En/3.2/OpenChange (Microsoft(R) Exchange native replacement)
Introduction to OpenChange Technology
Zentyal integrates OpenChange the first and only native drop-in replacement for Microsoft® Exchange Server technologies. With OpenChange, Microsoft Outlook® clients continue to work unchanged, without needing any plug-ins, reconfiguration or migration.
OpenChange achieves complete compatibility because it implements the same MAPI (1) protocols as existing mail and groupware clients: the MAPI protocol, and optionally ActiveSync®. This protocols manage, not just the electronic mail, but also contact lists and calendars.
In addition to being a MAPI server, OpenChange is a bridge between MAPI and these Internet-standard protocols (IMAP, SMTP, CalDAV, etc), keeping both sides synchronised. A message in the Microsoft Outlook® inbox is visible in Mozilla Thunderbird's view of the same account via IMAP, and when deleted the message disappears from both sides. Similarly, a calendar entry made in Mozilla Lightning over the CalDAV protocol is visible and modifiable from Microsoft Outlook®.
To get an overview of where is OpenChange located in relation to the other Zentyal Components and the basics of its interactions and protocols you can review the next diagram:
OpenChange itself is a Samba4 plugin, using Samba4 for user information, authentication and the Global Address List directory service, which contains the user accounts of the organization. As previously mentioned the Microsoft Outlook® client can communicate natively with this component, there is no need to re-join the client to a domain or to install any external software.
OpenChange features an abstraction layer that makes it possible to communicate with different Storage backends. This backend will be in charge of storing and serving the different databases needed to enable groupware collaboration, using a MySQL database and to bridge the mail system, talking with the standard mail components in their native protocols (typically IMAPS and SMTPS).
Zentyal offers a Webmail platform integrated with OpenChange (not to be confused with the generic webmail Webmail service). Using this platform, you can offer a HTTP/HTTPS gateway to interact with all the mentioned mail and groupware features.
Configuring a stand-alone OpenChange server
OpenChange depends on the Users and Computers (Samba4) and Electronic Mail Service (SMTP/POP3-IMAP4) components, as derived by the diagram. This means that your Zentyal server already has a Microsoft® Server-compatible domain and a Virtual Mail domain that will be used to provide the OpenChange services.
After installing and enabling the module, you need to provision OpenChange. Go to OpenChange ‣ Setup where you can see the following page:
In the stand-alone scenario this will be the first exchange server, so in the drop down menu you will select New One and choose the Organization Name. This name will become a node in Samba4's Active Directory tree that will contain all the attributes related with the Microsoft®Exchange environment.
Once you click on Setup OpenChange will be provisioned, modifying Samba4 Active Directory schema. This modification makes the new schema compatible with a Microsoft® Windows Server that also features a Microsoft® Exchange Server, making it possible to become its additional controller.
As you see in the capture, an OpenChange account can be automatically supplied to all the existing users of this Zentyal Server.
OpenChange accounts are disabled by default for the new users, if you wish to automatically supply an OpenChange account to the new users, you need to modify the User Template from Users and Computers ‣ User Template.
Configuring the OpenChange Server as an additional exchange server
In order to configure our OpenChange module in additional mode, first you need to have Zentyal Server inside the Windows Domain, as specified in the chapter File sharing and Domain Services. Your server can act as an additional exchange both if you are the main domain controller or just an additional domain controller.
With your Zentyal Server already joined to the domain, you will access OpenChange configuration and choose the existing organization from the drop down list
From our Microsoft® Exchange server, you can check the list of available exchange servers creating a new mailbox
Configuring the Microsoft® Outlook Client
There are basically three different configuration scenarios:
- The client is inside the organization's network and joined to the domain
- The client is inside the organization's network but not joined to the domain
- The client wants to use Microsoft® Outlook from an external network (over the Internet)
The first case is fairly straightforward, since the user's credentials are already loaded at login.
Zentyal OpenChange enables autodiscovery protocol for Microsoft® Outlook and makes it possible to automatically create the account using just the information provided at login.
It is possible that you receive a warning related with the server's certificate if you have not signed this certificate with a valid CA. To learn more about certificate validation, please read the Certification authority (CA) chapter. It is safe to continue despite this warning.
Once the configuration wizard is complete, your Microsoft® Outlook client will be ready to use:
If the client is located inside the network but not joined to the domain, the only difference will be setting the user credentials.
You will have to login again at the end of the process
In the third case, connecting a Microsoft Outlook® client from any point of the Internet, you will have to access the local network though a VPN.
Configuring 'Out Of Office' notifications from the Microsoft Outlook® client
One of the most common mail filters that your users may want to configure is the automatic response in case of not being available at the office for an extended period, so their partners will be aware that their messages will not be replied in the short term.
From your Microsoft Outlook® client, you can use the assistant to configure Out Of Office
Where you will be able to configure the following options
From this interface, you can configure the time period and the desired message to be replied. You can even configure different messages whether the message comes from an internal user (internal mail domain) or any other external user. It is important to check the current limitations present in this feature, described at the end of this document.
The ActiveSync® protocol is widely used to synchronize mobile devices and also the most recent versions of Microsoft® Outlook.
There are two different software packages which provide this functionality on top of OpenChange (z-push and sogo-activesync), it is recommended to test both of them in order to analyse which one produces the best results for your deployment.
You will need to have the zentyal-openchange (>=3.4.2) and zentyal-webserver modules. For the sogo-activesync you will need also to have zentyal-sogo (OpenChange Webmail) installed and enabled.
Using the command line:
sudo apt-get install z-push
OR (packages are configured to raise a conflict between them):
sudo apt-get install sogo-activesync
Once you have installed one of the packages, you will be able to enable or disable the ActiveSync option from the OpenChange configuration on the Zentyal interface.
Devices will access ActiveSync® through Zentyal's webserver, ports 80 and 443 (SSL enabled) by default.
Apart from the described functionality using native clients, it could be very useful to deploy a web based clientto access our e-mail, calendars and contacts. It is important to differentiate between the OpenChange Webmail module with the Webmail module, which is based on the standard mail protocols and does not provide any groupware functionality besides electronic mail.
To use this module, you just need to install it and enable it. You will need to have an SSL port configured in the Webserver module in order to use the secure version (HTTPS).
Once you have enabled the module, you can access the web platform accessing the URL [https:/ https:/]/<server_FQDN>/SOGo/ or just clicking on the link shown in the OpenChange configuration:
Accessing this URL, you can see the main login screen, where you can also choose the desired language for the user:
You will first be shown the email interface
Using the drop down menu that you have available in the top part of the interface, you can access the calendars:
And also the address book, where you can view the Global Address List (GAL), which contains all the users registered in your domain, the personal address books of the user and custom distribution lists that can be used for mailing,
It is important to note that the set of features provided by the Microsoft® Outlook client is large, in this document we are considering the typical set of features that the average user will require to complete his/her daily tasks.
The following features are not available on the common Microsoft® Outlook versions (2003, 2007, 2010):
- Sending a mail with an embedded mail attached
- Using special characters for the mail user (like áéíóúñÑ)
- Deleting a mail folder
- Sending a contact via mail using Outlook format (vCard format is working)
- Assigning a task to a contact
- The 'Out of Office' functionality is only available for Microsoft® Outlook
2007 and 2010
- If the 'Out of Office' notification is enabled, only the date is applied,
time is ignored
- 'Out of Office' does not work if the username has capital letters
- It is not currently supported to unconfigure OpenChange once it has been configured for an Organization