Apple Calendar Server and 389org Directory Server

DISCLAIMER: Not An HowTo

Welcome to a short guide about binding Apple Calendar Server (ACS) to a 389 Directory Server. Aim of this guide is to point a couple of common pittfalls.

Prerequisites:

  1. install ACS with default authentication. Remember:
    1. enable user_xattr on your directory
  2. install 389org

Download ldapdirectory.py – the backend written for OpenLdap from http://trac.calendarserver.org/attachment/ticket/260/ldapdirectory.patch

Modify ldapdirectory.py to reflect your attributes (eg I use “mail” instead of “uid”, “nsUniqueId” instead of “entryUUID” ).

I suggest to add some more log and error lines to ldapdirectory to speed up debugging.

Modify your configuration file like http://trac.calendarserver.org/attachment/ticket/260/caldavd-sample.plist

Remember to fix it with your parameter and to DISABLE all authentication types but BASIC-AUTH.

This is because ACS uses MD5-DIGEST by default, making impossible to forward the password to the Ldap Server (see http://en.wikipedia.org/wiki/Digest_access_authentication)