index 79af8530d62d9cb515bfdbc15e0163ef595c5e0d..fac7b505394b9c3f2c849ce17159f68fdadfde69 100644 (file)
For every plugin, you can provide at least four additional hooks:
.I postcreate,
-.I postdelete,
+.I postremove,
.I postmodify
and
.I check.
The
.I logging
statement enables event logging on GOsa side. Setting it to
-.I syslog,
-GOsa will log every action a user performs via syslog. Setting it to
-.I mysql,
-GOsa will log every action to a mysql server, defined in the
-GOsa systems plugin. Both values can be combined as a comma seperated
-list.
+.I true,
+GOsa will log every action a user performs via syslog. If you use
+rsyslog and configure it to mysql logging, you can browse all events
+within GOsa.
-GOsa will not log anything, if the logging value is empty.
+GOsa will not log anything, if the logging value is empty or set to
+false.
.PP
.B loginAttribute
.I personalTitleInDN.
.PP
+.B accountRDN
+.I pattern
+.PP
+The
+.I accountRDN
+option tells GOsa to use a placeholder pattern for generating account
+RDNs. A pattern can include attribute names prefaced by a % and normal
+text:
+.nf
+accountRDN="cn=%sn %givenName"
+.fi
+This will generate a RDN consisting of cn=.... filled with surname and
+given name of the edited account. This option disables the use of
+.I accountPrimaryAttribute
+and
+.I personalTitleInDn
+in your config. The latter attributes are maintained for compatibility.
+
+
.B personalTitleInDN
.I bool
.PP
definition below.
.PP
+.B idAllocationMethod
+.I traditional/pool
+.PP
+The
+.I idAllocationMethod
+statement defines how GOsa generates numeric user and group id values. If it is set to
+.I traditional
+GOsa will do create a lock and perform a search for the next free ID. The lock will be
+removed after the procedure completes.
+.I pool
+will use the sambaUnixIdPool objectclass settings inside your LDAP. This one is unsafe,
+because it does not check for concurrent LDAP access and already used IDs in this range.
+On the other hand it is much faster.
+.PP
+
.B minId
.I integer
.PP
The
.I minId
statement defines the minimum assignable user or group id to avoid security leaks with
-uid 0 accounts.
+uid 0 accounts. This is used for the
+.I traditional
+method
+.PP
+
+.B uidNumberPoolMin/gidNumberPoolMin
+.I integer
+.PP
+The
+.I uidNumberPoolMin/gidNumberPoolMin
+statement defines the minimum assignable user/group id for use with the
+.I pool
+method.
+.PP
+
+.B uidNumberPoolMax/gidNumberPoolMax
+.I integer
+.PP
+The
+.I uidNumberPoolMin/gidNumberPoolMin
+statement defines the highest assignable user/group id for use with the
+.I pool
+method.
.PP
.B nextIdHook
will generate a three digits id with the next free entry appended to
"acct".
+.nf
+ idGenerator="acct{id!1}"
+.fi
+
+ will generate a one digit id with the next free entry appended to
+ "acct" - if needed.
+
.nf
idGenerator="ext{id#3}"
.fi
@@ -999,15 +1061,6 @@ statement defines the base id to add to ordinary sid calculations - if not avail
inside of the LDAP.
.PP
-.B sambaversion
-.I 2/3
-.PP
-The
-.I sambaversion
-statement defines the version of samba you want to write LDAP entries for. Be sure
-to include the correct schema in this case. Valid values are 2 and 3.
-.PP
-
.B sambaHashHook
.I path
.PP
.B Mail options
.PP
.B mailMethod
-.I Cyrus/SendmailCyrus/GOlab/Kolab/Kolab22
+.I Cyrus/SendmailCyrus/Kolab/Kolab22
.PP
The
.I mailMethod
maintains accounts and sieve scripts in cyrus servers.
.I Kolab/Kolab22
is like cyrus, but lets the kolab daemon maintain the accounts.
-.I GOlab is like cyrus - just with kolab attributes.
.I SendmailCyrus is based on sendmail LDAP attributes.
.PP
statement determines if GOsa should use "foo/bar" or "foo.bar" namespaces
in IMAP. Unix style is with slashes.
+.B cyrusDeleteMailbox
+.I bool
+.PP
+The
+.I cyrusDeleteMailbox
+statement determines if GOsa should remove the mailbox from your IMAP
+server or keep it after the account is deleted in LDAP.
+
+.B cyrusAutocreateFolders
+.I string
+.PP
+The
+.I cyrusAutocreateFolders
+statement contains a comma seperated list of personal IMAP folders that
+should be created along initial account creation.
+
.B postfixRestrictionFilters
.I path
.PP
and
.I uid.
+.B imapTimeout
+.I Integer (default 10)
+.PP
+The
+.I imapTimeout
+statement sets the connection timeout for imap actions.
+
.B mailFolderCreation
Every mail method has its own way to create mail accounts like
.I share/development
DEBUG_CONFIG = 64
DEBUG_ACL = 128
+
+DEBUG_SI = 256
+
+DEBUG_MAIL = 512
.PP
If you have only one release, or want to define a default release to be shown
by GOsa, define the
-.I defaultFaiRelease
+.I defaultFaiRelease="ou=sarge,ou=fai,ou=configs,ou=syst..."
within the
.I faiManagement
class definition