smeserver-zarafa/contribs7/smeserver-zarafa-0.9.0-ldap.patch

--- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-services.ldap 2008-12-20 13:45:55.000000000 +1100
+++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-services      2008-12-20 13:46:32.000000000 +1100
@@ -4,6 +4,6 @@
 /etc/rc.d/init.d/zarafa-ical $1
 /etc/rc.d/init.d/zarafa-licensed $1
 /etc/rc.d/init.d/zarafa-monitor $1
-/etc/rc.d/init.d/zarafa-server $1
 /etc/rc.d/init.d/zarafa-spooler $1
+/etc/rc.d/init.d/zarafa-server $1
 
--- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-install.ldap  2008-12-20 12:35:46.000000000 +1100
+++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-install       2008-12-20 12:40:55.000000000 +1100
@@ -12,17 +12,16 @@
 /sbin/e-smith/config setprop pop3s status disabled
 /sbin/e-smith/config setprop imap status disabled 
 /sbin/e-smith/config setprop imaps status disabled
-
-/bin/echo "signal-events"
-#/sbin/e-smith/signal-event email-update
-/sbin/e-smith/signal-event remoteaccess-update
-
-# why doesn't email-update restart these on new ports ? 
-# need bigger event ? for now shut down
 /usr/bin/sv d /service/pop3
 /usr/bin/sv d /service/pop3s
 /usr/bin/sv d /service/imap 
 /usr/bin/sv d /service/imaps
+/sbin/e-smith/expand-template /etc/rc.d/init.d/masq
+/etc/init.d/masq restart
+
+#is this needed, it stalls during install ?
+#/bin/echo "signal-events"
+#/sbin/e-smith/signal-event remoteaccess-update
 
 /bin/echo "webaccess config"
 /bin/chown -R www:www /var/www/html/webaccess/tmp
--- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-expand-templates.ldap 2008-10-04 07:17:37.000000000 +1000
+++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-expand-templates      2008-12-20 12:24:20.000000000 +1100
@@ -1,6 +1,5 @@
 #!/bin/sh
 
-/bin/echo "expanding zarafa templates"
 /sbin/e-smith/expand-template /etc/zarafa/dagent.cfg
 /sbin/e-smith/expand-template /etc/zarafa/gateway.cfg
 /sbin/e-smith/expand-template /etc/zarafa/ical.cfg
@@ -9,3 +8,4 @@
 /sbin/e-smith/expand-template /etc/zarafa/server.cfg
 /sbin/e-smith/expand-template /etc/zarafa/spooler.cfg
 /sbin/e-smith/expand-template /etc/zarafa/unix.cfg
+/sbin/e-smith/expand-template /etc/zarafa/ldap.cfg
--- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-update.ldap   2008-12-20 12:42:28.000000000 +1100
+++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-update        2008-12-20 12:43:08.000000000 +1100
@@ -9,7 +9,6 @@
 # webaccess config
 /usr/bin/chown -R www:www /var/www/html/webaccess/tmp
 /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
-/sbin/e-smith/expand-template /etc/php.ini
 /usr/bin/sv restart /service/httpd-e-smith
 
 # expand zarafa templates
--- smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-ical/TCPPort.ldap  2008-12-20 14:38:52.000000000 +1100
+++ smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-ical/TCPPort       2008-12-20 14:39:05.000000000 +1100
@@ -1 +1 @@
-8088
+8089
--- smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-server/Plugin.ldap 2008-12-20 11:34:58.000000000 +1100
+++ smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-server/Plugin      2008-12-20 11:35:18.000000000 +1100
@@ -0,0 +1 @@
+unix
--- smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/gateway.cfg/gateway.cfg.ldap   2008-12-20 14:25:00.000000000 +1100
+++ smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/gateway.cfg/gateway.cfg        2008-12-20 14:25:14.000000000 +1100
@@ -3,7 +3,7 @@
 
 server_bind    =       0.0.0.0
 
-server_socket  =       http://localhost:{${'zarafa-server'}{TCPport}||'237';}/zarafa
+server_socket  =       http://localhost:{${'zarafa-server'}{TCPport}||'236';}/zarafa
 
 # drop privileges and run the process as this user
 run_as_user = 
--- smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg.ldap 2008-12-20 11:41:13.000000000 +1100
+++ smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg      2008-12-20 14:32:06.000000000 +1100
@@ -0,0 +1,315 @@
+##############################################################
+#  LDAP/ACTIVE DIRECTORY USER PLUGIN SETTINGS
+#
+# Any of these directives that are required, are only required if the
+# userplugin parameter is set to ldap.
+
+# LDAP host name/IP address
+# Optional, default = localhost
+ldap_host = localhost
+
+# LDAP port
+# Optional, default = 389
+# Use 636 for ldaps
+ldap_port = 389
+
+# LDAP protocol
+# Optional, default = ldap
+# use 'ldaps' for SSL encryption. Make sure /etc/ldap/ldap.conf is
+# configured correctly with TLS_CACERT
+ldap_protocol = ldap
+
+# The charset that strings are stored in on the LDAP server. Normally this
+# is utf-8, but this can differ according to your setup. The charset specified
+# here must be supported by your iconv(1) setup. See iconv -l for all charset
+ldap_server_charset = utf-8
+
+# The DN of the user to bind as for normal operations (not used for
+# authentication if ldap_authentication_method is set to "bind"
+# Optional, default = empty (anonymous bind)
+# The userPassword attribute must be readable for this user if the
+# ldap_authentication_method option is set to password.
+ldap_bind_user = cn=root,{ esmith::util::ldapBase ($DomainName); }
+
+# LDAP bind password
+# Optional, default = empty (no password)
+{
+    open (PW, "/etc/openldap/ldap.pw")
+        || die "Could not read LDAP password.\n";
+    my $pw = <PW>;
+    chomp ($pw);
+    close PW;
+"ldap_bind_passwd = $pw";
+}
+
+# Search for users starting from this DN
+# Required
+ldap_user_search_base = ou=Users,{ esmith::util::ldapBase ($DomainName); }
+
+# Search method to find a user, can be: base, one or sub
+# Default: sub
+ldap_user_scope = sub
+
+# Search for users using this LDAP filter.  See ldap_search(3) or RFC
+# 2254 for details on the filter syntax.
+# Optional, default = empty (match everything)
+# For active directory, use:
+#   (&(objectClass=person)(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
+# For LDAP with posix users, use:
+#   (objectClass=posixAccount)
+ldap_user_search_filter = (objectClass=posixAccount)
+
+# unique user id for find the user
+# Required
+# For active directory, use:
+#    objectSid
+# For LDAP with posixAccount, use:
+#    uidNumber
+ldap_user_unique_attribute = uidNumber
+
+# Type of unique user id
+# default: text
+# For active directory, use:
+#              binary
+# For LDAP with posix user, use:
+#              text
+ldap_user_unique_attribute_type = text
+
+# Search for groups starting from this DN
+# Required
+ldap_group_search_base = ou=Groups,{ esmith::util::ldapBase ($DomainName); }
+
+# Search method to find a group, can be: base, one or sub
+# Default: sub
+ldap_group_scope = sub
+
+# Search for groups using this LDAP filter.  See ldap_search(3) for
+# details on the filter syntax.
+# Optional, default = empty (match everything)
+# For active directory, use:
+#   (objectClass=group)
+# For LDAP with posix groups, use:
+#   (objectClass=posixGroup)
+ldap_group_search_filter = (objectClass=posixGroup)
+
+# unique group id for find the group
+# Required
+# For active directory, use:
+#    objectSid
+# For LDAP with posix group, use:
+#    gidNumber
+ldap_group_unique_attribute = gidNumber
+
+# Type of unique group id
+# default: text
+# For active directory, use:
+#              binary
+# For LDAP with posix group, use:
+#              text
+ldap_group_unique_attribute_type = text
+
+# Optional, default = cn
+# For active directory, use:
+#   displayName
+# For LDAP with posix user, use:
+#   cn
+ldap_fullname_attribute = cn
+
+# Optional, default = uid
+# Active directory: sAMAccountName
+# LDAP: uid
+ldap_loginname_attribute = uid
+
+# Optional, default = userPassword
+# Active directory: unicodePwd
+# LDAP: userPassword
+ldap_password_attribute = userPassword
+
+# Optional, default = mail
+# Active directory: mail
+# LDAP: mail
+ldap_emailaddress_attribute = mail
+
+# Optional, default = userCertificate
+# Active directory: userCertificate
+# LDAP: userCertificate
+ldap_user_certificate_attribute = userCertificate
+
+# Whether the user is an admin.  The field is interpreted as a
+# boolean, 0 and false (case insensitive) meaning no, all other values
+# yes.
+# Optional, default = zarafaAdmin
+# Active directory: zarafaAdmin
+# LDAP: zarafaAdmin
+ldap_isadmin_attribute = zarafaAdmin
+
+# Whether a user is a non-active user. This means that the user will
+# not count towards your user count, but the user will also not be
+# able to log in
+# Optional, default = empty
+# Active directory: zarafaSharedStoreOnly
+# LDAP: zarafaSharedStoreOnly
+ldap_nonactive_attribute =
+
+# If set to bind, users are authenticated by trying to bind to the
+# LDAP tree using their username + password.  Otherwise, the
+# ldap_password_attribute is requested and checked.
+# Optional, default = bind
+# Choices: bind, password
+# Active directory: bind
+# LDAP: password
+ldap_authentication_method = password
+
+# Optional, default = cn
+# Active directory: cn
+# LDAP: cn
+ldap_groupname_attribute = cn
+
+# Optional, default = member
+# Active directory: member
+# LDAP: member
+ldap_groupmembers_attribute = member
+
+# Optional, default = text
+# Active directory: dn
+# LDAP: text
+ldap_groupmembers_attribute_type = text
+
+# The attribute of the user which is listed in ldap_groupmember_attribute
+# Empty default, using ldap_user_unique_attribute
+ldap_groupmembers_relation_attribute =
+
+# Optional
+# The attribute which indicates which companies are allowed
+# to view the members of the selected company
+ldap_user_sendas_attribute = zarafaSendAsPrivilege
+
+# Optional, default = text
+ldap_user_sendas_attribute_type = text
+
+# The attribute of the user which is listed in the
+# ldap_company_view_attribute
+# Empty default, using ldap_user_unique_attribute
+ldap_user_sendas_relation_attribute =
+
+# unique company id for find the company
+# Default: ou
+ldap_company_unique_attribute = ou
+
+# Optional, default = text
+# Active directory: dn
+# LDAP: text
+ldap_company_unique_attribute_type = text
+
+# Search for companies starting from this DN
+# Required
+ldap_company_search_base = { esmith::util::ldapBase ($DomainName); }
+
+# Search method to find a company, can be: base, one or sub
+# Default: sub
+ldap_company_scope = sub
+
+# Search for companies using this LDAP filter.  See ldap_search(3) or RFC
+# 2254 for details on the filter syntax.
+# Optional, default = empty (match everything)
+# For active directory, use:
+#   (&(objectClass=organizationalUnit)(objectCategory=CN=Organization,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
+# For LDAP with posix users, use:
+#   (objectClass=organizationalUnit)
+ldap_company_search_filter = (objectClass=organizationalUnit)
+
+# Optional, default = cn
+# Active directory: cn
+# LDAP: cn
+ldap_companyname_attribute = cn
+
+# Optional
+# The attribute which indicates which companies are allowed
+# to view the members of the selected company
+ldap_company_view_attribute = zarafaViewPrivilege
+
+# Optional, default = text
+ldap_company_view_attribute_type = text
+
+# The attribute of the company which is listed in the
+# ldap_company_view_attribute
+# Empty default, using ldap_company_unique_attribute
+ldap_company_view_relation_attribute =
+
+# Optional
+# The attribute which indicates which users from different companies
+# are administrator over the selected company.
+ldap_company_admin_attribute = zarafaAdminPrivilege
+
+# Optional, default = text
+# Active directory: dn
+# LDAP: text
+ldap_company_admin_attribute_type = text
+
+# The attribute of the company which is listed in the
+# ldap_company_admin_attribute
+# Empty default, using ldap_user_unique_attribute
+ldap_company_admin_relation_attribute = 
+
+# The attribute which indicates which user is the system administrator
+# for the specified company.
+ldap_company_system_admin_attribute = zarafaSystemAdmin
+
+# Optional, default = text
+# Active directory: dn
+# LDAP: text
+ldap_company_system_admin_attribute_type = text
+
+# The attribute of the company which is listed in the
+# ldap_company_system_admin attribute
+# Empty default, using ldap_user_unique_attribute
+ldap_company_system_admin_relation_attribute =
+
+# Optional
+# The attribute which indicates which users (besides the user who exceeds his quota)
+# should also receive a warning mail when a user exceeds his quota.
+ldap_quota_userwarning_recipients_attribute = zarafaQuotaUserWarningRecipients
+
+# Optional, default = text
+# Active directory: dn
+# LDAP: text
+ldap_quota_userwarning_recipients_attribute_type = text
+
+# Optional, default empty
+ldap_quota_userwarning_recipients_relation_attribute =
+
+# Optional
+# The attribute which indicates which users should receive a warning mail
+# when a company exceeds his quota.
+ldap_quota_companywarning_recipients_attribute = zarafaQuotaCompanyWarningRecipients
+
+# Optional, default = text
+# Active directory: dn
+# LDAP: text
+ldap_quota_companywarning_recipients_attribute_type = text
+
+# Optional, default empty
+ldap_quota_companywarning_recipients_relation_attribute=
+
+# Whether to override the system wide quota settings
+ldap_quotaoverride_attribute = zarafaQuotaOverride
+
+ldap_warnquota_attribute = zarafaQuotaWarn
+ldap_softquota_attribute = zarafaQuotaSoft
+ldap_hardquota_attribute = zarafaQuotaHard
+
+# Whether to override the system wide quota settings for all users within the company
+ldap_userdefault_quotaoverride_attribute = zarafaUserDefaultQuotaOverride
+
+ldap_userdefault_warnquota_attribute = zarafaUserDefaultQuotaWarn
+ldap_userdefault_softquota_attribute = zarafaUserDefaultQuotaSoft
+ldap_userdefault_hardquota_attribute = zarafaUserDefaultQuotaHard
+
+# Mapping from the quota attributes to a number of bytes.  Qmail-LDAP
+# schema uses bytes (1), ADS uses kilobytes (1024).
+ldap_quota_multiplier = 1
+
+# When an object (user/group/company) is changed, this attribute will also change:
+# Active directory: uSNChanged
+# LDAP: modifyTimestamp
+ldap_last_modification_attribute = modifyTimestamp
1	dungog	1.1	--- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-services.ldap 2008-12-20 13:45:55.000000000 +1100
2			+++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-services 2008-12-20 13:46:32.000000000 +1100
3			@@ -4,6 +4,6 @@
4			/etc/rc.d/init.d/zarafa-ical $1
5			/etc/rc.d/init.d/zarafa-licensed $1
6			/etc/rc.d/init.d/zarafa-monitor $1
7			-/etc/rc.d/init.d/zarafa-server $1
8			/etc/rc.d/init.d/zarafa-spooler $1
9			+/etc/rc.d/init.d/zarafa-server $1
10
11			--- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-install.ldap 2008-12-20 12:35:46.000000000 +1100
12			+++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-install 2008-12-20 12:40:55.000000000 +1100
13			@@ -12,17 +12,16 @@
14			/sbin/e-smith/config setprop pop3s status disabled
15			/sbin/e-smith/config setprop imap status disabled
16			/sbin/e-smith/config setprop imaps status disabled
17			-
18			-/bin/echo "signal-events"
19			-#/sbin/e-smith/signal-event email-update
20			-/sbin/e-smith/signal-event remoteaccess-update
21			-
22			-# why doesn't email-update restart these on new ports ?
23			-# need bigger event ? for now shut down
24			/usr/bin/sv d /service/pop3
25			/usr/bin/sv d /service/pop3s
26			/usr/bin/sv d /service/imap
27			/usr/bin/sv d /service/imaps
28			+/sbin/e-smith/expand-template /etc/rc.d/init.d/masq
29			+/etc/init.d/masq restart
30			+
31			+#is this needed, it stalls during install ?
32			+#/bin/echo "signal-events"
33			+#/sbin/e-smith/signal-event remoteaccess-update
34
35			/bin/echo "webaccess config"
36			/bin/chown -R www:www /var/www/html/webaccess/tmp
37			--- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-expand-templates.ldap 2008-10-04 07:17:37.000000000 +1000
38			+++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-expand-templates 2008-12-20 12:24:20.000000000 +1100
39			@@ -1,6 +1,5 @@
40			#!/bin/sh
41
42			-/bin/echo "expanding zarafa templates"
43			/sbin/e-smith/expand-template /etc/zarafa/dagent.cfg
44			/sbin/e-smith/expand-template /etc/zarafa/gateway.cfg
45			/sbin/e-smith/expand-template /etc/zarafa/ical.cfg
46			@@ -9,3 +8,4 @@
47			/sbin/e-smith/expand-template /etc/zarafa/server.cfg
48			/sbin/e-smith/expand-template /etc/zarafa/spooler.cfg
49			/sbin/e-smith/expand-template /etc/zarafa/unix.cfg
50			+/sbin/e-smith/expand-template /etc/zarafa/ldap.cfg
51			--- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-update.ldap 2008-12-20 12:42:28.000000000 +1100
52			+++ smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-update 2008-12-20 12:43:08.000000000 +1100
53			@@ -9,7 +9,6 @@
54			# webaccess config
55			/usr/bin/chown -R www:www /var/www/html/webaccess/tmp
56			/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
57			-/sbin/e-smith/expand-template /etc/php.ini
58			/usr/bin/sv restart /service/httpd-e-smith
59
60			# expand zarafa templates
61			--- smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-ical/TCPPort.ldap 2008-12-20 14:38:52.000000000 +1100
62			+++ smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-ical/TCPPort 2008-12-20 14:39:05.000000000 +1100
63			@@ -1 +1 @@
64			-8088
65			+8089
66			--- smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-server/Plugin.ldap 2008-12-20 11:34:58.000000000 +1100
67			+++ smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/zarafa-server/Plugin 2008-12-20 11:35:18.000000000 +1100
68			@@ -0,0 +1 @@
69			+unix
70			--- smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/gateway.cfg/gateway.cfg.ldap 2008-12-20 14:25:00.000000000 +1100
71			+++ smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/gateway.cfg/gateway.cfg 2008-12-20 14:25:14.000000000 +1100
72			@@ -3,7 +3,7 @@
73
74			server_bind = 0.0.0.0
75
76			-server_socket = http://localhost:{${'zarafa-server'}{TCPport}\|\|'237';}/zarafa
77			+server_socket = http://localhost:{${'zarafa-server'}{TCPport}\|\|'236';}/zarafa
78
79			# drop privileges and run the process as this user
80			run_as_user =
81			--- smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg.ldap 2008-12-20 11:41:13.000000000 +1100
82			+++ smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg 2008-12-20 14:32:06.000000000 +1100
83			@@ -0,0 +1,315 @@
84			+##############################################################
85			+# LDAP/ACTIVE DIRECTORY USER PLUGIN SETTINGS
86			+#
87			+# Any of these directives that are required, are only required if the
88			+# userplugin parameter is set to ldap.
89			+
90			+# LDAP host name/IP address
91			+# Optional, default = localhost
92			+ldap_host = localhost
93			+
94			+# LDAP port
95			+# Optional, default = 389
96			+# Use 636 for ldaps
97			+ldap_port = 389
98			+
99			+# LDAP protocol
100			+# Optional, default = ldap
101			+# use 'ldaps' for SSL encryption. Make sure /etc/ldap/ldap.conf is
102			+# configured correctly with TLS_CACERT
103			+ldap_protocol = ldap
104			+
105			+# The charset that strings are stored in on the LDAP server. Normally this
106			+# is utf-8, but this can differ according to your setup. The charset specified
107			+# here must be supported by your iconv(1) setup. See iconv -l for all charset
108			+ldap_server_charset = utf-8
109			+
110			+# The DN of the user to bind as for normal operations (not used for
111			+# authentication if ldap_authentication_method is set to "bind"
112			+# Optional, default = empty (anonymous bind)
113			+# The userPassword attribute must be readable for this user if the
114			+# ldap_authentication_method option is set to password.
115			+ldap_bind_user = cn=root,{ esmith::util::ldapBase ($DomainName); }
116			+
117			+# LDAP bind password
118			+# Optional, default = empty (no password)
119			+{
120			+ open (PW, "/etc/openldap/ldap.pw")
121			+ \|\| die "Could not read LDAP password.\n";
122			+ my $pw = <PW>;
123			+ chomp ($pw);
124			+ close PW;
125			+"ldap_bind_passwd = $pw";
126			+}
127			+
128			+# Search for users starting from this DN
129			+# Required
130			+ldap_user_search_base = ou=Users,{ esmith::util::ldapBase ($DomainName); }
131			+
132			+# Search method to find a user, can be: base, one or sub
133			+# Default: sub
134			+ldap_user_scope = sub
135			+
136			+# Search for users using this LDAP filter. See ldap_search(3) or RFC
137			+# 2254 for details on the filter syntax.
138			+# Optional, default = empty (match everything)
139			+# For active directory, use:
140			+# (&(objectClass=person)(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
141			+# For LDAP with posix users, use:
142			+# (objectClass=posixAccount)
143			+ldap_user_search_filter = (objectClass=posixAccount)
144			+
145			+# unique user id for find the user
146			+# Required
147			+# For active directory, use:
148			+# objectSid
149			+# For LDAP with posixAccount, use:
150			+# uidNumber
151			+ldap_user_unique_attribute = uidNumber
152			+
153			+# Type of unique user id
154			+# default: text
155			+# For active directory, use:
156			+# binary
157			+# For LDAP with posix user, use:
158			+# text
159			+ldap_user_unique_attribute_type = text
160			+
161			+# Search for groups starting from this DN
162			+# Required
163			+ldap_group_search_base = ou=Groups,{ esmith::util::ldapBase ($DomainName); }
164			+
165			+# Search method to find a group, can be: base, one or sub
166			+# Default: sub
167			+ldap_group_scope = sub
168			+
169			+# Search for groups using this LDAP filter. See ldap_search(3) for
170			+# details on the filter syntax.
171			+# Optional, default = empty (match everything)
172			+# For active directory, use:
173			+# (objectClass=group)
174			+# For LDAP with posix groups, use:
175			+# (objectClass=posixGroup)
176			+ldap_group_search_filter = (objectClass=posixGroup)
177			+
178			+# unique group id for find the group
179			+# Required
180			+# For active directory, use:
181			+# objectSid
182			+# For LDAP with posix group, use:
183			+# gidNumber
184			+ldap_group_unique_attribute = gidNumber
185			+
186			+# Type of unique group id
187			+# default: text
188			+# For active directory, use:
189			+# binary
190			+# For LDAP with posix group, use:
191			+# text
192			+ldap_group_unique_attribute_type = text
193			+
194			+# Optional, default = cn
195			+# For active directory, use:
196			+# displayName
197			+# For LDAP with posix user, use:
198			+# cn
199			+ldap_fullname_attribute = cn
200			+
201			+# Optional, default = uid
202			+# Active directory: sAMAccountName
203			+# LDAP: uid
204			+ldap_loginname_attribute = uid
205			+
206			+# Optional, default = userPassword
207			+# Active directory: unicodePwd
208			+# LDAP: userPassword
209			+ldap_password_attribute = userPassword
210			+
211			+# Optional, default = mail
212			+# Active directory: mail
213			+# LDAP: mail
214			+ldap_emailaddress_attribute = mail
215			+
216			+# Optional, default = userCertificate
217			+# Active directory: userCertificate
218			+# LDAP: userCertificate
219			+ldap_user_certificate_attribute = userCertificate
220			+
221			+# Whether the user is an admin. The field is interpreted as a
222			+# boolean, 0 and false (case insensitive) meaning no, all other values
223			+# yes.
224			+# Optional, default = zarafaAdmin
225			+# Active directory: zarafaAdmin
226			+# LDAP: zarafaAdmin
227			+ldap_isadmin_attribute = zarafaAdmin
228			+
229			+# Whether a user is a non-active user. This means that the user will
230			+# not count towards your user count, but the user will also not be
231			+# able to log in
232			+# Optional, default = empty
233			+# Active directory: zarafaSharedStoreOnly
234			+# LDAP: zarafaSharedStoreOnly
235			+ldap_nonactive_attribute =
236			+
237			+# If set to bind, users are authenticated by trying to bind to the
238			+# LDAP tree using their username + password. Otherwise, the
239			+# ldap_password_attribute is requested and checked.
240			+# Optional, default = bind
241			+# Choices: bind, password
242			+# Active directory: bind
243			+# LDAP: password
244			+ldap_authentication_method = password
245			+
246			+# Optional, default = cn
247			+# Active directory: cn
248			+# LDAP: cn
249			+ldap_groupname_attribute = cn
250			+
251			+# Optional, default = member
252			+# Active directory: member
253			+# LDAP: member
254			+ldap_groupmembers_attribute = member
255			+
256			+# Optional, default = text
257			+# Active directory: dn
258			+# LDAP: text
259			+ldap_groupmembers_attribute_type = text
260			+
261			+# The attribute of the user which is listed in ldap_groupmember_attribute
262			+# Empty default, using ldap_user_unique_attribute
263			+ldap_groupmembers_relation_attribute =
264			+
265			+# Optional
266			+# The attribute which indicates which companies are allowed
267			+# to view the members of the selected company
268			+ldap_user_sendas_attribute = zarafaSendAsPrivilege
269			+
270			+# Optional, default = text
271			+ldap_user_sendas_attribute_type = text
272			+
273			+# The attribute of the user which is listed in the
274			+# ldap_company_view_attribute
275			+# Empty default, using ldap_user_unique_attribute
276			+ldap_user_sendas_relation_attribute =
277			+
278			+# unique company id for find the company
279			+# Default: ou
280			+ldap_company_unique_attribute = ou
281			+
282			+# Optional, default = text
283			+# Active directory: dn
284			+# LDAP: text
285			+ldap_company_unique_attribute_type = text
286			+
287			+# Search for companies starting from this DN
288			+# Required
289			+ldap_company_search_base = { esmith::util::ldapBase ($DomainName); }
290			+
291			+# Search method to find a company, can be: base, one or sub
292			+# Default: sub
293			+ldap_company_scope = sub
294			+
295			+# Search for companies using this LDAP filter. See ldap_search(3) or RFC
296			+# 2254 for details on the filter syntax.
297			+# Optional, default = empty (match everything)
298			+# For active directory, use:
299			+# (&(objectClass=organizationalUnit)(objectCategory=CN=Organization,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
300			+# For LDAP with posix users, use:
301			+# (objectClass=organizationalUnit)
302			+ldap_company_search_filter = (objectClass=organizationalUnit)
303			+
304			+# Optional, default = cn
305			+# Active directory: cn
306			+# LDAP: cn
307			+ldap_companyname_attribute = cn
308			+
309			+# Optional
310			+# The attribute which indicates which companies are allowed
311			+# to view the members of the selected company
312			+ldap_company_view_attribute = zarafaViewPrivilege
313			+
314			+# Optional, default = text
315			+ldap_company_view_attribute_type = text
316			+
317			+# The attribute of the company which is listed in the
318			+# ldap_company_view_attribute
319			+# Empty default, using ldap_company_unique_attribute
320			+ldap_company_view_relation_attribute =
321			+
322			+# Optional
323			+# The attribute which indicates which users from different companies
324			+# are administrator over the selected company.
325			+ldap_company_admin_attribute = zarafaAdminPrivilege
326			+
327			+# Optional, default = text
328			+# Active directory: dn
329			+# LDAP: text
330			+ldap_company_admin_attribute_type = text
331			+
332			+# The attribute of the company which is listed in the
333			+# ldap_company_admin_attribute
334			+# Empty default, using ldap_user_unique_attribute
335			+ldap_company_admin_relation_attribute =
336			+
337			+# The attribute which indicates which user is the system administrator
338			+# for the specified company.
339			+ldap_company_system_admin_attribute = zarafaSystemAdmin
340			+
341			+# Optional, default = text
342			+# Active directory: dn
343			+# LDAP: text
344			+ldap_company_system_admin_attribute_type = text
345			+
346			+# The attribute of the company which is listed in the
347			+# ldap_company_system_admin attribute
348			+# Empty default, using ldap_user_unique_attribute
349			+ldap_company_system_admin_relation_attribute =
350			+
351			+# Optional
352			+# The attribute which indicates which users (besides the user who exceeds his quota)
353			+# should also receive a warning mail when a user exceeds his quota.
354			+ldap_quota_userwarning_recipients_attribute = zarafaQuotaUserWarningRecipients
355			+
356			+# Optional, default = text
357			+# Active directory: dn
358			+# LDAP: text
359			+ldap_quota_userwarning_recipients_attribute_type = text
360			+
361			+# Optional, default empty
362			+ldap_quota_userwarning_recipients_relation_attribute =
363			+
364			+# Optional
365			+# The attribute which indicates which users should receive a warning mail
366			+# when a company exceeds his quota.
367			+ldap_quota_companywarning_recipients_attribute = zarafaQuotaCompanyWarningRecipients
368			+
369			+# Optional, default = text
370			+# Active directory: dn
371			+# LDAP: text
372			+ldap_quota_companywarning_recipients_attribute_type = text
373			+
374			+# Optional, default empty
375			+ldap_quota_companywarning_recipients_relation_attribute=
376			+
377			+# Whether to override the system wide quota settings
378			+ldap_quotaoverride_attribute = zarafaQuotaOverride
379			+
380			+ldap_warnquota_attribute = zarafaQuotaWarn
381			+ldap_softquota_attribute = zarafaQuotaSoft
382			+ldap_hardquota_attribute = zarafaQuotaHard
383			+
384			+# Whether to override the system wide quota settings for all users within the company
385			+ldap_userdefault_quotaoverride_attribute = zarafaUserDefaultQuotaOverride
386			+
387			+ldap_userdefault_warnquota_attribute = zarafaUserDefaultQuotaWarn
388			+ldap_userdefault_softquota_attribute = zarafaUserDefaultQuotaSoft
389			+ldap_userdefault_hardquota_attribute = zarafaUserDefaultQuotaHard
390			+
391			+# Mapping from the quota attributes to a number of bytes. Qmail-LDAP
392			+# schema uses bytes (1), ADS uses kilobytes (1024).
393			+ldap_quota_multiplier = 1
394			+
395			+# When an object (user/group/company) is changed, this attribute will also change:
396			+# Active directory: uSNChanged
397			+# LDAP: modifyTimestamp
398			+ldap_last_modification_attribute = modifyTimestamp