No OneTemporary
Actions

Size

10 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/kolab2.schema b/kolab2.schema
	index 2630998..cc88ad5 100644
	--- a/kolab2.schema
	+++ b/kolab2.schema
	@@ -1,324 +1,324 @@
	# (c) 2003, 2004 Tassilo Erlewein <tassilo.erlewein@erfrakon.de>
	# (c) 2003, 2004 Martin Konold <martin.konold@erfrakon.de>
	# (c) 2003 Achim Frank <achim.frank@erfrakon.de>
	#
	# Redistribution and use in source and binary forms, with or without
	# modification, are permitted provided that the following conditions are met:
	#
	# Redistributions of source code must retain the above copyright notice, this
	# list of conditions and the following disclaimer.
	#
	# Redistributions in binary form must reproduce the above copyright notice,
	# this list of conditions and the following disclaimer in the documentation
	# and/or other materials provided with the distribution.
	#
	# The name of the author may not be used to endorse or promote products derived
	# from this software without specific prior written permission.
	#
	#
	# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
	# WARRANTIES, INCLUDING, BUT #NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
	# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR
	# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
	# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
	# THE POSSIBILITY OF SUCH DAMAGE.

	# This schema highly depends on the core.schema, cosine.schema and the inetorgperson.schema
	# as provided by 3rd parties like OpenLDAP.
	#
	# slapd.conf then looks like
	# include /kolab/etc/openldap/schema/core.schema
	# include /kolab/etc/openldap/schema/cosine.schema
	# include /kolab/local/etc/openldap/schema/inetorgperson.schema
	# include /kolab/local/etc/openldap/schema/kolab2.schema

	#
	####################
	# kolab attributes #
	####################

	# helper attribute to make the kolab root easily findable in
	# a big ldap directory
	attributetype ( 1.3.6.1.4.1.19414.2.1.1
	NAME ( 'k' 'kolab' )
	SUP name
	DESC 'Kolab attribute' )

	# kolabDeleteflag used to be a boolean but describes with Kolab 2
	# the fqdn of the server which is requested to delete this objects
	# in its local store
	attributetype ( 1.3.6.1.4.1.19414.2.1.2
	NAME 'kolabDeleteflag'
	DESC 'Per host deletion status'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	# alias used to provide alternative rfc822 email addresses for kolab users
	attributetype ( 1.3.6.1.4.1.19414.2.1.3
	NAME 'alias'
	DESC 'RFC1274: RFC822 Mailbox'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	-# encryptedPassword is an asymmetrically (RSA) encrypted copy of the
	+# kolabEncryptedPassword is an asymmetrically (RSA) encrypted copy of the
	# cleartext password. This is required in order to pass the password from
	# the maintainance/administration application to the kolabHomeServer running the
	# resource handler application in a secure maner
	attributetype ( 1.3.6.1.4.1.19419.2.1.4
	- NAME 'encryptedPassword'
	- DESC 'base64 encoded public key encrypted Password'
	+ NAME 'kolabEncryptedPassword'
	+ DESC 'base64 encoded public key encrypted Password'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

	# hostname including the domain name like kolab-master.bsi.de
	attributetype ( 1.3.6.1.4.1.19414.2.1.5
	NAME ( 'fqhostname' 'fqdnhostname' )
	DESC 'Fully qualified Hostname including full domain component'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	# fqdn of all hosts in a multi-location setup
	attributetype ( 1.3.6.1.4.1.19414.2.1.6
	- NAME 'kolabhost'
	+ NAME 'kolabHost'
	DESC 'Multivalued -- list of hostnames in a Kolab setup'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	# fqdn of the server containg the actual user data
	attributetype ( 1.3.6.1.4.1.19419.1.1.1.1
	NAME 'kolabHomeServer'
	DESC 'server which keeps the users mailbox'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	# flag for allowing unrestriced length of mails
	attributetype ( 1.3.6.1.4.1.19419.1.1.1.2
	NAME 'unrestrictedMailSize'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
	EQUALITY booleanMatch )

	# allow delegates to act in your name (vacation/secretary boss use case)
	# we use the syntax of rfc822 email addresses in order identify
	# users allow to act in the name of others
	attributetype ( 1.3.6.1.4.1.19419.1.1.1.3
	NAME 'kolabDelegate'
	DESC 'Kolab user allowed to act as delegates - RFC822 Mailbox/Alias'
	EQUALITY caseIgnoreIA5Match
	SUBSTR caseIgnoreIA5SubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	######################
	# postfix attributes #
	######################

	attributetype ( 1.3.6.1.4.1.19414.2.1.501
	NAME 'postfix-mydomain'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	attributetype ( 1.3.6.1.4.1.19414.2.1.502
	NAME 'postfix-relaydomains'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	attributetype ( 1.3.6.1.4.1.19414.2.1.503
	NAME 'postfix-mydestination'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	attributetype ( 1.3.6.1.4.1.19414.2.1.504
	NAME 'postfix-mynetworks'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	attributetype ( 1.3.6.1.4.1.19414.2.1.505
	NAME 'postfix-relayhost'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	attributetype ( 1.3.6.1.4.1.19414.2.1.506
	NAME 'postfix-transport'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	attributetype ( 1.3.6.1.4.1.19414.2.1.507
	NAME 'postfix-enable-virus-scan'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )

	##########################
	# cyrus imapd attributes #
	##########################

	attributetype ( 1.3.6.1.4.1.19414.2.1.601
	NAME 'cyrus-autocreatequota'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

	attributetype ( 1.3.6.1.4.1.19414.2.1.602
	NAME 'cyrus-admins'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	# enable plain imap without ssl
	attributetype ( 1.3.6.1.4.1.19414.2.1.603
	NAME 'cyrus-imap'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
	EQUALITY booleanMatch )

	# enable legacy pop3
	attributetype ( 1.3.6.1.4.1.19414.2.1.604
	NAME 'cyrus-pop3'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
	EQUALITY booleanMatch )

	# user specific quota on the cyrus imap server
	attributetype ( 1.3.6.1.4.1.19414.2.1.605
	- NAME 'userquota'
	+ NAME 'cyrus-userquota'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

	# cyrus imapd access control list
	# acls work with users and groups
	attributetype ( 1.3.6.1.4.1.19414.2.1.651
	NAME 'acl'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

	# enable secure imap
	attributetype ( 1.3.6.1.4.1.19414.2.1.606
	NAME 'cyrus-imaps'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
	EQUALITY booleanMatch )

	# enable secure pop3
	attributetype ( 1.3.6.1.4.1.19414.2.1.607
	NAME 'cyrus-pop3s'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
	EQUALITY booleanMatch )

	# enable sieve support (required for forward and vacation services)
	attributetype ( 1.3.6.1.4.1.19414.2.1.608
	NAME 'cyrus-sieve'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
	EQUALITY booleanMatch )

	# installation wide percentage which determines when to send a
	# warning to the user
	attributetype ( 1.3.6.1.4.1.19414.2.1.609
	NAME 'cyrus-quotawarn'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

	#############################
	# apache and php attributes #
	#############################

	# enable plain http (no ssl)
	attributetype ( 1.3.6.1.4.1.19414.2.1.701
	NAME 'apache-http'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
	EQUALITY booleanMatch )

	######################
	# proftpd attributes #
	######################

	attributetype ( 1.3.6.1.4.1.19414.2.1.901
	NAME 'proftpd-defaultquota'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )

	attributetype ( 1.3.6.1.4.1.19414.2.1.902
	NAME 'proftpd-ftp'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
	EQUALITY booleanMatch )

	attributetype ( 1.3.6.1.4.1.19414.2.1.903
	NAME 'proftpd-userPassword'
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

	########################
	# kolab object classes #
	########################

	# main kolab server configuration
	objectclass ( 1.3.6.1.4.1.19414.2.2.1
	NAME 'kolab'
	DESC 'Kolab server configuration'
	SUP top STRUCTURAL
	MUST k
	MAY ( kolabhost $
	postfix-mydomain $
	postfix-relaydomains $
	postfix-mydestination $
	postfix-mynetworks $
	postfix-relayhost $
	postfix-transport $
	postfix-enable-virus-scan $
	cyrus-autocreatequota $
	cyrus-quotawarn $
	cyrus-autocreatequota $
	cyrus-admins $
	cyrus-imap $
	cyrus-pop3 $
	cyrus-imaps $
	cyrus-pop3s $
	cyrus-sieve $
	apache-http $
	proftpd-ftp $
	proftpd-defaultquota $
	uid $
	userPassword ) )

	# shared folders are typically visible to everyone subscribed to
	# the server without the need for an extra login
	objectclass ( 1.3.6.1.4.1.19414.2.2.9
	- NAME 'kolabSharedfolder'
	+ NAME 'kolabSharedFolder'
	DESC 'Kolab public shared folder'
	SUP top STRUCTURAL
	MUST cn
	MAY ( acl $
	- userquota $
	+ cyrus-userquota $
	kolabHomeServer $
	kolabDeleteflag ) )

	# used as a plain node for the LDAP tree. In contrast to unix filesystem directories
	# LDAP nodes can and often do also have contents/attributes. We use kolabNamedObject
	# in order to put more structure in the directory tree.
	objectclass ( 1.3.6.1.4.1.5322.13.1.1
	NAME 'kolabNamedObject'
	SUP top STRUCTURAL
	MAY (cn $ ou) )

	# kolab account with country support
	# we use an auxiliary in order to ease integration
	# with existing inetOrgPerson objects
	objectclass ( 1.3.6.1.4.1.19414.3.2.2
	NAME 'kolabInetOrgPerson'
	DESC 'Kolab Internet Organizational Person'
	SUP top AUXILIARY
	MAY ( kolabHomeServer $
	c $
	unrestrictedMailSize $
	kolabDelegate $
	- encryptedPassword $
	+ kolabEncryptedPassword $
	kolabDeleteflag $
	alias $
	- userquota ) )
	+ cyrus-userquota ) )

	# kolab organization with country support
	objectclass ( 1.3.6.1.4.1.19414.3.2.3
	NAME 'kolabOrganization'
	DESC 'RFC2256: a Kolab organization'
	SUP organization STRUCTURAL
	MAY ( c $
	mail $
	kolabDeleteflag $
	alias ) )

	# kolab organizational unit with country support
	objectclass ( 1.3.6.1.4.1.19414.3.2.4
	NAME 'kolabOrganizationalUnit'
	DESC 'a Kolab organizational unit'
	SUP organizationalUnit STRUCTURAL
	MAY ( c $
	mail $
	kolabDeleteflag $
	alias ) )
	# kolab groupOfNames with extra kolabDeleteflag
	objectclass ( 1.3.6.1.4.1.19414.3.2.5
	NAME 'kolabGroupOfNames'
	DESC 'Kolab group of names (DNs) derived from RFC2256'
	SUP groupOfNames STRUCTURAL
	MAY kolabDeleteflag )

File Metadata

Mime Type: text/x-diff
Expires: Mon, Sep 15, 7:36 AM (1 d, 11 h)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 287500
Default Alt Text: (10 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions