\documentclass{article} \usepackage{ulem} \usepackage{graphicx} \usepackage{hyperref} \pagestyle{headings} \begin{document} \part{Admin Permissions Howto} \section{Horde} \subsection{A Webmail-only installation without featuring the Horde portal} \begin{itemize} \item Of course, you will have to let IMP handle the authentication: \begin{itemize} \item In the Administration/Setup menu, choose the \textit{Horde (horde)} application, then the \textit{Authentication} tab. \end{itemize} \item The Horde administrators will need Horde's \textit{Administrator} menu, so you will need a user group to grant them particular permissions: \begin{itemize} \item In the Administration/Groups menu, add a new group, say \textit{Administrators}. \item Add all Horde administrators to that group. \end{itemize} \item Now you are ready to set the permissions, so ordinary users won't see the Horde portal link: \begin{itemize} \item In the Administration/Permissions menu, add the new permission: \textit{Horde (horde)}. \item Edit the \textit{Horde (horde)} entry to grant the following permissions: \begin{itemize} \item To all authenticated users: Read, Edit, Delete. (This will remove the sidebar menu entry for Horde.) \item To the \textit{Administrators} group: Show, Read, Edit, Delete. (This will retain the sidebar menu entry.) \end{itemize} \end{itemize} \item Remove Horde from the top-bar menu (if it appears there at all): \begin{itemize} \item As a Horde administrator, open (in the sidebar) the \textit{Administration/Setup} menu. \item In the \textit{Application} field, choose the \textit{Mail (imp)} entry. \begin{itemize} \item Under the \textit{External Utilities and Menu} tab, edit the \textit{Menu settings}, then click on \textit{Generate Mail Configuration}. \item Note: You can, of course, use Turba and Ingo with your Webmail installation; in this case, you will here activate their respective entries for the Imp menu. \end{itemize} \item If you have Turba, or Ingo, installed then edit their respective menu settings, in the same way. \end{itemize} \item Instruct your users on how to set Horde's \textit{Global Options}, particularly the preferred language: \begin{itemize} \item In top bar of the \textit{Options} submenu, in the \textit{Edit options for} field, choose the \textit{Global Options} application, \item then, if necessary, klick on the \textit{Go} button, nearby. \item Note: In German, this bit is particularly confusing, as both Horde's \textit{Global Options}, and Imp's \textit{General Options} are termed alike, viz. \textit{Allgemeine Einstellungen}. \item Note: Alternatively, you could try to include Horde's \textit{Global Options} with Imp's option menu, by modifying \texttt{imp/config/prefs.php}, but that is beyond the scope of this advice. \end{itemize} \end{itemize} \noindent\rule{\textwidth}{1pt} \section{Hermes} To allow authenticated users to see the time tracking module you must give at least Show and Read permissions to the "hermes" application \begin{itemize} \item Choose Administration --> Permissions \item Click on the All Permissions "keys" icon \item When the "Add a child Permission" pane appears, choose the Hermes module \item Click the Add button \item Click the "notepad" icon to edit the permissions for Hermes \item On the default permissions tab, check Show and Read \end{itemize} To allow a user to be able to Review time from other users you must make changes to the hermes permissions. Here are the steps: \begin{itemize} \item Choose Administration --> Permissions \item If the Hermes permissions are not yet set, follow the steps above. \item Click on the Hermes "keys" icon \item When the "Add a child Permission pane appears, choose the Time Review module \item Click on the Permissions tab for the user or group that you want check, Show \end{itemize} \noindent\rule{\textwidth}{1pt} \section{Turba} \subsection{A read-only LDAP address book} To allow authenticated users to search the addressbook of your organization (provided it is kept on an LDAP server), and to use the e-mail addresses contained therein to compose messages: \begin{itemize} \item Define, in turba/config/sources.php, that addressbook, using \texttt{sizelimit}, \texttt{export}, and \texttt{browse} to prevent large-scale address copying, e. g.: \end{itemize} 

/** Central E-Mail Directory (read-only) **/
\$cfgSources['localldap'] = array('title' => \_("E-Mail directory Example Ltd."),
                                 'type' => 'ldap',
                                 'params' => array('server'    => 'ldap.example.com',
                                                   'port'      => '389',
                                                   'tls'       => false,
                                                   'root'      => 'ou=people,o=Example Ltd.,c=com',
                                                   'charset'   => 'utf-8',
                                                   'sizelimit' => 200,
                                                   'scope'     => 'one',
                                                   'version'   => 3),
                                 'map'    => array('\_\_key'     => 'dn',
                                                   'name'      => 'cn',
                                                   'email'     => 'mail'),
                                 'search' => array('name', 'email'),
                                 'strict' => array('dn'),
                                 'export' => false,
                                 'browse' => false);
\begin{itemize} \item Login to Horde as an administrator, then select the Administration/Permissions menu. \item Under \textit{All Permissions}, add new permission \textit{Address Book (turba)} \item Under \textit{Address Book (turba)}, add new permission \textit{Sources (sources)} \item Under \textit{Sources (sources)}, add new permission \textit{E-Mail directory Example Ltd. (localldap)} \item Edit the added permissions to grant all authenticated users the following rights: \begin{itemize} \item \textit{Address Book (turba):} Show, Read, Edit, Delete (This will provide access to turba via the menus.) \item \textit{Sources (sources):} Show, Read, Edit, Delete \item \textit{E-Mail directory Example Ltd. (localldap):} Show, Read (This will hide, in the several menus, all editing operations that would otherwise cause weird error messages.) \end{itemize} \end{itemize} \end{document}