[ejabberd] mod_shared_roster_ldap config help

Kristian Davies kristian.davies at gmail.com
Wed Nov 9 23:39:01 MSK 2011

I'm new.  I've been reading docs but at this stage my brain is about
to implode....

I've got to the point where I need to provide shared roster.  I've an
OU called Employees which contains a further 6 OU's which along the
lines of Site1, Site2, Disabled_users, Boring_users, TEST.  I was to
give all users roster groups with the name of Site1 and Site2 with all
the users in those OU's.  I'm not using AD groups for this (I'm basing
it on the OU they are in).

Current setup...

{ldap_base, "OU=Employees,OU=People,DC=ad,DC=abc,DC=local"}.
{ldap_filter, "(&(ObjectClass=user)(!(ObjectClass=computer))(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(ou=Disabled_Users))(!(ou=Boring_users))(!(ou=TEST)))"}.

{ldap_rfilter, "(&(objectClass=organizationalUnit)(!(ou=Disabled_Users))(!(ou=Boring_users))(!(ou=TEST))(!(ou=Employees)))"},
{ldap_groupattr, "ou"},
{ldap_gfilter, "(&(objectclass=user)(ou=%g,ou=Employees,ou=People,DC=ad,DC=abc,DC=local))"},
{ldap_memberattr, "sAMAccountName"},
{ldap_ufilter, "(sAMAccountName=%u)"},
{ldap_userdesc, "displayName"}

I think it might be ldap_gfilter onwards where the problem lies... or
I might be doing something completely the wrong way.

Advice appreciated.


More information about the ejabberd mailing list