80 lines
3.6 KiB
Text
80 lines
3.6 KiB
Text
<?php
|
|
|
|
// The id of the LDAP address book (which refers to the $rcmail_config['ldap_public'])
|
|
// or complete addressbook definition array.
|
|
// --------------------------------------------------------------------
|
|
// Note: Multi-domain (hosted) installations can resolve domain aliases
|
|
// by adding following settings in kolab_auth_addressbook spec.:
|
|
//
|
|
// 'domain_base_dn' => 'cn=kolab,cn=config',
|
|
// 'domain_filter' => '(&(objectclass=domainrelatedobject)(associateddomain=%s))',
|
|
// 'domain_name_attr' => 'associateddomain',
|
|
//
|
|
// With this %dc variable in base_dn and groups/base_dn will be
|
|
// replaced with DN string of resolved domain
|
|
//---------------------------------------------------------------------
|
|
$rcmail_config['kolab_auth_addressbook'] = '';
|
|
|
|
// This will overwrite defined filter
|
|
$rcmail_config['kolab_auth_filter'] = '(&(objectClass=kolabInetOrgPerson)(|(uid=%u)(mail=%fu)(alias=%fu)))';
|
|
|
|
// Use this fields (from fieldmap configuration) to get authentication ID
|
|
$rcmail_config['kolab_auth_login'] = 'email';
|
|
|
|
// Use this fields (from fieldmap configuration) for default identity.
|
|
// If the value array contains more than one field, first non-empty will be used
|
|
// Note: These aren't LDAP attributes, but field names in config
|
|
// Note: If there's more than one email address, as many identities will be created
|
|
$rcmail_config['kolab_auth_name'] = array('name', 'cn');
|
|
$rcmail_config['kolab_auth_email'] = array('email');
|
|
$rcmail_config['kolab_auth_organization'] = array('organization');
|
|
|
|
// Login and password of the admin user. Enables "Login As" feature.
|
|
$rcmail_config['kolab_auth_admin_login'] = '';
|
|
$rcmail_config['kolab_auth_admin_password'] = '';
|
|
|
|
// Enable audit logging for abuse of administrative privileges.
|
|
$rcmail_config['kolab_auth_auditlog'] = true;
|
|
|
|
// Role field (from fieldmap configuration)
|
|
$rcmail_config['kolab_auth_role'] = 'role';
|
|
// The required value for the role attribute to contain should the user be allowed
|
|
// to login as another user.
|
|
$rcmail_config['kolab_auth_role_value'] = '';
|
|
|
|
// Administrative group name to which user must be assigned to
|
|
// which adds privilege to login as another user.
|
|
$rcmail_config['kolab_auth_group'] = '';
|
|
|
|
// Enable plugins on a role-by-role basis. In this example, the 'acl' plugin
|
|
// is enabled for people with a 'cn=professional-user,dc=mykolab,dc=ch' role.
|
|
//
|
|
// Note that this does NOT mean the 'acl' plugin is disabled for other people.
|
|
$rcmail_config['kolab_auth_role_plugins'] = Array(
|
|
'cn=professional-user,dc=mykolab,dc=ch' => Array(
|
|
'acl',
|
|
),
|
|
);
|
|
|
|
// Settings on a role-by-role basis. In this example, the 'htmleditor' setting
|
|
// is enabled(1) for people with a 'cn=professional-user,dc=mykolab,dc=ch' role,
|
|
// and it cannot be overridden. Sample use-case: disable htmleditor for normal people,
|
|
// do not allow the setting to be controlled through the preferences, enable the
|
|
// html editor for professional users and allow them to override the setting in
|
|
// the preferences.
|
|
$rcmail_config['kolab_auth_role_settings'] = Array(
|
|
'cn=professional-user,dc=mykolab,dc=ch' => Array(
|
|
'htmleditor' => Array(
|
|
'mode' => 'override',
|
|
'value' => 1,
|
|
'allow_override' => true
|
|
),
|
|
),
|
|
);
|
|
|
|
// List of LDAP addressbooks (keys of ldap_public configuration array)
|
|
// for which base_dn variables (%dc, etc.) will be replaced according to authenticated user DN
|
|
// Note: special name '*' for all LDAP addressbooks
|
|
$rcmail_config['kolab_auth_ldap_addressbooks'] = array('*');
|
|
|
|
?>
|