1 <?php
3 /*
4 * How to use plugin::plInfo()
5 * ===================
6 *
7 * The function returns a descriptive array of the plugin,
8 * which will then be used by GOsa to populate the plugin, its ACLs,
9 * its properties, its schema requirements aso.
10 *
11 *
12 * The following values can be set:
13 * ================================
14 *
15 * plShortName |-> The name of the plugin in short (e.g. Posix)
16 * | This short-name will be shown for example in the ACL definitions.
17 * |
18 * |
19 * plDescription |-> A descriptive text for the plugin (e.g. User posix account extension)
20 * | This will be shown in the ACL definitions.
21 * |
22 * |
23 * plSelfModify |-> If set to true this plugin allows to set 'self' ACLs.
24 * | For exampe to allow to change the users own password, but not the others.
25 * |
26 * |
27 * plDepends |-> The plugins dependencies to other classes (e.g. sambaAccount requires posixAccount)
28 * |
29 * |
30 * plPriority |-> The priority of the plugin, this influences the ACL listings only.
31 * |
32 * |
33 * plSection |-> The section of this plugin 'administration', 'personal', 'addons'
34 * |
35 * |
36 * plCategory |-> The plugin category this plugins belongs to (e.g. users, groups, departments)
37 * |
38 * |
39 * plRequirements |-> Plugin requirements.
40 * | |
41 * | |-> [activePlugin] The schame checks will only be performed if the given plugin is enabled
42 * | | in the gosa.conf definitions.
43 * | | Defaults to the current class name if empty.
44 * | |
45 * | |-> [ldapSchema] An array of objectClass requirements.
46 * | | Syntax [[objectClass => 'version'], ... ]
47 * | | Version can be emtpy which just checks for the existence of the class.
48 * | |
49 * | |-> [onFailureDisablePlugin] A list of plugins that which will be disabled if the
50 * | requirements couldn't be fillfulled.
51 * |
52 * | ---------------------------------------------
53 * | EXAMPLE:
54 * | ---------------------------------------------
55 * | "plRequirements"=> array(
56 * | 'activePlugin' => 'applicationManagement',
57 * | 'ldapSchema' => array(
58 * | 'gosaObject' => '',
59 * | 'gosaAccount' => '>=2.7',
60 * | 'gosaLockEntry' => '>=2.7',
61 * | 'gosaDepartment' => '>=2.7',
62 * | 'gosaCacheEntry' => '>=2.7',
63 * | 'gosaProperties' => '>=2.7',
64 * | 'gosaConfig' => '>=2.7'
65 * | ),
66 * | 'onFailureDisablePlugin' => array(get_class(), 'someClassName')
67 * | ),
68 * | ---------------------------------------------
69 * |
70 * |
71 * |
72 * plProvidedAcls |-> The ACLs provided by this plugin
73 * |
74 * | ---------------------------------------------
75 * | EXAMPLE:
76 * | ---------------------------------------------
77 * | "plProvidedAcls"=> array(
78 * | 'cn' => _('Name'),
79 * | 'uid' => _('Uid'),
80 * | 'phoneNumber' => _('Phone number')
81 * | ),
82 * | ---------------------------------------------
83 * |
84 * |
85 * |
86 * plProperties |-> Properties used by the plugin.
87 * | Properties which are defined here will be modifyable using the property editor.
88 * | To read properties you can use $config->get_cfg_value(className, propertyName)
89 * |
90 * | ---------------------------------------------
91 * | EXAMPLE:
92 * | ---------------------------------------------
93 * | "plProperties"=> array(
94 * | array(
95 * | "name" => "htaccessAuthentication",
96 * | "type" => "bool",
97 * | "default" => "false",
98 * | "description" => _("A description..."),
99 * | "check" => "gosaProperty::isBool",
100 * | "migrate" => "",
101 * | "group" => "authentification",
102 * | "mandatory" => TRUE
103 * | ),
104 * | ),
105 * | See class_core.inc for a huge amount of examples.
106 */
109 class all extends plugin {
110 static function plInfo()
111 {
112 return (array(
113 "plShortName" => _("All"),
114 "plDescription" => _("All objects"),
115 "plSelfModify" => TRUE,
116 "plDepends" => array(),
117 "plPriority" => 0,
118 "plSection" => array("administration"),
119 "plCategory" => array("all" => array("description" => '* '._("All"))),
120 "plProvidedAcls" => array())
121 );
122 }
123 }
125 class core extends plugin {
127 static function getPropertyValues($class,$name,$value,$type)
128 {
129 $list = array();
130 switch($name){
131 case 'idAllocationMethod':
132 $list = array('traditional' => _('Traditional'), 'pool' => _('Use samba pool'));
133 break;
134 case 'passwordDefaultHash':
135 $tmp = passwordMethod::get_available_methods();
136 foreach($tmp['name'] as $id => $method){
137 $desc = $tmp[$id]['name'];
138 $list[$method] = $desc;
139 }
140 break;
141 case 'theme':
142 $cmd = "cd ../ihtml/themes; find . -name 'img.styles' | sed s/'^[^\/]*\/\([^\/]*\).*'/'\\1'/g";
143 $res = `$cmd` ;
144 $list = array();
145 foreach(preg_split("/\n/",$res) as $entry){
146 if(!empty($entry)){
147 $list[$entry] = $entry;
148 }
149 }
150 break;
151 case 'accountPrimaryAttribute':
152 $list = array('uid' => 'uid', 'cn' => 'cn');
153 break;
154 case 'loginAttribute':
155 $list = array(
156 'uid' => 'uid',
157 'mail' => 'mail',
158 'both' => 'uid & mail');
159 break;
160 case 'timezone':
161 $tmp = timezone::_get_tz_zones();
162 foreach($tmp['TIMEZONES'] as $name => $offset){
163 if($offset >= 0){
164 $list[$name] = $name." ( + ".sprintf("%0.2f",$offset/(60*60))." "._("hours").")";
165 }else{
166 $offset = $offset * -1;
167 $list[$name] = $name." ( - ".sprintf("%0.2f",($offset/(60*60)))." "._("hours").")";
168 }
169 }
170 break;
171 case 'mailAttribute':
172 $list = array('mail' => 'mail','uid' => 'uid');
173 break;
174 case 'mailMethod':
175 $tmp = array();
176 if(class_available('mailMethod')){
177 $tmp = mailMethod::get_methods();
178 }
179 $list =array();
180 foreach($tmp as $name => $value){
181 $name = preg_replace('/^mailMethod/','', $name);
182 $list[$name] = $value;
183 }
184 $list[''] = _("None");
185 break;
186 case 'language':
187 $tmp = get_languages(TRUE);
188 $list[""] = _("Automatic");
189 foreach($tmp as $key => $desc){
190 $list[$key] = $desc;
191 }
192 break;
193 case 'modificationDetectionAttribute':
194 $list = array('entryCSN' => 'entryCSN (OpenLdap)','textCSN'=>'textCSN (Sun DS)');
195 break;
196 default: echo $name." ";$list = array();
197 }
199 if(!isset($list[$value])){
200 $list[$value] = $value." ("._("User value").")";
201 }
203 return($list);
204 }
206 static function plInfo()
207 {
208 return (array(
209 "plShortName" => _("Core"),
210 "plDescription" => _("GOsa core plugin"),
211 "plSelfModify" => FALSE,
212 "plDepends" => array(),
213 "plPriority" => 0,
214 "plSection" => array("administration"),
216 "plRequirements"=> array(
217 'ldapSchema' => array(
218 'gosaObject' => '>=2.7',
219 'gosaAccount' => '>=2.7',
220 'gosaLockEntry' => '>=2.7',
221 'gosaDepartment' => '>=2.7',
222 'gosaCacheEntry' => '>=2.7',
223 'gosaProperties' => '>=2.7',
224 'gosaConfig' => '>=2.7'
225 ),
226 'onFailureDisablePlugin' => array(get_class())
227 ),
231 "plCategory" => array("all"),
232 "plProperties" => array(
234 array(
235 "name" => "htaccessAuthentication",
236 "type" => "bool",
237 "default" => "false",
238 "description" => _("Enables htaccess instead of LDAP authentication. This can be used to enable other authentication mechanisms like Kerberos for the GOsa login."),
239 "check" => "gosaProperty::isBool",
240 "migrate" => "",
241 "group" => "authentification",
242 "mandatory" => TRUE),
244 array(
245 "name" => "statsDatabaseEnabled",
246 "type" => "bool",
247 "default" => "false",
248 "description" => _("Enables the usage statistics module."),
249 "check" => "gosaProperty::isBool",
250 "migrate" => "",
251 "group" => "core",
252 "mandatory" => TRUE),
254 array(
255 "name" => "statsDatabaseDirectory",
256 "type" => "path",
257 "default" => "/var/spool/gosa/stats",
258 "description" => _("Database file to be used by the usage statistics module."),
259 "check" => "gosaProperty::isWriteablePath",
260 "migrate" => "",
261 "group" => "core",
262 "mandatory" => TRUE),
264 array(
265 "name" => "logging",
266 "type" => "bool",
267 "default" => "true",
268 "description" => _("Enables event logging in GOsa. Setting it to 'On' make GOsa log every action a user performs via syslog. If you use this in combination with rsyslog and configure it to mysql logging, you can browse all events in GOsa."),
270 "check" => "gosaProperty::isBool",
271 "migrate" => "",
272 "group" => "core",
273 "mandatory" => TRUE),
275 array(
276 "name" => "listSummary",
277 "type" => "bool",
278 "default" => "true",
279 "description" => _("Enables a status bar on the bottom of lists displaying a summary of type and number of elements in the list."),
280 "check" => "gosaProperty::isBool",
281 "migrate" => "",
282 "group" => "visual",
283 "mandatory" => FALSE),
285 array(
286 "name" => "passwordMinLength",
287 "type" => "integer",
288 "default" => "",
289 "description" => _("Specify the minimum length for newly entered passwords."),
290 "check" => "gosaProperty::isInteger",
291 "migrate" => "",
292 "group" => "password",
293 "mandatory" => FALSE),
295 array(
296 "name" => "passwordMinDiffer",
297 "type" => "integer",
298 "default" => "",
299 "description" => _("Specify the minimum number of characters that have to differ between old and newly entered passwords."),
300 "check" => "gosaProperty::isInteger",
301 "migrate" => "",
302 "group" => "password",
303 "mandatory" => FALSE),
305 array(
306 "name" => "passwordProposalHook",
307 "type" => "command",
308 "default" => "",
309 "description" => _("Command to generate password proposals. If a command has been specified, the user can decide whether to use an automatic password or a manually specified one.")." "._("Example").": /usr/bin/apg -n1",
310 "check" => "gosaProperty::isCommand",
311 "migrate" => "",
312 "group" => "password",
313 "mandatory" => FALSE),
315 array(
316 "name" => "displayErrors",
317 "type" => "bool",
318 "default" => "false",
319 "description" => _("Enable display of PHP errors on the top of the page. Disable this feature in production environments to avoid the exposure of sensitive data.")." ".sprintf(_("Related option").": developmentMode"),
320 "check" => "gosaProperty::isBool",
321 "migrate" => "",
322 "group" => "debug",
323 "mandatory" => TRUE),
325 array(
326 "name" => "developmentMode",
327 "type" => "bool",
328 "default" => "false",
329 "description" => _("Show messages that may assist plugin development. Be aware that this option may produce some ACL related false error messages!"),
330 "check" => "gosaProperty::isBool",
331 "migrate" => "",
332 "group" => "debug",
333 "mandatory" => TRUE),
336 array(
337 "name" => "schemaCheck",
338 "type" => "bool",
339 "default" => "true",
340 "description" => _("Enable LDAP schema verification during login. The recommended setting is 'On' because it enables efficient methods to create missing subtrees in the LDAP."),
341 "check" => "gosaProperty::isBool",
342 "migrate" => "",
343 "group" => "debug",
344 "mandatory" => TRUE),
346 array(
347 "name" => "copyPaste",
348 "type" => "bool",
349 "default" => "false",
350 "description" => _("Enable copy and paste for most objects managed by GOsa."),
351 "check" => "gosaProperty::isBool",
352 "migrate" => "",
353 "group" => "copyPaste",
354 "mandatory" => TRUE),
356 array(
357 "name" => "forceGlobals",
358 "type" => "noLdap",
359 "default" => "false",
360 "description" => _("Enable PHP security checks for disabled register_global settings."),
361 "check" => "gosaProperty::isBool",
362 "migrate" => "",
363 "group" => "security",
364 "mandatory" => TRUE),
366 array(
367 "name" => "forceSSL",
368 "type" => "noLdap",
369 "default" => "false",
370 "description" => _("Enable automatic redirection to HTTPS based administration."),
371 "check" => "gosaProperty::isBool",
372 "migrate" => "",
373 "group" => "security",
374 "mandatory" => TRUE),
376 array(
377 "name" => "ldapStats",
378 "type" => "bool",
379 "default" => "false",
380 "description" => _("Enable logging of detailed information of LDAP operations."),
381 "check" => "gosaProperty::isBool",
382 "migrate" => "",
383 "group" => "debug",
384 "mandatory" => FALSE),
386 array(
387 "name" => "ldapFollowReferrals",
388 "type" => "bool",
389 "default" => "false",
390 "description" => _("Enable LDAP referral chasing."),
391 "check" => "gosaProperty::isBool",
392 "migrate" => "",
393 "group" => "ldap",
394 "mandatory" => TRUE),
396 array(
397 "name" => "ldapFilterNestingLimit",
398 "type" => "integer",
399 "default" => 200,
400 "description" => _("Specify LDAP element filter limit. If the limit is not 0, GOsa speeds up group queries by putting several queries into a single query. This is known to produce problems on some LDAP servers (i.e. Sun DS) and needs to be lowered or disabled."),
401 "check" => "gosaProperty::isInteger",
402 "migrate" => "",
403 "group" => "ldap",
404 "mandatory" => TRUE),
406 array(
407 "name" => "ldapSizelimit",
408 "type" => "integer",
409 "default" => 200,
410 "description" => _("Specify the maximum number of entries GOsa will request from an LDAP server. A warning is displayed if this limit is exceeded."),
411 "check" => "gosaProperty::isInteger",
412 "migrate" => "",
413 "group" => "core",
414 "mandatory" => TRUE),
416 array(
417 "name" => "ldapSizeIgnore",
418 "type" => "bool",
419 "default" => "false",
420 "description" => _("Disable checks for LDAP size limits."),
421 "check" => "gosaProperty::isBool",
422 "migrate" => "",
423 "group" => "core",
424 "mandatory" => FALSE),
426 array(
427 "name" => "warnSSL",
428 "type" => "noLdap",
429 "default" => "true",
430 "description" => _("Enable warnings for non encrypted connections."),
431 "check" => "gosaProperty::isBool",
432 "migrate" => "",
433 "group" => "security",
434 "mandatory" => TRUE),
436 array(
437 "name" => "ppdGzip",
438 "type" => "bool",
439 "default" => "true",
440 "description" => _("Enable compression for PPD files."),
441 "check" => "gosaProperty::isBool",
442 "migrate" => "",
443 "group" => "ppd",
444 "mandatory" => FALSE),
447 array(
448 "name" => "ignoreAcl",
449 "type" => "dn",
450 "default" => "",
451 "description" => _("DN of user with ACL checks disabled. This should only be used to restore lost administrative ACLs."),
452 "check" => "gosaProperty::isDN",
453 "migrate" => "",
454 "group" => "debug",
455 "mandatory" => FALSE),
458 array(
459 "name" => "ppdPath",
460 "type" => "path",
461 "default" => "/var/spool/ppd",
462 "description" => _("Storage path for PPD files."),
463 "check" => "gosaProperty::isPath",
464 "migrate" => "",
465 "group" => "ppd",
466 "mandatory" => FALSE),
468 array(
469 "name" => "ldapMaxQueryTime",
470 "type" => "integer",
471 "default" => "",
472 "description" => _("Number of seconds a LDAP query is allowed to take until GOsa aborts the request."),
473 "check" => "gosaProperty::isInteger",
474 "migrate" => "",
475 "group" => "debug",
476 "mandatory" => FALSE),
478 array(
479 "name" => "storeFilterSettings",
480 "type" => "bool",
481 "default" => "true",
482 "description" => _("Enables storing of user filters in browser cookies."),
483 "check" => "gosaProperty::isBool",
484 "migrate" => "",
485 "group" => "core",
486 "mandatory" => FALSE),
488 array(
489 "name" => "sendCompressedOutput",
490 "type" => "bool",
491 "default" => "true",
492 "description" => _("Enables sending of compressed web page content."),
493 "check" => "gosaProperty::isBool",
494 "migrate" => "",
495 "group" => "core",
496 "mandatory" => FALSE),
498 array(
499 "name" => "modificationDetectionAttribute",
500 "type" => "switch",
501 "default" => "entryCSN",
502 "defaults" => "core::getPropertyValues",
503 "description" => _("LDAP attribute which is used to detect changes."),
504 "check" => "",
505 "migrate" => "",
506 "group" => "core",
507 "mandatory" => TRUE),
509 array(
510 "name" => "language",
511 "type" => "switch",
512 "default" => "",
513 "defaults" => "core::getPropertyValues",
514 "description" => _("ISO language code which is used to override the automatic language detection."),
515 "check" => "",
516 "migrate" => "",
517 "group" => "core",
518 "mandatory" => FALSE),
520 array(
521 "name" => "theme",
522 "type" => "switch",
523 "default" => "default",
524 "defaults" => "core::getPropertyValues",
525 "description" => _("CSS and template theme to be used."),
526 "check" => "",
527 "migrate" => "",
528 "group" => "visual",
529 "mandatory" => TRUE),
531 array(
532 "name" => "sessionLifetime",
533 "type" => "integer",
534 "default" => 600,
535 "description" => _("Number of seconds after an inactive session expires. This may be overridden by some systems php.ini/crontab mechanism."),
536 "check" => "gosaProperty::isInteger",
537 "migrate" => "",
538 "group" => "security",
539 "mandatory" => FALSE),
541 array(
542 "name" => "templateCompileDirectory",
543 "type" => "path",
544 "default" => "/var/spool/gosa",
545 "description" => _("Template engine compile directory."),
546 "check" => "gosaProperty::isWriteablePath",
547 "migrate" => "",
548 "group" => "core",
549 "mandatory" => TRUE),
551 array(
552 "name" => "debugLevel",
553 "type" => "integer",
554 "default" => 0,
555 "description" => sprintf(_("Logical AND of the integer values below that controls the debug output on every page load: %s"),
556 "
558 DEBUG_TRACE = 1
559 DEBUG_LDAP = 2
560 DEBUG_MYSQL = 4
561 DEBUG_SHELL = 8
562 DEBUG_POST = 16
563 DEBUG_SESSION = 32
564 DEBUG_CONFIG = 64
565 DEBUG_ACL = 128
566 DEBUG_SI = 256"),
567 "check" => "gosaProperty::isInteger",
568 "migrate" => "",
569 "group" => "debug",
570 "mandatory" => FALSE),
572 array(
573 "name" => "sambaHashHook",
574 "type" => "command",
575 "default" => "perl -MCrypt::SmbHash -e \"print join(q[:], ntlmgen \\\$ARGV[0]), $/;\"",
576 "description" => _("Command to create Samba NT/LM hashes. Required for password synchronization if you don't use supplementary services."),
577 "check" => "gosaProperty::isCommand",
578 "migrate" => "",
579 "group" => "samba",
580 "mandatory" => FALSE),
582 array(
583 "name" => "passwordDefaultHash",
584 "type" => "switch",
585 "default" => "crypt/md5",
586 "defaults" => "core::getPropertyValues",
587 "description" => _("Default hash to be used for newly created user passwords."),
588 "check" => "",
589 "migrate" => "",
590 "group" => "password",
591 "mandatory" => FALSE),
592 array(
593 "name" => "strictPasswordRules",
594 "type" => "bool",
595 "default" => "true",
596 "description" => _("Enable checking for the presence of problematic unicode characters in passwords."),
597 "check" => "gosaProperty::isBool",
598 "migrate" => "",
599 "group" => "password",
600 "mandatory" => FALSE),
602 array(
603 "name" => "accountPrimaryAttribute",
604 "type" => "switch",
605 "default" => "cn",
606 "defaults" => "core::getPropertyValues",
607 "description" => _("Specify whether 'cn' or 'uid' style user DNs are generated. For more sophisticated control use the 'accountRDN' setting."),
608 "check" => "",
609 "migrate" => "",
610 "group" => "security",
611 "mandatory" => TRUE),
613 array(
614 "name" => "userRDN",
615 "type" => "rdn",
616 "default" => "ou=people,",
617 "description" => _("Location component for user storage inside of departments."),
618 "check" => "gosaProperty::isRdn",
619 "migrate" => "migrate_userRDN",
620 "group" => "user",
621 "mandatory" => FALSE),
623 array(
624 "name" => "groupRDN",
625 "type" => "rdn",
626 "default" => "ou=groups,",
627 "description" => _("Location component for group storage inside of departments."),
628 "check" => "gosaProperty::isRdn",
629 "migrate" => "migrate_groupRDN",
630 "group" => "group",
631 "mandatory" => FALSE),
633 array(
634 "name" => "gidNumberBase",
635 "type" => "integer",
636 "default" => "1000",
637 "description" => _("Count base for group IDs. For dynamic ID assignment use the 'nextIdHook' setting."),
638 "check" => "gosaProperty::isInteger",
639 "migrate" => "",
640 "group" => "id",
641 "mandatory" => TRUE),
643 array(
644 "name" => "baseIdHook",
645 "type" => "command",
646 "default" => "",
647 "description" => _("Count base for user IDs. For dynamic ID assignment use the 'nextIdHook' setting."),
648 "check" => "gosaProperty::isCommand",
649 "migrate" => "",
650 "group" => "id",
651 "mandatory" => FALSE),
653 array(
654 "name" => "gidNumberPoolMin",
655 "type" => "integer",
656 "default" => 10000,
657 "description" => _("Lowest assignable group ID for use with the idAllocationMethod set to 'pool'."),
658 "check" => "gosaProperty::isInteger",
659 "migrate" => "",
660 "group" => "id",
661 "mandatory" => FALSE),
663 array(
664 "name" => "gidNumberPoolMax",
665 "type" => "integer",
666 "default" => 40000,
667 "description" => _("Highest assignable group ID for use with the idAllocationMethod set to 'pool'."),
668 "check" => "gosaProperty::isInteger",
669 "migrate" => "",
670 "group" => "id",
671 "mandatory" => FALSE),
673 array(
674 "name" => "uidNumberPoolMin",
675 "type" => "integer",
676 "default" => 10000,
677 "description" => _("Lowest assignable user ID for use with the idAllocationMethod set to 'pool'."),
678 "check" => "gosaProperty::isInteger",
679 "migrate" => "",
680 "group" => "id",
681 "mandatory" => FALSE),
683 array(
684 "name" => "uidNumberPoolMax",
685 "type" => "integer",
686 "default" => 40000,
687 "description" => _("Highest assignable user ID for use with the idAllocationMethod set to 'pool'."),
688 "check" => "gosaProperty::isInteger",
689 "migrate" => "",
690 "group" => "id",
691 "mandatory" => FALSE),
693 array(
694 "name" => "uidNumberBase",
695 "type" => "integer",
696 "default" => "1000",
697 "description" => _("Count base for user IDs. For dynamic ID assignment use the 'baseIdHook' setting."),
698 "check" => "gosaProperty::isInteger",
699 "migrate" => "",
700 "group" => "id",
701 "mandatory" => FALSE),
703 array(
704 "name" => "gosaRpcServer",
705 "type" => "string",
706 "default" => "",
707 "description" => _("Connection URL for use with the gosa-ng service."),
708 "check" => "jsonRPC::testConnectionProperties",
709 "migrate" => "",
710 "group" => "rpc",
711 "mandatory" => FALSE),
713 array(
714 "name" => "gosaRpcUser",
715 "type" => "string",
716 "default" => "admin",
717 "description" => _("User name used to connect to the 'gosaRpcServer'."),
718 "check" => "",
719 "migrate" => "",
720 "group" => "rpc",
721 "mandatory" => FALSE),
723 array(
724 "name" => "gosaRpcPassword",
725 "type" => "string",
726 "default" => "tester",
727 "description" => _("Password used to connect to the 'gosaRpcServer'."),
728 "check" => "",
729 "migrate" => "",
730 "group" => "rpc",
731 "mandatory" => FALSE),
733 array(
734 "name" => "gosaSupportURI",
735 "type" => "string",
736 "default" => "",
737 "description" => _("Connection URI for use with the gosa-si service (obsolete)."),
738 "check" => "",
739 "migrate" => "",
740 "group" => "gosa-si",
741 "mandatory" => FALSE),
743 array(
744 "name" => "gosaSupportTimeout",
745 "type" => "integer",
746 "default" => 15,
747 "description" => _("Number of seconds after a gosa-si connection is considered 'dead'."),
748 "check" => "gosaProperty::isInteger",
749 "migrate" => "",
750 "group" => "gosa-si",
751 "mandatory" => FALSE),
753 array(
754 "name" => "loginAttribute",
755 "type" => "switch",
756 "default" => "uid",
757 "defaults" => "core::getPropertyValues",
758 "description" => _("User attribute which is used for log in."),
759 "check" => "",
760 "migrate" => "",
761 "group" => "security",
762 "mandatory" => TRUE),
764 array(
765 "name" => "timezone",
766 "type" => "switch",
767 "default" => "",
768 "defaults" => "core::getPropertyValues",
769 "description" => _("Local time zone."),
770 "check" => "",
771 "migrate" => "",
772 "group" => "core",
773 "mandatory" => FALSE),
775 array(
776 "name" => "honourUnitTags",
777 "type" => "bool",
778 "default" => "false",
779 "description" => _("Enable tagging of administrative units. This can be used in conjunction with ACLs (obsolete)."),
780 "check" => "",
781 "migrate" => "",
782 "group" => "core",
783 "mandatory" => FALSE),
785 array(
786 "name" => "useSaslForKerberos",
787 "type" => "bool",
788 "default" => "true",
789 "description" => _("Enable the use of {sasl} instead of {kerberos} for user realms."),
790 "check" => "gosaProperty::isBool",
791 "migrate" => "",
792 "group" => "password",
793 "mandatory" => FALSE),
795 array(
796 "name" => "rfc2307bis",
797 "type" => "bool",
798 "default" => "false",
799 "description" => _("Enable RFC 2307bis style groups. This combines the use of 'member' and 'memberUid' attributes."),
800 "check" => "gosaProperty::isBool",
801 "migrate" => "",
802 "group" => "core",
803 "mandatory" => FALSE),
805 array(
806 "name" => "personalTitleInDN",
807 "type" => "bool",
808 "default" => "false",
809 "description" => _("Adjusts the user DN generation to include the users personal title (only in conjunction with accountPrimaryAttribute)."),
810 "check" => "gosaProperty::isBool",
811 "migrate" => "",
812 "group" => "storage location",
813 "mandatory" => FALSE),
815 array(
816 "name" => "nextIdHook",
817 "type" => "command",
818 "default" => "",
819 #TODO: Work starts here...
820 "description" => _("The 'nextIdHook' statement defines a script to be called for finding the next free id for users or groups externaly. It gets called with the current entry \"dn\" and the attribute to be ID'd. It should return an integer value."),
821 "check" => "gosaProperty::isCommand",
822 "migrate" => "",
823 "group" => "id",
824 "mandatory" => FALSE),
826 array(
827 "name" => "idGenerator",
828 "type" => "string",
829 "default" => "{%sn}-{%givenName[2-4]}",
830 "description" => _("The 'idGenerator' statement describes an automatic way to generate new user ids. There are two basic functions supported - which can be combined:
832 a) using attributes
834 You can specify LDAP attributes (currently only sn and givenName) in
835 braces {} and add a percent sign befor it. Optionally you can strip it
836 down to a number of characters, specified in []. I.e.
838 idGenerator=\"{%sn}-{%givenName[2-4]}\"
840 will generate an ID using the full surname, adding a dash, and adding at
841 least the first two characters of givenName. If this ID is used, it'll
842 use up to four characters. If no automatic generation is possible, a
843 input box is shown.
845 b) using automatic id's
847 I.e. specifying
849 idGenerator=\"acct{id:3}\"
851 will generate a three digits id with the next free entry appended to \"acct\".
853 idGenerator=\"acct{id!1}\"
855 will generate a one digit id with the next free entry appended to \"acct\" - if needed.
857 idGenerator=\"ext{id#3}\"
859 will generate a three digits random number appended to \"ext\".
860 "),
861 "check" => "",
862 "migrate" => "",
863 "group" => "core",
864 "mandatory" => FALSE),
866 array(
867 "name" => "strictNamingRules",
868 "type" => "bool",
869 "default" => "true",
870 "description" => _("The 'strictNamingRules' statement enables strict checking of uids and group names. If you need characters like . or - inside of your accounts, set this to 'false'."),
871 "check" => "gosaProperty::isBool",
872 "migrate" => "",
873 "group" => "core",
874 "mandatory" => FALSE),
876 array(
877 "name" => "minId",
878 "type" => "integer",
879 "default" => 40,
880 "description" => _("The 'minId' statement defines the minimum assignable user or group id to avoid security leaks with uid 0 accounts. This is used for the 'traditional' method."),
881 "check" => "gosaProperty::isInteger",
882 "migrate" => "",
883 "group" => "id",
884 "mandatory" => FALSE),
886 array(
887 "name" => "mailAttribute",
888 "type" => "switch",
889 "default" => "mail",
890 "defaults" => "core::getPropertyValues",
891 "description" => _("The 'mailAttribute' statement determines which attribute GOsa will use to create accounts. Valid values are 'mail' and 'uid'."),
892 "check" => "",
893 "migrate" => "",
894 "group" => "mail",
895 "mandatory" => FALSE),
897 array(
898 "name" => "gosaSharedPrefix",
899 "type" => "string",
900 "default" => "",
901 "description" => _("This attribute allows to override the prefix used to create shared folders."),
902 "check" => "",
903 "migrate" => "",
904 "group" => "mail",
905 "mandatory" => FALSE),
907 array(
908 "name" => "mailUserCreation",
909 "type" => "string",
910 "default" => "",
911 "description" => _("This attribute allows to override the user account creation syntax, see the 'mailFolderCreation' description for more details.
913 Examples
914 mailUserCreation=\"%prefix%%uid%\" => \"user.foobar\"
915 mailUserCreation=\"my-prefix.%uid%%domain%\" => \"my-prefix.foobar@example.com\"
916 "),
917 "check" => "",
918 "migrate" => "",
919 "group" => "mail",
920 "mandatory" => FALSE),
922 array(
923 "name" => "mailFolderCreation",
924 "type" => "string",
925 "default" => "",
926 "description" => _("Every mail method has its own way to create mail accounts like 'share/development' or 'shared.development@example.com' which is used to identify the accounts, set quotas or add acls.
928 To override the methods default account creation syntax, you can set the 'mailFolderCreation' option.
930 Examples
932 mailFolderCreation=\"%prefix%%cn%\" => \"shared.development\"
933 mailFolderCreation=\"my-prefix.%cn%%domain%\" => \"my-prefix.development@example.com\"
935 %prefix% The methods default prefix. (Depends on cyrusUseSlashes=FALSE/TRUE)
936 %cn% The groups/users cn.
937 %uid% The users uid.
938 %mail% The objects mail attribute.
939 %domain% The domain part of the objects mail attribute.
940 %mailpart% The user address part of the mail address.
941 %uattrib% Depends on mailAttribute=\"uid/mail\".
942 "),
943 "check" => "",
944 "migrate" => "",
945 "group" => "mail",
946 "mandatory" => FALSE),
948 array(
949 "name" => "imapTimeout",
950 "type" => "integer",
951 "default" => 10,
952 "description" => _("The 'imapTimeout' statement sets the connection timeout for imap actions."),
953 "check" => "gosaProperty::isInteger",
954 "migrate" => "",
955 "group" => "mail",
956 "mandatory" => FALSE),
958 array(
959 "name" => "mailMethod",
960 "type" => "switch",
961 "default" => "",
962 "defaults" => "core::getPropertyValues",
963 "description" => _("The 'mailMethod' statement tells GOsa which mail method the setup should use to communicate with a possible mail server. Leave this undefined if your mail method does not match the predefined ones."),
964 "check" => "",
965 "migrate" => "",
966 "group" => "mail",
967 "mandatory" => FALSE),
969 array(
970 "name" => "cyrusUseSlashes",
971 "type" => "bool",
972 "default" => "true",
973 "description" => _("The 'cyrusUseSlashes' statement determines if GOsa should use \"foo/bar\" or \"foo.bar\" namespaces in IMAP. Unix style is with slashes."),
974 "check" => "gosaProperty::isBool",
975 "migrate" => "",
976 "group" => "mail",
977 "mandatory" => FALSE),
979 array(
980 "name" => "vacationTemplateDirectory",
981 "type" => "path",
982 "default" => "/etc/gosa/vacation",
983 "description" => _("The 'vacationTemplateDirectory' statement sets the path where GOsa will look for vacation message templates. Default is /etc/gosa/vacation.
985 Example template /etc/gosa/vacation/business.txt:
987 DESC:Away from desk
988 Hi, I'm currently away from my desk. You can contact me on
989 my cell phone via %mobile.
991 Greetings,
992 %givenName %sn
994 "),
995 "check" => "gosaProperty::isWriteablePath",
996 "migrate" => "",
997 "group" => "mail",
998 "mandatory" => FALSE),
1000 array(
1001 "name" => "ldapTLS",
1002 "type" => "bool",
1003 "default" => "false",
1004 "description" => _("The 'ldapTLS' statement enables or disables TLS operating on LDAP connections."),
1005 "check" => "gosaProperty::isBool",
1006 "migrate" => "",
1007 "group" => "security",
1008 "mandatory" => TRUE),
1010 array(
1011 "name" => "honourIvbbAttributes",
1012 "type" => "bool",
1013 "default" => "false",
1014 "description" => _("The 'honourIvbbAttributes' statement enables the IVBB mode inside of GOsa. You need the ivbb.schema file from used by german authorities."),
1015 "check" => "gosaProperty::isBool",
1016 "migrate" => "",
1017 "group" => "core",
1018 "mandatory" => FALSE),
1020 array(
1021 "name" => "sambaIdMapping",
1022 "type" => "bool",
1023 "default" => "false",
1024 "description" => _("The 'sambaIdMapping' statement tells GOsa to maintain sambaIdmapEntry objects. Depending on your setup this can drastically improve the windows login performance."),
1025 "check" => "gosaProperty::isBool",
1026 "migrate" => "",
1027 "group" => "samba",
1028 "mandatory" => FALSE),
1030 array(
1031 "name" => "handleExpiredAccounts",
1032 "type" => "bool",
1033 "default" => "true",
1034 "description" => _("The 'handleExpiredAccounts' statement enables shadow attribute tests during the login to the GOsa web interface and forces password renewal or account lockout."),
1035 "check" => "gosaProperty::isBool",
1036 "migrate" => "",
1037 "group" => "core",
1038 "mandatory" => FALSE),
1040 array(
1041 "name" => "sambaSID",
1042 "type" => "string",
1043 "default" => "",
1044 "description" => _("The 'sambaSID' statement defines a samba SID if not available inside of the LDAP. You can retrieve the current sid by net getlocalsid."),
1045 "check" => "",
1046 "migrate" => "",
1047 "group" => "samba",
1048 "mandatory" => FALSE),
1050 array(
1051 "name" => "sambaRidBase",
1052 "type" => "integer",
1053 "default" => "",
1054 "description" => _("The 'sambaRidBase' statement defines the base id to add to ordinary sid calculations - if not available inside of the LDAP."),
1055 "check" => "gosaProperty::isInteger",
1056 "migrate" => "",
1057 "group" => "samba",
1058 "mandatory" => FALSE),
1060 array(
1061 "name" => "enableSnapshots",
1062 "type" => "bool",
1063 "default" => "false",
1064 "description" => _("The 'enableSnapshots' statement enables a snapshot mechaism in GOsa. This enables you to save certain states of entries and restore them later on."),
1065 "check" => "gosaProperty::isBool",
1066 "migrate" => "",
1067 "group" => "snapshot",
1068 "mandatory" => TRUE),
1070 array(
1071 "name" => "snapshotBase",
1072 "type" => "dn",
1073 "default" => "ou=snapshots,dc=localhost,dc=de",
1074 "description" => _("The 'snapshotBase' statement defines the base where snapshots should be stored inside of the LDAP."),
1075 "check" => "gosaProperty::isDn",
1076 "migrate" => "",
1077 "group" => "snapshot",
1078 "mandatory" => FALSE),
1080 array(
1081 "name" => "snapshotAdminDn",
1082 "type" => "dn",
1083 "default" => "cn=admin,dc=localhost,dc=de",
1084 "description" => _("The 'snapshotAdminDn' variable defines the user which is used to authenticate when connecting to 'snapshotURI'."),
1085 "check" => "gosaProperty::isDn",
1086 "migrate" => "",
1087 "group" => "snapshot",
1088 "mandatory" => FALSE),
1090 array(
1091 "name" => "snapshotAdminPassword",
1092 "type" => "string",
1093 "default" => "secret",
1094 "description" => _("The 'snapshotAdminPassword' variable defines the credentials which are used in combination with 'snapshotAdminDn' and 'snapshotURI' in order to authenticate."),
1095 "check" => "",
1096 "migrate" => "",
1097 "group" => "snapshot",
1098 "mandatory" => FALSE),
1100 array(
1101 "name" => "idAllocationMethod",
1102 "type" => "switch",
1103 "default" => "traditional",
1104 "defaults" => "core::getPropertyValues",
1105 "description" => _("The 'idAllocationMethod' statement defines how GOsa generates numeric user and group id values. If it is set to 'traditional' GOsa will do create a lock and perform a search for the next free ID. The lock will be removed after the procedure completes. 'pool' will use the sambaUnixIdPool objectclass settings inside your LDAP. This one is unsafe, because it does not check for concurrent LDAP access and already used IDs in this range. On the other hand it is much faster."),
1106 "check" => "",
1107 "migrate" => "",
1108 "group" => "id",
1109 "mandatory" => TRUE),
1110 array(
1111 "name" => "snapshotURI",
1112 "type" => "uri",
1113 "default" => "ldap://localhost:389",
1114 "description" => _("The 'snapshotURI' variable defines the LDAP URI for the server which is used to do object snapshots."),
1115 "check" => "",
1116 "migrate" => "",
1117 "group" => "snapshot",
1118 "mandatory" => FALSE)
1119 )));
1120 }
1121 }
1122 ?>