Alternc
latest
Alternc logiel libre pour l'hébergement
roundcube.password.config.inc.php
Go to the documentation of this file.
1
<?php
2
3
// Password Plugin options
4
// -----------------------
5
// A driver to use for password change. Default: "sql".
6
// See README file for list of supported driver names.
7
$config
[
'password_driver'
] =
'sql'
;
8
9
// Determine whether current password is required to change password.
10
// Default: false.
11
$config
[
'password_confirm_current'
] =
true
;
12
13
// Require the new password to be a certain length.
14
// set to blank to allow passwords of any length
15
$config
[
'password_minimum_length'
] = 8;
16
17
// Require the new password to contain a letter and punctuation character
18
// Change to false to remove this check.
19
$config
[
'password_require_nonalpha'
] =
true
;
20
21
// Enables logging of password changes into logs/password
22
$config
[
'password_log'
] =
true
;
23
24
// Comma-separated list of login exceptions for which password change
25
// will be not available (no Password tab in Settings)
26
$config
[
'password_login_exceptions'
] = null;
27
28
// Array of hosts that support password changing. Default is NULL.
29
// Listed hosts will feature a Password option in Settings; others will not.
30
// Example:
31
//$config['password_hosts'] = array('mail.example.com', 'mail2.example.org');
32
$config
[
'password_hosts'
] = null;
33
34
// Enables saving the new password even if it matches the old password. Useful
35
// for upgrading the stored passwords after the encryption scheme has changed.
36
$config
[
'password_force_save'
] =
false
;
37
38
// Enables forcing new users to change their password at their first login.
39
$config
[
'password_force_new_user'
] =
false
;
40
41
42
// SQL Driver options
43
// ------------------
44
// PEAR database DSN for performing the query. By default
45
// Roundcube DB settings are used.
46
$config
[
'password_db_dsn'
] =
'mysql://%%roundcube-login%%:%%roundcube-password%%@%%dbhost%%/%%dbname%%'
;
47
48
// The SQL query used to change the password.
49
// The query can contain the following macros that will be expanded as follows:
50
// %p is replaced with the plaintext new password
51
// %c is replaced with the crypt version of the new password, MD5 if available
52
// otherwise DES. More hash function can be enabled using the password_crypt_hash
53
// configuration parameter.
54
// %D is replaced with the dovecotpw-crypted version of the new password
55
// %o is replaced with the password before the change
56
// %n is replaced with the hashed version of the new password
57
// %q is replaced with the hashed password before the change
58
// %h is replaced with the imap host (from the session info)
59
// %u is replaced with the username (from the session info)
60
// %l is replaced with the local part of the username
61
// (in case the username is an email address)
62
// %d is replaced with the domain part of the username
63
// (in case the username is an email address)
64
// Escaping of macros is handled by this module.
65
// Default: "SELECT update_passwd(%c, %u)"
66
$config
[
'password_query'
] =
'UPDATE address a LEFT JOIN domaines d ON d.id=a.domain_id SET a.password=%c WHERE d.domaine=%d AND address=%l'
;
67
68
// By default the crypt() function which is used to create the '%c'
69
// parameter uses the md5 algorithm. To use different algorithms
70
// you can choose between: des, md5, blowfish, sha256, sha512.
71
// Before using other hash functions than des or md5 please make sure
72
// your operating system supports the other hash functions.
73
$config
[
'password_crypt_hash'
] =
'md5'
;
74
75
// By default domains in variables are using unicode.
76
// Enable this option to use punycoded names
77
$config
[
'password_idn_ascii'
] =
false
;
78
79
// Path for dovecotpw (if not in $PATH)
80
// $config['password_dovecotpw'] = '/usr/local/sbin/dovecotpw';
81
82
// Dovecot method (dovecotpw -s 'method')
83
$config
[
'password_dovecotpw_method'
] =
'CRAM-MD5'
;
84
85
// Enables use of password with crypt method prefix in %D, e.g. {MD5}$1$LUiMYWqx$fEkg/ggr/L6Mb2X7be4i1/
86
$config
[
'password_dovecotpw_with_method'
] =
false
;
87
88
// Using a password hash for %n and %q variables.
89
// Determine which hashing algorithm should be used to generate
90
// the hashed new and current password for using them within the
91
// SQL query. Requires PHP's 'hash' extension.
92
$config
[
'password_hash_algorithm'
] =
'sha1'
;
93
94
// You can also decide whether the hash should be provided
95
// as hex string or in base64 encoded format.
96
$config
[
'password_hash_base64'
] =
false
;
97
98
// Iteration count parameter for Blowfish-based hashing algo.
99
// It must be between 4 and 31. Default: 12.
100
// Be aware, the higher the value, the longer it takes to generate the password hashes.
101
$config
[
'password_blowfish_cost'
] = 12;
102
103
104
// Poppassd Driver options
105
// -----------------------
106
// The host which changes the password
107
$config
[
'password_pop_host'
] =
'localhost'
;
108
109
// TCP port used for poppassd connections
110
$config
[
'password_pop_port'
] = 106;
111
112
113
// SASL Driver options
114
// -------------------
115
// Additional arguments for the saslpasswd2 call
116
$config
[
'password_saslpasswd_args'
] =
''
;
117
118
119
// LDAP and LDAP_SIMPLE Driver options
120
// -----------------------------------
121
// LDAP server name to connect to.
122
// You can provide one or several hosts in an array in which case the hosts are tried from left to right.
123
// Exemple: array('ldap1.exemple.com', 'ldap2.exemple.com');
124
// Default: 'localhost'
125
$config
[
'password_ldap_host'
] =
'localhost'
;
126
127
// LDAP server port to connect to
128
// Default: '389'
129
$config
[
'password_ldap_port'
] =
'389'
;
130
131
// TLS is started after connecting
132
// Using TLS for password modification is recommanded.
133
// Default: false
134
$config
[
'password_ldap_starttls'
] =
false
;
135
136
// LDAP version
137
// Default: '3'
138
$config
[
'password_ldap_version'
] =
'3'
;
139
140
// LDAP base name (root directory)
141
// Exemple: 'dc=exemple,dc=com'
142
$config
[
'password_ldap_basedn'
] =
'dc=exemple,dc=com'
;
143
144
// LDAP connection method
145
// There is two connection method for changing a user's LDAP password.
146
// 'user': use user credential (recommanded, require password_confirm_current=true)
147
// 'admin': use admin credential (this mode require password_ldap_adminDN and password_ldap_adminPW)
148
// Default: 'user'
149
$config
[
'password_ldap_method'
] =
'user'
;
150
151
// LDAP Admin DN
152
// Used only in admin connection mode
153
// Default: null
154
$config
[
'password_ldap_adminDN'
] = null;
155
156
// LDAP Admin Password
157
// Used only in admin connection mode
158
// Default: null
159
$config
[
'password_ldap_adminPW'
] = null;
160
161
// LDAP user DN mask
162
// The user's DN is mandatory and as we only have his login,
163
// we need to re-create his DN using a mask
164
// '%login' will be replaced by the current roundcube user's login
165
// '%name' will be replaced by the current roundcube user's name part
166
// '%domain' will be replaced by the current roundcube user's domain part
167
// '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
168
// Exemple: 'uid=%login,ou=people,dc=exemple,dc=com'
169
$config
[
'password_ldap_userDN_mask'
] =
'uid=%login,ou=people,dc=exemple,dc=com'
;
170
171
// LDAP search DN
172
// The DN roundcube should bind with to find out user's DN
173
// based on his login. Note that you should comment out the default
174
// password_ldap_userDN_mask setting for this to take effect.
175
// Use this if you cannot specify a general template for user DN with
176
// password_ldap_userDN_mask. You need to perform a search based on
177
// users login to find his DN instead. A common reason might be that
178
// your users are placed under different ou's like engineering or
179
// sales which cannot be derived from their login only.
180
$config
[
'password_ldap_searchDN'
] =
'cn=roundcube,ou=services,dc=example,dc=com'
;
181
182
// LDAP search password
183
// If password_ldap_searchDN is set, the password to use for
184
// binding to search for user's DN. Note that you should comment out the default
185
// password_ldap_userDN_mask setting for this to take effect.
186
// Warning: Be sure to set approperiate permissions on this file so this password
187
// is only accesible to roundcube and don't forget to restrict roundcube's access to
188
// your directory as much as possible using ACLs. Should this password be compromised
189
// you want to minimize the damage.
190
$config
[
'password_ldap_searchPW'
] =
'secret'
;
191
192
// LDAP search base
193
// If password_ldap_searchDN is set, the base to search in using the filter below.
194
// Note that you should comment out the default password_ldap_userDN_mask setting
195
// for this to take effect.
196
$config
[
'password_ldap_search_base'
] =
'ou=people,dc=example,dc=com'
;
197
198
// LDAP search filter
199
// If password_ldap_searchDN is set, the filter to use when
200
// searching for user's DN. Note that you should comment out the default
201
// password_ldap_userDN_mask setting for this to take effect.
202
// '%login' will be replaced by the current roundcube user's login
203
// '%name' will be replaced by the current roundcube user's name part
204
// '%domain' will be replaced by the current roundcube user's domain part
205
// '%dc' will be replaced by domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
206
// Example: '(uid=%login)'
207
// Example: '(&(objectClass=posixAccount)(uid=%login))'
208
$config
[
'password_ldap_search_filter'
] =
'(uid=%login)'
;
209
210
// LDAP password hash type
211
// Standard LDAP encryption type which must be one of: crypt,
212
// ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, ad, cram-md5 (dovecot style) or clear.
213
// Please note that most encodage types require external libraries
214
// to be included in your PHP installation, see function hashPassword in drivers/ldap.php for more info.
215
// Multiple password Values can be generated by concatenating encodings with a +. E.g. 'cram-md5+crypt'
216
// Default: 'crypt'.
217
$config
[
'password_ldap_encodage'
] =
'crypt'
;
218
219
// LDAP password attribute
220
// Name of the ldap's attribute used for storing user password
221
// Default: 'userPassword'
222
$config
[
'password_ldap_pwattr'
] =
'userPassword'
;
223
224
// LDAP password force replace
225
// Force LDAP replace in cases where ACL allows only replace not read
226
// See http://pear.php.net/package/Net_LDAP2/docs/latest/Net_LDAP2/Net_LDAP2_Entry.html#methodreplace
227
// Default: true
228
$config
[
'password_ldap_force_replace'
] =
true
;
229
230
// LDAP Password Last Change Date
231
// Some places use an attribute to store the date of the last password change
232
// The date is meassured in "days since epoch" (an integer value)
233
// Whenever the password is changed, the attribute will be updated if set (e.g. shadowLastChange)
234
$config
[
'password_ldap_lchattr'
] =
''
;
235
236
// LDAP Samba password attribute, e.g. sambaNTPassword
237
// Name of the LDAP's Samba attribute used for storing user password
238
$config
[
'password_ldap_samba_pwattr'
] =
''
;
239
240
// LDAP Samba Password Last Change Date attribute, e.g. sambaPwdLastSet
241
// Some places use an attribute to store the date of the last password change
242
// The date is meassured in "seconds since epoch" (an integer value)
243
// Whenever the password is changed, the attribute will be updated if set
244
$config
[
'password_ldap_samba_lchattr'
] =
''
;
245
246
247
// DirectAdmin Driver options
248
// --------------------------
249
// The host which changes the password
250
// Use 'ssl://host' instead of 'tcp://host' when running DirectAdmin over SSL.
251
// The host can contain the following macros that will be expanded as follows:
252
// %h is replaced with the imap host (from the session info)
253
// %d is replaced with the domain part of the username (if the username is an email)
254
$config
[
'password_directadmin_host'
] =
'tcp://localhost'
;
255
256
// TCP port used for DirectAdmin connections
257
$config
[
'password_directadmin_port'
] = 2222;
258
259
260
// vpopmaild Driver options
261
// -----------------------
262
// The host which changes the password
263
$config
[
'password_vpopmaild_host'
] =
'localhost'
;
264
265
// TCP port used for vpopmaild connections
266
$config
[
'password_vpopmaild_port'
] = 89;
267
268
// Timout used for the connection to vpopmaild (in seconds)
269
$config
[
'password_vpopmaild_timeout'
] = 10;
270
271
272
// cPanel Driver options
273
// --------------------------
274
// The cPanel Host name
275
$config
[
'password_cpanel_host'
] =
'host.domain.com'
;
276
277
// The cPanel admin username
278
$config
[
'password_cpanel_username'
] =
'username'
;
279
280
// The cPanel admin password
281
$config
[
'password_cpanel_password'
] =
'password'
;
282
283
// The cPanel port to use
284
$config
[
'password_cpanel_port'
] = 2087;
285
286
287
// XIMSS (Communigate server) Driver options
288
// -----------------------------------------
289
// Host name of the Communigate server
290
$config
[
'password_ximss_host'
] =
'mail.example.com'
;
291
292
// XIMSS port on Communigate server
293
$config
[
'password_ximss_port'
] = 11024;
294
295
296
// chpasswd Driver options
297
// ---------------------
298
// Command to use
299
$config
[
'password_chpasswd_cmd'
] =
'sudo /usr/sbin/chpasswd 2> /dev/null'
;
300
301
302
// XMail Driver options
303
// ---------------------
304
$config
[
'xmail_host'
] =
'localhost'
;
305
$config
[
'xmail_user'
] =
'YourXmailControlUser'
;
306
$config
[
'xmail_pass'
] =
'YourXmailControlPass'
;
307
$config
[
'xmail_port'
] = 6017;
308
309
310
// hMail Driver options
311
// -----------------------
312
// Remote hMailServer configuration
313
// true: HMailserver is on a remote box (php.ini: com.allow_dcom = true)
314
// false: Hmailserver is on same box as PHP
315
$config
[
'hmailserver_remote_dcom'
] =
false
;
316
// Windows credentials
317
$config
[
'hmailserver_server'
] = array(
318
'Server'
=>
'localhost'
,
// hostname or ip address
319
'Username'
=>
'administrator'
,
// windows username
320
'Password'
=>
'password'
// windows user password
321
);
322
323
324
// Virtualmin Driver options
325
// -------------------------
326
// Username format:
327
// 0: username@domain
328
// 1: username%domain
329
// 2: username.domain
330
// 3: domain.username
331
// 4: username-domain
332
// 5: domain-username
333
// 6: username_domain
334
// 7: domain_username
335
$config
[
'password_virtualmin_format'
] = 0;
336
337
338
// pw_usermod Driver options
339
// --------------------------
340
// Use comma delimited exlist to disable password change for users
341
// Add the following line to visudo to tighten security:
342
// www ALL=NOPASSWORD: /usr/sbin/pw
343
$config
[
'password_pw_usermod_cmd'
] =
'sudo /usr/sbin/pw usermod -h 0 -n'
;
344
345
346
// DBMail Driver options
347
// -------------------
348
// Additional arguments for the dbmail-users call
349
$config
[
'password_dbmail_args'
] =
'-p sha512'
;
350
351
352
// Expect Driver options
353
// ---------------------
354
// Location of expect binary
355
$config
[
'password_expect_bin'
] =
'/usr/bin/expect'
;
356
357
// Location of expect script (see helpers/passwd-expect)
358
$config
[
'password_expect_script'
] =
''
;
359
360
// Arguments for the expect script. See the helpers/passwd-expect file for details.
361
// This is probably a good starting default:
362
// -telent -host localhost -output /tmp/passwd.log -log /tmp/passwd.log
363
$config
[
'password_expect_params'
] =
''
;
364
365
366
// smb Driver options
367
// ---------------------
368
// Samba host (default: localhost)
369
// Supported replacement variables:
370
// %n - hostname ($_SERVER['SERVER_NAME'])
371
// %t - hostname without the first part
372
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
373
$config
[
'password_smb_host'
] =
'localhost'
;
374
// Location of smbpasswd binary
375
$config
[
'password_smb_cmd'
] =
'/usr/bin/smbpasswd'
;
376
377
// gearman driver options
378
// ---------------------
379
// Gearman host (default: localhost)
380
$config
[
'password_gearman_host'
] =
'localhost'
;
381
382
383
384
// Plesk/PPA Driver options
385
// --------------------
386
// You need to allow RCP for IP of roundcube-server in Plesk/PPA Panel
387
388
// Plesk RCP Host
389
$config
[
'password_plesk_host'
] =
'10.0.0.5'
;
390
391
// Plesk RPC Username
392
$config
[
'password_plesk_user'
] =
'admin'
;
393
394
// Plesk RPC Password
395
$config
[
'password_plesk_pass'
] =
'password'
;
396
397
// Plesk RPC Port
398
$config
[
'password_plesk_rpc_port'
] =
'8443'
;
399
400
// Plesk RPC Path
401
$config
[
'password_plesk_rpc_path'
] =
'enterprise/control/agent.php'
;
$config
$config['password_driver']
Definition:
roundcube.password.config.inc.php:7
jessie
roundcube.password.config.inc.php
Generated on Wed Jun 12 2019 12:00:08 for Alternc by
1.8.13