Updated fai

[gosa.git] / gosa-core / FAQ

diff --git a/gosa-core/FAQ b/gosa-core/FAQ
index 41d4254ffb2795494fbeee21c30480b91bd49823..1b2958c6964b07f8aaefa62900095d1dea94b680 100644 (file)
--- a/gosa-core/FAQ
+++ b/gosa-core/FAQ
@@ -98,10 +98,10 @@ A: Yes. Just go to the doc/guide/user/en directory and copy the lyx-source direc
    
 Q: Can I specify some kind of password policies?
 
-A: You can place the keywords "pwminlen" and "pwdiffer" in the main section of your
-   gosa.conf. "pwminlen" specifies how many characters a password must have to be
-   accepted. "pwdiffer" contains the number of characters that must be different
-   from the previous password.
+A: You can place the keywords "passwordMinLength" and "passwordMinDiffer" in the main
+   section of your gosa.conf. "passwordMinLength" specifies how many characters a
+   password must have to be accepted. "passwordMinDiffer" contains the number of
+   characters that must be different from the previous password.
 
    Note that these only affect passwords that are set by the user, not by the admins.
 
@@ -110,7 +110,7 @@ Q: I've to update passwords on external windows PDCs. Can I add a command to let
    synchronize these for me?
 
 A: There's the possibility to add a password hook in gosa.conf's main section using
-   the keyword "externalpwdhook". The specified command will be executed with 
+   the keyword "passwordHook". The specified command will be executed with 
    three parameters: /path/to/your/script username oldpassword newpassword
 
    So you can call i.e. smbpasswd to handle your password change on the PDC.
@@ -134,7 +134,7 @@ A: Create a directory to keep a set of vacation messages which are readable by t
    %givenName %sn
    -----------------------------------------------------------------------------------
 
-   Place the config option vacationdir="/etc/gosa/vacation" in the location found in
+   Place the config option vacationTemplateDirectory="/etc/gosa/vacation" in the location found in
    gosa.conf and a template box is show in the vacation mail tab.
 
 
@@ -147,7 +147,7 @@ A: Add an entry describing your id policy in gosa.conf, location section:
       and add a percent sign befor it. Optionally you can strip it down to a number
       of characters, specified in []. I.e.
       
-       idgen="{%sn}-{%givenName[2-4]}"
+       idGenerator="{%sn}-{%givenName[2-4]}"
        
       will generate an ID using the full surename, adding a dash, and adding at least
       the first two characters of givenName. If this ID is used, it'll use up to four
@@ -156,11 +156,11 @@ A: Add an entry describing your id policy in gosa.conf, location section:
    b) using automatic id's
       I.e. specifying
       
-       idgen="acct{id:3}"
+       idGenerator="acct{id:3}"
 
       will generate a three digits id with the next free entry appended to "acct".
       
-       idgen="ext{id#3}"
+       idGenerator="ext{id#3}"
 
       will generate a three digits random number appended to "ext".
 
@@ -168,8 +168,8 @@ A: Add an entry describing your id policy in gosa.conf, location section:
 Q: I'm migrating from the current LDAP, now GOsa does not allow uid's and group
    with upper/lower case and spaces. What can I do?
 
-A: Include the strict="no" keyword in your gosa.conf's location section.
-   WARNING: using strict="no" will cause problems with cyrus/postfix!!
+A: Include the strictNamingRules="no" keyword in your gosa.conf's location section.
+   WARNING: using strictNamingRules="no" will cause problems with cyrus/postfix!!
 
 
 Q: I'd like to place my users under ou=staff, not under ou=people. Can I change
@@ -178,8 +178,8 @@ Q: I'd like to place my users under ou=staff, not under ou=people. Can I change
 A: Yes. You can change the people and group locations by adding the following
    statements to your location sections:
 
-   people="ou=staff"
-   groups="ou=crowds"
+   userRDN="ou=staff"
+   groupRDN="ou=crowds"
 
    After logging in again, people and groups are created in the configured places.
    As a side note, you can leave these strings blank for flat structures, too.
@@ -196,8 +196,8 @@ Q: I really don't want dn's containing the CN for user accounts because I don't
    want to support anonymous binds for uid resolution. Is it possible to have dn's
    containing the uid instead?
 
-A: Yes. Placing the dnmode="uid" keyword in your gosa.conf's location section will
-   solve your problem.
+A: Yes. Placing the accountPrimaryAttribute="uid" keyword in your gosa.conf's location
+   section will solve your problem.
 
 
 Q: Hey, I've installed GOsa, but it claims something about "SID and / or RIDBASE
@@ -209,8 +209,8 @@ A: You've configured GOsa to use samba3, but your LDAP has no samba domain objec
 
    <location name=...>
              ...
-             ridbase="1000"
-             sid="0-815-4711" \>
+             sambaRidBase="1000"
+             sambaSID="0-815-4711" \>
 
    Remember to fill in your real domain sid which is retrievable by the command
    "net getlocalsid".
@@ -236,7 +236,7 @@ A: This is an additional security feature, so that no one can fall back to uid 0
 
    <location name=...>
        ...
-       minid="40"
+       minId="40"
        ... \>
 
    in your configuration. In this example 40 will be the smallest ID you can enter.
@@ -255,13 +255,13 @@ A: Yes. Use the winstation parameter in your location section:
 
    <location name=...>
        ...
-       winstations="ou=machineaccounts"
+       sambaMachineAccountRDN="ou=machineaccounts"
        ... \>
 
 
 Q: GOsa doesn't seem to follow my referrals. What can I do?
 
-A: Place the option 'recursive = "true"' inside your locations definition
+A: Place the option 'ldapFollowReferrals = "true"' inside your locations definition
    and you should be fine.
 
 
@@ -271,7 +271,7 @@ A: Yes, add
 
    <location ...>
    ...
-         tls="true"
+         ldapTLS="true"
    ... \>
 
    to the location section of GOsa. This switch affects LDAP connections for a single location only.
@@ -284,7 +284,7 @@ A: Yes, add
 
    <main ...>
    ...
-         cyrusunixstyle="true"
+         cyrusUseSlashes="true"
    ... \>
 
    to the main section of GOsa and the folders are created in unix style.
@@ -305,12 +305,12 @@ A: No need to modify anything. Just add a hook the the plugin you'd like to
 
 Q: Is there a way to use ACL independet filtering when using administrative units?
 
-A: Yes. Set STRICT_UNITS to "true" in your gosa.conf's location section.
+A: Yes. Set "honourUnitTags" to "true" in your gosa.conf's location section.
 
 
 Q: How can i active the account expiration code for the gosa interface?
 
-A: Yes. Just set "account_expiration" to "true" in your gosa.conf's main section.
+A: Yes. Just set "handleExpiredAccounts" to "true" in your gosa.conf's main section.
 
 
 Q: What is the correct connection string for a Kolab server in GOsa?
@@ -335,21 +335,21 @@ A: For Kolab to work correctly you have to include the rfc2739.schema
 Q: New implementations of OpenLDAP seem to require {sasl} instead of {kerberos}
    in password hashes. GOsa writes the wrong string. What can I do?
 
-A: You can set "krbsasl" to "true" in your gosa.conf's main section.
+A: You can set "useSaslForKerberos" to "true" in your gosa.conf's main section.
 
 
 Q: Is there a way to add the personalTitle attribute the the users dn?
 
 A: Just add this line into the location section of your gosa.conf.
    <location name=...
-       include_personal_title="true"
+    personalTitleInDN="true"
    ...>
 
 
 Q: I'd like to assign different uid bases for certain user/group objects.
    How can this be achieved?
 
-A: Use the base_hook in your gosa.conf's location section to specify a script
+A: Use the 'baseIdHook' in your gosa.conf's location section to specify a script
    which handles the ID generation externaly. It get's called with the "dn"
    and the attribute to be ID'd. It should return an integer value.
 
@@ -368,7 +368,7 @@ A: Yes. Download http://standards.ieee.org/regauth/oui/oui.txt and place
 
 Q: GOsa sessions expire too quick. Is there a way to change this?
 
-A: Yes. Set "session_lifetime" to the number of seconds of inactivity. 7200
+A: Yes. Set "sessionLifetime" to the number of seconds of inactivity. 7200
    (60x60x2) would be for two hours. Place this option inside the main
    section of your gosa.conf.
    
@@ -378,7 +378,7 @@ Q: Microsoft Internet Explorer <=6 seems paints strange blocks around
 
 A: Use Firefox, Konqueror, Safari, Opera, IE >= 7, etc. IE is broken and
    I don't want to waste my time with working around this old crap. There's
-   a quick hack, if you just put "ie_png_workaround='true'" inside the main
+   a quick hack, if you just put "iePngWorkaround='true'" inside the main
    section of your gosa.conf. This is a JavaScript based workaround and I've
    to place a WARNING here, that it is damn slow if you've large lists to
    display.
@@ -396,5 +396,33 @@ A: Yes. Browse to "password.php". You can preset a couple of things i.e.:
 
 Q: GOsa only shows 300 entries at a time. Is this normal?
 
-A: There's a default sizelimit. You can set the "sizelimit" option in your
+A: There's a default sizelimit. You can set the "ldapSizelimit" option in your
    gosa.conf's  location section to a higher value to get rid of it.
+
+
+Q: I have problems with my ldap server when I open groups with 
+   a huge amount of members, what can I do?
+
+A: You can set a nesting limit which ensures that the user names will not be 
+   resolved if the amount of members reaches this limit.
+   <location
+        ...
+        ldapFilterNestingLimit="100"
+        ... />
+   </location>
+
+
+Q: I want to disable the "Is the configuration file up to date?" check when logging in.
+   How can I disable this check?
+
+A: Just set the configVersion attribute to an empty value:
+   <conf configVersion="" >
+
+
+Q: I've shredded my access control and am not able to do anything from now on. Is there
+   a way to override the ACL?
+
+A: Yes. Insert the following statement in the location section of your gosa.conf:
+
+   ignoreAcl="your user's dn"
+