Sun Java System Calendar Server 6.3 Administration Guide

4.3 Configuring Calendar for LDAP Users, Groups and Resources

This section contains instructions on configuring LDAP users, groups and resources.

This section includes the following topics:

To Configure Calendar Users

Change to the /etc/opt/SUNWics5/cal/config directory.

Save your old ics.conf file by copying and renaming it.

Edit one or more of the following ics.conf parameters shown in the following table:

local.lookupldapsearchattr.aclgroup

The attribute used to specify which groups a user, group, or resource is a member of, for ACL evaluation. The default is "aclgroupaddr". (This is used to calculate dynamic groups.)

service.wcap.allowchangepassword

If "yes", allow users to change their passwords. The default is "no".

service.wcap.allowpublicwritablecalendars

If "yes", allow users to have publicly writable calendars. The default is "yes".

calstore.subscribed.remove.defaultcalendar

Specifies whether a user's default calendar can be removed from the user's subscribed calendar list. The default is "no".

service.wcap.allowcreatecalendars

If "yes", allow calendars to be created by users who do not have administrative privileges. The default is "yes".

service.wcap.allowdeletecalendars

If "yes", allow calendars to be deleted by users who do not have administrative privileges, but do have delete permission for that calendar. The default is "yes".

Save the file as ics.conf.

Restart Calendar Server.

cal-svr-base/SUNWics5/cal/sbin/start-cal

To Set Calendar User Preferences

Change to the /etc/opt/SUNWics5/cal/config directory.

Save your old ics.conf file by copying and renaming it.

Edit one or more of the following ics.conf parameters shown in the following table:

service.wcap.allowsetprefs.cn

If "yes", allow set_userprefs to modify the user preference "cn" (LDAP user's common name). The default is “no”.

service.wcap.allowsetprefs.givenname

If "yes", allow set_userprefs to modify the user preference "givenname" (LDAP user's given name). The default is “no”.

service.wcap.allowsetprefs.icsCalendar

If "yes", allow set_userprefs to modify the user preference “icsCalendar" (a user's default calendar identifier). The default is “no”.

service.wcap.allowsetprefs.mail

If "yes", allow set_userprefs to modify the user preference "mail" (user's email address). The default is “no”.

service.wcap.allowsetprefs.preferredlanguage

If "yes", allow set_userprefs to modify the user preference "preferredlanguage" (LDAP user's preferred language). The default is “no”.

service.wcap.allowsetprefs.sn

If "yes", allow set_userprefs to modify the user preference "sn" (LDAP user's surname). The default is “no”.

service.wcap.userprefs.ldapproxyauth

If "yes", enables LDAP proxy authorization for get_userprefs. If "no", anonymous LDAP search is performed. The default is “no”.

Save the file as ics.conf.

Restart Calendar Server.

cal-svr-base/SUNWics5/cal/sbin/start-cal

To Configure Calendar Server for Groups

Calendar Server supports LDAP groups, which are a named collection of users. The group membership can be static, or dynamically created. Groups can be nested. Groups have a groupid that is analogous to a uid for a user. Groups also have a mail address.

In addition, groups can have a default calendar with a group calid that should correspond to the groupid, with the addition of the domain, for instance groupid@sesta.com. Group calendars do not have user interface preferences stored in the preferences database. Instead, the LDAP entry contains an icsDefaultacl attribute that is used in group creation.

A group is defined in the LDAP entry as an instance of icsCalendarGroup. For information on the other attributes available for group calendars, see the Sun Java System Communications Services 6 2005Q4 Schema Reference.

Change to the /etc/opt/SUNWics5/cal/config directory.

Save your old ics.conf file by copying and renaming it.

Edit one or more of the following ics.conf parameters shown in the following table:

local.lookupldapsearchattr.owner

Owner attribute to use for groups and resources. The default is "owner".

local.lookupldapsearchattr.coowner

Secondary owners attribute for groups and resources. The default is "icsSecondaryowners".

local.lookupldapsearchattr.groupid

The attribute used to store the unique group identifier. The default is "groupid".

local.lookupldapsearchattr.defaultacl

The attribute used to store the default ACL given to each group calendar at autoprovisioning. The default is "icsDefaultacl".

local.lookupldapsearchattr.doublebook

The attribute used to specify whether doublebooking of group calendars is permitted. This is the attribute used when a default group calendar is auto-created. The default is "icsDoublebooking".

local.lookupldapsearchattr.autoaccept

The attribute used to specify whether invitations to group calendars are automatically accepted. This is the attribute used when a default group calendar is auto-created. The default is "icsAutoaccept".

local.lookupldapsearchattr.timezone

The attribute used to specify the time zone for an auto-created group calendar. The default is "icsTimezone".

local.lookupldapsearchattr.aclgroup

The attribute used to specify which groups a user, group, or resource is a member of, for ACL evaluation. The default is "aclgroupaddr". (For groups, this would be for nested groups.)

Save the file as ics.conf.

Restart Calendar Server.

cal-svr-base/SUNWics5/cal/sbin/start-cal

4.3 Configuring Calendar for LDAP Users, Groups and Resources

To Configure Calendar Users

To Set Calendar User Preferences

To Configure Calendar Server for Groups

See Also