[ejabberd] Authentication using LDAP and ACL group?

Pawel Tecza P.Tecza at icm.edu.pl
Tue Jul 5 13:18:29 MSD 2011


Hi there,

This is my first post here, so at first I would like to say "Hello!" to
all of you :)

Recently I've installed successfully ejabberd 2.1.5 on my Debian Squeeze
box and configured user's authentication against LDAP server. It seems
that it works well, it means I can log in the Jabber server using Pidgin
client and web administration interface shows me that all LDAP users of
mine are registered. Below you can see my configuration:

{host_config, "mydomain.pl", [{auth_method,  ldap},
    {ldap_servers, ["myldapserver"]},
    {ldap_encrypt, none},
    {ldap_port,    389},
    {ldap_uids,    [{"uid"}]},
    {ldap_base,    "ou=People,dc=mydomain,dc=pl"},
    {ldap_filter,  ""}]}.

But it's not exactly what I really need... I have a lot of different
user groups in my LDAP server and I want to give Jabber accounts only to
one group. Unfortunately it seems that I can't use ldap_filter option,
because I store information about my user groups in different LDAP
branch. It looks as below:

cn=jabberACL,ou=Group,dc=mydomain,dc=pl
  memberUid
    user1
    user2
    user3
    ...

Does LDAP module of ejabberd support something like that? If not, how
can I work-around that problem? Maybe I should use external script for
authentication of my users? Any hints are very welcome! :)

My best regards,
Pawel



More information about the ejabberd mailing list