Chapter 5
Customizing the Configuration File
After installation and post-installation configuration, Calendar Server can be run as is. However, you can customize, or reconfigure, your installation by editing the configuration file, ics.conf.
This chapter, and the chapters that follow in Part II of this Administration Guide, contain instructions and information you can use to reconfigure your Calendar Server installation.
You can find ics.conf in the following directory:
For Solaris: /etc/opt/SUNWics5/cal/config
For Linux: /etc/opt/sun/calendar/config
|
Note
|
Do not attempt to edit the configuration file until you have completed the following tasks:
- Install or upgrade to Calendar Server 6 2005Q1.
- Run the post-installation configuration programs comm_dssetup.pl and csconfigurator.sh.
|
|
This chapter describes the following topics:
|
Note
|
Additional configuration topics are covered in other, separate chapters. They include the following topics:
|
|
Configuring the User Interface
This section discusses how to configure the two supported user interfaces:
- To Configure Calendar Express.
|
Note
|
Calendar Express is deprecated and will no longer be supported at some future point. Communications Express is the preferred user interface for Calendar Server. To use Communications Express, you must have installed it and run its configuration program.
|
|
To Configure Calendar Server for Communications Express
Communications Express requires proxy authentication and expects you to set up anonymous logins for public calendars.
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit the following ics.conf parameters as shown in Table 5-1to enable proxy authentication:
Table 5-1 ics.conf Parameters Used to Configure Proxy Authentication for Communications Express
Parameters
|
Description and Default Value
|
service.http.allowadminproxy
|
Enables administrator proxy authentication when set to “yes”. The default is “no”.
|
service.http.admins
|
Lists the user IDs with administration rights to Calendar Server. The default is “calmaster”. This can be a space separated list with multiple values. One of the values must be the value as specified in the uwconfig.properties file for calendar.wcap.adminid.
|
service.admin.calmaster. userid
|
User ID of the calmaster. This should be the same as the user ID found in the calendar.wcap.adminid parameter of the uwcconfig.properties file.
|
service.admin.calmaster.cred
|
Password for the calmaster. This should be the same as the user ID found in the calendar.wcap.passwd parameter of the uwcconfig.properties file.
|
|
Note
|
The uwcconfig.properties file is located in the comms_express_svr_base/WEB-INF/config directory, where comm_express_svr_base is the directory where Communications Express was installed.
|
|
- Edit the following parameters in the ics.conf to enable anonymous access:
Table 5-2 ics.conf Parameters Used to Enable Anonymous Access for Communications Express
Parameters
|
Description and Default Value
|
service.wcap.anonymous.allow publiccalendarwrite
|
Enables or disables allowing anonymous access users to write to public calendars. Enable access by setting the value to “yes”, which is the default.
|
service.wcap.allowpublic writablecalendars
|
Enables users to have publicly writable calendars. This is enabled by default (set to “yes”).
|
service.http.allowanonymous login
|
Enable anonymous access (login) by setting this parameter to “yes”, if necessary. The default value is “yes”.
|
service.calendarsearch.ldap
|
For security purposes with anonymous logins enabled, you might want to disable searching through the LDAP first when doing calendar searches, by setting this parameter to “no”, which is the default.
|
|
Note
|
Communications Express expects the value of the service.calendarsearch.ldap parameter to be “no”. This conflicts with instructions given for tuning your system for best performance in a DWP environment. (Your database is distributed across multiple back-ends.) See Improving Calendar Search Performance in a DWP Environment.
|
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
For instructions on configuring Communications Express, see the Sun Java System Communications Express Administration Guide.
To Configure Calendar Express
Calendar Express does not require a separate configuration step to work. However, you might want to customize your deployment by performing the following steps:
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the following parameters in the Calendar Server configuration file, ics.conf, as shown in Table 5-3:
Table 5-3 ics.conf Parameters Used to Configure Calendar Express
Parameters
|
Description and Default Value
|
ui.config.file
|
Specifies the name of an XML file in the /etc/opt/SUNWics5/cal/data directory with a set of configuration parameters that customizes the user interface. Two predefined files are included: nogroup_config.xml, which disables group scheduling, and ui_config.xml, which restores all the default values. This feature is optional; there is no default.
|
ui.allow.anyone
|
Specifies using the “Everybody” access control list. The default value is “yes”.
|
ui.allow.domain
|
Specifies using the “This Domain” access control list. The default value is “no”.
|
ui.proxyaddress.url
|
Specifies the proxy server address to prepend in an HTML UI JavaScript file. For example: https://web_portal.sesta.com. There is no default value.
|
ui.base.url
|
Specifies the base server address. For example: https://proxyserver. There is no default value.
|
ui.eventdialog.inform.enable
|
Enables or disables the Inform option when users create or edit the attendee list. The default is “no”.
|
ne.invitation.enable
|
Enables or disables notifications for invitations to events. The default is “yes”.
|
ne.cancellation.enable
|
Enables or disables notification of the cancellation of an event. The default is “yes”.
|
- Save the file.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
Configuring Calendars
To Configure User Calendars
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters as shown in Table 5-4
Table 5-4 ics.conf Parameters for Configuring User Calendars
Parameter
|
Description and Default Value
|
calstore.calendar.default. acl
|
Specifies the default access control permissions used when a user creates a calendar. The format is specified by a semicolon-separated list of access control entry (ACE) argument strings. The default is:
"@@o^a^r^g;@@o^c^wdeic^g;@^a^fs^g;@^c^^g;@^p^r^g"
For more information on the ACE format, see Calendar Access Control. To specify ACE strings for one or more calendars using the Calendar Server utilities, see cscal.
|
calstore.calendar.owner. acl
|
Specifies the default access control settings for owners of a calendar. The default is: "@@o^a^rsf^g;@@o^c^wdeic^g"
|
calstore.freebusy.include. defaultcalendar
|
Specifies whether a user's default calendar is included in user's free/busy calendar list. The default is “yes”.
|
calstore.freebusy.remove. defaultcalendar
|
Specifies whether a user's default calendar can be removed from user's free/busy calendar list. The default is “no”.
|
service.wcap.freebusy. redirecturl
|
Specifies a URL to use to search for a calendar in a different database. This is only used while migrating calendar databases. During the time that calendars are split between two different databases, you can specify a URL other than the current Calendar Server database. The system searches the Calendar Server calendar database first and if it can’t find the user, checks to see if the redirect URL is available. This feature can be turned off by passing in the redirect parameter set to 1 with the get_freebusy command.
|
calstore.subscribed.include. defaultcalendar
|
Specifies whether a user's default calendar is included in the user's subscribed calendar list. The default is “yes”.
|
service.wcap.login.calendar. publicread
|
If "yes", default user calendars are initially set to public read/private write. If no, default user calendars are initially set to private read/private write. The default is “no”.
|
user.allow.doublebook
|
Determines if a user calendar can have more than one event scheduled for the same time period:
- "no" prevents double booking.
- "yes" allows double booking, and is the default.
This parameter is used only when a user calendar is created. Thereafter, Calendar Server checks the calendar properties file (ics50calprops.db) to determine if double booking is allowed.
To change the value of the double booking calendar property, use cscal with the -k option.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure Resource Calendars
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters as shown in Table 5-5:
Table 5-5 ics.conf Parameters for Configuring Resource Calendars
Parameter
|
Description and Default Value
|
resource.allow.doublebook
|
Determines if a calendar that belongs to a resource (such as a conference room or audio visual equipment) can have more than one event scheduled for the same time slot when the calendar is created:
- "no" prevents double booking.
- "yes" allows double booking.
This parameter is used only when a resource calendar is created.
After a resource calendar is created, Calendar Server checks the calendar properties (ics50calprops.db) to determine if double booking is allowed.
If you need to change the calendar properties for a resource calendar to allow or disallow double booking, use csresource with the -k option.
|
resource.default.acl
|
Specifies the default access control permissions used when a resource calendar is created. The default is: "@@o^a^r^g;@@o^c^wdeic^g;@^a^rsf^g"
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Disable Autoprovisioning of User Calendars at Login
Autoprovisioning of user calendars is enabled by default.
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Disable autoprovisioning of user calendars upon first login editing the parameter shown in Table 5-6:
Table 5-6 ics.conf Parameters for Disabling Autoprovisioning of User Calendars
Parameter
|
Description and Default Value
|
local.autoprovision
|
Specifies whether autoprovisioning of user calendars is enabled (“yes”), or disabled (“no”). The default is “yes”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure Free-Busy Lookup
The free-busy view is used for several purposes. There are a number of ics.conf parameters that can be set to customize how the free-busy view is generated.
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Disable autoprovisioning of user calendars upon first login editing the parameter shown in Table 5-7:
Table 5-7 ics.conf Parameters to Configure Free-Busy Calendars
Parameter
|
Description and Default Value
|
service.wcap.freebusybegin
|
Specifies the offset from the current time in days for get_freebusy for beginning of the range. The default is “30”.
|
service.wcap.freebusyend
|
Specifies the offset from the current time in days for get_freebusy for end of the range. The default is “30”.
|
calstore.freebusy.include. defaultcalendar
|
Specifies whether a user's default calendar is included in user's free/busy calendar list. The default is “yes”.
|
calstore.freebusy.remove. defaultcalendar
|
Specifies whether a user's default calendar can be removed from user's free/busy calendar list. The default is “no”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
Configuring Calendar Users
This section contains instructions on configuring calendar users and includes the following topics:
To Configure Users
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the following ics.conf parameters shown inTable 5-8:
Table 5-8 ics.conf Parameters for Configuring Users
Parameters
|
Description and Default Value
|
service.wcap.allowchangepassword
|
If "yes", allow users to change their passwords. The default is “no”.
|
service.wcap.allowpublicwritable calendars
|
If "yes", allow users to have publicly writable calendars. The default is “yes”.
|
calstore.subscribed.remove. defaultcalendar
|
Specifies whether a user's default calendar can be removed from the user's subscribed calendar list. The default is “no”.
|
service.wcap.allowcreate calendars
|
If "yes", allow calendars to be created by users who do not have administrative privileges. The default is “yes”.
|
service.wcap.allowdelete calendars
|
If "yes", allow calendars to be deleted by users who do not have administrative privileges, but do have delete permission for that calendar. The default is “yes”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Set User Preferences
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the following ics.conf parameters shown in Table 5-9:
Table 5-9 ics.conf Parameters Used to Set User Preferences
Parameters
|
Description and Default Value
|
service.wcap.allowsetprefs.cn
|
If "yes", allow set_userprefs to modify the user preference "cn" (LDAP user's common name). The default is “no”.
|
service.wcap.allowsetprefs. givenname
|
If "yes", allow set_userprefs to modify the user preference "givenname" (LDAP user's given name). The default is “no”.
|
service.wcap.allowsetprefs. icsCalendar
|
If "yes", allow set_userprefs to modify the user preference “icsCalendar" (a user's default calendar identifier). The default is “no”.
|
service.wcap.allowsetprefs.mail
|
If "yes", allow set_userprefs to modify the user preference "mail" (user's e-mail address). The default is “no”.
|
service.wcap.allowsetprefs. preferredlanguage
|
If "yes", allow set_userprefs to modify the user preference "preferredlanguage" (LDAP user's preferred language). The default is “no”.
|
service.wcap.allowsetprefs.sn
|
If "yes", allow set_userprefs to modify the user preference "sn" (LDAP user's surname). The default is “no”.
|
service.wcap.userprefs. ldapproxyauth
|
If "yes", enables LDAP proxy authorization for get_userprefs. If "no", anonymous LDAP search is performed. The default is “no”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
Configuring Calendar Server
This section contains procedures for customizing server-side configuration by editing the ics.conf file, and contains the following topics:
To Configure Server Behavior
The calendar store is configured by default as shown in Table 5-10. If you wish to reconfigure the store, perform the following steps:
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the following parameters:
Table 5-10 ics.conf Parameters for Configuring Calendar Server Behavior
Parameter
|
Description and Default Value
|
calstore.calendar.create.lowercase
|
Specifies whether Calendar Server should convert a calendar ID (calid) to lowercase when creating a new calendar or when looking up a calendar using the LDAP CLD plug-in. The default is “no”.
|
calstore.default.timezoneID
|
Timezone ID to be used when importing files, and no other timezone IDs can be found for any of the following: an event, a calendar, a user.
The default is "America/New_York”
An invalid value causes the server to use the GMT (Greenwich Mean Time) timezone.
|
calstore.filterprivateevents
|
Specifies whether Calendar Server filters (recognizes) Private, and Time-and-Date-Only (confidential) events and tasks. If "no", Calendar Server treats them the same as Public events and tasks. The default is “yes”.
|
calstore.group.attendee.maxsize
|
Maximum number of attendees allowed in an LDAP group when expanding an event. Value of "0" (the default value) means to expand the group entirely.
|
calstore.recurrence.bound
|
Maximum number of events that can be created by a recurrence expansion. The default is “60”.
|
calstore.userlookup.maxsize
|
Maximum number of results returned from LDAP lookup from user search. Value of "0" means no limit. The default is “200”.
|
calstore.unqualifiedattendee. fmt1.type
|
Specifies how Calendar Server treats strings, such as jdoe or jdoe:tv, when performing a directory lookup for attendees of an event. Allowable values are: uid, cn, gid, res, mailto, cap. The default is “uid”.
|
calstore.unqualifiedattendee. fmt2.type
|
Specifies how Calendar Server treats strings with an at sign (@), such as jdoe@sesta.com, when performing a directory lookup for attendees of an event. Allowable values are: uid, cn, gid, res, mailto, cap. The default is “mailto”.
|
calstore.unqualifiedattendee. fmt3.type
|
Specifies how Calendar Server treats strings with a space, such as john doe, when performing a directory lookup for attendees of an event. Allowable values are: uid, cn, gid, res, cap. The default is “cn”.
|
service.wcap.validateowners
|
If "yes", the server must validate that each owner of a calendar exists in the directory (through LDAP or a CSAPI compatible user directory mechanism). The default is “no”.
|
service.wcap.freebusy.redirecturl
|
If the requested calendar can’t be found in the local calendar database, alternately, a URL found in this parameter can be used to redirect the search to another database. This is specifically used for scripts created when migrating between two databases and both are still being used. Then the get_freebusy.wcap command can be used to specify whether to look in the other database. See the get_freebusy command description in the Sun Java System Calendar Server 6 2005Q1 Developer’s Guide.
|
store.partition.primary.path
|
Location of primary disk partition where calendar information is stored. The default is “/var/opt/SUNWics5/csdb”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure Calendar Logging
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters shown in Table 5-11that follows:
Table 5-11 ics.conf Parameters for Configuring Calendar Logging
Parameter
|
Description and Default Value
|
logfile.admin.logname
|
This logfile contains history of the administrative tool commands issued. The default is “admin.log”.
|
logfile.buffersize
|
Size in bytes for log buffers. The default is “0”. Specify the size of each entry in the log files. If your buffers fill up too fast, consider making them larger.
|
logfile.dwp.logname
|
Name of the log file for logging Database Wire Protocol related administrative tools. The default is “dwp.log”. Specify one per front-end server.
|
logfile.expirytime
|
Number of seconds before the log files expire. The default is “604800”. After this time, a cleanup routine will purge the log. If you want to archive the log, you must write your own routine.
|
logfile.flushinterval
|
Number of seconds between the flushing of buffers to log files. the default is “60”.
If your system experiences a high volume of log information and your buffers fill up before 60 seconds, you will lose information. In that case consider decreasing this time interval. Note that decreasing the time interval increases system overhead.
|
logfile.http.logname
|
Name of the current log file for the cshttpd service. The default is “http.log”.
|
logfile.http.access. logname
|
Name of the current HTTP access log file.
|
logfile.logdir
|
Directory location of the log files. The default is "/var/opt/SUNWics5/logs".
|
logfile.loglevel
|
Determines the level of detail the server will log. Each log entry is assigned one of these levels (starting with the most severe): CRITICAL, ALERT, ERROR, WARNING, NOTICE, INFORMATION, and DEBUG. The default is “NOTICE”.
If you set to CRITICAL, Calendar Server logs the least amount of detail. If you want the server to log the most amount of detail, specify DEBUG.
Each succeeding log level also gives you all the more severe log levels before it. For example, if set to WARNING, only CRITICAL, ERROR, and WARNING level log entries are logged. If set to DEBUG, all levels are logged.
|
logfile.maxlogfiles
|
Maximum number of log files in the log directory. The default is “10”. Before the system tries to create the 11th log, it runs the clean up routine to purge old log files.
|
logfile.maxlogfilesize
|
Maximum disk space in bytes for all log files. The default is “2097152”. When creating the next log file will violate this limit, the system tries to free disk space by deleting the oldest logs.
|
logfile.minfreediskspace
|
Minimum free disk space (in bytes) that must be available for logging. When this value is reached, Calendar Server attempts to free disk space by expiring old log files. Logging is paused if space cannot be freed up. The default is “5242880”.
|
logfile.notify.logname
|
Name of the log file for the csnotifyd service. The default is “notify.log”.
|
logfile.rollovertime
|
Number of seconds before the log files are rotated. That is, the time interval between creation opening of new log files. The default is “86400”.
|
logfile.store.logname
|
Name of the log file for the calendar store. The default is “store.log”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure WCAP Commands
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the following ics.conf parameters as shown in that follows:
Table 5-12 ics.conf Parameters for Configuring WCAP Commands
Parameter
|
Description and Default Value
|
service.wcap.format
|
Specifies the default output format for commands. The default is “text/calendar”. (text/js is supported for backward compatibility.)
If you are using the Connector for Microsoft Outlook, you must use text/calendar.
|
service.wcap.version
|
WCAP version.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
Configuring Logins and Authentication
To Configure Proxy Administrator Logins
Proxy logins must be configured for Communications Express. For instructions on how to configure proxy logins for Communications Express, seeTo Configure Calendar Server for Communications Express.
To allow administrator proxy logins for Calendar Server outside Communications Express, perform these steps:
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters that follow in Table 5-13
Table 5-13 ics.conf Parameters Used to Configure Proxy Administrator Logins
Parameter
|
Description/Default
|
service.http.allowadminproxy
|
Specifies whether administrators are allowed to perform proxy logins to administer user calendars. If “yes”, proxy logins are allowed. If “no” proxy logins are not allowed. The default value is “no”.
|
:
- Restart Calendar Server for the new value to take effect.
- Verify that administrator proxy logins are working by using the following WCAP command:
http://server[:port]/login.wcap?user=admin-user
&password=admin-password&proxyauth=calendar-user
where:
- server is the name of the server where Calendar Server is running.
- port is the Calendar Server port number. The default port is 80.
- admin-user is the Calendar Server administrator. For example, calmaster.
- admin-password is the password for admin-user.
- calendar-user is the calid of the Calendar Server user.
If the command is successful, Calendar Server displays the calendar for calendar-user. If problems occur, Calendar Server displays “Unauthorized”. Causes might be:
- The admin-user does not have Calendar Server administrator privileges.
- The admin-password is incorrect.
- The calendar-user is not a valid Calendar Server user.
To Configure Authentication
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters shown in Table 5-14
Table 5-14 ics.conf Parameters For Configuring Authentication
Parameter
|
Description/Default
|
local.authldapbasedn
|
Base DN for LDAP authentication. If not specified, local.ugldapbasedn is used. If not specified, the server uses the value of local.ugldaphost.
|
local.authldaphost
|
Host for LDAP authentication. If not specified, uses the value of local.ugldaphost. The default is “localhost”.
|
local.authldapbindcred
|
Bind credentials (password) for user specified in local.authldapbinddn.
|
local.authldapbinddn
|
DN used to bind to LDAP authentication host to search for user's dn. If not specified or blank (" "), its assumed to be an anonymous bind.
|
local.authldapport
|
Port for LDAP authentication. If not specified, uses the value of local.ugldapport. The default is “389”.
|
local.authldappoolsize
|
Minimum number of LDAP client connections that are maintained for LDAP authentication. If not specified, uses the value of local.ugldappoolsize. The default is “1”.
|
local.authldapmaxpool
|
Maximum number of LDAP client connections that are maintained for LDAP authentication. If not specified, uses the value of local.ugldapmaxpool. The default is “1024”.
|
local.user.authfilter
|
Specifies the authentication filter used for user lookup. The default is “(uid=%U)”
This value is stored in the inetDomainSearchFilter attribute in the domain entry.
It is possible to filter on a different attribute. For example, you could set this parameter to “(mail=%U)”
The uid of the authenticated user is passed on to all other functions as the identity for that user, regardless of the attribute used for authentication.
|
service.plaintextloginpause
|
Number of seconds to delay after successfully authenticating a user with plain text passwords. The default is "0".
|
:
To Configure the Authentication Cache
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters as shown in Table 5-15 that follows:
Table 5-15 ics.conf Parameters for Configuring the Authentication Cache
Parameter
|
Description and Default Value
|
service.authcachesize
|
Maximum number of authenticated user IDs (UIDs) and passwords that Calendar Server will maintain in the cache. The default is “10000”.
|
service.authcachettl
|
Number of seconds since the last access before a user UID and password are removed from the cache. The default is “900”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Enable Checking the Client IP Address at Login
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit the following parameter as shown in Table 5-16:
Table 5-16 ics.conf Parameters for Enabling Checking Client IP Address
Parameter
|
Description and Default Value
|
service.dnsresolveclient
|
If "yes", when HTTP access is allowed, checks the client IP address against DNS. The default is “no”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
Configuring Calendar Services
See also, Chapter 10, "Configuring Automatic Backups (csstored)"
To Configure Administrative Services (csadmind)
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters as shown in Table 5-17:
Table 5-17 ics.conf Parameters for Configuring Admin Services (csadmind)
Parameter
|
Description and Default Value
|
service.admin.checkpoint
|
If "yes", start the csadmind database checkpoint thread. If “no”, no checkpoint log files created. The default is “yes”.
|
service.admin.dbcachesize
|
Maximum cache size (in bytes) for Berkeley Database for administration sessions. The default is “8388608”.
|
service.admin.deadlock
|
If "yes", start the csadmind database deadlock detection thread. The default is “yes”.
|
service.admin.diskusage
|
If "yes", start the csadmind low disk space monitor thread. The default is “no”. Disk usage is not monitored by default.
|
service.admin.enable
|
If "yes", start the csadmind service when starting all services and stop csadmind when stopping all services. The default is “yes”.
|
service.admin.idletimeout
|
Number of seconds before timing out an HTTP connection in csadmind. The default is “120”.
|
service.admin.maxsessions
|
Maximum number of administration sessions allowed. The default is “100”.
|
service.admin.maxthreads
|
Maximum number of running threads per administration session. The default is “10”.
|
service.admin.numprocesses
|
Maximum number of a concurrent administration processes allowed.
|
service.admin.port
**CAUTION**
|
Do NOT set this parameter yourself. It is set by the system. You can not do remote administration in Calendar Server. If you change this port number, csadmind may not start.
|
service.admin.resourcetimeout
|
Number of seconds before timing out an administration connection. The default is “900”.
|
service.admin.serverresponse
|
If "yes", start the csadmind service response thread. The default is “no”.
|
service.admin.sessiondir.path
|
Temporary directory for administration session requests. No default.
|
service.admin.sessiontimeout
|
Number of seconds before timing out an HTTP session in csadmind. The default is “1800”.
|
service.admin.sleeptime
|
Number of seconds to wait between checking for started, stopped, or ready calendar service. The default is “2”.
|
service.admin.starttime
|
Number of seconds to wait for any calendar service to start. The default is “300”.
|
service.admin.stoptime
|
Number of seconds to wait for any calendar service to stop. The default is “300”.
|
service.admin.stoptime.next
|
Number of seconds to wait between sending stop commands to any calendar service. The default is “60”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure HTTP Services (cshttpd)
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters as shown in Table 5-18:
Table 5-18 ics.conf Parameters for Configuring HTTP Services
Parameter
|
Description and Default Value
|
service.http.admins
|
Space separated list of user IDs with administration rights to this Calendar Server. The default is “calmaster”.
|
service.http. allowadminproxy
|
If "yes", allow login via proxy. The default is “no”.
|
service.http. allowanonymouslogin
|
If "yes", allow anonymous (no authentication) access. This is a special type of login that is allowed only specified, restricted access (usually read only access to public calendars). The default is “yes”.
|
service.http. calendarhostname
|
HTTP host for retrieving HTML documents. To enable users to use a fully qualified host name to access calendar data, this value must be the fully qualified host name (including the machine name, DNS domain and suffix) of the machine on which Calendar Server is running, such as mycal@sesta.com.
If not specified, the local HTTP host is used.
|
service.http.cookies
|
Tells the server to whether or to support cookies (yes/no). It must be set to "yes" to enable single sign-on. The default is “yes”.
|
service.http.dbcachesize
|
Maximum cache size of Berkeley DB for HTTP sessions. The default is “8388308”.
|
service.http. domainallowed
|
If specified and not " ", filter to allow access based on TCP domains. For example, "ALL: LOCAL.sesta.com" would allow local HTTP access to anyone in the sesta.com domain. Multiple filters are separated by CR-LF (line feed). The default is “ “.
|
service.http. domainnotallowed
|
If specified and not " ", filter to not allow access based on TCP domains. For example, "ALL: LOCAL.sesta.com" would deny HTTP access to anyone in the sesta.com domain. Multiple filters must be separated by CR-LF (line-feed). The default is “ “.
|
service.http.attachdir. path
|
Directory location relative to local.queuedir (or an absolute path if specified) where imported files are temporarily stored. The default is the current directory (“.”).
|
service.http.ipsecurity
|
If "yes", all requests that reference an existing session are verified as originating from the same IP address. The default is “yes”.
|
service.http.enable
|
If "yes", start the cshttpd service when starting all services and stop cshttpd when stopping all services. The default is “yes”.
|
service.http.idletimeout
|
Number of seconds before timing out an HTTP connection. The default is “120”.
|
service.http.listenaddr
|
Specifies the TCP address that HTTP services will listen on for client requests. The default is "INADDR_ANY", which indicates any address.
|
service.http.logaccess
|
If "yes", HTTP connections to server are fully logged. The default is “no”.
|
service.http.maxsessions
|
Maximum number of HTTP sessions in cshttpd service. The default is “5000”.
|
service.http.maxthreads
|
Maximum number of threads to service HTTP requests in cshttpd service. The default is “20”.
|
service.http.numprocesses
|
Maximum number of concurrently running HTTP service (cshttpd) processes that should run on a server. The default is “1”.
For a server that has multiple CPUs, see Using Load Balancing Across Multiple CPUs.
|
service.http.port
|
Port for HTTP requests from Calendar Server users. The default is “80”.
|
service.http. proxydomainallowed
|
If specified and not "", filter for allowing proxy login based on TCP domains. Same syntax as service.http.domainallowed. The default is ““.
|
service.http. resourcetimeout
|
Number of seconds before timing out an HTTP session. The default is “900”.
|
service.http.sessiondir. path
|
Directory for the HTTP session database. The default is “http”.
|
service.http. sessiontimeout
|
Number of seconds before timing out an HTTP session in cshttpd service. The default is “1800”.
|
service.http.sourceurl
|
Directory relative to executable where all URL references to files are stored. The default is ““ (null).
|
service.http.tmpdir
|
Temporary directory for HTTP sessions. The default is “/var/opt/SUNWics5/tmp”.
|
service.http.uidir.path
|
Directory that contains the default calendar client. If allowing only WCAP access, set to "html".
|
service.http.renderhtml
**CAUTION**
|
For Calendar Express only. Enables (“yes”) or disables (“no”) rendering contents of two specific text based fields in UI as HTML. The two fields are: Event Title and Description. The default is “no”.
Due to security concerns, be extremely cautious about enabling this feature.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure Alarm Notification
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the following ics.conf parameters as shown in that follows:
Table 5-19 ics.conf Parameters for Configuring Alarm Notification
Parameter
|
Description and Default Value
|
alarm.diskstat.msgalarmdescription
|
Description sent with insufficient disk space messages.
The default description is: “percentage calendar partition diskspace available”.
|
alarm.diskstat.msgalarmstatinterval
|
Number of seconds between monitoring disk space. The default is “3600”.
|
alarm.diskstat.msgalarmthreshold
|
Percentage of available disk space that triggers sending a warning message. The default is “10”.
|
alarm.diskstat. msgalarmthresholddirection
|
Whether alarm.diskstat.msgalarmthreshold is above or below percentage. -1 is below and 1 is above. The default is “-1”.
|
alarm.diskstat.msgalarmwarninginterval
|
Number of hours between sending warning messages about insufficient disk space. The default is “24”.
|
alarm.msgalarmnoticehost
|
The host name of the SMTP server used to send server alarms. The default is “localhost”.
|
alarm.msgalarmnoticeport
|
The SMTP port used to send server alarms.The default is “25”.
|
alarm.msgalarmnoticercpt
|
The email address to whom server alarms sent. “Postmaster@localhost”
|
alarm.msgalarmnoticesender
|
The email address used as the sender when the server sends alarms. The default is “Postmaster@localhost”
|
alarm.msgalarmnoticetemplate
|
The default format used to send email alarms:
"From: %s\nTo: %s\nSubject: ALARM: %s of \"%s\" is %u\n\n%s\n"
|
alarm.responsestat.msgalarmdescription
|
Description sent with no service response messages. The default is “calendar service not responding”.
|
alarm.responsestat. msgalarmstatinterval
|
Number of seconds between monitoring services. The default is “3600”.
|
alarm.responsestat.msgalarmthreshold
|
The default is “100” (only trigger sending a warning message if no service response.)
|
alarm.responsestat. msgalarmthresholddirection
|
Specifies whether alarm.responsestat.msgalarmthreshold is above or below percentage. -1 is below and 1 is above. The default is “-1”
|
alarm.responsestat. msgalarmwarninginterval
|
Number of hours between sending warning messages about no service response sent out. The default is “24”.
|
local.rfc822header.allow8bit
|
Allow (“y”) or not allow (“n”) 8-bit headers in email messages sent by this server.
|
service.admin.alarm
|
Enable ("yes") or disable ("no") alarm notifications for administration tools. The default is “yes”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
Configuring Calendar Server for the Berkeley Databases
To Enable Periodic Checking of Berkeley Databases for Deadlocks
It is possible for the Berkeley databases to get into a deadlocked state, thus preventing access to them. To detect this state as early as possible, enable periodic checking for deadlocks.
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters that follow in Table 5-20
Table 5-20 ics.conf Parameters for Enabling Deadlock Detection
Parameter
|
Description/Default
|
local.caldb.deadlock.autodetect
|
Periodically checks if the Berkeley database is in a deadlock state and, if so, instructs the database to reset. The default value is “no” (not enabled).
|
:
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
For information about how to reset Berkeley databases once deadlocked, see Detecting and Fixing Database Deadlocks in the Troubleshooting chapter.
To Use a Memory Based File System for the Session Database
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters that follow in Table 5-21
Table 5-21 ics.conf Parameters Used to Use a Memory Based File System for the Session Database
Parameter
|
Description/Default
|
local.instance.use.tmpfs
|
If "true", the session database is kept in volatile memory (tmpfs), which makes it faster to access but subject to being lost if the system goes down. If “false”, the session database is kept on disk, which makes it slower to access but won’t be lost in case of the system going down.
The location for the session database is found in service.http.sessiondir.path and service.admin.sessiondir.path.
|
:
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
Configuring Calendar Server for LDAP
To Configure Anonymous Access to LDAP
In general, anonymous access is allowed by default. If you want to restrict anonymous access, change the appropriate parameters.
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters that follow in Table 5-22
Table 5-22 ics.conf Parameters Used to Configure Anonymous Access to LDAP
Parameter
|
Description/Default
|
calstore.anonymous.calid
|
Specifies the anonymous login calendar identifier (calid). The default is “anonymous”.
|
service.http.allowanonymouslogin
|
Specifies whether or not anonymous access is allowed without a login. The default is “yes”. (Allows recipient of emailed calendar URL to access a free-busy version of the calendar without login in.)
|
service.wcap.anonymous.allowpublic calendarwrite
|
Specifies whether or not to allow anonymous users to write to a publicly writable calendar. The default is “yes”.
|
service.wcap.userprefs.ldapproxyauth
|
Enables anonymous search of the LDAP used for user preferences. The default is “no”, which allows anonymous access. Specifying “yes” means using proxy authentication to do the search.
|
:
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure LDAP Attendee Lookup
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters that follow in Table 5-23
Table 5-23 ics.conf Parameters Used to Configure LDAP Attendee Lookup
Parameter
|
Description/Default
|
local.lookupldap.search.minwildcardsize
|
Specifies the minimum string size for wild-card searches in an attendee lookup search. Zero (0) means always do a wild-card search.
|
local.lookupldap.user.authfilter
|
Specifies the authentication filter for user lookup. The default is: “(uid=%s)”
|
local.lookupldapbasedn
|
Specifies the DN for LDAP attendee lookup. If not specified, uses local.ugldapbsedn. No default value.
|
local.lookupldapbinddn
|
Specifies the DN to bind to the host used for LDAP attendee lookup. If not specified (default is ““), anonymous bind assumed.
|
local.lookupldapbindcred
|
Credentials (password) for user identified in local.lookupldapbinddn. No default value.
|
local.lookupldaphost
|
The host name for LDAP attendee lookup. If not specified, uses local.ugldaphost.
|
local.lookupldapmaxpool
|
Specifies the number of LDAP client connections maintained for LDAP attendee lookup. If not specified, uses local.ugldapmaxpool. The default is “1024”.
|
local.lookupldappoolsize
|
Specifies the minimum number of LDAP client connections maintained for LDAP attendee lookup. If not specified, uses local.ugldappoolsize. The default is “1”.
|
local.lookupldapport
|
Specifies the port to use for LDAP attendee lookup. If not specified, uses local.ugldapport.
|
local.lookupldapsearchattr.calid
|
Specifies the calid attribute for attendee lookup. The default is icsCalendar.
|
local.lookupldapsearchattr.mail
|
Specifies the mail attribute for attendee lookup. The default is mail.
|
local.lookupldapsearchattr. mailalternateaddress
|
Specifies the alternate mail address attribute for attendee lookup. The default is mailalternateaddress.
|
local.lookupldapsearchattr. mailequivalentaddres
|
Specifies the equivalent address mail attribute for attendee lookup. The default is mailequivalentaddress.
|
local.lookupldapsearchattr.calendar
|
Specifies the calendar attribute for attendee lookup. The default is icsCalendar.
|
local.lookupldapsearchattr.cn
|
Specifies the common name attribute for attendee lookup. The default is icsCalendar.
|
local.lookupldapsearchattr.objectclass
|
Specifies the object class attribute for attendee lookup. The default is objectclass.
|
local.lookupldapsearchattr.objectclass.caluser
|
Specifies the object class for calendar users. The default is icsCalendarUser.
|
local.lookupldapsearchattr.objectclass.calresource
|
Specifies the object class for calendar resources. The default is icsCalendarResource.
|
local.lookupldapsearchattr.objectclass.group
|
Specifies the object class for groups. The default is groupofuniquenames.
|
local.lookupldapsearchattr.objectclass.person
|
Specifies the object class for persons. The default is person.
|
local.lookupldapsearchattr.memberurl
|
Specifies the member URL attribute for attendee lookup. The default is memberurl.
|
local.lookupldapsearchattr.uniquemember
|
Specifies the unique member attribute for attendee lookup. The default is uniquemember.
|
local.lookupldapsearchattr.givenname
|
Specifies the given name attribute for attendee lookup. The default is givenname.
|
local.lookupldapsearchattr.sn
|
Specifies the screen name attribute for attendee lookup. The default is sn.
|
local.smtp.defaultdomain
|
Name of the default domain used to lookup an attendee’s calendar ID that corresponds to an email address. For example, jsmith resolves to jsmith@sesta.com if the value for this setting is "sesta.com".
|
:
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure LDAP Attendee Lookup Search Filters
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters that follow in Table 5-24:
In all the parameter descriptions that follow, %s allows only a single attendee.
Table 5-24 ics.conf Parameters Used to Configure LDAP Attendee Lookup Search Filters
Parameter
|
Description/Default
|
local.lookupldap.calid.direct
|
The search filter for calid-search-type using direct lookup. The default is: "(icsCalendar=%s)
%s–The attendee string.
|
local.lookupldap.cn.direct
|
The search filter for cn-search-type in direct lookup. The default is: "(&(cn=%s)(|(objectclass=groupofuniquenames)(objectclass=icsCalendarResource)(objectclass=person)))"
%s–The attendee string.
|
local.lookupldap.cn.search
|
The search filter for cn-search-type in search dialog lookup. The default is for a single attendee string (%s): "(&(cn=%s)(|(objectclass=groupofuniquenames)(objectclass=icsCalendarResource)(objectclass=person)))"
For a wild card search (multiple search strings): "(&(cn=%w)(|(objectclass=groupofuniquenames)(objectclass=icsCalendarResource)(objectclass=person)))"
%w–Causes expansion to a list of attendee strings. For example: %w=”Mary Ann Smith” expands to (& (cn=*Mary*) (cn=”*Ann”) (cn=*Smith*)
|
local.lookupldap.gid
|
The search filter for gid-search-type. The default is: "(&(cn=%s)(objectclass=groupofuniquenames))"
%s–A single attendee string.
|
local.lookupldap.mailto.indomain
|
The search filter for mailto-search-type in the domain specified by local.smtp.defaultdomain. The default is: "(|(mail=%s)(mail=%h)(mail=*<%s>*)(uid=%o))"
%s–The attendee string. %o–The attendee uid. %h–The query string without the domain part. For example: if %s=jdoe@sesta.com, %o=jdoe@sesta.com and %h=jdoe, then the value is: (|(mail=jdoe@varrius.com)(mail=jdoe)(mail=*<jdoe@varrius.com>*)(uid=jdoe@varrius.com))
|
local.lookupldap.mailto.outdomain
|
The search filter for mailto-search-type where the domain is not the one specified by local.smtp.defaultdomain. The default is: "(|(mail=%s)(uid=%s))"
%s–The attendee string.
|
local.lookupldap.res
|
The search filter for res-search-type (resource search). The default is: "(&(cn=%s)(objectclass=icsCalendarResource))"
$s–The attendee string.
|
local.lookupldap.res.ugldap
|
The search filter for res-search-type (resource search) only on the User/Group LDAP server. This is only set when local.lookupldap.resource.use.ugldap is set to “yes”. The default is: "(&(cn=%s)(objectclass=icsCalendarResource))"
%s–The attendee string.
|
local.lookupldap.uid.direct
|
The search filter for uid-search-type using direct lookup. The default is: "(|(uid=%s)(&(cn=%s)(|(objectclass=groupofuniquenames)(objectclass=icsCalendarResource)(objectclass=person))))"
%s–The attendee string.
|
local.lookupldap.uid.search
|
The search filter for uid-search-type lookup using a search dialog. The default is:
"(|(uid=%o)(&(cn=%w)(|(objectclass=groupofuniquenames)(objectclass=icsCalendarResource)(objectclass=person))))"
%s–The attendee string. %w–The attendee string with wildcards. %o–The attendee string without wildcards.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure LDAP Resource Lookup
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit the parameter shown in Table 5-25
Table 5-25 ics.conf Parameters for Configuring LDAP Resource Lookup
Parameter
|
Description/Default
|
local.lookupldap.resource.use.ugldap
|
Whether to use the User/Group LDAP server for resource lookup, or the Lookup server.
“yes”–Use the User/Group LDAP server.
“no”– Use the Lookup server. The default is “no”.
|
:
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure LDAP Mail-to-Calid Lookup
These parameters are used only for a non-hosted domain environment. If you have deployed a hosted domain environment, the maillookup parameters are ignored and the user and group LDAP values (ugldap) are used.
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters that follow in Table 5-26
Table 5-26 ics.conf Parameters for Configuring LDAP Mail-to-Calid Lookup
Parameter
|
Description/Default
|
local.lookupldap.mailtocalid.search
|
Specifies the mail attributes to use for mail-to-calid lookup. The default is "(|(mail=%s)(mailalternateaddress=%s))”
You can substitute the attribute mailequivalentaddress in place of mailalternateaddress.
|
local.maillookupldapbasedn
|
Specifies the base DN for mail-to-calid lookup. If not specified, uses local.ugldapbasedn.
|
local.maillookupldapbinddn
|
Specifies the DN to bind to the host used for mail-to-calid lookup. If not specified (default is ““), anonymous bind assumed.
|
local.maillookupldapbindcred
|
Specifies the password for the DN specified in local.maillookupldapbinddn. No default.
|
local.maillookupldaphost
|
Specifies the LDAP host used for mail -to-calid lookup. If not specified, uses local.ugldaphost.
|
local.maillookupldapmaxpool
|
Specifies the maximum number of client connections maintained for mail-to-calid lookup. If not specified, uses local.ugldapmaxpool. The default is “1024”.
|
local.maillookupldappoolsize
|
Specifies the minimum number of client connections to maintain for mail-to-calid lookup. If not specified, uses local.ugldappoolsize. The default is “1”.
|
local.maillookupldapport
|
Specifies the port for the LDAP mail-to-calid lookup. If not specified, uses local.ugldapport. No default.
|
:
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure Calendar Server for the User Preferences LDAP Directory
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one or more of the parameters that follow in Table 5-27
Table 5-27 ics.conf Parameters for Configuring Calendar Server for the User Preferences LDAP Directory
Parameter
|
Description/Default
|
local.enduseradmincred
|
Bind credentials (password) for LDAP user preferences authentication. No default.
|
local.enduseradmindn
|
DN used to bind to LDAP user preferences host. Must be specified. If blank (" ") or not specified, assumes an anonymous bind.
|
local.ugldappoolsize
|
Minimum number of LDAP client connections that are maintained for LDAP user preferences. The default is “1”.
|
local.ugldapmaxpool
|
Maximum number of LDAP client connections that are maintained for LDAP user preferences. The default is “1024”.
|
service.wcap.userprefs. ldapproxyauth
|
Enables anonymous search of the LDAP used for user preferences. The default is “no”, which allows anonymous access. Specifying “yes” means using proxy authentication to do the search.
|
:
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Configure User Preferences
You can restrict the preferences users are allowed to set by removing them from the default list.
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit the list of user preferences follow in Table 5-28
Table 5-28 ics.conf Parameter for Configuring User Preferences
Parameter
|
Default List of User Preferences
|
Description
|
local.ugldap icsextendeduserprefs
|
“ceColorSet, ceFontFace, ceFontSizeDelta, ceDateOrder, ceDateSeparator, ceClock, ceDayHead, ceDayTail, ceInterval, ceToolText, ceToolImage, ceDefaultAlarmStart, ceSingleCalendarTZID, ceAllCalendarTZIDs, ceDefaultAlarmEmail, ceNotifyEmail, ceNotifyEnable, ceDefaultView, ceExcludeSatSun, ceGroupInviteAll"
|
User preference values are kept in LDAP. This parameter defines which user preferences are kept in LDAP in the icsExtendedUserPrefs attribute.
|
:
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Enable the LDAP Data Cache
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Enable the LDAP data cache by editing the following parameter as shown in Table 5-29.
Table 5-29 ics.conf Parameters to Enable the LDAP Data Cache
Parameter
|
Description and Default Value
|
local.ldap.cache.enable
|
Enable or disable the LDAP cache. If “yes”, the cache is enabled. If “no” the cache is disabled. The default is “no”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
For more information about tuning the LDAP data cache, see Improving Performance of the LDAP Data Cache.
To Enable and Configure the LDAP SDK Cache
The LDAP SDK cache is disabled by default.
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Enable the LDAP SDK cache and configure it, by editing one or more of the parameters as shown in Table 5-30:
Table 5-30 ics.conf Parameters for Configuring the LDAP SDK Cache
Parameter
|
Description and Default Value
|
service.ldapmemcache
|
If "yes", enables LDAP SDK cache. The default is “no”.
|
service.ldapmemcachettl
|
If service.ldapmemcache is "yes", this parameter is used to set the maximum number of seconds that an item can be cached. If “0”, there is no limit to the amount of time that an item can be cached. The default is “30”.
|
service.ldapmemcachesize
|
If service.ldapmemcache is "yes", this parameter is used to set the maximum amount of memory in bytes that the cache will consume. If “0”, the cache has no size limit. The default is “131072”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Set the Date Range for Free Busy Searches
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit the following parameter as shown in Table 5-31:
Table 5-31 ics.conf Parameters to Set the Date Range for Free Busy Searches
Parameter
|
Description and Default Value
|
service.wcap.freebusybegin
|
Specifies the offset from the current time in days for get_freebusy for beginning of the range. The default is “30”.
|
service.wcap.freebusyend
|
Specifies the offset from the current time in days for get_freebusy for end of the range. The default is “30”.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Enable Wildcard LDAP Searches of Calendar Properties
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit the following parameter as shown in Table 5-32:
Table 5-32 ics.conf Parameters for Configuring Wildcard Searches of Calendar Properties
Parameter
|
Description and Default Value
|
service.calendarsearch.ldap. primaryownersearchfilter
|
The default search filter used for search_calprops searches for exact matches to the search string. To allow wildcard searches such that matches are found when the search string is merely contained within the property value, uncomment this parameter. This enables the system to use the following search filter:
"(&(|(uid=*%s*)(cn=*%s*))(objectclass=icsCalendarUser))"
Enabling this search filter can negatively impact performance.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal
To Set the LDAP Root Suffix
While it is possible to reset the root suffix for your LDAP organization tree (Schema 2), or domain component tree (Schema 1), this should be done with great care. It would be better to rerun the configuration program to do this.
- Log in as an administrator with permission to change the configuration.
- Change to the /etc/opt/SUNWics5/cal/config directory.
- Save your old ics.conf file by copying and renaming it.
- Edit one of the parameters as shown in Table 5-32:
Table 5-33 ics.conf Parameters for Setting the LDAP Root Suffix
Parameter
|
Description and Default Value
|
service.dcroot
|
Root suffix of the DC tree in the directory. Required for hosted (virtual) domain mode support using Schema 1. The default is “o=internet”.
See also Setting up a Hosted Domain Environment.
|
service.schema2root
|
Root suffix of the DIT (Organization Tree) for Schema 2. No default value.
|
- Save the file as ics.conf.
- Restart Calendar Server.
cal_svr_base/SUNWics5/cal/sbin/start-cal