X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2FFAQ;h=1b2958c6964b07f8aaefa62900095d1dea94b680;hb=4faca16cb6ba1e165254ea2911b921b668f60138;hp=b93049df6e42d02f32ee41b4922db8785b978263;hpb=1ca8f25000048a0da144f89192352aed5439e8c2;p=gosa.git diff --git a/gosa-core/FAQ b/gosa-core/FAQ index b93049df6..1b2958c69 100644 --- a/gosa-core/FAQ +++ b/gosa-core/FAQ @@ -98,10 +98,10 @@ A: Yes. Just go to the doc/guide/user/en directory and copy the lyx-source direc Q: Can I specify some kind of password policies? -A: You can place the keywords "pwminlen" and "pwdiffer" in the main section of your - gosa.conf. "pwminlen" specifies how many characters a password must have to be - accepted. "pwdiffer" contains the number of characters that must be different - from the previous password. +A: You can place the keywords "passwordMinLength" and "passwordMinDiffer" in the main + section of your gosa.conf. "passwordMinLength" specifies how many characters a + password must have to be accepted. "passwordMinDiffer" contains the number of + characters that must be different from the previous password. Note that these only affect passwords that are set by the user, not by the admins. @@ -110,7 +110,7 @@ Q: I've to update passwords on external windows PDCs. Can I add a command to let synchronize these for me? A: There's the possibility to add a password hook in gosa.conf's main section using - the keyword "externalpwdhook". The specified command will be executed with + the keyword "passwordHook". The specified command will be executed with three parameters: /path/to/your/script username oldpassword newpassword So you can call i.e. smbpasswd to handle your password change on the PDC. @@ -134,7 +134,7 @@ A: Create a directory to keep a set of vacation messages which are readable by t %givenName %sn ----------------------------------------------------------------------------------- - Place the config option vacationdir="/etc/gosa/vacation" in the location found in + Place the config option vacationTemplateDirectory="/etc/gosa/vacation" in the location found in gosa.conf and a template box is show in the vacation mail tab. @@ -147,7 +147,7 @@ A: Add an entry describing your id policy in gosa.conf, location section: and add a percent sign befor it. Optionally you can strip it down to a number of characters, specified in []. I.e. - idgen="{%sn}-{%givenName[2-4]}" + idGenerator="{%sn}-{%givenName[2-4]}" will generate an ID using the full surename, adding a dash, and adding at least the first two characters of givenName. If this ID is used, it'll use up to four @@ -156,11 +156,11 @@ A: Add an entry describing your id policy in gosa.conf, location section: b) using automatic id's I.e. specifying - idgen="acct{id:3}" + idGenerator="acct{id:3}" will generate a three digits id with the next free entry appended to "acct". - idgen="ext{id#3}" + idGenerator="ext{id#3}" will generate a three digits random number appended to "ext". @@ -168,8 +168,8 @@ A: Add an entry describing your id policy in gosa.conf, location section: Q: I'm migrating from the current LDAP, now GOsa does not allow uid's and group with upper/lower case and spaces. What can I do? -A: Include the strict="no" keyword in your gosa.conf's location section. - WARNING: using strict="no" will cause problems with cyrus/postfix!! +A: Include the strictNamingRules="no" keyword in your gosa.conf's location section. + WARNING: using strictNamingRules="no" will cause problems with cyrus/postfix!! Q: I'd like to place my users under ou=staff, not under ou=people. Can I change @@ -178,8 +178,8 @@ Q: I'd like to place my users under ou=staff, not under ou=people. Can I change A: Yes. You can change the people and group locations by adding the following statements to your location sections: - people="ou=staff" - groups="ou=crowds" + userRDN="ou=staff" + groupRDN="ou=crowds" After logging in again, people and groups are created in the configured places. As a side note, you can leave these strings blank for flat structures, too. @@ -196,8 +196,8 @@ Q: I really don't want dn's containing the CN for user accounts because I don't want to support anonymous binds for uid resolution. Is it possible to have dn's containing the uid instead? -A: Yes. Placing the dnmode="uid" keyword in your gosa.conf's location section will - solve your problem. +A: Yes. Placing the accountPrimaryAttribute="uid" keyword in your gosa.conf's location + section will solve your problem. Q: Hey, I've installed GOsa, but it claims something about "SID and / or RIDBASE @@ -209,8 +209,8 @@ A: You've configured GOsa to use samba3, but your LDAP has no samba domain objec ... - ridbase="1000" - sid="0-815-4711" \> + sambaRidBase="1000" + sambaSID="0-815-4711" \> Remember to fill in your real domain sid which is retrievable by the command "net getlocalsid". @@ -236,7 +236,7 @@ A: This is an additional security feature, so that no one can fall back to uid 0 ... - minid="40" + minId="40" ... \> in your configuration. In this example 40 will be the smallest ID you can enter. @@ -255,13 +255,13 @@ A: Yes. Use the winstation parameter in your location section: ... - winstations="ou=machineaccounts" + sambaMachineAccountRDN="ou=machineaccounts" ... \> Q: GOsa doesn't seem to follow my referrals. What can I do? -A: Place the option 'recursive = "true"' inside your locations definition +A: Place the option 'ldapFollowReferrals = "true"' inside your locations definition and you should be fine. @@ -271,7 +271,7 @@ A: Yes, add ... - tls="true" + ldapTLS="true" ... \> to the location section of GOsa. This switch affects LDAP connections for a single location only. @@ -284,7 +284,7 @@ A: Yes, add
... - cyrusunixstyle="true" + cyrusUseSlashes="true" ... \> to the main section of GOsa and the folders are created in unix style. @@ -305,12 +305,12 @@ A: No need to modify anything. Just add a hook the the plugin you'd like to Q: Is there a way to use ACL independet filtering when using administrative units? -A: Yes. Set STRICT_UNITS to "true" in your gosa.conf's location section. +A: Yes. Set "honourUnitTags" to "true" in your gosa.conf's location section. Q: How can i active the account expiration code for the gosa interface? -A: Yes. Just set "account_expiration" to "true" in your gosa.conf's main section. +A: Yes. Just set "handleExpiredAccounts" to "true" in your gosa.conf's main section. Q: What is the correct connection string for a Kolab server in GOsa? @@ -335,21 +335,21 @@ A: For Kolab to work correctly you have to include the rfc2739.schema Q: New implementations of OpenLDAP seem to require {sasl} instead of {kerberos} in password hashes. GOsa writes the wrong string. What can I do? -A: You can set "krbsasl" to "true" in your gosa.conf's main section. +A: You can set "useSaslForKerberos" to "true" in your gosa.conf's main section. Q: Is there a way to add the personalTitle attribute the the users dn? A: Just add this line into the location section of your gosa.conf. Q: I'd like to assign different uid bases for certain user/group objects. How can this be achieved? -A: Use the base_hook in your gosa.conf's location section to specify a script +A: Use the 'baseIdHook' in your gosa.conf's location section to specify a script which handles the ID generation externaly. It get's called with the "dn" and the attribute to be ID'd. It should return an integer value. @@ -368,7 +368,7 @@ A: Yes. Download http://standards.ieee.org/regauth/oui/oui.txt and place Q: GOsa sessions expire too quick. Is there a way to change this? -A: Yes. Set "session_lifetime" to the number of seconds of inactivity. 7200 +A: Yes. Set "sessionLifetime" to the number of seconds of inactivity. 7200 (60x60x2) would be for two hours. Place this option inside the main section of your gosa.conf. @@ -378,7 +378,7 @@ Q: Microsoft Internet Explorer <=6 seems paints strange blocks around A: Use Firefox, Konqueror, Safari, Opera, IE >= 7, etc. IE is broken and I don't want to waste my time with working around this old crap. There's - a quick hack, if you just put "ie_png_workaround='true'" inside the main + a quick hack, if you just put "iePngWorkaround='true'" inside the main section of your gosa.conf. This is a JavaScript based workaround and I've to place a WARNING here, that it is damn slow if you've large lists to display. @@ -396,7 +396,7 @@ A: Yes. Browse to "password.php". You can preset a couple of things i.e.: Q: GOsa only shows 300 entries at a time. Is this normal? -A: There's a default sizelimit. You can set the "sizelimit" option in your +A: There's a default sizelimit. You can set the "ldapSizelimit" option in your gosa.conf's location section to a higher value to get rid of it. @@ -406,19 +406,23 @@ Q: I have problems with my ldap server when I open groups with A: You can set a nesting limit which ensures that the user names will not be resolved if the amount of members reaches this limit. Q: I want to disable the "Is the configuration file up to date?" check when logging in. How can I disable this check? -A: Just set the config_version attribute to an empty value: - +A: Just set the configVersion attribute to an empty value: + - +Q: I've shredded my access control and am not able to do anything from now on. Is there + a way to override the ACL? - +A: Yes. Insert the following statement in the location section of your gosa.conf: + ignoreAcl="your user's dn"