Modified schema files to make GOsa and Kolab style more compatible:

* moved to SUP groupOfNames instead of SUP top for gosaGroupOfNames
* made kolabGroupOfNames SUP gosaGroupOfNames
* made kolabSharedFolder SUP posixGroup to fit our concepts

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@806 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/contrib/openldap/gosa+samba3.schema b/contrib/openldap/gosa+samba3.schema
index e32e3bcaa9c1cf8f52d59ec8bf58342b7d0d159b..d4689c47a5ea575f0118937f1227304f9bfa3af1 100644 (file)
--- a/contrib/openldap/gosa+samba3.schema
+++ b/contrib/openldap/gosa+samba3.schema
@@ -266,9 +266,8 @@ objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.11 NAME 'gosaUserTemplate' SUP top AUXI
 
 objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.12 NAME 'gosaGroupOfNames'
         DESC 'GOsa object grouping (v2.4)'
-        SUP top STRUCTURAL
-        MUST ( cn $ gosaGroupObjects )
-        MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description $ member ) )
+        SUP groupOfNames STRUCTURAL
+        MUST ( cn $ gosaGroupObjects ))
 
 objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.13 NAME 'gosaWebdavAccount'
         DESC 'GOsa webdav enabling account (v2.4)'

diff --git a/contrib/openldap/gosa.schema b/contrib/openldap/gosa.schema
index cc672487609ec81d3de0976977e3391df434f165..778ad5676c880e679c74ff862814c11744c44199 100644 (file)
--- a/contrib/openldap/gosa.schema
+++ b/contrib/openldap/gosa.schema
@@ -265,9 +265,8 @@ objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.11 NAME 'gosaUserTemplate' SUP top AUXI
 
 objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.12 NAME 'gosaGroupOfNames'
         DESC 'GOsa object grouping (v2.4)'
-        SUP top STRUCTURAL
-        MUST ( cn $ gosaGroupObjects )
-        MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description $ member ) )
+        SUP groupOfNames STRUCTURAL
+        MUST ( cn $ gosaGroupObjects ))
 
 objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.13 NAME 'gosaWebdavAccount'
         DESC 'GOsa webdav enabling account (v2.4)'

diff --git a/contrib/openldap/kolab2.schema b/contrib/openldap/kolab2.schema
index d4f9633e31c767dbb563412618fa010ac604193b..769ce1ba95b9afbc0339976e5d73ceef83b81794 100644 (file)
--- a/contrib/openldap/kolab2.schema
+++ b/contrib/openldap/kolab2.schema
@@ -1,4 +1,4 @@
-# $Id: kolab2.schema,v 1.5 2005/03/18 00:29:24 martin Exp $
+# $Id: kolab2.schema,v 1.12 2005/06/11 16:40:23 martin Exp $
 # (c) 2003, 2004 Tassilo Erlewein <tassilo.erlewein@erfrakon.de>
 # (c) 2003, 2004 Martin Konold <martin.konold@erfrakon.de>
 # (c) 2003 Achim Frank <achim.frank@erfrakon.de>
@@ -106,9 +106,10 @@ attributetype ( 1.3.6.1.4.1.19419.1.1.1.2
   EQUALITY booleanMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
 
-# allow delegates to act in your name (vacation/secretary boss use case)
-# we use the syntax of rfc822 email addresses in order identify 
-# users allow to act in the name of others
+# Specifies the email delegates.
+# An email delegate can send email on behalf of the account  
+# which means using the "from" of the account.
+# Delegates are specified by the syntax of rfc822 email addresses.
 attributetype ( 1.3.6.1.4.1.19419.1.1.1.3
   NAME 'kolabDelegate'
   DESC 'Kolab user allowed to act as delegates - RFC822 Mailbox/Alias'
@@ -162,6 +163,113 @@ attributetype ( 1.3.6.1.4.1.19419.1.1.1.7
   SUBSTR caseIgnoreIA5SubstringsMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
 
+# Begin date of Kolab vacation period. Sender will
+# be notified every kolabVacationResendIntervall days 
+# that recipient is absent until kolabVacationEnd.
+# Values in this syntax are encoded as printable strings,
+# represented as specified in X.208. 
+# Note that the time zone must be specified. 
+# For Kolab we limit ourself to  GMT
+# YYYYMMDDHHMMZ e.g. 200512311458Z.
+# see also: rfc 2252.
+# Currently this attribute is not used in Kolab.
+attributetype ( 1.3.6.1.4.1.19419.1.1.1.8
+  NAME 'kolabVacationBeginDateTime'
+  DESC 'Begin date of vacation'
+  EQUALITY generalizedTimeMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+
+# End date of Kolab vacation period. Sender will
+# be notified every kolabVacationResendIntervall days
+# that recipient is absent starting from kolabVacationBeginDateTime.
+# Values in this syntax are encoded as printable strings,
+# represented as specified in X.208.
+# Note that the time zone must be specified.
+# For Kolab we limit ourself to  GMT
+# YYYYMMDDHHMMZ e.g. 200601012258Z.
+# see also: rfc 2252.
+# Currently this attribute is not used in Kolab.
+attributetype ( 1.3.6.1.4.1.19419.1.1.1.9
+  NAME 'kolabVacationEndDateTime'
+  DESC 'End date of vacation'
+  EQUALITY generalizedTimeMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+
+# Intervall in days after which senders get 
+# another vacation message.
+# Currently this attribute is not used in Kolab.
+attributetype ( 1.3.6.1.4.1.19419.1.1.1.10
+  NAME 'kolabVacationResendInterval'
+  DESC 'Vacation notice interval in days'
+  EQUALITY integerMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.27)
+
+# Email recipient addresses which are handled by the
+# vacation script. There can be multiple kolabVacationAddress
+# entries for each kolabInetOrgPerson.
+# Default is the primary email address and all
+# email aliases of the kolabInetOrgPerson.
+# Currently this attribute is not used in Kolab.
+attributetype ( 1.3.6.1.4.1.19419.1.1.1.11
+  NAME 'kolabVacationAddress'
+  DESC 'Email address for vacation to response upon'
+  EQUALITY caseIgnoreIA5Match
+  SUBSTR caseIgnoreIA5SubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+# Enable sending vacation notices in reaction
+# unsolicited commercial email.
+# Default is no.
+# Currently this attribute is not used in Kolab.
+attributetype ( 1.3.6.1.4.1.19419.1.1.1.12
+  NAME 'kolabVacationReplyToUCE'
+  DESC 'Enable vacation notices to UCE'
+  EQUALITY booleanMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7)
+
+# Email recipient domains which are handled by the
+# vacation script. There can be multiple kolabVacationReactDomain
+# entries for each kolabInetOrgPerson
+# Default is to handle all domains.
+# Currently this attribute is not used in Kolab.
+attributetype ( 1.3.6.1.4.1.19419.1.1.1.13
+  NAME 'kolabVacationReactDomain'
+  DESC 'Multivalued -- Email domain for vacation to response upon'
+  EQUALITY caseIgnoreIA5Match
+  SUBSTR caseIgnoreIA5SubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )  
+
+# Forward all incoming emails except UCE if kolabForwardUCE
+# is not set to this email address.
+# There can be multiple kolabForwardAddress entries for 
+# each kolabInetOrgPerson.
+# Currently this attribute is not used in Kolab.
+attributetype ( 1.3.6.1.4.1.19419.1.1.1.14
+  NAME 'kolabForwardAddress'
+  DESC 'Forward email to this address'
+  EQUALITY caseIgnoreIA5Match
+  SUBSTR caseIgnoreIA5SubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+# Keep local copy when forwarding emails to list of
+# kolabForwardAddress. 
+# Default is no.
+# Currently this attribute is not used in Kolab.
+attributetype ( 1.3.6.1.4.1.19419.1.1.1.15
+  NAME 'kolabForwardKeepCopy'
+  DESC 'Keep copy when forwarding'
+  EQUALITY booleanMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+# Enable forwarding of UCE. 
+# Default is yes.
+# Currently this attribute is not used in Kolab.
+attributetype ( 1.3.6.1.4.1.19419.1.1.1.16
+  NAME 'kolabForwardUCE'
+  DESC 'Enable forwarding of mails known as UCE'
+  EQUALITY booleanMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
 ######################
 # postfix attributes #
 ######################
@@ -212,6 +320,12 @@ attributetype ( 1.3.6.1.4.1.19414.2.1.508
   EQUALITY booleanMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
 
+attributetype ( 1.3.6.1.4.1.19414.2.1.509
+  NAME 'postfix-virtual'
+  EQUALITY caseIgnoreIA5Match
+  SUBSTR caseIgnoreIA5SubstringsMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
 ##########################
 # cyrus imapd attributes #
 ##########################
@@ -295,6 +409,30 @@ attributetype ( 1.3.6.1.4.1.19414.2.1.702
   EQUALITY booleanMatch
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
 
+##########################
+# kolabfilter attributes #
+##########################
+
+# enable trustable From:
+attributetype ( 1.3.6.1.4.1.19414.2.1.750
+  NAME 'kolabfilter-verify-from-header'
+  EQUALITY booleanMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+# should Sender header be allowed instead of From
+# when present?
+attributetype ( 1.3.6.1.4.1.19414.2.1.751
+  NAME 'kolabfilter-allow-sender-header'
+  EQUALITY booleanMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+# Should reject messages with From headers that dont match
+# the envelope? Default is to rewrite the header
+attributetype ( 1.3.6.1.4.1.19414.2.1.752
+  NAME 'kolabfilter-reject-forged-from-header'
+  EQUALITY booleanMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
 ######################
 # proftpd attributes #
 ######################
@@ -325,15 +463,16 @@ objectclass ( 1.3.6.1.4.1.19414.2.2.1
   DESC 'Kolab server configuration'
   SUP top STRUCTURAL
   MUST k
-  MAY (        kolabHost $
+  MAY ( kolabHost $
         postfix-mydomain $
         postfix-relaydomains $
         postfix-mydestination $
         postfix-mynetworks $
         postfix-relayhost $
         postfix-transport $
+        postfix-virtual $
         postfix-enable-virus-scan $
-       postfix-allow-unauthenticated $
+        postfix-allow-unauthenticated $
         cyrus-autocreatequota $
         cyrus-quotawarn $
         cyrus-autocreatequota $
@@ -344,7 +483,10 @@ objectclass ( 1.3.6.1.4.1.19414.2.2.1
         cyrus-pop3s $
         cyrus-sieve $
         apache-http $
-       apache-allow-unauthenticated-fb $
+        apache-allow-unauthenticated-fb $
+        kolabfilter-verify-from-header $
+        kolabfilter-allow-sender-header $
+        kolabfilter-reject-forged-from-header $
         proftpd-ftp $
         proftpd-defaultquota $
         kolabFreeBusyFuture $
@@ -357,7 +499,7 @@ objectclass ( 1.3.6.1.4.1.19414.2.2.1
 objectclass ( 1.3.6.1.4.1.19414.2.2.9 
   NAME 'kolabSharedFolder'
   DESC 'Kolab public shared folder'
-  SUP top STRUCTURAL
+  SUP posixGroup STRUCTURAL
   MUST cn
   MAY ( acl $
         cyrus-userquota $
@@ -384,15 +526,24 @@ objectclass ( 1.3.6.1.4.1.19414.3.2.2
   SUP top AUXILIARY
   MAY ( c $
         alias $
-       kolabHomeServer $
+        kolabHomeServer $
         kolabHomeMTA $
         unrestrictedMailSize $
         kolabDelegate $
         kolabEncryptedPassword $
-       cyrus-userquota $
-       kolabInvitationPolicy $
+        cyrus-userquota $
+        kolabInvitationPolicy $
         kolabFreeBusyFuture $
         calFBURL $
+       kolabVacationBeginDateTime $
+       kolabVacationEndDateTime $
+       kolabVacationResendInterval $
+       kolabVacationAddress $
+       kolabVacationReplyToUCE $
+       kolabVacationReactDomain $
+       kolabForwardAddress $
+       kolabForwardKeepCopy $
+        kolabForwardUCE $
         kolabDeleteflag ) )
 
 # kolab organization with country support
@@ -415,9 +566,13 @@ objectclass ( 1.3.6.1.4.1.19414.3.2.4
         kolabDeleteflag $
         alias ) )
 
-# kolab groupOfNames with extra kolabDeleteflag
-objectclass ( 1.3.6.1.4.1.19414.3.2.5 
-  NAME 'kolabGroupOfNames'
-  DESC 'Kolab group of names (DNs) derived from RFC2256'
-  SUP groupOfNames STRUCTURAL
-  MAY kolabDeleteflag )
+# kolab groupOfNames with extra kolabDeleteflag and the required attribute mail.    
+# The mail attribute for kolab objects of the type kolabGroupOfNames is not arbitrary but    
+# MUST be a single attribute of the form cn@kolabdomain (e.g. employees@mydomain.com). The    
+# mail attribute MUST be worldwide unique.    
+objectclass ( 1.3.6.1.4.1.19414.3.2.5    
+  NAME 'kolabGroupOfNames'    
+  DESC 'Kolab group of names (DNs) derived from RFC2256'    
+  SUP gosaGroupOfNames STRUCTURAL    
+  MAY ( mail $    
+        kolabDeleteflag ) )