usr/share/ztalk/libexec# ls -la /etc/prosody/conf.d/
total 24
drwxr-xr-x 2 root    root    4096 Jun  2 05:29 .
drwxr-xr-x 4 prosody prosody 4096 Jun  1 17:34 ..
-rw-r--r-- 1 root    root    2651 Jun  2 05:29 example2.net.cfg.lua
-rw-r--r-- 1 root    root    1395 Jun  1 17:34 localhost.cfg.lua
-rw-r--r-- 1 root    root    2102 Jun  2 05:29 vnctalk-jitsi-meet.cfg.lua
-rw-r--r-- 1 root    root    2637 Jun  2 05:29 example.com.cfg.lua

DNS entries

The Zimbra Talk Prosody script creates as well the needed DNS if you are planning to use external XMPP Clients as Pidgin, etc. You can check all the DNS configurations per each tenant (for bind and dnsmasq) on the next directory:

root@zimbratalk:/usr/share/ztalk/libexec# ls -la /etc/zimbra-talk/dns.d/
total 24
drwxr-xr-x 2 root root 4096 Jun  2 05:29 .
drwxr-xr-x 3 root root 4096 Jun  2 05:29 ..
-rw-r--r-- 1 root root  265 Jun  2 05:29 example2.net.bind.conf
-rw-r--r-- 1 root root  219 Jun  2 05:29 example2.net.dnsmasq.conf
-rw-r--r-- 1 root root  251 Jun  2 05:29 example.com.bind.conf
-rw-r--r-- 1 root root  205 Jun  2 05:29 example.com.dnsmasq.conf

If you open one of them, you will see the DNS entries which each tenant must add to their public DNS configuration, take a look to this example where the tenant with example2.net must add to their DNS the next:

_xmppconnect.example2.net.       300     IN      TXT     "_xmpp-client-xbosh=https://zimbratalk.example.com:443/http-bind"
_xmppconnect.external.example2.net.            300     IN      TXT     "_xmpp-client-xbosh=https://zimbratalk.example.com:443/http-bind" 

Restarting Zimbra Talk Prosody

After following all the previous steps, the last one is to restart the Zimbra Talk Prosody service

service prosody restart

Testing the new Zimbra Talk for tenant domains

The end-users can now login as usual on their tenant domain or domains, and they will be able to see the other users as expected and chatting with them:

Zimbratalk-multitenant-001.png


Zimbra Talk

zimbra-talk-logo.png

Latest Version: 2.3

Zimbra Talk Resources

Here you can find useful resources for your Zimbra Talk environment

Verified Against: Zimbra Collaboration Suite 8.6, 8.7 Date Created: 02/06/2016
Article ID: https://wiki.zimbra.com/index.php?title=How_to_configure_Multi-tenancy_on_Zimbra_Talk Date Modified: 09/20/2016



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Wiki/KB reviewed by Jorge SME2 Copyeditor Last edit by Jorge de la Cruz Mingo
Jump to: navigation, search