cutemeli/server
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2adfbd9ea73fc04955d459a3e37101263067ebdb
server/usr/share/psa-horde/config/conf.xml
cutemeli 2adfbd9ea7 .gitignore angepasst
2026-01-07 20:52:11 +01:00

2374 lines
107 KiB
XML
Raw Blame History

<?xml version="1.0"?>
<!-- $Id: 5841de7a8bd742b764f603953bef5d16a75a0da4 $ -->
<configuration>
<configtab name="general" desc="General">
<configheader>General Horde Settings</configheader>
<configboolean name="vhosts" desc="Enable virtual host configuration? If you
want to use a single Horde installation for different virtual hosts, you can
create separate configuration files for each virtual host,
e.g. &lt;code&gt;conf-www.example.com.php&lt;/code&gt; or
&lt;code&gt;prefs-mail.example.com.php&lt;/code&gt;. The global configuration
files are always loaded first, and virtual host specific files are not
required. If running command line scripts, you can specify the host name with
the environment variable SERVER_NAME.">false</configboolean>
<configheader>PHP Settings</configheader>
<configphp name="debug_level" desc="The value to set
error_reporting() to.
See http://www.php.net/manual/function.error-reporting.php for more
information and possible values.">E_ALL &amp; ~E_NOTICE</configphp>
<configinteger name="max_exec_time" desc="If we need to perform a long
operation, what should we set max_execution_time to (in seconds)? 0 means no
limit; however, a value of 0 will cause a warning if you are running in safe
mode. See http://www.php.net/manual/function.set-time-limit.php for more
information.">0</configinteger>
<configboolean name="compress_pages" desc="If this option is set to true, and
you have the php zlib extension installed, pages over a certain size will be
compressed and sent to the browser as gzip-encoded data in order to save
bandwidth. There is little reason not to enable this.">true</configboolean>
<configsecret name="secret_key" desc="Secret key for generating signed
messages from this server. This is a random string unique to this Horde
installation."></configsecret>
<configinteger name="umask" octal="true" desc="What umask should we run
with? This will affect the permissions on any temporary files that are
created. This value is an integer.">077</configinteger>
<configboolean name="testdisable" desc="Disable the test script
(horde/test.php)? For security reasons, this is disabled by
default">true</configboolean>
<configstring name="tmpdir" required="false" desc="If you want to use a
temporary directory other than the system default or the one specified in
php's upload_tmp_dir value, enter it here."/>
<configheader>URL Settings</configheader>
<configenum name="use_ssl" quote="false" desc="Determines how we generate
full URLs (for location headers and such).">2
<values>
<value desc="Assume that we are not using SSL and never generate https
URLs.">0</value>
<value desc="Assume that we are using SSL and always generate https
URLs.">1</value>
<value desc="Attempt to auto-detect, and generate URLs
appropriately">2</value>
<value desc="Assume that we are not using SSL and generate https URLs only
for login.">3</value>
</values>
</configenum>
<configsection name="server">
<configphp name="name" desc="What server name should we use? You'll probably
know if you need to change this default; only in situations where you need
to override what Apache thinks the server name is.">
$_SERVER['SERVER_NAME']</configphp>
<configphp name="port" required="false" desc="What port number is the
webserver running on? Again, you shouldn't need to change the default, and
you probably know it if you do. The exception is if you have chosen to
always generate https URLs, as described above."/>
</configsection>
<configsection name="urls">
<configinteger name="token_lifetime" desc="This is the length of time in
minutes that links protected with request tokens (to prevent cross-site
request forgery) will be valid. Higher values may make your users more
vulnerable to these attacks.">30</configinteger>
<configinteger name="hmac_lifetime" desc="This is the length of time in
minutes that links signed with HMACs (to prevent forged URL parametes)
will be valid. Higher values may make your users more vulnerable to
forgery or phishing.">30</configinteger>
<configenum name="pretty" required="false" desc="Use pretty URLs?">false
<values>
<value desc="No (GET-based URLs)">false</value>
<value desc="URL rewriting (mod_rewrite, lighttpd rules, etc.)">rewrite</value>
</values>
</configenum>
</configsection>
<configlist name="safe_ips" required="false" desc="A list of IP subnets
that are considered safe, e.g. to transfer encryption passphrases without
requiring an HTTPS connection. (Example: 192.168.0.0, 10.0.0.0) To consider
all connections to be safe (e.g. when SSL is handled by an SSL crypto card
and not by the webserver) this value should be '*'."/>
<configheader>Session Settings</configheader>
<configsection name="session">
<configstring name="name" desc="What name should we use for the session
that Horde applications share? If you want to share sessions with other
applications on your webserver, you will need to make sure that they are
using the same session name. This value can also be used to invalidate
previous sessions when upgrading your local version of Horde (Note: Session
names must consist of only alphanumeric characters.)">Horde</configstring>
<configboolean name="use_only_cookies" desc="Should we only allow session
information to be stored in a session cookie and not be passed by URL (GET)
parameters? This is on by default because passing session information in
the URL is a security risk. &lt;b&gt;Consider carefully before turning it
off&lt;/b&gt;. Cookies must be working and enabled in the browser though, or
you won't be able to login to Horde. If false, session information will be
passed via both the URL and cookies.">true</configboolean>
<configinteger name="timeout" desc="The cookie lifetime (in seconds). If 0,
(DEFAULT; RECOMMENDED) cookies will expire when the browser closes.
Otherwise, this is the length after which a cookie will expire (this
lifetime is updated after every browser request). Setting a non-zero value
is NOT RECOMMENDED as there is no guarantee a session will ever expire;
additionally, the session expiration value is based on the SERVER, not the
CLIENT, so this will most certainly not work the way you want/think it
should (see
http://www.php.net/manual/en/function.session-set-cookie-params.php) for
further information.">0</configinteger>
<configstring name="cache_limiter" desc="What caching level should we use
for the session? DO NOT CHANGE THIS UNLESS YOU &lt;strong&gt;REALLY
&lt;/strong&gt; KNOW WHAT YOU ARE DOING. Setting this to anything other
than 'nocache' will almost certainly result in severely broken script
behavior.">nocache</configstring>
<configinteger name="max_time" desc="The maximum length of time (in
seconds) a session can be active after user authentication before it will
be destroyed. (Sessions may otherwise never timeout if a user never closes
their browser.) 0 means there is no maximum session time (NOT
RECOMMENDED).">604800</configinteger>
</configsection>
<configsection name="cookie">
<configphp name="domain" desc="What domain should we set cookies from? If
you have a cluster that needs to share cookies, this might be '.example.com'
- the leading '.' is important. If you only use session cookies (see
above), but you are running Horde on an intranet server without a domain
part, i.e. http//horde/, you need to set this value to ''. Most likely,
though, you won't have to change the
default.">$_SERVER['SERVER_NAME']</configphp>
<configstring name="path" desc="What path should we set cookies to? For
maximum security this should match the URL where Horde is on your webserver.
If Horde is at /horde, then this should be '/horde'. If Horde is installed
as the document root, then this needs to be '/' - NOT ''. If IE will be
used to access Horde modules, you should read this first
(discussing issues with IE's Content Advisor):
http://lists.horde.org/archives/imp/Week-of-Mon-20030113/029149.html">
/</configstring>
</configsection>
</configtab>
<configtab name="db" desc="Database">
<configdescription>&lt;strong&gt;NOTE:&lt;/strong&gt; These are only the
&lt;em&gt;default&lt;/em&gt; values for any database driven backends. You
still need to configure the different systems like "Preferences" to actually
&lt;em&gt;use&lt;/em&gt; a database backend.</configdescription>
<configsection name="sql">
<configheader>SQL Database Settings</configheader>
<configdescription>These are the database settings for the traditional
relational databases backends (e.g. databases that use SQL to manage its
data).</configdescription>
<configsql switchname="phptype" baseconfig="true" />
</configsection>
<configsection name="nosql">
<configheader>NoSQL Database Settings</configheader>
<configdescription>These are the database settings for the NoSQL database
backends. These are databases generally optimized for
scalability/availability, but do not use a standardized query language to
interact with the data.</configdescription>
<confignosql switchname="phptype" baseconfig="true" default="false"/>
</configsection>
</configtab>
<configtab name="ldap" desc="LDAP">
<configsection name="ldap">
<configheader>LDAP Settings</configheader>
<configdescription>&lt;strong&gt;NOTE:&lt;/strong&gt; These are only the
&lt;em&gt;default&lt;/em&gt; values for any LDAP driven backends. You
still need to configure the different systems like "Preferences" to actually
&lt;em&gt;use&lt;/em&gt; a LDAP backend.</configdescription>
<configldap switchname="useldap" baseconfig="true" />
</configsection>
</configtab>
<configtab name="auth" desc="Authentication">
<configsection name="auth">
<configheader>Authentication Settings</configheader>
<configlist name="admins" desc="Which users should be treated as
administrators (root, super-user) by Horde?" required="false"/>
<configboolean name="checkip" desc="Should we always store and validate
the IP address of the client (as seen by the web server) in the session?
Doing so will help increase security by making it harder for an attacker
from another host to hijack the session.">true</configboolean>
<configboolean name="checkbrowser" desc="Should we always store and
validate the browser string of the client (as seen by the web server) in
the session? Doing so will help increase security by making it harder for
an attacker to hijack the session.">true</configboolean>
<configswitch name="resetpassword" desc="Allow users to reset passwords and
provide a link on the login screen?">true
<case name="true" desc="Yes">
<configstring name="resetpassword_from" required="false" desc="The e-mail
address to send password reset e-mails from. If empty, is sent from the
user's e-mail address."/>
</case>
<case name="false" desc="No"/>
</configswitch>
<configstring name="alternate_login" desc="If this is not false, it is
assumed to be the URL of an alternate login screen which will be used in
place of horde's default login screen. The URL will have an &quot;app&quot;
parameter appended that contains the application that redirected to the
login screen, and a &quot;url&quot; parameter with the originally requested
URL. The alternate login screen should redirect to that URL after
authentication. Alternatively you can include a &quot;%u&quot; place holder
in the alternate URL that will be replaced by that original
URL. Optionally appended URL parameters are &quot;logout_reason&quot; that
contains a number with the logout reason (see the Horde_Auth::REASON_*
constants for possible values), and &quot;logout_msg&quot; that contains an
error message describing the logout reason.">false</configstring>
<configstring name="redirect_on_logout" desc="If this is not false, it is
assumed to be the URL of an alternate logout page which users will be sent
to when they log out.">false</configstring>
<configenum name="list_users" desc="If the authentication backend is
capable of listing all users, should we show this list to the users,
e.g. in the permissions screen?">list
<values>
<value desc="Show a drop down list">list</value>
<value desc="Show an input field">input</value>
<value desc="Show both, a list and an input field">both</value>
</values>
</configenum>
<configswitch name="driver" desc="What backend should we use for
authenticating users to Horde?">
<case name="application" desc="Let a Horde application handle
authentication">
<configsection name="params">
<configenum name="app" desc="The application which is providing
authentication">imp
<values>
<configspecial application="horde" name="apps" />
</values>
</configenum>
</configsection>
</case>
<case name="auto" desc="Automatic authentication as a certain user">
<configsection name="params">
<configstring name="username" desc="The username to authenticate
everyone as">horde_user</configstring>
<configstring name="password" desc="The password to use for the user's
credentials" required="false"/>
<configboolean name="requestuser" desc="Allow username to be passed by
GET, POST or cookie?">false</configboolean>
</configsection>
</case>
<case name="composite" desc="Composite authentication">
<configdescription>
This authentication driver needs manual configuration not possible
through this interface. Add the appropriate configuration lines at the
end of the generated configuration file. See
http://wiki.horde.org/AuthCompositeHowTo for details.
</configdescription>
</case>
<case name="ftp" desc="FTP authentication">
<configsection name="params">
<configstring name="hostspec" desc="The hostname or IP address of the
FTP server">localhost</configstring>
<configinteger name="port" desc="The server port to connect to">
21</configinteger>
</configsection>
</case>
<case name="http" desc="HTTP (Basic Authentication/.htpasswd)
authentication">
<configsection name="params">
<configboolean name="show_encryption" required="false" desc="Prepend the
password algorithm to the password value?">true</configboolean>
<configstring name="htpasswd_file" required="false" desc="The location of
the htpasswd file containing the user names and passwords"/>
<configenum name="encryption" desc="The password hashing algorithm used in the htpasswd file">crypt-des
<values>
<value>aprmd5</value>
<value>crypt</value>
<value>crypt-blowfish</value>
<value>crypt-des</value>
<value>crypt-md5</value>
<value>crypt-sha256</value>
<value>crypt-sha512</value>
<value>md5-base64</value>
<value>md5-hex</value>
<value>plain</value>
<value>sha</value>
<value>smd5</value>
<value>ssha</value>
</values>
</configenum>
</configsection>
</case>
<case name="httpRemote" desc="Remote HTTP Authentication">
<configsection name="params">
<configstring name="url" desc="The remote HTTP endpoint to authenticate against" />
</configsection>
</case>
<case name="imap" desc="IMAP authentication">
<configsection name="params">
<configstring name="hostspec" desc="The hostname or IP address of the
server">localhost</configstring>
<configinteger name="port" desc="The server port to which we will
connect. IMAP is generally 143, while IMAP-SSL is generally
993.">143</configinteger>
<configenum name="secure" desc="The encryption to use to connect to
the IMAP server.">tls
<values>
<value>none</value>
<value>tls</value>
<value>ssl</value>
</values>
</configenum>
</configsection>
</case>
<case name="imsp" desc="IMSP server authentication" />
<case name="ipbasic" desc="IP based authentication">
<configsection name="params">
<configlist name="blocks" desc="A list of CIDR masks which are allowed
access"/>
</configsection>
</case>
<case name="kolab" desc="Kolab authentication">
<configsection name="params">
</configsection>
</case>
<case name="ldap" desc="LDAP authentication">
<configsection name="params">
<configldap switchname="driverconfig" excludebind="user">
<configstring name="sizelimit" required="false" desc="Size limit for
listing users on large directories"/>
<configboolean name="ad" desc="Is this an AD server?">
false</configboolean>
<configstring name="uid" desc="The username search key (set to
samaccountname for AD)"/>
<configenum name="encryption" desc="The password hashing algorithm to
use">ssha
<values>
<value>aprmd5</value>
<value>crypt</value>
<value>crypt-blowfish</value>
<value>crypt-des</value>
<value>crypt-md5</value>
<value>crypt-sha256</value>
<value>crypt-sha512</value>
<value>md5-base64</value>
<value>md5-hex</value>
<value>msad</value>
<value>plain</value>
<value>sha</value>
<value>smd5</value>
<value>ssha</value>
</values>
</configenum>
<configlist name="newuser_objectclass" desc="What objectclasses should a
new user account be member of? These objectclasses should cover the
cn,sn,userPassword attributes as well as the username search key">
shadowAccount,inetOrgPerson</configlist>
<configstring name="filter" desc="The LDAP RFC formatted filter used
to search for users.">(objectclass=shadowAccount)
</configstring>
<configswitch name="password_expiration" desc="Enable the creating of
accounts with expiring passwords? (Note: New users should have the
shadowAccount objectclass)">no
<case name="no" desc="no" />
<case name="yes" desc="yes">
<configstring name="minage" desc="After how many days may a password
be changed again?">5</configstring>
<configstring name="maxage" desc="How many days will a password
remain valid?">30</configstring>
<configstring name="warnage" desc="How many days before expiration
should a user be warned?">5</configstring>
</case>
</configswitch>
</configldap>
</configsection>
</case>
<case name="login" desc="Login (su) authentication">
<configsection name="params">
<configstring name="location" desc="Location of the su binary">
/bin/su</configstring>
</configsection>
</case>
<case name="pam" desc="PAM (Pluggable Authentication Modules)
authentication">
<configsection name="params">
<configstring name="service" desc="The name of the PAM service to use
when authenticating">php</configstring>
</configsection>
</case>
<case name="passwd" desc="password file authentication">
<configsection name="params">
<configstring name="filename" desc="The password file to use">
/etc/passwd</configstring>
<configenum name="encryption" required="false" desc="The password
hashing algorithm used in the password file">crypt
<values>
<value>aprmd5</value>
<value>crypt</value>
<value>crypt-blowfish</value>
<value>crypt-des</value>
<value>crypt-md5</value>
<value>crypt-sha256</value>
<value>crypt-sha512</value>
<value>md5-base64</value>
<value>md5-hex</value>
<value>plain</value>
<value>sha</value>
<value>smd5</value>
<value>ssha</value>
</values>
</configenum>
<configboolean name="show_encryption" required="false" desc="Prepend the
password algorithm to the password value?">false</configboolean>
<configstring name="group_filename" required="false" desc="An accompanying group file" />
<configlist name="required_groups" required="false" desc="A comma-separated list of groups allowed to log in. If blank, or if there is no group file, any valid user will be allowed to log in." />
<configboolean name="lock" desc="Should we lock the password file? This incurs a concurrent performance penalty, but is required if you want the ability to add, update, or delete users.">
false</configboolean>
</configsection>
</case>
<case name="radius" desc="Radius authentication">
<configsection name="params">
<configstring name="host" desc="The RADIUS host to use (IP address or
fully qualified hostname)">localhost</configstring>
<configinteger name="port" required="false" desc="The port to use on the
RADIUS server"/>
<configenum name="method" desc="The RADIUS method to use for validating
the request">PAP
<values>
<value desc="PAP">PAP</value>
<value desc="CHAP_MD5 (not supported at the moment)">CHAP_MD5</value>
<value desc="MSCHAPv1 (not supported at the moment)">MSCHAPv1</value>
<value desc="MSCHAPv2 (not supported at the moment)">MSCHAPv2</value>
</values>
</configenum>
<configstring name="nas" required="false" desc="The RADIUS NAS
identifier to use." />
<configstring name="secret" desc="The RADIUS shared secret string for the
host. The RADIUS protocol ignores all but the leading 128 bytes of the
shared secret."/>
<configinteger name="retries" required="false" desc="The maximum number
of repeated requests to make before giving up [3]"/>
<configstring name="suffix" required="false" desc="The domain name to add
to unqualified user names"/>
<configinteger name="timeout" required="false" desc="The timeout for
receiving replies from the server (in seconds) [3]"/>
</configsection>
</case>
<case name="peclsasl" desc="SASL authentication">
<configsection name="params">
<configstring name="app" desc="The name of the authenticating
application">horde</configstring>
<configstring name="service" desc="The name of the SASL service to use
when authenticating">php</configstring>
</configsection>
</case>
<case name="shibboleth" desc="Shibboleth Authentication">
<configsection name="params">
<configstring name="username_header" desc="The HTTP header holding the
username">REMOTE_USER</configstring>
<configswitch name="password_holder" desc="Where should we get the
password for hordeauth from?">
<case name="none" desc="No passwords"/>
<case name="header" desc="HTTP Header">
<configstring name="password_header" desc="The HTTP header holding the
password" required="false"></configstring>
</case>
<case name="preferences" desc="Horde Preferences">
<configstring name="password_preference" desc="The Horde preference
that contains the password" required="false"></configstring>
</case>
</configswitch>
</configsection>
</case>
<case name="smb" desc="SMB (smbauth extension) authentication">
<configsection name="params">
<configstring name="hostspec" desc="IP, DNS Name, or NetBios Name of the
SMB server to authenticate with">localhost</configstring>
<configstring name="domain" desc="The domain name to authenticate with"/>
<configstring name="group" required="false" desc="Optional group name
that the user must be a member of"/>
</configsection>
</case>
<case name="smbclient" desc="SMB (smbclient) authentication">
<configsection name="params">
<configstring name="hostspec" desc="IP, DNS Name, or NetBios Name of the
SMB server to authenticate with">localhost</configstring>
<configstring name="domain" desc="The domain name to authenticate with"/>
<configstring name="smbclient_path" desc="The location of the smbclient program">/usr/bin/smbclient</configstring>
</configsection>
</case>
<case name="sql" desc="SQL authentication">
<configsection name="params">
<configsql switchname="driverconfig" />
<configstring name="table" required="false" desc="The name of the auth
table in the database [horde_users]"/>
<configstring name="username_field" required="false" desc="The name of
the username field in the auth table [user_uid]"/>
<configstring name="password_field" required="false" desc="The name of
the password field in the auth table [user_pass]"/>
<configstring name="soft_expiration_field" required="false" desc="The
name of a field containing a UNIX timestamp. When a user logs in after
the specified time, if 'passwd' is installed, that user will be asked to
change his or her password. This feature is disabled by default."/>
<configstring name="hard_expiration_field" required="false" desc="The
name of a field containing a UNIX timestamp. A user will not be able to
log in after the specified time. This feature is disabled by default."/>
<configinteger name="soft_expiration_window" required="false"
desc="This is how often, in days, the user must change his or her
password. When the user's password is updated, the &quot;soft&quot;
expiration is set this many days in the future. If not provided,
the user's password will not expire by default."/>
<configinteger name="hard_expiration_window" required="false" desc="The
number of days in the grace period the user has to change his or her
password after it has expired. If not provided, the grace period will
not expire."/>
<configenum name="encryption" required="false" desc="The password hashing algorithm to use">ssha
<values>
<value>aprmd5</value>
<value>crypt</value>
<value>crypt-blowfish</value>
<value>crypt-des</value>
<value>crypt-md5</value>
<value>crypt-sha256</value>
<value>crypt-sha512</value>
<value>joomla-md5</value>
<value>md5-base64</value>
<value>md5-hex</value>
<value>mysql</value>
<value>plain</value>
<value>sha</value>
<value>smd5</value>
<value>ssha</value>
</values>
</configenum>
<configboolean name="show_encryption" required="false" desc="Prepend the password algorithm to the password value?">false</configboolean>
</configsection>
</case>
<case name="customsql" desc="SQL authentication w/custom-made queries">
<configsection name="params">
<configenum name="phptype" desc="The name of the database">mysql
<values>
<value desc="MySQL">mysql</value>
<value desc="MySQL (mysqli)">mysqli</value>
<value desc="ODBC">odbc</value>
<value desc="PostgreSQL">pgsql</value>
</values>
</configenum>
<configswitch name="protocol" desc="What protocol will we use to connect
to the database?">unix
<case name="unix" desc="UNIX Sockets">
<configstring name="socket" required="false" desc="Location of UNIX
socket"></configstring>
</case>
<case name="tcp" desc="TCP/IP">
<configstring name="hostspec" desc="What hostname is the database server
running on, or what is the name of the system DSN to use?">
localhost</configstring>
<configinteger name="port" required="false" desc="Port the DB is
running on, if non-standard"/>
</case>
</configswitch>
<configstring name="username" desc="What username do we authenticate to
the database server as?">horde</configstring>
<configstring name="password" required="false" desc="What password do we
authenticate to the database server with?"/>
<configstring name="database" desc="What database name/tablespace are we
using?">horde</configstring>
<configdescription>
Some special tokens can be used in the sql query. They are replaced at
the query stage:&lt;ul&gt;
&lt;li&gt;"\L" will be replaced by the user's login&lt;/li&gt;
&lt;li&gt;"\P" will be replaced by the user's password&lt;/li&gt;
&lt;li&gt;"\O" will be replaced by the old user's login (required for
update)&lt;/li&gt;&lt;/ul&gt;
Eg: "SELECT * FROM users WHERE uid = \L AND passwd = \P AND billing =
'paid'"
</configdescription>
<configstring name="query_auth" required="false" desc="Authenticate the user"/>
<configstring name="query_add" required="false" desc="Add user"/>
<configstring name="query_getpw" required="false" desc="Get a user's password"/>
<configstring name="query_update" required="false" desc="Update user"/>
<configstring name="query_resetpassword" required="false" desc="Reset a user's password"/>
<configstring name="query_remove" required="false" desc="Remove user"/>
<configstring name="query_list" required="false" desc="List users"/>
<configstring name="query_exists" required="false" desc="Check if an account exists"/>
<configenum name="encryption" desc="The password hashing algorithm to use">ssha
<values>
<value>aprmd5</value>
<value>crypt</value>
<value>crypt-blowfish</value>
<value>crypt-des</value>
<value>crypt-md5</value>
<value>crypt-sha256</value>
<value>crypt-sha512</value>
<value>joomla-md5</value>
<value>md5-base64</value>
<value>md5-hex</value>
<value>mysql</value>
<value>plain</value>
<value>sha</value>
<value>smd5</value>
<value>ssha</value>
</values>
</configenum>
<configboolean name="show_encryption" desc="Prepend the password algorithm to the password value?">false</configboolean>
</configsection>
</case>
<case name="cyrsql" desc="SQL implementation for the Cyrus IMAP server">
<configsection name="params">
<configstring name="cyradmin" desc="The username of the cyrus
administrator"/>
<configstring name="cyrpass" desc="The password for the cyrus
administrator"/>
<configstring name="cyrhost" desc="The hostname or IP address of the
server">localhost</configstring>
<configinteger name="cyrport" desc="The server port to which we will
connect. IMAP is generally 143, while IMAP-SSL is generally
993.">143</configinteger>
<configenum name="secure" desc="The encryption to use to connect to
the IMAP server.">none
<values>
<value>none</value>
<value>tls</value>
<value>ssl</value>
</values>
</configenum>
<configenum name="phptype" desc="The name of the database">mysql
<values>
<value desc="MySQL">mysql</value>
<value desc="ODBC">odbc</value>
<value desc="PostgreSQL">pgsql</value>
</values>
</configenum>
<configswitch name="protocol" desc="What protocol will we use to connect
to the database?">unix
<case name="unix" desc="UNIX Sockets">
<configstring name="socket" required="false" desc="Location of UNIX
socket"></configstring>
</case>
<case name="tcp" desc="TCP/IP">
<configinteger name="port" required="false" desc="Port the DB is
running on, if non-standard">5432</configinteger>
</case>
</configswitch>
<configstring name="hostspec" desc="What hostname is the database server
running on, or what is the name of the system DSN to use?">
localhost</configstring>
<configstring name="username" desc="What username do we authenticate to
the database server as?">horde</configstring>
<configstring name="password" required="false" desc="What password do we
authenticate to the database server with?"/>
<configstring name="database" desc="What database name/tablespace are we
using?">horde</configstring>
<configstring name="table" desc="The name of the auth table in the
database">horde_users</configstring>
<configstring name="username_field" desc="The name of the username field
in the auth table">user_uid</configstring>
<configstring name="password_field" desc="The name of the password field
in the auth table">user_pass</configstring>
<configstring name="domain_field" desc="If set to anything other than
'none' this is used as field name where domain is
stored">none</configstring>
<configenum name="encryption" desc="The password hashing algorithm to use">ssha
<values>
<value>aprmd5</value>
<value>crypt</value>
<value>crypt-blowfish</value>
<value>crypt-des</value>
<value>crypt-md5</value>
<value>crypt-sha256</value>
<value>crypt-sha512</value>
<value>md5-base64</value>
<value>md5-hex</value>
<value>plain</value>
<value>sha</value>
<value>smd5</value>
<value>ssha</value>
</values>
</configenum>
<configlist name="folders" required="false" desc="A list of folders to
create under username"/>
<configinteger name="quota" required="false" desc="The quota (in
kilobytes) to grant on the mailbox"/>
<configstring name="userhierarchy" required="false" desc="The user
hierarchy prefix."/>
<configlist name="hidden_accounts" required="false" desc="A list of accounts to
hide from the user interface">cyrus</configlist>
</configsection>
</case>
<case name="x509" desc="X509 Client Certificates">
<configsection name="params">
<configstring name="username_field" desc="The X509 field containing the username">
SSL_CLIENT_S_DN_CN</configstring>
<configswitch name="password_source" desc="Where should Horde attempt to
find user passwords?">
<case name="none" desc="Either no passwords are needed, or the
postauthenticate hook will provide them."/>
<case name="unified" desc="A single password will be used for all
users. ONLY USE THIS IF YOU KNOW WHAT YOU ARE DOING! YOUR SYSTEM MUST
BE PROPERLY SECURED!">
<configstring name="unified_password" desc="The password to use.">
</configstring>
</case>
</configswitch>
</configsection>
</case>
</configswitch>
<configsection name="params">
<configboolean name="count_bad_logins" required="false" desc="Should Horde
count the number of bad logins?">false</configboolean>
<configboolean name="login_block" required="false" desc="Allow to block
logins for certain users?">false</configboolean>
<configinteger name="login_block_count" required="false" desc="After how
many failed logins the login should be blocked? Setting 0 disables the
feature">5</configinteger>
<configinteger name="login_block_time" required="false" desc="How many
minutes should the login be blocked? Setting 0 means permanent
blocking">5</configinteger>
</configsection>
</configsection>
<configsection name="tos">
<configheader>Terms of Service Agreement</configheader>
<configstring name="file" required="false" desc="If you want to require
users to accept certain terms before they can use the system, enter the
path of the agreement file to display here."/>
</configsection>
</configtab>
<configtab name="signup" desc="Signing Up">
<configsection name="signup">
<configheader>Sign Up Settings</configheader>
<configswitch name="allow" desc="Allow non-registered users to register and
provide a link on the login screen?">false
<case name="true" desc="Yes">
<configswitch name="driver" desc="What signup driver should we
use?">
<case name="Sql" desc="SQL Database">
<configsection name="params">
<configsql switchname="driverconfig">
<configstring name="table" required="false" desc="The name of the
signup table in the database [horde_signups]"/>
</configsql>
</configsection>
</case>
</configswitch>
<configstring name="email" desc="Specify an email address, if a message
should be send to notify about new signups, including links for approving
and denying." required="false"/>
<configboolean name="approve" desc="Admin has to approve any user
submitted registration requests? (WARNING: Setting to false would mean
that every user who signs up would have automatic access to your horde
system.)" required="false">true</configboolean>
</case>
<case name="false" desc="No" />
</configswitch>
</configsection>
</configtab>
<configtab name="log" desc="Logging">
<configsection name="log">
<configheader>Logging Settings</configheader>
<configswitch name="enabled" quote="false" desc="Should Horde log errors and
other useful information?">true
<case name="true" desc="Yes">
<configenum name="priority" desc="What level of messages should we log?
Each level logs itself and all those that come before it: ALERT would
only log alerts and emergencies, but DEBUG would log everything.">NOTICE
<values>
<value desc="EMERG">EMERG</value>
<value desc="ALERT">ALERT</value>
<value desc="CRIT">CRIT</value>
<value desc="ERR">ERR</value>
<value desc="WARN">WARNING</value>
<value desc="NOTICE">NOTICE</value>
<value desc="INFO">INFO</value>
<value desc="DEBUG">DEBUG</value>
</values>
</configenum>
<configstring name="ident" required="false" desc="What identifier should
we use in the logs?">HORDE</configstring>
<configstring name="time_format" required="false" desc="What time format
should we use in the logs? (Acceptable formats are the inputs to PHP's
date() function). Leave blank to use the default."></configstring>
<configswitch name="type" desc="What log driver should we use?">file
<case name="file" desc="File">
<configstring name="name" desc="Path to the log
file">/tmp/horde.log</configstring>
<configsection name="params">
<configboolean name="append" desc="Should new log entries be appended
to an existing log file? If this is false, new log files will
overwrite existing ones.">true</configboolean>
<configswitch name="format" required="false" desc="What format should
the log entries be in?">default
<case name="custom" desc="Custom Template">
<configstring name="template" desc="The custom logging template
to use."></configstring>
</case>
<case name="default" desc="Default" />
<case name="xml" desc="XML" />
</configswitch>
</configsection>
</case>
<case name="stream" desc="PHP Stream">
<configstring name="name" desc="A valid-PHP stream interface to use
for logging."></configstring>
<configsection name="params">
<configswitch name="format" required="false" desc="What format should
the log entries be in?">default
<case name="custom" desc="Custom Template">
<configstring name="template" desc="The custom logging template
to use."></configstring>
</case>
<case name="default" desc="Default" />
<case name="xml" desc="XML" />
</configswitch>
</configsection>
</case>
<case name="syslog" desc="Syslog">
<configphp name="name" quote="false" desc="Syslog facility to use"/>
</case>
</configswitch>
</case>
<case name="false" desc="No"/>
</configswitch>
</configsection>
<configboolean name="log_accesskeys" desc="Should Horde log statistics about
used access keys? This is only useful for translators of the
UI. You also need to set the log level to at least
INFO.">false</configboolean>
</configtab>
<configtab name="prefs" desc="Preferences">
<configsection name="prefs">
<configheader>Preferences Settings</configheader>
<configinteger name="maxsize" desc="The maximum size of a preferences entry
(in bytes).">65535</configinteger>
<configswitch name="driver" desc="What preferences driver should we
use?">Sql
<case name="Nosql" desc="NoSQL Database">
<configsection name="params">
<confignosql switchname="driverconfig" />
</configsection>
</case>
<case name="Sql" desc="SQL Database">
<configsection name="params">
<configsql switchname="driverconfig">
<configstring name="table" required="false" desc="The name of the
preference table in the database [horde_prefs]"/>
</configsql>
</configsection>
</case>
<case name="File" desc="Files">
<configsection name="params">
<configstring name="directory" required="true" desc="Directory to store the preferences in."/>
</configsection>
</case>
<case name="Ldap" desc="LDAP">
<configsection name="params">
<configldap switchname="driverconfig">
<configstring name="uid" desc="The username search key for finding
preferences">uid</configstring>
</configldap>
</configsection>
</case>
<case name="Session" desc="PHP Sessions"/>
<case name="KolabImap" desc="IMAP/Kolab Server" />
<case name="Imsp" desc="IMSP Server" />
</configswitch>
</configsection>
</configtab>
<configtab name="alarms" desc="Alarms">
<configsection name="alarms">
<configheader>Alarms Settings</configheader>
<configswitch name="driver" desc="What alarm storage driver should we
use?">Sql
<case name="false" desc="None"/>
<case name="Sql" desc="SQL Database">
<configsection name="params">
<configsql switchname="driverconfig">
<configstring name="table" required="false" desc="The name of the
alarm table in the database [horde_alarms]"/>
</configsql>
<configinteger name="ttl" desc="How often should the applications be
queried for new alarms, in seconds?">300</configinteger>
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="group" desc="Groups">
<configsection name="group">
<configheader>Groups Settings</configheader>
<configswitch name="driver" desc="What backend should we use for Horde
Groups?">Sql
<case name="Kolab" desc="Kolab">
<configsection name="params">
<configldap switchname="driverconfig">
<configstring name="gid" desc="The group search key">cn</configstring>
<configstring name="memberuid" desc="Group membership field">
memberUid</configstring>
<configswitch name="attrisdn" required="false" desc="Are the user member
attributes returned from LDAP expected to be fully qualified DNs?">false
<case name="false" desc="No"/>
<case name="true" desc="Yes">
<configldapuser/>
</case>
</configswitch>
<configlist name="newgroup_objectclass" desc="What objectclasses should
a new group be member of? These objectclasses should cover the mail and
gidnumber attributes as well as the group search key">
posixGroup,hordeGroup</configlist>
<configstring name="writedn" desc="DN used to bind for creating and
editing LDAP groups." required="false"/>
<configstring name="writepw" desc="Password for bind DN."
required="false"/>
<configsection name="search">
<configswitch name="filter_type" desc="How to specify a filter for the
group lists">objectclass
<case name="objectclass" desc="One or more objectclass filters">
<configlist name="objectclass" desc="The objectclass filter used to
search for groups. Can be a single objectclass or a list.">
posixGroup</configlist>
</case>
<case name="filter" desc="A complete LDAP filter expression">
<configstring name="filter" desc="The LDAP RFC formatted filter used
to search for groups."/>
</case>
</configswitch>
</configsection>
</configldap>
</configsection>
</case>
<case name="Ldap" desc="LDAP">
<configsection name="params">
<configldap switchname="driverconfig">
<configstring name="gid" desc="The group search key">cn</configstring>
<configstring name="memberuid" desc="Group membership field">
memberUid</configstring>
<configswitch name="attrisdn" required="false" desc="Are the user member
attributes returned from LDAP expected to be fully qualified DNs?">false
<case name="false" desc="No"/>
<case name="true" desc="Yes">
<configldapuser/>
</case>
</configswitch>
<configlist name="newgroup_objectclass" desc="What objectclasses should
a new group be member of? These objectclasses should cover the mail and
gidnumber attributes as well as the group search key">
posixGroup,hordeGroup</configlist>
<configstring name="writedn" desc="DN used to bind for creating and
editing LDAP groups." required="false"/>
<configstring name="writepw" desc="Password for bind DN."
required="false"/>
<configsection name="search">
<configswitch name="filter_type" desc="How to specify a filter for the
group lists">objectclass
<case name="objectclass" desc="One or more objectclass filters">
<configlist name="objectclass" desc="The objectclass filter used to
search for groups. Can be a single objectclass or a list.">
posixGroup</configlist>
</case>
<case name="filter" desc="A complete LDAP filter expression">
<configstring name="filter" desc="The LDAP RFC formatted filter used
to search for groups."/>
</case>
</configswitch>
</configsection>
</configldap>
</configsection>
</case>
<case name="Mock" desc="No Groups"/>
<case name="Sql" desc="SQL">
<configsection name="params">
<configsql switchname="driverconfig" />
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="perms" desc="Permissions">
<configsection name="perms">
<configheader>Permissions Settings</configheader>
<configswitch name="driver" desc="What backend should we use for Horde
Permissions?">Sql
<case name="Null" desc="Disable Permissions"/>
<case name="Sql" desc="SQL">
<configsql switchname="driverconfig" />
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="share" desc="Shares">
<configheader>Shares Settings</configheader>
<configdescription>Shares are objects or lists that can be shared with other
users, e.g. calendars that other users can be given read or write access
to.</configdescription>
<configsection name="share">
<configheader>Allow Sharing?</configheader>
<configboolean name="no_sharing" required="false" desc="Prevent users from
editing permissions on their shares. This will keep a user from granting
other users (or guests) access to their address book, notebook, calendar,
etc.">false</configboolean>
<configboolean name="auto_create" required="false" desc="Automatically
create personal default shares for any users that don't own any
shares?">true</configboolean>
<configboolean name="world" required="false" desc="If you enable this
option, users will be able to share their resources with all (authenticated
and guest) users on the system.">true</configboolean>
<configboolean name="any_group" required="false" desc="If you enable this
option, users will be able to share their resources with any group,
regardless of whether or not they are a member. If you disable it, users
will only be able to share their resources with groups they are members
of.">false</configboolean>
<configboolean name="hidden" required="false" desc="If you enable this
option, the shares that a user has access to will NOT be displayed
automatically, but only if the user subscribed to
them.">false</configboolean>
<configheader>Share Caching</configheader>
<configdescription>Enabling share caching improves performance because the
share backend will only be queried once per session. But it also increases
the users' session sizes, and share changes won't take effect before the
users log in the next time.</configdescription>
<configboolean name="cache" required="false" desc="Enable share
caching?">false</configboolean>
<configheader>Shares Driver</configheader>
<configdescription>
You can use different driver types for the Horde Share
system. The default driver is the SQL-NG driver.
</configdescription>
<configenum name="driver" desc="What backend should we use for Horde
Shares?">Sqlng
<values>
<value desc="IMAP/Kolab">Kolab</value>
<value desc="Next-Generation SQL">Sqlng</value>
<value desc="SQL">Sql</value>
</values>
</configenum>
</configsection>
</configtab>
<configtab name="cache" desc="Caching">
<configsection name="cache">
<configheader>Caching Settings</configheader>
<configinteger name="default_lifetime" desc="How long, in seconds, should
data be cached by default?">86400</configinteger>
<configswitch name="driver" desc="If you want to enable the Horde Cache,
select a driver here. This is used to speed up portions of Horde by storing
commonly processed objects.">File
<case name="Null" desc="Don't cache any data (NOT RECOMMENDED)"/>
<case name="Apc" desc="Use the APC cache (NOT RECOMMENDED)">
<configdescription>
APC is not recommended for general purpose caching as it is not
persistent and the size of the cached data for even a small installation
(25+ users) will likely exceed the default APC storage size.
</configdescription>
<configsection name="params">
<configstring name="prefix" required="false" desc="The prefix to use for
cache entries."/>
</configsection>
</case>
<case name="File" desc="Store data in filesystem">
<configsection name="params">
<configstring name="dir" required="false" desc="The location to store the
cached files"/>
<configinteger name="sub" required="false" desc="If non-zero, the number
of subdirectories to create to store the file (see, e.g.,
http://php.net/manual/en/ref.session.php#ini.session.save-path). When
creating the directory tree, the md5sum of the cache id will be used.
Thus, each level of the tree will have up to 16 subdirectories named
[0-9a-f].">0</configinteger>
<configstring name="prefix" required="false" desc="The filename prefix to
use for the cache files."/>
</configsection>
</case>
<case name="Hashtable" desc="Use a Distributed Hash Table server">
<configsection name="params">
<configstring name="prefix" required="false" desc="The prefix to use for
cache entries."/>
</configsection>
</case>
<case name="Nosql" desc="NoSQL-based cache storage">
<configsection name="params">
<confignosql switchname="driverconfig" />
</configsection>
</case>
<case name="Sql" desc="SQL-based cache storage (NOT RECOMMENDED)">
<configdescription>
SQL is not recommended for caching as the overhead required to
store/retreive the data cancels much of the benefit of caching.
</configdescription>
<configsection name="params">
<configsql switchname="driverconfig">
<configstring name="table" required="false" desc="The name of the
cache table in the database [horde_cache]"/>
</configsql>
</configsection>
</case>
<case name="Xcache" desc="Use the xCache cache (NOT RECOMMENDED)">
<configdescription>
xCache is not recommended for general purpose caching as it is not
persistent and the size of the cached data for even a small installation
(25+ users) will likely exceed the default xCache storage size.
</configdescription>
<configsection name="params">
<configstring name="prefix" required="false" desc="The prefix to use for
cache entries."/>
</configsection>
</case>
</configswitch>
<configswitch name="use_memorycache" required="false" desc="Use a
separate memory cache driver to store data in memory? If data is not found
in this driver, we will fall back to accessing the persistent backend. This
setting has no effect if already using a memory caching backend.">
<case name="" desc="None"/>
<case name="Apc" desc="APC"/>
<case name="Eaccelerator" desc="eAccelerator"/>
<case name="Hashtable" desc="Hashtable"/>
<case name="Xcache" desc="xCache"/>
</configswitch>
</configsection>
<configheader>CSS Caching</configheader>
<configdescription>
CSS caching packages all stylesheets used in a page into a single file
sent to the browser. It also allows compression and optimization of this
file to reduce the data size. Caching reduces server load, speeds up the
user's browsing experience, and is HIGHLY RECOMMENDED.
</configdescription>
<configswitch name="cachecss" desc="Cache CSS?">false
<case name="false" desc="No">
<configsection name="cachecssparams">
<configboolean name="url_version_param" desc="Add version information to
CSS URLs?">true</configboolean>
</configsection>
</case>
<case name="true" desc="Yes">
<configsection name="cachecssparams">
<configswitch name="driver" desc="How should we store the cached data?">
<case name="filesystem" desc="Filesystem (recommended)">
<configdescription>
For filesystem caching to work, the "static" directory in the horde
base must be writable by the user the web server is running as. If
running Horde in a cluster (or behind a single web frontend), to use
filesystem caching it is best to have every PHP backend server have
access to a shared drive that is visible and mounted to the "static"
directory on the web frontend. (NOTE: if you manually change the CSS
files, you will need to manually delete the cached CSS static files to
see the changes.)
</configdescription>
</case>
<case name="horde_cache" desc="Horde Cache">
<configdescription>
&lt;strong&gt;Requires a configured Horde caching
backend.&lt;/strong&gt; This method is STRONGLY DISCOURAGED. Browsers
will likely cache this data and ignore updates, even though we append
a "cache-busting" unique version parameter to the URL. You almost
certainly want to use 'filesystem' instead.
</configdescription>
</case>
</configswitch>
<configboolean name="filemtime" desc="Expire cache if the modification
time of a CSS file has changed? This setting is useful for development
installations. It should not be used in production environments, as it
requires a filestat of every CSS file loaded on a
page">false</configboolean>
<configinteger name="lifetime" desc="Lifetime of the cached files, in
seconds.">86400</configinteger>
</configsection>
</case>
</configswitch>
<configheader>Javascript Caching</configheader>
<configdescription>
Javascript caching packages all static javascript files used in a page into
more efficient chunks to send to the browser. It also allows compression
and optimizations of this file to reduce the data size. Caching reduces
server load, speeds up the user's browsing experience, and is HIGHLY
RECOMMENDED.
</configdescription>
<configswitch name="cachejs" desc="Cache javascript?">false
<case name="false" desc="No">
<configsection name="cachejsparams">
<configboolean name="url_version_param" desc="Add version information to
javascript URLs?">true</configboolean>
</configsection>
</case>
<case name="true" desc="Yes">
<configsection name="cachejsparams">
<configswitch name="driver" desc="How should we store the cached data?">
<case name="filesystem" desc="Filesystem (recommended)">
<configdescription>
For filesystem caching to work, the "static" directory in the horde
base must be writable by the user the web server is running as. If
running Horde in a cluster (or behind a single web frontend), to use
filesystem caching it is best to have every PHP backend server have
access to a shared drive that is visible and mounted to the "static"
directory on the web frontend.
</configdescription>
</case>
<case name="horde_cache" desc="Horde Cache">
<configdescription>
&lt;strong&gt;Requires a configured Horde caching
backend.&lt;/strong&gt; This method is STRONGLY DISCOURAGED. Browsers
will likely cache this data and ignore updates, even though we append
a "cache-busting" unique version parameter to the URL. You almost
certainly want to use 'filesystem' instead.
</configdescription>
</case>
</configswitch>
<configswitch name="compress" desc="How should we compress the cached
files?">php
<case name="none" desc="No compression" />
<case name="closure" desc="Google Closure Compiler (Best compression,
slowest speed)">
<configstring name="javapath" desc="The path to the Java
application launcher.">/opt/java/jre/bin/java</configstring>
<configstring name="closurepath" desc="The path to the Closure compiler
.jar file"></configstring>
<configstring name="cmdline" required="false" desc="Any additional
command line arguments to use."></configstring>
</case>
<case name="php" desc="Built-in compressor (Medium compression, good
speed)" />
<case name="uglifyjs" desc="UglifyJS (NodeJS compressor; good
compression, good speed)">
<configstring name="uglifyjspath" desc="The path to the uglifyjs
binary"></configstring>
<configstring name="uglifyjscmdline" desc="The command line options
to use">-c</configstring>
</case>
<case name="yui" desc="YUI Compressor (Best compression, slowest
speed)">
<configstring name="javapath" desc="The path to the Java
application launcher.">/opt/java/jre/bin/java</configstring>
<configstring name="yuipath" desc="The path to the YUI compressor
.jar file"></configstring>
<configstring name="cmdline" required="false" desc="Any additional
command line arguments to use."></configstring>
</case>
</configswitch>
<configinteger name="lifetime" desc="Lifetime of the cached files, in
seconds.">604800</configinteger>
</configsection>
</case>
</configswitch>
<configheader>Theme Caching</configheader>
<configdescription>
Theme caching optimizes display of themed elements. Caching reduces
server load (specifically by dramatically reducing filesystem access), and
is HIGHLY RECOMMENDED. &lt;strong&gt;Requires a configured Horde caching
backend.&lt;/strong&gt;
</configdescription>
<configswitch name="cachethemes" desc="Cache themes?">false
<case name="false" desc="No" />
<case name="true" desc="Yes">
<configsection name="cachethemesparams">
<configswitch name="check" desc="The method to use to check for updated
theme information.">appversion
<case name="appversion" desc="Application versions">
<configdescription>
The theme cache will be updated only when a new Horde version is
installed. This is the RECOMMENDED setting for most installations.
</configdescription>
</case>
<case name="none" desc="None">
<configdescription>
The theme cache is never checked for consistency. Once created, it
will be used until the cache entry expires.
</configdescription>
</case>
</configswitch>
<configinteger name="lifetime" desc="Lifetime of the cached files, in
seconds.">604800</configinteger>
</configsection>
</case>
</configswitch>
</configtab>
<configtab name="lock" desc="Locking">
<configsection name="lock">
<configheader>Locking Settings</configheader>
<configswitch name="driver" desc="If you want to enable resource locking
you must choose a driver here.">Sql
<case name="Null" desc="Disable Horde Locks"/>
<case name="Nosql" desc="NoSQL-based locking">
<configsection name="params">
<confignosql switchname="driverconfig" />
</configsection>
</case>
<case name="Sql" desc="SQL-based locking">
<configsection name="params">
<configsql switchname="driverconfig">
<configstring name="table" required="false" desc="The name of the
locking table in the database [horde_locks]"/>
</configsql>
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="token" desc="Tokens">
<configsection name="token">
<configheader>Tokens Settings</configheader>
<configinteger name="timeout" required="false" desc="The period (in
seconds) after which an id is purged"/>
<configswitch name="driver" desc="If you want to enable Form Tokens, select
a driver here. This is used by the Horde::Form:: API and some other parts
of Horde to ensure that a form can only be submitted once.">Sql
<case name="Null" desc="Disable Form Tokens"/>
<case name="File" desc="Local filesystem token storage">
<configsection name="params">
<configstring name="token_dir" required="false" desc="The directory where
to keep token files"/>
</configsection>
</case>
<case name="Nosql" desc="NoSQL-based token storage">
<configsection name="params">
<confignosql switchname="driverconfig" />
</configsection>
</case>
<case name="Sql" desc="SQL-based token storage">
<configsection name="params">
<configsql switchname="driverconfig">
<configstring name="table" required="false" desc="The name of the
tokens table in the database [horde_tokens]"/>
</configsql>
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="history" desc="History">
<configsection name="history">
<configheader>History Settings</configheader>
<configswitch name="driver" desc="If you want to enable history tracking,
select a driver here. This is required by various subsystems.">Sql
<case name="None" desc="Disable history"/>
<case name="Nosql" desc="NoSQL-based history storage">
<configsection name="params">
<confignosql switchname="driverconfig" />
</configsection>
</case>
<case name="Sql" desc="SQL-based history storage">
<configsection name="params">
<configsql switchname="driverconfig" />
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="dav" desc="DAV">
<configsection name="davstorage">
<configheader>DAV Settings</configheader>
<configswitch name="driver" desc="If you want to use CalDAV or CardDAV,
select a driver here. Please note that History system needs to be enabled
too.">Sql
<case name="Null" desc="Disable CalDAV/CardDAV support"/>
<case name="Sql" desc="SQL-based metadata storage">
<configsection name="params">
<configsql switchname="driverconfig"/>
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="mailer" desc="Mailer">
<configsection name="mailer">
<configheader>Mailer Settings</configheader>
<configswitch name="type" desc="What method should we use for sending
mail?">sendmail
<case name="null" desc="Disable mailing" />
<case name="sendmail" desc="Local sendmail binary">
<configsection name="params">
<configstring name="sendmail_path" required="false" desc="The location
of the sendmail binary on the filesystem
[/usr/sbin/sendmail]">/usr/lib/sendmail</configstring>
<configstring name="sendmail_args" required="false" desc="Any extra
parameters to pass to the sendmail or sendmail wrapper
binary">-oi</configstring>
<configstring name="sendmail_eol" required="false" desc="The end-of-line
(EOL) sequence to use when piping the message to the sendmail binary.
It is not possible to reliably auto-configure sendmail, so if your
messages are being sent incorrectly, you should adjust this value (if
blank, the system default is used)."></configstring>
</configsection>
</case>
<case name="smtp" desc="SMTP server (HIGHLY RECOMMENDED)">
<configsection name="params">
<configstring name="host" required="false" desc="The server to connect
to [localhost]"/>
<configinteger name="port" required="false" desc="The port to connect
to [25]. This is HIGHLY RECOMMENDED to be 587, the mail submission port.
(RFC 6409/STD 72; sending mail via port 25 is DEPRECATED.)"/>
<configenum name="secure" desc="The encryption to use to connect to
the SMTP server.">tls
<values>
<value>none</value>
<value>tls</value>
<value>ssl</value>
</values>
</configenum>
<configstring name="localhost" required="false" desc="The local hostname
/ domain [localhost]"/>
<configswitch name="auth" desc="Authenticate to SMTP server?">false
<case name="false" desc="No" />
<case name="true" desc="Yes">
<configdescription>SMTP Authentication requires a TLS connection.
There is no need to configure the secure connection as it is always
used by Horde.</configdescription>
<configstring name="username" required="false" desc="The master
username to use for SMTP auth. Will be used if username_auth is false
OR for unauthenticated Horde accesses."/>
<configboolean name="username_auth" required="false" desc="If
authenticated, use the Horde authentication
username?">true</configboolean>
<configstring name="password" required="false" desc="The master
password to use for SMTP auth. Will be used if password_auth is false
OR for unauthenticated Horde accesses."/>
<configboolean name="password_auth" required="false" desc="If
authenticated, use the Horde authentication
password?">true</configboolean>
</case>
</configswitch>
<configboolean name="lmtp" required="false" desc="Is this an LMTP
(Local Mail Transfer Protocol) server?">false</configboolean>
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="vfs" desc="Virtual File Storage">
<configsection name="vfs">
<configheader>Virtual File Storage Settings</configheader>
<configvfs baseconfig="true" switchname="type" default="Sql"/>
</configsection>
</configtab>
<configtab name="session" desc="Session Handler">
<configsection name="sessionhandler">
<configheader>Session Handler Settings</configheader>
<configdescription>
&lt;strong&gt;Unless you are running Horde on a PHP cluster, there is NO
reason to use any session handler backend other than Builtin (i.e. session
data stored on local filesystem).&lt;/strong&gt;
</configdescription>
<configswitch name="type" desc="What sessionhandler driver should we
use?">Builtin
<case name="Builtin" desc="Use the default PHP session handler (file-based
by default)">
<configdescription>
If you have configured a custom session extension in php.ini (such as
native memcache sessions) then you should use this option. Horde doesn't
force PHP to use the file-based session handler, so your php.ini
settings settings will be deferred to.
</configdescription>
</case>
<case name="External" desc="Use your own custom session handler">
<configsection name="params">
<configstring name="open" desc="Your open() function"/>
<configstring name="close" desc="Your close() function"/>
<configstring name="read" desc="Your read() function"/>
<configstring name="write" desc="Your write() function"/>
<configstring name="destroy" desc="Your destroy() function"/>
<configstring name="gc" desc="Your gc() function"/>
</configsection>
</case>
<case name="File" desc="Filesystem storage">
<configsection name="params">
<configstring name="path" desc="The path to save the session files
in.">/tmp/</configstring>
</configsection>
</case>
<case name="HashTable" desc="Distributed Hash Table">
<configsection name="params">
<configswitch name="track" required="false" desc="Keep track of active
session information? Tracking requires extra load to maintain.">false
<case name="false" desc="No" />
<case name="true" desc="Yes" />
</configswitch>
</configsection>
</case>
<case name="Nosql" desc="NoSQL Database">
<configsection name="params">
<confignosql switchname="driverconfig" />
</configsection>
</case>
<case name="Sql" desc="SQL Database">
<configsection name="params">
<configsql switchname="driverconfig">
<configstring name="table" required="false" desc="The name of the
preference table in the database [horde_sessionhandler]"/>
</configsql>
</configsection>
</case>
</configswitch>
<configboolean name="hashtable" desc="Use a distributed hash table to cache
session information?">false</configboolean>
</configsection>
</configtab>
<configtab name="proxy" desc="HTTP Proxy">
<configsection name="http">
<configsection name="proxy">
<configheader>HTTP Proxy Settings</configheader>
<configdescription>
If you need to use a proxy for fetching HTTP resources (feeds,
security keys, external calendars or free/busy information,
etc.), configure it here.
</configdescription>
<configstring name="proxy_host" required="false" desc="Proxy host"/>
<configinteger name="proxy_port" required="false" desc="Proxy port"/>
<configstring name="proxy_user" required="false" desc="Proxy user if
necessary"/>
<configstring name="proxy_pass" required="false" desc="Proxy password"/>
</configsection>
</configsection>
</configtab>
<configtab name="spell" desc="Spell Checker">
<configsection name="spell">
<configheader>Spell Checker Settings</configheader>
<configswitch name="driver" required="false" desc="Choose a Spell Checking
backend">
<case name="" desc="None" />
<case name="aspell" desc="aspell (command line)">
<configsection name="params">
<configstring name="path" required="false" desc="Enter the location of
the aspell binary" />
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="gnupg" desc="GnuPG">
<configsection name="gnupg">
<configheader>GnuPG Settings</configheader>
<configstring name="path" required="false" desc="If you want users to have
the option of using the GNU Privacy Guard program to decrypt/encrypt PGP
files, enter the location of the 'gpg' binary here. If this is empty this
feature will be disabled. Additional command line arguments, if needed
locally (e.g. extensions), can be added at the end of this entry."/>
<configmultienum name="keyserver" required="false" desc="The address
of the public PGP keyserver(s) to use.">pool.sks-keyservers.net
<values>
<value>pool.sks-keyservers.net</value>
<value>subkeys.pgp.net</value>
<value>pgp.mit.edu</value>
</values>
</configmultienum>
<configinteger name="timeout" required="false" desc="The timeout for
connecting to the PGP keyserver. Timeouts are not supported on all
systems.">10</configinteger>
</configsection>
</configtab>
<configtab name="openssl" desc="OpenSSL">
<configsection name="openssl">
<configheader>OpenSSL Settings</configheader>
<configstring name="cafile" required="false" desc="The location of the root
certificates bundle, e.g. /etc/ssl/certs. See
http://www.php.net/manual/en/openssl.cert.verification.php for
details."/>
<configstring name="path" required="false" desc="The location of the OpenSSL
binary on your system, e.g. /usr/bin/openssl. This program is REQUIRED to
import personal S/MIME certificate information, as there is no native PHP
function that can read pkcs12 files."/>
</configsection>
</configtab>
<configtab name="themes" desc="Themes">
<configheader>Theme Settings</configheader>
<configboolean name="nobase64_img" required="false" desc="Always send full
URLs for image data? By default, Horde will send image data within the page
itself if the browser supports it. This eliminates the need for additional
server connections to grab the image data, at the expense of slightly
larger page sizes.">false</configboolean>
</configtab>
<configtab name="image" desc="Image Manipulation">
<configsection name="image">
<configheader>Image Manipulation Settings</configheader>
<configswitch name="driver" description="What driver should we use for
manipulating images?">false
<case name="false" desc="None"/>
<case name="Imagick" desc="The PECL Imagick Library (recommended)"/>
<case name="Im" desc="Imagemagick">
<configstring name="convert" desc="Path to the 'convert' binary"/>
<configstring name="identify" desc="Path the 'identify' binary"/>
</case>
<case name="Gd" desc="The PHP GD2 extensions (not recommended)"/>
</configswitch>
</configsection>
<configsection name="exif" desc="Image Metadata">
<configheader>Image Metadata Driver Settings</configheader>
<configswitch name="driver" description="What driver should we use for
obtaining image metadata?">Bundled
<case name="Exiftool" desc="Exiftool (recommended)">
<configsection name="params">
<configstring name="exiftool" desc="Path to the exiftool binary on your
system"></configstring>
</configsection>
</case>
<case name="Php" desc="Native PHP functions" />
<case name="Bundled" desc="Bundled implementation in PHP" />
</configswitch>
</configsection>
</configtab>
<configtab name="mime" desc="MIME Detection">
<configsection name="mime">
<configheader>MIME Detection Settings</configheader>
<configstring name="magic_db" required="false" desc="Location of the MIME
magic database. This only needs to be set if PHP cannot auto-determine the
value (the output from the test script will clearly indiciate if this is
an issue)."/>
</configsection>
</configtab>
<configtab name="geoip" desc="Country Lookup">
<configsection name="geoip">
<configheader>Country Lookup Settings</configheader>
<configstring name="datafile" required="false" desc="Horde, by default, can
do Hostname -&gt; Country lookup using the top level domain (e.g. 'uk',
'de') of the hostname. However, many popular top level domains
(e.g. 'com', 'net') span more than one country. In these instances, Horde
can use the MaxMind GeoIP Hostname to Country lookup to try to determine
the correct country. To activate this functionality, the geoip PECL
extension must be installed. If that extension doesn't exist, Horde can
use a PHP only method of querying the database if the GeoIP.dat country
database is present on your local system. This file can be downloaded
free of charge from http://www.maxmind.com/download/geoip/database/. If
this database is present, specify the full path name to the database below.
If empty, the GeoIP lookup will not be performed."/>
</configsection>
</configtab>
<configtab name="timezone" desc="Timezone Lookup">
<configsection name="timezone">
<configheader>Timezone Lookup Settings</configheader>
<configstring name="location" required="false" desc="Horde may
lookup timezone information from a global timezone database, also
known as Olson database. You can enter any http://, ftp:// or
file:// location
here.">ftp://ftp.iana.org/tz/tzdata-latest.tar.gz</configstring>
</configsection>
</configtab>
<configtab name="problems" desc="Problem Reporting">
<configsection name="problems">
<configheader>Problem Reporting Settings</configheader>
<configswitch name="tickets" desc="If a ticket system with a
tickets/addTicket API method is present, should we create tickets for
problem reports instead of emailing them?">false
<case name="true" desc="Yes">
<configphp name="ticket_params" desc="Enter as a PHP array any
additional arguments for the created ticket (queue, state, priority,
etc). Example for Whups: array('queue' => 2, 'state' => 1, 'priority' => 1,
'type' => 1). You will need to look up the appropriate IDs in Whups's
database, or whatever is appropriate for the ticket system you are
using.">array()</configphp>
</case>
<case name="false" desc="No">
<configstring name="email" desc="Where should problem report emails be
sent?">webmaster@example.com</configstring>
<configstring name="maildomain" desc="If Horde cannot determine a user's
email address, this domain will be appended to their
username.">example.com</configstring>
<configstring name="username" required="false" desc="If requiring SMTP
authentication without a global SMTP user (in section &quot;Mailer&quot;
and allowing problem reporting for not authenticated users (in section
&quot;Menu Settings&quot;), what username should be use for SMTP
authentication?"/>
<configstring name="password" required="false" desc="The password to use"/>
</case>
</configswitch>
<configboolean name="attachments" required="false" desc="Allow users to
upload file attachments to the problem report?">true</configboolean>
</configsection>
</configtab>
<configtab name="menu" desc="Menu">
<configheader>Menu Settings</configheader>
<configsection name="menu">
<configsection name="links">
<configenum name="help" desc="Should we display help links in the
menu?">all
<values>
<value desc="All users">all</value>
<value desc="Authenticated users">authenticated</value>
<value desc="Never">never</value>
</values>
</configenum>
<configenum name="prefs" desc="Should we display preferences links in the
menu? You still need to configure a preference backend in the
&quot;Preferences&quot; section.">authenticated
<values>
<value desc="All users">all</value>
<value desc="Authenticated users">authenticated</value>
<value desc="Never">never</value>
</values>
</configenum>
<configenum name="problem" desc="Should we display problem reporting links
in the menu?">all
<values>
<value desc="All users">all</value>
<value desc="Authenticated users">authenticated</value>
<value desc="Never">never</value>
</values>
</configenum>
<configenum name="login" desc="Should we display a login link in the menu
when not logged in?">all
<values>
<value desc="All users">all</value>
<value desc="Never">never</value>
</values>
</configenum>
<configenum name="logout" desc="Should we display a logout link in the
menu when logged in?">authenticated
<values>
<value desc="Authenticated users">authenticated</value>
<value desc="Never">never</value>
</values>
</configenum>
<configenum name="login" desc="Should we display a login link in the menu
when not logged in?">all
<values>
<value desc="All users">all</value>
<value desc="Never">never</value>
</values>
</configenum>
<configenum name="logout" desc="Should we display a logout link in the
menu when logged in?">authenticated
<values>
<value desc="Authenticated users">authenticated</value>
<value desc="Never">never</value>
</values>
</configenum>
</configsection>
</configsection>
</configtab>
<configtab name="block" desc="Portal Blocks">
<configsection name="portal">
<configheader>Portal Blocks Settings</configheader>
<configmultienum name="fixed_blocks" required="false" desc="Which blocks
should always be displayed in the portal?">
<values>
<configspecial application="horde" name="blocks" />
</values>
</configmultienum>
</configsection>
<configheader>Fortune Configuration</configheader>
<configsection name="fortune">
<configstring name="exec_path" required="false" desc="Path to fortune
executable, e.g. /usr/games/fortune"/>
</configsection>
<configheader>Account Info Configuration</configheader>
<configsection name="accounts">
<configswitch name="driver" desc="What driver should we use?">null
<case name="null" desc="None"/>
<case name="localhost" desc="Localhost">
<configsection name="params">
<configstring name="quota_path" desc="Path to the quota program">
/usr/bin/quota</configstring>
<configstring name="grep_path" desc="Path to the grep program">
/bin/grep</configstring>
<configboolean name="translateMountPoint" desc="Should we translate home
directories to mount point device names?">false</configboolean>
<configstring name="translationTable" desc="File to translate directory
names to mount point device names?">/etc/mtab</configstring>
</configsection>
</case>
<case name="finger" desc="Finger">
<configsection name="params">
<configstring name="finger_path" desc="Path to the finger
program">/usr/bin/finger</configstring>
<configstring name="host" desc="Host to request finger information
from" required="false"/>
</configsection>
</case>
<case name="ldap" desc="LDAP">
<configsection name="params">
<configldap switchname="driverconfig">
<configstring name="attr" desc="LDAP attribute to search on">
uid</configstring>
<configboolean name="strip" desc="Strip domain from user
name?">false</configboolean>
</configldap>
</configsection>
</case>
<case name="kolab" desc="Kolab (LDAP)">
<configsection name="params">
<configdescription>This will use the parameters set in the Kolab
Groupware Server tab. You must enable Kolab integration for this to
work.</configdescription>
<configstring name="attr" desc="LDAP attribute to search
on">uid</configstring>
<configboolean name="strip" desc="Strip domain from user
name?">false</configboolean>
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="user" desc="User Capabilities and Constraints">
<configsection name="user">
<configheader>User Capabilities and Constraints</configheader>
<configboolean name="verify_from_addr" desc="If users are adding new From:
addresses to their identities, should we send them a confirmation message
to verify that the email address is really theirs?">false</configboolean>
<configswitch name="select_view" desc="Allow user to select the application
view mode on login?">true
<case name="true" desc="Yes"/>
<case name="false" desc="No">
<configenum name="force_view" desc="Force an application view to be used
for all users?">
<values>
<value desc="None (use user's browser and application
preferences)"></value>
<value desc="Basic">basic</value>
<value desc="Dynamic">dynamic</value>
<value desc="Mobile">mobile</value>
<value desc="Smartphone">smartmobile</value>
</values>
</configenum>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="api" desc="API Keys">
<configsection name="api">
<configheader>API Keys Settings</configheader>
<configstring name="googlemaps" desc="Google Maps API Key"
required="false"/>
<configstring name="googlesafebrowsing" desc="Google Safe Browsing API Key"
required="false"/>
<configstring name="googlesearch" desc="Google AJAX Search API Key"
required="false"/>
<configstring name="bing" desc="Bing Maps API Key" required="false" />
</configsection>
<configsection name="facebook">
<configheader>Facebook Integration Settings</configheader>
<configdescription>If you want to allow your users to interact with their
Facebook profiles, and you've set up the necessary settings on Facebook, you
can enter the key and secret here. See
http://wiki.horde.org/Doc/Admin/Config/Horde/Facebook for
details.</configdescription>
<configswitch name="enabled">false
<case name="false" desc="Disabled" />
<case name="true" desc="Enabled">
<configstring name="id" desc="Application API ID"></configstring>
<configstring name="secret" desc="Application Secret"></configstring>
</case>
</configswitch>
</configsection>
<configsection name="twitter">
<configheader>Twitter Integration Settings</configheader>
<configdescription>If you want to allow your users to interact with their
Twitter account, enable this section. You must setup an application on
Twitter and obtain the OAuth secret and key from Twitter. See
http://wiki.horde.org/Doc/Admin/Config/Horde/Twitter for details.
</configdescription>
<configswitch name="enabled">false
<case name="false" desc="Disabled" />
<case name="true" desc="Enabled">
<configstring name="key" required="false" desc="OAuth Consumer Key:"></configstring>
<configstring name="secret" required="false" desc="OAuth Consumer Secret:"></configstring>
</case>
</configswitch>
</configsection>
<configheader>Url Shortening</configheader>
<configenum name="urlshortener" desc="Should Horde use a URL shortening
service? This will be used when submitting URLs to social network providers.">
<values>
<value desc="None">false</value>
<value desc="TinyUrl">TinyUrl</value>
</values>
</configenum>
<configsection name="weather">
<configheader>Weather Services</configheader>
<configdescription>If you want to provide weather information to your users
you must select a provider and provide your API keys.</configdescription>
<configswitch name="provider">false
<case name="false" desc="None" />
<case name="WeatherUnderground" desc="Weather Underground - Recommended, but relatively low daily limits for free accounts.">
<configsection name="params">
<configstring name="key" desc="API Key. For information on registration and obtaining an API
key for this driver, see http://www.wunderground.com/weather/api/.">
</configstring>
<configinteger name="lifetime" desc="Lifetime of the cached weather information, in seconds.">21600
</configinteger>
</configsection>
</case>
<case name="Wwo" desc="World Weather Online API. Free, requires registration.">
<configsection name="params">
<configstring name="key" desc="API Key. For information on registration
and obtaining an API key for this driver, see
http://worldweatheronline.com"></configstring>
<configenum name="apiversion" desc="Select the API version to use.
See your WWO registration details if you are not sure which to choose.">1
<values>
<value>1</value>
<value>2</value>
</values>
</configenum>
<configinteger name="lifetime" desc="Lifetime of the cached weather information, in seconds.">21600
</configinteger>
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="imap" desc="IMAP Server">
<configsection name="imap">
<configheader>IMAP Server Settings</configheader>
<configdescription>
If you intend to store user data like shares and groupware data on an IMAP
server then you will need to ensure that the following fields correspond to
your IMAP server setup. The IMAP groupware storage will use version 2 of
the Kolab XML format. See http://wiki.kolab.org/Kolab_Format_Intro for
details.
</configdescription>
<configswitch name="enabled" quote="false" desc="Use an IMAP server?">false
<case name="false" desc="Disabled" />
<case name="true" desc="Enabled">
<configheader>IMAP Server Settings</configheader>
<configstring name="server" desc="Server
address">localhost</configstring>
<configinteger name="port" desc="Server port">143</configinteger>
<configenum name="secure" desc="The encryption to use to connect to the
IMAP server.">tls
<values>
<value>none</value>
<value>tls</value>
<value>ssl</value>
</values>
</configenum>
<configstring name="maildomain" desc="Default
maildomain">example.com</configstring>
<configboolean name="cache_folders" desc="Cache IMAP folders?"
required="true">true</configboolean>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="imsp" desc="IMSP Server">
<configsection name="imsp">
<configheader>IMSP Server Settings</configheader>
<configdescription>If you plan to use any of Horde's IMSP server support,
enable this option and configure the server settings below. Note that you
must still configure/enable specific IMSP support in the appropriate
section.</configdescription>
<configswitch name="enabled">false
<case name="false" desc="Disabled" />
<case name="true" desc="Enabled">
<configheader>IMSP Server Settings</configheader>
<configstring name="server" desc="Server Address:">localhost</configstring>
<configstring name="port" desc="Server port:">406</configstring>
<configswitch name="auth_method" desc="The authentication method to
use">Plaintext
<case name="Plaintext" desc="Plaintext" />
<case name="CramMd5" desc="CRAM-MD5" />
<case name="Imtest" desc="Cyrus imtest">
<configstring name="socket" desc="Path to the directory that will hold
the socket. (The socket will be named 'imsp_username.sck').">
/tmp/</configstring>
<configstring name="command" desc="Path to imtest binary">
/cyrus/usr/cyrus/bin/imtest</configstring>
<configenum name="auth_mechanism" description="What authentication
method do you want to use with the imtest utility?">
<values>
<value desc="Plaintext (LOGIN)">LOGIN</value>
<value desc="GSSAPI">gssapi</value>
</values>
</configenum>
</case>
</configswitch>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="kolab" desc="Kolab Server">
<configsection name="kolab">
<configheader>Kolab Server Settings</configheader>
<configdescription>
&lt;strong&gt;*** IF YOU HAVE NO IDEA WHAT KOLAB IS THEN YOU CAN SAFELY
IGNORE THIS TAB ***&lt;/strong&gt;&lt;br /&gt;
Kolab is in no way required for normal Horde usage. If, however, you
intend to use Horde as a webclient for Kolab then you will need to ensure
that the following fields correspond to those required by your Kolab
installation. You can find some of the required values in the
&lt;code&gt; $KOLAB_ROOT/etc/kolab/kolab.conf&lt;/code&gt; configuration
file. Please note that the old iCal/vCard storage format has been dropped
in favour of the new XML storage format &amp;amp; IMAP folder annotations;
subsequently the Horde Kolab modules will only work with version 2 of the
Kolab server.&lt;br /&gt;
If you would like to find out more about Kolab then please visit the Kolab
community website at http://www.kolab.org/
</configdescription>
<configswitch name="enabled" quote="false" desc="Horde/Kolab integration
status">false
<case name="false" desc="Disabled" />
<case name="true" desc="Enabled">
<configheader>Kolab LDAP Server Settings</configheader>
<configsection name="ldap">
<configstring name="server" desc="Server
address:">localhost</configstring>
<configinteger name="port" desc="Server port:">389</configinteger>
<configstring name="basedn" desc="Base
DN:">dc=example,dc=com</configstring>
<configstring name="phpdn" desc="Search
DN:">cn=nobody,cn=internal,dc=example,dc=com</configstring>
<configstring name="phppw" desc="Search Password:"/>
</configsection>
<configheader>Kolab Cyrus IMAP Server Settings</configheader>
<configsection name="imap">
<configstring name="server" desc="Server
address:">localhost</configstring>
<configinteger name="port" desc="Server port:">143</configinteger>
<configinteger name="sieveport" desc="Sieve port:">2000</configinteger>
<configstring name="maildomain" desc="Default
maildomain:">example.com</configstring>
<configboolean name="cache_folders" desc="Cache IMAP folders:"
required="true">true</configboolean>
</configsection>
<configheader>Kolab SMTP Server Settings</configheader>
<configsection name="smtp">
<configstring name="server" desc="Server
address:">localhost</configstring>
<configinteger name="port" desc="Server port:">25</configinteger>
</configsection>
<configheader>Kolab Free/Busy Application Settings</configheader>
<configsection name="freebusy">
<configdescription>
Enter the leading part of the URL to the Kolab Free/Busy
application here. This will usually be
"https://localhost/freebusy" but if you installed it so that
you reach the application at "https://freebusy.example.org"
then you would enter "https://freebusy.example.org". The URL
"https://freebusy.example.org/freebusy" would thus need the
setting "https://freebusy.example.org/freebusy".
</configdescription>
<configstring name="server" desc="Application
address:">https://localhost/freebusy</configstring>
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="hashtable" desc="Distributed Hash Table">
<configsection name="hashtable">
<configdescription>A distributed hash table is a way of sharing data across
multiple servers by associating a piece of data with a static key. It is
useful for cache-like operations, since it is usually much faster to set and
retrieve the data from the hash table than the underlying data storage
driver.</configdescription>
<configswitch name="driver" desc="What backend should we use for the
distributed hash table?">none
<case name="none" desc="None" />
<case name="Memcache" desc="Memcache Server">
<configsection name="params">
<configlist name="hostspec" required="false" desc="What hostname(s) is
the memcache server(s) running on, or what is the name of the system
DSN(s)? Specify multiple servers by separating with
commas.">localhost</configlist>
<configlist name="port" required="false" desc="Port(s) the memcache
server(s) are running on. If more than one host is used, specify ports
for respective servers, separated by commas.">11211</configlist>
<configlist name="weight" required="false" desc="The weight to give each
memcache server. If more than one host is used, specify weights
for respective servers, separated by commas."></configlist>
<configboolean name="persistent" required="false" desc="Enable
persistent connections to server(s).">false</configboolean>
<configswitch name="compression" quote="false" desc="Enable compression
when storing entries on server.">false
<case name="false" desc="No" />
<case name="true" desc="Yes">
<configinteger name="c_threshold" required="false" desc="The threshold
length before compressing data.">0</configinteger>
</case>
</configswitch>
<configphp name="prefix" required="false" desc="Prefix to use for the
memcache keys. PHP expressions are allowed."></configphp>
<configphp name="large_items" required="false" desc="Memcache natively
supports data of limited length only (default: 1 MB). If this option is
true, Horde will transparently work around this
limitation.">true</configphp>
</configsection>
</case>
<case name="Predis" desc="Redis Server">
<configsection name="params">
<configswitch name="protocol" desc="Protocol used to connect to the
Redis server?">tcp
<case name="unix" desc="UNIX Sockets">
<configstring name="socket" required="true" desc="Location of UNIX
socket"/>
</case>
<case name="tcp" desc="TCP/IP">
<configlist name="hostspec" required="false" desc="Hostname(s) the
Redis server(s) are running on, or the name of the system DSN(s).
Specify multiple servers by separating with
commas.">localhost</configlist>
<configlist name="port" required="false" desc="Port(s) the Redis
server(s) are running on. If more than one host is used, specify ports
for respective servers, separated by commas.">6379</configlist>
<configswitch name="replication" desc="Replication Protocol">none
<case name="none" desc="None" />
<case name="sentinel" desc="Sentinel">
<configstring name="service" required="true" desc="Name of the Service">mymaster</configstring>
</case>
</configswitch>
</case>
</configswitch>
<configstring name="password" required="false" desc="Password to
authenticate to the Redis server with."/>
<configboolean name="persistent" required="false" desc="Enable
persistent connections to Redis server(s)?">false</configboolean>
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
<configtab name="activesync" desc="ActiveSync">
<configsection name="activesync">
<configdescription>The use of ActiveSync in the United States is PROHIBITED
due to patent issues. If you are NOT in the United States, or you have a
license to use ActiveSync, you may enable ActiveSync below and create an
alias on your webserver to redirect /Microsoft-Server-ActiveSync to
/horde/rpc.php. See http://wiki.horde.org/ActiveSync for more
information. Please note that History system needs to be enabled too.
</configdescription>
<configswitch name="enabled" quote="false" desc="Enable ActiveSync server?">false
<case name="false" desc="Disabled" />
<case name="true" desc="Enabled">
<configheader>Storage</configheader>
<configdescription>ActiveSync needs to store information about device
properties and state data such as syncronization keys and hierarchy data.
Choose the storage backend to use.</configdescription>
<configswitch name="storage">Sql
<case name="Nosql" desc="NoSQL Database">
<configsection name="params">
<confignosql switchname="driverconfig" />
</configsection>
</case>
<case name="Sql" desc="SQL Database">
<configsection name="params">
<configsql switchname="driverconfig" />
</configsection>
</case>
</configswitch>
<configheader>Capabilities</configheader>
<configboolean name="emailsync" desc="Enable Email support?">true
</configboolean>
<configenum name="version" desc="What is the highest version of EAS that
Horde should support? All versions are backwards compatible so selecting
a higher version also includes support for the lower versions as well. Set
to EAS 14.1 unless you have a good reason not to.">14.1
<values>
<value desc="Exchange 2003 (EAS 2.5)">2.5</value>
<value desc="Exchange 2007 (EAS 12.0)">12</value>
<value desc="Exchange 2007sp1 (EAS 12.1)">12.1</value>
<value desc="Exchange 2010sp1 (EAS 14.0)">14</value>
<value desc="Exchange 2010sp2 (EAS 14.1)">14.1</value>
</values>
</configenum>
<configheader>Authentication</configheader>
<configdescription>ActiveSync can be configured to authenticate against
Horde using either HTTP Basic authentication, X509 client certificates, or
both. HTTP Basic will authenticate the credentials passed from the client
against the configured Horde authentication backend. If client certificates
are used you will need to properly configure your webserver for this as
well as provide some mechanism for using hordeauth with the IMAP server.
See http://wiki.horde.org/ActiveSync for more details on client certificate
authentication. If selecting both basic and client certificates, make sure
you are not already using client certificate authentication in Horde; if
client certificates are used for general Horde authentication then they
must be used here as well. If unsure, select Basic. </configdescription>
<configsection name="auth">
<configswitch name="type" desc="Select the authentication methods that
should be supported.">basic
<case name="basic" desc="HTTP Basic"/>
<case name="cert" desc="Client Certificates">
<configsection name="params">
<configstring name="username_field" desc="The X509 field containing the username">
SSL_CLIENT_S_DN_CN</configstring>
<configswitch name="password_source" desc="Where should Horde attempt to
find user passwords?">
<case name="none" desc="Either no passwords are needed, or the
postauthenticate hook will provide them."/>
<case name="unified" desc="A single password will be used for all
users. ONLY USE THIS IF YOU KNOW WHAT YOU ARE DOING! YOUR SYSTEM MUST
BE PROPERLY SECURED!">
<configstring name="password" desc="The password to use.">
</configstring>
</case>
</configswitch>
</configsection>
</case>
<case name="basic_cert" desc="HTTP Basic with Client Certificates">
<configsection name="params">
<configstring name="username_field" desc="The X509 field containing the username">
SSL_CLIENT_S_DN_CN</configstring>
<configswitch name="password_source" desc="Where should Horde attempt to
find user passwords?">
<case name="none" desc="Either no passwords are needed, or the
postauthenticate hook will provide them."/>
<case name="unified" desc="A single password will be used for all
users. ONLY USE THIS IF YOU KNOW WHAT YOU ARE DOING! YOUR SYSTEM MUST
BE PROPERLY SECURED!">
<configstring name="password" desc="The password to use.">
</configstring>
</case>
</configswitch>
</configsection>
</case>
</configswitch>
</configsection>
<configheader>Autodiscovery</configheader>
<configenum name="autodiscovery" desc="Some devices attempt to use an
Autodiscovery service to configure the device's account using only the
user's email address and password. For this to work you must create an
alias on your webserver to point /autodiscover/autodiscover.xml to
/horde/rpc.php. Also, Horde must be able to determine the user's username
given the email address. Set the method you want Horde to use to attempt to
determine this below. If this fails, the device will fall back to requiring
manual account configuration. See http://wiki.horde.org/ActiveSync for more
information">
<values>
<value desc="Use the full email address as the username">full</value>
<value desc="Use only the username - everything after and including the
first @ will be stripped.">user</value>
<value desc="Use a custom hook. You must create this hook in the
hooks.php file.">hook</value>
</values>
</configenum>
<configswitch name="outlookdiscovery" desc="Horde can answer Autodiscover
requests from Microsoft Outlook clients to send configuration information
for things like IMAP/POP3/SMTP servers. Should this be enabled? NOTE: This
does not enable syncing between Horde and Microsoft Outlook!">
<case name="false" desc="No" />
<case name="true" desc="Yes">
<configsection name="hosts">
<configsection name="imap">
<configstring name="host" desc="IMAP host" required="false"></configstring>
<configinteger name="port" desc="IMAP port" required="false"></configinteger>
<configboolean name="ssl" desc="Use SSL?" />
</configsection>
<configsection name="pop">
<configstring name="host" desc="POP3 host" required="false"></configstring>
<configinteger name="port" desc="POP3 port" required="false"></configinteger>
<configboolean name="ssl" desc="Use SSL?" />
</configsection>
<configsection name="smtp">
<configstring name="host" desc="SMTP host"></configstring>
<configinteger name="port" desc="SMTP port" required="false"></configinteger>
<configboolean name="popauth" desc="Require Pop Auth?" required="false" />
<configboolean name="ssl" desc="Use SSL?" />
</configsection>
</configsection>
</case>
</configswitch>
<configheader>Logging</configheader>
<configsection name="logging">
<configswitch name="type" desc="For debugging, it may be useful have a log
of the Wbxml stream along with some other activesync-related data. If you
want to do this, set this to either Per Device or Single File and enter
the appropriate path. If detailed debug logging is not needed, set this to
None.">false
<case name="false" desc="None" />
<case name="perdevice" desc="Per Device">
<configstring name="path" desc="Path to custom log directory." />
<configenum name="level" desc="Should Horde include all the raw data
in the Wbxml log stream? If set to Detailed, the entire raw content
is logged. If set to Protocol, all protocol level detail is included,
but any Wbxml tag content over 50 bytes is logged only as the size of
the data." required="false">protocol
<values>
<value desc="Protocol">2</value>
<value desc="Detailed">1</value>
</values>
</configenum>
</case>
<case name="onefile" desc="Single file">
<configstring name="path" desc="Log file name." />
</case>
</configswitch>
</configsection>
<configsection name="ping">
<configheader>Ping Settings</configheader>
<configdescription>The Heartbeat Interval specifies the length of time, in
seconds, that the server SHOULD wait before notifying the client of
changes in a folder on the server. These settings allow you to indicate
the allowable range for this setting. Note that not all clients will
request this information. NOTE: Some Android devices do not implement this
correctly. If you plan on synching Android devices, you should make sure
that this range is wide enough to allow Android's default of 470 seconds.
</configdescription>
<configswitch name="deviceping" desc="Allow devices to manage the
heartbeat or force Horde to use a specific heartbeat for every
device?">true
<case name="true" desc="Device managed heartbeat">
<configinteger name="heartbeatmin" desc="The minimum number of seconds
to wait before sending results. This value must be greater then zero.">
60</configinteger>
<configinteger name="heartbeatmax" desc="The maximum number of seconds
to wait before sending results. Note this value must not be greater then
3540 (59 minutes).">2700</configinteger>
<configinteger name="heartbeatdefault" desc="If the client does not
request a heartbeat interval, this interval will be used by default.">
480</configinteger>
</case>
<case name="false" desc="Forced heartbeat">
<configinteger name="forcedheartbeat" desc="The number of seconds to
force the server to wait before sending PING results.">60
</configinteger>
</case>
</configswitch>
<configinteger name="waitinterval" desc="How many seconds should elapse
between checks for changes? Increasing this value will cause the server
to wait longer between checks for changes during the heartbeat,
essentially reducing the number of checks done during each heartbeat.
Lowering this value will increase the number of checks that are down
during each heartbeat.">15</configinteger>
</configsection>
</case>
</configswitch>
</configsection>
</configtab>
</configuration>
Reference in New Issue View Git Blame Copy Permalink