diff -urN smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/mysqld/InnoDB smeserver-zarafa-0.9.0.new/root/etc/e-smith/db/configuration/defaults/mysqld/InnoDB
--- smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/mysqld/InnoDB	1970-01-01 10:00:00.000000000 +1000
+++ smeserver-zarafa-0.9.0.new/root/etc/e-smith/db/configuration/defaults/mysqld/InnoDB	2010-02-14 01:02:14.000000000 +1100
@@ -0,0 +1 @@
+enabled
diff -urN smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-install smeserver-zarafa-0.9.0.new/root/etc/e-smith/events/actions/zarafa-install
--- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-install	2010-02-14 02:02:07.000000000 +1100
+++ smeserver-zarafa-0.9.0.new/root/etc/e-smith/events/actions/zarafa-install	2010-02-14 02:01:22.000000000 +1100
@@ -3,6 +3,9 @@
 /bin/echo "initialize-default-databases"
 /etc/e-smith/events/actions/initialize-default-databases
 
+/sbin/e-smith/expand-template /etc/my.cnf
+/usr/bin/sv t /service/mysqld
+
 /bin/echo "signal-event remoteaccess-update"
 /sbin/e-smith/signal-event remoteaccess-update
 
diff -urN smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/openldap/slapd.conf/11schema smeserver-zarafa-0.9.0.new/root/etc/e-smith/templates/etc/openldap/slapd.conf/11schema
--- smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/openldap/slapd.conf/11schema	1970-01-01 10:00:00.000000000 +1000
+++ smeserver-zarafa-0.9.0.new/root/etc/e-smith/templates/etc/openldap/slapd.conf/11schema	2010-02-13 23:33:11.000000000 +1100
@@ -0,0 +1,2 @@
+include         /usr/share/doc/zarafa/zarafa.schema
+
diff -urN smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg smeserver-zarafa-0.9.0.new/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg
--- smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg	2010-02-14 02:02:07.000000000 +1100
+++ smeserver-zarafa-0.9.0.new/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg	2010-02-12 22:19:52.000000000 +1100
@@ -42,30 +42,53 @@
 "ldap_bind_passwd = $pw";
 }
 
-# Search for users starting from this DN
-# Required
-ldap_user_search_base = ou=Users,{ esmith::util::ldapBase ($DomainName); }
+# The timeout for network operations in seconds
+ldap_network_timeout = 30
+
+# When an object (user/group/company) is changed, this attribute will also change:
+# Active directory: uSNChanged
+# LDAP: modifyTimestamp
+ldap_last_modification_attribute = modifyTimestamp
+
+##########
+# Object settings
+
+# Top level search base, every object should be available under this tree
+ldap_search_base = { esmith::util::ldapBase ($DomainName); }
 
-# Search method to find a user, can be: base, one or sub
-# Default: sub
-ldap_user_scope = sub
+# attribute name which is/(should: was) used in ldap_user_search_filter
+ldap_object_type_attribute = objectClass
+ldap_user_type_attribute_value = inetOrgPerson
+ldap_group_type_attribute_value = posixGroup
+ldap_contact_type_attribute_value = zarafa-contact
+ldap_company_type_attribute_value = organizationalUnit
+ldap_addresslist_type_attribute_value = zarafa-addresslist
+ldap_dynamicgroup_type_attribute_value = zarafa-dynamicgroup
+
+
+##########
+# There should be no need to edit any values below this line
+##########
 
-# Search for users using this LDAP filter.  See ldap_search(3) or RFC
+##########
+# User settings
+
+# Extra search for users using this LDAP filter.  See ldap_search(3) or RFC
 # 2254 for details on the filter syntax.
 # Optional, default = empty (match everything)
 # For active directory, use:
-#   (&(objectClass=person)(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
-# For LDAP with posix users, use:
-#   (objectClass=posixAccount)
-ldap_user_search_filter = (objectClass=posixAccount)
+#   (objectCategory=Person)
+# For LDAP with posix users:
+#   no need to use the search filter.
+ldap_user_search_filter = 
 
 # unique user id for find the user
 # Required
 # For active directory, use:
-#    objectSid
+#    objectGuid ** WARNING: This WAS: objectSid ** Updates *WILL* fail! **
 # For LDAP with posixAccount, use:
 #    uidNumber
-ldap_user_unique_attribute = uidNumber
+ldap_user_unique_attribute = uid
 
 # Type of unique user id
 # default: text
@@ -75,42 +98,9 @@
 #		text
 ldap_user_unique_attribute_type = text
 
-# Search for groups starting from this DN
-# Required
-ldap_group_search_base = ou=Groups,{ esmith::util::ldapBase ($DomainName); }
-
-# Search method to find a group, can be: base, one or sub
-# Default: sub
-ldap_group_scope = sub
-
-# Search for groups using this LDAP filter.  See ldap_search(3) for
-# details on the filter syntax.
-# Optional, default = empty (match everything)
-# For active directory, use:
-#   (objectClass=group)
-# For LDAP with posix groups, use:
-#   (objectClass=posixGroup)
-ldap_group_search_filter = (objectClass=posixGroup)
-
-# unique group id for find the group
-# Required
-# For active directory, use:
-#    objectSid
-# For LDAP with posix group, use:
-#    gidNumber
-ldap_group_unique_attribute = gidNumber
-
-# Type of unique group id
-# default: text
-# For active directory, use:
-#		binary
-# For LDAP with posix group, use:
-#		text
-ldap_group_unique_attribute_type = text
-
 # Optional, default = cn
 # For active directory, use:
-#   displayName
+#   cn or displayName
 # For LDAP with posix user, use:
 #   cn
 ldap_fullname_attribute = cn
@@ -125,15 +115,24 @@
 # LDAP: userPassword
 ldap_password_attribute = userPassword
 
+# If set to bind, users are authenticated by trying to bind to the
+# LDAP tree using their username + password.  Otherwise, the
+# ldap_password_attribute is requested and checked.
+# Optional, default = bind
+# Choices: bind, password
+# Active directory: bind
+# LDAP: password
+ldap_authentication_method = password
+
 # Optional, default = mail
 # Active directory: mail
 # LDAP: mail
 ldap_emailaddress_attribute = mail
 
-# Optional, default = userCertificate
-# Active directory: userCertificate
-# LDAP: userCertificate
-ldap_user_certificate_attribute = userCertificate
+# Optional, default = zarafaAliases
+# Active directory: zarafaAliases
+# LDAP: zarafaAliases
+ldap_emailaliases_attribute = zarafaAliases
 
 # Whether the user is an admin.  The field is interpreted as a
 # boolean, 0 and false (case insensitive) meaning no, all other values
@@ -149,16 +148,72 @@
 # Optional, default = empty
 # Active directory: zarafaSharedStoreOnly
 # LDAP: zarafaSharedStoreOnly
-ldap_nonactive_attribute =
+ldap_nonactive_attribute = 
 
-# If set to bind, users are authenticated by trying to bind to the
-# LDAP tree using their username + password.  Otherwise, the
-# ldap_password_attribute is requested and checked.
-# Optional, default = bind
-# Choices: bind, password
-# Active directory: bind
-# LDAP: password
-ldap_authentication_method = bind
+# A nonactive store, or resource, can be specified to be a user, room or equipment.
+# Set it to 'room' or 'equipment' to make such types. If set to empty,
+# or wrong word, or 'user' it will be a nonactive user.
+# Optional, default = zarafaResourceType
+# Active directory: zarafaResourceType
+# LDAP: zarafaResourceType
+ldap_resource_type_attribute = zarafaResourceType
+
+# Numeric resource capacity
+# Optional, default = zarafaResourceCapacity
+# Active directory: zarafaResourceCapacity
+# LDAP: zarafaResourceCapacity
+ldap_resource_capacity_attribute = zarafaResourceCapacity
+
+# Optional
+# The attribute which indicates which users are allowed
+# to send on bahalf of the selected user
+ldap_user_sendas_attribute = zarafaSendAsPrivilege
+
+# Optional, default = text
+# Active directory: dn
+# LDAP: text
+ldap_user_sendas_attribute_type = text
+
+# The attribute of the user which is listed in the
+# ldap_user_sendas_attribute
+# Empty default, using ldap_user_unique_attribute
+ldap_user_sendas_relation_attribute = 
+
+# Optional, default = userCertificate
+# Active directory: userCertificate
+# LDAP: userCertificate
+ldap_user_certificate_attribute = userCertificate
+
+# Load extra user properties from the propmap file
+!propmap /etc/zarafa/ldap.propmap.cfg
+
+##########
+# Group settings
+
+# Search for groups using this LDAP filter.  See ldap_search(3) for
+# details on the filter syntax.
+# Optional, default = empty (match everything)
+# For active directory, use:
+#   (objectCategory=Group)
+# For LDAP with posix groups, use:
+#   no need to set the search filter
+ldap_group_search_filter = 
+
+# unique group id for find the group
+# Required
+# For active directory, use:
+#    objectSid
+# For LDAP with posix group, use:
+#    gidNumber
+ldap_group_unique_attribute = gidNumber
+
+# Type of unique group id
+# default: text
+# For active directory, use:
+#		binary
+# For LDAP with posix group, use:
+#		text
+ldap_group_unique_attribute_type = text
 
 # Optional, default = cn
 # Active directory: cn
@@ -167,8 +222,8 @@
 
 # Optional, default = member
 # Active directory: member
-# LDAP: member
-ldap_groupmembers_attribute = member
+# LDAP: memberUid
+ldap_groupmembers_attribute = memberUid
 
 # Optional, default = text
 # Active directory: dn
@@ -176,52 +231,50 @@
 ldap_groupmembers_attribute_type = text
 
 # The attribute of the user which is listed in ldap_groupmember_attribute
-# Empty default, using ldap_user_unique_attribute
-ldap_groupmembers_relation_attribute =
-
-# Optional
-# The attribute which indicates which companies are allowed
-# to view the members of the selected company
-ldap_user_sendas_attribute = zarafaSendAsPrivilege
+# Active directory: empty, matching dn's
+# LDAP: uidNumber, matching users in ldap_user_unique_attribute
+ldap_groupmembers_relation_attribute = uidNumber
+
+# A group can also be used for security, eg. setting permissions on folders.
+# This makes a group a security group. The zarafaSecurityGroup value is boolean.
+# Optional, default = zarafaSecurityGroup
+# Active directory = groupType
+# LDAP: zarafaSecurityGroup
+ldap_group_security_attribute = zarafaSecurityGroup
+
+# In ADS servers, a special bitmask action is required on the groupType field.
+# This is actived by setting the ldap_group_security_attribute_type to `''ads`''
+# Otherwise, just the presence of the field will make the group security enabled.
+# Optional, default = boolean
+# Active directory = ads
+# LDAP: boolean
+ldap_group_security_attribute_type = boolean
 
-# Optional, default = text
-ldap_user_sendas_attribute_type = text
+##########
+# Company settings
 
-# The attribute of the user which is listed in the
-# ldap_company_view_attribute
-# Empty default, using ldap_user_unique_attribute
-ldap_user_sendas_relation_attribute =
+# Search for companies using this LDAP filter.
+# Optional, default = empty (match everything)
+# For active directory, use:
+#   (objectCategory=Company)
+# For LDAP with posix users, use:
+#   no need to set the filter
+ldap_company_search_filter = 
 
 # unique company id for find the company
-# Default: ou
+# Active directory: objectSid
+# LDAP: ou
 ldap_company_unique_attribute = ou
 
 # Optional, default = text
-# Active directory: dn
+# Active directory: binary
 # LDAP: text
 ldap_company_unique_attribute_type = text
 
-# Search for companies starting from this DN
-# Required
-ldap_company_search_base = { esmith::util::ldapBase ($DomainName); }
-
-# Search method to find a company, can be: base, one or sub
-# Default: sub
-ldap_company_scope = sub
-
-# Search for companies using this LDAP filter.  See ldap_search(3) or RFC
-# 2254 for details on the filter syntax.
-# Optional, default = empty (match everything)
-# For active directory, use:
-#   (&(objectClass=organizationalUnit)(objectCategory=CN=Organization,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
-# For LDAP with posix users, use:
-#   (objectClass=organizationalUnit)
-ldap_company_search_filter = (objectClass=organizationalUnit)
-
-# Optional, default = cn
-# Active directory: cn
-# LDAP: cn
-ldap_companyname_attribute = cn
+# Optional, default = ou
+# Active directory: ou
+# LDAP: ou
+ldap_companyname_attribute = ou
 
 # Optional
 # The attribute which indicates which companies are allowed
@@ -265,6 +318,68 @@
 # Empty default, using ldap_user_unique_attribute
 ldap_company_system_admin_relation_attribute =
 
+
+##########
+# Addresslist settings
+
+# Add a filter to the addresslist search
+ldap_addresslist_search_filter = 
+
+# This is the unique attribute of a addresslist which is never going
+# to change, unless the addresslist is removed from LDAP. When this
+# value changes, Zarafa will remove the previous addresslist from the
+# database, and create a new addresslist with this unique value
+ldap_addresslist_unique_attribute = cn
+
+# This value can be 'text' or 'binary'. For OpenLDAP, only text is used.
+ldap_addresslist_unique_attribute_type = text
+
+# This is the name of the attribute on the addresslist object that
+# specifies the filter to be applied for this addresslist. All users
+# matching this filter AND matching the default
+# ldap_user_search_filter will be included in the addresslist
+ldap_addresslist_filter_attribute = zarafaFilter
+
+# This is the name of the attribute on the addresslist object that
+# specifies the search base to be applied for this addresslist.
+ldap_addresslist_search_base_attribute = zarafaBase
+
+# The attribute containing the name of the addresslist
+ldap_addresslist_name_attribute = cn
+
+
+##########
+# Dynamicgroup settings
+
+# Add a filter to the dynamicgroup search
+ldap_dynamicgroup_search_filter = 
+
+# This is the unique attribute of a dynamicgroup which is never going
+# to change, unless the dynamicgroup is removed from LDAP. When this
+# value changes, Zarafa will remove the previous dynamicgroup from the
+# database, and create a new dynamicgroup with this unique value
+ldap_dynamicgroup_unique_attribute = cn
+
+# This value can be 'text' or 'binary'. For OpenLDAP, only text is used.
+ldap_dynamicgroup_unique_attribute_type = text
+
+# This is the name of the attribute on the dynamicgroup object that
+# specifies the filter to be applied for this dynamicgroup. All users
+# matching this filter AND matching the default
+# ldap_user_search_filter will be included in the dynamicgroup
+ldap_dynamicgroup_filter_attribute = zarafaFilter
+
+# This is the name of the attribute on the dynamicgroup object that
+# specifies the search base to be applied for this dynamicgroup.
+ldap_dynamicgroup_search_base_attribute = zarafaBase
+
+# The attribute containing the name of the dynamicgroup
+ldap_dynamicgroup_name_attribute = cn
+
+
+##########
+# Quota settings
+
 # Optional
 # The attribute which indicates which users (besides the user who exceeds his quota)
 # should also receive a warning mail when a user exceeds his quota.
@@ -289,7 +404,7 @@
 ldap_quota_companywarning_recipients_attribute_type = text
 
 # Optional, default empty
-ldap_quota_companywarning_recipients_relation_attribute=
+ldap_quota_companywarning_recipients_relation_attribute =
 
 # Whether to override the system wide quota settings
 ldap_quotaoverride_attribute = zarafaQuotaOverride
@@ -306,10 +421,19 @@
 ldap_userdefault_hardquota_attribute = zarafaUserDefaultQuotaHard
 
 # Mapping from the quota attributes to a number of bytes.  Qmail-LDAP
-# schema uses bytes (1), ADS uses kilobytes (1024).
+# schema uses bytes (1), ADS uses kilobytes (1024*1024).
 ldap_quota_multiplier = 1
 
-# When an object (user/group/company) is changed, this attribute will also change:
-# Active directory: uSNChanged
-# LDAP: modifyTimestamp
-ldap_last_modification_attribute = modifyTimestamp
+##########
+# Misc. settings
+
+# Attribute which indicates if the user should be hidden from addressbook
+ldap_addressbook_hide_attribute = zarafaHidden 
+
+# LDAP object search filter. %s in this filter will be replaced with
+# the object being searched.
+# Default: empty
+# ADS recommended: (anr=%s)
+# OpenLDAP optional: (|(mail=%s*)(uid=%s*)(cn=*%s*)(fullname=*%s*)(givenname=*%s*)(lastname=*%s*)(sn=*%s*))
+ldap_object_search_filter = 
+