/[smecontribs]/rpms/smeserver-zarafa/contribs7/smeserver-zarafa-0.9.0-ldap3.patch
ViewVC logotype

Contents of /rpms/smeserver-zarafa/contribs7/smeserver-zarafa-0.9.0-ldap3.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Sat Feb 13 15:06:40 2010 UTC (14 years, 8 months ago) by dungog
Branch: MAIN
CVS Tags: smeserver-zarafa-0_9_0-51_el4_sme, smeserver-zarafa-0_9_0-54_el4_sme, smeserver-zarafa-0_9_0-53_el4_sme, smeserver-zarafa-0_9_0-56_el4_sme, smeserver-zarafa-0_9_0-50_el4_sme, smeserver-zarafa-0_9_0-48_el4_sme, smeserver-zarafa-0_9_0-49_el4_sme, smeserver-zarafa-0_9_0-52_el4_sme, HEAD
* Sat Feb 13 2010 Stephen Noble <support@dungog.net> - 0.9-48
- update ldap.cfg for 6.40 [SME 5779]
- default mysql InnoDB enabled

1 diff -urN smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/mysqld/InnoDB smeserver-zarafa-0.9.0.new/root/etc/e-smith/db/configuration/defaults/mysqld/InnoDB
2 --- smeserver-zarafa-0.9.0/root/etc/e-smith/db/configuration/defaults/mysqld/InnoDB 1970-01-01 10:00:00.000000000 +1000
3 +++ smeserver-zarafa-0.9.0.new/root/etc/e-smith/db/configuration/defaults/mysqld/InnoDB 2010-02-14 01:02:14.000000000 +1100
4 @@ -0,0 +1 @@
5 +enabled
6 diff -urN smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-install smeserver-zarafa-0.9.0.new/root/etc/e-smith/events/actions/zarafa-install
7 --- smeserver-zarafa-0.9.0/root/etc/e-smith/events/actions/zarafa-install 2010-02-14 02:02:07.000000000 +1100
8 +++ smeserver-zarafa-0.9.0.new/root/etc/e-smith/events/actions/zarafa-install 2010-02-14 02:01:22.000000000 +1100
9 @@ -3,6 +3,9 @@
10 /bin/echo "initialize-default-databases"
11 /etc/e-smith/events/actions/initialize-default-databases
12
13 +/sbin/e-smith/expand-template /etc/my.cnf
14 +/usr/bin/sv t /service/mysqld
15 +
16 /bin/echo "signal-event remoteaccess-update"
17 /sbin/e-smith/signal-event remoteaccess-update
18
19 diff -urN smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/openldap/slapd.conf/11schema smeserver-zarafa-0.9.0.new/root/etc/e-smith/templates/etc/openldap/slapd.conf/11schema
20 --- smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/openldap/slapd.conf/11schema 1970-01-01 10:00:00.000000000 +1000
21 +++ smeserver-zarafa-0.9.0.new/root/etc/e-smith/templates/etc/openldap/slapd.conf/11schema 2010-02-13 23:33:11.000000000 +1100
22 @@ -0,0 +1,2 @@
23 +include /usr/share/doc/zarafa/zarafa.schema
24 +
25 diff -urN smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg smeserver-zarafa-0.9.0.new/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg
26 --- smeserver-zarafa-0.9.0/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg 2010-02-14 02:02:07.000000000 +1100
27 +++ smeserver-zarafa-0.9.0.new/root/etc/e-smith/templates/etc/zarafa/ldap.cfg/ldap.cfg 2010-02-12 22:19:52.000000000 +1100
28 @@ -42,30 +42,53 @@
29 "ldap_bind_passwd = $pw";
30 }
31
32 -# Search for users starting from this DN
33 -# Required
34 -ldap_user_search_base = ou=Users,{ esmith::util::ldapBase ($DomainName); }
35 +# The timeout for network operations in seconds
36 +ldap_network_timeout = 30
37 +
38 +# When an object (user/group/company) is changed, this attribute will also change:
39 +# Active directory: uSNChanged
40 +# LDAP: modifyTimestamp
41 +ldap_last_modification_attribute = modifyTimestamp
42 +
43 +##########
44 +# Object settings
45 +
46 +# Top level search base, every object should be available under this tree
47 +ldap_search_base = { esmith::util::ldapBase ($DomainName); }
48
49 -# Search method to find a user, can be: base, one or sub
50 -# Default: sub
51 -ldap_user_scope = sub
52 +# attribute name which is/(should: was) used in ldap_user_search_filter
53 +ldap_object_type_attribute = objectClass
54 +ldap_user_type_attribute_value = inetOrgPerson
55 +ldap_group_type_attribute_value = posixGroup
56 +ldap_contact_type_attribute_value = zarafa-contact
57 +ldap_company_type_attribute_value = organizationalUnit
58 +ldap_addresslist_type_attribute_value = zarafa-addresslist
59 +ldap_dynamicgroup_type_attribute_value = zarafa-dynamicgroup
60 +
61 +
62 +##########
63 +# There should be no need to edit any values below this line
64 +##########
65
66 -# Search for users using this LDAP filter. See ldap_search(3) or RFC
67 +##########
68 +# User settings
69 +
70 +# Extra search for users using this LDAP filter. See ldap_search(3) or RFC
71 # 2254 for details on the filter syntax.
72 # Optional, default = empty (match everything)
73 # For active directory, use:
74 -# (&(objectClass=person)(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
75 -# For LDAP with posix users, use:
76 -# (objectClass=posixAccount)
77 -ldap_user_search_filter = (objectClass=posixAccount)
78 +# (objectCategory=Person)
79 +# For LDAP with posix users:
80 +# no need to use the search filter.
81 +ldap_user_search_filter =
82
83 # unique user id for find the user
84 # Required
85 # For active directory, use:
86 -# objectSid
87 +# objectGuid ** WARNING: This WAS: objectSid ** Updates *WILL* fail! **
88 # For LDAP with posixAccount, use:
89 # uidNumber
90 -ldap_user_unique_attribute = uidNumber
91 +ldap_user_unique_attribute = uid
92
93 # Type of unique user id
94 # default: text
95 @@ -75,42 +98,9 @@
96 # text
97 ldap_user_unique_attribute_type = text
98
99 -# Search for groups starting from this DN
100 -# Required
101 -ldap_group_search_base = ou=Groups,{ esmith::util::ldapBase ($DomainName); }
102 -
103 -# Search method to find a group, can be: base, one or sub
104 -# Default: sub
105 -ldap_group_scope = sub
106 -
107 -# Search for groups using this LDAP filter. See ldap_search(3) for
108 -# details on the filter syntax.
109 -# Optional, default = empty (match everything)
110 -# For active directory, use:
111 -# (objectClass=group)
112 -# For LDAP with posix groups, use:
113 -# (objectClass=posixGroup)
114 -ldap_group_search_filter = (objectClass=posixGroup)
115 -
116 -# unique group id for find the group
117 -# Required
118 -# For active directory, use:
119 -# objectSid
120 -# For LDAP with posix group, use:
121 -# gidNumber
122 -ldap_group_unique_attribute = gidNumber
123 -
124 -# Type of unique group id
125 -# default: text
126 -# For active directory, use:
127 -# binary
128 -# For LDAP with posix group, use:
129 -# text
130 -ldap_group_unique_attribute_type = text
131 -
132 # Optional, default = cn
133 # For active directory, use:
134 -# displayName
135 +# cn or displayName
136 # For LDAP with posix user, use:
137 # cn
138 ldap_fullname_attribute = cn
139 @@ -125,15 +115,24 @@
140 # LDAP: userPassword
141 ldap_password_attribute = userPassword
142
143 +# If set to bind, users are authenticated by trying to bind to the
144 +# LDAP tree using their username + password. Otherwise, the
145 +# ldap_password_attribute is requested and checked.
146 +# Optional, default = bind
147 +# Choices: bind, password
148 +# Active directory: bind
149 +# LDAP: password
150 +ldap_authentication_method = password
151 +
152 # Optional, default = mail
153 # Active directory: mail
154 # LDAP: mail
155 ldap_emailaddress_attribute = mail
156
157 -# Optional, default = userCertificate
158 -# Active directory: userCertificate
159 -# LDAP: userCertificate
160 -ldap_user_certificate_attribute = userCertificate
161 +# Optional, default = zarafaAliases
162 +# Active directory: zarafaAliases
163 +# LDAP: zarafaAliases
164 +ldap_emailaliases_attribute = zarafaAliases
165
166 # Whether the user is an admin. The field is interpreted as a
167 # boolean, 0 and false (case insensitive) meaning no, all other values
168 @@ -149,16 +148,72 @@
169 # Optional, default = empty
170 # Active directory: zarafaSharedStoreOnly
171 # LDAP: zarafaSharedStoreOnly
172 -ldap_nonactive_attribute =
173 +ldap_nonactive_attribute =
174
175 -# If set to bind, users are authenticated by trying to bind to the
176 -# LDAP tree using their username + password. Otherwise, the
177 -# ldap_password_attribute is requested and checked.
178 -# Optional, default = bind
179 -# Choices: bind, password
180 -# Active directory: bind
181 -# LDAP: password
182 -ldap_authentication_method = bind
183 +# A nonactive store, or resource, can be specified to be a user, room or equipment.
184 +# Set it to 'room' or 'equipment' to make such types. If set to empty,
185 +# or wrong word, or 'user' it will be a nonactive user.
186 +# Optional, default = zarafaResourceType
187 +# Active directory: zarafaResourceType
188 +# LDAP: zarafaResourceType
189 +ldap_resource_type_attribute = zarafaResourceType
190 +
191 +# Numeric resource capacity
192 +# Optional, default = zarafaResourceCapacity
193 +# Active directory: zarafaResourceCapacity
194 +# LDAP: zarafaResourceCapacity
195 +ldap_resource_capacity_attribute = zarafaResourceCapacity
196 +
197 +# Optional
198 +# The attribute which indicates which users are allowed
199 +# to send on bahalf of the selected user
200 +ldap_user_sendas_attribute = zarafaSendAsPrivilege
201 +
202 +# Optional, default = text
203 +# Active directory: dn
204 +# LDAP: text
205 +ldap_user_sendas_attribute_type = text
206 +
207 +# The attribute of the user which is listed in the
208 +# ldap_user_sendas_attribute
209 +# Empty default, using ldap_user_unique_attribute
210 +ldap_user_sendas_relation_attribute =
211 +
212 +# Optional, default = userCertificate
213 +# Active directory: userCertificate
214 +# LDAP: userCertificate
215 +ldap_user_certificate_attribute = userCertificate
216 +
217 +# Load extra user properties from the propmap file
218 +!propmap /etc/zarafa/ldap.propmap.cfg
219 +
220 +##########
221 +# Group settings
222 +
223 +# Search for groups using this LDAP filter. See ldap_search(3) for
224 +# details on the filter syntax.
225 +# Optional, default = empty (match everything)
226 +# For active directory, use:
227 +# (objectCategory=Group)
228 +# For LDAP with posix groups, use:
229 +# no need to set the search filter
230 +ldap_group_search_filter =
231 +
232 +# unique group id for find the group
233 +# Required
234 +# For active directory, use:
235 +# objectSid
236 +# For LDAP with posix group, use:
237 +# gidNumber
238 +ldap_group_unique_attribute = gidNumber
239 +
240 +# Type of unique group id
241 +# default: text
242 +# For active directory, use:
243 +# binary
244 +# For LDAP with posix group, use:
245 +# text
246 +ldap_group_unique_attribute_type = text
247
248 # Optional, default = cn
249 # Active directory: cn
250 @@ -167,8 +222,8 @@
251
252 # Optional, default = member
253 # Active directory: member
254 -# LDAP: member
255 -ldap_groupmembers_attribute = member
256 +# LDAP: memberUid
257 +ldap_groupmembers_attribute = memberUid
258
259 # Optional, default = text
260 # Active directory: dn
261 @@ -176,52 +231,50 @@
262 ldap_groupmembers_attribute_type = text
263
264 # The attribute of the user which is listed in ldap_groupmember_attribute
265 -# Empty default, using ldap_user_unique_attribute
266 -ldap_groupmembers_relation_attribute =
267 -
268 -# Optional
269 -# The attribute which indicates which companies are allowed
270 -# to view the members of the selected company
271 -ldap_user_sendas_attribute = zarafaSendAsPrivilege
272 +# Active directory: empty, matching dn's
273 +# LDAP: uidNumber, matching users in ldap_user_unique_attribute
274 +ldap_groupmembers_relation_attribute = uidNumber
275 +
276 +# A group can also be used for security, eg. setting permissions on folders.
277 +# This makes a group a security group. The zarafaSecurityGroup value is boolean.
278 +# Optional, default = zarafaSecurityGroup
279 +# Active directory = groupType
280 +# LDAP: zarafaSecurityGroup
281 +ldap_group_security_attribute = zarafaSecurityGroup
282 +
283 +# In ADS servers, a special bitmask action is required on the groupType field.
284 +# This is actived by setting the ldap_group_security_attribute_type to `''ads`''
285 +# Otherwise, just the presence of the field will make the group security enabled.
286 +# Optional, default = boolean
287 +# Active directory = ads
288 +# LDAP: boolean
289 +ldap_group_security_attribute_type = boolean
290
291 -# Optional, default = text
292 -ldap_user_sendas_attribute_type = text
293 +##########
294 +# Company settings
295
296 -# The attribute of the user which is listed in the
297 -# ldap_company_view_attribute
298 -# Empty default, using ldap_user_unique_attribute
299 -ldap_user_sendas_relation_attribute =
300 +# Search for companies using this LDAP filter.
301 +# Optional, default = empty (match everything)
302 +# For active directory, use:
303 +# (objectCategory=Company)
304 +# For LDAP with posix users, use:
305 +# no need to set the filter
306 +ldap_company_search_filter =
307
308 # unique company id for find the company
309 -# Default: ou
310 +# Active directory: objectSid
311 +# LDAP: ou
312 ldap_company_unique_attribute = ou
313
314 # Optional, default = text
315 -# Active directory: dn
316 +# Active directory: binary
317 # LDAP: text
318 ldap_company_unique_attribute_type = text
319
320 -# Search for companies starting from this DN
321 -# Required
322 -ldap_company_search_base = { esmith::util::ldapBase ($DomainName); }
323 -
324 -# Search method to find a company, can be: base, one or sub
325 -# Default: sub
326 -ldap_company_scope = sub
327 -
328 -# Search for companies using this LDAP filter. See ldap_search(3) or RFC
329 -# 2254 for details on the filter syntax.
330 -# Optional, default = empty (match everything)
331 -# For active directory, use:
332 -# (&(objectClass=organizationalUnit)(objectCategory=CN=Organization,CN=Schema,CN=Configuration,DC=zarafa,DC=com))
333 -# For LDAP with posix users, use:
334 -# (objectClass=organizationalUnit)
335 -ldap_company_search_filter = (objectClass=organizationalUnit)
336 -
337 -# Optional, default = cn
338 -# Active directory: cn
339 -# LDAP: cn
340 -ldap_companyname_attribute = cn
341 +# Optional, default = ou
342 +# Active directory: ou
343 +# LDAP: ou
344 +ldap_companyname_attribute = ou
345
346 # Optional
347 # The attribute which indicates which companies are allowed
348 @@ -265,6 +318,68 @@
349 # Empty default, using ldap_user_unique_attribute
350 ldap_company_system_admin_relation_attribute =
351
352 +
353 +##########
354 +# Addresslist settings
355 +
356 +# Add a filter to the addresslist search
357 +ldap_addresslist_search_filter =
358 +
359 +# This is the unique attribute of a addresslist which is never going
360 +# to change, unless the addresslist is removed from LDAP. When this
361 +# value changes, Zarafa will remove the previous addresslist from the
362 +# database, and create a new addresslist with this unique value
363 +ldap_addresslist_unique_attribute = cn
364 +
365 +# This value can be 'text' or 'binary'. For OpenLDAP, only text is used.
366 +ldap_addresslist_unique_attribute_type = text
367 +
368 +# This is the name of the attribute on the addresslist object that
369 +# specifies the filter to be applied for this addresslist. All users
370 +# matching this filter AND matching the default
371 +# ldap_user_search_filter will be included in the addresslist
372 +ldap_addresslist_filter_attribute = zarafaFilter
373 +
374 +# This is the name of the attribute on the addresslist object that
375 +# specifies the search base to be applied for this addresslist.
376 +ldap_addresslist_search_base_attribute = zarafaBase
377 +
378 +# The attribute containing the name of the addresslist
379 +ldap_addresslist_name_attribute = cn
380 +
381 +
382 +##########
383 +# Dynamicgroup settings
384 +
385 +# Add a filter to the dynamicgroup search
386 +ldap_dynamicgroup_search_filter =
387 +
388 +# This is the unique attribute of a dynamicgroup which is never going
389 +# to change, unless the dynamicgroup is removed from LDAP. When this
390 +# value changes, Zarafa will remove the previous dynamicgroup from the
391 +# database, and create a new dynamicgroup with this unique value
392 +ldap_dynamicgroup_unique_attribute = cn
393 +
394 +# This value can be 'text' or 'binary'. For OpenLDAP, only text is used.
395 +ldap_dynamicgroup_unique_attribute_type = text
396 +
397 +# This is the name of the attribute on the dynamicgroup object that
398 +# specifies the filter to be applied for this dynamicgroup. All users
399 +# matching this filter AND matching the default
400 +# ldap_user_search_filter will be included in the dynamicgroup
401 +ldap_dynamicgroup_filter_attribute = zarafaFilter
402 +
403 +# This is the name of the attribute on the dynamicgroup object that
404 +# specifies the search base to be applied for this dynamicgroup.
405 +ldap_dynamicgroup_search_base_attribute = zarafaBase
406 +
407 +# The attribute containing the name of the dynamicgroup
408 +ldap_dynamicgroup_name_attribute = cn
409 +
410 +
411 +##########
412 +# Quota settings
413 +
414 # Optional
415 # The attribute which indicates which users (besides the user who exceeds his quota)
416 # should also receive a warning mail when a user exceeds his quota.
417 @@ -289,7 +404,7 @@
418 ldap_quota_companywarning_recipients_attribute_type = text
419
420 # Optional, default empty
421 -ldap_quota_companywarning_recipients_relation_attribute=
422 +ldap_quota_companywarning_recipients_relation_attribute =
423
424 # Whether to override the system wide quota settings
425 ldap_quotaoverride_attribute = zarafaQuotaOverride
426 @@ -306,10 +421,19 @@
427 ldap_userdefault_hardquota_attribute = zarafaUserDefaultQuotaHard
428
429 # Mapping from the quota attributes to a number of bytes. Qmail-LDAP
430 -# schema uses bytes (1), ADS uses kilobytes (1024).
431 +# schema uses bytes (1), ADS uses kilobytes (1024*1024).
432 ldap_quota_multiplier = 1
433
434 -# When an object (user/group/company) is changed, this attribute will also change:
435 -# Active directory: uSNChanged
436 -# LDAP: modifyTimestamp
437 -ldap_last_modification_attribute = modifyTimestamp
438 +##########
439 +# Misc. settings
440 +
441 +# Attribute which indicates if the user should be hidden from addressbook
442 +ldap_addressbook_hide_attribute = zarafaHidden
443 +
444 +# LDAP object search filter. %s in this filter will be replaced with
445 +# the object being searched.
446 +# Default: empty
447 +# ADS recommended: (anr=%s)
448 +# OpenLDAP optional: (|(mail=%s*)(uid=%s*)(cn=*%s*)(fullname=*%s*)(givenname=*%s*)(lastname=*%s*)(sn=*%s*))
449 +ldap_object_search_filter =
450 +

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed