| commit | author | age | ||
| 48e9c1 | 1 | <?php |
| T | 2 | |
| 3 | // Password Plugin options | |
| 4 | // ----------------------- | |
| 5 | // A driver to use for password change. Default: "sql". | |
| 6 | // See README file for list of supported driver names. | |
| 7 | $rcmail_config['password_driver'] = 'sql'; | |
| 8 | ||
| 9 | // Determine whether current password is required to change password. | |
| 10 | // Default: false. | |
| 11 | $rcmail_config['password_confirm_current'] = true; | |
| 12 | ||
| 13 | // Require the new password to be a certain length. | |
| 14 | // set to blank to allow passwords of any length | |
| 15 | $rcmail_config['password_minimum_length'] = 0; | |
| 16 | ||
| 17 | // Require the new password to contain a letter and punctuation character | |
| 18 | // Change to false to remove this check. | |
| 19 | $rcmail_config['password_require_nonalpha'] = false; | |
| 20 | ||
| 21 | // Enables logging of password changes into logs/password | |
| 22 | $rcmail_config['password_log'] = false; | |
| 23 | ||
| 24 | // Comma-separated list of login exceptions for which password change | |
| 25 | // will be not available (no Password tab in Settings) | |
| 26 | $rcmail_config['password_login_exceptions'] = null; | |
| 27 | ||
| 28 | ||
| 29 | // SQL Driver options | |
| 30 | // ------------------ | |
| 31 | // PEAR database DSN for performing the query. By default | |
| 32 | // Roundcube DB settings are used. | |
| 33 | $rcmail_config['password_db_dsn'] = ''; | |
| 34 | ||
| 35 | // The SQL query used to change the password. | |
| 36 | // The query can contain the following macros that will be expanded as follows: | |
| 37 | // %p is replaced with the plaintext new password | |
| 38 | // %c is replaced with the crypt version of the new password, MD5 if available | |
| 39 | // otherwise DES. | |
| 40 | // %D is replaced with the dovecotpw-crypted version of the new password | |
| 41 | // %o is replaced with the password before the change | |
| 42 | // %n is replaced with the hashed version of the new password | |
| 43 | // %q is replaced with the hashed password before the change | |
| 44 | // %h is replaced with the imap host (from the session info) | |
| 45 | // %u is replaced with the username (from the session info) | |
| 46 | // %l is replaced with the local part of the username | |
| 47 | // (in case the username is an email address) | |
| 48 | // %d is replaced with the domain part of the username | |
| 49 | // (in case the username is an email address) | |
| 50 | // Escaping of macros is handled by this module. | |
| 51 | // Default: "SELECT update_passwd(%c, %u)" | |
| 52 | $rcmail_config['password_query'] = 'SELECT update_passwd(%c, %u)'; | |
| 53 | ||
| 54 | // By default domains in variables are using unicode. | |
| 55 | // Enable this option to use punycoded names | |
| 56 | $rcmail_config['password_idn_ascii'] = false; | |
| 57 | ||
| 58 | // Path for dovecotpw (if not in $PATH) | |
| 59 | // $rcmail_config['password_dovecotpw'] = '/usr/local/sbin/dovecotpw'; | |
| 60 | ||
| 61 | // Dovecot method (dovecotpw -s 'method') | |
| 62 | $rcmail_config['password_dovecotpw_method'] = 'CRAM-MD5'; | |
| 63 | ||
| 64 | // Enables use of password with crypt method prefix in %D, e.g. {MD5}$1$LUiMYWqx$fEkg/ggr/L6Mb2X7be4i1/ | |
| 65 | $rcmail_config['password_dovecotpw_with_method'] = false; | |
| 66 | ||
| 67 | // Using a password hash for %n and %q variables. | |
| 68 | // Determine which hashing algorithm should be used to generate | |
| 69 | // the hashed new and current password for using them within the | |
| 70 | // SQL query. Requires PHP's 'hash' extension. | |
| 71 | $rcmail_config['password_hash_algorithm'] = 'sha1'; | |
| 72 | ||
| 73 | // You can also decide whether the hash should be provided | |
| 74 | // as hex string or in base64 encoded format. | |
| 75 | $rcmail_config['password_hash_base64'] = false; | |
| 76 | ||
| 77 | ||
| 78 | // Poppassd Driver options | |
| 79 | // ----------------------- | |
| 80 | // The host which changes the password | |
| 81 | $rcmail_config['password_pop_host'] = 'localhost'; | |
| 82 | ||
| 83 | // TCP port used for poppassd connections | |
| 84 | $rcmail_config['password_pop_port'] = 106; | |
| 85 | ||
| 86 | ||
| 87 | // SASL Driver options | |
| 88 | // ------------------- | |
| 89 | // Additional arguments for the saslpasswd2 call | |
| 90 | $rcmail_config['password_saslpasswd_args'] = ''; | |
| 91 | ||
| 92 | ||
| 93 | // LDAP and LDAP_SIMPLE Driver options | |
| 94 | // ----------------------------------- | |
| 95 | // LDAP server name to connect to. | |
| 96 | // You can provide one or several hosts in an array in which case the hosts are tried from left to right. | |
| 97 | // Exemple: array('ldap1.exemple.com', 'ldap2.exemple.com'); | |
| 98 | // Default: 'localhost' | |
| 99 | $rcmail_config['password_ldap_host'] = 'localhost'; | |
| 100 | ||
| 101 | // LDAP server port to connect to | |
| 102 | // Default: '389' | |
| 103 | $rcmail_config['password_ldap_port'] = '389'; | |
| 104 | ||
| 105 | // TLS is started after connecting | |
| 106 | // Using TLS for password modification is recommanded. | |
| 107 | // Default: false | |
| 108 | $rcmail_config['password_ldap_starttls'] = false; | |
| 109 | ||
| 110 | // LDAP version | |
| 111 | // Default: '3' | |
| 112 | $rcmail_config['password_ldap_version'] = '3'; | |
| 113 | ||
| 114 | // LDAP base name (root directory) | |
| 115 | // Exemple: 'dc=exemple,dc=com' | |
| 116 | $rcmail_config['password_ldap_basedn'] = 'dc=exemple,dc=com'; | |
| 117 | ||
| 118 | // LDAP connection method | |
| 119 | // There is two connection method for changing a user's LDAP password. | |
| 120 | // 'user': use user credential (recommanded, require password_confirm_current=true) | |
| 121 | // 'admin': use admin credential (this mode require password_ldap_adminDN and password_ldap_adminPW) | |
| 122 | // Default: 'user' | |
| 123 | $rcmail_config['password_ldap_method'] = 'user'; | |
| 124 | ||
| 125 | // LDAP Admin DN | |
| 126 | // Used only in admin connection mode | |
| 127 | // Default: null | |
| 128 | $rcmail_config['password_ldap_adminDN'] = null; | |
| 129 | ||
| 130 | // LDAP Admin Password | |
| 131 | // Used only in admin connection mode | |
| 132 | // Default: null | |
| 133 | $rcmail_config['password_ldap_adminPW'] = null; | |
| 134 | ||
| 135 | // LDAP user DN mask | |
| 136 | // The user's DN is mandatory and as we only have his login, | |
| 137 | // we need to re-create his DN using a mask | |
| 138 | // '%login' will be replaced by the current roundcube user's login | |
| 139 | // '%name' will be replaced by the current roundcube user's name part | |
| 140 | // '%domain' will be replaced by the current roundcube user's domain part | |
| 141 | // '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" | |
| 142 | // Exemple: 'uid=%login,ou=people,dc=exemple,dc=com' | |
| 143 | $rcmail_config['password_ldap_userDN_mask'] = 'uid=%login,ou=people,dc=exemple,dc=com'; | |
| 144 | ||
| 145 | // LDAP search DN | |
| 146 | // The DN roundcube should bind with to find out user's DN | |
| 147 | // based on his login. Note that you should comment out the default | |
| 148 | // password_ldap_userDN_mask setting for this to take effect. | |
| 149 | // Use this if you cannot specify a general template for user DN with | |
| 150 | // password_ldap_userDN_mask. You need to perform a search based on | |
| 151 | // users login to find his DN instead. A common reason might be that | |
| 152 | // your users are placed under different ou's like engineering or | |
| 153 | // sales which cannot be derived from their login only. | |
| 154 | $rcmail_config['password_ldap_searchDN'] = 'cn=roundcube,ou=services,dc=example,dc=com'; | |
| 155 | ||
| 156 | // LDAP search password | |
| 157 | // If password_ldap_searchDN is set, the password to use for | |
| 158 | // binding to search for user's DN. Note that you should comment out the default | |
| 159 | // password_ldap_userDN_mask setting for this to take effect. | |
| 160 | // Warning: Be sure to set approperiate permissions on this file so this password | |
| 161 | // is only accesible to roundcube and don't forget to restrict roundcube's access to | |
| 162 | // your directory as much as possible using ACLs. Should this password be compromised | |
| 163 | // you want to minimize the damage. | |
| 164 | $rcmail_config['password_ldap_searchPW'] = 'secret'; | |
| 165 | ||
| 166 | // LDAP search base | |
| 167 | // If password_ldap_searchDN is set, the base to search in using the filter below. | |
| 168 | // Note that you should comment out the default password_ldap_userDN_mask setting | |
| 169 | // for this to take effect. | |
| 170 | $rcmail_config['password_ldap_search_base'] = 'ou=people,dc=example,dc=com'; | |
| 171 | ||
| 172 | // LDAP search filter | |
| 173 | // If password_ldap_searchDN is set, the filter to use when | |
| 174 | // searching for user's DN. Note that you should comment out the default | |
| 175 | // password_ldap_userDN_mask setting for this to take effect. | |
| 176 | // '%login' will be replaced by the current roundcube user's login | |
| 177 | // '%name' will be replaced by the current roundcube user's name part | |
| 178 | // '%domain' will be replaced by the current roundcube user's domain part | |
| 179 | // '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" | |
| 180 | // Example: '(uid=%login)' | |
| 181 | // Example: '(&(objectClass=posixAccount)(uid=%login))' | |
| 182 | $rcmail_config['password_ldap_search_filter'] = '(uid=%login)'; | |
| 183 | ||
| 184 | // LDAP password hash type | |
| 185 | // Standard LDAP encryption type which must be one of: crypt, | |
| 186 | // ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, or clear. | |
| 187 | // Please note that most encodage types require external libraries | |
| 188 | // to be included in your PHP installation, see function hashPassword in drivers/ldap.php for more info. | |
| 189 | // Default: 'crypt' | |
| 190 | $rcmail_config['password_ldap_encodage'] = 'crypt'; | |
| 191 | ||
| 192 | // LDAP password attribute | |
| 193 | // Name of the ldap's attribute used for storing user password | |
| 194 | // Default: 'userPassword' | |
| 195 | $rcmail_config['password_ldap_pwattr'] = 'userPassword'; | |
| 196 | ||
| 197 | // LDAP password force replace | |
| 198 | // Force LDAP replace in cases where ACL allows only replace not read | |
| 199 | // See http://pear.php.net/package/Net_LDAP2/docs/latest/Net_LDAP2/Net_LDAP2_Entry.html#methodreplace | |
| 200 | // Default: true | |
| 201 | $rcmail_config['password_ldap_force_replace'] = true; | |
| 202 | ||
| 203 | // LDAP Password Last Change Date | |
| 204 | // Some places use an attribute to store the date of the last password change | |
| 205 | // The date is meassured in "days since epoch" (an integer value) | |
| 206 | // Whenever the password is changed, the attribute will be updated if set (e.g. shadowLastChange) | |
| 207 | $rcmail_config['password_ldap_lchattr'] = ''; | |
| 208 | ||
| 209 | // LDAP Samba password attribute, e.g. sambaNTPassword | |
| 210 | // Name of the LDAP's Samba attribute used for storing user password | |
| 211 | $rcmail_config['password_ldap_samba_pwattr'] = ''; | |
| 212 | ||
| 213 | // LDAP Samba Password Last Change Date attribute, e.g. sambaPwdLastSet | |
| 214 | // Some places use an attribute to store the date of the last password change | |
| 215 | // The date is meassured in "seconds since epoch" (an integer value) | |
| 216 | // Whenever the password is changed, the attribute will be updated if set | |
| 217 | $rcmail_config['password_ldap_samba_lchattr'] = ''; | |
| 218 | ||
| 219 | ||
| 220 | // DirectAdmin Driver options | |
| 221 | // -------------------------- | |
| 222 | // The host which changes the password | |
| 223 | // Use 'ssl://host' instead of 'tcp://host' when running DirectAdmin over SSL. | |
| 224 | // The host can contain the following macros that will be expanded as follows: | |
| 225 | // %h is replaced with the imap host (from the session info) | |
| 226 | // %d is replaced with the domain part of the username (if the username is an email) | |
| 227 | $rcmail_config['password_directadmin_host'] = 'tcp://localhost'; | |
| 228 | ||
| 229 | // TCP port used for DirectAdmin connections | |
| 230 | $rcmail_config['password_directadmin_port'] = 2222; | |
| 231 | ||
| 232 | ||
| 233 | // vpopmaild Driver options | |
| 234 | // ----------------------- | |
| 235 | // The host which changes the password | |
| 236 | $rcmail_config['password_vpopmaild_host'] = 'localhost'; | |
| 237 | ||
| 238 | // TCP port used for vpopmaild connections | |
| 239 | $rcmail_config['password_vpopmaild_port'] = 89; | |
| 240 | ||
| 241 | ||
| 242 | // cPanel Driver options | |
| 243 | // -------------------------- | |
| 244 | // The cPanel Host name | |
| 245 | $rcmail_config['password_cpanel_host'] = 'host.domain.com'; | |
| 246 | ||
| 247 | // The cPanel admin username | |
| 248 | $rcmail_config['password_cpanel_username'] = 'username'; | |
| 249 | ||
| 250 | // The cPanel admin password | |
| 251 | $rcmail_config['password_cpanel_password'] = 'password'; | |
| 252 | ||
| 253 | // The cPanel port to use | |
| 254 | $rcmail_config['password_cpanel_port'] = 2082; | |
| 255 | ||
| 256 | // Using ssl for cPanel connections? | |
| 257 | $rcmail_config['password_cpanel_ssl'] = true; | |
| 258 | ||
| 259 | // The cPanel theme in use | |
| 260 | $rcmail_config['password_cpanel_theme'] = 'x'; | |
| 261 | ||
| 262 | ||
| 263 | // XIMSS (Communigate server) Driver options | |
| 264 | // ----------------------------------------- | |
| 265 | // Host name of the Communigate server | |
| 266 | $rcmail_config['password_ximss_host'] = 'mail.example.com'; | |
| 267 | ||
| 268 | // XIMSS port on Communigate server | |
| 269 | $rcmail_config['password_ximss_port'] = 11024; | |
| 270 | ||
| 271 | ||
| 272 | // chpasswd Driver options | |
| 273 | // --------------------- | |
| 274 | // Command to use | |
| 275 | $rcmail_config['password_chpasswd_cmd'] = 'sudo /usr/sbin/chpasswd 2> /dev/null'; | |
| 276 | ||
| 277 | ||
| 278 | // XMail Driver options | |
| 279 | // --------------------- | |
| 280 | $rcmail_config['xmail_host'] = 'localhost'; | |
| 281 | $rcmail_config['xmail_user'] = 'YourXmailControlUser'; | |
| 282 | $rcmail_config['xmail_pass'] = 'YourXmailControlPass'; | |
| 283 | $rcmail_config['xmail_port'] = 6017; | |
| 284 | ||
| 285 | ||
| 286 | // hMail Driver options | |
| 287 | // ----------------------- | |
| 288 | // Remote hMailServer configuration | |
| 289 | // true: HMailserver is on a remote box (php.ini: com.allow_dcom = true) | |
| 290 | // false: Hmailserver is on same box as PHP | |
| 291 | $rcmail_config['hmailserver_remote_dcom'] = false; | |
| 292 | // Windows credentials | |
| 293 | $rcmail_config['hmailserver_server'] = array( | |
| 294 | 'Server' => 'localhost', // hostname or ip address | |
| 295 | 'Username' => 'administrator', // windows username | |
| 296 | 'Password' => 'password' // windows user password | |
| 297 | ); | |
| 298 | ||
| 299 | ||
| 300 | // Virtualmin Driver options | |
| 301 | // ------------------------- | |
| 302 | // Username format: | |
| 303 | // 0: username@domain | |
| 304 | // 1: username%domain | |
| 305 | // 2: username.domain | |
| 306 | // 3: domain.username | |
| 307 | // 4: username-domain | |
| 308 | // 5: domain-username | |
| 309 | // 6: username_domain | |
| 310 | // 7: domain_username | |
| 6ffe0b | 311 | // 8: username@domain; mbox.username |
| G | 312 | $rcmail_config['password_virtualmin_format'] = 8; |
| 48e9c1 | 313 | |
| T | 314 | |
| 315 | // pw_usermod Driver options | |
| 316 | // -------------------------- | |
| 317 | // Use comma delimited exlist to disable password change for users | |
| 318 | // Add the following line to visudo to tighten security: | |
| 319 | // www ALL=NOPASSWORD: /usr/sbin/pw | |
| 320 | $rcmail_config['password_pw_usermod_cmd'] = 'sudo /usr/sbin/pw usermod -h 0 -n'; | |
| 321 | ||
| 322 | ||
| 323 | // DBMail Driver options | |
| 324 | // ------------------- | |
| 325 | // Additional arguments for the dbmail-users call | |
| 326 | $rcmail_config['password_dbmail_args'] = '-p sha512'; | |
| 327 | ||
| 328 | ||
| 329 | // Expect Driver options | |
| 330 | // --------------------- | |
| 331 | // Location of expect binary | |
| 332 | $rcmail_config['password_expect_bin'] = '/usr/bin/expect'; | |
| 333 | ||
| 334 | // Location of expect script (see helpers/passwd-expect) | |
| 335 | $rcmail_config['password_expect_script'] = ''; | |
| 336 | ||
| 337 | // Arguments for the expect script. See the helpers/passwd-expect file for details. | |
| 338 | // This is probably a good starting default: | |
| 339 | // -telent -host localhost -output /tmp/passwd.log -log /tmp/passwd.log | |
| 340 | $rcmail_config['password_expect_params'] = ''; | |
| 341 | ||
| 342 | ||
| 343 | // smb Driver options | |
| 344 | // --------------------- | |
| 345 | // Samba host (default: localhost) | |
| 346 | $rcmail_config['password_smb_host'] = 'localhost'; | |
| 347 | // Location of smbpasswd binary | |
| 348 | $rcmail_config['password_smb_cmd'] = '/usr/bin/smbpasswd'; | |
