1 <?php
4 class all extends plugin {
5 static function plInfo()
6 {
7 return (array(
8 "plShortName" => _("All"),
9 "plDescription" => _("All objects in this category"),
10 "plSelfModify" => TRUE,
11 "plDepends" => array(),
12 "plPriority" => 0,
13 "plSection" => array("administration"),
14 "plCategory" => array("all" => array("objectClass" => "none", "description" => '* '._("All"))),
15 "plProvidedAcls" => array())
16 );
17 }
18 }
20 class core extends plugin {
22 static function getPropertyValues($class,$name,$value,$type)
23 {
24 $list = array();
25 switch($name){
26 case 'passwordDefaultHash':
27 $tmp = passwordMethod::get_available_methods();
28 foreach($tmp['name'] as $id => $method){
29 $desc = $tmp[$id]['name'];
30 $list[$method] = $desc;
31 }
32 break;
33 case 'accountPrimaryAttribute':
34 $list = array('uid' => 'uid', 'cn' => 'cn');
35 break;
36 case 'loginAttribute':
37 $list = array(
38 'uid' => 'uid',
39 'mail' => 'mail',
40 'both' => 'uid & mail');
41 break;
42 case 'timezone':
43 $tmp = timezone::_get_tz_zones();
44 foreach($tmp['TIMEZONES'] as $name => $offset){
45 if($offset >= 0){
46 $list[$name] = $name." ( + ".sprintf("%0.2f",$offset/(60*60))." "._("hours").")";
47 }else{
48 $offset = $offset * -1;
49 $list[$name] = $name." ( - ".sprintf("%0.2f",($offset/(60*60)))." "._("hours").")";
50 }
51 }
52 break;
53 case 'mailAttribute':
54 $list = array('mail' => 'mail','uid' => 'uid');
55 break;
56 case 'mailMethod':
57 $list = mailMethod::get_methods();
58 break;
59 case 'language':
60 $tmp = get_languages(TRUE);
61 $list[""] = _("Automatic");
62 foreach($tmp as $key => $desc){
63 $list[$key] = $desc;
64 }
65 break;
66 case 'modificationDetectionAttribute':
67 $list = array('entryCSN' => 'entryCSN (OpenLdap)','textCSN'=>'textCSN (Sun DS)');
68 break;
69 default: echo $name." ";$list = array();
70 }
72 if(!isset($list[$value])){
73 $list[$value] = $value." ("._("User value").")";
74 }
76 return($list);
77 }
79 static function plInfo()
80 {
81 return (array(
82 "plShortName" => _("Core"),
83 "plDescription" => _("GOsa core plugin"),
84 "plSelfModify" => FALSE,
85 "plDepends" => array(),
86 "plPriority" => 0,
87 "plSection" => array("administration"),
88 "plCategory" => array("all"),
89 "plProperties" => array(
91 array(
92 "name" => "htaccessAuthentication",
93 "type" => "bool",
94 "default" => FALSE,
95 "description" => _("The 'htaccessAuthentication' variable tells GOsa to use either htaccess authentication or LDAP authentication. This can be used if you want to use i.e. kerberos to authenticate the users."),
96 "check" => "gosaProperty::isBool",
97 "migrate" => "",
98 "group" => "authentification",
99 "mandatory" => FALSE),
101 array(
102 "name" => "logging",
103 "type" => "bool",
104 "default" => TRUE,
105 "description" => _("The 'logging' statement enables event logging on GOsa side. Setting it to 'true' GOsa will log every action a user performs via syslog. If you use rsyslog and configure it to mysql logging, you can browse all events within GOsa. GOsa will not log anything, if the logging value is empty or set to 'false'."),
107 "check" => "gosaProperty::isBool",
108 "migrate" => "",
109 "group" => "core",
110 "mandatory" => FALSE),
112 array(
113 "name" => "listSummary",
114 "type" => "bool",
115 "default" => TRUE,
116 "description" => _("The 'listSummary' statement determines whether a status bar will be shown on the bottom of GOsa generated lists, displaying a short summary of type and number of elements in the list."),
117 "check" => "gosaProperty::isBool",
118 "migrate" => "",
119 "group" => "visual",
120 "mandatory" => FALSE),
122 array(
123 "name" => "passwordMinLength",
124 "type" => "integer",
125 "default" => "",
126 "description" => _("The 'passwordMinLength' statement determines whether a newly entered password has to be of a minimum length."),
127 "check" => "gosaProperty::isInteger",
128 "migrate" => "",
129 "group" => "password",
130 "mandatory" => FALSE),
132 array(
133 "name" => "passwordMinDiffer",
134 "type" => "integer",
135 "default" => "",
136 "description" => _("The 'passwordMinDiffer' statement determines whether a newly entered password has to be checked to have at least n different characters."),
137 "check" => "gosaProperty::isInteger",
138 "migrate" => "",
139 "group" => "password",
140 "mandatory" => FALSE),
142 array(
143 "name" => "passwordHook",
144 "type" => "command",
145 "default" => "",
146 "description" =>
147 _("The 'passwordHook' can specify an external script to handle password settings at some other location besides the LDAP.")." ".sprintf(_("It will be called this way: %s"),"/path/to/your/script \"username\" \"oldpassword\" \"newpassword\""),
148 "check" => "gosaProperty::isShellCommand",
149 "migrate" => "",
150 "group" => "password",
151 "mandatory" => FALSE),
153 array(
154 "name" => "displayErrors",
155 "type" => "bool",
156 "default" => FALSE,
157 "description" => "The 'displayErrors' statement tells GOsa to show PHP errors in the upper part of the screen. This should be disabled in productive deployments, because there might be some important passwords arround.",
158 "check" => "gosaProperty::isBool",
159 "migrate" => "",
160 "group" => "debug",
161 "mandatory" => FALSE),
163 array(
164 "name" => "schemaCheck",
165 "type" => "bool",
166 "default" => TRUE,
167 "description" => "The 'schemaCheck' statement enables or disables schema checking during login. It is recommended to switch this on in order to let GOsa handle object creation more efficient.",
168 "check" => "gosaProperty::isInteger",
169 "migrate" => "",
170 "group" => "debug",
171 "mandatory" => FALSE),
173 array(
174 "name" => "copyPaste",
175 "type" => "bool",
176 "default" => FALSE,
177 "description" => "The 'copyPaste' statement enables copy and paste for LDAP entries managed with GOsa.",
178 "check" => "gosaProperty::isInteger",
179 "migrate" => "",
180 "group" => "copyPaste",
181 "mandatory" => FALSE),
183 array(
184 "name" => "forceGlobals",
185 "type" => "bool",
186 "default" => FALSE,
187 "description" => "The 'forceGlobals' statement enables PHP security checks to force register_global settings to be switched off.",
188 "check" => "gosaProperty::isBool",
189 "migrate" => "",
190 "group" => "security",
191 "mandatory" => FALSE),
193 array(
194 "name" => "forceSSL",
195 "type" => "string",
196 "default" => FALSE,
197 "description" => "The 'forceSSL' statement enables PHP security checks to force encrypted access to the web interface. GOsa will try to redirect to the same URL - just with https://",
198 "check" => "gosaProperty::isBool",
199 "migrate" => "",
200 "group" => "security",
201 "mandatory" => FALSE),
203 array(
204 "name" => "ldapStats",
205 "type" => "bool",
206 "default" => FALSE,
207 "description" => _("Logs information about triggered ldap operations, duration, filter, aso. into syslog."),
208 "check" => "gosaProperty::isBool",
209 "migrate" => "",
210 "group" => "debug",
211 "mandatory" => FALSE),
213 array(
214 "name" => "warnSSL",
215 "type" => "bool",
216 "default" => TRUE,
217 "description" => "The 'warnSSL' statement enables PHP security checks to detect non encrypted access to the web interface. GOsa will display a warning in this case.",
218 "check" => "gosaProperty::isBool",
219 "migrate" => "",
220 "group" => "security",
221 "mandatory" => FALSE),
223 array(
224 "name" => "ppdGzip",
225 "type" => "bool",
226 "default" => TRUE,
227 "description" => "The 'ppdGzip' variable enables PPD file compression.",
228 "check" => "gosaProperty::isBool",
229 "migrate" => "",
230 "group" => "ppd",
231 "mandatory" => FALSE),
234 array(
235 "name" => "ignoreAcl",
236 "type" => "dn",
237 "default" => "",
238 "description" => "The 'ignoreAcl' value tells GOsa to ignore complete ACL sets for the given DN. Add your DN here and you'll be able to restore accidently dropped ACLs.",
239 "check" => "gosaProperty::isDN",
240 "migrate" => "",
241 "group" => "debug",
242 "mandatory" => FALSE),
245 array(
246 "name" => "ppdPath",
247 "type" => "path",
248 "default" => "/var/spool/ppd",
249 "description" => "The 'ppdPath' variable defines where to store PPD files for the GOto environment plugins.",
250 "check" => "gosaProperty::isPath",
251 "migrate" => "",
252 "group" => "ppd",
253 "mandatory" => FALSE),
255 array(
256 "name" => "ldapMaxQueryTime",
257 "type" => "integer",
258 "default" => "",
259 "description" => "The 'ldapMaxQueryTime' statement tells GOsa to stop LDAP actions if there is no answer within the specified number of seconds.",
260 "check" => "gosaProperty::isInteger",
261 "migrate" => "",
262 "group" => "debug",
263 "mandatory" => FALSE),
265 array(
266 "name" => "storeFilterSettings",
267 "type" => "bool",
268 "default" => TRUE,
269 "description" => "The 'storeFilterSettings' statement determines whether GOsa should store filter and plugin settings inside of a cookie.",
270 "check" => "gosaProperty::isBool",
271 "migrate" => "",
272 "group" => "core",
273 "mandatory" => FALSE),
275 array(
276 "name" => "sendCompressedOutput",
277 "type" => "bool",
278 "default" => TRUE,
279 "description" => "The 'sendCompressedOutput' statement determines whether PHP should send compressed HTML pages to browsers or not. This may increase or decrease the performance, depending on your network.",
280 "check" => "gosaProperty::isBool",
281 "migrate" => "",
282 "group" => "core",
283 "mandatory" => FALSE),
285 array(
286 "name" => "modificationDetectionAttribute",
287 "type" => "switch",
288 "default" => "entryCSN",
289 "defaults" => "core::getPropertyValues",
290 "description" => "The 'modificationDetectionAttribute' statement enables GOsa to check if a entry currently being edited has been modified from someone else outside GOsa in the meantime. It will display an informative dialog then. It can be set to 'entryCSN' for OpenLDAP based systems or 'contextCSN' for Sun DS based systems.",
291 "check" => "",
292 "migrate" => "",
293 "group" => "core",
294 "mandatory" => FALSE),
296 array(
297 "name" => "language",
298 "type" => "switch",
299 "default" => "",
300 "defaults" => "core::getPropertyValues",
301 "description" => "The 'language' statement defines the default language used by GOsa. Normally GOsa autodetects the language from the browser settings. If this is not working or you want to force the language, just add the language code (i.e. de for german) here.",
302 "check" => "",
303 "migrate" => "",
304 "group" => "core",
305 "mandatory" => FALSE),
307 array(
308 "name" => "theme",
309 "type" => "string",
310 "default" => "default",
311 "defaults" => "core::getPropertyValues",
312 "description" => "The 'theme' statement defines what theme is used to display GOsa pages. You can install some corporate identity like theme and/or modify certain templates to fit your needs within themes. Take a look at the GOsa FAQ for more information.",
313 "check" => "",
314 "migrate" => "",
315 "group" => "visual",
316 "mandatory" => FALSE),
318 array(
319 "name" => "sessionLifetime",
320 "type" => "integer",
321 "default" => "",
322 "description" => "The 'sessionLifetime' value defines when a session will expire in seconds. For Debian systems, this will not work because the sessions will be removed by a cron job instead. Please modify the value inside of your php.ini instead.",
323 "check" => "gosaProperty::isInteger",
324 "migrate" => "",
325 "group" => "security",
326 "mandatory" => FALSE),
328 array(
329 "name" => "templateCompileDirectory",
330 "type" => "path",
331 "default" => "/var/spool/gosa",
332 "description" => "The 'templateCompileDirectory' statements defines the path, where the PHP templating engins 'smarty' should store its compiled GOsa templates for improved speed. This path needs to be writeable by the user your webserver is running with.",
333 "check" => "gosaProperty::isExistingPath",
334 "migrate" => "",
335 "group" => "core",
336 "mandatory" => FALSE),
338 array(
339 "name" => "debugLevel",
340 "type" => "integer",
341 "default" => 0,
342 "description" => sprintf(_("The 'debugLevel' value tells GOsa to display certain information on each page load. Value is an AND combination of the following byte values: %s"),
343 "
344 DEBUG_TRACE = 1
345 DEBUG_LDAP = 2
346 DEBUG_MYSQL = 4
347 DEBUG_SHELL = 8
348 DEBUG_POST = 16
349 DEBUG_SESSION = 32
350 DEBUG_CONFIG = 64
351 DEBUG_ACL = 128
352 DEBUG_SI = 256"),
353 "check" => "gosaProperty::isInteger",
354 "migrate" => "",
355 "group" => "debug",
356 "mandatory" => FALSE),
358 array(
359 "name" => "sambaHashHook",
360 "type" => "command",
361 "default" => "perl -MCrypt::SmbHash -e \"print join(q[:], ntlmgen \\\$ARGV[0]), $/;\"",
362 "description" => sprintf(_("The 'sambaHashHook' statement contains an executable to generate samba hash values. This is required for password synchronization, but not required if you apply gosa-si services. If you don't have mkntpasswd from the samba distribution installed, you can use perl to generate the hash: %s"),"perl -MCrypt::SmbHash -e \"print join(q[:], ntlmgen \\\$ARGV[0]), $/;\""),
363 "check" => "gosaProperty::isCommand",
364 "migrate" => "",
365 "group" => "samba",
366 "mandatory" => FALSE),
368 array(
369 "name" => "passwordDefaultHash",
370 "type" => "switch",
371 "default" => "crypt",
372 "defaults" => "core::getPropertyValues",
373 "description" => "The 'passwordDefaultHash' statement defines the default password hash to choose for new accounts.",
374 "check" => "",
375 "migrate" => "",
376 "group" => "password",
377 "mandatory" => FALSE),
379 array(
380 "name" => "accountPrimaryAttribute",
381 "type" => "switch",
382 "default" => "cn",
383 "defaults" => "core::getPropertyValues",
384 "description" => "The 'accountPrimaryAttribute' option tells GOsa how to create new accounts. Possible values are 'uid' and 'cn'. In the first case GOsa creates uid style DN entries: 'uid=superuser,ou=staff,dc=example,dc=net'. In the second case, GOsa creates cn style DN entries: 'cn=Foo Bar,ou=staff,dc=example,dc=net'. If you choose \"cn\" to be your 'accountPrimaryAttribute' you can decide whether to include the personal title in your dn by selecting 'personalTitleInDN'.",
385 "check" => "",
386 "migrate" => "",
387 "group" => "security",
388 "mandatory" => FALSE),
390 array(
391 "name" => "userRDN",
392 "type" => "rdn",
393 "default" => "ou=people",
394 "description" => "The 'userRDN' statement defines the location where new accounts will be created inside of defined departments. The default is 'ou=people'.",
395 "check" => "gosaProperty::isRdn",
396 "migrate" => "",
397 "group" => "user",
398 "mandatory" => FALSE),
400 array(
401 "name" => "groupRDN",
402 "type" => "rdn",
403 "default" => "ou=groups",
404 "description" => "The 'groupsRDN' statement defines the location where new groups will be created inside of defined departments. The default is 'ou=groups'.",
405 "check" => "gosaProperty::isRdn",
406 "migrate" => "",
407 "group" => "group",
408 "mandatory" => FALSE),
410 array(
411 "name" => "gidNumberBase",
412 "type" => "integer",
413 "default" => "1000",
414 "description" => "The 'gidNumberBase' statement defines where to start looking for a new free group id. This should be synced with your 'adduser.conf' to avoid overlapping gidNumber values between local and LDAP based lookups. The gidNumberBase can even be dynamic. Take a look at the 'nextIdHook' definition.",
415 "check" => "gosaProperty::isInteger",
416 "migrate" => "",
417 "group" => "core",
418 "mandatory" => FALSE),
420 array(
421 "name" => "uidNumberBase",
422 "type" => "integer",
423 "default" => "1000",
424 "description" => "The 'uidNumberBase' statement defines where to start looking for a new free user id. This should be synced with your 'adduser.conf' to avoid overlapping uidNumber values between local and LDAP based lookups. The uidNumberBase can even be dynamic. Take a look at the 'baseIdHook' definition.",
425 "check" => "gosaProperty::isInteger",
426 "migrate" => "",
427 "group" => "core",
428 "mandatory" => FALSE),
430 array(
431 "name" => "gosaSupportURI",
432 "type" => "string",
433 "default" => "",
434 "description" => "The 'gosaSupportURI' defines the major gosa-si server host and the password for GOsa to connect to it. It can be used if you want to use i.e. kerberos to authenticate the users. The format is: credentials@host:port",
435 "check" => "",
436 "migrate" => "",
437 "group" => "gosa-si",
438 "mandatory" => FALSE),
440 array(
441 "name" => "gosaSupportTimeout",
442 "type" => "integer",
443 "default" => "15",
444 "description" => "The 'gosaSupportTimeout' sets a connection timeout for all gosa-si actions. See 'gosaSupportURI' for details.",
445 "check" => "gosaProperty::isInteger",
446 "migrate" => "",
447 "group" => "gosa-si",
448 "mandatory" => FALSE),
450 array(
451 "name" => "loginAttribute",
452 "type" => "switch",
453 "default" => "uid",
454 "defaults" => "core::getPropertyValues",
455 "description" => "The 'loginAttribute' statement tells GOsa which LDAP attribute is used as the login name during login. It can be set to 'uid', 'mail' or 'both'",
456 "check" => "",
457 "migrate" => "",
458 "group" => "security",
459 "mandatory" => FALSE),
461 array(
462 "name" => "timezone",
463 "type" => "switch",
464 "default" => "",
465 "defaults" => "core::getPropertyValues",
466 "description" => "The 'timezone' statements defines the timezone used inside of GOsa to handle date related tasks, such as password expiery, vacation messages, etc. The 'timezone' value should be a unix conform timezone value like in /etc/timezone.",
467 "check" => "",
468 "migrate" => "",
469 "group" => "core",
470 "mandatory" => FALSE),
472 array(
473 "name" => "honourUnitTags",
474 "type" => "bool",
475 "default" => FALSE,
476 "description" => "The 'honourUnitTags' statement enables checking of 'unitTag' attributes when using administrative units. If this is set to 'true' GOsa can only see objects inside the administrative unit a user is logged into.",
477 "check" => "",
478 "migrate" => "gosaProperty::isBool",
479 "group" => "core",
480 "mandatory" => FALSE),
482 array(
483 "name" => "useSaslForKerberos",
484 "type" => "bool",
485 "default" => FALSE,
486 "description" => "The 'useSaslForKerberos' statement defines the way the kerberos realm is stored in the #userPassword' attribute. Set it to 'true' in order to get {sasl}user@REALM.NET, or to 'false' to get {kerberos}user@REALM.NET. The latter is outdated, but may be needed from time to time.",
487 "check" => "gosaProperty::isBool",
488 "migrate" => "",
489 "group" => "password",
490 "mandatory" => FALSE),
492 array(
493 "name" => "rfc2307bis",
494 "type" => "bool",
495 "default" => FALSE,
496 "description" => "The 'rfc2307bis' statement enables rfc2307bis style groups in GOsa. You can use 'member' attributes instead of memberUid in this case. To make it work on unix systems, you've to adjust your NSS configuration to use rfc2307bis style groups, too",
497 "check" => "gosaProperty::isBool",
498 "migrate" => "",
499 "group" => "core",
500 "mandatory" => FALSE),
502 array(
503 "name" => "personalTitleInDN",
504 "type" => "bool",
505 "default" => FALSE,
506 "description" => "The 'personalTitleInDN' option tells GOsa to include the personal title in user DNs when #accountPrimaryAttribute' is set to \"cn\".",
507 "check" => "gosaProperty::isBool",
508 "migrate" => "",
509 "group" => "storage location",
510 "mandatory" => FALSE),
512 array(
513 "name" => "nextIdHook",
514 "type" => "command",
515 "default" => "",
516 "description" => "The 'nextIdHook' statement defines a script to be called for finding the next free id for users or groups externaly. It gets called with the current entry \"dn\" and the attribute to be ID'd. It should return an integer value.",
517 "check" => "gosaProperty::isCommand",
518 "migrate" => "",
519 "group" => "core",
520 "mandatory" => FALSE),
522 array(
523 "name" => "sambaMachineAccountRDN",
524 "type" => "rdn",
525 "default" => "ou=winstations",
526 "description" => "This statement defines the location where GOsa looks for new samba workstations.",
527 "check" => "gosaProperty::isRDN",
528 "migrate" => "",
529 "group" => "samba",
530 "mandatory" => FALSE),
532 array(
533 "name" => "idGenerator",
534 "type" => "string",
535 "default" => "{%sn}-{%givenName[2-4]}",
536 "description" => "The 'idGenerator' statement describes an automatic way to generate new user ids. There are two basic functions supported - which can be combined:
538 a) using attributes
540 You can specify LDAP attributes (currently only sn and givenName) in
541 braces {} and add a percent sign befor it. Optionally you can strip it
542 down to a number of characters, specified in []. I.e.
544 idGenerator=\"{%sn}-{%givenName[2-4]}\"
546 will generate an ID using the full surename, adding a dash, and adding at
547 least the first two characters of givenName. If this ID is used, it'll
548 use up to four characters. If no automatic generation is possible, a
549 input box is shown.
551 b) using automatic id's
553 I.e. specifying
555 idGenerator=\"acct{id:3}\"
557 will generate a three digits id with the next free entry appended to \"acct\".
559 idGenerator=\"acct{id!1}\"
561 will generate a one digit id with the next free entry appended to \"acct\" - if needed.
563 idGenerator=\"ext{id#3}\"
565 will generate a three digits random number appended to \"ext\".
566 ",
567 "check" => "",
568 "migrate" => "",
569 "group" => "core",
570 "mandatory" => FALSE),
572 array(
573 "name" => "strictNamingRules",
574 "type" => "bool",
575 "default" => TRUE,
576 "description" => "",
577 "check" => "gosaProperty::isBool",
578 "migrate" => "The 'strictNamingRules' statement enables strict checking of uids and group names. If you need characters like . or - inside of your accounts, set this to 'false'",
579 "group" => "core",
580 "mandatory" => FALSE),
582 array(
583 "name" => "minId",
584 "type" => "integer",
585 "default" => "The 'minId' statement defines the minimum assignable user or group id to avoid security leaks with uid 0 accounts. This is used for the 'traditional' method.",
586 "description" => "",
587 "check" => "gosaProperty::isInteger",
588 "migrate" => "",
589 "group" => "core",
590 "mandatory" => FALSE),
592 array(
593 "name" => "mailAttribute",
594 "type" => "switch",
595 "default" => "mail",
596 "defaults" => "core::getPropertyValues",
597 "description" => "The 'mailAttribute' statement determines which attribute GOsa will use to create accounts. Valid values are 'mail' and 'uid'.",
598 "check" => "",
599 "migrate" => "",
600 "group" => "mail",
601 "mandatory" => FALSE),
603 array(
604 "name" => "gosaSharedPrefix",
605 "type" => "string",
606 "default" => "",
607 "description" => "This attribute allows to override the prefix used to create shared folders.",
608 "check" => "",
609 "migrate" => "",
610 "group" => "mail",
611 "mandatory" => FALSE),
613 array(
614 "name" => "mailUserCreation",
615 "type" => "string",
616 "default" => "",
617 "description" => "This attribute allows to override the user account creation syntax, see the 'mailFolderCreation' description for more details.
619 Examples
620 mailUserCreation=\"%prefix%%uid%\" => \"user.foobar\"
621 mailUserCreation=\"my-prefix.%uid%%domain%\" => \"my-prefix.foobar@example.com\"
622 ",
623 "check" => "",
624 "migrate" => "",
625 "group" => "mail",
626 "mandatory" => FALSE),
628 array(
629 "name" => "mailFolderCreation",
630 "type" => "string",
631 "default" => "",
632 "description" => "Every mail method has its own way to create mail accounts like 'share/development' or 'shared.development@example.com' which is used to identify the accounts, set quotas or add acls.
634 To override the methods default account creation syntax, you can set the 'mailFolderCreation' option.
636 Examples
638 mailFolderCreation=\"%prefix%%cn%\" => \"shared.development\"
639 mailFolderCreation=\"my-prefix.%cn%%domain%\" => \"my-prefix.development@example.com\"
641 %prefix% The methods default prefix. (Depends on cyrusUseSlashes=FALSE/TRUE)
642 %cn% The groups/users cn.
643 %uid% The users uid.
644 %mail% The objects mail attribute.
645 %domain% The domain part of the objects mail attribute.
646 %mailpart% The user address part of the mail address.
647 %uattrib% Depends on mailAttribute=\"uid/mail\".
648 ",
649 "check" => "",
650 "migrate" => "",
651 "group" => "mail",
652 "mandatory" => FALSE),
654 array(
655 "name" => "imapTimeout",
656 "type" => "integer",
657 "default" => 10,
658 "description" => "The 'imapTimeout' statement sets the connection timeout for imap actions.",
659 "check" => "gosaProperty::isInteger",
660 "migrate" => "",
661 "group" => "mail",
662 "mandatory" => FALSE),
664 array(
665 "name" => "mailMethod",
666 "type" => "switch",
667 "default" => "",
668 "defaults" => "core::getPropertyValues",
669 "description" => "The 'mailMethod' statement tells GOsa which mail method the setup should use to communicate with a possible mail server. Leave this undefined if your mail method does not match the predefined ones.",
670 "check" => "",
671 "migrate" => "",
672 "group" => "mail",
673 "mandatory" => FALSE),
675 array(
676 "name" => "cyrusUseSlashes",
677 "type" => "bool",
678 "default" => TRUE,
679 "description" => "The 'cyrusUseSlashes' statement determines if GOsa should use \"foo/bar\" or \"foo.bar\" namespaces in IMAP. Unix style is with slashes.",
680 "check" => "gosaProperty::isBool",
681 "migrate" => "",
682 "group" => "mail",
683 "mandatory" => FALSE),
685 array(
686 "name" => "vacationTemplateDirectory",
687 "type" => "path",
688 "default" => "/etc/gosa/vacation",
689 "description" => "The 'vacationTemplateDirectory' statement sets the path where GOsa will look for vacation message templates. Default is /etc/gosa/vacation.
691 Example template /etc/gosa/vacation/business.txt:
693 DESC:Away from desk
694 Hi, I'm currently away from my desk. You can contact me on
695 my cell phone via %mobile.
697 Greetings,
698 %givenName %sn
700 ",
701 "check" => "gosaProperty::isExistingPath",
702 "migrate" => "",
703 "group" => "mail",
704 "mandatory" => FALSE),
706 array(
707 "name" => "ldapTLS",
708 "type" => "bool",
709 "default" => FALSE,
710 "description" => "The 'ldapTLS' statement enables or disables TLS operating on LDAP connections.",
711 "check" => "gosaProperty::isBool",
712 "migrate" => "",
713 "group" => "security",
714 "mandatory" => FALSE),
716 array(
717 "name" => "honourIvbbAttributes",
718 "type" => "bool",
719 "default" => FALSE,
720 "description" => "The 'honourIvbbAttributes' statement enables the IVBB mode inside of GOsa. You need the ivbb.schema file from used by german authorities.",
721 "check" => "gosaProperty::isBool",
722 "migrate" => "",
723 "group" => "core",
724 "mandatory" => FALSE),
726 array(
727 "name" => "sambaIdMapping",
728 "type" => "bool",
729 "default" => FALSE,
730 "description" => "The 'sambaIdMapping' statement tells GOsa to maintain sambaIdmapEntry objects. Depending on your setup this can drastically improve the windows login performance.",
731 "check" => "gosaProperty::isBool",
732 "migrate" => "",
733 "group" => "samba",
734 "mandatory" => FALSE),
736 array(
737 "name" => "handleExpiredAccounts",
738 "type" => "bool",
739 "default" => TRUE,
740 "description" => "The 'handleExpiredAccounts' statement enables shadow attribute tests during the login to the GOsa web interface and forces password renewal or account lockout.",
741 "check" => "gosaProperty::isBool",
742 "migrate" => "",
743 "group" => "core",
744 "mandatory" => FALSE),
746 array(
747 "name" => "sambaSID",
748 "type" => "string",
749 "default" => "",
750 "description" => "The 'sambaSID' statement defines a samba SID if not available inside of the LDAP. You can retrieve the current sid by net getlocalsid.",
751 "check" => "",
752 "migrate" => "",
753 "group" => "samba",
754 "mandatory" => FALSE),
756 array(
757 "name" => "sambaRidBase",
758 "type" => "integer",
759 "default" => "",
760 "description" => "The 'sambaRidBase' statement defines the base id to add to ordinary sid calculations - if not available inside of the LDAP.",
761 "check" => "gosaProperty::isInteger",
762 "migrate" => "",
763 "group" => "samba",
764 "mandatory" => FALSE),
766 array(
767 "name" => "enableSnapshots",
768 "type" => "bool",
769 "default" => FALSE,
770 "description" => "The 'enableSnapshots' statement enables a snapshot mechaism in GOsa. This enables you to save certain states of entries and restore them later on.",
771 "check" => "gosaProperty::isBool",
772 "migrate" => "",
773 "group" => "snapshot",
774 "mandatory" => FALSE),
776 array(
777 "name" => "snapshotBase",
778 "type" => "dn",
779 "default" => "ou=snapshots,dc=localhost,dc=de",
780 "description" => "The 'snapshotBase' statement defines the base where snapshots should be stored inside of the LDAP.",
781 "check" => "gosaProperty::isDn",
782 "migrate" => "",
783 "group" => "snapshot",
784 "mandatory" => FALSE),
786 array(
787 "name" => "snapshotAdminDn",
788 "type" => "dn",
789 "default" => "cn=admin,dc=localhost,dc=de",
790 "description" => "The 'snapshotAdminDn' variable defines the user which is used to authenticate when connecting to 'snapshotURI'.",
791 "check" => "gosaProperty::isDn",
792 "migrate" => "",
793 "group" => "snapshot",
794 "mandatory" => FALSE),
796 array(
797 "name" => "snapshotAdminPassword",
798 "type" => "string",
799 "default" => "secret",
800 "description" => "The 'snapshotAdminPassword' variable defines the credentials which are used in combination with 'snapshotAdminDn' and 'snapshotURI' in order to authenticate.",
801 "check" => "",
802 "migrate" => "",
803 "group" => "snapshot",
804 "mandatory" => FALSE),
806 array(
807 "name" => "snapshotURI",
808 "type" => "uri",
809 "default" => "ldap://localhost:389",
810 "description" => "The 'snapshotURI' variable defines the LDAP URI for the server which is used to do object snapshots.",
811 "check" => "",
812 "migrate" => "",
813 "group" => "snapshot",
814 "mandatory" => FALSE)
815 ),
817 "plProvidedAcls" => array(
818 "accessTo" => _("System trust"),
819 "cn" => _("Name"),
820 "description" => _("Description"),
821 "sudoUser" => _("Users"),
822 "sudoHost" => _("Host"),
823 "sudoCommand" => _("Command"),
824 "sudoRunAs" => _("Run as user"),
825 "trustModel" => _("Access control list"))
826 )
827 );
828 }
829 }
830 ?>