summaryrefslogtreecommitdiff
path: root/hosted-kolab
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2015-03-16 21:47:06 (GMT)
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2015-03-16 21:47:06 (GMT)
commit3a2c0129350f0d71c79338e9e5831a6665d562c5 (patch)
tree791fbb702efefabbae033dcdf7c9c8f4f7d5b561 /hosted-kolab
parentf1645553091091d31047b08a21d316e2b6a3a13e (diff)
downloadkolab-scripts-3a2c0129350f0d71c79338e9e5831a6665d562c5.tar.gz
Refresh scripts furthering #4459
Diffstat (limited to 'hosted-kolab')
-rwxr-xr-xhosted-kolab/02-add-ou-Domains.sh1
-rwxr-xr-xhosted-kolab/05-add-hosted-domain.sh48
-rwxr-xr-xhosted-kolab/06-add-self-reg-hosted-domain.sh94
-rwxr-xr-xhosted-kolab/07-add-customer-domain.sh195
-rwxr-xr-xhosted-kolab/08-add-doe@kolabsys.net-admin.sh25
-rwxr-xr-xhosted-kolab/09-add-doe@kolabnow.com.sh24
-rwxr-xr-xhosted-kolab/10-add-sixpack@kolabnow.com.sh24
-rwxr-xr-xhosted-kolab/15-adjust-kolab.conf.sh16
-rwxr-xr-xhosted-kolab/19-test-aci.sh12
-rwxr-xr-xhosted-kolab/30-add-kolab-users.sh47
-rwxr-xr-xhosted-kolab/98-find-kolabinetorgperson.sh6
-rwxr-xr-xhosted-kolab/99-remove-users.sh7
12 files changed, 450 insertions, 49 deletions
diff --git a/hosted-kolab/02-add-ou-Domains.sh b/hosted-kolab/02-add-ou-Domains.sh
index e29dde9..400002d 100755
--- a/hosted-kolab/02-add-ou-Domains.sh
+++ b/hosted-kolab/02-add-ou-Domains.sh
@@ -3,7 +3,6 @@
. ./settings.sh
(
echo "dn: ou=Domains,${rootdn}"
- echo "aci: (targetattr = \"*\") (version 3.0;acl \"Kolab Services\";allow (read,compare,search)(userdn = \"ldap:///uid=kolab-service,ou=Special Users,${rootdn}\");)"
echo "ou: Domains"
echo "objectClass: top"
echo "objectClass: organizationalunit"
diff --git a/hosted-kolab/05-add-hosted-domain.sh b/hosted-kolab/05-add-hosted-domain.sh
deleted file mode 100755
index 745ce77..0000000
--- a/hosted-kolab/05-add-hosted-domain.sh
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/bash
-
-. ./settings.sh
-
-(
- echo "dn: associateddomain=${hosted_domain},ou=Domains,${rootdn}"
- echo "objectclass: top"
- echo "objectclass: domainrelatedobject"
- echo "objectclass: inetdomain"
- echo "inetdomainstatus: active"
- echo "inetdomainbasedn: ou=${hosted_domain},${rootdn}"
- echo ""
-) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}"
-
-(
-
- echo "dn: ou=${hosted_domain},${rootdn}"
- echo "ou: ${hosted_domain}"
- echo "objectClass: top"
- echo "objectClass: organizationalunit"
- echo ""
-
- echo "dn: ou=Groups,${hosted_domain_rootdn}"
- echo "ou: Groups"
- echo "objectClass: top"
- echo "objectClass: organizationalunit"
- echo ""
-
- echo "dn: ou=People,${hosted_domain_rootdn}"
- echo "aci: (targetattr = \"*\") (version 3.0;acl \"Hosted Kolab Services\";allow (all)(userdn = \"ldap:///uid=hosted-kolab-service,ou=Special Users,${domain_rootdn}\");)"
- echo "ou: People"
- echo "objectClass: top"
- echo "objectClass: organizationalunit"
- echo ""
-
- echo "dn: ou=Resources,${hosted_domain_rootdn}"
- echo "ou: Resources"
- echo "objectClass: top"
- echo "objectClass: organizationalunit"
- echo ""
-
- echo "dn: ou=Shared Folders,${hosted_domain_rootdn}"
- echo "ou: Shared Folders"
- echo "objectClass: top"
- echo "objectClass: organizationalunit"
- echo ""
-
-) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}"
diff --git a/hosted-kolab/06-add-self-reg-hosted-domain.sh b/hosted-kolab/06-add-self-reg-hosted-domain.sh
new file mode 100755
index 0000000..a8cee23
--- /dev/null
+++ b/hosted-kolab/06-add-self-reg-hosted-domain.sh
@@ -0,0 +1,94 @@
+#!/bin/bash
+
+. ./settings.sh
+
+(
+ echo "dn: associateddomain=${hosted_domain},ou=Domains,${rootdn}"
+ echo "objectclass: top"
+ echo "objectclass: domainrelatedobject"
+ echo "objectclass: inetdomain"
+ echo "inetdomainstatus: active"
+ echo "inetdomainbasedn: dc=kolabnow,dc=com"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Deny Unauthorized\"; deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${rootdn} || ldap:///uid=hosted-kolab-service,ou=Special Users,${rootdn}\");)"
+ echo ""
+
+ echo "dn: cn=$(echo ${hosted_domain_rootdn} | sed -e 's/=/\\3D/g' -e 's/,/\\2D/g'),cn=mapping tree,cn=config"
+ echo "objectClass: top"
+ echo "objectClass: extensibleObject"
+ echo "objectClass: nsMappingTree"
+ echo "nsslapd-state: backend"
+ echo "cn: ${hosted_domain_rootdn}"
+ echo "nsslapd-backend: $(echo ${hosted_domain} | sed -e 's/\./_/g')"
+ echo ""
+
+ echo "dn: cn=$(echo ${hosted_domain} | sed -e 's/\./_/g'),cn=ldbm database,cn=plugins,cn=config"
+ echo "objectClass: top"
+ echo "objectClass: extensibleobject"
+ echo "objectClass: nsbackendinstance"
+ echo "cn: $(echo ${hosted_domain} | sed -e 's/\./_/g')"
+ echo "nsslapd-suffix: ${hosted_domain_rootdn}"
+ echo "nsslapd-cachesize: -1"
+ echo "nsslapd-cachememsize: 10485760"
+ echo "nsslapd-readonly: off"
+ echo "nsslapd-require-index: off"
+ echo "nsslapd-directory: /var/lib/dirsrv/slapd-$(hostname -s)/db/$(echo ${hosted_domain} | sed -e 's/\./_/g')"
+ echo "nsslapd-dncachememsize: 10485760"
+ echo ""
+
+) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}"
+
+(
+ echo "dn: ${hosted_domain_rootdn}"
+ echo "aci: (targetattr=\"carLicense || description || displayName || facsimileTelephoneNumber || homePhone || homePostalAddress || initials || jpegPhoto || labeledURI || mobile || pager || photo || postOfficeBox || postalAddress || postalCode || preferredDeliveryMethod || preferredLanguage || registeredAddress || roomNumber || secretary || seeAlso || st || street || telephoneNumber || telexNumber || title || userCertificate || userPassword || userSMIMECertificate || x500UniqueIdentifier\")(version 3.0; acl \"Enable self write for common attributes\"; allow (write) userdn=\"ldap:///self\";)"
+ echo "aci: (targetattr=\"*\")(version 3.0; acl \"Configuration Administrators Group\"; allow (all) groupdn=\"ldap:///cn=Configuration Administrators,ou=Groups,ou=TopologyManagement,o=NetscapeRoot\";)"
+ echo "aci: (targetattr=\"*\")(version 3.0; acl \"Configuration Administrator\"; allow (all) userdn=\"ldap:///uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot\";)"
+ echo "aci: (targetattr = \"*\")(version 3.0; acl \"SIE Group\"; allow (all) groupdn = \"ldap:///cn=slapd-$(hostname -s),cn=389 Directory Server,cn=Server Group,cn=$(hostname -f),ou=${domain},o=NetscapeRoot\";)"
+ echo "aci: (targetattr =\"*\")(version 3.0;acl \"Kolab Administrators\";allow (all) (roledn=\"ldap:///cn=kolab-admin,${rootdn}\");)"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Search Access\";allow (compare,search)(userdn = \"ldap:///${hosted_domain_rootdn}??sub?(objectclass=*)\");)"
+ echo "aci: (targetattr != \"userPassword\") (version 3.0;acl \"Service Search Access\";allow (read,compare,search)(userdn = \"ldap:///uid=kolab-service,ou=Special Users,${domain_rootdn}\");)"
+ echo "objectClass: top"
+ echo "objectClass: domain"
+ echo "dc: $(echo ${hosted_domain} | cut -d'.' -f 1)"
+ echo ""
+) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}"
+
+(
+ echo "dn: ou=Groups,${hosted_domain_rootdn}"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Deny Unauthorized\"; deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${rootdn}\");)"
+ echo "ou: Groups"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo ""
+
+ echo "dn: ou=People,${hosted_domain_rootdn}"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Deny Unauthorized\"; deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${rootdn} || ldap:///uid=hosted-kolab-service,ou=Special Users,${rootdn} || ldap:///ou=People,${hosted_domain_rootdn}??sub?(objectclass=*)\");)"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Allow Hosted Kolab Service\"; allow (search,add)(userdn = \"ldap:///uid=hosted-kolab-service,ou=Special Users,${rootdn}\");)"
+ echo "aci: (targetattr != \"userPassword\") (version 3.0;acl \"Allow Kolab Service\"; allow (read,search,compare)(userdn = \"ldap:///uid=kolab-service,ou=Special Users,${rootdn}\");)"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Self Search Access\";allow (read,compare,search)(userdn = \"ldap:///self\");)"
+ echo "ou: People"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo ""
+
+ echo "dn: ou=Special Users,${hosted_domain_rootdn}"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Deny Unauthorized\"; deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${rootdn} || ldap:///uid=hosted-kolab-service,ou=Special Users,${rootdn}\");)"
+ echo "ou: Special Users"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo ""
+
+ echo "dn: ou=Resources,${hosted_domain_rootdn}"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Deny Unauthorized\"; deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${rootdn}\");)"
+ echo "ou: Resources"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo ""
+
+ echo "dn: ou=Shared Folders,${hosted_domain_rootdn}"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Deny Unauthorized\"; deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${rootdn}\");)"
+ echo "ou: Shared Folders"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo ""
+
+) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}"
diff --git a/hosted-kolab/07-add-customer-domain.sh b/hosted-kolab/07-add-customer-domain.sh
new file mode 100755
index 0000000..0300af0
--- /dev/null
+++ b/hosted-kolab/07-add-customer-domain.sh
@@ -0,0 +1,195 @@
+#!/bin/bash
+
+. ./settings.sh
+
+export mgmt_domain_rootdn="dc=kolabsys,dc=net"
+export rootdn="dc=kolabnow,dc=com"
+export hosted_domain="kanarip.com"
+export hosted_domain_rootdn="ou=kanarip.com,${rootdn}"
+
+(
+ echo "dn: associateddomain=${hosted_domain},ou=Domains,${mgmt_domain_rootdn}"
+ echo "objectclass: top"
+ echo "objectclass: domainrelatedobject"
+ echo "objectclass: inetdomain"
+ echo "inetdomainstatus: active"
+ echo "inetdomainbasedn: ${hosted_domain_rootdn}"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Deny Unauthorized\"; deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${mgmt_domain_rootdn} || ldap:///ou=People,${hosted_domain_rootdn}??sub?(objectclass=inetorgperson)\");)"
+ echo "aci: (targetattr != \"userPassword\") (version 3.0;acl \"Search Access\";allow (read,compare,search)(userdn = \"ldap:///uid=kolab-service,ou=Special Users,${mgmt_domain_rootdn} || ldap:///ou=People,${hosted_domain_rootdn}??sub?(objectclass=inetorgperson)\");)"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Kolab Administrators\";allow (all)(roledn = \"ldap:///cn=admin-user,${hosted_domain_rootdn}\");)"
+ echo ""
+
+ echo "dn: associateddomain=kanarip.ch,ou=Domains,${mgmt_domain_rootdn}"
+ echo "objectclass: top"
+ echo "objectclass: domainrelatedobject"
+ echo "objectclass: inetdomain"
+ echo "inetdomainstatus: active"
+ echo "inetdomainbasedn: ${hosted_domain_rootdn}"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Deny Unauthorized\"; deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${mgmt_domain_rootdn} || ldap:///ou=People,${hosted_domain_rootdn}??sub?(objectclass=inetorgperson)\");)"
+ echo "aci: (targetattr != \"userPassword\") (version 3.0;acl \"Search Access\";allow (read,compare,search)(userdn = \"ldap:///uid=kolab-service,ou=Special Users,${mgmt_domain_rootdn} || ldap:///ou=People,${hosted_domain_rootdn}??sub?(objectclass=inetorgperson)\");)"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Kolab Administrators\";allow (all)(roledn = \"ldap:///cn=admin-user,${hosted_domain_rootdn}\");)"
+ echo ""
+
+ echo "dn: associateddomain=kanarip.nl,ou=Domains,${mgmt_domain_rootdn}"
+ echo "objectclass: top"
+ echo "objectclass: domainrelatedobject"
+ echo "objectclass: inetdomain"
+ echo "inetdomainstatus: active"
+ echo "inetdomainbasedn: ${hosted_domain_rootdn}"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Deny Unauthorized\"; deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${mgmt_domain_rootdn} || ldap:///ou=People,${hosted_domain_rootdn}??sub?(objectclass=inetorgperson)\");)"
+ echo "aci: (targetattr != \"userPassword\") (version 3.0;acl \"Search Access\";allow (read,compare,search)(userdn = \"ldap:///uid=kolab-service,ou=Special Users,${mgmt_domain_rootdn} || ldap:///ou=People,${hosted_domain_rootdn}??sub?(objectclass=inetorgperson)\");)"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Kolab Administrators\";allow (all)(roledn = \"ldap:///cn=admin-user,${hosted_domain_rootdn}\");)"
+ echo ""
+) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" -c
+
+(
+
+ echo "dn: ou=${hosted_domain},${rootdn}"
+ echo "ou: ${hosted_domain}"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Deny Unauthorized\"; deny (all)(userdn != \"ldap:///uid=kolab-service,ou=Special Users,${mgmt_domain_rootdn} || ldap:///ou=People,${hosted_domain_rootdn}??sub?(objectclass=inetorgperson)\");)"
+ echo "aci: (targetattr != \"userPassword\") (version 3.0;acl \"Search Access\";allow (read,compare,search)(userdn = \"ldap:///uid=kolab-service,ou=Special Users,${mgmt_domain_rootdn} || ldap:///ou=People,${hosted_domain_rootdn}??sub?(objectclass=inetorgperson)\");)"
+ echo "aci: (targetattr = \"*\") (version 3.0;acl \"Kolab Administrators\";allow (all)(roledn = \"ldap:///cn=admin-user,${hosted_domain_rootdn}\");)"
+ echo ""
+
+ echo "dn: cn=admin-user,${hosted_domain_rootdn}"
+ echo "objectclass: top"
+ echo "objectclass: ldapsubentry"
+ echo "objectclass: nsroledefinition"
+ echo "objectclass: nssimpleroledefinition"
+ echo "objectclass: nsmanagedroledefinition"
+ echo "cn: admin-user"
+ echo ""
+
+ echo "dn: cn=activesync-user,${hosted_domain_rootdn}"
+ echo "objectclass: top"
+ echo "objectclass: ldapsubentry"
+ echo "objectclass: nsroledefinition"
+ echo "objectclass: nssimpleroledefinition"
+ echo "objectclass: nsmanagedroledefinition"
+ echo "cn: activesync-user"
+ echo ""
+
+ echo "dn: cn=imap-user,${hosted_domain_rootdn}"
+ echo "objectclass: top"
+ echo "objectclass: ldapsubentry"
+ echo "objectclass: nsroledefinition"
+ echo "objectclass: nssimpleroledefinition"
+ echo "objectclass: nsmanagedroledefinition"
+ echo "cn: imap-user"
+ echo ""
+
+ echo "dn: cn=kolab-user,${hosted_domain_rootdn}"
+ echo "objectclass: top"
+ echo "objectclass: ldapsubentry"
+ echo "objectclass: nsroledefinition"
+ echo "objectclass: nssimpleroledefinition"
+ echo "objectclass: nsmanagedroledefinition"
+ echo "cn: kolab-user"
+ echo ""
+
+ echo "dn: cn=xmpp-user,${hosted_domain_rootdn}"
+ echo "objectclass: top"
+ echo "objectclass: ldapsubentry"
+ echo "objectclass: nsroledefinition"
+ echo "objectclass: nssimpleroledefinition"
+ echo "objectclass: nsmanagedroledefinition"
+ echo "cn: xmpp-user"
+ echo ""
+
+ echo "dn: ou=Groups,${hosted_domain_rootdn}"
+ echo "ou: Groups"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo ""
+
+ echo "dn: ou=People,${hosted_domain_rootdn}"
+ echo "ou: People"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo ""
+
+ echo "dn: ou=Resources,${hosted_domain_rootdn}"
+ echo "ou: Resources"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo ""
+
+ echo "dn: ou=Shared Folders,${hosted_domain_rootdn}"
+ echo "ou: Shared Folders"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo ""
+
+ echo "dn: ou=Groups,${hosted_domain_rootdn}"
+ echo "ou: Groups"
+ echo "objectClass: top"
+ echo "objectClass: organizationalunit"
+ echo ""
+
+ echo "dn: uid=kanarip@kanarip.com,ou=People,${hosted_domain_rootdn}"
+ echo "objectClass: top"
+ echo "objectClass: inetorgperson"
+ echo "objectClass: kolabinetorgperson"
+ echo "objectClass: mailrecipient"
+ echo "objectClass: organizationalperson"
+ echo "objectClass: person"
+ echo "givenName: Jeroen"
+ echo "mailQuota: 1048576"
+ echo "preferredLanguage: en_US"
+ echo "sn: van Meeuwen"
+ echo "cn: Jeroen van Meeuwen"
+ echo "displayName: van Meeuwen, Jeroen"
+ echo "mail: kanarip@kanarip.com"
+ echo "uid: kanarip@kanarip.com"
+ echo "mailHost: localhost"
+ echo "userPassword: 456789"
+ echo "nsroledn: cn=activesync-user,${hosted_domain_rootdn}"
+ echo "nsroledn: cn=admin-user,${hosted_domain_rootdn}"
+ echo "nsroledn: cn=kolab-user,${hosted_domain_rootdn}"
+ echo ""
+
+ echo "dn: uid=lydia@kanarip.com,ou=People,${hosted_domain_rootdn}"
+ echo "objectClass: top"
+ echo "objectClass: inetorgperson"
+ echo "objectClass: kolabinetorgperson"
+ echo "objectClass: mailrecipient"
+ echo "objectClass: organizationalperson"
+ echo "objectClass: person"
+ echo "givenName: Lydia"
+ echo "mailQuota: 1048576"
+ echo "preferredLanguage: en_US"
+ echo "sn: van Meeuwen"
+ echo "cn: Lydia van Meeuwen"
+ echo "displayName: van Meeuwen, Lydia"
+ echo "mail: lydia@kanarip.nl"
+ echo "uid: lydia@kanarip.com"
+ echo "mailHost: localhost"
+ echo "userPassword: 456789"
+ echo "nsroledn: cn=activesync-user,${hosted_domain_rootdn}"
+ echo "nsroledn: cn=kolab-user,${hosted_domain_rootdn}"
+ echo ""
+
+ echo "dn: uid=annabelle@kanarip.com,ou=People,${hosted_domain_rootdn}"
+ echo "objectClass: top"
+ echo "objectClass: inetorgperson"
+ echo "objectClass: kolabinetorgperson"
+ echo "objectClass: mailrecipient"
+ echo "objectClass: organizationalperson"
+ echo "objectClass: person"
+ echo "givenName: Annabelle"
+ echo "mailQuota: 1048576"
+ echo "preferredLanguage: en_US"
+ echo "sn: van Meeuwen"
+ echo "cn: Annabelle van Meeuwen"
+ echo "displayName: van Meeuwen, Annabelle"
+ echo "mail: annabelle@kanarip.ch"
+ echo "uid: annabelle@kanarip.com"
+ echo "mailHost: localhost"
+ echo "userPassword: 456789"
+ echo "nsroledn: cn=activesync-user,${hosted_domain_rootdn}"
+ echo "nsroledn: cn=kolab-user,${hosted_domain_rootdn}"
+ echo ""
+
+) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" -c
diff --git a/hosted-kolab/08-add-doe@kolabsys.net-admin.sh b/hosted-kolab/08-add-doe@kolabsys.net-admin.sh
new file mode 100755
index 0000000..e631ed5
--- /dev/null
+++ b/hosted-kolab/08-add-doe@kolabsys.net-admin.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+. ./settings.sh
+
+(
+ echo "dn: uid=doe@kolabsys.net,ou=People,${rootdn}"
+ echo "objectClass: top"
+ echo "objectClass: inetorgperson"
+ echo "objectClass: kolabinetorgperson"
+ echo "objectClass: mailrecipient"
+ echo "objectClass: organizationalperson"
+ echo "objectClass: person"
+ echo "givenName: John"
+ echo "mailQuota: 1048576"
+ echo "preferredLanguage: en_US"
+ echo "sn: Doe"
+ echo "cn: John Doe"
+ echo "displayName: Doe, John"
+ echo "mail: doe@kolabsys.net"
+ echo "uid: doe@kolabsys.net"
+ echo "mailHost: localhost"
+ echo "userPassword: 123456"
+ echo "nsroledn: cn=kolab-admin,dc=kolabsys,dc=net"
+ echo ""
+) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}"
diff --git a/hosted-kolab/09-add-doe@kolabnow.com.sh b/hosted-kolab/09-add-doe@kolabnow.com.sh
new file mode 100755
index 0000000..a58a027
--- /dev/null
+++ b/hosted-kolab/09-add-doe@kolabnow.com.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+. ./settings.sh
+
+(
+ echo "dn: uid=doe@kolabnow.com,ou=People,${hosted_domain_rootdn}"
+ echo "objectClass: top"
+ echo "objectClass: inetorgperson"
+ echo "objectClass: kolabinetorgperson"
+ echo "objectClass: mailrecipient"
+ echo "objectClass: organizationalperson"
+ echo "objectClass: person"
+ echo "givenName: Jane"
+ echo "mailQuota: 1048576"
+ echo "preferredLanguage: en_US"
+ echo "sn: Doe"
+ echo "cn: Jane Doe"
+ echo "displayName: Doe, Jane"
+ echo "mail: doe@kolabnow.com"
+ echo "uid: doe@kolabnow.com"
+ echo "mailHost: localhost"
+ echo "userPassword: 456789"
+ echo ""
+) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}"
diff --git a/hosted-kolab/10-add-sixpack@kolabnow.com.sh b/hosted-kolab/10-add-sixpack@kolabnow.com.sh
new file mode 100755
index 0000000..aae9225
--- /dev/null
+++ b/hosted-kolab/10-add-sixpack@kolabnow.com.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+. ./settings.sh
+
+(
+ echo "dn: uid=sixpack@kolabnow.com,ou=People,${hosted_domain_rootdn}"
+ echo "objectClass: top"
+ echo "objectClass: inetorgperson"
+ echo "objectClass: kolabinetorgperson"
+ echo "objectClass: mailrecipient"
+ echo "objectClass: organizationalperson"
+ echo "objectClass: person"
+ echo "givenName: Joe"
+ echo "mailQuota: 1048576"
+ echo "preferredLanguage: en_US"
+ echo "sn: Sixpack"
+ echo "cn: Joe Sixpack"
+ echo "displayName: Sixpack, Joe"
+ echo "mail: sixpack@kolabnow.com"
+ echo "uid: sixpack@kolabnow.com"
+ echo "mailHost: localhost"
+ echo "userPassword: 741852"
+ echo ""
+) | ldapadd -x -h ${ldap_host} -D "uid=hosted-kolab-service,ou=Special Users,${rootdn}" -w "${hosted_kolab_service_pw}"
diff --git a/hosted-kolab/15-adjust-kolab.conf.sh b/hosted-kolab/15-adjust-kolab.conf.sh
new file mode 100755
index 0000000..2f902de
--- /dev/null
+++ b/hosted-kolab/15-adjust-kolab.conf.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+. ./settings.sh
+
+sed -r -i \
+ -e "s/^domain_base_dn.*$/domain_base_dn = ${domain_base_dn}/g" \
+ -e 's/^primary_mail.*/primary_mail = %(uid)s@%(domain)s/g' \
+ -e '/secondary_mail/,+11d' \
+ -e '/^primary_mail/ a\
+daemon_rcpt_policy = False' \
+ -e 's/^auth_attributes.*$/auth_attributes = mail, uid/g' \
+ /etc/kolab/kolab.conf.default
+
+service kolabd restart
+service kolab-saslauthd restart
+
diff --git a/hosted-kolab/19-test-aci.sh b/hosted-kolab/19-test-aci.sh
new file mode 100755
index 0000000..47354dc
--- /dev/null
+++ b/hosted-kolab/19-test-aci.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+. ./settings.sh
+
+echo "== doe@kolabsys.net =="
+ldapsearch -x -h ${ldap_host} -D "uid=doe@kolabsys.net,ou=People,dc=kolabsys,dc=net" -w "123456" -b ${rootdn} -LLL
+echo "== doe@kolabnow.com =="
+ldapsearch -x -h ${ldap_host} -D "uid=doe@kolabnow.com,ou=People,dc=kolabnow,dc=com" -w "456789" -b ${hosted_domain_rootdn} -LLL
+echo "== sixpack@kolabnow.com =="
+ldapsearch -x -h ${ldap_host} -D "uid=sixpack@kolabnow.com,ou=People,dc=kolabnow,dc=com" -w "741852" -b ${hosted_domain_rootdn} -LLL
+echo "== kanarip@kanarip.com =="
+ldapsearch -x -h ${ldap_host} -D "uid=kanarip@kanarip.com,ou=People,ou=kanarip.com,dc=kolabnow,dc=com" -w "456789" -b ${hosted_domain_rootdn} -LLL
diff --git a/hosted-kolab/30-add-kolab-users.sh b/hosted-kolab/30-add-kolab-users.sh
new file mode 100755
index 0000000..45668b3
--- /dev/null
+++ b/hosted-kolab/30-add-kolab-users.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+ . ./settings.sh
+
+i=0
+while [ $i -lt 0$1 ]; do
+
+ givenname=`head -c 200 /dev/urandom | tr -dc A-Za-z | head -c5`
+ surname=`head -c 200 /dev/urandom | tr -dc A-Za-z | head -c10`
+
+ givenname="$(echo ${givenname:0:1} | tr '[:lower:]' '[:upper:]')$(echo ${givenname:1} | tr '[:upper:]' '[:lower:]')"
+ surname="$(echo ${surname:0:1} | tr '[:lower:]' '[:upper:]')$(echo ${surname:1} | tr '[:upper:]' '[:lower:]')"
+ surname_lower="$(echo ${surname} | tr '[:upper:]' '[:lower:]')"
+
+ uid="$(echo ${surname} | tr '[:upper:]' '[:lower:]')"
+
+ userpassword="${default_user_password}"
+
+ mailalternateaddress=""
+ if [ $(( $RANDOM % 2 )) -eq 0 ]; then
+ mailalternateaddress="${uid}@${surname_lower}.com"
+ fi
+
+ echo "dn: uid=$uid@${hosted_domain},ou=People,${hosted_domain_rootdn}"
+ echo "uid: $uid@${hosted_domain}"
+ echo "givenName: $givenname"
+ echo "objectClass: top"
+ echo "objectClass: person"
+ echo "objectClass: inetOrgPerson"
+ echo "objectclass: kolabinetorgperson"
+ echo "objectclass: organizationalperson"
+ echo "objectclass: mailrecipient"
+ echo "userpassword: ${userpassword}"
+
+ if [ ! -z "${mailalternateaddress}" ]; then
+ echo "mailalternateaddress: ${mailalternateaddress}"
+ fi
+
+ echo "sn: $surname"
+ echo "cn: $givenname $surname"
+ echo "displayname: $surname, $givenname"
+ echo "mail: ${surname_lower}@${hosted_domain}"
+ echo ""
+
+ let i++
+done | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" -c
+
diff --git a/hosted-kolab/98-find-kolabinetorgperson.sh b/hosted-kolab/98-find-kolabinetorgperson.sh
new file mode 100755
index 0000000..4e1852f
--- /dev/null
+++ b/hosted-kolab/98-find-kolabinetorgperson.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+. ./settings.sh
+
+ldapsearch -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" -b ${rootdn} "(objectclass=kolabinetorgperson)" dn | grep ^dn | sed -e 's/dn: //g'
+#ldapsearch -x -h ${ldap_host} -D "uid=kolab-service,ou=Special Users,dc=example,dc=org" -w "${ldap_bindpw}" -b ${rootdn} "(objectclass=kolabinetorgperson)" dn | grep ^dn | sed -e 's/dn: //g'
diff --git a/hosted-kolab/99-remove-users.sh b/hosted-kolab/99-remove-users.sh
new file mode 100755
index 0000000..9924a2f
--- /dev/null
+++ b/hosted-kolab/99-remove-users.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+. ./settings.sh
+
+(
+ ldapsearch -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" -b ${rootdn} "(objectclass=kolabinetorgperson)" dn | grep ^dn | sed -e 's/dn: //g'
+) | ldapdelete -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}"