conf.xml

<?xml version="1.0"?>
<!-- $Id$ -->
<configuration>
 <configtab name="general" desc="General">
  <configheader>General Horde Settings</configheader>
  <configboolean name="vhosts" desc="Enable virtual host configuration? If you
  want to use a single Horde installation for different virtual hosts, you can
  create separate configuration files for each virtual host,
  e.g. &lt;code&gt;conf-www.example.com.php&lt;/code&gt; or
  &lt;code&gt;prefs-mail.example.com.php&lt;/code&gt;. The global configuration
  files are always loaded first, and virtual host specific files are not
  required. If running command line scripts, you can specify the host name with
  the environment variable SERVER_NAME.">false</configboolean>
  <configheader>PHP Settings</configheader>
  <configphp name="debug_level" desc="The value to set
  error_reporting() to.
  See http://www.php.net/manual/function.error-reporting.php for more
  information and possible values.">E_ALL &amp; ~E_NOTICE</configphp>
  <configinteger name="max_exec_time" desc="If we need to perform a long
  operation, what should we set max_execution_time to (in seconds)? 0 means no
  limit; however, a value of 0 will cause a warning if you are running in safe
  mode. See http://www.php.net/manual/function.set-time-limit.php for more
  information.">0</configinteger>
  <configboolean name="compress_pages" desc="If this option is set to true, and
  you have the php zlib extension installed, pages over a certain size will be
  compressed and sent to the browser as gzip-encoded data in order to save
  bandwidth. There is little reason not to enable this.">true</configboolean>
  <configsecret name="secret_key" desc="Secret key for generating signed
  messages from this server. This is a random string unique to this Horde
  installation."></configsecret>
  <configinteger name="umask" octal="true" desc="What umask should we run
  with? This will affect the permissions on any temporary files that are
  created. This value is an integer.">077</configinteger>
  <configboolean name="testdisable" desc="Disable the test script
  (horde/test.php)? For security reasons, this is disabled by
  default">true</configboolean>
  <configstring name="tmpdir" required="false" desc="If you want to use a
  temporary directory other than the system default or the one specified in
  php's upload_tmp_dir value, enter it here."/>
  <configheader>URL Settings</configheader>
  <configenum name="use_ssl" quote="false" desc="Determines how we generate
  full URLs (for location headers and such).">2
   <values>
    <value desc="Assume that we are not using SSL and never generate https
    URLs.">0</value>
    <value desc="Assume that we are using SSL and always generate https
    URLs.">1</value>
    <value desc="Attempt to auto-detect, and generate URLs
    appropriately">2</value>
    <value desc="Assume that we are not using SSL and generate https URLs only
    for login.">3</value>
   </values>
  </configenum>

  <configsection name="server">
   <configphp name="name" desc="What server name should we use? You'll probably
   know if you need to change this default; only in situations where you need
   to override what Apache thinks the server name is.">
   $_SERVER['SERVER_NAME']</configphp>
   <configphp name="port" required="false" desc="What port number is the
   webserver running on?  Again, you shouldn't need to change the default, and
   you probably know it if you do. The exception is if you have chosen to
   always generate https URLs, as described above."/>
  </configsection>

  <configsection name="urls">
   <configinteger name="token_lifetime" desc="This is the length of time in
   minutes that links protected with request tokens (to prevent cross-site
   request forgery) will be valid. Higher values may make your users more
   vulnerable to these attacks.">30</configinteger>
   <configinteger name="hmac_lifetime" desc="This is the length of time in
   minutes that links signed with HMACs (to prevent forged URL parametes)
   will be valid. Higher values may make your users more vulnerable to
   forgery or phishing.">30</configinteger>
   <configenum name="pretty" required="false" desc="Use pretty URLs?">false
    <values>
     <value desc="No (GET-based URLs)">false</value>
     <value desc="URL rewriting (mod_rewrite, lighttpd rules, etc.)">rewrite</value>
    </values>
   </configenum>
  </configsection>

  <configlist name="safe_ips" required="false" desc="A list of IP subnets
  that are considered safe, e.g. to transfer encryption passphrases without
  requiring an HTTPS connection. (Example: 192.168.0.0, 10.0.0.0) To consider
  all connections to be safe (e.g. when SSL is handled by an SSL crypto card
  and not by the webserver) this value should be '*'."/>

  <configheader>Session Settings</configheader>
  <configsection name="session">
   <configstring name="name" desc="What name should we use for the session
   that Horde applications share? If you want to share sessions with other
   applications on your webserver, you will need to make sure that they are
   using the same session name. This value can also be used to invalidate
   previous sessions when upgrading your local version of Horde (Note: Session
   names must consist of only alphanumeric characters.)">Horde</configstring>
   <configboolean name="use_only_cookies" desc="Should we only allow session
   information to be stored in a session cookie and not be passed by URL (GET)
   parameters? This is on by default because passing session information in
   the URL is a security risk. &lt;b&gt;Consider carefully before turning it
   off&lt;/b&gt;. Cookies must be working and enabled in the browser though, or
   you won't be able to login to Horde. If false, session information will be
   passed via both the URL and cookies.">true</configboolean>
   <configinteger name="timeout" desc="The cookie lifetime (in seconds). If 0,
   (DEFAULT; RECOMMENDED) cookies will expire when the browser closes.
   Otherwise, this is the length after which a cookie will expire (this
   lifetime is updated after every browser request). Setting a non-zero value
   is NOT RECOMMENDED as there is no guarantee a session will ever expire;
   additionally, the session expiration value is based on the SERVER, not the
   CLIENT, so this will most certainly not work the way you want/think it
   should (see
   http://www.php.net/manual/en/function.session-set-cookie-params.php) for
   further information.">0</configinteger>
   <configstring name="cache_limiter" desc="What caching level should we use
   for the session? DO NOT CHANGE THIS UNLESS YOU &lt;strong&gt;REALLY
   &lt;/strong&gt; KNOW WHAT YOU ARE DOING. Setting this to anything other
   than 'nocache' will almost certainly result in severely broken script
   behavior.">nocache</configstring>
   <configinteger name="max_time" desc="The maximum length of time (in
   seconds) a session can be active after user authentication before it will
   be destroyed. (Sessions may otherwise never timeout if a user never closes
   their browser.) 0 means there is no maximum session time (NOT
   RECOMMENDED).">604800</configinteger>
  </configsection>
  <configsection name="cookie">
   <configphp name="domain" desc="What domain should we set cookies from? If
   you have a cluster that needs to share cookies, this might be '.example.com'
   - the leading '.' is important. If you only use session cookies (see
   above), but you are running Horde on an intranet server without a domain
   part, i.e. http//horde/, you need to set this value to ''. Most likely,
   though, you won't have to change the
   default.">$_SERVER['SERVER_NAME']</configphp>
   <configstring name="path" desc="What path should we set cookies to? For
   maximum security this should match the URL where Horde is on your webserver.
   If Horde is at /horde, then this should be '/horde'. If Horde is installed
   as the document root, then this needs to be '/' - NOT ''. If IE will be
   used to access Horde modules, you should read this first
   (discussing issues with IE's Content Advisor):
   http://lists.horde.org/archives/imp/Week-of-Mon-20030113/029149.html">
   /</configstring>
  </configsection>
 </configtab>

 <configtab name="db" desc="Database">
   <configdescription>&lt;strong&gt;NOTE:&lt;/strong&gt; These are only the
   &lt;em&gt;default&lt;/em&gt; values for any database driven backends. You
   still need to configure the different systems like "Preferences" to actually
   &lt;em&gt;use&lt;/em&gt; a database backend.</configdescription>
  <configsection name="sql">
   <configheader>SQL Database Settings</configheader>
   <configdescription>These are the database settings for the traditional
   relational databases backends (e.g. databases that use SQL to manage its
   data).</configdescription>
   <configsql switchname="phptype" baseconfig="true" />
  </configsection>
  <configsection name="nosql">
   <configheader>NoSQL Database Settings</configheader>
   <configdescription>These are the database settings for the NoSQL database
   backends. These are databases generally optimized for
   scalability/availability, but do not use a standardized query language to
   interact with the data.</configdescription>
   <confignosql switchname="phptype" baseconfig="true" default="false"/>
  </configsection>
 </configtab>

 <configtab name="ldap" desc="LDAP">
  <configsection name="ldap">
   <configheader>LDAP Settings</configheader>
   <configdescription>&lt;strong&gt;NOTE:&lt;/strong&gt; These are only the
   &lt;em&gt;default&lt;/em&gt; values for any LDAP driven backends. You
   still need to configure the different systems like "Preferences" to actually
   &lt;em&gt;use&lt;/em&gt; a LDAP backend.</configdescription>
   <configldap switchname="useldap" baseconfig="true" />
  </configsection>
 </configtab>

 <configtab name="auth" desc="Authentication">
  <configsection name="auth">
   <configheader>Authentication Settings</configheader>
   <configlist name="admins" desc="Which users should be treated as
   administrators (root, super-user) by Horde?" required="false"/>
   <configboolean name="checkip" desc="Should we always store and validate
   the IP address of the client (as seen by the web server) in the session?
   Doing so will help increase security by making it harder for an attacker
   from another host to hijack the session.">true</configboolean>
   <configboolean name="checkbrowser" desc="Should we always store and
   validate the browser string of the client (as seen by the web server) in
   the session? Doing so will help increase security by making it harder for
   an attacker to hijack the session.">true</configboolean>
   <configswitch name="resetpassword" desc="Allow users to reset passwords and
   provide a link on the login screen?">true
    <case name="true" desc="Yes">
     <configstring name="resetpassword_from" required="false" desc="The e-mail
     address to send password reset e-mails from. If empty, is sent from the
     user's e-mail address."/>
    </case>
    <case name="false" desc="No"/>
   </configswitch>
   <configstring name="alternate_login" desc="If this is not false, it is
   assumed to be the URL of an alternate login screen which will be used in
   place of horde's default login screen. The URL will have an &quot;app&quot;
   parameter appended that contains the application that redirected to the
   login screen, and a &quot;url&quot; parameter with the originally requested
   URL. The alternate login screen should redirect to that URL after
   authentication. Alternatively you can include a &quot;%u&quot; place holder
   in the alternate URL that will be replaced by that original
   URL. Optionally appended URL parameters are &quot;logout_reason&quot; that
   contains a number with the logout reason (see the Horde_Auth::REASON_*
   constants for possible values), and &quot;logout_msg&quot; that contains an
   error message describing the logout reason.">false</configstring>
   <configstring name="redirect_on_logout" desc="If this is not false, it is
   assumed to be the URL of an alternate logout page which users will be sent
   to when they log out.">false</configstring>
   <configenum name="list_users" desc="If the authentication backend is
   capable of listing all users, should we show this list to the users,
   e.g. in the permissions screen?">list
    <values>
     <value desc="Show a drop down list">list</value>
     <value desc="Show an input field">input</value>
     <value desc="Show both, a list and an input field">both</value>
    </values>
   </configenum>

   <configswitch name="driver" desc="What backend should we use for
   authenticating users to Horde?">

    <case name="application" desc="Let a Horde application handle
    authentication">
     <configsection name="params">
      <configenum name="app" desc="The application which is providing
      authentication">imp
       <values>
        <configspecial application="horde" name="apps" />
       </values>
      </configenum>
     </configsection>
    </case>

    <case name="auto" desc="Automatic authentication as a certain user">
     <configsection name="params">
      <configstring name="username" desc="The username to authenticate
      everyone as">horde_user</configstring>
      <configstring name="password" desc="The password to use for the user's
      credentials" required="false"/>
      <configboolean name="requestuser" desc="Allow username to be passed by
      GET, POST or cookie?">false</configboolean>
     </configsection>
    </case>

    <case name="composite" desc="Composite authentication">
     <configdescription>
      This authentication driver needs manual configuration not possible
      through this interface. Add the appropriate configuration lines at the
      end of the generated configuration file. See
      http://wiki.horde.org/AuthCompositeHowTo for details.
     </configdescription>
    </case>

    <case name="ftp" desc="FTP authentication">
     <configsection name="params">
      <configstring name="hostspec" desc="The hostname or IP address of the
      FTP server">localhost</configstring>
      <configinteger name="port" desc="The server port to connect to">
      21</configinteger>
     </configsection>
    </case>

    <case name="http" desc="HTTP (Basic Authentication/.htpasswd)
    authentication">
     <configsection name="params">
      <configboolean name="show_encryption" required="false" desc="Prepend the
      password algorithm to the password value?">true</configboolean>
      <configstring name="htpasswd_file" required="false" desc="The location of
      the htpasswd file containing the user names and passwords"/>
      <configenum name="encryption" desc="The password hashing algorithm used in the htpasswd file">crypt-des
       <values>
        <value>aprmd5</value>
        <value>crypt</value>
        <value>crypt-blowfish</value>
        <value>crypt-des</value>
        <value>crypt-md5</value>
        <value>crypt-sha256</value>
        <value>crypt-sha512</value>
        <value>md5-base64</value>
        <value>md5-hex</value>
        <value>plain</value>
        <value>sha</value>
        <value>smd5</value>
        <value>ssha</value>
       </values>
      </configenum>
     </configsection>
    </case>

    <case name="httpRemote" desc="Remote HTTP Authentication">
     <configsection name="params">
      <configstring name="url" desc="The remote HTTP endpoint to authenticate against" />
     </configsection>
    </case>

    <case name="imap" desc="IMAP authentication">
     <configsection name="params">
      <configstring name="hostspec" desc="The hostname or IP address of the
      server">localhost</configstring>
      <configinteger name="port" desc="The server port to which we will
      connect. IMAP is generally 143, while IMAP-SSL is generally
      993.">143</configinteger>
      <configenum name="secure" desc="The encryption to use to connect to
      the IMAP server.">tls
       <values>
        <value>none</value>
        <value>tls</value>
        <value>ssl</value>
       </values>
      </configenum>
     </configsection>
    </case>

    <case name="imsp" desc="IMSP server authentication" />

    <case name="ipbasic" desc="IP based authentication">
     <configsection name="params">
      <configlist name="blocks" desc="A list of CIDR masks which are allowed
      access"/>
     </configsection>
    </case>

    <case name="kolab" desc="Kolab authentication">
     <configsection name="params">
     </configsection>
    </case>

    <case name="ldap" desc="LDAP authentication">
     <configsection name="params">
      <configldap switchname="driverconfig" excludebind="user">
       <configstring name="sizelimit" required="false" desc="Size limit for
       listing users on large directories"/>
       <configboolean name="ad" desc="Is this an AD server?">
       false</configboolean>
       <configstring name="uid" desc="The username search key (set to
       samaccountname for AD)"/>
       <configenum name="encryption" desc="The password hashing algorithm to
       use">ssha
        <values>
         <value>aprmd5</value>
         <value>crypt</value>
         <value>crypt-blowfish</value>
         <value>crypt-des</value>
         <value>crypt-md5</value>
         <value>crypt-sha256</value>
         <value>crypt-sha512</value>
         <value>md5-base64</value>
         <value>md5-hex</value>
         <value>msad</value>
         <value>plain</value>
         <value>sha</value>
         <value>smd5</value>
         <value>ssha</value>
        </values>
       </configenum>
       <configlist name="newuser_objectclass" desc="What objectclasses should a
       new user account be member of? These objectclasses should cover the
       cn,sn,userPassword attributes as well as the username search key">
       shadowAccount,inetOrgPerson</configlist>
       <configstring name="filter" desc="The LDAP RFC formatted filter used
         to search for users.">(objectclass=shadowAccount)
       </configstring>
       <configswitch name="password_expiration" desc="Enable the creating of
       accounts with expiring passwords? (Note: New users should have the
       shadowAccount objectclass)">no
        <case name="no" desc="no" />
        <case name="yes" desc="yes">
         <configstring name="minage" desc="After how many days may a password
         be changed again?">5</configstring>
         <configstring name="maxage" desc="How many days will a password
         remain valid?">30</configstring>
         <configstring name="warnage" desc="How many days before expiration
         should a user be warned?">5</configstring>
        </case>
       </configswitch>
      </configldap>
     </configsection>
    </case>

    <case name="login" desc="Login (su) authentication">
     <configsection name="params">
      <configstring name="location" desc="Location of the su binary">
      /bin/su</configstring>
     </configsection>
    </case>

    <case name="pam" desc="PAM (Pluggable Authentication Modules)
    authentication">
     <configsection name="params">
      <configstring name="service" desc="The name of the PAM service to use
      when authenticating">php</configstring>
     </configsection>
    </case>

    <case name="passwd" desc="password file authentication">
     <configsection name="params">
      <configstring name="filename" desc="The password file to use">
      /etc/passwd</configstring>
      <configenum name="encryption" required="false" desc="The password
      hashing algorithm used in the password file">crypt
       <values>
        <value>aprmd5</value>
        <value>crypt</value>
        <value>crypt-blowfish</value>
        <value>crypt-des</value>
        <value>crypt-md5</value>
        <value>crypt-sha256</value>
        <value>crypt-sha512</value>
        <value>md5-base64</value>
        <value>md5-hex</value>
        <value>plain</value>
        <value>sha</value>
        <value>smd5</value>
        <value>ssha</value>
       </values>
      </configenum>
      <configboolean name="show_encryption" required="false" desc="Prepend the
      password algorithm to the password value?">false</configboolean>
      <configstring name="group_filename" required="false" desc="An accompanying group file" />
      <configlist name="required_groups" required="false" desc="A comma-separated list of groups allowed to log in. If blank, or if there is no group file, any valid user will be allowed to log in." />
      <configboolean name="lock" desc="Should we lock the password file? This incurs a concurrent performance penalty, but is required if you want the ability to add, update, or delete users.">
      false</configboolean>
     </configsection>
    </case>

    <case name="radius" desc="Radius authentication">
     <configsection name="params">
      <configstring name="host" desc="The RADIUS host to use (IP address or
      fully qualified hostname)">localhost</configstring>
      <configinteger name="port" required="false" desc="The port to use on the
      RADIUS server"/>
      <configenum name="method" desc="The RADIUS method to use for validating
      the request">PAP
       <values>
        <value desc="PAP">PAP</value>
        <value desc="CHAP_MD5 (not supported at the moment)">CHAP_MD5</value>
        <value desc="MSCHAPv1 (not supported at the moment)">MSCHAPv1</value>
        <value desc="MSCHAPv2 (not supported at the moment)">MSCHAPv2</value>
       </values>
      </configenum>
      <configstring name="nas" required="false" desc="The RADIUS NAS
      identifier to use." />
      <configstring name="secret" desc="The RADIUS shared secret string for the
      host. The RADIUS protocol ignores all but the leading 128 bytes of the
      shared secret."/>
      <configinteger name="retries" required="false" desc="The maximum number
      of repeated requests to make before giving up [3]"/>
      <configstring name="suffix" required="false" desc="The domain name to add
      to unqualified user names"/>
      <configinteger name="timeout" required="false" desc="The timeout for
      receiving replies from the server (in seconds) [3]"/>
     </configsection>
    </case>

    <case name="peclsasl" desc="SASL authentication">
     <configsection name="params">
      <configstring name="app" desc="The name of the authenticating
      application">horde</configstring>
      <configstring name="service" desc="The name of the SASL service to use
      when authenticating">php</configstring>
     </configsection>
    </case>

    <case name="shibboleth" desc="Shibboleth Authentication">
     <configsection name="params">
      <configstring name="username_header" desc="The HTTP header holding the
      username">REMOTE_USER</configstring>
      <configswitch name="password_holder" desc="Where should we get the
      password for hordeauth from?">
       <case name="none" desc="No passwords"/>
       <case name="header" desc="HTTP Header">
        <configstring name="password_header" desc="The HTTP header holding the
        password" required="false"></configstring>
       </case>
       <case name="preferences" desc="Horde Preferences">
        <configstring name="password_preference" desc="The Horde preference
        that contains the password" required="false"></configstring>
       </case>
      </configswitch>
     </configsection>
    </case>

    <case name="smb" desc="SMB (smbauth extension) authentication">
     <configsection name="params">
      <configstring name="hostspec" desc="IP, DNS Name, or NetBios Name of the
      SMB server to authenticate with">localhost</configstring>
      <configstring name="domain" desc="The domain name to authenticate with"/>
      <configstring name="group" required="false" desc="Optional group name
      that the user must be a member of"/>
     </configsection>
    </case>

    <case name="smbclient" desc="SMB (smbclient) authentication">
     <configsection name="params">
      <configstring name="hostspec" desc="IP, DNS Name, or NetBios Name of the
      SMB server to authenticate with">localhost</configstring>
      <configstring name="domain" desc="The domain name to authenticate with"/>
      <configstring name="smbclient_path" desc="The location of the smbclient program">/usr/bin/smbclient</configstring>
     </configsection>
    </case>

    <case name="sql" desc="SQL authentication">
     <configsection name="params">
      <configsql switchname="driverconfig" />
      <configstring name="table" required="false" desc="The name of the auth
      table in the database [horde_users]"/>
      <configstring name="username_field" required="false" desc="The name of
      the username field in the auth table [user_uid]"/>
      <configstring name="password_field" required="false" desc="The name of
      the password field in the auth table [user_pass]"/>
      <configstring name="soft_expiration_field" required="false" desc="The
      name of a field containing a UNIX timestamp.  When a user logs in after
      the specified time, if 'passwd' is installed, that user will be asked to
      change his or her password.  This feature is disabled by default."/>
      <configstring name="hard_expiration_field" required="false" desc="The
      name of a field containing a UNIX timestamp.  A user will not be able to
      log in after the specified time.  This feature is disabled by default."/>
      <configinteger name="soft_expiration_window" required="false"
      desc="This is how often, in days, the user must change his or her
      password.  When the user's password is updated, the &quot;soft&quot;
      expiration is set this many days in the future.  If not provided,
      the user's password will not expire by default."/>
      <configinteger name="hard_expiration_window" required="false" desc="The
      number of days in the grace period the user has to change his or her
      password after it has expired.  If not provided, the grace period will
      not expire."/>
      <configenum name="encryption" required="false" desc="The password hashing algorithm to use">ssha
       <values>
        <value>aprmd5</value>
        <value>crypt</value>
        <value>crypt-blowfish</value>
        <value>crypt-des</value>
        <value>crypt-md5</value>
        <value>crypt-sha256</value>
        <value>crypt-sha512</value>
        <value>joomla-md5</value>
        <value>md5-base64</value>
        <value>md5-hex</value>
        <value>mysql</value>
        <value>plain</value>
        <value>sha</value>
        <value>smd5</value>
        <value>ssha</value>
       </values>
      </configenum>
      <configboolean name="show_encryption" required="false" desc="Prepend the password algorithm to the password value?">false</configboolean>
     </configsection>
    </case>

    <case name="customsql" desc="SQL authentication w/custom-made queries">
     <configsection name="params">
      <configenum name="phptype" desc="The name of the database">mysql
       <values>
        <value desc="MySQL">mysql</value>
        <value desc="MySQL (mysqli)">mysqli</value>
        <value desc="ODBC">odbc</value>
        <value desc="PostgreSQL">pgsql</value>
       </values>
      </configenum>
      <configswitch name="protocol" desc="What protocol will we use to connect
      to the database?">unix
       <case name="unix" desc="UNIX Sockets">
        <configstring name="socket" required="false" desc="Location of UNIX
        socket"></configstring>
       </case>
       <case name="tcp" desc="TCP/IP">
        <configstring name="hostspec" desc="What hostname is the database server
        running on, or what is the name of the system DSN to use?">
        localhost</configstring>
        <configinteger name="port" required="false" desc="Port the DB is
        running on, if non-standard"/>
       </case>
      </configswitch>
      <configstring name="username" desc="What username do we authenticate to
      the database server as?">horde</configstring>
      <configstring name="password" required="false" desc="What password do we
      authenticate to the database server with?"/>
      <configstring name="database" desc="What database name/tablespace are we
      using?">horde</configstring>
      <configdescription>
       Some special tokens can be used in the sql query. They are replaced at
       the query stage:&lt;ul&gt;
       &lt;li&gt;"\L" will be replaced by the user's login&lt;/li&gt;
       &lt;li&gt;"\P" will be replaced by the user's password&lt;/li&gt;
       &lt;li&gt;"\O" will be replaced by the old user's login (required for
       update)&lt;/li&gt;&lt;/ul&gt;
       Eg: "SELECT * FROM users WHERE uid = \L AND passwd = \P AND billing =
       'paid'"
      </configdescription>
      <configstring name="query_auth" required="false" desc="Authenticate the user"/>
      <configstring name="query_add" required="false" desc="Add user"/>
      <configstring name="query_getpw" required="false" desc="Get a user's password"/>
      <configstring name="query_update" required="false" desc="Update user"/>
      <configstring name="query_resetpassword" required="false" desc="Reset a user's password"/>
      <configstring name="query_remove" required="false" desc="Remove user"/>
      <configstring name="query_list" required="false" desc="List users"/>
      <configstring name="query_exists" required="false" desc="Check if an account exists"/>
      <configenum name="encryption" desc="The password hashing algorithm to use">ssha
       <values>
        <value>aprmd5</value>
        <value>crypt</value>
        <value>crypt-blowfish</value>
        <value>crypt-des</value>
        <value>crypt-md5</value>
        <value>crypt-sha256</value>
        <value>crypt-sha512</value>
        <value>joomla-md5</value>
        <value>md5-base64</value>
        <value>md5-hex</value>
        <value>mysql</value>
        <value>plain</value>
        <value>sha</value>
        <value>smd5</value>
        <value>ssha</value>
       </values>
      </configenum>
      <configboolean name="show_encryption" desc="Prepend the password algorithm to the password value?">false</configboolean>
     </configsection>
    </case>

    <case name="cyrsql" desc="SQL implementation for the Cyrus IMAP server">
     <configsection name="params">
      <configstring name="cyradmin" desc="The username of the cyrus
      administrator"/>
      <configstring name="cyrpass" desc="The password for the cyrus
      administrator"/>
      <configstring name="cyrhost" desc="The hostname or IP address of the
      server">localhost</configstring>
      <configinteger name="cyrport" desc="The server port to which we will
      connect. IMAP is generally 143, while IMAP-SSL is generally
      993.">143</configinteger>
      <configenum name="secure" desc="The encryption to use to connect to
      the IMAP server.">none
       <values>
        <value>none</value>
        <value>tls</value>
        <value>ssl</value>
       </values>
      </configenum>
      <configenum name="phptype" desc="The name of the database">mysql
       <values>
        <value desc="MySQL">mysql</value>
        <value desc="ODBC">odbc</value>
        <value desc="PostgreSQL">pgsql</value>
       </values>
      </configenum>
      <configswitch name="protocol" desc="What protocol will we use to connect
      to the database?">unix
       <case name="unix" desc="UNIX Sockets">
        <configstring name="socket" required="false" desc="Location of UNIX
        socket"></configstring>
       </case>
       <case name="tcp" desc="TCP/IP">
        <configinteger name="port" required="false" desc="Port the DB is
        running on, if non-standard">5432</configinteger>
       </case>
      </configswitch>
      <configstring name="hostspec" desc="What hostname is the database server
      running on, or what is the name of the system DSN to use?">
      localhost</configstring>
      <configstring name="username" desc="What username do we authenticate to
      the database server as?">horde</configstring>
      <configstring name="password" required="false" desc="What password do we
      authenticate to the database server with?"/>
      <configstring name="database" desc="What database name/tablespace are we
      using?">horde</configstring>
      <configstring name="table" desc="The name of the auth table in the
      database">horde_users</configstring>
      <configstring name="username_field" desc="The name of the username field
      in the auth table">user_uid</configstring>
      <configstring name="password_field" desc="The name of the password field
      in the auth table">user_pass</configstring>
      <configstring name="domain_field" desc="If set to anything other than
      'none' this is used as field name where domain is
      stored">none</configstring>
      <configenum name="encryption" desc="The password hashing algorithm to use">ssha
       <values>
        <value>aprmd5</value>
        <value>crypt</value>
        <value>crypt-blowfish</value>
        <value>crypt-des</value>
        <value>crypt-md5</value>
        <value>crypt-sha256</value>
        <value>crypt-sha512</value>
        <value>md5-base64</value>
        <value>md5-hex</value>
        <value>plain</value>
        <value>sha</value>
        <value>smd5</value>
        <value>ssha</value>
       </values>
      </configenum>
      <configlist name="folders" required="false" desc="A list of folders to
      create under username"/>
      <configinteger name="quota" required="false" desc="The quota (in
      kilobytes) to grant on the mailbox"/>
      <configstring name="userhierarchy" required="false" desc="The user
      hierarchy prefix."/>
      <configlist name="hidden_accounts" required="false" desc="A list of accounts to
      hide from the user interface">cyrus</configlist>
     </configsection>
    </case>

    <case name="x509" desc="X509 Client Certificates">
      <configsection name="params">
        <configstring name="username_field" desc="The X509 field containing the username">
        SSL_CLIENT_S_DN_CN</configstring>
        <configswitch name="password_source" desc="Where should Horde attempt to
        find user passwords?">
          <case name="none" desc="Either no passwords are needed, or the
          postauthenticate hook will provide them."/>
          <case name="unified" desc="A single password will be used for all
          users. ONLY USE THIS IF YOU KNOW WHAT YOU ARE DOING! YOUR SYSTEM MUST
          BE PROPERLY SECURED!">
            <configstring name="unified_password" desc="The password to use.">
            </configstring>
          </case>
        </configswitch>
      </configsection>
    </case>
   </configswitch>
   <configsection name="params">
    <configboolean name="count_bad_logins" required="false" desc="Should Horde
    count the number of bad logins?">false</configboolean>
    <configboolean name="login_block" required="false" desc="Allow to block
    logins for certain users?">false</configboolean>
    <configinteger name="login_block_count" required="false" desc="After how
    many failed logins the login should be blocked? Setting 0 disables the
    feature">5</configinteger>
    <configinteger name="login_block_time" required="false" desc="How many
    minutes should the login be blocked? Setting 0 means permanent
    blocking">5</configinteger>
   </configsection>
  </configsection>

  <configsection name="tos">
   <configheader>Terms of Service Agreement</configheader>
   <configstring name="file" required="false" desc="If you want to require
   users to accept certain terms before they can use the system, enter the
   path of the agreement file to display here."/>
  </configsection>
 </configtab>

 <configtab name="signup" desc="Signing Up">
  <configsection name="signup">
   <configheader>Sign Up Settings</configheader>
   <configswitch name="allow" desc="Allow non-registered users to register and
   provide a link on the login screen?">false
    <case name="true" desc="Yes">
     <configswitch name="driver" desc="What signup driver should we
     use?">
      <case name="Sql" desc="SQL Database">
       <configsection name="params">
        <configsql switchname="driverconfig">
         <configstring name="table" required="false" desc="The name of the
         signup table in the database [horde_signups]"/>
        </configsql>
       </configsection>
      </case>
     </configswitch>
     <configstring name="email" desc="Specify an email address, if a message
     should be send to notify about new signups, including links for approving
     and denying." required="false"/>
     <configboolean name="approve" desc="Admin has to approve any user
     submitted registration requests? (WARNING: Setting to false would mean
     that every user who signs up would have automatic access to your horde
     system.)" required="false">true</configboolean>
    </case>
    <case name="false" desc="No" />
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="log" desc="Logging">
  <configsection name="log">
   <configheader>Logging Settings</configheader>
   <configswitch name="enabled" quote="false" desc="Should Horde log errors and
   other useful information?">true
    <case name="true" desc="Yes">
     <configenum name="priority" desc="What level of messages should we log?
     Each level logs itself and all those that come before it: ALERT would
     only log alerts and emergencies, but DEBUG would log everything.">NOTICE
      <values>
       <value desc="EMERG">EMERG</value>
       <value desc="ALERT">ALERT</value>
       <value desc="CRIT">CRIT</value>
       <value desc="ERR">ERR</value>
       <value desc="WARN">WARNING</value>
       <value desc="NOTICE">NOTICE</value>
       <value desc="INFO">INFO</value>
       <value desc="DEBUG">DEBUG</value>
      </values>
     </configenum>
     <configstring name="ident" required="false" desc="What identifier should
     we use in the logs?">HORDE</configstring>
     <configstring name="time_format" required="false" desc="What time format
     should we use in the logs? (Acceptable formats are the inputs to PHP's
     date() function). Leave blank to use the default."></configstring>

     <configswitch name="type" desc="What log driver should we use?">file
      <case name="file" desc="File">
       <configstring name="name" desc="Path to the log
       file">/tmp/horde.log</configstring>
       <configsection name="params">
        <configboolean name="append" desc="Should new log entries be appended
        to an existing log file? If this is false, new log files will
        overwrite existing ones.">true</configboolean>
        <configswitch name="format" required="false" desc="What format should
        the log entries be in?">default
         <case name="custom" desc="Custom Template">
          <configstring name="template" desc="The custom logging template
          to use."></configstring>
         </case>
         <case name="default" desc="Default" />
         <case name="xml" desc="XML" />
        </configswitch>
       </configsection>
      </case>

      <case name="stream" desc="PHP Stream">
       <configstring name="name" desc="A valid-PHP stream interface to use
       for logging."></configstring>
       <configsection name="params">
        <configswitch name="format" required="false" desc="What format should
        the log entries be in?">default
         <case name="custom" desc="Custom Template">
          <configstring name="template" desc="The custom logging template
          to use."></configstring>
         </case>
         <case name="default" desc="Default" />
         <case name="xml" desc="XML" />
        </configswitch>
       </configsection>
      </case>

      <case name="syslog" desc="Syslog">
       <configphp name="name" quote="false" desc="Syslog facility to use"/>
      </case>
     </configswitch>

    </case>
    <case name="false" desc="No"/>
   </configswitch>
  </configsection>
  <configboolean name="log_accesskeys" desc="Should Horde log statistics about
   used access keys? This is only useful for translators of the
   UI. You also need to set the log level to at least
   INFO.">false</configboolean>
 </configtab>

 <configtab name="prefs" desc="Preferences">
  <configsection name="prefs">
   <configheader>Preferences Settings</configheader>
   <configinteger name="maxsize" desc="The maximum size of a preferences entry
   (in bytes).">65535</configinteger>
   <configswitch name="driver" desc="What preferences driver should we
   use?">Sql
     <case name="Nosql" desc="NoSQL Database">
      <configsection name="params">
       <confignosql switchname="driverconfig" />
      </configsection>
     </case>
     <case name="Sql" desc="SQL Database">
      <configsection name="params">
       <configsql switchname="driverconfig">
        <configstring name="table" required="false" desc="The name of the
        preference table in the database [horde_prefs]"/>
       </configsql>
      </configsection>
     </case>
     <case name="File" desc="Files">
      <configsection name="params">
        <configstring name="directory" required="true" desc="Directory to store the preferences in."/>
      </configsection>
     </case>
     <case name="Ldap" desc="LDAP">
      <configsection name="params">
       <configldap switchname="driverconfig">
        <configstring name="uid" desc="The username search key for finding
        preferences">uid</configstring>
       </configldap>
      </configsection>
     </case>
     <case name="Session" desc="PHP Sessions"/>
     <case name="KolabImap" desc="IMAP/Kolab Server" />
     <case name="Imsp" desc="IMSP Server" />
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="alarms" desc="Alarms">
  <configsection name="alarms">
   <configheader>Alarms Settings</configheader>
   <configswitch name="driver" desc="What alarm storage driver should we
   use?">Sql
     <case name="false" desc="None"/>
     <case name="Sql" desc="SQL Database">
      <configsection name="params">
       <configsql switchname="driverconfig">
        <configstring name="table" required="false" desc="The name of the
        alarm table in the database [horde_alarms]"/>
       </configsql>
       <configinteger name="ttl" desc="How often should the applications be
       queried for new alarms, in seconds?">300</configinteger>
      </configsection>
     </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="group" desc="Groups">
  <configsection name="group">
   <configheader>Groups Settings</configheader>
   <configswitch name="driver" desc="What backend should we use for Horde
   Groups?">Sql
    <case name="Kolab" desc="Kolab">
     <configsection name="params">
      <configldap switchname="driverconfig">
       <configstring name="gid" desc="The group search key">cn</configstring>
       <configstring name="memberuid" desc="Group membership field">
       memberUid</configstring>
       <configboolean name="attrisdn" required="false"
        desc="If checked, the user member attributes returned from LDAP are
       expected to be fully qualified DNs"/>
       <configlist name="newgroup_objectclass" desc="What objectclasses should
       a new group be member of? These objectclasses should cover the mail and
       gidnumber attributes as well as the group search key">
       posixGroup,hordeGroup</configlist>
       <configstring name="writedn" desc="DN used to bind for creating and
       editing LDAP groups." required="false"/>
       <configstring name="writepw" desc="Password for bind DN."
       required="false"/>
       <configsection name="search">
        <configswitch name="filter_type" desc="How to specify a filter for the
        group lists">objectclass
         <case name="objectclass" desc="One or more objectclass filters">
          <configlist name="objectclass" desc="The objectclass filter used to
          search for groups. Can be a single objectclass or a list.">
          posixGroup</configlist>
         </case>
         <case name="filter" desc="A complete LDAP filter expression">
          <configstring name="filter" desc="The LDAP RFC formatted filter used
          to search for groups."/>
         </case>
        </configswitch>
       </configsection>
      </configldap>
     </configsection>
    </case>
    <case name="Ldap" desc="LDAP">
     <configsection name="params">
      <configldap switchname="driverconfig">
       <configstring name="gid" desc="The group search key">cn</configstring>
       <configstring name="memberuid" desc="Group membership field">
       memberUid</configstring>
       <configswitch name="attrisdn" required="false" desc="Are the user member
       attributes returned from LDAP expected to be fully qualified DNs?">false
        <case name="false" desc="No"/>
        <case name="true" desc="Yes">
          <configldapuser/>
        </case>
       </configswitch>
       <configlist name="newgroup_objectclass" desc="What objectclasses should
       a new group be member of? These objectclasses should cover the mail and
       gidnumber attributes as well as the group search key">
       posixGroup,hordeGroup</configlist>
       <configstring name="writedn" desc="DN used to bind for creating and
       editing LDAP groups." required="false"/>
       <configstring name="writepw" desc="Password for bind DN."
       required="false"/>
       <configsection name="search">
        <configswitch name="filter_type" desc="How to specify a filter for the
        group lists">objectclass
         <case name="objectclass" desc="One or more objectclass filters">
          <configlist name="objectclass" desc="The objectclass filter used to
          search for groups. Can be a single objectclass or a list.">
          posixGroup</configlist>
         </case>
         <case name="filter" desc="A complete LDAP filter expression">
          <configstring name="filter" desc="The LDAP RFC formatted filter used
          to search for groups."/>
         </case>
        </configswitch>
       </configsection>
      </configldap>
     </configsection>
    </case>
    <case name="Mock" desc="No Groups"/>
    <case name="Sql" desc="SQL">
     <configsection name="params">
      <configsql switchname="driverconfig" />
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="perms" desc="Permissions">
  <configsection name="perms">
   <configheader>Permissions Settings</configheader>
   <configswitch name="driver" desc="What backend should we use for Horde
   Permissions?">Sql
    <case name="Null" desc="Disable Permissions"/>
    <case name="Sql" desc="SQL">
     <configsql switchname="driverconfig" />
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="share" desc="Shares">
  <configheader>Shares Settings</configheader>
  <configdescription>Shares are objects or lists that can be shared with other
  users, e.g. calendars that other users can be given read or write access
  to.</configdescription>
  <configsection name="share">
   <configheader>Allow Sharing?</configheader>
   <configboolean name="no_sharing" required="false" desc="Prevent users from
   editing permissions on their shares. This will keep a user from granting
   other users (or guests) access to their address book, notebook, calendar,
   etc.">false</configboolean>
   <configboolean name="auto_create" required="false" desc="Automatically
   create personal default shares for any users that don't own any
   shares?">true</configboolean>
   <configboolean name="world" required="false" desc="If you enable this
   option, users will be able to share their resources with all (authenticated
   and guest) users on the system.">true</configboolean>
   <configboolean name="any_group" required="false" desc="If you enable this
   option, users will be able to share their resources with any group,
   regardless of whether or not they are a member. If you disable it, users
   will only be able to share their resources with groups they are members
   of.">false</configboolean>
   <configboolean name="hidden" required="false" desc="If you enable this
   option, the shares that a user has access to will NOT be displayed
   automatically, but only if the user subscribed to
   them.">false</configboolean>
   <configheader>Share Caching</configheader>
   <configdescription>Enabling share caching improves performance because the
   share backend will only be queried once per session. But it also increases
   the users' session sizes, and share changes won't take effect before the
   users log in the next time.</configdescription>
   <configboolean name="cache" required="false" desc="Enable share
   caching?">false</configboolean>
   <configheader>Shares Driver</configheader>
   <configdescription>
     You can use different driver types for the Horde Share
     system. The default driver is the SQL-NG driver.
   </configdescription>
   <configenum name="driver" desc="What backend should we use for Horde
   Shares?">Sqlng
    <values>
     <value desc="IMAP/Kolab">Kolab</value>
     <value desc="Next-Generation SQL">Sqlng</value>
     <value desc="SQL">Sql</value>
    </values>
   </configenum>
  </configsection>
 </configtab>

 <configtab name="cache" desc="Caching">
  <configsection name="cache">
   <configheader>Caching Settings</configheader>
   <configinteger name="default_lifetime" desc="How long, in seconds, should
   data be cached by default?">86400</configinteger>
   <configswitch name="driver" desc="If you want to enable the Horde Cache,
   select a driver here. This is used to speed up portions of Horde by storing
   commonly processed objects.">File
    <case name="Null" desc="Don't cache any data (NOT RECOMMENDED)"/>
    <case name="Apc" desc="Use the APC cache (NOT RECOMMENDED)">
     <configdescription>
     APC is not recommended for general purpose caching as it is not
     persistent and the size of the cached data for even a small installation
     (25+ users) will likely exceed the default APC storage size.
     </configdescription>
     <configsection name="params">
      <configstring name="prefix" required="false" desc="The prefix to use for
      cache entries."/>
     </configsection>
    </case>
    <case name="File" desc="Store data in filesystem">
     <configsection name="params">
      <configstring name="dir" required="false" desc="The location to store the
      cached files"/>
      <configinteger name="sub" required="false" desc="If non-zero, the number
      of subdirectories to create to store the file (see, e.g.,
      http://php.net/manual/en/ref.session.php#ini.session.save-path). When
      creating the directory tree, the md5sum of the cache id will be used.
      Thus, each level of the tree will have up to 16 subdirectories named
      [0-9a-f].">0</configinteger>
      <configstring name="prefix" required="false" desc="The filename prefix to
      use for the cache files."/>
     </configsection>
    </case>
    <case name="Hashtable" desc="Use a Distributed Hash Table server">
     <configsection name="params">
      <configstring name="prefix" required="false" desc="The prefix to use for
      cache entries."/>
     </configsection>
    </case>
    <case name="Nosql" desc="NoSQL-based cache storage">
     <configsection name="params">
      <confignosql switchname="driverconfig" />
     </configsection>
    </case>
    <case name="Sql" desc="SQL-based cache storage (NOT RECOMMENDED)">
     <configdescription>
     SQL is not recommended for caching as the overhead required to
     store/retreive the data cancels much of the benefit of caching.
     </configdescription>
     <configsection name="params">
      <configsql switchname="driverconfig">
       <configstring name="table" required="false" desc="The name of the
       cache table in the database [horde_cache]"/>
      </configsql>
     </configsection>
    </case>
    <case name="Xcache" desc="Use the xCache cache (NOT RECOMMENDED)">
     <configdescription>
     xCache is not recommended for general purpose caching as it is not
     persistent and the size of the cached data for even a small installation
     (25+ users) will likely exceed the default xCache storage size.
     </configdescription>
     <configsection name="params">
      <configstring name="prefix" required="false" desc="The prefix to use for
      cache entries."/>
     </configsection>
    </case>
   </configswitch>
   <configswitch name="use_memorycache" required="false" desc="Use a
   separate memory cache driver to store data in memory? If data is not found
   in this driver, we will fall back to accessing the persistent backend. This
   setting has no effect if already using a memory caching backend.">
    <case name="" desc="None"/>
    <case name="Apc" desc="APC"/>
    <case name="Eaccelerator" desc="eAccelerator"/>
    <case name="Hashtable" desc="Hashtable"/>
    <case name="Xcache" desc="xCache"/>
   </configswitch>
  </configsection>

  <configheader>CSS Caching</configheader>
  <configdescription>
   CSS caching packages all stylesheets used in a page into a single file
   sent to the browser. It also allows compression and optimization of this
   file to reduce the data size. Caching reduces server load, speeds up the
   user's browsing experience, and is HIGHLY RECOMMENDED.
  </configdescription>
  <configswitch name="cachecss" desc="Cache CSS?">false
   <case name="false" desc="No">
    <configsection name="cachecssparams">
     <configboolean name="url_version_param" desc="Add version information to
     CSS URLs?">true</configboolean>
    </configsection>
   </case>
   <case name="true" desc="Yes">
    <configsection name="cachecssparams">
     <configswitch name="driver" desc="How should we store the cached data?">
      <case name="filesystem" desc="Filesystem (recommended)">
       <configdescription>
       For filesystem caching to work, the "static" directory in the horde
       base must be writable by the user the web server is running as. If
       running Horde in a cluster (or behind a single web frontend), to use
       filesystem caching it is best to have every PHP backend server have
       access to a shared drive that is visible and mounted to the "static"
       directory on the web frontend. (NOTE: if you manually change the CSS
       files, you will need to manually delete the cached CSS static files to
       see the changes.)
       </configdescription>
      </case>
      <case name="horde_cache" desc="Horde Cache">
       <configdescription>
        &lt;strong&gt;Requires a configured Horde caching
        backend.&lt;/strong&gt; This method is STRONGLY DISCOURAGED. Browsers
        will likely cache this data and ignore updates, even though we append
        a "cache-busting" unique version parameter to the URL. You almost
        certainly want to use 'filesystem' instead.
       </configdescription>
      </case>
     </configswitch>
     <configboolean name="filemtime" desc="Expire cache if the modification
     time of a CSS file has changed? This setting is useful for development
     installations. It should not be used in production environments, as it
     requires a filestat of every CSS file loaded on a
     page">false</configboolean>
     <configinteger name="lifetime" desc="Lifetime of the cached files, in
     seconds.">86400</configinteger>
    </configsection>
   </case>
  </configswitch>

  <configheader>Javascript Caching</configheader>
  <configdescription>
   Javascript caching packages all static javascript files used in a page into
   more efficient chunks to send to the browser. It also allows compression
   and optimizations of this file to reduce the data size. Caching reduces
   server load, speeds up the user's browsing experience, and is HIGHLY
   RECOMMENDED.
  </configdescription>
  <configswitch name="cachejs" desc="Cache javascript?">false
   <case name="false" desc="No">
    <configsection name="cachejsparams">
     <configboolean name="url_version_param" desc="Add version information to
     javascript URLs?">true</configboolean>
    </configsection>
   </case>
   <case name="true" desc="Yes">
    <configsection name="cachejsparams">
     <configswitch name="driver" desc="How should we store the cached data?">
      <case name="filesystem" desc="Filesystem (recommended)">
       <configdescription>
       For filesystem caching to work, the "static" directory in the horde
       base must be writable by the user the web server is running as. If
       running Horde in a cluster (or behind a single web frontend), to use
       filesystem caching it is best to have every PHP backend server have
       access to a shared drive that is visible and mounted to the "static"
       directory on the web frontend.
       </configdescription>
      </case>
      <case name="horde_cache" desc="Horde Cache">
       <configdescription>
        &lt;strong&gt;Requires a configured Horde caching
        backend.&lt;/strong&gt; This method is STRONGLY DISCOURAGED. Browsers
        will likely cache this data and ignore updates, even though we append
        a "cache-busting" unique version parameter to the URL. You almost
        certainly want to use 'filesystem' instead.
       </configdescription>
      </case>
     </configswitch>
     <configswitch name="compress" desc="How should we compress the cached
     files?">php
      <case name="none" desc="No compression" />
      <case name="closure" desc="Google Closure Compiler (Best compression,
      slowest speed)">
       <configstring name="javapath" desc="The path to the Java
       application launcher.">/opt/java/jre/bin/java</configstring>
       <configstring name="closurepath" desc="The path to the Closure compiler
       .jar file"></configstring>
       <configstring name="cmdline" required="false" desc="Any additional
       command line arguments to use."></configstring>
      </case>
      <case name="php" desc="Built-in compressor (Medium compression, good
      speed)" />
      <case name="uglifyjs" desc="UglifyJS (NodeJS compressor; good
      compression, good speed)">
       <configstring name="uglifyjspath" desc="The path to the uglifyjs
       binary"></configstring>
       <configstring name="uglifyjscmdline" desc="The command line options
       to use">-c</configstring>
      </case>
      <case name="yui" desc="YUI Compressor (Best compression, slowest
      speed)">
       <configstring name="javapath" desc="The path to the Java
       application launcher.">/opt/java/jre/bin/java</configstring>
       <configstring name="yuipath" desc="The path to the YUI compressor
       .jar file"></configstring>
       <configstring name="cmdline" required="false" desc="Any additional
       command line arguments to use."></configstring>
      </case>
     </configswitch>
     <configinteger name="lifetime" desc="Lifetime of the cached files, in
     seconds.">604800</configinteger>
    </configsection>
   </case>
  </configswitch>

  <configheader>Theme Caching</configheader>
  <configdescription>
   Theme caching optimizes display of themed elements. Caching reduces
   server load (specifically by dramatically reducing filesystem access), and
   is HIGHLY RECOMMENDED. &lt;strong&gt;Requires a configured Horde caching
   backend.&lt;/strong&gt;
  </configdescription>
  <configswitch name="cachethemes" desc="Cache themes?">false
   <case name="false" desc="No" />
   <case name="true" desc="Yes">
    <configsection name="cachethemesparams">
     <configswitch name="check" desc="The method to use to check for updated
     theme information.">appversion
      <case name="appversion" desc="Application versions">
       <configdescription>
        The theme cache will be updated only when a new Horde version is
        installed. This is the RECOMMENDED setting for most installations.
       </configdescription>
      </case>
      <case name="none" desc="None">
       <configdescription>
        The theme cache is never checked for consistency. Once created, it
        will be used until the cache entry expires.
       </configdescription>
      </case>
     </configswitch>
     <configinteger name="lifetime" desc="Lifetime of the cached files, in
     seconds.">604800</configinteger>
    </configsection>
   </case>
  </configswitch>
 </configtab>

 <configtab name="lock" desc="Locking">
  <configsection name="lock">
   <configheader>Locking Settings</configheader>
   <configswitch name="driver" desc="If you want to enable resource locking
   you must choose a driver here.">Sql
    <case name="Null" desc="Disable Horde Locks"/>
    <case name="Nosql" desc="NoSQL-based locking">
     <configsection name="params">
      <confignosql switchname="driverconfig" />
     </configsection>
    </case>
    <case name="Sql" desc="SQL-based locking">
     <configsection name="params">
      <configsql switchname="driverconfig">
       <configstring name="table" required="false" desc="The name of the
       locking table in the database [horde_locks]"/>
      </configsql>
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="token" desc="Tokens">
  <configsection name="token">
   <configheader>Tokens Settings</configheader>
   <configinteger name="timeout" required="false" desc="The period (in
   seconds) after which an id is purged"/>
   <configswitch name="driver" desc="If you want to enable Form Tokens, select
   a driver here. This is used by the Horde::Form:: API and some other parts
   of Horde to ensure that a form can only be submitted once.">Sql
    <case name="Null" desc="Disable Form Tokens"/>
    <case name="File" desc="Local filesystem token storage">
     <configsection name="params">
      <configstring name="token_dir" required="false" desc="The directory where
      to keep token files"/>
     </configsection>
    </case>
    <case name="Nosql" desc="NoSQL-based token storage">
     <configsection name="params">
       <confignosql switchname="driverconfig" />
     </configsection>
    </case>
    <case name="Sql" desc="SQL-based token storage">
     <configsection name="params">
      <configsql switchname="driverconfig">
       <configstring name="table" required="false" desc="The name of the
       tokens table in the database [horde_tokens]"/>
      </configsql>
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="history" desc="History">
  <configsection name="history">
   <configheader>History Settings</configheader>
   <configswitch name="driver" desc="If you want to enable history tracking,
   select a driver here. This is required by various subsystems.">Sql
    <case name="None" desc="Disable history"/>
    <case name="Nosql" desc="NoSQL-based history storage">
     <configsection name="params">
       <confignosql switchname="driverconfig" />
     </configsection>
    </case>
    <case name="Sql" desc="SQL-based history storage">
     <configsection name="params">
       <configsql switchname="driverconfig" />
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="dav" desc="DAV">
  <configsection name="davstorage">
   <configheader>DAV Settings</configheader>
   <configswitch name="driver" desc="If you want to use CalDAV or CardDAV,
   select a driver here.">Sql
    <case name="Null" desc="Disable CalDAV/CardDAV support"/>
    <case name="Sql" desc="SQL-based metadata storage">
     <configsection name="params">
      <configsql switchname="driverconfig"/>
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="mailer" desc="Mailer">
  <configsection name="mailer">
   <configheader>Mailer Settings</configheader>
   <configswitch name="type" desc="What method should we use for sending
   mail?">sendmail
    <case name="null" desc="Disable mailing" />
    <case name="sendmail" desc="Local sendmail binary">
     <configsection name="params">
      <configstring name="sendmail_path" required="false" desc="The location
      of the sendmail binary on the filesystem
      [/usr/sbin/sendmail]">/usr/lib/sendmail</configstring>
      <configstring name="sendmail_args" required="false" desc="Any extra
      parameters to pass to the sendmail or sendmail wrapper
      binary">-oi</configstring>
      <configstring name="sendmail_eol" required="false" desc="The end-of-line
      (EOL) sequence to use when piping the message to the sendmail binary.
      It is not possible to reliably auto-configure sendmail, so if your
      messages are being sent incorrectly, you should adjust this value (if
      blank, the system default is used)."></configstring>
     </configsection>
    </case>
    <case name="smtp" desc="SMTP server (HIGHLY RECOMMENDED)">
     <configsection name="params">
      <configstring name="host" required="false" desc="The server to connect
      to [localhost]"/>
      <configinteger name="port" required="false" desc="The port to connect
      to [25]. This is HIGHLY RECOMMENDED to be 587, the mail submission port.
      (RFC 6409/STD 72; sending mail via port 25 is DEPRECATED.)"/>
      <configenum name="secure" desc="The encryption to use to connect to
      the SMTP server.">tls
       <values>
        <value>none</value>
        <value>tls</value>
        <value>ssl</value>
       </values>
      </configenum>
      <configstring name="localhost" required="false" desc="The local hostname
      / domain [localhost]"/>
      <configswitch name="auth" desc="Authenticate to SMTP server?">false
       <case name="false" desc="No" />
       <case name="true" desc="Yes">
        <configdescription>SMTP Authentication requires a TLS connection.
        There is no need to configure the secure connection as it is always
        used by Horde.</configdescription>
        <configstring name="username" required="false" desc="The master
        username to use for SMTP auth. Will be used if username_auth is false
        OR for unauthenticated Horde accesses."/>
        <configboolean name="username_auth" required="false" desc="If
        authenticated, use the Horde authentication
        username?">true</configboolean>
        <configstring name="password" required="false" desc="The master
        password to use for SMTP auth. Will be used if password_auth is false
        OR for unauthenticated Horde accesses."/>
        <configboolean name="password_auth" required="false" desc="If
        authenticated, use the Horde authentication
        password?">true</configboolean>
       </case>
      </configswitch>
      <configboolean name="lmtp" required="false" desc="Is this an LMTP
      (Local Mail Transfer Protocol) server?">false</configboolean>
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="vfs" desc="Virtual File Storage">
  <configsection name="vfs">
   <configheader>Virtual File Storage Settings</configheader>
   <configvfs baseconfig="true" switchname="type" default="Sql"/>
  </configsection>
 </configtab>

 <configtab name="session" desc="Session Handler">
  <configsection name="sessionhandler">
   <configheader>Session Handler Settings</configheader>
   <configdescription>
    &lt;strong&gt;Unless you are running Horde on a PHP cluster, there is NO
    reason to use any session handler backend other than Builtin (i.e. session
    data stored on local filesystem).&lt;/strong&gt;
   </configdescription>
   <configswitch name="type" desc="What sessionhandler driver should we
   use?">Builtin
    <case name="Builtin" desc="Use the default PHP session handler (file-based
    by default)">
     <configdescription>
      If you have configured a custom session extension in php.ini (such as
      native memcache sessions) then you should use this option. Horde doesn't
      force PHP to use the file-based session handler, so your php.ini
      settings settings will be deferred to.
     </configdescription>
    </case>
    <case name="External" desc="Use your own custom session handler">
     <configsection name="params">
      <configstring name="open" desc="Your open() function"/>
      <configstring name="close" desc="Your close() function"/>
      <configstring name="read" desc="Your read() function"/>
      <configstring name="write" desc="Your write() function"/>
      <configstring name="destroy" desc="Your destroy() function"/>
      <configstring name="gc" desc="Your gc() function"/>
     </configsection>
    </case>
    <case name="File" desc="Filesystem storage">
     <configsection name="params">
      <configstring name="path" desc="The path to save the session files
      in.">/tmp/</configstring>
     </configsection>
    </case>
    <case name="HashTable" desc="Distributed Hash Table">
     <configsection name="params">
      <configswitch name="track" required="false" desc="Keep track of active
      session information? Tracking requires extra load to maintain.">false
       <case name="false" desc="No" />
       <case name="true" desc="Yes" />
      </configswitch>
     </configsection>
    </case>
    <case name="Nosql" desc="NoSQL Database">
     <configsection name="params">
       <confignosql switchname="driverconfig" />
     </configsection>
    </case>
    <case name="Sql" desc="SQL Database">
     <configsection name="params">
      <configsql switchname="driverconfig">
       <configstring name="table" required="false" desc="The name of the
       preference table in the database [horde_sessionhandler]"/>
      </configsql>
     </configsection>
    </case>
   </configswitch>
   <configboolean name="hashtable" desc="Use a distributed hash table to cache
   session information?">false</configboolean>
  </configsection>
 </configtab>

 <configtab name="proxy" desc="HTTP Proxy">
  <configsection name="http">
   <configsection name="proxy">
    <configheader>HTTP Proxy Settings</configheader>
    <configdescription>
     If you need to use a proxy for fetching HTTP resources (feeds,
     security keys, external calendars or free/busy information,
     etc.), configure it here.
    </configdescription>
    <configstring name="proxy_host" required="false" desc="Proxy host"/>
    <configinteger name="proxy_port" required="false" desc="Proxy port"/>
    <configstring name="proxy_user" required="false" desc="Proxy user if
    necessary"/>
    <configstring name="proxy_pass" required="false" desc="Proxy password"/>
   </configsection>
  </configsection>
 </configtab>

 <configtab name="spell" desc="Spell Checker">
  <configsection name="spell">
   <configheader>Spell Checker Settings</configheader>
   <configswitch name="driver" required="false" desc="Choose a Spell Checking
    backend">
    <case name="" desc="None" />
    <case name="aspell" desc="aspell (command line)">
     <configsection name="params">
      <configstring name="path" required="false" desc="Enter the location of
      the aspell binary" />
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="gnupg" desc="GnuPG">
  <configsection name="gnupg">
   <configheader>GnuPG Settings</configheader>
   <configstring name="path" required="false" desc="If you want users to have
   the option of using the GNU Privacy Guard program to decrypt/encrypt PGP
   files, enter the location of the 'gpg' binary here.  If this is empty this
   feature will be disabled. Additional command line arguments, if needed
   locally (e.g. extensions), can be added at the end of this entry."/>
   <configmultienum name="keyserver" required="false" desc="The address
   of the public PGP keyserver(s) to use.">pool.sks-keyservers.net
    <values>
     <value>pool.sks-keyservers.net</value>
     <value>subkeys.pgp.net</value>
     <value>pgp.mit.edu</value>
    </values>
   </configmultienum>
   <configinteger name="timeout" required="false" desc="The timeout for
   connecting to the PGP keyserver. Timeouts are not supported on all
   systems.">10</configinteger>
  </configsection>
 </configtab>

 <configtab name="openssl" desc="OpenSSL">
  <configsection name="openssl">
   <configheader>OpenSSL Settings</configheader>
   <configstring name="cafile" required="false" desc="The location of the root
   certificates bundle, e.g. /etc/ssl/certs. See
   http://www.php.net/manual/en/openssl.cert.verification.php for
   details."/>
   <configstring name="path" required="false" desc="The location of the OpenSSL
   binary on your system, e.g. /usr/bin/openssl. This program is REQUIRED to
   import personal S/MIME certificate information, as there is no native PHP
   function that can read pkcs12 files."/>
  </configsection>
 </configtab>

 <configtab name="themes" desc="Themes">
  <configheader>Theme Settings</configheader>
  <configboolean name="nobase64_img" required="false" desc="Always send full
  URLs for image data? By default, Horde will send image data within the page
  itself if the browser supports it. This eliminates the need for additional
  server connections to grab the image data, at the expense of slightly
  larger page sizes.">false</configboolean>
 </configtab>

 <configtab name="image" desc="Image Manipulation">
  <configsection name="image">
   <configheader>Image Manipulation Settings</configheader>
   <configswitch name="driver" description="What driver should we use for
   manipulating images?">false
    <case name="false" desc="None"/>
    <case name="Imagick" desc="The PECL Imagick Library (recommended)"/>
    <case name="Im" desc="Imagemagick">
     <configstring name="convert" desc="Path to the 'convert' binary"/>
     <configstring name="identify" desc="Path the 'identify' binary"/>
    </case>
    <case name="Gd" desc="The PHP GD2 extensions (not recommended)"/>
   </configswitch>
  </configsection>
  <configsection name="exif" desc="Image Metadata">
   <configheader>Image Metadata Driver Settings</configheader>
   <configswitch name="driver" description="What driver should we use for
   obtaining image metadata?">Bundled
   <case name="Exiftool" desc="Exiftool (recommended)">
    <configsection name="params">
     <configstring name="exiftool" desc="Path to the exiftool binary on your
     system"></configstring>
    </configsection>
   </case>
   <case name="Php" desc="Native PHP functions" />
   <case name="Bundled" desc="Bundled implementation in PHP" />
  </configswitch>
  </configsection>
 </configtab>

 <configtab name="mime" desc="MIME Detection">
  <configsection name="mime">
   <configheader>MIME Detection Settings</configheader>
   <configstring name="magic_db" required="false" desc="Location of the MIME
   magic database. This only needs to be set if PHP cannot auto-determine the
   value (the output from the test script will clearly indiciate if this is
   an issue)."/>
  </configsection>
 </configtab>

 <configtab name="geoip" desc="Country Lookup">
  <configsection name="geoip">
   <configheader>Country Lookup Settings</configheader>
   <configstring name="datafile" required="false" desc="Horde, by default, can
   do Hostname -&gt; Country lookup using the top level domain (e.g. 'uk',
   'de') of the hostname.  However, many popular top level domains
   (e.g. 'com', 'net') span more than one country.  In these instances, Horde
   can use the MaxMind GeoIP Hostname to Country lookup to try to determine
   the correct country.  To activate this functionality, the geoip PECL
   extension must be installed.  If that extension doesn't exist, Horde can
   use a PHP only method of querying the database if the GeoIP.dat country
   database is present on your local system.  This file can be downloaded
   free of charge from http://www.maxmind.com/download/geoip/database/.  If
   this database is present, specify the full path name to the database below.
   If empty, the GeoIP lookup will not be performed."/>
  </configsection>
 </configtab>

 <configtab name="timezone" desc="Timezone Lookup">
  <configsection name="timezone">
   <configheader>Timezone Lookup Settings</configheader>
   <configstring name="location" required="false" desc="Horde may
   lookup timezone information from a global timezone database, also
   known as Olson database. You can enter any http://, ftp:// or
   file:// location
   here.">ftp://ftp.iana.org/tz/tzdata-latest.tar.gz</configstring>
  </configsection>
 </configtab>

 <configtab name="problems" desc="Problem Reporting">
  <configsection name="problems">
   <configheader>Problem Reporting Settings</configheader>
   <configswitch name="tickets" desc="If a ticket system with a
   tickets/addTicket API method is present, should we create tickets for
   problem reports instead of emailing them?">false
    <case name="true" desc="Yes">
     <configphp name="ticket_params" desc="Enter as a PHP array any
     additional arguments for the created ticket (queue, state, priority,
     etc). Example for Whups: array('queue' => 2, 'state' => 1, 'priority' => 1,
     'type' => 1). You will need to look up the appropriate IDs in Whups's
     database, or whatever is appropriate for the ticket system you are
     using.">array()</configphp>
    </case>
    <case name="false" desc="No">
     <configstring name="email" desc="Where should problem report emails be
     sent?">webmaster@example.com</configstring>
     <configstring name="maildomain" desc="If Horde cannot determine a user's
     email address, this domain will be appended to their
     username.">example.com</configstring>
     <configstring name="username" required="false" desc="If requiring SMTP
     authentication without a global SMTP user (in section &quot;Mailer&quot;
     and allowing problem reporting for not authenticated users (in section
     &quot;Menu Settings&quot;), what username should be use for SMTP
     authentication?"/>
     <configstring name="password" required="false" desc="The password to use"/>
    </case>
   </configswitch>
   <configboolean name="attachments" required="false" desc="Allow users to
   upload file attachments to the problem report?">true</configboolean>
  </configsection>
 </configtab>

 <configtab name="menu" desc="Menu">
  <configheader>Menu Settings</configheader>
  <configsection name="menu">
   <configsection name="links">
    <configenum name="help" desc="Should we display help links in the
    menu?">all
     <values>
      <value desc="All users">all</value>
      <value desc="Authenticated users">authenticated</value>
      <value desc="Never">never</value>
     </values>
    </configenum>
    <configenum name="prefs" desc="Should we display preferences links in the
    menu? You still need to configure a preference backend in the
    &quot;Preferences&quot; section.">authenticated
     <values>
      <value desc="All users">all</value>
      <value desc="Authenticated users">authenticated</value>
      <value desc="Never">never</value>
     </values>
    </configenum>
    <configenum name="problem" desc="Should we display problem reporting links
    in the menu?">all
     <values>
      <value desc="All users">all</value>
      <value desc="Authenticated users">authenticated</value>
      <value desc="Never">never</value>
     </values>
    </configenum>
    <configenum name="login" desc="Should we display a login link in the menu
    when not logged in?">all
     <values>
      <value desc="All users">all</value>
      <value desc="Never">never</value>
     </values>
    </configenum>
    <configenum name="logout" desc="Should we display a logout link in the
    menu when logged in?">authenticated
     <values>
      <value desc="Authenticated users">authenticated</value>
      <value desc="Never">never</value>
     </values>
    </configenum>
    <configenum name="login" desc="Should we display a login link in the menu
    when not logged in?">all
     <values>
      <value desc="All users">all</value>
      <value desc="Never">never</value>
     </values>
    </configenum>
    <configenum name="logout" desc="Should we display a logout link in the
    menu when logged in?">authenticated
     <values>
      <value desc="Authenticated users">authenticated</value>
      <value desc="Never">never</value>
     </values>
    </configenum>
   </configsection>
  </configsection>
 </configtab>

 <configtab name="block" desc="Portal Blocks">
  <configsection name="portal">
   <configheader>Portal Blocks Settings</configheader>
   <configmultienum name="fixed_blocks" muldesc="Which blocks should always be
    displayed in the portal?">
    <values>
     <configspecial application="horde" name="blocks" />
    </values>
   </configmultienum>
  </configsection>

  <configheader>Fortune Configuration</configheader>
  <configsection name="fortune">
   <configstring name="exec_path" required="false" desc="Path to fortune
   executable, e.g. /usr/games/fortune"/>
  </configsection>

  <configheader>Account Info Configuration</configheader>
  <configsection name="accounts">
   <configswitch name="driver" desc="What driver should we use?">null
    <case name="null" desc="None"/>
    <case name="localhost" desc="Localhost">
     <configsection name="params">
      <configstring name="quota_path" desc="Path to the quota program">
      /usr/bin/quota</configstring>
      <configstring name="grep_path" desc="Path to the grep program">
      /bin/grep</configstring>
      <configboolean name="translateMountPoint" desc="Should we translate home
      directories to mount point device names?">false</configboolean>
      <configstring name="translationTable" desc="File to translate directory
      names to mount point device names?">/etc/mtab</configstring>
     </configsection>
    </case>
    <case name="finger" desc="Finger">
     <configsection name="params">
      <configstring name="finger_path" desc="Path to the finger
      program">/usr/bin/finger</configstring>
      <configstring name="host" desc="Host to request finger information
      from" required="false"/>
     </configsection>
    </case>
    <case name="ldap" desc="LDAP">
     <configsection name="params">
      <configldap switchname="driverconfig">
       <configstring name="attr" desc="LDAP attribute to search on">
       uid</configstring>
       <configboolean name="strip" desc="Strip domain from user
       name?">false</configboolean>
      </configldap>
     </configsection>
    </case>
    <case name="kolab" desc="Kolab (LDAP)">
     <configsection name="params">
      <configdescription>This will use the parameters set in the Kolab
      Groupware Server tab. You must enable Kolab integration for this to
      work.</configdescription>
      <configstring name="attr" desc="LDAP attribute to search
      on">uid</configstring>
      <configboolean name="strip" desc="Strip domain from user
      name?">false</configboolean>
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="user" desc="User Capabilities and Constraints">
  <configsection name="user">
   <configheader>User Capabilities and Constraints</configheader>
   <configboolean name="verify_from_addr" desc="If users are adding new From:
   addresses to their identities, should we send them a confirmation message
   to verify that the email address is really theirs?">false</configboolean>
   <configswitch name="select_view" desc="Allow user to select the application
   view mode on login?">true
    <case name="true" desc="Yes"/>
    <case name="false" desc="No">
     <configenum name="force_view" desc="Force an application view to be used
     for all users?">
      <values>
       <value desc="None (use user's browser and application
       preferences)"></value>
       <value desc="Basic">basic</value>
       <value desc="Dynamic">dynamic</value>
       <value desc="Mobile">mobile</value>
       <value desc="Smartphone">smartmobile</value>
      </values>
     </configenum>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="api" desc="API Keys">
  <configsection name="api">
   <configheader>API Keys Settings</configheader>
   <configstring name="googlemaps" desc="Google Maps API Key"
   required="false"/>
   <configstring name="googlesafebrowsing" desc="Google Safe Browsing API Key"
   required="false"/>
   <configstring name="googlesearch" desc="Google AJAX Search API Key"
   required="false"/>
   <configstring name="yahoomaps" desc="Yahoo Maps API Key" required="false" />
   <configstring name="cloudmade" desc="Cloudmade API Key" required="false" />
   <configstring name="mytopo" desc="Mytopo Maps API Key" required="false" />
   <configstring name="mytopo_partnerID" desc="Mytopo partner id" required="false" />
   <configstring name="bing" desc="Bing Maps API Key" required="false" />
  </configsection>
  <configsection name="facebook">
   <configheader>Facebook Integration Settings</configheader>
   <configdescription>If you want to allow your users to interact with their
   Facebook profiles, and you've set up the necessary settings on Facebook, you
   can enter the key and secret here. See
   http://wiki.horde.org/Doc/Admin/Config/Horde/Facebook for
   details.</configdescription>
   <configswitch name="enabled">false
    <case name="false" desc="Disabled" />
    <case name="true" desc="Enabled">
     <configstring name="id" desc="Application API ID"></configstring>
     <configstring name="secret" desc="Application Secret"></configstring>
    </case>
   </configswitch>
  </configsection>
  <configsection name="twitter">
   <configheader>Twitter Integration Settings</configheader>
   <configdescription>If you want to allow your users to interact with their
   Twitter account, enable this section. You must setup an application on
   Twitter and obtain the OAuth secret and key from Twitter. See
   http://wiki.horde.org/Doc/Admin/Config/Horde/Twitter for details.
  </configdescription>
   <configswitch name="enabled">false
    <case name="false" desc="Disabled" />
    <case name="true" desc="Enabled">
      <configstring name="key" required="false" desc="OAuth Consumer Key:"></configstring>
      <configstring name="secret" required="false" desc="OAuth Consumer Secret:"></configstring>
    </case>
   </configswitch>
  </configsection>
  <configheader>Url Shortening</configheader>
   <configenum name="urlshortener" desc="Should Horde use a URL shortening
   service? This will be used when submitting URLs to social network providers.">
    <values>
      <value desc="None">false</value>
      <value desc="TinyUrl">TinyUrl</value>
    </values>
   </configenum>
  <configsection name="weather">
   <configheader>Weather Services</configheader>
   <configdescription>If you want to provide weather information to your users
   you must select a provider and provide your API keys.</configdescription>
   <configswitch name="provider">false
    <case name="false" desc="None" />
    <case name="WeatherUnderground" desc="Weather Underground - Recommended, but relatively low daily limits for free accounts.">
      <configsection name="params">
       <configstring name="key" desc="API Key. For information on registration and obtaining an API
       key for this driver, see http://www.wunderground.com/weather/api/.">
       </configstring>
       <configinteger name="lifetime" desc="Lifetime of the cached weather information, in seconds.">21600
       </configinteger>
      </configsection>
    </case>
    <case name="Wwo" desc="World Weather Online API. Free, requires registration.">
      <configsection name="params">
        <configstring name="key" desc="API Key. For information on registration
        and obtaining an API key for this driver, see
        http://worldweatheronline.com"></configstring>
        <configenum name="apiversion" desc="Select the API version to use.
        See your WWO registration details if you are not sure which to choose.">1
          <values>
            <value>1</value>
            <value>2</value>
          </values>
        </configenum>
       <configinteger name="lifetime" desc="Lifetime of the cached weather information, in seconds.">21600
       </configinteger>
      </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="imap" desc="IMAP Server">
  <configsection name="imap">
   <configheader>IMAP Server Settings</configheader>
   <configdescription>
    If you intend to store user data like shares and groupware data on an IMAP
    server then you will need to ensure that the following fields correspond to
    your IMAP server setup. The IMAP groupware storage will use version 2 of
    the Kolab XML format. See http://wiki.kolab.org/Kolab_Format_Intro for
    details.
   </configdescription>
   <configswitch name="enabled" quote="false" desc="Use an IMAP server?">false
    <case name="false" desc="Disabled" />
    <case name="true" desc="Enabled">
     <configheader>IMAP Server Settings</configheader>
     <configstring name="server" desc="Server
     address">localhost</configstring>
     <configinteger name="port" desc="Server port">143</configinteger>
     <configenum name="secure" desc="The encryption to use to connect to the
     IMAP server.">tls
      <values>
       <value>none</value>
       <value>tls</value>
       <value>ssl</value>
      </values>
     </configenum>
     <configstring name="maildomain" desc="Default
     maildomain">example.com</configstring>
     <configboolean name="cache_folders" desc="Cache IMAP folders?"
      required="true">true</configboolean>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="imsp" desc="IMSP Server">
  <configsection name="imsp">
   <configheader>IMSP Server Settings</configheader>
   <configdescription>If you plan to use any of Horde's IMSP server support,
   enable this option and configure the server settings below.  Note that you
   must still configure/enable specific IMSP support in the appropriate
   section.</configdescription>
   <configswitch name="enabled">false
    <case name="false" desc="Disabled" />
    <case name="true" desc="Enabled">
     <configheader>IMSP Server Settings</configheader>
     <configstring name="server" desc="Server Address:">localhost</configstring>
     <configstring name="port" desc="Server port:">406</configstring>
     <configswitch name="auth_method" desc="The authentication method to
     use">Plaintext
      <case name="Plaintext" desc="Plaintext" />
      <case name="CramMd5" desc="CRAM-MD5" />
      <case name="Imtest" desc="Cyrus imtest">
       <configstring name="socket" desc="Path to the directory that will hold
       the socket. (The socket will be named 'imsp_username.sck').">
       /tmp/</configstring>
       <configstring name="command" desc="Path to imtest binary">
       /cyrus/usr/cyrus/bin/imtest</configstring>
       <configenum name="auth_mechanism" description="What authentication
       method do you want to use with the imtest utility?">
        <values>
         <value desc="Plaintext (LOGIN)">LOGIN</value>
         <value desc="GSSAPI">gssapi</value>
        </values>
       </configenum>
      </case>
     </configswitch>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="kolab" desc="Kolab Server">
  <configsection name="kolab">
   <configheader>Kolab Server Settings</configheader>
   <configdescription>
    &lt;strong&gt;*** IF YOU HAVE NO IDEA WHAT KOLAB IS THEN YOU CAN SAFELY
    IGNORE THIS TAB ***&lt;/strong&gt;&lt;br /&gt;
    Kolab is in no way required for normal Horde usage. If, however, you
    intend to use Horde as a webclient for Kolab then you will need to ensure
    that the following fields correspond to those required by your Kolab
    installation.  You can find some of the required values in the
    &lt;code&gt; $KOLAB_ROOT/etc/kolab/kolab.conf&lt;/code&gt; configuration
    file. Please note that the old iCal/vCard storage format has been dropped
    in favour of the new XML storage format &amp;amp; IMAP folder annotations;
    subsequently the Horde Kolab modules will only work with version 2 of the
    Kolab server.&lt;br /&gt;
    If you would like to find out more about Kolab then please visit the Kolab
    community website at http://www.kolab.org/
   </configdescription>
   <configswitch name="enabled" quote="false" desc="Horde/Kolab integration
    status">false
    <case name="false" desc="Disabled" />
    <case name="true" desc="Enabled">
     <configheader>Kolab LDAP Server Settings</configheader>
     <configsection name="ldap">
      <configstring name="server" desc="Server
      address:">localhost</configstring>
      <configinteger name="port" desc="Server port:">389</configinteger>
      <configstring name="basedn" desc="Base
      DN:">dc=example,dc=com</configstring>
      <configstring name="phpdn" desc="Search
      DN:">cn=nobody,cn=internal,dc=example,dc=com</configstring>
      <configstring name="phppw" desc="Search Password:"/>
     </configsection>
     <configheader>Kolab Cyrus IMAP Server Settings</configheader>
     <configsection name="imap">
      <configstring name="server" desc="Server
      address:">localhost</configstring>
      <configinteger name="port" desc="Server port:">143</configinteger>
      <configinteger name="sieveport" desc="Sieve port:">2000</configinteger>
      <configstring name="maildomain" desc="Default
      maildomain:">example.com</configstring>
      <configboolean name="cache_folders" desc="Cache IMAP folders:"
       required="true">true</configboolean>
     </configsection>
     <configheader>Kolab SMTP Server Settings</configheader>
     <configsection name="smtp">
      <configstring name="server" desc="Server
      address:">localhost</configstring>
      <configinteger name="port" desc="Server port:">25</configinteger>
     </configsection>
     <configheader>Kolab Free/Busy Application Settings</configheader>
     <configsection name="freebusy">
       <configdescription>
     Enter the leading part of the URL to the Kolab Free/Busy
     application here. This will usually be
     "https://localhost/freebusy" but if you installed it so that
     you reach the application at "https://freebusy.example.org"
     then you would enter "https://freebusy.example.org". The URL
     "https://freebusy.example.org/freebusy" would thus need the
     setting "https://freebusy.example.org/freebusy".
       </configdescription>
      <configstring name="server" desc="Application
      address:">https://localhost/freebusy</configstring>
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="hashtable" desc="Distributed Hash Table">
  <configsection name="hashtable">
   <configdescription>A distributed hash table is a way of sharing data across
   multiple servers by associating a piece of data with a static key. It is
   useful for cache-like operations, since it is usually much faster to set and
   retrieve the data from the hash table than the underlying data storage
   driver.</configdescription>
   <configswitch name="driver" desc="What backend should we use for the
   distributed hash table?">none
    <case name="none" desc="None" />
    <case name="Memcache" desc="Memcache Server">
     <configsection name="params">
      <configlist name="hostspec" required="false" desc="What hostname(s) is
      the memcache server(s) running on, or what is the name of the system
      DSN(s)? Specify multiple servers by separating with
      commas.">localhost</configlist>
      <configlist name="port" required="false" desc="Port(s) the memcache
      server(s) are running on. If more than one host is used, specify ports
      for respective servers, separated by commas.">11211</configlist>
      <configlist name="weight" required="false" desc="The weight to give each
      memcache server. If more than one host is used, specify weights
      for respective servers, separated by commas."></configlist>
      <configboolean name="persistent" required="false" desc="Enable
      persistent connections to server(s).">false</configboolean>
      <configswitch name="compression" quote="false" desc="Enable compression
      when storing entries on server.">false
       <case name="false" desc="No" />
       <case name="true" desc="Yes">
        <configinteger name="c_threshold" required="false" desc="The threshold
        length before compressing data.">0</configinteger>
       </case>
      </configswitch>
      <configphp name="prefix" required="false" desc="Prefix to use for the
      memcache keys. PHP expressions are allowed."></configphp>
      <configphp name="large_items" required="false" desc="Memcache natively
      supports data of limited length only (default: 1 MB). If this option is
      true, Horde will transparently work around this
      limitation.">true</configphp>
     </configsection>
    </case>
    <case name="Predis" desc="Redis Server">
     <configsection name="params">
      <configswitch name="protocol" desc="Protocol used to connect to the
      Redis server?">tcp
       <case name="unix" desc="UNIX Sockets">
        <configstring name="socket" required="true" desc="Location of UNIX
        socket"/>
       </case>
       <case name="tcp" desc="TCP/IP">
        <configlist name="hostspec" required="false" desc="Hostname(s) the
        Redis server(s) are running on, or the name of the system DSN(s).
        Specify multiple servers by separating with
        commas.">localhost</configlist>
        <configlist name="port" required="false" desc="Port(s) the Redis
        server(s) are running on. If more than one host is used, specify ports
        for respective servers, separated by commas.">6379</configlist>
       </case>
      </configswitch>
      <configstring name="password" required="false" desc="Password to
      authenticate to the Redis server with."/>
      <configboolean name="persistent" required="false" desc="Enable
      persistent connections to Redis server(s)?">false</configboolean>
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>

 <configtab name="activesync" desc="ActiveSync">
  <configsection name="activesync">
   <configdescription>The use of ActiveSync in the United States is PROHIBITED
   due to patent issues. If you are NOT in the United States, or you have a
   license to use ActiveSync, you may enable ActiveSync below and create an
   alias on your webserver to redirect /Microsoft-Server-ActiveSync to
   /horde/rpc.php.
   See http://wiki.horde.org/ActiveSync for more information.
   </configdescription>
   <configswitch name="enabled" quote="false" desc="Enable ActiveSync server?">false
    <case name="false" desc="Disabled" />
    <case name="true" desc="Enabled">
     <configheader>Storage</configheader>
     <configdescription>ActiveSync needs to store information about device
     properties and state data such as syncronization keys and hierarchy data.
     Choose the storage backend to use.</configdescription>
     <configswitch name="storage">Sql
      <case name="Nosql" desc="NoSQL Database">
        <configsection name="params">
         <confignosql switchname="driverconfig" />
        </configsection>
      </case>
      <case name="Sql" desc="SQL Database">
        <configsection name="params">
         <configsql switchname="driverconfig" />
        </configsection>
      </case>
     </configswitch>
     <configheader>Capabilities</configheader>
      <configboolean name="emailsync" desc="Enable Email support?">true
      </configboolean>
      <configenum name="version" desc="What is the highest version of EAS that
      Horde should support? All versions are backwards compatible so selecting
      a higher version also includes support for the lower versions as well. Set
      to EAS 14.1 unless you have a good reason not to.">14.1
      <values>
       <value desc="Exchange 2003 (EAS 2.5)">2.5</value>
       <value desc="Exchange 2007 (EAS 12.0)">12</value>
       <value desc="Exchange 2007sp1 (EAS 12.1)">12.1</value>
       <value desc="Exchange 2010sp1 (EAS 14.0)">14</value>
       <value desc="Exchange 2010sp2 (EAS 14.1)">14.1</value>
      </values>
     </configenum>
     <configheader>Authentication</configheader>
     <configdescription>ActiveSync can be configured to authenticate against
     Horde using either HTTP Basic authentication, X509 client certificates, or
     both. HTTP Basic will authenticate the credentials passed from the client
     against the configured Horde authentication backend. If client certificates
     are used you will need to properly configure your webserver for this as
     well as provide some mechanism for using hordeauth with the IMAP server.
     See http://wiki.horde.org/ActiveSync for more details on client certificate
     authentication. If selecting both basic and client certificates, make sure
     you are not already using client certificate authentication in Horde; if
     client certificates are used for general Horde authentication then they
     must be used here as well. If unsure, select Basic. </configdescription>
     <configsection name="auth">
       <configswitch name="type" desc="Select the authentication methods that
       should be supported.">basic
         <case name="basic" desc="HTTP Basic"/>
         <case name="cert" desc="Client Certificates">
           <configsection name="params">
             <configstring name="username_field" desc="The X509 field containing the username">
             SSL_CLIENT_S_DN_CN</configstring>
             <configswitch name="password_source" desc="Where should Horde attempt to
             find user passwords?">
               <case name="none" desc="Either no passwords are needed, or the
               postauthenticate hook will provide them."/>
               <case name="unified" desc="A single password will be used for all
               users. ONLY USE THIS IF YOU KNOW WHAT YOU ARE DOING! YOUR SYSTEM MUST
               BE PROPERLY SECURED!">
                 <configstring name="password" desc="The password to use.">
                 </configstring>
               </case>
             </configswitch>
           </configsection>
         </case>
         <case name="basic_cert" desc="HTTP Basic with Client Certificates">
           <configsection name="params">
             <configstring name="username_field" desc="The X509 field containing the username">
             SSL_CLIENT_S_DN_CN</configstring>
             <configswitch name="password_source" desc="Where should Horde attempt to
             find user passwords?">
               <case name="none" desc="Either no passwords are needed, or the
               postauthenticate hook will provide them."/>
               <case name="unified" desc="A single password will be used for all
               users. ONLY USE THIS IF YOU KNOW WHAT YOU ARE DOING! YOUR SYSTEM MUST
               BE PROPERLY SECURED!">
                 <configstring name="password" desc="The password to use.">
                 </configstring>
               </case>
             </configswitch>
           </configsection>
         </case>
       </configswitch>
     </configsection>
     <configheader>Autodiscovery</configheader>
     <configenum name="autodiscovery" desc="Some devices attempt to use an
     Autodiscovery service to configure the device's account using only the
     user's email address and password. For this to work you must create an
     alias on your webserver to point /autodiscover/autodiscover.xml to
     /horde/rpc.php. Also, Horde must be able to determine the user's username
     given the email address. Set the method you want Horde to use to attempt to
     determine this below. If this fails, the device will fall back to requiring
     manual account configuration. See http://wiki.horde.org/ActiveSync for more
     information">
      <values>
       <value desc="Use the full email address as the username">full</value>
       <value desc="Use only the username - everything after and including the
       first @ will be stripped.">user</value>
       <value desc="Use a custom hook. You must create this hook in the
       hooks.php file.">hook</value>
      </values>
     </configenum>
     <configswitch name="outlookdiscovery" desc="Horde can answer Autodiscover
     requests from Microsoft Outlook clients to send configuration information
     for things like IMAP/POP3/SMTP servers. Should this be enabled? NOTE: This
     does not enable syncing between Horde and Microsoft Outlook!">
       <case name="false" desc="No" />
       <case name="true" desc="Yes">
         <configsection name="hosts">
           <configsection name="imap">
             <configstring name="host" desc="IMAP host" required="false"></configstring>
             <configinteger name="port" desc="IMAP port" required="false"></configinteger>
             <configboolean name="ssl" desc="Use SSL?" />
           </configsection>
           <configsection name="pop">
             <configstring name="host" desc="POP3 host" required="false"></configstring>
             <configinteger name="port" desc="POP3 port" required="false"></configinteger>
             <configboolean name="ssl" desc="Use SSL?" />
           </configsection>
           <configsection name="smtp">
             <configstring name="host" desc="SMTP host"></configstring>
             <configinteger name="port" desc="SMTP port" required="false"></configinteger>
             <configboolean name="popauth" desc="Require Pop Auth?" required="false" />
             <configboolean name="ssl" desc="Use SSL?" />
           </configsection>
         </configsection>
       </case>
     </configswitch>
     <configheader>Logging</configheader>
     <configsection name="logging">
       <configswitch name="type" desc="For debugging, it may be useful have a log
       of the Wbxml stream along with some other activesync-related data. If you
       want to do this, set this to either Per Device or Single File and enter
       the appropriate path. If detailed debug logging is not needed, set this to
       None.">false
         <case name="false" desc="None" />
         <case name="perdevice" desc="Per Device">
           <configstring name="path" desc="Path to custom log directory." />
           <configenum name="level" desc="Should Horde include all the raw data
           in the Wbxml log stream? If set to Detailed, the entire raw content
           is logged. If set to Protocol, all protocol level detail is included,
           but any Wbxml tag content over 50 bytes is logged only as the size of
           the data." required="false">protocol
             <values>
               <value desc="Protocol">2</value>
               <value desc="Detailed">1</value>
             </values>
           </configenum>
         </case>
         <case name="onefile" desc="Single file">
           <configstring name="path" desc="Log file name." />
         </case>
       </configswitch>
     </configsection>
     <configsection name="ping">
      <configheader>Ping Settings</configheader>
      <configdescription>The Heartbeat Interval specifies the length of time, in
      seconds, that the server SHOULD wait before notifying the client of
      changes in a folder on the server.  These settings allow you to indicate
      the allowable range for this setting. Note that not all clients will
      request this information. NOTE: Some Android devices do not implement this
      correctly. If you plan on synching Android devices, you should make sure
      that this range is wide enough to allow Android's default of 470 seconds.
      </configdescription>
      <configswitch name="deviceping" desc="Allow devices to manage the
      heartbeat or force Horde to use a specific heartbeat for every
      device?">true
       <case name="true" desc="Device managed heartbeat">
        <configinteger name="heartbeatmin" desc="The minimum number of seconds
        to wait before sending results. This value must be greater then zero.">
        60</configinteger>
        <configinteger name="heartbeatmax" desc="The maximum number of seconds
        to wait before sending results. Note this value must not be greater then
        3540 (59 minutes).">2700</configinteger>
        <configinteger name="heartbeatdefault" desc="If the client does not
        request a heartbeat interval, this interval will be used by default.">
        480</configinteger>
       </case>
       <case name="false" desc="Forced heartbeat">
        <configinteger name="forcedheartbeat" desc="The number of seconds to
        force the server to wait before sending PING results.">60
        </configinteger>
       </case>
      </configswitch>
      <configinteger name="waitinterval" desc="How many seconds should elapse
      between checks for changes? Increasing this value will cause the server
      to wait longer between checks for changes during the heartbeat,
      essentially reducing the number of checks done during each heartbeat.
      Lowering this value will increase the number of checks that are down
      during each heartbeat.">15</configinteger>
     </configsection>
    </case>
   </configswitch>
  </configsection>
 </configtab>
</configuration>