diff --git a/kolab2.schema b/kolab2.schema index 9931134..acf24e7 100644 --- a/kolab2.schema +++ b/kolab2.schema @@ -1,649 +1,649 @@ # $Id$ # (c) 2003, 2004 Tassilo Erlewein -# (c) 2003-2007 Martin Konold +# (c) 2003-2006 Martin Konold # (c) 2003 Achim Frank # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # Redistributions of source code must retain the above copyright notice, this # list of conditions and the following disclaimer. # # Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # # The name of the author may not be used to endorse or promote products derived # from this software without specific prior written permission. # # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # This schema highly depends on the core.schema, cosine.schema and the inetorgperson.schema # as provided by 3rd parties like OpenLDAP. # # slapd.conf then looks like # include /kolab/etc/openldap/schema/core.schema # include /kolab/etc/openldap/schema/cosine.schema # include /kolab/etc/openldap/schema/inetorgperson.schema # include /kolab/etc/openldap/schema/rfc2739.schema # include /kolab/etc/openldap/schema/kolab2.schema # #################### # kolab attributes # #################### # helper attribute to make the kolab root easily findable in # a big ldap directory attributetype ( 1.3.6.1.4.1.19414.2.1.1 - NAME ( 'k' 'kolab' ) - DESC 'Kolab attribute' - SUP name ) + NAME ( 'k' 'kolab' ) + DESC 'Kolab attribute' + SUP name ) # kolabDeleteflag used to be a boolean but describes with Kolab 2 # the fqdn of the server which is requested to delete this objects # in its local store attributetype ( 1.3.6.1.4.1.19414.2.1.2 - NAME 'kolabDeleteflag' - DESC 'Per host deletion status' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'kolabDeleteflag' + DESC 'Per host deletion status' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # alias used to provide alternative rfc822 email addresses for kolab users attributetype ( 1.3.6.1.4.1.19414.2.1.3 - NAME 'alias' - DESC 'RFC1274: RFC822 Mailbox' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'alias' + DESC 'RFC1274: RFC822 Mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # kolabEncryptedPassword is an asymmetrically (RSA) encrypted copy of the # cleartext password. This is required in order to pass the password from # the maintainance/administration application to the kolabHomeServer running the # resource handler application in a secure manner. # Actually this attribute is deprecated as of Kolab 2.1. Instead we grant the # calendar user dn: cn=calendar,cn=internal,dc=yourcompany,dc=com access to # the respective calendar folder using IMAP ACLs. attributetype ( 1.3.6.1.4.1.19419.2.1.4 - NAME 'kolabEncryptedPassword' - DESC 'base64 encoded public key encrypted Password' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + NAME 'kolabEncryptedPassword' + DESC 'base64 encoded public key encrypted Password' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) # hostname including the domain name like kolab-master.yourcompany.com attributetype ( 1.3.6.1.4.1.19414.2.1.5 - NAME ( 'fqhostname' 'fqdnhostname' ) - DESC 'Fully qualified Hostname including full domain component' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME ( 'fqhostname' 'fqdnhostname' ) + DESC 'Fully qualified Hostname including full domain component' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # fqdn of all hosts in a multi-location or cluster setup attributetype ( 1.3.6.1.4.1.19414.2.1.6 - NAME 'kolabHost' - DESC 'Multivalued -- list of hostnames in a Kolab setup' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'kolabHost' + DESC 'Multivalued -- list of hostnames in a Kolab setup' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # fqdn of the server containg the actual user mailbox attributetype ( 1.3.6.1.4.1.19419.1.1.1.1 - NAME 'kolabHomeServer' - DESC 'server which keeps the users mailbox' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'kolabHomeServer' + DESC 'server which keeps the users mailbox' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # flag for allowing unrestriced length of mails attributetype ( 1.3.6.1.4.1.19419.1.1.1.2 - NAME 'unrestrictedMailSize' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'unrestrictedMailSize' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # Specifies the email delegates. # An email delegate can send email on behalf of the account # which means using the "from" of the account. # Delegates are specified by the syntax of rfc822 email addresses. attributetype ( 1.3.6.1.4.1.19419.1.1.1.3 - NAME 'kolabDelegate' - DESC 'Kolab user allowed to act as delegates - RFC822 Mailbox/Alias' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'kolabDelegate' + DESC 'Kolab user allowed to act as delegates - RFC822 Mailbox/Alias' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # For user, group and resource Kolab accounts # Describes how to respond to invitations # We keep the attribute as a string, but actually it can only have one # of the following values: # # ACT_ALWAYS_ACCEPT # ACT_ALWAYS_REJECT # ACT_REJECT_IF_CONFLICTS # ACT_MANUAL_IF_CONFLICTS # ACT_MANUAL # In addition one of these values may be prefixed with a primary email # address followed by a colon like # user@domain.tld: ACT_ALWAYS_ACCEPT attributetype ( 1.3.6.1.4.1.19419.1.1.1.4 - NAME ( 'kolabInvitationPolicy' 'kolabResourceAction' ) - DESC 'defines how to respond to invitations' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME ( 'kolabInvitationPolicy' 'kolabResourceAction' ) + DESC 'defines how to respond to invitations' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # time span from now to the future used for the free busy data # measured in days attributetype ( 1.3.6.1.4.1.19419.1.1.1.5 - NAME 'kolabFreeBusyFuture' - DESC 'time in days for fb data towards the future' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 - SINGLE-VALUE ) + NAME 'kolabFreeBusyFuture' + DESC 'time in days for fb data towards the future' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) # time span from now to the past used for the free busy data # measured in days attributetype ( 1.3.6.1.4.1.19419.1.1.1.6 - NAME 'kolabFreeBusyPast' - DESC 'time in days for fb data towards the past' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 - SINGLE-VALUE ) + NAME 'kolabFreeBusyPast' + DESC 'time in days for fb data towards the past' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) # fqdn of the server as the default SMTP MTA # not used in Kolab 2 currently as in Kolab 2 the # default MTA is equivalent to the kolabHomeServer attributetype ( 1.3.6.1.4.1.19419.1.1.1.7 - NAME 'kolabHomeMTA' - DESC 'fqdn of default MTA' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} - SINGLE-VALUE ) + NAME 'kolabHomeMTA' + DESC 'fqdn of default MTA' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) # Begin date of Kolab vacation period. Sender will # be notified every kolabVacationResendIntervall days # that recipient is absent until kolabVacationEnd. # Values in this syntax are encoded as printable strings, # represented as specified in X.208. # Note that the time zone must be specified. # For Kolab we limit ourself to GMT # YYYYMMDDHHMMZ e.g. 200512311458Z. # see also: rfc 2252. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19419.1.1.1.8 - NAME 'kolabVacationBeginDateTime' - DESC 'Begin date of vacation' - EQUALITY generalizedTimeMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 - SINGLE-VALUE ) + NAME 'kolabVacationBeginDateTime' + DESC 'Begin date of vacation' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE ) # End date of Kolab vacation period. Sender will # be notified every kolabVacationResendIntervall days # that recipient is absent starting from kolabVacationBeginDateTime. # Values in this syntax are encoded as printable strings, # represented as specified in X.208. # Note that the time zone must be specified. # For Kolab we limit ourself to GMT # YYYYMMDDHHMMZ e.g. 200601012258Z. # see also: rfc 2252. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19419.1.1.1.9 - NAME 'kolabVacationEndDateTime' - DESC 'End date of vacation' - EQUALITY generalizedTimeMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 - SINGLE-VALUE ) + NAME 'kolabVacationEndDateTime' + DESC 'End date of vacation' + EQUALITY generalizedTimeMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 + SINGLE-VALUE ) # Intervall in days after which senders get # another vacation message. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19419.1.1.1.10 - NAME 'kolabVacationResendInterval' - DESC 'Vacation notice interval in days' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 - SINGLE-VALUE ) + NAME 'kolabVacationResendInterval' + DESC 'Vacation notice interval in days' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) # Email recipient addresses which are handled by the # vacation script. There can be multiple kolabVacationAddress # entries for each kolabInetOrgPerson. # Default is the primary email address and all # email aliases of the kolabInetOrgPerson. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19419.1.1.1.11 - NAME 'kolabVacationAddress' - DESC 'Email address for vacation to response upon' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'kolabVacationAddress' + DESC 'Email address for vacation to response upon' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # Enable sending vacation notices in reaction # unsolicited commercial email. # Default is no. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19419.1.1.1.12 - NAME 'kolabVacationReplyToUCE' - DESC 'Enable vacation notices to UCE' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 - SINGLE-VALUE ) + NAME 'kolabVacationReplyToUCE' + DESC 'Enable vacation notices to UCE' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) # Email recipient domains which are handled by the # vacation script. There can be multiple kolabVacationReactDomain # entries for each kolabInetOrgPerson # Default is to handle all domains. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19419.1.1.1.13 - NAME 'kolabVacationReactDomain' - DESC 'Multivalued -- Email domain for vacation to response upon' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'kolabVacationReactDomain' + DESC 'Multivalued -- Email domain for vacation to response upon' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # Forward all incoming emails except UCE if kolabForwardUCE # is not set to this email address. # There can be multiple kolabForwardAddress entries for # each kolabInetOrgPerson. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19419.1.1.1.14 - NAME 'kolabForwardAddress' - DESC 'Forward email to this address' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'kolabForwardAddress' + DESC 'Forward email to this address' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # Keep local copy when forwarding emails to list of # kolabForwardAddress. # Default is no. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19419.1.1.1.15 - NAME 'kolabForwardKeepCopy' - DESC 'Keep copy when forwarding' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 - SINGLE-VALUE ) + NAME 'kolabForwardKeepCopy' + DESC 'Keep copy when forwarding' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) # Enable forwarding of UCE. # Default is yes. # Currently this attribute is not used in Kolab. attributetype ( 1.3.6.1.4.1.19419.1.1.1.16 - NAME 'kolabForwardUCE' - DESC 'Enable forwarding of mails known as UCE' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 - SINGLE-VALUE ) + NAME 'kolabForwardUCE' + DESC 'Enable forwarding of mails known as UCE' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) # comment when creating or deleting a kolab object # a comment might be appropriate. This is most useful # for tracability when users get moved to the graveyard # instead of being really deleted. Every entry must be prefixed # with an ISO 8601 date string e.g 200604301458Z. All times must # be in zulu timezone. attributetype ( 1.3.6.1.4.1.19419.1.1.1.17 - NAME 'kolabComment' - DESC 'multi-value comment' - EQUALITY caseIgnoreMatch - SUBSTR caseIgnoreSubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) + NAME 'kolabComment' + DESC 'multi-value comment' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) # kolabFolderType describes the kind of Kolab folder # as defined in the kolab format specification. # We will annotate all folders with an entry # /vendor/kolab/folder-type containing the attribute # value.shared set to: [.]. # The can be: mail, event, journal, task, note, # or contact. The for a mail folder can be # inbox, drafts, sentitems, or junkemail (this one holds # spam mails). For the other s, it can only be # default, or not set. For other types of folders # supported by the clients, these should be prefixed with # "k-" for KMail, "h-" for Horde and "o-" for Outlook, and # look like for example "kolab.o-voicemail". Other third-party # clients shall use the "x-" prefix. # We then use the ANNOTATEMORE IMAP extension to # associate the folder type with a folder. attributetype ( 1.3.6.1.4.1.19414.2.1.7 - NAME 'kolabFolderType' - DESC 'type of a kolab folder' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} - SINGLE-VALUE ) + NAME 'kolabFolderType' + DESC 'type of a kolab folder' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} + SINGLE-VALUE ) ###################### # postfix attributes # ###################### attributetype ( 1.3.6.1.4.1.19414.2.1.501 - NAME 'postfix-mydomain' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'postfix-mydomain' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.502 - NAME 'postfix-relaydomains' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'postfix-relaydomains' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.503 - NAME 'postfix-mydestination' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'postfix-mydestination' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.504 - NAME 'postfix-mynetworks' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'postfix-mynetworks' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.505 - NAME 'postfix-relayhost' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'postfix-relayhost' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.506 - NAME 'postfix-transport' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'postfix-transport' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.507 - NAME 'postfix-enable-virus-scan' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 - SINGLE-VALUE ) + NAME 'postfix-enable-virus-scan' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.19414.2.1.508 - NAME 'postfix-allow-unauthenticated' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 - SINGLE-VALUE ) + NAME 'postfix-allow-unauthenticated' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.19414.2.1.509 - NAME 'postfix-virtual' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'postfix-virtual' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) attributetype ( 1.3.6.1.4.1.19414.2.1.510 - NAME 'postfix-relayport' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'postfix-relayport' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) ########################## # cyrus imapd attributes # ########################## attributetype ( 1.3.6.1.4.1.19414.2.1.601 - NAME 'cyrus-autocreatequota' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 - SINGLE-VALUE ) + NAME 'cyrus-autocreatequota' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 + SINGLE-VALUE ) attributetype ( 1.3.6.1.4.1.19414.2.1.602 - NAME 'cyrus-admins' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'cyrus-admins' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # enable plain imap without ssl attributetype ( 1.3.6.1.4.1.19414.2.1.603 - NAME 'cyrus-imap' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 - SINGLE-VALUE ) + NAME 'cyrus-imap' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE ) # enable legacy pop3 attributetype ( 1.3.6.1.4.1.19414.2.1.604 - NAME 'cyrus-pop3' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'cyrus-pop3' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # user specific quota on the cyrus imap server attributetype ( 1.3.6.1.4.1.19414.2.1.605 - NAME 'cyrus-userquota' - DESC 'Mailbox hard quota limit in MB' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + NAME 'cyrus-userquota' + DESC 'Mailbox hard quota limit in MB' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) # cyrus imapd access control list # acls work with users and groups attributetype ( 1.3.6.1.4.1.19414.2.1.651 - NAME 'acl' - EQUALITY caseIgnoreIA5Match - SUBSTR caseIgnoreIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) + NAME 'acl' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) # enable secure imap attributetype ( 1.3.6.1.4.1.19414.2.1.606 - NAME 'cyrus-imaps' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'cyrus-imaps' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # enable secure pop3 attributetype ( 1.3.6.1.4.1.19414.2.1.607 - NAME 'cyrus-pop3s' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'cyrus-pop3s' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # enable sieve support (required for forward and vacation services) attributetype ( 1.3.6.1.4.1.19414.2.1.608 - NAME 'cyrus-sieve' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'cyrus-sieve' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # installation wide percentage which determines when to send a # warning to the user attributetype ( 1.3.6.1.4.1.19414.2.1.609 - NAME 'cyrus-quotawarn' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + NAME 'cyrus-quotawarn' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) ############################# # apache and php attributes # ############################# # enable plain http (no ssl) attributetype ( 1.3.6.1.4.1.19414.2.1.701 - NAME 'apache-http' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'apache-http' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # Allow freebusy download without authenticating first attributetype ( 1.3.6.1.4.1.19414.2.1.702 - NAME 'apache-allow-unauthenticated-fb' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'apache-allow-unauthenticated-fb' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) ########################## # kolabfilter attributes # ########################## # enable trustable From: attributetype ( 1.3.6.1.4.1.19414.2.1.750 - NAME 'kolabfilter-verify-from-header' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'kolabfilter-verify-from-header' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # should Sender header be allowed instead of From # when present? attributetype ( 1.3.6.1.4.1.19414.2.1.751 - NAME 'kolabfilter-allow-sender-header' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'kolabfilter-allow-sender-header' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) # Should reject messages with From headers that dont match # the envelope? Default is to rewrite the header attributetype ( 1.3.6.1.4.1.19414.2.1.752 - NAME 'kolabfilter-reject-forged-from-header' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'kolabfilter-reject-forged-from-header' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) ###################### # proftpd attributes # ###################### attributetype ( 1.3.6.1.4.1.19414.2.1.901 - NAME 'proftpd-defaultquota' - EQUALITY integerMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + NAME 'proftpd-defaultquota' + EQUALITY integerMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) attributetype ( 1.3.6.1.4.1.19414.2.1.902 - NAME 'proftpd-ftp' - EQUALITY booleanMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) + NAME 'proftpd-ftp' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) attributetype ( 1.3.6.1.4.1.19414.2.1.903 - NAME 'proftpd-userPassword' - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + NAME 'proftpd-userPassword' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ######################## # kolab object classes # ######################## # main kolab server configuration # storing global values and user specific default values # like kolabFreeBusyFuture and kolabFreeBusyPast objectclass ( 1.3.6.1.4.1.19414.2.2.1 - NAME 'kolab' - DESC 'Kolab server configuration' - SUP top STRUCTURAL - MUST k - MAY ( kolabHost $ - postfix-mydomain $ - postfix-relaydomains $ - postfix-mydestination $ - postfix-mynetworks $ - postfix-relayhost $ - postfix-relayport $ - postfix-transport $ - postfix-virtual $ - postfix-enable-virus-scan $ - postfix-allow-unauthenticated $ - cyrus-quotawarn $ - cyrus-autocreatequota $ - cyrus-admins $ - cyrus-imap $ - cyrus-pop3 $ - cyrus-imaps $ - cyrus-pop3s $ - cyrus-sieve $ - apache-http $ - apache-allow-unauthenticated-fb $ - kolabfilter-verify-from-header $ - kolabfilter-allow-sender-header $ - kolabfilter-reject-forged-from-header $ - proftpd-ftp $ - proftpd-defaultquota $ - kolabFreeBusyFuture $ - kolabFreeBusyPast $ - uid $ - userPassword ) ) + NAME 'kolab' + DESC 'Kolab server configuration' + SUP top STRUCTURAL + MUST k + MAY ( kolabHost $ + postfix-mydomain $ + postfix-relaydomains $ + postfix-mydestination $ + postfix-mynetworks $ + postfix-relayhost $ + postfix-relayport $ + postfix-transport $ + postfix-virtual $ + postfix-enable-virus-scan $ + postfix-allow-unauthenticated $ + cyrus-quotawarn $ + cyrus-autocreatequota $ + cyrus-admins $ + cyrus-imap $ + cyrus-pop3 $ + cyrus-imaps $ + cyrus-pop3s $ + cyrus-sieve $ + apache-http $ + apache-allow-unauthenticated-fb $ + kolabfilter-verify-from-header $ + kolabfilter-allow-sender-header $ + kolabfilter-reject-forged-from-header $ + proftpd-ftp $ + proftpd-defaultquota $ + kolabFreeBusyFuture $ + kolabFreeBusyPast $ + uid $ + userPassword ) ) # public folders are typically visible to everyone subscribed to # the server without the need for an extra login. Subfolders are # defined using the hiarchy seperator '/' e.g. "sf/sub1". Please note # that the term public folder is prefered to shared folder because # normal user mailboxes can also share folders using acls. objectclass ( 1.3.6.1.4.1.19414.2.2.9 - NAME 'kolabSharedFolder' - DESC 'Kolab public shared folder' - SUP top STRUCTURAL - MUST cn - MAY ( acl $ - alias $ - cyrus-userquota $ - kolabHomeServer $ - kolabFolderType $ - kolabDeleteflag ) ) + NAME 'kolabSharedFolder' + DESC 'Kolab public shared folder' + SUP top STRUCTURAL + MUST cn + MAY ( acl $ + alias $ + cyrus-userquota $ + kolabHomeServer $ + kolabFolderType $ + kolabDeleteflag ) ) # kolabNamedObject is used as a plain node for the LDAP tree. # In contrast to unix filesystem directories LDAP nodes can # and often do also have contents/attributes. We use the # kolabNamedObject in order to put some structure in the # LDAP directory tree. objectclass ( 1.3.6.1.4.1.5322.13.1.1 - NAME 'kolabNamedObject' - SUP top STRUCTURAL - MAY (cn $ ou) ) + NAME 'kolabNamedObject' + SUP top STRUCTURAL + MAY (cn $ ou) ) # kolab account # we use an auxiliary in order to ease integration # with existing inetOrgPerson objects # Please note that userPassword is a may # attribute in the schema but is mandatory for # Kolab objectclass ( 1.3.6.1.4.1.19414.3.2.2 - NAME 'kolabInetOrgPerson' - DESC 'Kolab Internet Organizational Person' - SUP top AUXILIARY - MAY ( c $ - alias $ - kolabHomeServer $ - kolabHomeMTA $ - unrestrictedMailSize $ - kolabDelegate $ - kolabEncryptedPassword $ - cyrus-userquota $ - kolabInvitationPolicy $ - kolabFreeBusyFuture $ - calFBURL $ - kolabVacationBeginDateTime $ - kolabVacationEndDateTime $ - kolabVacationResendInterval $ - kolabVacationAddress $ - kolabVacationReplyToUCE $ - kolabVacationReactDomain $ - kolabForwardAddress $ - kolabForwardKeepCopy $ - kolabForwardUCE $ - kolabDeleteflag $ - kolabComment ) ) + NAME 'kolabInetOrgPerson' + DESC 'Kolab Internet Organizational Person' + SUP top AUXILIARY + MAY ( c $ + alias $ + kolabHomeServer $ + kolabHomeMTA $ + unrestrictedMailSize $ + kolabDelegate $ + kolabEncryptedPassword $ + cyrus-userquota $ + kolabInvitationPolicy $ + kolabFreeBusyFuture $ + calFBURL $ + kolabVacationBeginDateTime $ + kolabVacationEndDateTime $ + kolabVacationResendInterval $ + kolabVacationAddress $ + kolabVacationReplyToUCE $ + kolabVacationReactDomain $ + kolabForwardAddress $ + kolabForwardKeepCopy $ + kolabForwardUCE $ + kolabDeleteflag $ + kolabComment ) ) # kolab organization with country support objectclass ( 1.3.6.1.4.1.19414.3.2.3 - NAME 'kolabOrganization' - DESC 'RFC2256: a Kolab organization' - SUP organization STRUCTURAL - MAY ( c $ - mail $ - kolabDeleteflag $ - alias ) ) + NAME 'kolabOrganization' + DESC 'RFC2256: a Kolab organization' + SUP organization STRUCTURAL + MAY ( c $ + mail $ + kolabDeleteflag $ + alias ) ) # kolab organizational unit with country support objectclass ( 1.3.6.1.4.1.19414.3.2.4 - NAME 'kolabOrganizationalUnit' - DESC 'a Kolab organizational unit' - SUP organizationalUnit STRUCTURAL - MAY ( c $ - mail $ - kolabDeleteflag $ - alias ) ) + NAME 'kolabOrganizationalUnit' + DESC 'a Kolab organizational unit' + SUP organizationalUnit STRUCTURAL + MAY ( c $ + mail $ + kolabDeleteflag $ + alias ) ) # kolab groupOfNames with extra kolabDeleteflag and the required # attribute mail. # The mail attribute for kolab objects of the type kolabGroupOfNames # is not arbitrary but MUST be a single attribute of the form # of an valid SMTP address with the CN as the local part. # E.g cn@kolabdomain (e.g. employees@mydomain.com). The # mail attribute MUST be globally unique. objectclass ( 1.3.6.1.4.1.19414.3.2.5 - NAME 'kolabGroupOfNames' - DESC 'Kolab group of names (DNs) derived from RFC2256' - SUP groupOfNames STRUCTURAL - MAY ( mail $ - kolabDeleteflag ) ) + NAME 'kolabGroupOfNames' + DESC 'Kolab group of names (DNs) derived from RFC2256' + SUP groupOfNames STRUCTURAL + MAY ( mail $ + kolabDeleteflag ) )