[ejabberd] ejabberd + windows AD

Agnello George agnello.dsouza at gmail.com
Wed Jan 14 12:49:57 MSK 2009


On Wed, Jan 7, 2009 at 8:32 PM, Evgeniy Khramtsov <xramtsov at gmail.com> wrote:
> Agnello George wrote:
>
>> what would be the basis parameter i would
>> need here in order to get my ejabberd to authinticate via ADS ..
>>
>
> In general this depends on your environment. Please, read the documentation:
> there is a complete example on how to configure AD authentication and
> vCards.
>


i have a virtual domain   on ejabberd called swapnil123.com and and i
am trying to auththenticate it via an exteral AD server ....... bellow
is my configuration :

{hosts, [ "swapnil123.com" ]}

{host_config, "swapnil123.com", [{auth_method, ldap},
                              {ldap_servers, ["192.168.50.173"]},
                              {ldap_uids, [{"sAMAccountName"}]},
                              {ldap_base, "dc=swapnil123,dc=com"},
                              {ldap_rootdn,
"cn=administrator,cn=Users,dc=swapnil123,dc=com"},
                              {ldap_filter, "(memberOf=*)"},
                              {ldap_password, "qwerasdf"}]}.


I am able to query the AD server  useing the ldap search commnd  :

ldapsearch -x  -v -D "cn=administrator,cn=Users,dc=swapnil123,dc=com"
-b "dc=swapnil123,dc=com" "sAMAccountName=User4"  -W  -h
192.168.50.173

Howerver, if I try to login via pidgin client and it give me the
follwoing error logs

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
INFO REPORT==== 2009-01-14 15:07:50 ===
D(<0.347.0>:shaper:61) : State: {maxrate,1000,0,1231925870501414}, Size=92
M=46.0, I=5.548


=INFO REPORT==== 2009-01-14 15:07:50 ===
D(<0.267.0>:eldap:587) : {searchRequest,
                          {'SearchRequest',"dc=swapnil123,dc=com",
                           wholeSubtree,neverDerefAliases,0,0,false,
                           {'and',
                            [{equalityMatch,
                              {'AttributeValueAssertion',"sAMAccountName",
                               "user4"}},
                             {present,"memberOf"}]},
                           []}}


=INFO REPORT==== 2009-01-14 15:07:50 ===
D(<0.267.0>:eldap:648) : {searchResRef,

["ldap://ForestDnsZones.swapnil123.com/DC=ForestDnsZones,DC=swapnil123,DC=com"]}

=INFO REPORT==== 2009-01-14 15:07:50 ===
D(<0.267.0>:eldap:648) : {searchResRef,

["ldap://DomainDnsZones.swapnil123.com/DC=DomainDnsZones,DC=swapnil123,DC=com"]}

=INFO REPORT==== 2009-01-14 15:07:50 ===
D(<0.267.0>:eldap:648) : {searchResRef,

["ldap://swapnil123.com/CN=Configuration,DC=swapnil123,DC=com"]}

=INFO REPORT==== 2009-01-14 15:07:50 ===
D(<0.267.0>:eldap:648) : {searchResDone,
                             {'LDAPResult',success,[],[],asn1_NOVALUE}}

=INFO REPORT==== 2009-01-14 15:07:50 ===
I(<0.348.0>:ejabberd_c2s:577) :
({socket_state,gen_tcp,#Port<0.441>,<0.347.0>}) Failed authentication
for user4 at swapnil123.com

=INFO REPORT==== 2009-01-14 15:07:50 ===
D(<0.348.0>:ejabberd_c2s:1362) : Send XML on stream = "<failure
xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/></failure>"
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

I dont seem to understand where i am making a mistake

Can some one help me out here !!

-- 
Regards
Agnello D'souza


More information about the ejabberd mailing list