![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 # $Id: kolab2.schema,v 1.22 2007/02/02 15:16:45 thomas Exp $
2 # (c) 2003, 2004 Tassilo Erlewein <tassilo.erlewein@erfrakon.de>
3 # (c) 2003-2006 Martin Konold <martin.konold@erfrakon.de>
4 # (c) 2003 Achim Frank <achim.frank@erfrakon.de>
5 #
6 # Redistribution and use in source and binary forms, with or without
7 # modification, are permitted provided that the following conditions are met:
8 #
9 # Redistributions of source code must retain the above copyright notice, this
10 # list of conditions and the following disclaimer.
11 #
12 # Redistributions in binary form must reproduce the above copyright notice,
13 # this list of conditions and the following disclaimer in the documentation
14 # and/or other materials provided with the distribution.
15 #
16 # The name of the author may not be used to endorse or promote products derived
17 # from this software without specific prior written permission.
18 #
19 #
20 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
21 # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
22 # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
23 # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
25 # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
26 # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
27 # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
28 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
29 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 # This schema highly depends on the core.schema, cosine.schema and the inetorgperson.schema
32 # as provided by 3rd parties like OpenLDAP.
33 #
34 # slapd.conf then looks like
35 # include /kolab/etc/openldap/schema/core.schema
36 # include /kolab/etc/openldap/schema/cosine.schema
37 # include /kolab/etc/openldap/schema/inetorgperson.schema
38 # include /kolab/etc/openldap/schema/rfc2739.schema
39 # include /kolab/etc/openldap/schema/kolab2.schema
41 #
42 ####################
43 # kolab attributes #
44 ####################
46 # helper attribute to make the kolab root easily findable in
47 # a big ldap directory
48 attributetype ( 1.3.6.1.4.1.19414.2.1.1
49 NAME ( 'k' 'kolab' )
50 DESC 'Kolab attribute'
51 SUP name )
53 # kolabDeleteflag used to be a boolean but describes with Kolab 2
54 # the fqdn of the server which is requested to delete this objects
55 # in its local store
56 attributetype ( 1.3.6.1.4.1.19414.2.1.2
57 NAME 'kolabDeleteflag'
58 DESC 'Per host deletion status'
59 EQUALITY caseIgnoreIA5Match
60 SUBSTR caseIgnoreIA5SubstringsMatch
61 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
63 # alias used to provide alternative rfc822 email addresses for kolab users
64 attributetype ( 1.3.6.1.4.1.19414.2.1.3
65 NAME 'alias'
66 DESC 'RFC1274: RFC822 Mailbox'
67 EQUALITY caseIgnoreIA5Match
68 SUBSTR caseIgnoreIA5SubstringsMatch
69 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
71 # kolabEncryptedPassword is an asymmetrically (RSA) encrypted copy of the
72 # cleartext password. This is required in order to pass the password from
73 # the maintainance/administration application to the kolabHomeServer running the
74 # resource handler application in a secure manner.
75 # Actually this attribute is deprecated as of Kolab 2.1. Instead we grant the
76 # calendar user dn: cn=calendar,cn=internal,dc=yourcompany,dc=com access to
77 # the respective calendar folder using IMAP ACLs.
78 attributetype ( 1.3.6.1.4.1.19419.2.1.4
79 NAME 'kolabEncryptedPassword'
80 DESC 'base64 encoded public key encrypted Password'
81 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
83 # hostname including the domain name like kolab-master.yourcompany.com
84 attributetype ( 1.3.6.1.4.1.19414.2.1.5
85 NAME ( 'fqhostname' 'fqdnhostname' )
86 DESC 'Fully qualified Hostname including full domain component'
87 EQUALITY caseIgnoreIA5Match
88 SUBSTR caseIgnoreIA5SubstringsMatch
89 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
91 # fqdn of all hosts in a multi-location or cluster setup
92 attributetype ( 1.3.6.1.4.1.19414.2.1.6
93 NAME 'kolabHost'
94 DESC 'Multivalued -- list of hostnames in a Kolab setup'
95 EQUALITY caseIgnoreIA5Match
96 SUBSTR caseIgnoreIA5SubstringsMatch
97 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
99 # fqdn of the server containg the actual user mailbox
100 attributetype ( 1.3.6.1.4.1.19419.1.1.1.1
101 NAME 'kolabHomeServer'
102 DESC 'server which keeps the users mailbox'
103 EQUALITY caseIgnoreIA5Match
104 SUBSTR caseIgnoreIA5SubstringsMatch
105 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
107 # flag for allowing unrestriced length of mails
108 attributetype ( 1.3.6.1.4.1.19419.1.1.1.2
109 NAME 'unrestrictedMailSize'
110 EQUALITY booleanMatch
111 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
113 # Specifies the email delegates.
114 # An email delegate can send email on behalf of the account
115 # which means using the "from" of the account.
116 # Delegates are specified by the syntax of rfc822 email addresses.
117 attributetype ( 1.3.6.1.4.1.19419.1.1.1.3
118 NAME 'kolabDelegate'
119 DESC 'Kolab user allowed to act as delegates - RFC822 Mailbox/Alias'
120 EQUALITY caseIgnoreIA5Match
121 SUBSTR caseIgnoreIA5SubstringsMatch
122 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
124 # For user, group and resource Kolab accounts
125 # Describes how to respond to invitations
126 # We keep the attribute as a string, but actually it can only have one
127 # of the following values:
128 #
129 # ACT_ALWAYS_ACCEPT
130 # ACT_ALWAYS_REJECT
131 # ACT_REJECT_IF_CONFLICTS
132 # ACT_MANUAL_IF_CONFLICTS
133 # ACT_MANUAL
134 # In addition one of these values may be prefixed with a primary email
135 # address followed by a colon like
136 # user@domain.tld: ACT_ALWAYS_ACCEPT
137 attributetype ( 1.3.6.1.4.1.19419.1.1.1.4
138 NAME ( 'kolabInvitationPolicy' 'kolabResourceAction' )
139 DESC 'defines how to respond to invitations'
140 EQUALITY caseIgnoreIA5Match
141 SUBSTR caseIgnoreIA5SubstringsMatch
142 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
144 # time span from now to the future used for the free busy data
145 # measured in days
146 attributetype ( 1.3.6.1.4.1.19419.1.1.1.5
147 NAME 'kolabFreeBusyFuture'
148 DESC 'time in days for fb data towards the future'
149 EQUALITY integerMatch
150 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
151 SINGLE-VALUE )
153 # time span from now to the past used for the free busy data
154 # measured in days
155 attributetype ( 1.3.6.1.4.1.19419.1.1.1.6
156 NAME 'kolabFreeBusyPast'
157 DESC 'time in days for fb data towards the past'
158 EQUALITY integerMatch
159 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
160 SINGLE-VALUE )
162 # fqdn of the server as the default SMTP MTA
163 # not used in Kolab 2 currently as in Kolab 2 the
164 # default MTA is equivalent to the kolabHomeServer
165 attributetype ( 1.3.6.1.4.1.19419.1.1.1.7
166 NAME 'kolabHomeMTA'
167 DESC 'fqdn of default MTA'
168 EQUALITY caseIgnoreIA5Match
169 SUBSTR caseIgnoreIA5SubstringsMatch
170 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
171 SINGLE-VALUE )
173 # Begin date of Kolab vacation period. Sender will
174 # be notified every kolabVacationResendIntervall days
175 # that recipient is absent until kolabVacationEnd.
176 # Values in this syntax are encoded as printable strings,
177 # represented as specified in X.208.
178 # Note that the time zone must be specified.
179 # For Kolab we limit ourself to GMT
180 # YYYYMMDDHHMMZ e.g. 200512311458Z.
181 # see also: rfc 2252.
182 # Currently this attribute is not used in Kolab.
183 attributetype ( 1.3.6.1.4.1.19419.1.1.1.8
184 NAME 'kolabVacationBeginDateTime'
185 DESC 'Begin date of vacation'
186 EQUALITY generalizedTimeMatch
187 SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
188 SINGLE-VALUE )
190 # End date of Kolab vacation period. Sender will
191 # be notified every kolabVacationResendIntervall days
192 # that recipient is absent starting from kolabVacationBeginDateTime.
193 # Values in this syntax are encoded as printable strings,
194 # represented as specified in X.208.
195 # Note that the time zone must be specified.
196 # For Kolab we limit ourself to GMT
197 # YYYYMMDDHHMMZ e.g. 200601012258Z.
198 # see also: rfc 2252.
199 # Currently this attribute is not used in Kolab.
200 attributetype ( 1.3.6.1.4.1.19419.1.1.1.9
201 NAME 'kolabVacationEndDateTime'
202 DESC 'End date of vacation'
203 EQUALITY generalizedTimeMatch
204 SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
205 SINGLE-VALUE )
207 # Intervall in days after which senders get
208 # another vacation message.
209 # Currently this attribute is not used in Kolab.
210 attributetype ( 1.3.6.1.4.1.19419.1.1.1.10
211 NAME 'kolabVacationResendInterval'
212 DESC 'Vacation notice interval in days'
213 EQUALITY integerMatch
214 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
215 SINGLE-VALUE )
217 # Email recipient addresses which are handled by the
218 # vacation script. There can be multiple kolabVacationAddress
219 # entries for each kolabInetOrgPerson.
220 # Default is the primary email address and all
221 # email aliases of the kolabInetOrgPerson.
222 # Currently this attribute is not used in Kolab.
223 attributetype ( 1.3.6.1.4.1.19419.1.1.1.11
224 NAME 'kolabVacationAddress'
225 DESC 'Email address for vacation to response upon'
226 EQUALITY caseIgnoreIA5Match
227 SUBSTR caseIgnoreIA5SubstringsMatch
228 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
230 # Enable sending vacation notices in reaction
231 # unsolicited commercial email.
232 # Default is no.
233 # Currently this attribute is not used in Kolab.
234 attributetype ( 1.3.6.1.4.1.19419.1.1.1.12
235 NAME 'kolabVacationReplyToUCE'
236 DESC 'Enable vacation notices to UCE'
237 EQUALITY booleanMatch
238 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
239 SINGLE-VALUE )
241 # Email recipient domains which are handled by the
242 # vacation script. There can be multiple kolabVacationReactDomain
243 # entries for each kolabInetOrgPerson
244 # Default is to handle all domains.
245 # Currently this attribute is not used in Kolab.
246 attributetype ( 1.3.6.1.4.1.19419.1.1.1.13
247 NAME 'kolabVacationReactDomain'
248 DESC 'Multivalued -- Email domain for vacation to response upon'
249 EQUALITY caseIgnoreIA5Match
250 SUBSTR caseIgnoreIA5SubstringsMatch
251 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
253 # Forward all incoming emails except UCE if kolabForwardUCE
254 # is not set to this email address.
255 # There can be multiple kolabForwardAddress entries for
256 # each kolabInetOrgPerson.
257 # Currently this attribute is not used in Kolab.
258 attributetype ( 1.3.6.1.4.1.19419.1.1.1.14
259 NAME 'kolabForwardAddress'
260 DESC 'Forward email to this address'
261 EQUALITY caseIgnoreIA5Match
262 SUBSTR caseIgnoreIA5SubstringsMatch
263 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
265 # Keep local copy when forwarding emails to list of
266 # kolabForwardAddress.
267 # Default is no.
268 # Currently this attribute is not used in Kolab.
269 attributetype ( 1.3.6.1.4.1.19419.1.1.1.15
270 NAME 'kolabForwardKeepCopy'
271 DESC 'Keep copy when forwarding'
272 EQUALITY booleanMatch
273 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
274 SINGLE-VALUE )
276 # Enable forwarding of UCE.
277 # Default is yes.
278 # Currently this attribute is not used in Kolab.
279 attributetype ( 1.3.6.1.4.1.19419.1.1.1.16
280 NAME 'kolabForwardUCE'
281 DESC 'Enable forwarding of mails known as UCE'
282 EQUALITY booleanMatch
283 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
284 SINGLE-VALUE )
286 # comment when creating or deleting a kolab object
287 # a comment might be appropriate. This is most useful
288 # for tracability when users get moved to the graveyard
289 # instead of being really deleted. Every entry must be prefixed
290 # with an ISO 8601 date string e.g 200604301458Z. All times must
291 # be in zulu timezone.
292 attributetype ( 1.3.6.1.4.1.19419.1.1.1.17
293 NAME 'kolabComment'
294 DESC 'multi-value comment'
295 EQUALITY caseIgnoreMatch
296 SUBSTR caseIgnoreSubstringsMatch
297 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
299 # kolabFolderType describes the kind of Kolab folder
300 # as defined in the kolab format specification.
301 # We will annotate all folders with an entry
302 # /vendor/kolab/folder-type containing the attribute
303 # value.shared set to: <type>[.<subtype>].
304 # The <type> can be: mail, event, journal, task, note,
305 # or contact. The <subtype> for a mail folder can be
306 # inbox, drafts, sentitems, or junkemail (this one holds
307 # spam mails). For the other <type>s, it can only be
308 # default, or not set. For other types of folders
309 # supported by the clients, these should be prefixed with
310 # "k-" for KMail, "h-" for Horde and "o-" for Outlook, and
311 # look like for example "kolab.o-voicemail". Other third-party
312 # clients shall use the "x-" prefix.
313 # We then use the ANNOTATEMORE IMAP extension to
314 # associate the folder type with a folder.
315 attributetype ( 1.3.6.1.4.1.19414.2.1.7
316 NAME 'kolabFolderType'
317 DESC 'type of a kolab folder'
318 EQUALITY caseIgnoreIA5Match
319 SUBSTR caseIgnoreIA5SubstringsMatch
320 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256}
321 SINGLE-VALUE )
323 ######################
324 # postfix attributes #
325 ######################
327 attributetype ( 1.3.6.1.4.1.19414.2.1.501
328 NAME 'postfix-mydomain'
329 EQUALITY caseIgnoreIA5Match
330 SUBSTR caseIgnoreIA5SubstringsMatch
331 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
333 attributetype ( 1.3.6.1.4.1.19414.2.1.502
334 NAME 'postfix-relaydomains'
335 EQUALITY caseIgnoreIA5Match
336 SUBSTR caseIgnoreIA5SubstringsMatch
337 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
339 attributetype ( 1.3.6.1.4.1.19414.2.1.503
340 NAME 'postfix-mydestination'
341 EQUALITY caseIgnoreIA5Match
342 SUBSTR caseIgnoreIA5SubstringsMatch
343 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
345 attributetype ( 1.3.6.1.4.1.19414.2.1.504
346 NAME 'postfix-mynetworks'
347 EQUALITY caseIgnoreIA5Match
348 SUBSTR caseIgnoreIA5SubstringsMatch
349 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
351 attributetype ( 1.3.6.1.4.1.19414.2.1.505
352 NAME 'postfix-relayhost'
353 EQUALITY caseIgnoreIA5Match
354 SUBSTR caseIgnoreIA5SubstringsMatch
355 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
357 attributetype ( 1.3.6.1.4.1.19414.2.1.506
358 NAME 'postfix-transport'
359 EQUALITY caseIgnoreIA5Match
360 SUBSTR caseIgnoreIA5SubstringsMatch
361 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
363 attributetype ( 1.3.6.1.4.1.19414.2.1.507
364 NAME 'postfix-enable-virus-scan'
365 EQUALITY booleanMatch
366 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
367 SINGLE-VALUE )
369 attributetype ( 1.3.6.1.4.1.19414.2.1.508
370 NAME 'postfix-allow-unauthenticated'
371 EQUALITY booleanMatch
372 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
373 SINGLE-VALUE )
375 attributetype ( 1.3.6.1.4.1.19414.2.1.509
376 NAME 'postfix-virtual'
377 EQUALITY caseIgnoreIA5Match
378 SUBSTR caseIgnoreIA5SubstringsMatch
379 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
381 attributetype ( 1.3.6.1.4.1.19414.2.1.510
382 NAME 'postfix-relayport'
383 EQUALITY caseIgnoreIA5Match
384 SUBSTR caseIgnoreIA5SubstringsMatch
385 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
387 ##########################
388 # cyrus imapd attributes #
389 ##########################
391 attributetype ( 1.3.6.1.4.1.19414.2.1.601
392 NAME 'cyrus-autocreatequota'
393 EQUALITY integerMatch
394 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
395 SINGLE-VALUE )
397 attributetype ( 1.3.6.1.4.1.19414.2.1.602
398 NAME 'cyrus-admins'
399 EQUALITY caseIgnoreIA5Match
400 SUBSTR caseIgnoreIA5SubstringsMatch
401 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
403 # enable plain imap without ssl
404 attributetype ( 1.3.6.1.4.1.19414.2.1.603
405 NAME 'cyrus-imap'
406 EQUALITY booleanMatch
407 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
408 SINGLE-VALUE )
410 # enable legacy pop3
411 attributetype ( 1.3.6.1.4.1.19414.2.1.604
412 NAME 'cyrus-pop3'
413 EQUALITY booleanMatch
414 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
416 # user specific quota on the cyrus imap server
417 attributetype ( 1.3.6.1.4.1.19414.2.1.605
418 NAME 'cyrus-userquota'
419 DESC 'Mailbox hard quota limit in MB'
420 EQUALITY integerMatch
421 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
423 # cyrus imapd access control list
424 # acls work with users and groups
425 attributetype ( 1.3.6.1.4.1.19414.2.1.651
426 NAME 'acl'
427 EQUALITY caseIgnoreIA5Match
428 SUBSTR caseIgnoreIA5SubstringsMatch
429 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
431 # enable secure imap
432 attributetype ( 1.3.6.1.4.1.19414.2.1.606
433 NAME 'cyrus-imaps'
434 EQUALITY booleanMatch
435 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
437 # enable secure pop3
438 attributetype ( 1.3.6.1.4.1.19414.2.1.607
439 NAME 'cyrus-pop3s'
440 EQUALITY booleanMatch
441 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
443 # enable sieve support (required for forward and vacation services)
444 attributetype ( 1.3.6.1.4.1.19414.2.1.608
445 NAME 'cyrus-sieve'
446 EQUALITY booleanMatch
447 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
449 # installation wide percentage which determines when to send a
450 # warning to the user
451 attributetype ( 1.3.6.1.4.1.19414.2.1.609
452 NAME 'cyrus-quotawarn'
453 EQUALITY integerMatch
454 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
456 #############################
457 # apache and php attributes #
458 #############################
460 # enable plain http (no ssl)
461 attributetype ( 1.3.6.1.4.1.19414.2.1.701
462 NAME 'apache-http'
463 EQUALITY booleanMatch
464 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
466 # Allow freebusy download without authenticating first
467 attributetype ( 1.3.6.1.4.1.19414.2.1.702
468 NAME 'apache-allow-unauthenticated-fb'
469 EQUALITY booleanMatch
470 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
472 ##########################
473 # kolabfilter attributes #
474 ##########################
476 # enable trustable From:
477 attributetype ( 1.3.6.1.4.1.19414.2.1.750
478 NAME 'kolabfilter-verify-from-header'
479 EQUALITY booleanMatch
480 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
482 # should Sender header be allowed instead of From
483 # when present?
484 attributetype ( 1.3.6.1.4.1.19414.2.1.751
485 NAME 'kolabfilter-allow-sender-header'
486 EQUALITY booleanMatch
487 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
489 # Should reject messages with From headers that dont match
490 # the envelope? Default is to rewrite the header
491 attributetype ( 1.3.6.1.4.1.19414.2.1.752
492 NAME 'kolabfilter-reject-forged-from-header'
493 EQUALITY booleanMatch
494 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
496 ######################
497 # proftpd attributes #
498 ######################
500 attributetype ( 1.3.6.1.4.1.19414.2.1.901
501 NAME 'proftpd-defaultquota'
502 EQUALITY integerMatch
503 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
505 attributetype ( 1.3.6.1.4.1.19414.2.1.902
506 NAME 'proftpd-ftp'
507 EQUALITY booleanMatch
508 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
510 attributetype ( 1.3.6.1.4.1.19414.2.1.903
511 NAME 'proftpd-userPassword'
512 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
514 ########################
515 # kolab object classes #
516 ########################
518 # main kolab server configuration
519 # storing global values and user specific default values
520 # like kolabFreeBusyFuture and kolabFreeBusyPast
521 objectclass ( 1.3.6.1.4.1.19414.2.2.1
522 NAME 'kolab'
523 DESC 'Kolab server configuration'
524 SUP top STRUCTURAL
525 MUST k
526 MAY ( kolabHost $
527 postfix-mydomain $
528 postfix-relaydomains $
529 postfix-mydestination $
530 postfix-mynetworks $
531 postfix-relayhost $
532 postfix-relayport $
533 postfix-transport $
534 postfix-virtual $
535 postfix-enable-virus-scan $
536 postfix-allow-unauthenticated $
537 cyrus-quotawarn $
538 cyrus-autocreatequota $
539 cyrus-admins $
540 cyrus-imap $
541 cyrus-pop3 $
542 cyrus-imaps $
543 cyrus-pop3s $
544 cyrus-sieve $
545 apache-http $
546 apache-allow-unauthenticated-fb $
547 kolabfilter-verify-from-header $
548 kolabfilter-allow-sender-header $
549 kolabfilter-reject-forged-from-header $
550 proftpd-ftp $
551 proftpd-defaultquota $
552 kolabFreeBusyFuture $
553 kolabFreeBusyPast $
554 uid $
555 userPassword ) )
557 # public folders are typically visible to everyone subscribed to
558 # the server without the need for an extra login. Subfolders are
559 # defined using the hiarchy seperator '/' e.g. "sf/sub1". Please note
560 # that the term public folder is prefered to shared folder because
561 # normal user mailboxes can also share folders using acls.
562 objectclass ( 1.3.6.1.4.1.19414.2.2.9
563 NAME 'kolabSharedFolder'
564 DESC 'Kolab public shared folder'
565 SUP top AUXILIARY
566 MUST cn
567 MAY ( acl $
568 alias $
569 cyrus-userquota $
570 kolabHomeServer $
571 kolabFolderType $
572 kolabDeleteflag ) )
574 # kolabNamedObject is used as a plain node for the LDAP tree.
575 # In contrast to unix filesystem directories LDAP nodes can
576 # and often do also have contents/attributes. We use the
577 # kolabNamedObject in order to put some structure in the
578 # LDAP directory tree.
579 objectclass ( 1.3.6.1.4.1.5322.13.1.1
580 NAME 'kolabNamedObject'
581 SUP top STRUCTURAL
582 MAY (cn $ ou) )
584 # kolab account
585 # we use an auxiliary in order to ease integration
586 # with existing inetOrgPerson objects
587 # Please note that userPassword is a may
588 # attribute in the schema but is mandatory for
589 # Kolab
590 objectclass ( 1.3.6.1.4.1.19414.3.2.2
591 NAME 'kolabInetOrgPerson'
592 DESC 'Kolab Internet Organizational Person'
593 SUP top AUXILIARY
594 MAY ( c $
595 alias $
596 kolabHomeServer $
597 kolabHomeMTA $
598 unrestrictedMailSize $
599 kolabDelegate $
600 kolabEncryptedPassword $
601 cyrus-userquota $
602 kolabInvitationPolicy $
603 kolabFreeBusyFuture $
604 calFBURL $
605 kolabVacationBeginDateTime $
606 kolabVacationEndDateTime $
607 kolabVacationResendInterval $
608 kolabVacationAddress $
609 kolabVacationReplyToUCE $
610 kolabVacationReactDomain $
611 kolabForwardAddress $
612 kolabForwardKeepCopy $
613 kolabForwardUCE $
614 kolabDeleteflag $
615 kolabComment ) )
617 # kolab organization with country support
618 objectclass ( 1.3.6.1.4.1.19414.3.2.3
619 NAME 'kolabOrganization'
620 DESC 'RFC2256: a Kolab organization'
621 SUP organization STRUCTURAL
622 MAY ( c $
623 mail $
624 kolabDeleteflag $
625 alias ) )
627 # kolab organizational unit with country support
628 objectclass ( 1.3.6.1.4.1.19414.3.2.4
629 NAME 'kolabOrganizationalUnit'
630 DESC 'a Kolab organizational unit'
631 SUP organizationalUnit STRUCTURAL
632 MAY ( c $
633 mail $
634 kolabDeleteflag $
635 alias ) )
637 # kolab groupOfNames with extra kolabDeleteflag and the required
638 # attribute mail.
639 # The mail attribute for kolab objects of the type kolabGroupOfNames
640 # is not arbitrary but MUST be a single attribute of the form
641 # of an valid SMTP address with the CN as the local part.
642 # E.g cn@kolabdomain (e.g. employees@mydomain.com). The
643 # mail attribute MUST be globally unique.
644 objectclass ( 1.3.6.1.4.1.19414.3.2.5
645 NAME 'kolabGroupOfNames'
646 DESC 'Kolab group of names (DNs) derived from RFC2256'
647 SUP groupOfNames AUXILIARY
648 MAY ( mail $
649 kolabDeleteflag ) )