Kolab update

lam/HISTORY

@@ -1,5 +1,6 @@
 September 2018 6.5
   - Password change possible via LDAP EXOP operation (set LDAP_EXOP as password hash)
+  - Kolab updates
   - LAM Pro:
    -> Auto deletion of entries with dynamic directory services support (requires PHP 7.2).
   - Fixed bugs:

lam/docs/manual-sources/chapter-modules.xml

@@ -755,7 +755,9 @@
         <listitem>
           <para>Password hash type: If possible use CRYPT-SHA512 or SSHA to
           protect your user's passwords. The option SASL will set the password
-          to "{SASL}&lt;user name&gt;". If you want to use an LDAP EXOP password operation to update the password then select LDAP_EXOP.</para>
+          to "{SASL}&lt;user name&gt;". If you want to use an LDAP EXOP
+          password operation to update the password then select
+          LDAP_EXOP.</para>
         </listitem>
 
         <listitem>
@@ -1408,33 +1410,11 @@
         </mediaobject>
       </screenshot>
 
-      <para>Attention: LAM will add the object class "mailrecipient" by
-      default. This object class is available on 389 directory server but may
-      not be present on e.g. OpenLDAP. Please deactivate the following setting
-      (LAM server profile, module settings) if you do not use this object
-      class.</para>
-
-      <screenshot>
-        <mediaobject>
-          <imageobject>
-            <imagedata fileref="images/mod_kolab5.png"/>
-          </imageobject>
-        </mediaobject>
-      </screenshot>
-
       <para>Please enter an email address at the Personal page and set a Unix
       password first. Both are required that Kolab accepts the accounts. The
       email address ("Personal" page) must match your Kolab domain, otherwise
       the account will not work.</para>
 
-      <para><emphasis role="bold">Attention:</emphasis> The mailbox server
-      cannot be changed after the account has been saved. Please make sure
-      that the value is correct.</para>
-
-      <para>Kolab users should not be directly deleted with LAM. You can mark
-      an account for deletion which then is done by the Kolab server itself.
-      This makes sure that the mailbox etc. is also deleted.</para>
-
       <screenshot>
         <mediaobject>
           <imageobject>

lam/lib/modules/kolabGroup.inc

@@ -36,8 +36,6 @@ class kolabGroup extends baseModule {
 
 	/** cache for mail attribute */
 	private $mailCache = null;
-	/** cache for mailHost values */
-	private $mailHostCache = null;
 
 	/**
 	* Creates a new kolabGroup object.
@@ -77,7 +75,7 @@ class kolabGroup extends baseModule {
 		// managed object classes
 		$return['objectClasses'] = array('kolabGroupOfUniqueNames');
 		// managed attributes
-		$return['attributes'] = array('kolabAllowSMTPRecipient', 'kolabAllowSMTPSender', 'kolabDeleteflag');
+		$return['attributes'] = array('kolabAllowSMTPRecipient', 'kolabAllowSMTPSender');
 		// help Entries
 		$return['help'] = array(
 			'mail' => array(
@@ -90,26 +88,22 @@ class kolabGroup extends baseModule {
 			),
 			'kolabAllowSMTPRecipient' => array (
 				"Headline" => _('Allowed recipients'), 'attr' => 'kolabAllowSMTPRecipient',
-				"Text" => _('Describes the allowed or disallowed SMTP recipient addresses for mail sent by this account (e.g. "domain.tld" or "-user@domain.tld").')
+				"Text" => _('Describes the allowed or disallowed SMTP recipient addresses for mail sent by this account (e.g. "domain.tld" or "user@domain.tld").')
 			),
 			'kolabAllowSMTPRecipientList' => array (
 				"Headline" => _('Allowed recipients'), 'attr' => 'kolabAllowSMTPRecipient',
-				"Text" => _('Describes the allowed or disallowed SMTP recipient addresses for mail sent by this account (e.g. "domain.tld" or "-user@domain.tld").')
+				"Text" => _('Describes the allowed or disallowed SMTP recipient addresses for mail sent by this account (e.g. "domain.tld" or "user@domain.tld").')
 							. ' ' . _("Multiple values are separated by semicolon.")
 			),
 			'kolabAllowSMTPSender' => array (
 				"Headline" => _('Allowed senders'), 'attr' => 'kolabAllowSMTPSender',
-				"Text" => _('Describes the allowed or disallowed SMTP addresses sending mail to this account (e.g. "domain.tld" or "-user@domain.tld").')
+				"Text" => _('Describes the allowed or disallowed SMTP addresses sending mail to this account (e.g. "domain.tld" or "user@domain.tld").')
 			),
 			'kolabAllowSMTPSenderList' => array (
 				"Headline" => _('Allowed senders'), 'attr' => 'kolabAllowSMTPSender',
-				"Text" => _('Describes the allowed or disallowed SMTP addresses sending mail to this account (e.g. "domain.tld" or "-user@domain.tld").')
+				"Text" => _('Describes the allowed or disallowed SMTP addresses sending mail to this account (e.g. "domain.tld" or "user@domain.tld").')
 							. ' ' . _("Multiple values are separated by semicolon.")
 			),
-			'deleteFlag' => array(
-				"Headline" => _("Mark for deletion"), 'attr' => 'kolabDeleteflag',
-				"Text" => _("This will set a special flag on the account which tells Kolabd to remove it. Use this to cleanly delete Kolab accounts (e.g. this removes mail boxes).")
-			),
 			'autoAdd' => array(
 				"Headline" => _("Automatically add this extension"),
 				"Text" => _("This will enable the extension automatically if this profile is loaded.")
@@ -176,11 +170,6 @@ class kolabGroup extends baseModule {
 	function display_html_attributes() {
 		$container = new htmlTable();
 		if (isset($this->attributes['objectClass']) && in_array('kolabGroupOfUniqueNames', $this->attributes['objectClass'])) {
-			// check if account is marked for deletion
-			if (isset($this->attributes['kolabDeleteflag'])) {
-				$container->addElement(new htmlOutputText(_('This account is marked for deletion.')));
-				return $container;
-			}
 			// mail
 			if ($this->manageMail($this->getAccountContainer()->get_type()->getModules())) {
 				$this->addSimpleInputTextField($container, 'mail', _('Email address'), true);
@@ -189,15 +178,6 @@ class kolabGroup extends baseModule {
 			$this->addMultiValueInputTextField($container, 'kolabAllowSMTPRecipient', _('Allowed recipients'));
 			// allowed senders
 			$this->addMultiValueInputTextField($container, 'kolabAllowSMTPSender', _('Allowed senders'));
-			// delete flag
-			$this->loadMailHostCache();
-			if (!$this->getAccountContainer()->isNewAccount && (sizeof($this->mailHostCache) > 0)) {
-				$deleteContainer = new htmlTable();
-				$deleteContainer->addElement(new htmlSpacer(null, '20px'), true);
-				$deleteContainer->addElement(new htmlAccountPageButton(get_class($this), 'deleteFlag', 'open', _('Mark account for deletion')));
-				$deleteContainer->addElement(new htmlHelpLink('deleteFlag'));
-				$container->addElement($deleteContainer);
-			}
 		}
 		else {
 			// add button
@@ -259,37 +239,6 @@ class kolabGroup extends baseModule {
 		return $errors;
 	}
 
-	/**
-	* This function will create the meta HTML code to show a page to mark an account for deletion.
-	*
-	* @return htmlElement HTML meta data
-	*/
-	function display_html_deleteFlag() {
-		$return = new htmlTable();
-		$message = new htmlOutputText(_('Do you really want to mark this account for deletion?'));
-		$return->addElement($message, true);
-		$return->addElement(new htmlSpacer(null, '10px'), true);
-		$serverTable = new htmlTable();
-		$serverTable->addElement(new htmlTableExtendedSelect('deletionServer', $this->mailHostCache, array(), _('Server'), 'deleteFlag'));
-		$return->addElement($serverTable, true);
-		$return->addElement(new htmlSpacer(null, '10px'), true);
-		$buttonGroup = new htmlGroup();
-		$buttonGroup->addElement(new htmlAccountPageButton(get_class($this), 'attributes', 'confirm', _('Mark account for deletion')));
-		$buttonGroup->addElement(new htmlAccountPageButton(get_class($this), 'attributes', 'cancel', _('Cancel')));
-		$return->addElement($buttonGroup, true);
-		return $return;
-	}
-
-	/**
-	* Write variables into object and do some regex checks
-	*/
-	function process_deleteFlag() {
-		if (isset($_POST['form_subpage_kolabGroup_attributes_confirm'])) {
-			// set delete flag
-			$this->attributes['kolabDeleteflag'][0] = $_POST['deletionServer'];
-		}
-	}
-
 	/**
 	* Returns a list of modifications which have to be made to the LDAP account.
 	*
@@ -444,22 +393,6 @@ class kolabGroup extends baseModule {
 		}
 	}
 
-	/**
-	 * Loads the list of mail hosts into the cache.
-	 */
-	private function loadMailHostCache() {
-		if ($this->mailHostCache != null) {
-			return;
-		}
-		$results = searchLDAPByFilter('(mailHost=*)', array('mailHost'), array('user'));
-		$this->mailHostCache = array();
-		foreach ($results as $result) {
-			if (isset($result['mailhost'][0]) && !in_array_ignore_case($result['mailhost'][0], $this->mailHostCache)) {
-				$this->mailHostCache[] = $result['mailhost'][0];
-			}
-		}
-	}
-
 	/**
 	 * {@inheritDoc}
 	 * @see baseModule::getManagedAttributes()

lam/lib/modules/kolabUser.inc

@@ -85,26 +85,15 @@ class kolabUser extends baseModule {
 		// LDAP filter
 		$return["ldap_filter"] = array('or' => "(objectClass=kolabInetOrgPerson)");
 		// managed object classes
-		$return['objectClasses'] = array('kolabInetOrgPerson');
+		$return['objectClasses'] = array('kolabInetOrgPerson', 'mailrecipient');
-		if ($this->manageMailrecipient()) {
-			$return['objectClasses'][] = 'mailrecipient';
-		}
 		// managed attributes
-		$return['attributes'] = array('alias', 'mailHost', 'kolabDelegate', 'kolabInvitationPolicy', 'kolabDeleteflag',
+		$return['attributes'] = array('alias', 'kolabDelegate', 'kolabInvitationPolicy',
-										'kolabAllowSMTPRecipient', 'kolabAllowSMTPSender');
+										'kolabAllowSMTPRecipient', 'kolabAllowSMTPSender', 'mailQuota');
-		if ($this->manageMailrecipient()) {
-			$return['attributes'][] = 'mailQuota';
-		}
 		// profile options
 		$profileContainer = new htmlResponsiveRow();
-		$profileContainer->add(new htmlResponsiveInputField(_('Mail server'), 'kolab_mailHost', null, 'mailHost'), 12);
 		$profileContainer->add(new htmlResponsiveInputField(_('Mailbox quota'), 'kolab_mailQuota', null, 'mailQuota'), 12);
 		$return['profile_options'] = $profileContainer;
 		// profile checks
-		$return['profile_checks']['kolab_mailHost'] = array(
-			'type' => 'ext_preg',
-			'regex' => 'DNSname',
-			'error_message' => $this->messages['mailHost'][0]);
 		$return['profile_checks']['kolab_mailQuota'] = array(
 			'type' => 'ext_preg',
 			'regex' => 'digit',
@@ -132,7 +121,7 @@ class kolabUser extends baseModule {
 			),
 			'delegateList' => array(
 				"Headline" => _("Delegates"), 'attr' => 'kolabDelegate',
-				"Text" => _("This is a comma separated list of delegates.")
+				"Text" => _("This is a semi-colon separated list of delegates.")
 			),
 			'alias' => array(
 				"Headline" => _("Email alias"), 'attr' => 'alias',
@@ -142,10 +131,6 @@ class kolabUser extends baseModule {
 				"Headline" => _("Email alias list"), 'attr' => 'alias',
 				"Text" => _("This is a comma separated list of eMail aliases.")
 			),
-			'mailHost' => array(
-				"Headline" => _("Mailbox home server"), 'attr' => 'mailHost',
-				"Text" => _("The name of the server where the mailbox is located.")
-			),
 			'kolabAllowSMTPRecipient' => array (
 				"Headline" => _('Allowed recipients'), 'attr' => 'kolabAllowSMTPRecipient',
 				"Text" => _('Describes the allowed or disallowed SMTP recipient addresses for mail sent by this account (e.g. "domain.tld" or "-user@domain.tld").')
@@ -164,18 +149,10 @@ class kolabUser extends baseModule {
 				"Text" => _('Describes the allowed or disallowed SMTP addresses sending mail to this account (e.g. "domain.tld" or "-user@domain.tld").')
 							. ' ' . _("Multiple values are separated by semicolon.")
 			),
-			'mailrecipient' => array(
-				"Headline" => _('Manage object class "mailrecipient"'),
-				"Text" => _('Adds the object class "mailrecipient" to all user accounts.')
-			),
 			'mailQuota' => array(
 				"Headline" => _('Mailbox quota'), 'attr' => 'mailQuota',
 				"Text" => _('The maximum mailbox size in MB.')
 			),
-			'deleteFlag' => array(
-				"Headline" => _("Mark for deletion"), 'attr' => 'kolabDeleteflag',
-				"Text" => _("This will set a special flag on the account which tells Kolabd to remove it. Use this to cleanly delete Kolab accounts (e.g. this removes mail boxes).")
-			),
 		);
 		// upload fields
 		$return['upload_columns'] = array(
@@ -185,13 +162,6 @@ class kolabUser extends baseModule {
 				'help' => 'invPolList',
 				'example' => 'user@domain:ACT_ALWAYS_ACCEPT,user2@domain:ACT_MANUAL'
 			),
-			array(
-				'name' => 'kolabUser_mailHost',
-				'description' => _('Mailbox home server'),
-				'help' => 'mailHost',
-				'example' => 'localhost',
-				'required' => true
-			),
 			array(
 				'name' => 'kolabUser_mailQuota',
 				'description' => _('Mailbox quota'),
@@ -208,7 +178,7 @@ class kolabUser extends baseModule {
 				'name' => 'kolabUser_delegates',
 				'description' => _('Delegates'),
 				'help' => 'delegateList',
-				'example' => 'user@domain,user2@domain'
+				'example' => 'uid=user,ou=People,dc=example,dc=com;uid=user2,ou=People,dc=example,dc=com'
 			),
 			array(
 				'name' => 'kolabUser_kolabAllowSMTPRecipient',
@@ -226,7 +196,6 @@ class kolabUser extends baseModule {
 		// available PDF fields
 		$return['PDF_fields'] = array(
 			'invPol' => _('Invitation policy'),
-			'mailHost' => _('Mailbox home server'),
 			'mailQuota' => _('Mailbox quota'),
 			'aliases' => _('Email aliases'),
 			'delegate' => _('Delegates'),
@@ -244,9 +213,6 @@ class kolabUser extends baseModule {
 		$this->messages['invPol'][1] = array('ERROR', _('Account %s:') . ' kolabUser_invPol', _('Policy list has invalid format!'));
 		$this->messages['alias'][0] = array('ERROR', _('Email alias is invalid!'));  // third array value is set dynamically
 		$this->messages['alias'][1] = array('ERROR', _('Account %s:') . ' kolabUser_aliases', _('Email alias list has invalid format!'));
-		$this->messages['mailHost'][0] = array('ERROR', _('Mailbox home server name is invalid!'));  // third array value is set dynamically
-		$this->messages['mailHost'][1] = array('ERROR', _('Account %s:') . ' kolabUser_mailHost', _('Mailbox home server name is invalid!'));
-		$this->messages['mailHost'][2] = array('ERROR', _('Mailbox home server name is empty!'));
 		$this->messages['delegate'][0] = array('ERROR', _('Account %s:') . ' kolabUser_delegates', _('Unknown delegate address: %s'));
 		$this->messages['kolabAllowSMTPRecipient'][0] = array('ERROR', _('Allowed recipients'), _('Please enter a valid recipient expression.'));
 		$this->messages['kolabAllowSMTPRecipient'][1] = array('ERROR', _('Account %s:') . ' kolabUser_kolabAllowSMTPRecipient', _('Please enter a valid recipient expression.'));
@@ -285,30 +251,14 @@ class kolabUser extends baseModule {
 				$message->colspan = 5;
 				$return->addElement($message, true);
 			}
-			// check if account is marked for deletion
-			if (isset($this->attributes['kolabDeleteflag'])) {
-				$return->addElement(new htmlOutputText(_('This account is marked for deletion.')));
-				return $return;
-			}
-			// mailbox server
-			if (!isset($this->orig['mailHost'][0])) {  // value currently not set
-				$this->addSimpleInputTextField($return, 'mailHost', _('Mailbox home server'), true);
-			}
-			else {  // input is unchangable when set
-				$return->addElement(new htmlOutputText(_('Mailbox home server')));
-				$return->addElement(new htmlOutputText($this->attributes['mailHost'][0]));
-				$return->addElement(new htmlHelpLink('mailHost'), true);
-			}
 			// mailbox quota
-			if ($this->manageMailrecipient()) {
+			$mailQuota = '';
-				$mailQuota = '';
+			if (!empty($this->attributes['mailQuota'][0])) {
-				if (!empty($this->attributes['mailQuota'][0])) {
+				$mailQuota = $this->attributes['mailQuota'][0] / 1024;
-					$mailQuota = $this->attributes['mailQuota'][0] / 1024;
-				}
-				$mailQuotaField = new htmlTableExtendedInputField(_('Mailbox quota'), 'mailQuota', $mailQuota, 'mailQuota');
-				$mailQuotaField->setValidationRule(htmlElement::VALIDATE_NUMERIC);
-				$return->addElement($mailQuotaField, true);
 			}
+			$mailQuotaField = new htmlTableExtendedInputField(_('Mailbox quota'), 'mailQuota', $mailQuota, 'mailQuota');
+			$mailQuotaField->setValidationRule(htmlElement::VALIDATE_NUMERIC);
+			$return->addElement($mailQuotaField, true);
 			// invitation policies
 			$return->addElement(new htmlSubTitle(_('Invitation policy')), true);
 			$invitationContainer = new htmlTable();
@@ -349,17 +299,21 @@ class kolabUser extends baseModule {
 			$return->addElement(new htmlSubTitle(_('Email aliases')), true);
 			$this->addMultiValueInputTextField($return, 'alias', null);
 			// delegates
-			$delegates = searchLDAPByAttribute('mail', '*', 'inetOrgPerson', array('mail'), array('user'));
+			$delegatesData = searchLDAPByAttribute('mail', '*', 'inetOrgPerson', array('dn'), array('user'));
-			for ($i = 0; $i < sizeof($delegates); $i++) {
+			$delegates = array();
-				$delegates[$i] = $delegates[$i]['mail'][0];
+			for ($i = 0; $i < sizeof($delegatesData); $i++) {
+				$delegates[getAbstractDN($delegatesData[$i]['dn'])] = $delegatesData[$i]['dn'];
 			}
-			sort($delegates);
+			uksort($delegates, 'compareDN');
 			$return->addElement(new htmlSubTitle(_('Delegates')), true);
 			$delegatesContainer = new htmlTable();
 			$delegatesContainer->colspan = 3;
 			if (isset($this->attributes['kolabDelegate'])) {
 				for ($i = 0; $i < sizeof($this->attributes['kolabDelegate']); $i++) {
-					$delegatesContainer->addElement(new htmlSelect('delegate' . $i, $delegates, array($this->attributes['kolabDelegate'][$i])));
+					$delegateSelect = new htmlSelect('delegate' . $i, $delegates, array($this->attributes['kolabDelegate'][$i]));
+					$delegateSelect->setSortElements(false);
+					$delegateSelect->setHasDescriptiveElements(true);
+					$delegatesContainer->addElement($delegateSelect);
 					$delegatesContainer->addElement(new htmlButton('delDelegate' . $i, 'del.png', true));
 					if ($i == 0) {
 						$delegatesContainer->addElement(new htmlHelpLink('delegate'));
@@ -379,14 +333,6 @@ class kolabUser extends baseModule {
 			$this->addMultiValueInputTextField($return, 'kolabAllowSMTPRecipient', _('Allowed recipients'));
 			// allowed senders
 			$this->addMultiValueInputTextField($return, 'kolabAllowSMTPSender', _('Allowed senders'));
-			// delete flag
-			if (!$this->getAccountContainer()->isNewAccount) {
-				$deleteContainer = new htmlTable();
-				$deleteContainer->addElement(new htmlSpacer(null, '20px'), true);
-				$deleteContainer->addElement(new htmlAccountPageButton(get_class($this), 'deleteUser', 'open', _('Mark account for deletion')));
-				$deleteContainer->addElement(new htmlHelpLink('deleteFlag'));
-				$return->addElement($deleteContainer);
-			}
 		}
 		else {
 			$return->addElement(new htmlButton('addObjectClass', _('Add Kolab extension')));
@@ -404,27 +350,11 @@ class kolabUser extends baseModule {
 		$errors = array();
 		if (isset($_POST['addObjectClass'])) {
 			$this->attributes['objectClass'][] = 'kolabInetOrgPerson';
-			if ($this->manageMailrecipient()) {
+			$this->attributes['objectClass'][] = 'mailrecipient';
-				$this->attributes['objectClass'][] = 'mailrecipient';
-			}
 		}
 		else {
 			if (isset($_POST['form_subpage_kolabUser_deleteUser_open']))  return array();
 			$this->attributes['kolabInvitationPolicy'] = array();
-			// mailbox server
-			if (isset($_POST['mailHost'])) {
-				if ($_POST['mailHost'] == "") {
-					$errors[] = $this->messages['mailHost'][2];
-				}
-				elseif (get_preg($_POST['mailHost'], 'DNSname')) {
-					$this->attributes['mailHost'][0] = $_POST['mailHost'];
-				}
-				else {
-					$message = $this->messages['mailHost'][0];
-					$message[] = $_POST['mailHost'];
-					$errors[] = $message;
-				}
-			}
 			// check old invitation policies
 			$policies = array_flip($this->invitationPolicies);
 			$targets = array();
@@ -487,48 +417,20 @@ class kolabUser extends baseModule {
 			// allowed senders
 			$this->processMultiValueInputTextField('kolabAllowSMTPSender', $errors, 'kolabEmailPrefix');
 			// mailbox quota
-			if ($this->manageMailrecipient()) {
+			if (!empty($_POST['mailQuota']) && !get_preg($_POST['mailQuota'], 'digit')) {
-				if (!empty($_POST['mailQuota']) && !get_preg($_POST['mailQuota'], 'digit')) {
+				$errors[] = $this->messages['mailQuota'][0];
-					$errors[] = $this->messages['mailQuota'][0];
+			}
-				}
+			else {
-				else {
+				$mailQuota = array();
-					$mailQuota = array();
+				if (!empty($_POST['mailQuota'])) {
-					if (!empty($_POST['mailQuota'])) {
+					$mailQuota = array($_POST['mailQuota'] * 1024);
-						$mailQuota = array($_POST['mailQuota'] * 1024);
-					}
-					$this->attributes['mailQuota'] = $mailQuota;
 				}
+				$this->attributes['mailQuota'] = $mailQuota;
 			}
 		}
 		return $errors;
 	}
 
-	/**
-	* This function will create the meta HTML code to show a page to mark an account for deletion.
-	*
-	* @return htmlElement HTML meta data
-	*/
-	function display_html_deleteUser() {
-		$return = new htmlTable();
-		$message = new htmlOutputText(_('Do you really want to mark this account for deletion?'));
-		$message->colspan = 2;
-		$return->addElement($message, true);
-		$return->addElement(new htmlSpacer(null, '10px'), true);
-		$return->addElement(new htmlAccountPageButton(get_class($this), 'attributes', 'confirm', _('Mark account for deletion')));
-		$return->addElement(new htmlAccountPageButton(get_class($this), 'attributes', 'cancel', _('Cancel')));
-		return $return;
-	}
-
-	/**
-	* Write variables into object and do some regex checks
-	*/
-	function process_deleteUser() {
-		if (isset($_POST['form_subpage_kolabUser_attributes_confirm'])) {
-			// set delete flag
-			$this->attributes['kolabDeleteflag'][0] = $this->attributes['mailHost'][0];
-		}
-	}
-
 	/**
 	* This function returns true if all needed settings are done.
 	*
@@ -579,10 +481,6 @@ class kolabUser extends baseModule {
 	function load_profile($profile) {
 		// profile mappings in meta data
 		parent::load_profile($profile);
-		// mail server
-		if (!isset($this->orig['mailHost'][0]) && !empty($profile['kolab_mailHost'][0])) {
-			$this->attributes['mailHost'][0] = $profile['kolab_mailHost'][0];
-		}
 		// mailbox quota
 		if (!empty($profile['kolab_mailQuota'][0])) {
 			$this->attributes['mailQuota'][0] = $profile['kolab_mailQuota'][0] * 1024;
@@ -597,8 +495,8 @@ class kolabUser extends baseModule {
 		$messages = array();
 		$delegates = searchLDAPByAttribute(null, null, 'inetOrgPerson', array('mail'), array('user'));
 		for ($d = 0; $d < sizeof($delegates); $d++) {
-			if (isset($delegates[$d]['mail'][0])) {
+			if (isset($delegates[$d]['dn'])) {
-				$delegates[$d] = $delegates[$d]['mail'][0];
+				$delegates[$d] = $delegates[$d]['dn'];
 			}
 		}
 		for ($i = 0; $i < sizeof($rawAccounts); $i++) {
@@ -606,12 +504,9 @@ class kolabUser extends baseModule {
 			if (!in_array("kolabInetOrgPerson", $partialAccounts[$i]['objectClass'])) {
 				$partialAccounts[$i]['objectClass'][] = "kolabInetOrgPerson";
 			}
-			if ($this->manageMailrecipient() && !in_array("mailrecipient", $partialAccounts[$i]['objectClass'])) {
+			if (!in_array("mailrecipient", $partialAccounts[$i]['objectClass'])) {
 				$partialAccounts[$i]['objectClass'][] = "mailrecipient";
 			}
-			// mailbox server
-			$this->mapSimpleUploadField($rawAccounts, $ids, $partialAccounts, $i, 'kolabUser_mailHost', 'mailHost',
-				'DNSname', $this->messages['mailHost'][1], $messages);
 			// mailbox quota
 			if (!empty($rawAccounts[$i][$ids['kolabUser_mailQuota']])) {
 				if (get_preg($rawAccounts[$i][$ids['kolabUser_mailQuota']], 'digit')) {
@@ -666,7 +561,7 @@ class kolabUser extends baseModule {
 			$this->mapSimpleUploadField($rawAccounts, $ids, $partialAccounts, $i, 'kolabUser_aliases', 'alias', 'email', $this->messages['alias'][1], $messages, '/,[ ]*/');
 			// add delegates
 			if ($rawAccounts[$i][$ids['kolabUser_delegates']] != "") {
-				$newDelegates = explode(',', $rawAccounts[$i][$ids['kolabUser_delegates']]);
+				$newDelegates = explode(';', $rawAccounts[$i][$ids['kolabUser_delegates']]);
 				// check format
 				for ($d = 0; $d < sizeof($newDelegates); $d++) {
 					if (in_array($newDelegates[$d], $delegates)) {
@@ -694,7 +589,6 @@ class kolabUser extends baseModule {
 	 */
 	function get_pdfEntries($pdfKeys, $typeId) {
 		$return = array();
-		$this->addSimplePDFField($return, 'mailHost', _('Mailbox home server'));
 		// invitation policies
 		if (isset($this->attributes['kolabInvitationPolicy'][0])) {
 			// find default policy
@@ -720,7 +614,7 @@ class kolabUser extends baseModule {
 			$this->addPDFTable($return, 'invPol', $pdfTable);
 		}
 		$this->addSimplePDFField($return, 'aliases', _('Email aliases'), 'alias');
-		$this->addSimplePDFField($return, 'delegate', _('Delegates'), 'kolabDelegate');
+		$this->addSimplePDFField($return, 'delegate', _('Delegates'), 'kolabDelegate', '; ');
 		$this->addSimplePDFField($return, 'kolabAllowSMTPRecipient', _('Allowed recipients'));
 		$this->addSimplePDFField($return, 'kolabAllowSMTPSender', _('Allowed senders'));
 		$mailQuota = '';
@@ -753,16 +647,14 @@ class kolabUser extends baseModule {
 		// delegates
 		if (in_array('kolabDelegate', $fields)) {
 			$delegates = array();
-			$sr = @ldap_search($_SESSION['ldapHandle'], escapeDN($this->selfServiceSettings->LDAPSuffix), '(&(objectClass=inetOrgPerson)(mail=*))', array('mail'), 0, 0, 0, LDAP_DEREF_NEVER);
+			$sr = @ldap_search($_SESSION['ldapHandle'], escapeDN($this->selfServiceSettings->LDAPSuffix), '(&(objectClass=inetOrgPerson)(mail=*))', array('dn'), 0, 0, 0, LDAP_DEREF_NEVER);
 			if ($sr) {
 				$result = ldap_get_entries($_SESSION['ldapHandle'], $sr);
 				cleanLDAPResult($result);
 				for ($i = 0; $i < sizeof($result); $i++) {
-					$delegates[] = $result[$i]['mail'][0];
+					$delegates[getAbstractDN($result[$i]['dn'])] = $result[$i]['dn'];
 				}
 			}
-			$delegates = array_unique($delegates);
-			sort($delegates);
 			$kolabDelegate = array();
 			if (isset($attributes['kolabDelegate'])) {
 				$kolabDelegate = $attributes['kolabDelegate'];
@@ -774,8 +666,7 @@ class kolabUser extends baseModule {
 					}
 				}
 			}
-			$delegates = array_values($delegates);
+			uksort($delegates, 'compareDN');
-			sort($kolabDelegate);
 			$_SESSION['kolabUser_kolabDelegate'] = $kolabDelegate;
 			$delegateFields = array();
 			$delegateContainer = new htmlTable();
@@ -789,7 +680,10 @@ class kolabUser extends baseModule {
 				}
 			}
 			if (!in_array('kolabDelegate', $readOnlyFields)) {
-				$delegateContainer->addElement(new htmlSelect('new_delegate_value', $delegates));
+				$delegateSelect = new htmlSelect('new_delegate_value', $delegates);
+				$delegateSelect->setSortElements(false);
+				$delegateSelect->setHasDescriptiveElements(true);
+				$delegateContainer->addElement($delegateSelect);
 				$delegateContainer->addElement(new htmlTableExtendedInputCheckbox('new_delegate', false, _("Add"), null, false), true);
 			}
 			$delegateLabel = new htmlOutputText($this->getSelfServiceLabel('kolabDelegate', _('Delegates')));
@@ -971,33 +865,6 @@ class kolabUser extends baseModule {
 		return $return;
 	}
 
-	/**
-	 * Returns if the object class "mailrecipient" is managed by this module.
-	 *
-	 * @return boolean manage mailrecipient object class
-	 */
-	private function manageMailrecipient() {
-		// abort if configuration is not available
-		if (!isset($this->moduleSettings) || !is_array($this->moduleSettings)) {
-			return true;
-		}
-		if (isset($this->moduleSettings['kolabUser_mailrecipient'][0]) && ($this->moduleSettings['kolabUser_mailrecipient'][0] == 'false')) {
-			return false;
-		}
-		return true;
-
-	}
-
-	/**
-	 * {@inheritDoc}
-	 * @see baseModule::get_configOptions()
-	 */
-	public function get_configOptions($scopes, $allScopes) {
-		$configContainer = new htmlResponsiveRow();
-		$configContainer->add(new htmlResponsiveInputCheckbox('kolabUser_mailrecipient', true, _('Manage object class "mailrecipient"'), 'mailrecipient'), 12);
-		return $configContainer;
-	}
-
 }