[ejabberd] Using the full JID in a LDAP field

Lionel Dricot zeploum at gmail.com
Fri Jul 25 12:01:07 MSD 2008


Hello,

I'm currently trying to configure Ejabberd with LDAP to share
authentification with the IMAP server. My goal is to have a Jabber account
which is the same as their mail adress.

Because I use virtual domains, I don't use the uid of users to log to the
imap server but I use the "mail" entry. Indeed, uid are all uniques but two
user could have the same "screen name" on two different domain. For example,
I want that it's possible to have bill at domain1 and bill at domain2 as two
separates users of my system. (their uid would probably be bill1 and bill2
but they will never see that).

In my IMAP server (dovecot), this is achieved by the following configuration
:

    base = dc=example,dc=org
    user_attrs = mailbox=home
    user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
    pass_attrs = mail=user,userPassword=password
    pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))


It works great. User log in using their mail adress.

My question is : how can I do the same on Ejabberd ? Yesterday in the chat
room, some very helpful people pointed me to
http://svn.process-one.net/ejabberd/trunk/doc/guide.html#ldap

But I'm still unable to figure out how to achieve what I want with those
command (I'm not the brightest admin in the world).

Currently, my idea is :

For each virtual domain domainX (domain1, domain2, ...)

{host_config, "domainX", [{auth_method,   ldap},
                          {ldap_servers,  ["localhost"]},
                              {ldap_uids,     [{"mail", "%u at domainX"}]},
                              {ldap_filters,
filter_that_takes_only_people_with "domainX" in the mail field},
                              {ldap_base,   "ou=users, dc=example,dc=com"},
                              {ldap_rootdn, ""},
                              {ldap_password, ""}]}.


I have still to figure out how to make the filter but I'm not convinced that
it will work and that it is the easiest solution.

So, what do you think ? Is there anyone who encountered the same
configuration ? What would you do in my situation ?

Thank you a lot for reading,

Lionel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jabber.ru/pipermail/ejabberd/attachments/20080725/9bf93751/attachment.htm 


More information about the ejabberd mailing list