diff --git a/kolab2.schema b/kolab2.schema index 4b7061e..4fa1b03 100644 --- a/kolab2.schema +++ b/kolab2.schema @@ -1,704 +1,704 @@ # $Id$ # (c) 2003, 2004 Tassilo Erlewein # (c) 2003-2007 Martin Konold # (c) 2003 Achim Frank # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # Redistributions of source code must retain the above copyright notice, this # list of conditions and the following disclaimer. # # Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # # The name of the author may not be used to endorse or promote products derived # from this software without specific prior written permission. # # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # This schema highly depends on the core.schema, cosine.schema and the inetorgperson.schema # as provided by 3rd parties like OpenLDAP. # # slapd.conf then looks like # include /kolab/etc/openldap/schema/core.schema # include /kolab/etc/openldap/schema/cosine.schema # include /kolab/etc/openldap/schema/inetorgperson.schema # include /kolab/etc/openldap/schema/rfc2739.schema # include /kolab/etc/openldap/schema/kolab2.schema # #################### # kolab attributes # #################### # helper attribute to make the kolab root easily findable in # a big ldap directory attributetype ( 1.3.6.1.4.1.19414.2.1.1 NAME ( 'k' 'kolab' ) DESC 'Kolab attribute' SUP name ) # kolabDeleteflag used to be a boolean but describes with Kolab 2 # the fqdn of the server which is requested to delete this objects # in its local store attributetype ( 1.3.6.1.4.1.19414.2.1.2 NAME 'kolabDeleteflag' DESC 'Per host deletion status' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # alias used to provide alternative rfc822 email addresses for kolab users attributetype ( 1.3.6.1.4.1.19414.2.1.3 NAME 'alias' DESC 'RFC1274: RFC822 Mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # kolabEncryptedPassword is an asymmetrically (RSA) encrypted copy of the # cleartext password. This is required in order to pass the password from # the maintainance/administration application to the kolabHomeServer running the # resource handler application in a secure manner. # Actually this attribute is deprecated as of Kolab 2.1. Instead we grant the # calendar user dn: cn=calendar,cn=internal,dc=yourcompany,dc=com access to # the respective calendar folder using IMAP ACLs. attributetype ( 1.3.6.1.4.1.19414.2.1.4 NAME 'kolabEncryptedPassword' DESC 'base64 encoded public key encrypted Password' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) # hostname including the domain name like kolab-master.yourcompany.com attributetype ( 1.3.6.1.4.1.19414.2.1.5 NAME ( 'fqhostname' 'fqdnhostname' ) DESC 'Fully qualified Hostname including full domain component' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # fqdn of all hosts in a multi-location or cluster setup attributetype ( 1.3.6.1.4.1.19414.2.1.6 NAME 'kolabHost' DESC 'Multivalued -- list of hostnames in a Kolab setup' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # fqdn of the server containg the actual user mailbox attributetype ( 1.3.6.1.4.1.19414.1.1.1.1 NAME 'kolabHomeServer' DESC 'server which keeps the users mailbox' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # flag for allowing unrestriced length of mails attributetype ( 1.3.6.1.4.1.19414.1.1.1.2 NAME 'unrestrictedMailSize' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # Specifies the email delegates. # An email delegate can send email on behalf of the account # which means using the "from" of the account. # Delegates are specified by the syntax of rfc822 email addresses. attributetype ( 1.3.6.1.4.1.19414.1.1.1.3 NAME 'kolabDelegate' DESC 'Kolab user allowed to act as delegates - RFC822 Mailbox/Alias' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # For user, group and resource Kolab accounts # Describes how to respond to invitations # We keep the attribute as a string, but actually it can only have one # of the following values: # # ACT_ALWAYS_ACCEPT # ACT_ALWAYS_REJECT # ACT_REJECT_IF_CONFLICTS # ACT_MANUAL_IF_CONFLICTS # ACT_MANUAL # In addition one of these values may be prefixed with a primary email # address followed by a colon like # user@domain.tld: ACT_ALWAYS_ACCEPT attributetype ( 1.3.6.1.4.1.19414.1.1.1.4 NAME ( 'kolabInvitationPolicy' 'kolabResourceAction' ) DESC 'defines how to respond to invitations' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # time span from now to the future used for the free busy data # measured in days attributetype ( 1.3.6.1.4.1.19414.1.1.1.5 NAME 'kolabFreeBusyFuture' DESC 'time in days for fb data towards the future' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) # time span from now to the past used for the free busy data # measured in days attributetype ( 1.3.6.1.4.1.19414.1.1.1.6 NAME 'kolabFreeBusyPast' DESC 'time in days for fb data towards the past' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) # fqdn of the server as the default SMTP MTA # not used in Kolab 2 currently as in Kolab 2 the # default MTA is equivalent to the kolabHomeServer attributetype ( 1.3.6.1.4.1.19414.1.1.1.7 NAME 'kolabHomeMTA' DESC 'fqdn of default MTA' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE ) # Begin date of Kolab vacation period. Sender will # be notified every kolabVacationResendIntervall days # that recipient is absent until kolabVacationEnd. # Values in this syntax are encoded as printable strings, # represented as specified in X.208. # Note that the time zone must be specified. # For Kolab we limit ourself to GMT # YYYYMMDDHHMMZ e.g. 200512311458Z. # see also: rfc 2252. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19414.1.1.1.8 NAME 'kolabVacationBeginDateTime' DESC 'Begin date of vacation' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) # End date of Kolab vacation period. Sender will # be notified every kolabVacationResendIntervall days # that recipient is absent starting from kolabVacationBeginDateTime. # Values in this syntax are encoded as printable strings, # represented as specified in X.208. # Note that the time zone must be specified. # For Kolab we limit ourself to GMT # YYYYMMDDHHMMZ e.g. 200601012258Z. # see also: rfc 2252. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19414.1.1.1.9 NAME 'kolabVacationEndDateTime' DESC 'End date of vacation' EQUALITY generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) # Intervall in days after which senders get # another vacation message. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19414.1.1.1.10 NAME 'kolabVacationResendInterval' DESC 'Vacation notice interval in days' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) # Email recipient addresses which are handled by the # vacation script. There can be multiple kolabVacationAddress # entries for each kolabInetOrgPerson. # Default is the primary email address and all # email aliases of the kolabInetOrgPerson. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19414.1.1.1.11 NAME 'kolabVacationAddress' DESC 'Email address for vacation to response upon' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # Enable sending vacation notices in reaction # unsolicited commercial email. # Default is no. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19414.1.1.1.12 NAME 'kolabVacationReplyToUCE' DESC 'Enable vacation notices to UCE' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) # Email recipient domains which are handled by the # vacation script. There can be multiple kolabVacationReactDomain # entries for each kolabInetOrgPerson # Default is to handle all domains. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19414.1.1.1.13 NAME 'kolabVacationReactDomain' DESC 'Multivalued -- Email domain for vacation to response upon' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # Forward all incoming emails except UCE if kolabForwardUCE # is not set to this email address. # There can be multiple kolabForwardAddress entries for # each kolabInetOrgPerson. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19414.1.1.1.14 NAME 'kolabForwardAddress' DESC 'Forward email to this address' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # Keep local copy when forwarding emails to list of # kolabForwardAddress. # Default is no. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19414.1.1.1.15 NAME 'kolabForwardKeepCopy' DESC 'Keep copy when forwarding' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) # Enable forwarding of UCE. # Default is yes. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19414.1.1.1.16 NAME 'kolabForwardUCE' DESC 'Enable forwarding of mails known as UCE' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) # comment when creating or deleting a kolab object # a comment might be appropriate. This is most useful # for tracability when users get moved to the graveyard # instead of being really deleted. Every entry must be prefixed # with an ISO 8601 date string e.g 200604301458Z. All times must # be in zulu timezone. attributetype ( 1.3.6.1.4.1.19414.1.1.1.17 NAME 'kolabComment' DESC 'multi-value comment' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) # describes the allowed or disallowed smtp addresses for # recipients. If this attribute is not set for a user no # kolab recipient policy does apply. # example entries: # .tld - allow mail to every recipient for this tld # domain.tld - allow mail to everyone in domain.tld # .domain.tld - allow mail to everyone in domain.tld and its subdomains # user@domain.tld - allow mail to explicit user@domain.tld # user@ - allow mail to this user but any domain # -.tld - disallow mail to every recipient for this tld # -domain.tld - disallow mail to everyone in domain.tld # -.domain.tld - disallow mail to everyone in domain.tld and its subdomains # -user@domain.tld - disallow mail to explicit user@domain.tld # -user@ - disallow mail to this user but any domain attributetype ( 1.3.6.1.4.1.19414.1.1.1.18 NAME 'kolabAllowSMTPRecipient' DESC 'SMTP address allowed for destination (multi-valued)' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{512} ) # kolabFolderType describes the kind of Kolab folder # as defined in the kolab format specification. # We will annotate all folders with an entry # /vendor/kolab/folder-type containing the attribute # value.shared set to: [.]. # The can be: mail, event, journal, task, note, # or contact. The for a mail folder can be # inbox, drafts, sentitems, or junkemail (this one holds # spam mails). For the other s, it can only be # default, or not set. For other types of folders # supported by the clients, these should be prefixed with # "k-" for KMail, "h-" for Horde and "o-" for Outlook, and # look like for example "kolab.o-voicemail". Other third-party # clients shall use the "x-" prefix. # We then use the ANNOTATEMORE IMAP extension to # associate the folder type with a folder. attributetype ( 1.3.6.1.4.1.19414.2.1.7 NAME 'kolabFolderType' DESC 'type of a kolab folder' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} SINGLE-VALUE ) ###################### # postfix attributes # ###################### attributetype ( 1.3.6.1.4.1.19414.2.1.501 NAME 'postfix-mydomain' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.502 NAME 'postfix-relaydomains' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.503 NAME 'postfix-mydestination' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.504 NAME 'postfix-mynetworks' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.505 NAME 'postfix-relayhost' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.506 NAME 'postfix-transport' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.507 NAME 'postfix-enable-virus-scan' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.19414.2.1.508 NAME 'postfix-allow-unauthenticated' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.19414.2.1.509 NAME 'postfix-virtual' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.510 NAME 'postfix-relayport' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) ########################## # cyrus imapd attributes # ########################## attributetype ( 1.3.6.1.4.1.19414.2.1.601 NAME 'cyrus-autocreatequota' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.19414.2.1.602 NAME 'cyrus-admins' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # enable plain imap without ssl attributetype ( 1.3.6.1.4.1.19414.2.1.603 NAME 'cyrus-imap' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) # enable legacy pop3 attributetype ( 1.3.6.1.4.1.19414.2.1.604 NAME 'cyrus-pop3' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # user specific quota on the cyrus imap server attributetype ( 1.3.6.1.4.1.19414.2.1.605 NAME 'cyrus-userquota' DESC 'Mailbox hard quota limit in MB' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) # cyrus imapd access control list # acls work with users and groups attributetype ( 1.3.6.1.4.1.19414.2.1.651 NAME 'acl' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # enable secure imap attributetype ( 1.3.6.1.4.1.19414.2.1.606 NAME 'cyrus-imaps' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # enable secure pop3 attributetype ( 1.3.6.1.4.1.19414.2.1.607 NAME 'cyrus-pop3s' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # enable sieve support (required for forward and vacation services) attributetype ( 1.3.6.1.4.1.19414.2.1.608 NAME 'cyrus-sieve' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # installation wide percentage which determines when to send a # warning to the user attributetype ( 1.3.6.1.4.1.19414.2.1.609 NAME 'cyrus-quotawarn' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) # enable smmap support attributetype ( 1.3.6.1.4.1.19414.2.1.610 NAME 'cyrus-smmap' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # enable fulldirhash support attributetype ( 1.3.6.1.4.1.19414.2.1.611 NAME 'cyrus-fulldirhash' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # enable hashimapspool support attributetype ( 1.3.6.1.4.1.19414.2.1.612 NAME 'cyrus-hashimapspool' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # enable squatter support attributetype ( 1.3.6.1.4.1.19414.2.1.613 NAME 'cyrus-squatter' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) ############################# # apache and php attributes # ############################# # enable plain http (no ssl) attributetype ( 1.3.6.1.4.1.19414.2.1.701 NAME 'apache-http' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # Allow freebusy download without authenticating first attributetype ( 1.3.6.1.4.1.19414.2.1.702 NAME 'apache-allow-unauthenticated-fb' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) ########################## # kolabfilter attributes # ########################## # enable trustable From: attributetype ( 1.3.6.1.4.1.19414.2.1.750 NAME 'kolabfilter-verify-from-header' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # should Sender header be allowed instead of From # when present? attributetype ( 1.3.6.1.4.1.19414.2.1.751 NAME 'kolabfilter-allow-sender-header' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # Should reject messages with From headers that dont match # the envelope? Default is to rewrite the header attributetype ( 1.3.6.1.4.1.19414.2.1.752 NAME 'kolabfilter-reject-forged-from-header' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # Enable the Kolab Policy Daemon. If false or not # set don't use the Kolab Policy Daemon attributetype ( 1.3.6.1.4.1.19414.2.1.800 NAME 'kolabPolicyDaemon' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) ###################################################### # proftpd attributes (unused since Kolab Server 2.2) # ###################################################### attributetype ( 1.3.6.1.4.1.19414.2.1.901 NAME 'proftpd-defaultquota' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) attributetype ( 1.3.6.1.4.1.19414.2.1.902 NAME 'proftpd-ftp' EQUALITY booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) attributetype ( 1.3.6.1.4.1.19414.2.1.903 NAME 'proftpd-userPassword' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ######################## # kolab object classes # ######################## # main kolab server configuration # storing global values and user specific default values # like kolabFreeBusyFuture and kolabFreeBusyPast objectclass ( 1.3.6.1.4.1.19414.2.2.1 NAME 'kolab' DESC 'Kolab server configuration' SUP top STRUCTURAL MUST k MAY ( kolabHost $ postfix-mydomain $ postfix-relaydomains $ postfix-mydestination $ postfix-mynetworks $ postfix-relayhost $ postfix-relayport $ postfix-transport $ postfix-virtual $ postfix-enable-virus-scan $ postfix-allow-unauthenticated $ cyrus-quotawarn $ cyrus-autocreatequota $ cyrus-admins $ cyrus-imap $ cyrus-pop3 $ cyrus-imaps $ cyrus-pop3s $ cyrus-sieve $ apache-http $ apache-allow-unauthenticated-fb $ kolabfilter-verify-from-header $ kolabfilter-allow-sender-header $ kolabfilter-reject-forged-from-header $ kolabPolicyDaemon $ proftpd-ftp $ proftpd-defaultquota $ kolabFreeBusyFuture $ kolabFreeBusyPast $ uid $ userPassword ) ) # public folders are typically visible to everyone subscribed to # the server without the need for an extra login. Subfolders are # defined using the hiarchy seperator '/' e.g. "sf/sub1". Please note # that the term public folder is prefered to shared folder because # normal user mailboxes can also share folders using acls. objectclass ( 1.3.6.1.4.1.19414.2.2.9 NAME 'kolabSharedFolder' DESC 'Kolab public shared folder' SUP top STRUCTURAL MUST cn MAY ( acl $ alias $ cyrus-userquota $ kolabHomeServer $ kolabFolderType $ kolabDeleteflag ) ) # kolabNamedObject is used as a plain node for the LDAP tree. # In contrast to unix filesystem directories LDAP nodes can # and often do also have contents/attributes. We use the # kolabNamedObject in order to put some structure in the # LDAP directory tree. objectclass ( 1.3.6.1.4.1.5322.13.1.1 NAME 'kolabNamedObject' SUP top STRUCTURAL MAY (cn $ ou) ) # kolab account # we use an auxiliary in order to ease integration # with existing inetOrgPerson objects # Please note that userPassword is a may # attribute in the schema but is mandatory for # Kolab objectclass ( 1.3.6.1.4.1.19414.3.2.2 NAME 'kolabInetOrgPerson' DESC 'Kolab Internet Organizational Person' SUP top AUXILIARY MAY ( c $ alias $ kolabHomeServer $ kolabHomeMTA $ unrestrictedMailSize $ kolabDelegate $ kolabEncryptedPassword $ cyrus-userquota $ kolabInvitationPolicy $ kolabFreeBusyFuture $ calFBURL $ - kolabVacationBeginDateTime $ - kolabVacationEndDateTime $ - kolabVacationResendInterval $ - kolabVacationAddress $ - kolabVacationReplyToUCE $ - kolabVacationReactDomain $ - kolabForwardAddress $ - kolabForwardKeepCopy $ + kolabVacationBeginDateTime $ + kolabVacationEndDateTime $ + kolabVacationResendInterval $ + kolabVacationAddress $ + kolabVacationReplyToUCE $ + kolabVacationReactDomain $ + kolabForwardAddress $ + kolabForwardKeepCopy $ kolabForwardUCE $ - kolabAllowSMTPRecipient $ + kolabAllowSMTPRecipient $ kolabDeleteflag $ kolabComment ) ) # kolab organization with country support objectclass ( 1.3.6.1.4.1.19414.3.2.3 NAME 'kolabOrganization' DESC 'RFC2256: a Kolab organization' SUP organization STRUCTURAL MAY ( c $ mail $ kolabDeleteflag $ alias ) ) # kolab organizational unit with country support objectclass ( 1.3.6.1.4.1.19414.3.2.4 NAME 'kolabOrganizationalUnit' DESC 'a Kolab organizational unit' SUP organizationalUnit STRUCTURAL MAY ( c $ mail $ kolabDeleteflag $ alias ) ) # kolab groupOfNames with extra kolabDeleteflag and the required # attribute mail. # The mail attribute for kolab objects of the type kolabGroupOfNames # is not arbitrary but MUST be a single attribute of the form # of an valid SMTP address with the CN as the local part. # E.g cn@kolabdomain (e.g. employees@mydomain.com). The # mail attribute MUST be globally unique. objectclass ( 1.3.6.1.4.1.19414.3.2.5 NAME 'kolabGroupOfNames' DESC 'Kolab group of names (DNs) derived from RFC2256' SUP groupOfNames STRUCTURAL MAY ( mail $ kolabDeleteflag ) )