--- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-services.ldap 2008-12-20 13:45:55.000000000 +1100 +++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-services 2008-12-20 13:46:32.000000000 +1100 @@ -4,6 +4,6 @@ /etc/rc.d/init.d/zarafa-ical $1 /etc/rc.d/init.d/zarafa-licensed $1 /etc/rc.d/init.d/zarafa-monitor $1 -/etc/rc.d/init.d/zarafa-server $1 /etc/rc.d/init.d/zarafa-spooler $1 +/etc/rc.d/init.d/zarafa-server $1 --- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-install.ldap 2008-12-20 12:35:46.000000000 +1100 +++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-install 2008-12-20 12:40:55.000000000 +1100 @@ -12,17 +12,16 @@ /sbin/e-smith/config setprop pop3s status disabled /sbin/e-smith/config setprop imap status disabled /sbin/e-smith/config setprop imaps status disabled - -/bin/echo "signal-events" -#/sbin/e-smith/signal-event email-update -/sbin/e-smith/signal-event remoteaccess-update - -# why doesn't email-update restart these on new ports ? -# need bigger event ? for now shut down /usr/bin/sv d /service/pop3 /usr/bin/sv d /service/pop3s /usr/bin/sv d /service/imap /usr/bin/sv d /service/imaps +/sbin/e-smith/expand-template /etc/rc.d/init.d/masq +/etc/init.d/masq restart + +#is this needed, it stalls during install ? +#/bin/echo "signal-events" +#/sbin/e-smith/signal-event remoteaccess-update /bin/echo "webaccess config" /bin/chown -R www:www /var/www/html/webaccess/tmp --- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-expand-templates.ldap 2008-10-04 07:17:37.000000000 +1000 +++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-expand-templates 2008-12-20 12:24:20.000000000 +1100 @@ -1,6 +1,5 @@ #!/bin/sh -/bin/echo "expanding zarafa templates" /sbin/e-smith/expand-template /etc/zarafa/dagent.cfg /sbin/e-smith/expand-template /etc/zarafa/gateway.cfg /sbin/e-smith/expand-template /etc/zarafa/ical.cfg @@ -9,3 +8,4 @@ /sbin/e-smith/expand-template /etc/zarafa/server.cfg /sbin/e-smith/expand-template /etc/zarafa/spooler.cfg /sbin/e-smith/expand-template /etc/zarafa/unix.cfg +/sbin/e-smith/expand-template /etc/zarafa/ldap.cfg --- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-update.ldap 2008-12-20 12:42:28.000000000 +1100 +++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-update 2008-12-20 12:43:08.000000000 +1100 @@ -9,7 +9,6 @@ # webaccess config /usr/bin/chown -R www:www /var/www/html/webaccess/tmp /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf -/sbin/e-smith/expand-template /etc/php.ini /usr/bin/sv restart /service/httpd-e-smith # expand zarafa templates --- smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-ical/TCPPort.ldap 2008-12-20 14:38:52.000000000 +1100 +++ smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-ical/TCPPort 2008-12-20 14:39:05.000000000 +1100 @@ -1 +1 @@ -8088 +8089 --- smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-server/Plugin.ldap 2008-12-20 11:34:58.000000000 +1100 +++ smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-server/Plugin 2008-12-20 11:35:18.000000000 +1100 @@ -0,0 +1 @@ +unix --- smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/gateway.cfg/gateway.cfg.ldap 2008-12-20 14:25:00.000000000 +1100 +++ smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/gateway.cfg/gateway.cfg 2008-12-20 14:25:14.000000000 +1100 @@ -3,7 +3,7 @@ server_bind = 0.0.0.0 -server_socket = http://localhost:{${'zarafa-server'}{TCPport}||'237';}/zarafa +server_socket = http://localhost:{${'zarafa-server'}{TCPport}||'236';}/zarafa # drop privileges and run the process as this user run_as_user = --- smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg.ldap 2008-12-20 11:41:13.000000000 +1100 +++ smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg 2008-12-20 14:32:06.000000000 +1100 @@ -0,0 +1,315 @@ +############################################################## +# LDAP/ACTIVE DIRECTORY USER PLUGIN SETTINGS +# +# Any of these directives that are required, are only required if the +# userplugin parameter is set to ldap. + +# LDAP host name/IP address +# Optional, default = localhost +ldap_host = localhost + +# LDAP port +# Optional, default = 389 +# Use 636 for ldaps +ldap_port = 389 + +# LDAP protocol +# Optional, default = ldap +# use 'ldaps' for SSL encryption. Make sure /etc/ldap/ldap.conf is +# configured correctly with TLS_CACERT +ldap_protocol = ldap + +# The charset that strings are stored in on the LDAP server. Normally this +# is utf-8, but this can differ according to your setup. The charset specified +# here must be supported by your iconv(1) setup. See iconv -l for all charset +ldap_server_charset = utf-8 + +# The DN of the user to bind as for normal operations (not used for +# authentication if ldap_authentication_method is set to "bind" +# Optional, default = empty (anonymous bind) +# The userPassword attribute must be readable for this user if the +# ldap_authentication_method option is set to password. +ldap_bind_user = cn=root,{ esmith::util::ldapBase ($DomainName); } + +# LDAP bind password +# Optional, default = empty (no password) +{ + open (PW, "/etc/openldap/ldap.pw") + || die "Could not read LDAP password.\n"; + my $pw = ; + chomp ($pw); + close PW; +"ldap_bind_passwd = $pw"; +} + +# Search for users starting from this DN +# Required +ldap_user_search_base = ou=Users,{ esmith::util::ldapBase ($DomainName); } + +# Search method to find a user, can be: base, one or sub +# Default: sub +ldap_user_scope = sub + +# Search for users using this LDAP filter. See ldap_search(3) or RFC +# 2254 for details on the filter syntax. +# Optional, default = empty (match everything) +# For active directory, use: +# (&(objectClass=person)(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=zarafa,DC=com)) +# For LDAP with posix users, use: +# (objectClass=posixAccount) +ldap_user_search_filter = (objectClass=posixAccount) + +# unique user id for find the user +# Required +# For active directory, use: +# objectSid +# For LDAP with posixAccount, use: +# uidNumber +ldap_user_unique_attribute = uidNumber + +# Type of unique user id +# default: text +# For active directory, use: +# binary +# For LDAP with posix user, use: +# text +ldap_user_unique_attribute_type = text + +# Search for groups starting from this DN +# Required +ldap_group_search_base = ou=Groups,{ esmith::util::ldapBase ($DomainName); } + +# Search method to find a group, can be: base, one or sub +# Default: sub +ldap_group_scope = sub + +# Search for groups using this LDAP filter. See ldap_search(3) for +# details on the filter syntax. +# Optional, default = empty (match everything) +# For active directory, use: +# (objectClass=group) +# For LDAP with posix groups, use: +# (objectClass=posixGroup) +ldap_group_search_filter = (objectClass=posixGroup) + +# unique group id for find the group +# Required +# For active directory, use: +# objectSid +# For LDAP with posix group, use: +# gidNumber +ldap_group_unique_attribute = gidNumber + +# Type of unique group id +# default: text +# For active directory, use: +# binary +# For LDAP with posix group, use: +# text +ldap_group_unique_attribute_type = text + +# Optional, default = cn +# For active directory, use: +# displayName +# For LDAP with posix user, use: +# cn +ldap_fullname_attribute = cn + +# Optional, default = uid +# Active directory: sAMAccountName +# LDAP: uid +ldap_loginname_attribute = uid + +# Optional, default = userPassword +# Active directory: unicodePwd +# LDAP: userPassword +ldap_password_attribute = userPassword + +# Optional, default = mail +# Active directory: mail +# LDAP: mail +ldap_emailaddress_attribute = mail + +# Optional, default = userCertificate +# Active directory: userCertificate +# LDAP: userCertificate +ldap_user_certificate_attribute = userCertificate + +# Whether the user is an admin. The field is interpreted as a +# boolean, 0 and false (case insensitive) meaning no, all other values +# yes. +# Optional, default = zarafaAdmin +# Active directory: zarafaAdmin +# LDAP: zarafaAdmin +ldap_isadmin_attribute = zarafaAdmin + +# Whether a user is a non-active user. This means that the user will +# not count towards your user count, but the user will also not be +# able to log in +# Optional, default = empty +# Active directory: zarafaSharedStoreOnly +# LDAP: zarafaSharedStoreOnly +ldap_nonactive_attribute = + +# If set to bind, users are authenticated by trying to bind to the +# LDAP tree using their username + password. Otherwise, the +# ldap_password_attribute is requested and checked. +# Optional, default = bind +# Choices: bind, password +# Active directory: bind +# LDAP: password +ldap_authentication_method = password + +# Optional, default = cn +# Active directory: cn +# LDAP: cn +ldap_groupname_attribute = cn + +# Optional, default = member +# Active directory: member +# LDAP: member +ldap_groupmembers_attribute = member + +# Optional, default = text +# Active directory: dn +# LDAP: text +ldap_groupmembers_attribute_type = text + +# The attribute of the user which is listed in ldap_groupmember_attribute +# Empty default, using ldap_user_unique_attribute +ldap_groupmembers_relation_attribute = + +# Optional +# The attribute which indicates which companies are allowed +# to view the members of the selected company +ldap_user_sendas_attribute = zarafaSendAsPrivilege + +# Optional, default = text +ldap_user_sendas_attribute_type = text + +# The attribute of the user which is listed in the +# ldap_company_view_attribute +# Empty default, using ldap_user_unique_attribute +ldap_user_sendas_relation_attribute = + +# unique company id for find the company +# Default: ou +ldap_company_unique_attribute = ou + +# Optional, default = text +# Active directory: dn +# LDAP: text +ldap_company_unique_attribute_type = text + +# Search for companies starting from this DN +# Required +ldap_company_search_base = { esmith::util::ldapBase ($DomainName); } + +# Search method to find a company, can be: base, one or sub +# Default: sub +ldap_company_scope = sub + +# Search for companies using this LDAP filter. See ldap_search(3) or RFC +# 2254 for details on the filter syntax. +# Optional, default = empty (match everything) +# For active directory, use: +# (&(objectClass=organizationalUnit)(objectCategory=CN=Organization,CN=Schema,CN=Configuration,DC=zarafa,DC=com)) +# For LDAP with posix users, use: +# (objectClass=organizationalUnit) +ldap_company_search_filter = (objectClass=organizationalUnit) + +# Optional, default = cn +# Active directory: cn +# LDAP: cn +ldap_companyname_attribute = cn + +# Optional +# The attribute which indicates which companies are allowed +# to view the members of the selected company +ldap_company_view_attribute = zarafaViewPrivilege + +# Optional, default = text +ldap_company_view_attribute_type = text + +# The attribute of the company which is listed in the +# ldap_company_view_attribute +# Empty default, using ldap_company_unique_attribute +ldap_company_view_relation_attribute = + +# Optional +# The attribute which indicates which users from different companies +# are administrator over the selected company. +ldap_company_admin_attribute = zarafaAdminPrivilege + +# Optional, default = text +# Active directory: dn +# LDAP: text +ldap_company_admin_attribute_type = text + +# The attribute of the company which is listed in the +# ldap_company_admin_attribute +# Empty default, using ldap_user_unique_attribute +ldap_company_admin_relation_attribute = + +# The attribute which indicates which user is the system administrator +# for the specified company. +ldap_company_system_admin_attribute = zarafaSystemAdmin + +# Optional, default = text +# Active directory: dn +# LDAP: text +ldap_company_system_admin_attribute_type = text + +# The attribute of the company which is listed in the +# ldap_company_system_admin attribute +# Empty default, using ldap_user_unique_attribute +ldap_company_system_admin_relation_attribute = + +# Optional +# The attribute which indicates which users (besides the user who exceeds his quota) +# should also receive a warning mail when a user exceeds his quota. +ldap_quota_userwarning_recipients_attribute = zarafaQuotaUserWarningRecipients + +# Optional, default = text +# Active directory: dn +# LDAP: text +ldap_quota_userwarning_recipients_attribute_type = text + +# Optional, default empty +ldap_quota_userwarning_recipients_relation_attribute = + +# Optional +# The attribute which indicates which users should receive a warning mail +# when a company exceeds his quota. +ldap_quota_companywarning_recipients_attribute = zarafaQuotaCompanyWarningRecipients + +# Optional, default = text +# Active directory: dn +# LDAP: text +ldap_quota_companywarning_recipients_attribute_type = text + +# Optional, default empty +ldap_quota_companywarning_recipients_relation_attribute= + +# Whether to override the system wide quota settings +ldap_quotaoverride_attribute = zarafaQuotaOverride + +ldap_warnquota_attribute = zarafaQuotaWarn +ldap_softquota_attribute = zarafaQuotaSoft +ldap_hardquota_attribute = zarafaQuotaHard + +# Whether to override the system wide quota settings for all users within the company +ldap_userdefault_quotaoverride_attribute = zarafaUserDefaultQuotaOverride + +ldap_userdefault_warnquota_attribute = zarafaUserDefaultQuotaWarn +ldap_userdefault_softquota_attribute = zarafaUserDefaultQuotaSoft +ldap_userdefault_hardquota_attribute = zarafaUserDefaultQuotaHard + +# Mapping from the quota attributes to a number of bytes. Qmail-LDAP +# schema uses bytes (1), ADS uses kilobytes (1024). +ldap_quota_multiplier = 1 + +# When an object (user/group/company) is changed, this attribute will also change: +# Active directory: uSNChanged +# LDAP: modifyTimestamp +ldap_last_modification_attribute = modifyTimestamp