Hi,
die Ausgabe eines Nutzers, der über zarafa-admin -l nicht gefunden wird, ist in dem Post vorher (user ste****). Oder ist eine andere Ausgabe gemeint?
die ldap.cfg lautet:
##############################################################
# LDAP/ACTIVE DIRECTORY USER PLUGIN SETTINGS
#
# Any of these directives that are required, are only required if the
# userplugin parameter is set to ldap.
# LDAP host name/IP address
# Optional, default = localhost
# Warning: the value "ldap_host" has been set via UCR variable "zarafa/cfg/ldap/ldap_host"
ldap_host = snas.lokal.lan
# LDAP port
# Optional, default = 389
# Use 636 for ldaps
# Warning: the value "ldap_port" has been set via UCR variable "zarafa/cfg/ldap/ldap_port"
ldap_port = 7389
# LDAP protocol
# Optional, default = ldap
# use 'ldaps' for SSL encryption. Make sure /etc/ldap/ldap.conf is
# configured correctly with TLS_CACERT
ldap_protocol = ldap
# LDAP URI
# Optional, override ldap_host, ldap_port and ldap_protocol if set
# e.g. ldaps://servername:port. You may also specify multiple space-separated
# URI's
ldap_uri =
# The charset that strings are stored in on the LDAP server. Normally this
# is utf-8, but this can differ according to your setup. The charset specified
# here must be supported by your iconv(1) setup. See iconv -l for all charset
ldap_server_charset = utf-8
# The DN of the user to bind as for normal operations (not used for
# authentication if ldap_authentication_method is set to "bind"
# Optional, default = empty (anonymous bind)
# The userPassword attribute must be readable for this user if the
# ldap_authentication_method option is set to password.
# Warning: the value "ldap_bind_user" has been set via UCR variable "zarafa/cfg/ldap/ldap_bind_user"
ldap_bind_user = cn=snas,cn=dc,cn=computers,dc=lokal,dc=lan
# LDAP bind password
# Optional, default = empty (no password)
# Warning: the value "ldap_bind_passwd" has been set via UCR variable "zarafa/cfg/ldap/ldap_bind_passwd"
ldap_bind_passwd = X******
# The timeout for network operations in seconds
ldap_network_timeout = 30
# When an object (user/group/company) is changed, this attribute will also change:
# Active directory: uSNChanged
# LDAP: modifyTimestamp
ldap_last_modification_attribute = modifyTimestamp
# ldap_page_size limits the number of results from a query that will be downloaded at a time.
# Default ADS MaxPageSize is 1000.
ldap_page_size = 1000
##########
# Object settings
# Top level search base, every object should be available under this tree
# Warning: the value "ldap_search_base" has been set via UCR variable "zarafa/cfg/ldap/ldap_search_base"
ldap_search_base = dc=lokal,dc=lan
# attribute name which is/(should: was) used in ldap_user_search_filter
ldap_object_type_attribute = objectClass
# Warning: the value "ldap_user_type_attribute_value" has been set via UCR variable "zarafa/cfg/ldap/ldap_user_type_attribute_value"
ldap_user_type_attribute_value = zarafa-user
ldap_group_type_attribute_value = posixGroup
ldap_contact_type_attribute_value = zarafa-contact
ldap_company_type_attribute_value = organizationalUnit
ldap_addresslist_type_attribute_value = zarafa-addresslist
ldap_dynamicgroup_type_attribute_value = zarafa-dynamicgroup
##########
# There should be no need to edit any values below this line
##########
##########
# User settings
# Extra search for users using this LDAP filter. See ldap_search(3) or RFC
# 2254 for details on the filter syntax.
#
# Hint: Use the zarafaAccount attribute in the filter to differentiate
# between non-zarafa and zarafa users.
#
# Note: This filter should include contacts.
#
# Optional, default = empty (match everything)
# For active directory, use:
# (objectCategory=Person)
# For LDAP with posix users:
# no need to use the search filter.
# Warning: the value "ldap_user_search_filter" has been set via UCR variable "zarafa/cfg/ldap/ldap_user_search_filter"
ldap_user_search_filter = (zarafaAccount=1)
# unique user id for find the user
# Required
# For active directory, use:
# objectGuid ** WARNING: This WAS: objectSid ** Updates *WILL* fail! **
# For LDAP with posixAccount, use:
# uidNumber
# Note: contacts also use this field for uniqueness. If you change this,
# you might need to update the zarafa.schema file too, and change
# the MUST uidNumber to whatever you set here.dnl
# Warning: the value "ldap_user_unique_attribute" has been set via UCR variable "zarafa/cfg/ldap/ldap_user_unique_attribute"
ldap_user_unique_attribute = entryUUID
# Type of unique user id
# default: text
# For active directory, use:
# binary
# For LDAP with posix user, use:
# text
ldap_user_unique_attribute_type = text
# Optional, default = cn
# For active directory, use:
# cn or displayName
# For LDAP with posix user, use:
# cn
ldap_fullname_attribute = cn
# Optional, default = uid
# Active directory: sAMAccountName
# LDAP: uid
ldap_loginname_attribute = uid
# Optional, default = userPassword
# Active directory: unicodePwd
# LDAP: userPassword
ldap_password_attribute = userPassword
# If set to bind, users are authenticated by trying to bind to the
# LDAP tree using their username + password. Otherwise, the
# ldap_password_attribute is requested and checked.
# Optional, default = bind
# Choices: bind, password
# Active directory: bind
# LDAP: bind
# Warning: the value "ldap_authentication_method" has been set via UCR variable "zarafa/cfg/ldap/ldap_authentication_method"
ldap_authentication_method = bind
# Optional, default = mail
# Active directory: mail
# LDAP: mail
# Warning: the value "ldap_emailaddress_attribute" has been set via UCR variable "zarafa/cfg/ldap/ldap_emailaddress_attribute"
ldap_emailaddress_attribute = mailPrimaryAddress
# Optional, default = zarafaAliases
# Active directory: zarafaAliases
# LDAP: zarafaAliases
# Warning: the value "ldap_emailaliases_attribute" has been set via UCR variable "zarafa/cfg/ldap/ldap_emailaliases_attribute"
ldap_emailaliases_attribute = mailAlternativeAddress
# Whether the user is an admin. The field is interpreted as a
# boolean, 0 and false (case insensitive) meaning no, all other values
# yes.
# Optional, default = zarafaAdmin
# Active directory: zarafaAdmin
# LDAP: zarafaAdmin
ldap_isadmin_attribute = zarafaAdmin
# Whether a user is a non-active user. This means that the user will
# not count towards your user count, but the user will also not be
# able to log in
# Optional, default = zarafaSharedStoreOnly
# Active directory: zarafaSharedStoreOnly
# LDAP: zarafaSharedStoreOnly
# Warning: the value "ldap_nonactive_attribute" has been set via UCR variable "zarafa/cfg/ldap/ldap_nonactive_attribute"
ldap_nonactive_attribute = zarafaSharedStoreOnly
# A nonactive store, or resource, can be specified to be a user, room or equipment.
# Set it to 'room' or 'equipment' to make such types. If set to empty,
# or wrong word, or 'user' it will be a nonactive user.
# Optional, default = zarafaResourceType
# Active directory: zarafaResourceType
# LDAP: zarafaResourceType
ldap_resource_type_attribute = zarafaResourceType
# Numeric resource capacity
# Optional, default = zarafaResourceCapacity
# Active directory: zarafaResourceCapacity
# LDAP: zarafaResourceCapacity
ldap_resource_capacity_attribute = zarafaResourceCapacity
# Optional
# The attribute which indicates which users are allowed
# to send on behalf of the selected user
ldap_sendas_attribute = zarafaSendAsPrivilege
# Optional, default = text
# Active directory: dn
# LDAP: text
ldap_sendas_attribute_type = text
# The attribute of the user and group which is listed in
# the ldap_sendas_attribute
# Empty default, using ldap_user_unique_attribute
# Warning: the value "ldap_sendas_relation_attribute" has been set via UCR variable "zarafa/cfg/ldap/ldap_sendas_relation_attribute"
ldap_sendas_relation_attribute = uidNumber
# Optional, default = userCertificate
# Active directory: userCertificate
# LDAP: userCertificate;binary
ldap_user_certificate_attribute = userCertificate;binary
# Load extra user properties from the propmap file
!propmap /etc/zarafa/ldap.propmap.cfg
##########
# Group settings
# Search for groups using this LDAP filter. See ldap_search(3) for
# details on the filter syntax.
# Hint: Use the zarafaAccount attribute in the filter to differentiate
# between non-zarafa and zarafa groups.
# Optional, default = empty (match everything)
# For active directory, use:
# (objectCategory=Group)
# For LDAP with posix groups, use:
# no need to set the search filter
# Warning: the value "ldap_group_search_filter" has been set via UCR variable "zarafa/cfg/ldap/ldap_group_search_filter"
ldap_group_search_filter = (&(zarafaAccount=1)(objectClass=zarafa-group))
# unique group id for find the group
# Required
# For active directory, use:
# objectSid
# For LDAP with posix group, use:
# gidNumber
ldap_group_unique_attribute = gidNumber
# Type of unique group id
# default: text
# For active directory, use:
# binary
# For LDAP with posix group, use:
# text
ldap_group_unique_attribute_type = text
# Optional, default = cn
# Active directory: cn
# LDAP: cn
ldap_groupname_attribute = cn
# Optional, default = member
# Active directory: member
# LDAP: memberUid
ldap_groupmembers_attribute = memberUid
# Optional, default = text
# Active directory: dn
# LDAP: text
ldap_groupmembers_attribute_type = text
# The attribute of the user which is listed in ldap_groupmember_attribute
# Active directory: empty, matching dn's
# LDAP: uid, matching users in ldap_loginname_attribute
ldap_groupmembers_relation_attribute = uid
# A group can also be used for security, eg. setting permissions on folders.
# This makes a group a security group. The zarafaSecurityGroup value is boolean.
# Optional, default = zarafaSecurityGroup
# Active directory = groupType
# LDAP: zarafaSecurityGroup
ldap_group_security_attribute = zarafaSecurityGroup
# In ADS servers, a special bitmask action is required on the groupType field.
# This is actived by setting the ldap_group_security_attribute_type to `''ads`''
# Otherwise, just the presence of the field will make the group security enabled.
# Optional, default = boolean
# Active directory = ads
# LDAP: boolean
ldap_group_security_attribute_type = boolean
##########
# Company settings
# Search for companies using this LDAP filter.
# Hint: Use the zarafaAccount attribute in the filter to differentiate
# between non-zarafa and zarafa companies.
# Optional, default = empty (match everything)
# For active directory, use:
# (objectCategory=Company)
# For LDAP with posix users, use:
# no need to set the filter
ldap_company_search_filter =
# unique company id for find the company
# Active directory: objectGUID
# LDAP: ou
ldap_company_unique_attribute = ou
# Optional, default = text
# Active directory: binary
# LDAP: text
ldap_company_unique_attribute_type = text
# Optional, default = ou
# Active directory: ou
# LDAP: ou
ldap_companyname_attribute = ou
# Optional
# The attribute which indicates which companies are allowed
# to view the members of the selected company
ldap_company_view_attribute = zarafaViewPrivilege
# Optional, default = text
ldap_company_view_attribute_type = text
# The attribute of the company which is listed in the
# ldap_company_view_attribute
# Empty default, using ldap_company_unique_attribute
ldap_company_view_relation_attribute =
# Optional
# The attribute which indicates which users from different companies
# are administrator over the selected company.
ldap_company_admin_attribute = zarafaAdminPrivilege
# Optional, default = text
# Active directory: dn
# LDAP: text
ldap_company_admin_attribute_type = text
# The attribute of the company which is listed in the
# ldap_company_admin_attribute
# Empty default, using ldap_user_unique_attribute
ldap_company_admin_relation_attribute =
# The attribute which indicates which user is the system administrator
# for the specified company.
ldap_company_system_admin_attribute = zarafaSystemAdmin
# Optional, default = text
# Active directory: dn
# LDAP: text
ldap_company_system_admin_attribute_type = text
# The attribute of the company which is listed in the
# ldap_company_system_admin attribute
# Empty default, using ldap_user_unique_attribute
ldap_company_system_admin_relation_attribute =
##########
# Addresslist settings
# Add a filter to the addresslist search
# Hint: Use the zarafaAccount attribute in the filter to differentiate
# between non-zarafa and zarafa addresslists.
# Optional, default = empty (match everything)
ldap_addresslist_search_filter =
# This is the unique attribute of a addresslist which is never going
# to change, unless the addresslist is removed from LDAP. When this
# value changes, Zarafa will remove the previous addresslist from the
# database, and create a new addresslist with this unique value
ldap_addresslist_unique_attribute = cn
# This value can be 'text' or 'binary'. For OpenLDAP, only text is used.
ldap_addresslist_unique_attribute_type = text
# This is the name of the attribute on the addresslist object that
# specifies the filter to be applied for this addresslist. All users
# matching this filter AND matching the default
# ldap_user_search_filter will be included in the addresslist
ldap_addresslist_filter_attribute = zarafaFilter
# This is the name of the attribute on the addresslist object that
# specifies the search base to be applied for this addresslist.
ldap_addresslist_search_base_attribute = zarafaBase
# The attribute containing the name of the addresslist
ldap_addresslist_name_attribute = cn
##########
# Dynamicgroup settings
# Add a filter to the dynamicgroup search
# Hint: Use the zarafaAccount attribute in the filter to differentiate
# between non-zarafa and zarafa dynamic groups.
# Optional, default = empty (match everything)
ldap_dynamicgroup_search_filter =
# This is the unique attribute of a dynamicgroup which is never going
# to change, unless the dynamicgroup is removed from LDAP. When this
# value changes, Zarafa will remove the previous dynamicgroup from the
# database, and create a new dynamicgroup with this unique value
ldap_dynamicgroup_unique_attribute = cn
# This value can be 'text' or 'binary'. For OpenLDAP, only text is used.
ldap_dynamicgroup_unique_attribute_type = text
# This is the name of the attribute on the dynamicgroup object that
# specifies the filter to be applied for this dynamicgroup. All users
# matching this filter AND matching the default
# ldap_user_search_filter will be included in the dynamicgroup
ldap_dynamicgroup_filter_attribute = zarafaFilter
# This is the name of the attribute on the dynamicgroup object that
# specifies the search base to be applied for this dynamicgroup.
ldap_dynamicgroup_search_base_attribute = zarafaBase
# The attribute containing the name of the dynamicgroup
ldap_dynamicgroup_name_attribute = cn
##########
# Quota settings
# Optional
# The attribute which indicates which users (besides the user who exceeds his quota)
# should also receive a warning mail when a user exceeds his quota.
ldap_quota_userwarning_recipients_attribute = zarafaQuotaUserWarningRecipients
# Optional, default = text
# Active directory: dn
# LDAP: text
ldap_quota_userwarning_recipients_attribute_type = text
# Optional, default empty
ldap_quota_userwarning_recipients_relation_attribute =
# Optional
# The attribute which indicates which users should receive a warning mail
# when a company exceeds his quota.
ldap_quota_companywarning_recipients_attribute = zarafaQuotaCompanyWarningRecipients
# Optional, default = text
# Active directory: dn
# LDAP: text
ldap_quota_companywarning_recipients_attribute_type = text
# Optional, default empty
ldap_quota_companywarning_recipients_relation_attribute =
# Whether to override the system wide quota settings
ldap_quotaoverride_attribute = zarafaQuotaOverride
ldap_warnquota_attribute = zarafaQuotaWarn
ldap_softquota_attribute = zarafaQuotaSoft
ldap_hardquota_attribute = zarafaQuotaHard
# Whether to override the system wide quota settings for all users within the company
ldap_userdefault_quotaoverride_attribute = zarafaUserDefaultQuotaOverride
ldap_userdefault_warnquota_attribute = zarafaUserDefaultQuotaWarn
ldap_userdefault_softquota_attribute = zarafaUserDefaultQuotaSoft
ldap_userdefault_hardquota_attribute = zarafaUserDefaultQuotaHard
# Mapping from the quota attributes to a number of bytes. Qmail-LDAP
# schema uses bytes (1), ADS uses kilobytes (1024*1024).
# Warning: the value "ldap_quota_multiplier" has been set via UCR variable "zarafa/cfg/ldap/ldap_quota_multiplier"
ldap_quota_multiplier = 1048576
##########
# Misc. settings
# Attribute which indicates if the user should be hidden from addressbook
ldap_addressbook_hide_attribute = zarafaHidden
# LDAP object search filter. %s in this filter will be replaced with
# the object being searched.
# Hint: Use the zarafaAccount attribute in the filter to differentiate
# between non-zarafa and zarafa objects.
# Default: empty
# ADS recommended: (anr=%s)
# OpenLDAP optional: (|(mail=%s*)(uid=%s*)(cn=*%s*)(fullname=*%s*)(givenname=*%s*)(lastname=*%s*)(sn=*%s*))
ldap_object_search_filter =
# If a request want more objects than this value, it will download the
# full ldap tree (from the base with the search filter) and discard
# wat was not required. This is faster for large requests.
# Default: 1000
ldap_filter_cutoff_elements = 1000
Die server.cfg:
##############################################################
# SERVER SETTINGS
# IP Address to bind to (0.0.0.0 for ANY)
# Set to 127.0.0.1 if connections should only come from localhost
# and through the webserver proxy
server_bind = 0.0.0.0
# Accept normal TCP connections (not recommended to disable)
server_tcp_enabled = yes
# Port to bind to
server_tcp_port = 236
# Accept unix pipe connections (not recommended to disable)
server_pipe_enabled = yes
# Unix socket location
server_pipe_name = /var/run/zarafa
# Priority unix socket location
server_pipe_priority = /var/run/zarafa-prio
# Name for identifying the server in a multi-server environment
# Warning: the value "server_name" has been set via UCR variable "zarafa/cfg/server/server_name"
server_name = snas
# Override the hostname of this server, used by Kerberos SSO if enabled
server_hostname =
# Database engine (mysql)
database_engine = mysql
# Allow connections from normal users through the unix socket
allow_local_users = yes
# local admin users who can connect to any store (use this for the zarafa-dagent)
# field is SPACE separated
# eg: local_admin_users = root vmail
local_admin_users = root
# The user has full rights on a folder by default, uncomment the following line to disable this.
# owner_auto_full_access = false
# Warning: the value "owner_auto_full_access" has been set via UCR variable "zarafa/cfg/server/owner_auto_full_access"
owner_auto_full_access = true
# e-mail address of the Zarafa System user
system_email_address = postmaster@localhost
# drop privileges and run the process as this user
run_as_user =
# drop privileges and run the process as this group
run_as_group =
# create a pid file for stopping the service via the init.d scripts
pid_file = /var/run/zarafa-server.pid
# run server in this path (when not using the -F switch)
running_path = /
# create memory coredumps upon crash in the running_path directory
coredump_enabled = yes
# session timeout for clients. Values lower than 300 will be upped to 300
# automatically. If the server hears nothing from a client in session_timeout
# seconds, then the session is killed.
session_timeout = 300
# Socket to connect to license server
license_socket = /var/run/zarafa-licensed
# Time (in seconds) to wait for a connection to the license server before
# terminating the request.
license_timeout = 10
##############################################################
# LOG SETTINGS
# Logging method (syslog, file), syslog facility is 'mail'
log_method = file
# Logfile (for log_method = file, '-' for stderr)
log_file = /var/log/zarafa/server.log
# Loglevel (0=no logging, 5=full logging)
log_level = 2
# Log timestamp - prefix each log line with timestamp in 'file' logging mode
log_timestamp = 1
##############################################################
# AUDIT LOG SETTINGS
# Audit logging is by default not enabled
audit_log_enabled = no
# Audit logging method (syslog, file), syslog facility is 'authpriv'
audit_log_method = syslog
# Audit logfile (for log_method = file, '-' for stderr)
audit_log_file = /var/log/zarafa/audit.log
# Audit loglevel (0=no logging, 1=full logging)
audit_log_level = 1
# Audit log timestamp - prefix each log line with timestamp in 'file' logging mode
audit_log_timestamp = 1
##############################################################
# MYSQL SETTINGS (for database_engine = mysql)
# MySQL hostname to connect to for database access
# Warning: the value "mysql_host" has been set via UCR variable "zarafa/cfg/server/mysql_host"
mysql_host = localhost
# MySQL port to connect with (usually 3306)
# Warning: the value "mysql_port" has been set via UCR variable "zarafa/cfg/server/mysql_port"
mysql_port = 3306
# The user under which we connect with MySQL
# Warning: the value "mysql_user" has been set via UCR variable "zarafa/cfg/server/mysql_user"
mysql_user = zarafaDbUser
# The password for the user (leave empty for no password)
# Warning: the value "mysql_password" has been set via UCR variable "zarafa/cfg/server/mysql_password"
mysql_password = ********
# Override the default MySQL socket to access mysql locally
# Works only if the mysql_host value is empty or 'localhost'
mysql_socket =
# Database to connect to
# Warning: the value "mysql_database" has been set via UCR variable "zarafa/cfg/server/mysql_database"
mysql_database = zarafa
# Where to place attachments. Value can be 'database' or 'files'
attachment_storage = files
# When attachment_storage is 'files', use this path to store the files
attachment_path = /var/lib/zarafa/attachments
# Compression level for attachments when attachment_storage is 'files'.
# Set compression level for attachments disabled=0, max=9
attachment_compression = 6
##############################################################
# SSL SETTINGS
# enable SSL support in server
# Warning: the value "server_ssl_enabled" has been set via UCR variable "zarafa/cfg/server/server_ssl_enabled"
server_ssl_enabled = yes
# Listen for SSL connections on this port
server_ssl_port = 237
# Required Server certificate, contains the certificate and the private key parts
# Warning: the value "server_ssl_key_file" has been set via UCR variable "zarafa/cfg/server/server_ssl_key_file"
server_ssl_key_file = /etc/zarafa/ssl/server.pem
# Password of Server certificate
server_ssl_key_pass = replace-with-server-cert-password
# Required Certificate Authority of server
# Warning: the value "server_ssl_ca_file" has been set via UCR variable "zarafa/cfg/server/server_ssl_ca_file"
server_ssl_ca_file = /etc/univention/ssl/ucsCA/CAcert.pem
# Path with CA certificates, e.g. /etc/ssl/certs
server_ssl_ca_path =
# SSL protocols to use, set to '!SSLv2' for 'server_ssl_enable_v2 = no'
# Warning: the value "server_ssl_protocols" has been set via UCR variable "zarafa/cfg/server/server_ssl_protocols"
server_ssl_protocols = !SSLv2
# SSL ciphers to use, set to 'ALL' for backward compatibility
# Warning: the value "server_ssl_ciphers" has been set via UCR variable "zarafa/cfg/server/server_ssl_ciphers"
server_ssl_ciphers = ALL:!LOW:!SSLv2:!EXP:!aNULL
# Prefer the server's order of SSL ciphers over client's
# Warning: the value "server_ssl_prefer_server_ciphers" has been set via UCR variable "zarafa/cfg/server/server_ssl_prefer_server_ciphers"
server_ssl_prefer_server_ciphers = no
# Path of SSL Public keys of clients
sslkeys_path = /etc/zarafa/sslkeys
##############################################################
# THREAD SETTINGS
# Number of server threads
# default: 8
threads = 8
# Watchdog frequency. The number of watchdog checks per second.
# default: 1
watchdog_frequency = 1
# Watchdog max age. The maximum age in ms of a task before a
# new thread is started.
# default: 500
watchdog_max_age = 500
# Maximum SOAP keep_alive value
# default: 100
server_max_keep_alive_requests = 100
# SOAP recv timeout value (time between requests)
# default: 5
server_recv_timeout = 5
# SOAP read timeout value (time during requests)
# default: 60
server_read_timeout = 60
# SOAP send timeout value
# default: 60
server_send_timeout = 60
##############################################################
# OTHER SETTINGS
# Softdelete clean cycle (in days) 0=never running
softdelete_lifetime = 30
# Sync lifetime, removes all changes remembered for a client after x days of inactivity
sync_lifetime = 90
# Set to 'yes' if all changes (for synchronization) to messages should be logged to the database
sync_log_all_changes = yes
# Set to 'yes' if you have Kerberos or NTLM correctly configured for single sign-on
enable_sso = no
# Set to 'yes' if you want to show the GAB to your users
enable_gab = yes
# Authentication can be through plugin (default, recommended), pam or kerberos
auth_method = plugin
# If auth_method is set to pam, you should provide the pam service name
pam_service = passwd
#############################################################
# CACHE SETTINGS
#
# To see the live cache usage, use 'zarafa-stats --system'.
# Size in bytes of the 'cell' cache (should be set as high as you can afford to set it)
cache_cell_size = 256M
# Size in bytes of the 'object' cache
cache_object_size = 5M
# Size in bytes of the 'indexed object' cache
cache_indexedobject_size = 16M
# Size in bytes of the userquota details
cache_quota_size = 1M
# Lifetime for userquota details
cache_quota_lifetime = 1
# Size in bytes of the acl cache
cache_acl_size = 1M
# Size in bytes of the store id/guid cache
cache_store_size = 1M
# Size in bytes of the 'user id' cache (this is allocated twice)
cache_user_size = 1M
# Size in bytes of the 'user details' cache
cache_userdetails_size = 26214400
# Lifetime for user details
# Warning: the value "cache_userdetails_lifetime" has been set via UCR variable "zarafa/cfg/server/cache_userdetails_lifetime"
cache_userdetails_lifetime = 5
# Size in bytes of the server details (multiserver setups only)
cache_server_size = 1M
# Lifetime for server details (multiserver setups only)
cache_server_lifetime = 30
##############################################################
# QUOTA SETTINGS
# The default Warning Quota Level. Set to 0 to disable this level.
# The user will receive an email when this level is reached. Value is in Mb. Default value is 0.
quota_warn = 0
# The default Soft Quota Level. Set to 0 to disable this level.
# The user will still receive mail, but sending new mail is prohibited, until objects are removed from the store.
# VALUE is in Mb. Default value is 0.
quota_soft = 0
# The default Hard Quota Level. Set to 0 to disable this level.
# The user can not receive and send mail, until objects are removed from the store.
# Value is in Mb. Default value is 0.
quota_hard = 0
# The default Warning Quota Level for multitenant public stores. Set to 0 to disable this level.
# The tenant administrator will receive an email when this level is reached. Value is in Mb. Default value is 0.
companyquota_warn = 0
##############################################################
# USER PLUGIN SETTINGS
# Name of the plugin that handles users
# Required, default = db
# Values: ldap, unix, db, ldapms (available in enterprise license)
# Warning: the value "user_plugin" has been set via UCR variable "zarafa/cfg/server/user_plugin"
user_plugin = ldap
# configuration file of the user plugin, examples can be found in /usr/share/doc/zarafa/example-config
user_plugin_config = /etc/zarafa/ldap.cfg
# location of the zarafa plugins
# if you have a 64bit distribution, this probably should be changed to /usr/lib64/zarafa
plugin_path = /usr/lib/zarafa
# scripts which create stores for users from an external source
# used for ldap and unix plugins only
createuser_script = /etc/zarafa/userscripts/createuser
deleteuser_script = /etc/zarafa/userscripts/deleteuser
creategroup_script = /etc/zarafa/userscripts/creategroup
deletegroup_script = /etc/zarafa/userscripts/deletegroup
createcompany_script = /etc/zarafa/userscripts/createcompany
deletecompany_script = /etc/zarafa/userscripts/deletecompany
# Set this option to 'yes' to skip the creation and deletion of new users
# The action will be logged, so you can see if your changes to the plugin
# configuration are correct.
user_safe_mode = no
##############################################################
# MISC SETTINGS
# Thread size in KB, default is 512
# WARNING: Do not set too small, your server WILL crash
thread_stacksize = 512
# Enable multi-tenancy environment
# When set to true it is possible to create tenants within the
# zarafa instance and assign all users and groups to particular
# tenants.
# When set to false, the normal single-tenancy environment is created.
enable_hosted_zarafa = false
# Enable multi-server environment
# When set to true it is possible to place users and tenants on
# specific servers.
# When set to false, the normal single-server environment is created.
enable_distributed_zarafa = false
# Display format of store name
# Allowed variables:
# %u Username
# %f Fullname
# %c Teantname
# default: %f
storename_format = %f
# Loginname format (for Multi-tenancy installations)
# When the user does not login through a system-wide unique
# username (like the email address) a unique name is created
# by combining the username and the tenantname.
# With this configuration option you can set how the
# loginname should be built up.
#
# Note: Do not use the = character in the format.
#
# Allowed variables:
# %u Username
# %c Teantname
#
# default: %u
loginname_format = %u
# Set to yes for Windows clients to be able to download the latest
# Zarafa Outlook client from the Zarafa server
client_update_enabled = false
# Place the correct Zarafa Outlook Client in this directory for
# Windows clients to download through the Zarafa server
client_update_path = /var/lib/zarafa/client
# Recieve update information from the client (0 = disabled, 1 = only on error, 2 = log always)
client_update_log_level = 1
# Log location for the client auto update files
client_update_log_path = /var/log/zarafa/autoupdate
# Everyone is a special internal group, which contains every user and group
# You may want to disable this group from the Global Addressbook by setting
# this option to 'yes'. Administrators will still be able to see the group.
hide_everyone = no
# System is a special internal user, which has super-admin privileges
# You may want to disable this user from the Global Addressbook by setting
# this option to 'yes'. Administrators will still be able to see the user.
hide_system = yes
# Use Indexing service for faster searching.
# Enabling this option requires the zarafa-search service to
# be running.
# Warning: the value "search_enabled" has been set via UCR variable "zarafa/cfg/server/search_enabled"
search_enabled = yes
# Path to the zarafa-search service, this option is only required
# if the server is going to make use of the indexing service.
search_socket = file:///var/run/zarafa-search
# Time (in seconds) to wait for a connection to the zarafa-search service
# before terminating the indexed search request.
search_timeout = 10
# Allow enhanced ICS operations to speedup synchronization with cached profiles.
# default: yes
enable_enhanced_ics = yes
# SQL Procedures allow for some optimized queries when streaming with enhanced ICS.
# This is default disabled because you must set 'thread_stack = 256k' in your
# MySQL server config under the [mysqld] tag and restart your MySQL server.
enable_sql_procedures = no
# Synchronize GAB users on every open of the GAB (otherwise, only on
# zarafa-admin --sync)
# Warning: the value "sync_gab_realtime" has been set via UCR variable "zarafa/cfg/server/sync_gab_realtime"
sync_gab_realtime = no
# Disable features for users. Default all features are disabled. This
# list is space separated. Currently valid values: imap
disabled_features = imap pop3
# Maximum number of deferred records in total
max_deferred_records = 0
# Maximum number of deferred records per folder
max_deferred_records_folder = 20
# Restrict the permissions that admins receive to folder permissions only. Please
# read the server.cfg manpage before enabling this option so you really understand
# the implications
restrict_admin_permissions = no
# The maximum level of attachment recursion; Defines the number of
# attachment-in-attachment in-attachment levels are allowed when saving and
# replicating objects in the database. If you really want a higher level of
# recursion than about 20, you probably have to increase MySQL's stack_size
# to allow replication to work properly.
embedded_attachment_limit = 20
# Header to detect whether a connection has been received through a proxy. The
# value of the header is not inspected. If the header exists then the connection
# is taken to be received via a proxy. An empty value disables proxy detection
# and the value of '*' is used to indicate that all connections are proxied
proxy_header =
