[ejabberd] ejabberd and Active Directory authentication
leifj at it.su.se
Thu Aug 26 13:48:56 MSD 2004
James Tait wrote:
> Hi Fernando,
> I tried to do the same, but didn't have any luck. I couldn't even get
> standard openldap tools like ldapsearch to bind to the AD server, though I
> can query it. In the end, I used the external authentication patch and
> knocked together a small application to do SMB authentication against the AD
> server instead. I posted it to the list fairly recently.
> Hope this helps,
NB! You need use SASL+GSSAPI+Kerbeos (probably with RC4 support) to talk
to an active-directory server. Good stuff here if you need details:
The problem is of course that ejabberd doesn't have a GSSAPI sasl mech.
Imho we need that anyway for xmpp sasl support. It might be necessary
to cobble together an external sasl framewok using cyrus-sasl or gnu
sasl to achieve this goal.
More information about the ejabberd