Code

Added a description for the plInfo stuff
[gosa.git] / gosa-core / include / class_core.inc
1 <?php
3 /*
4  *   How to use plugin::plInfo()
5  *   ===================
6  *   
7  *   The function returns a descriptive array of the plugin,
8  *    which will then be used by GOsa to populate the plugin, its ACLs, 
9  *    its properties, its schema requirements aso.
10  *
11  *
12  *   The following values can be set:
13  *   ================================
14  *
15  *   plShortName    |-> The name of the plugin in short (e.g. Posix)
16  *                  |   This short-name will be shown for example in the ACL definitions.
17  *                  | 
18  *                  | 
19  *   plDescription  |-> A descriptive text for the plugin (e.g. User posix account extension)
20  *                  |   This will be shown in the ACL definitions.   
21  *                  | 
22  *                  | 
23  *   plSelfModify   |-> If set to true this plugin allows to set 'self' ACLs.
24  *                  |   For exampe to allow to change the users own password, but not the others.
25  *                  | 
26  *                  | 
27  *   plDepends      |-> The plugins dependencies to other classes (e.g. sambaAccount requires posixAccount)
28  *                  |  
29  *                  | 
30  *   plPriority     |-> The priority of the plugin, this influences the ACL listings only.
31  *                  | 
32  *                  | 
33  *   plSection      |-> The section of this plugin 'administration', 'personal', 'addons'
34  *                  | 
35  *                  | 
36  *   plCategory     |-> The plugin category this plugins belongs to (e.g. users, groups, departments) 
37  *                  | 
38  *                  | 
39  *   plRequirements |-> Plugin requirements. 
40  *                  | |
41  *                  | |-> [activePlugin]           The schame checks will only be performed if the given plugin is enabled
42  *                  | |                             in the gosa.conf definitions.
43  *                  | |                            Defaults to the current class name if empty.
44  *                  | |
45  *                  | |-> [ldapSchema]             An array of objectClass requirements.
46  *                  | |                            Syntax [[objectClass => 'version'], ... ]
47  *                  | |                            Version can be emtpy which just checks for the existence of the class.
48  *                  | |
49  *                  | |-> [onFailureDisablePlugin] A list of plugins that which will be disabled if the 
50  *                  |                               requirements couldn't be fillfulled.
51  *                  |
52  *                  |      ---------------------------------------------
53  *                  |      EXAMPLE:
54  *                  |      ---------------------------------------------
55  *                  |      "plRequirements"=> array(
56  *                  |         'activePlugin' => 'applicationManagement', 
57  *                  |         'ldapSchema' => array(
58  *                  |             'gosaObject' => '',
59  *                  |             'gosaAccount' => '>=2.7',
60  *                  |             'gosaLockEntry' => '>=2.7',
61  *                  |             'gosaDepartment' => '>=2.7',
62  *                  |             'gosaCacheEntry' => '>=2.7',
63  *                  |             'gosaProperties' => '>=2.7',
64  *                  |             'gosaConfig' => '>=2.7'
65  *                  |             ),
66  *                  |         'onFailureDisablePlugin' => array(get_class(), 'someClassName')
67  *                  |         ),
68  *                  |      ---------------------------------------------
69  *                  |
70  *                  |
71  *                  |         
72  *   plProvidedAcls |-> The ACLs provided by this plugin
73  *                  |
74  *                  |      ---------------------------------------------
75  *                  |      EXAMPLE:
76  *                  |      ---------------------------------------------
77  *                  |      "plProvidedAcls"=> array(
78  *                  |          'cn'             => _('Name'),
79  *                  |          'uid'            => _('Uid'),
80  *                  |          'phoneNumber'    => _('Phone number')
81  *                  |          ),
82  *                  |      ---------------------------------------------
83  *                  |
84  *                  |
85  *                  | 
86  *   plProperties   |-> Properties used by the plugin.
87  *                  |   Properties which are defined here will be modifyable using the property editor.
88  *                  |   To read properties you can use $config->get_cfg_value(className, propertyName)
89  *                  | 
90  *                  |      ---------------------------------------------
91  *                  |      EXAMPLE:
92  *                  |      ---------------------------------------------
93  *                  |      "plProperties"=> array(
94  *                  |         array(
95  *                  |             "name"          => "htaccessAuthentication",
96  *                  |             "type"          => "bool",
97  *                  |             "default"       => "false",
98  *                  |             "description"   => _("A description..."),
99  *                  |             "check"         => "gosaProperty::isBool",
100  *                  |             "migrate"       => "",
101  *                  |             "group"         => "authentification",
102  *                  |             "mandatory"     => TRUE
103  *                  |             ),
104  *                  |         ),
105  *                  |   See class_core.inc for a huge amount of examples.
106  */
109 class all extends plugin {
110     static function plInfo()
111     {
112         return (array(
113                     "plShortName"   => _("All"),
114                     "plDescription" => _("All objects"),
115                     "plSelfModify"  => TRUE,
116                     "plDepends"     => array(),
117                     "plPriority"    => 0,
118                     "plSection"     => array("administration"),
119                     "plCategory"    => array("all" => array("description" => '*&nbsp;'._("All"))),
120                     "plProvidedAcls"    => array())
121                );
122     }
125 class core extends plugin {
127     static function getPropertyValues($class,$name,$value,$type)
128     {
129         $list = array();
130         switch($name){
131             case 'idAllocationMethod':
132                 $list = array('traditional' => _('Traditional'), 'pool' => _('Use samba pool'));
133                 break;
134             case 'passwordDefaultHash':
135                 $tmp = passwordMethod::get_available_methods();
136                 foreach($tmp['name'] as $id => $method){
137                     $desc = $tmp[$id]['name'];
138                     $list[$method] = $desc;
139                 }
140                 break;
141             case 'theme':
142                 $cmd = "cd ../ihtml/themes; find . -name 'img.styles' | sed s/'^[^\/]*\/\([^\/]*\).*'/'\\1'/g";
143                 $res = `$cmd`  ; 
144                 $list = array();
145                 foreach(preg_split("/\n/",$res) as $entry){
146                     if(!empty($entry)){
147                         $list[$entry] = $entry;
148                     }
149                 }
150                 break;
151             case 'accountPrimaryAttribute':
152                 $list = array('uid' => 'uid', 'cn' => 'cn');
153                 break;
154             case 'loginAttribute':
155                 $list = array(
156                             'uid' => 'uid',
157                             'mail' => 'mail',
158                             'both' => 'uid & mail');
159                 break;
160             case 'timezone': 
161                 $tmp = timezone::_get_tz_zones();
162                 foreach($tmp['TIMEZONES'] as $name => $offset){
163                     if($offset >= 0){
164                         $list[$name] = $name." ( + ".sprintf("%0.2f",$offset/(60*60))." "._("hours").")";
165                     }else{
166                         $offset = $offset * -1;
167                         $list[$name] = $name." ( - ".sprintf("%0.2f",($offset/(60*60)))." "._("hours").")";
168                     }
169                 }
170                 break;
171             case 'mailAttribute':
172                 $list = array('mail' => 'mail','uid' => 'uid');
173                 break;
174             case 'mailMethod': 
175                 $list = mailMethod::get_methods();
176                 $list[''] = _("None");
177                 break;
178             case 'language':
179                 $tmp = get_languages(TRUE);
180                 $list[""] = _("Automatic");
181                 foreach($tmp as $key => $desc){
182                     $list[$key] = $desc;
183                 }
184                 break;
185             case 'modificationDetectionAttribute': 
186                 $list = array('entryCSN' => 'entryCSN (OpenLdap)','textCSN'=>'textCSN (Sun DS)');
187                 break;
188             default: echo $name." ";$list = array();
189         }
191         if(!isset($list[$value])){
192             $list[$value] = $value." ("._("User value").")";
193         }
195         return($list);
196     }
198     static function plInfo()
199     {
200         return (array(
201                     "plShortName" => _("Core"),
202                     "plDescription" => _("GOsa core plugin"),
203                     "plSelfModify"  => FALSE,
204                     "plDepends"     => array(),
205                     "plPriority"    => 0,
206                     "plSection"     => array("administration"),
208                     "plRequirements"=> array(
209                         'ldapSchema' => array(
210                             'gosaObject' => '>=2.7',
211                             'gosaAccount' => '>=2.7',
212                             'gosaLockEntry' => '>=2.7',
213                             'gosaDepartment' => '>=2.7',
214                             'gosaCacheEntry' => '>=2.7',
215                             'gosaProperties' => '>=2.7',
216                             'gosaConfig' => '>=2.7'
217                             ),
218                         'onFailureDisablePlugin' => array(get_class())
219                         ),
223                     "plCategory"    => array("all"),
224                     "plProperties"  => array(
226                         array(
227                             "name"          => "htaccessAuthentication",
228                             "type"          => "bool",
229                             "default"       => "false",
230                             "description"   => _("The 'htaccessAuthentication' variable tells GOsa to use either htaccess authentication or LDAP authentication. This can be used if you want to use i.e. kerberos to authenticate the users."),
231                             "check"         => "gosaProperty::isBool",
232                             "migrate"       => "",
233                             "group"         => "authentification",
234                             "mandatory"     => TRUE),
236                         array(
237                             "name"          => "logging",
238                             "type"          => "bool",
239                             "default"       => "true",
240                             "description"   => _("The 'logging' statement enables event logging on GOsa side. Setting it to 'true' GOsa will log every action a user performs via syslog. If you use rsyslog and configure it to mysql logging, you can browse all events within GOsa. GOsa will not log anything, if the logging value is empty or set to 'false'."),
242                             "check"         => "gosaProperty::isBool",
243                             "migrate"       => "",
244                             "group"         => "core",
245                             "mandatory"     => TRUE),
247                         array(
248                                 "name"          => "listSummary",
249                                 "type"          => "bool",
250                                 "default"       => "true",
251                                 "description"   => _("The 'listSummary' statement determines whether a status bar will be shown on the bottom of GOsa generated lists, displaying a short summary of type and number of elements in the list."),
252                                 "check"         => "gosaProperty::isBool",
253                                 "migrate"       => "",
254                                 "group"         => "visual",
255                                 "mandatory"     => FALSE),
257                         array(
258                                 "name"          => "passwordMinLength",
259                                 "type"          => "integer",
260                                 "default"       => "",
261                                 "description"   => _("The 'passwordMinLength' statement determines whether a newly entered password has to be of a minimum length."),
262                                 "check"         => "gosaProperty::isInteger",
263                                 "migrate"       => "",
264                                 "group"         => "password",
265                                 "mandatory"     => FALSE),
267                         array(
268                                 "name"          => "passwordMinDiffer",
269                                 "type"          => "integer",
270                                 "default"       => "",
271                                 "description"   => _("The 'passwordMinDiffer' statement determines whether a newly entered password has to be checked to have at least n different characters."),
272                                 "check"         => "gosaProperty::isInteger",
273                                 "migrate"       => "",
274                                 "group"         => "password",
275                                 "mandatory"     => FALSE),
277                         array(
278                                 "name"          => "passwordHook",
279                                 "type"          => "command",
280                                 "default"       => "",
281                                 "description"   => 
282                                 _("The 'passwordHook' can specify an external script to handle password settings at some other location besides the LDAP.")."&nbsp;".sprintf(_("It will be called this way: %s"),"/path/to/your/script \"username\" \"oldpassword\" \"newpassword\""),
283                         "check"         => "gosaProperty::isCommand",
284                                 "migrate"       => "",
285                                 "group"         => "password",
286                                 "mandatory"     => FALSE),
288                         array(
289                                 "name"          => "displayErrors",
290                                 "type"          => "bool",
291                                 "default"       => "false",
292                                 "description"   => _("The 'displayErrors' statement tells GOsa to show PHP errors in the upper part of the screen. This should be disabled in productive deployments, because there might be some important passwords arround.")." ".sprintf(_("The property '%s' may be interesting too."),'developmentMode'),
293                                 "check"         => "gosaProperty::isBool",
294                                 "migrate"       => "",
295                                 "group"         => "debug",
296                                 "mandatory"     => TRUE),
298                         array(
299                                 "name"          => "developmentMode",
300                                 "type"          => "bool",
301                                 "default"       => "false",
302                                 "description"   => _("The 'developmentMode' statement tells GOsa to show development related error messages, for example messages about missing ACL configuration or classes. Due to the fact that enabling this flag will result in a lot of false error messages it should only be enabled while developing or debugging plugins!"),
303                                 "check"         => "gosaProperty::isBool",
304                                 "migrate"       => "",
305                                 "group"         => "debug",
306                                 "mandatory"     => TRUE),
309                         array(
310                                 "name"          => "schemaCheck",
311                                 "type"          => "bool",
312                                 "default"       => "true",
313                                 "description"   => _("The 'schemaCheck' statement enables or disables schema checking during login. It is recommended to switch this on in order to let GOsa handle object creation more efficient."),
314                                 "check"         => "gosaProperty::isBool",
315                                 "migrate"       => "",
316                                 "group"         => "debug",
317                                 "mandatory"     => TRUE),
319                         array(
320                                 "name"          => "copyPaste",
321                                 "type"          => "bool",
322                                 "default"       => "false",
323                                 "description"   => _("The 'copyPaste' statement enables copy and paste for LDAP entries managed with GOsa."),
324                                 "check"         => "gosaProperty::isBool",
325                                 "migrate"       => "",
326                                 "group"         => "copyPaste",
327                                 "mandatory"     => TRUE),
329                         array(
330                                 "name"          => "forceGlobals",
331                                 "type"          => "bool",
332                                 "default"       => "false",
333                                 "description"   => _("The 'forceGlobals' statement enables PHP security checks to force register_global settings to be switched off."),
334                                 "check"         => "gosaProperty::isBool",
335                                 "migrate"       => "",
336                                 "group"         => "security",
337                                 "mandatory"     => TRUE),
339                         array(
340                                 "name"          => "forceSSL",
341                                 "type"          => "bool",
342                                 "default"       => "false",
343                                 "description"   => _("The 'forceSSL' statement enables PHP security checks to force encrypted access to the web interface. GOsa will try to redirect to the same URL - just with https://"),
344                                 "check"         => "gosaProperty::isBool",
345                                 "migrate"       => "",
346                                 "group"         => "security",
347                                 "mandatory"     => TRUE),
349                         array(
350                                 "name"          => "ldapStats",
351                                 "type"          => "bool",
352                                 "default"       => "false",
353                                 "description"   => _("Logs information about triggered ldap operations, duration, filter, aso. into syslog."),
354                                 "check"         => "gosaProperty::isBool",
355                                 "migrate"       => "",
356                                 "group"         => "debug",
357                                 "mandatory"     => FALSE),
359                         array(
360                                 "name"          => "ldapFollowReferrals",
361                                 "type"          => "bool",
362                                 "default"       => "false",
363                                 "description"   => _("The 'ldapFollowReferrals' statement tells GOsa to follow LDAP referrals."),
364                                 "check"         => "gosaProperty::isBool",
365                                 "migrate"       => "",
366                                 "group"         => "ldap",
367                                 "mandatory"     => TRUE),
369                         array(
370                                 "name"          => "ldapFilterNestingLimit",
371                                 "type"          => "integer",
372                                 "default"       => 200,
373                                 "description"   => _("The 'ldapFilterNestingLimit' statement can be used to speed up group handling for groups with several hundreds of members. The default behaviour is, that GOsa will resolv the memberUid values in a group to real names. To achieve this, it writes a single filter to minimize searches. Some LDAP servers (namely Sun DS) simply crash when the filter gets too big. You can set a member limit, where GOsa will stop to do these lookups."),
374                                 "check"         => "gosaProperty::isInteger",
375                                 "migrate"       => "",
376                                 "group"         => "ldap",
377                                 "mandatory"     => TRUE),
379                         array(
380                                 "name"          => "ldapSizelimit",
381                                 "type"          => "integer",
382                                 "default"       => 200,
383                                 "description"   => _("The ldapSizelimit statement tells GOsa to retrieve the specified maximum number of results. The user will get  a  warning,  that  not  all entries were shown."), 
384                                 "check"         => "gosaProperty::isInteger",
385                                 "migrate"       => "",
386                                 "group"         => "core",
387                                 "mandatory"     => TRUE),
389                         array(
390                                 "name"          => "ldapSizeIgnore",
391                                 "type"          => "bool",
392                                 "default"       => "false",
393                                 "description"   => _("Disables sizelimit checks, only the configured amount of results will be shown!"),
394                                 "check"         => "gosaProperty::isBool",
395                                 "migrate"       => "",
396                                 "group"         => "core",
397                                 "mandatory"     => FALSE),
399                         array(
400                                 "name"          => "warnSSL",
401                                 "type"          => "bool",
402                                 "default"       => "true",
403                                 "description"   => _("The 'warnSSL' statement enables PHP security checks to detect non encrypted access to the web interface. GOsa will display a warning in this case."),
404                                 "check"         => "gosaProperty::isBool",
405                                 "migrate"       => "",
406                                 "group"         => "security",
407                                 "mandatory"     => TRUE),
409                         array(
410                                 "name"          => "ppdGzip",
411                                 "type"          => "bool",
412                                 "default"       => "true",
413                                 "description"   => _("The 'ppdGzip' variable enables PPD file compression."),
414                                 "check"         => "gosaProperty::isBool",
415                                 "migrate"       => "",
416                                 "group"         => "ppd",
417                                 "mandatory"     => FALSE),
420                         array(
421                                 "name"          => "ignoreAcl",
422                                 "type"          => "dn",
423                                 "default"       => "",
424                                 "description"   => _("The 'ignoreAcl' value tells GOsa to ignore complete ACL sets for the given DN. Add your DN here and you'll be able to restore accidently dropped ACLs."),
425                                 "check"         => "gosaProperty::isDN",
426                                 "migrate"       => "",
427                                 "group"         => "debug",
428                                 "mandatory"     => FALSE),
431                         array(
432                                 "name"          => "ppdPath",
433                                 "type"          => "path",
434                                 "default"       => "/var/spool/ppd",
435                                 "description"   => _("The 'ppdPath' variable defines where to store PPD files for the GOto environment plugins."),
436                                 "check"         => "gosaProperty::isPath",
437                                 "migrate"       => "",
438                                 "group"         => "ppd",
439                                 "mandatory"     => FALSE),
441                         array(
442                                 "name"          => "ldapMaxQueryTime",
443                                 "type"          => "integer",
444                                 "default"       => "",
445                                 "description"   => _("The 'ldapMaxQueryTime' statement tells GOsa to stop LDAP actions if there is no answer within the specified number of seconds."),
446                                 "check"         => "gosaProperty::isInteger",
447                                 "migrate"       => "",
448                                 "group"         => "debug",
449                                 "mandatory"     => FALSE),
451                         array(
452                                 "name"          => "storeFilterSettings",
453                                 "type"          => "bool",
454                                 "default"       => "true",
455                                 "description"   => _("The 'storeFilterSettings' statement determines whether GOsa should store filter and plugin settings inside of a cookie."),
456                                 "check"         => "gosaProperty::isBool",
457                                 "migrate"       => "",
458                                 "group"         => "core",
459                                 "mandatory"     => FALSE),
461                         array(
462                                 "name"          => "sendCompressedOutput",
463                                 "type"          => "bool",
464                                 "default"       => "true",
465                                 "description"   => _("The 'sendCompressedOutput' statement determines whether PHP should send compressed HTML pages to browsers or not. This may increase or decrease the performance, depending on your network."),
466                                 "check"         => "gosaProperty::isBool",
467                                 "migrate"       => "",
468                                 "group"         => "core",
469                                 "mandatory"     => FALSE),
471                         array(
472                                 "name"          => "modificationDetectionAttribute",
473                                 "type"          => "switch",
474                                 "default"       => "entryCSN",
475                                 "defaults"      => "core::getPropertyValues",
476                                 "description"   => _("The 'modificationDetectionAttribute' statement enables GOsa to check if a entry currently being edited has been modified from someone else outside GOsa in the meantime. It will display an informative dialog then. It can be set to 'entryCSN' for OpenLDAP based systems or 'contextCSN' for Sun DS based systems."),
477                                 "check"         => "",
478                                 "migrate"       => "",
479                                 "group"         => "core",
480                                 "mandatory"     => TRUE),
482                         array(
483                                 "name"          => "language",
484                                 "type"          => "switch",
485                                 "default"       => "",
486                                 "defaults"      => "core::getPropertyValues",
487                                 "description"   => _("The 'language' statement defines the default language used by GOsa. Normally GOsa autodetects the language from the browser settings. If this is not working or you want to force the language, just add the language code (i.e. de for german) here."),
488                                 "check"         => "",
489                                 "migrate"       => "",
490                                 "group"         => "core",
491                                 "mandatory"     => FALSE),
493                         array(
494                                 "name"          => "theme",
495                                 "type"          => "switch",
496                                 "default"       => "default",
497                                 "defaults"      => "core::getPropertyValues",
498                                 "description"   => _("The 'theme' statement defines what theme is used to display GOsa pages. You can install some corporate identity like theme and/or modify certain templates to fit your needs within themes. Take a look at the GOsa FAQ for more information."),
499                                 "check"         => "",
500                                 "migrate"       => "",
501                                 "group"         => "visual",
502                                 "mandatory"     => TRUE),
504                         array(
505                                 "name"          => "sessionLifetime",
506                                 "type"          => "integer",
507                                 "default"       => 600,
508                                 "description"   => _("The 'sessionLifetime' value defines when a session will expire in seconds. For Debian systems, this will not work because the sessions will be removed by a cron job instead. Please modify the value inside of your php.ini instead."),
509                                 "check"         => "gosaProperty::isInteger",
510                                 "migrate"       => "",
511                                 "group"         => "security",
512                                 "mandatory"     => FALSE),
514                         array(
515                                 "name"          => "templateCompileDirectory",
516                                 "type"          => "path",
517                                 "default"       => "/var/spool/gosa",
518                                 "description"   => _("The 'templateCompileDirectory' statements defines the path, where the PHP templating engins 'smarty' should store its compiled GOsa templates for improved speed. This path needs to be writeable by the user your webserver is running with."),
519                                 "check"         => "gosaProperty::isWriteablePath",
520                                 "migrate"       => "",
521                                 "group"         => "core",
522                                 "mandatory"     => TRUE),
524                         array(
525                                 "name"          => "debugLevel",
526                                 "type"          => "integer",
527                                 "default"       => 0,
528                                 "description"   => sprintf(_("The 'debugLevel' value tells GOsa to display certain information on each page load. Value is an AND combination of the following byte values: %s"),
530 DEBUG_TRACE   = 1
531 DEBUG_LDAP    = 2
532 DEBUG_MYSQL   = 4
533 DEBUG_SHELL   = 8
534 DEBUG_POST    = 16
535 DEBUG_SESSION = 32
536 DEBUG_CONFIG  = 64
537 DEBUG_ACL     = 128
538 DEBUG_SI      = 256"),
539                                 "check"         => "gosaProperty::isInteger",
540                                 "migrate"       => "",
541                                 "group"         => "debug",
542                                 "mandatory"     => FALSE),
544                         array(
545                                 "name"          => "sambaHashHook",
546                                 "type"          => "command",
547                                 "default"       => "perl -MCrypt::SmbHash -e \"print join(q[:], ntlmgen \\\$ARGV[0]), $/;\"",
548                                 "description"   => sprintf(_("The 'sambaHashHook' statement contains an executable to generate samba hash values. This is required for password synchronization, but not required if you apply gosa-si services. If you don't have mkntpasswd from the samba distribution installed, you can use perl to generate the hash: %s"),"perl -MCrypt::SmbHash -e \"print join(q[:], ntlmgen \\\$ARGV[0]), $/;\""),
549                                 "check"         => "gosaProperty::isCommand",
550                                 "migrate"       => "",
551                                 "group"         => "samba",
552                                 "mandatory"     => FALSE),
554                         array(
555                                 "name"          => "passwordDefaultHash",
556                                 "type"          => "switch",
557                                 "default"       => "crypt/md5",
558                                 "defaults"      => "core::getPropertyValues",
559                                 "description"   => _("The 'passwordDefaultHash' statement defines the default password hash to choose for new accounts."),
560                                 "check"         => "",
561                                 "migrate"       => "",
562                                 "group"         => "password",
563                                 "mandatory"     => FALSE),
564                         array(
565                                 "name"          => "strictPasswordRules",
566                                 "type"          => "bool",
567                                 "default"       => "true",
568                                 "description"   => _("The 'strictPasswordRules' tells GOsa to check for UTF-8 characters in the supplied password. These Characters can lead to non working authentications if UTF-8 and none UTF-8 systems locales get mixed. The default is 'true'."),
569                                 "check"         => "gosaProperty::isBool",
570                                 "migrate"       => "",
571                                 "group"         => "password",
572                                 "mandatory"     => FALSE),
574                         array(
575                                 "name"          => "accountPrimaryAttribute",
576                                 "type"          => "switch",
577                                 "default"       => "cn",
578                                 "defaults"      => "core::getPropertyValues",
579                                 "description"   => _("The 'accountPrimaryAttribute' option tells GOsa how to create new accounts. Possible values are 'uid' and 'cn'. In the first case GOsa creates uid style DN entries: 'uid=superuser,ou=staff,dc=example,dc=net'. In the second case, GOsa creates cn style DN entries: 'cn=Foo Bar,ou=staff,dc=example,dc=net'. If you choose \"cn\" to be your 'accountPrimaryAttribute' you can decide whether to include the personal title in your dn by selecting 'personalTitleInDN'."),
580                                 "check"         => "",
581                                 "migrate"       => "",
582                                 "group"         => "security",
583                                 "mandatory"     => TRUE),
585                         array(
586                                 "name"          => "userRDN",
587                                 "type"          => "rdn",
588                                 "default"       => "ou=people,",
589                                 "description"   => _("The 'userRDN' statement defines the location where new accounts will be created inside of defined departments. The default is 'ou=people'."),
590                                 "check"         => "gosaProperty::isRdn",
591                                 "migrate"       => "migrate_userRDN", 
592                                 "group"         => "user",
593                                 "mandatory"     => FALSE),
595                         array(
596                                 "name"          => "groupRDN",
597                                 "type"          => "rdn",
598                                 "default"       => "ou=groups,",
599                                 "description"   => _("The 'groupsRDN' statement defines the location where new groups will be created inside of defined departments. The default is 'ou=groups'."),
600                                 "check"         => "gosaProperty::isRdn",
601                                 "migrate"       => "migrate_groupRDN",
602                                 "group"         => "group",
603                                 "mandatory"     => FALSE),
605                         array(
606                                 "name"          => "gidNumberBase",
607                                 "type"          => "integer",
608                                 "default"       => "1000",
609                                 "description"   => _("The 'gidNumberBase' statement defines where to start looking for a new free group id. This should be synced with your 'adduser.conf' to avoid overlapping gidNumber values between local and LDAP based lookups. The gidNumberBase can even be dynamic. Take a look at the 'nextIdHook' definition."),
610                                 "check"         => "gosaProperty::isInteger",
611                                 "migrate"       => "",
612                                 "group"         => "id",
613                                 "mandatory"     => TRUE),
615                        array(
616                                 "name"          => "baseIdHook",
617                                 "type"          => "command",
618                                 "default"       => "",
619                                 "description"   => _("The 'baseIdHook' statement allows to hook into the id generation method (traditional mode), to define the starting range for new generated ids"), 
620                                 "check"         => "gosaProperty::isCommand",
621                                 "migrate"       => "",
622                                 "group"         => "id",
623                                 "mandatory"     => FALSE),
625                         array(
626                                 "name"          => "gidNumberPoolMin",
627                                 "type"          => "integer",
628                                 "default"       => 10000,
629                                 "description"   => _("The 'uidNumberPoolMin/gidNumberPoolMin' statement defines the lowest assignable user/group id for use with the 'idAllocationMethod = pool'."),
630                                 "check"         => "gosaProperty::isInteger",
631                                 "migrate"       => "",
632                                 "group"         => "id",
633                                 "mandatory"     => FALSE),
635                         array(
636                                 "name"          => "gidNumberPoolMax",
637                                 "type"          => "integer",
638                                 "default"       => 40000,
639                                 "description"   => _("The 'uidNumberPoolMax/gidNumberPoolMax' statement defines the highest assignable user/group id for use with the 'idAllocationMethod = pool'."),
640                                 "check"         => "gosaProperty::isInteger",
641                                 "migrate"       => "",
642                                 "group"         => "id",
643                                 "mandatory"     => FALSE),
645                         array(
646                                 "name"          => "uidNumberPoolMin",
647                                 "type"          => "integer",
648                                 "default"       => 10000,
649                                 "description"   => _("The 'uidNumberPoolMin/gidNumberPoolMin' statement defines the lowest assignable user/group id for use with the 'idAllocationMethod = pool'."),
650                                 "check"         => "gosaProperty::isInteger",
651                                 "migrate"       => "",
652                                 "group"         => "id",
653                                 "mandatory"     => FALSE),
655                         array(
656                                 "name"          => "uidNumberPoolMax",
657                                 "type"          => "integer",
658                                 "default"       => 40000,
659                                 "description"   => _("The 'uidNumberPoolMax/gidNumberPoolMax' statement defines the highest assignable user/group id for use with the 'idAllocationMethod = pool'."),
660                                 "check"         => "gosaProperty::isInteger",
661                                 "migrate"       => "",
662                                 "group"         => "id",
663                                 "mandatory"     => FALSE),
665                         array(
666                                 "name"          => "uidNumberBase",
667                                 "type"          => "integer",
668                                 "default"       => "1000",
669                                 "description"   => _("The 'uidNumberBase' statement defines where to start looking for a new free user id. This should be synced with your 'adduser.conf' to avoid overlapping uidNumber values between local and LDAP based lookups. The uidNumberBase can even be dynamic. Take a look at the 'baseIdHook' definition."),
670                                 "check"         => "gosaProperty::isInteger",
671                                 "migrate"       => "",
672                                 "group"         => "id",
673                                 "mandatory"     => FALSE),
675                         array(
676                                 "name"          => "gosaRpcServer",
677                                 "type"          => "string",
678                                 "default"       => "",
679                                 "description"   => "The server to use for RPC connections! (http://localhost:8080/rpc), Future GOsa-ng service! If this value is set and not empty GOsa will try to establish a connection!",
680                                 "check"         => "",
681                                 "migrate"       => "",
682                                 "group"         => "rpc",
683                                 "mandatory"     => FALSE),
685                         array(
686                                 "name"          => "gosaRpcUser",
687                                 "type"          => "string",
688                                 "default"       => "admin",
689                                 "description"   => "Ther username to use for RPC connections! Future GOsa-ng service!",
690                                 "check"         => "",
691                                 "migrate"       => "",
692                                 "group"         => "rpc",
693                                 "mandatory"     => FALSE),
695                         array(
696                                 "name"          => "gosaRpcPassword",
697                                 "type"          => "string",
698                                 "default"       => "tester",
699                                 "description"   => "Ther password to use for RPC connections! Future GOsa-ng service!",
700                                 "check"         => "",
701                                 "migrate"       => "",
702                                 "group"         => "rpc",
703                                 "mandatory"     => FALSE),
705                         array(
706                                 "name"          => "gosaSupportURI",
707                                 "type"          => "string",
708                                 "default"       => "",
709                                 "description"   => _("The 'gosaSupportURI' defines the major gosa-si server host and the password for GOsa to connect to it. It can be used if you want to use i.e. kerberos to authenticate the users. The format is: credentials@host:port"),
710                                 "check"         => "",
711                                 "migrate"       => "",
712                                 "group"         => "gosa-si",
713                                 "mandatory"     => FALSE),
715                         array(
716                                 "name"          => "gosaSupportTimeout",
717                                 "type"          => "integer",
718                                 "default"       => 15,
719                                 "description"   => _("The 'gosaSupportTimeout' sets a connection timeout for all gosa-si actions. See 'gosaSupportURI' for details."),
720                                 "check"         => "gosaProperty::isInteger",
721                                 "migrate"       => "",
722                                 "group"         => "gosa-si",
723                                 "mandatory"     => FALSE),
725                         array(
726                                 "name"          => "loginAttribute",
727                                 "type"          => "switch",
728                                 "default"       => "uid",
729                                 "defaults"      => "core::getPropertyValues",
730                                 "description"   => _("The 'loginAttribute' statement tells GOsa which LDAP attribute is used as the login name during login. It can be set to 'uid', 'mail' or 'both'"),
731                                 "check"         => "",
732                                 "migrate"       => "",
733                                 "group"         => "security",
734                                 "mandatory"     => TRUE),
736                         array(
737                                 "name"          => "timezone",
738                                 "type"          => "switch",
739                                 "default"       => "",
740                                 "defaults"      => "core::getPropertyValues",
741                                 "description"   => _("The 'timezone' statements defines the timezone used inside of GOsa to handle date related tasks, such as password expiery, vacation messages, etc. The 'timezone' value should be a unix conform timezone value like in /etc/timezone."),
742                                 "check"         => "",
743                                 "migrate"       => "",
744                                 "group"         => "core",
745                                 "mandatory"     => FALSE),
747                         array(
748                                 "name"          => "honourUnitTags",
749                                 "type"          => "bool",
750                                 "default"       => "false",
751                                 "description"   => _("The 'honourUnitTags' statement enables checking of 'unitTag' attributes when using administrative units. If this is set to 'true' GOsa can only see objects inside the administrative unit a user is logged into."),
752                                 "check"         => "",
753                                 "migrate"       => "",
754                                 "group"         => "core",
755                                 "mandatory"     => FALSE),
757                         array(
758                                 "name"          => "useSaslForKerberos",
759                                 "type"          => "bool",
760                                 "default"       => "false",
761                                 "description"   => _("The 'useSaslForKerberos' statement defines the way the kerberos realm is stored in the #userPassword' attribute. Set it to 'true' in order to get {sasl}user@REALM.NET, or to 'false' to get {kerberos}user@REALM.NET. The latter is outdated, but may be needed from time to time."),
762                                 "check"         => "gosaProperty::isBool",
763                                 "migrate"       => "",
764                                 "group"         => "password",
765                                 "mandatory"     => FALSE),
767                         array(
768                                 "name"          => "rfc2307bis",
769                                 "type"          => "bool",
770                                 "default"       => "false",
771                                 "description"   => _("The 'rfc2307bis' statement enables rfc2307bis style groups in GOsa. You can use 'member' attributes instead of memberUid in this case. To make it work on unix systems, you've to adjust your NSS configuration to use rfc2307bis style groups, too"),
772                                 "check"         => "gosaProperty::isBool",
773                                 "migrate"       => "",
774                                 "group"         => "core",
775                                 "mandatory"     => FALSE),
777                         array(
778                                 "name"          => "personalTitleInDN",
779                                 "type"          => "bool",
780                                 "default"       => "false",
781                                 "description"   => _("The 'personalTitleInDN' option tells GOsa to include the personal title in user DNs when #accountPrimaryAttribute' is set to \"cn\"."),
782                                 "check"         => "gosaProperty::isBool",
783                                 "migrate"       => "",
784                                 "group"         => "storage location",
785                                 "mandatory"     => FALSE),
787                         array(
788                                 "name"          => "nextIdHook",
789                                 "type"          => "command",
790                                 "default"       => "",
791                                 "description"   => _("The 'nextIdHook' statement defines a script to be called for finding the next free id for users or groups externaly. It gets called with the current entry \"dn\" and the attribute to be ID'd. It should return an integer value."),
792                                 "check"         => "gosaProperty::isCommand",
793                                 "migrate"       => "",
794                                 "group"         => "id",
795                                 "mandatory"     => FALSE),
797                         array(
798                                 "name"          => "idGenerator",
799                                 "type"          => "string",
800                                 "default"       => "{%sn}-{%givenName[2-4]}",
801                                 "description"   => _("The 'idGenerator' statement describes an automatic way to generate new user ids. There are two basic functions supported - which can be combined: 
803  a) using attributes
805     You can specify LDAP attributes (currently only sn and givenName) in
806     braces {} and add a percent sign befor it. Optionally you can strip it
807     down to a number of characters, specified in []. I.e.
809       idGenerator=\"{%sn}-{%givenName[2-4]}\"
811     will generate an ID using the full surename, adding a dash, and adding at
812     least the first two characters of givenName. If this ID is used, it'll
813     use up to four characters. If no automatic generation is possible, a
814     input box is shown.
816  b) using automatic id's
818     I.e. specifying
820       idGenerator=\"acct{id:3}\"
822     will generate a three digits id with the next free entry appended to \"acct\".
824       idGenerator=\"acct{id!1}\"
826     will generate a one digit id with the next free entry appended to \"acct\" - if needed.
828       idGenerator=\"ext{id#3}\"
830     will generate a three digits random number appended to \"ext\".
831 "),
832                                 "check"         => "",
833                                 "migrate"       => "",
834                                 "group"         => "core",
835                                 "mandatory"     => FALSE),
837                         array(
838                                 "name"          => "strictNamingRules",
839                                 "type"          => "bool",
840                                 "default"       => "true",
841                                 "description"   => _("The 'strictNamingRules' statement enables strict checking of uids and group names. If you need   characters like . or - inside of your accounts, set this to 'false'."),
842                                 "check"         => "gosaProperty::isBool",
843                                 "migrate"       => "",
844                                 "group"         => "core",
845                                 "mandatory"     => FALSE),
847                         array(
848                                 "name"          => "minId",
849                                 "type"          => "integer",
850                                 "default"       => 40,
851                                 "description"   => _("The 'minId' statement defines the minimum assignable user or group id to avoid security leaks with uid 0 accounts. This is used for the 'traditional' method."),
852                                 "check"         => "gosaProperty::isInteger",
853                                 "migrate"       => "",
854                                 "group"         => "id",
855                                 "mandatory"     => FALSE),
857                         array(
858                                 "name"          => "mailAttribute",
859                                 "type"          => "switch",
860                                 "default"       => "mail",
861                                 "defaults"      => "core::getPropertyValues",
862                                 "description"   => _("The 'mailAttribute' statement determines which attribute GOsa will use to create accounts. Valid values are 'mail' and 'uid'."),
863                                 "check"         => "",
864                                 "migrate"       => "",
865                                 "group"         => "mail",
866                                 "mandatory"     => FALSE),
868                         array(
869                                 "name"          => "gosaSharedPrefix",
870                                 "type"          => "string",
871                                 "default"       => "",
872                                 "description"   => _("This attribute allows to override the prefix used to create shared folders."),
873                                 "check"         => "",
874                                 "migrate"       => "",
875                                 "group"         => "mail",
876                                 "mandatory"     => FALSE),
878                         array(
879                                 "name"          => "mailUserCreation",
880                                 "type"          => "string",
881                                 "default"       => "",
882                                 "description"   => _("This attribute allows to override the user account creation syntax, see the 'mailFolderCreation' description for more details.
884 Examples
885  mailUserCreation=\"%prefix%%uid%\"           => \"user.foobar\"
886  mailUserCreation=\"my-prefix.%uid%%domain%\"  => \"my-prefix.foobar@example.com\"
887 "),
888                                 "check"         => "",
889                                 "migrate"       => "",
890                                 "group"         => "mail",
891                                 "mandatory"     => FALSE),
893                         array(
894                                 "name"          => "mailFolderCreation",
895                                 "type"          => "string",
896                                 "default"       => "",
897                                 "description"   => _("Every mail method has its own way to create mail accounts like 'share/development' or 'shared.development@example.com' which is used to identify the accounts, set quotas or add acls.
899 To override the methods default account creation syntax, you can set the 'mailFolderCreation' option.
901 Examples
903  mailFolderCreation=\"%prefix%%cn%\"              => \"shared.development\"
904  mailFolderCreation=\"my-prefix.%cn%%domain%\"    => \"my-prefix.development@example.com\"
906  %prefix%    The methods default prefix. (Depends on cyrusUseSlashes=FALSE/TRUE)
907  %cn%        The groups/users cn.
908  %uid%       The users uid.
909  %mail%      The objects mail attribute.
910  %domain%    The domain part of the objects mail attribute.
911  %mailpart%  The user address part of the mail address.
912  %uattrib%   Depends on mailAttribute=\"uid/mail\".
913 "),
914                                 "check"         => "",
915                                 "migrate"       => "",
916                                 "group"         => "mail",
917                                 "mandatory"     => FALSE),
919                         array(
920                                 "name"          => "imapTimeout",
921                                 "type"          => "integer",
922                                 "default"       => 10,
923                                 "description"   => _("The 'imapTimeout' statement sets the connection timeout for imap actions."),
924                                 "check"         => "gosaProperty::isInteger",
925                                 "migrate"       => "",
926                                 "group"         => "mail",
927                                 "mandatory"     => FALSE),
929                         array(
930                                 "name"          => "mailMethod",
931                                 "type"          => "switch",
932                                 "default"       => "",
933                                 "defaults"      => "core::getPropertyValues",
934                                 "description"   => _("The 'mailMethod' statement tells GOsa which mail method the setup should use to communicate with a possible mail server. Leave this undefined if your mail method does not match the predefined ones."),
935                                 "check"         => "",
936                                 "migrate"       => "",
937                                 "group"         => "mail",
938                                 "mandatory"     => FALSE),
940                         array(
941                                 "name"          => "cyrusUseSlashes",
942                                 "type"          => "bool",
943                                 "default"       => "true",
944                                 "description"   => _("The 'cyrusUseSlashes' statement determines if GOsa should use \"foo/bar\" or \"foo.bar\" namespaces in IMAP. Unix style is with slashes."),
945                                 "check"         => "gosaProperty::isBool",
946                                 "migrate"       => "",
947                                 "group"         => "mail",
948                                 "mandatory"     => FALSE),
950                         array(
951                                 "name"          => "vacationTemplateDirectory",
952                                 "type"          => "path",
953                                 "default"       => "/etc/gosa/vacation",
954                                 "description"   => _("The 'vacationTemplateDirectory' statement sets the path where GOsa will look for vacation message templates. Default is /etc/gosa/vacation. 
956 Example template /etc/gosa/vacation/business.txt:
958    DESC:Away from desk
959    Hi, I'm currently away from my desk. You can contact me on
960    my cell phone via %mobile.
962    Greetings,
963    %givenName %sn
965 "),
966                                 "check"         => "gosaProperty::isWriteablePath",
967                                 "migrate"       => "",
968                                 "group"         => "mail",
969                                 "mandatory"     => FALSE),
971                         array(
972                                 "name"          => "ldapTLS",
973                                 "type"          => "bool",
974                                 "default"       => "false",
975                                 "description"   => _("The 'ldapTLS' statement enables or disables TLS operating on LDAP connections."),
976                                 "check"         => "gosaProperty::isBool",
977                                 "migrate"       => "",
978                                 "group"         => "security",
979                                 "mandatory"     => TRUE),
981                         array(
982                                 "name"          => "honourIvbbAttributes",
983                                 "type"          => "bool",
984                                 "default"       => "false",
985                                 "description"   => _("The 'honourIvbbAttributes' statement enables the IVBB mode inside of GOsa. You need the ivbb.schema file from used by german authorities."),
986                                 "check"         => "gosaProperty::isBool",
987                                 "migrate"       => "",
988                                 "group"         => "core",
989                                 "mandatory"     => FALSE),
991                         array(
992                                 "name"          => "sambaIdMapping",
993                                 "type"          => "bool",
994                                 "default"       => "false",
995                                 "description"   => _("The 'sambaIdMapping' statement tells GOsa to maintain sambaIdmapEntry objects. Depending on your setup this can drastically improve the windows login performance."),
996                                 "check"         => "gosaProperty::isBool",
997                                 "migrate"       => "",
998                                 "group"         => "samba",
999                                 "mandatory"     => FALSE),
1001                         array(
1002                                 "name"          => "handleExpiredAccounts",
1003                                 "type"          => "bool",
1004                                 "default"       => "true",
1005                                 "description"   => _("The 'handleExpiredAccounts' statement enables shadow attribute tests during the login to the GOsa web interface and forces password renewal or account lockout."),
1006                                 "check"         => "gosaProperty::isBool",
1007                                 "migrate"       => "",
1008                                 "group"         => "core",
1009                                 "mandatory"     => FALSE),
1011                         array(
1012                                 "name"          => "sambaSID",
1013                                 "type"          => "string",
1014                                 "default"       => "",
1015                                 "description"   => _("The 'sambaSID' statement defines a samba SID if not available inside of the LDAP. You can retrieve the current sid by net getlocalsid."),
1016                                 "check"         => "",
1017                                 "migrate"       => "",
1018                                 "group"         => "samba",
1019                                 "mandatory"     => FALSE),
1021                         array(
1022                                 "name"          => "sambaRidBase",
1023                                 "type"          => "integer",
1024                                 "default"       => "",
1025                                 "description"   => _("The 'sambaRidBase' statement defines the base id to add to ordinary sid calculations - if not available inside of the LDAP."),
1026                                 "check"         => "gosaProperty::isInteger",
1027                                 "migrate"       => "",
1028                                 "group"         => "samba",
1029                                 "mandatory"     => FALSE),
1031                         array(
1032                                 "name"          => "enableSnapshots",
1033                                 "type"          => "bool",
1034                                 "default"       => "false",
1035                                 "description"   => _("The 'enableSnapshots' statement enables a snapshot mechaism in GOsa. This enables you to save certain states of entries and restore them later on."),
1036                                 "check"         => "gosaProperty::isBool",
1037                                 "migrate"       => "",
1038                                 "group"         => "snapshot",
1039                                 "mandatory"     => TRUE),
1041                         array(
1042                                 "name"          => "snapshotBase",
1043                                 "type"          => "dn",
1044                                 "default"       => "ou=snapshots,dc=localhost,dc=de",
1045                                 "description"   => _("The 'snapshotBase' statement defines the base where snapshots should be stored inside of the LDAP."),
1046                                 "check"         => "gosaProperty::isDn",
1047                                 "migrate"       => "",
1048                                 "group"         => "snapshot",
1049                                 "mandatory"     => FALSE),
1051                         array(
1052                                 "name"          => "snapshotAdminDn",
1053                                 "type"          => "dn",
1054                                 "default"       => "cn=admin,dc=localhost,dc=de",
1055                                 "description"   => _("The 'snapshotAdminDn' variable defines the user which is used to authenticate when connecting to 'snapshotURI'."),
1056                                 "check"         => "gosaProperty::isDn",
1057                                 "migrate"       => "",
1058                                 "group"         => "snapshot",
1059                                 "mandatory"     => FALSE),
1061                         array(
1062                                 "name"          => "snapshotAdminPassword",
1063                                 "type"          => "string",
1064                                 "default"       => "secret",
1065                                 "description"   => _("The 'snapshotAdminPassword' variable defines the credentials which are used in combination with 'snapshotAdminDn' and 'snapshotURI' in order to authenticate."),
1066                                 "check"         => "",
1067                                 "migrate"       => "",
1068                                 "group"         => "snapshot",
1069                                 "mandatory"     => FALSE),
1071                         array(
1072                                 "name"          => "idAllocationMethod",
1073                                 "type"          => "switch",
1074                                 "default"       => "traditional",
1075                                 "defaults"      => "core::getPropertyValues",
1076                                 "description"   => _("The 'idAllocationMethod' statement defines how GOsa generates numeric user and group id values. If it is set to 'traditional' GOsa will do create a lock and perform a search for the next free ID. The lock will be removed after the procedure completes. 'pool' will use the sambaUnixIdPool objectclass settings inside your LDAP. This one is unsafe, because it does not check for concurrent LDAP access and already used IDs in this range. On the other hand it is much faster."),
1077                                 "check"         => "",
1078                                 "migrate"       => "",
1079                                 "group"         => "id",
1080                                 "mandatory"     => TRUE),
1081                         array(
1082                                 "name"          => "snapshotURI",
1083                                 "type"          => "uri",
1084                                 "default"       => "ldap://localhost:389",
1085                                 "description"   => _("The 'snapshotURI' variable defines the LDAP URI for the server which is used to do object snapshots."),
1086                                 "check"         => "",
1087                                 "migrate"       => "",
1088                                 "group"         => "snapshot",
1089                                 "mandatory"     => FALSE)
1090                             )));
1091     }
1093 ?>