[ejabberd] LDAP Authentication - deny access

Petter Olsson polsson at bgc-jena.mpg.de
Thu Jun 27 14:40:40 MSK 2013


Hi guys,

Running:
Ubuntu 12.04.02 LTS
ejabberd 2.1.10-2ubuntu1.1

Relevant LDAP Info:
%% LDAP attribute that holds user ID:
{ldap_uids, [{"uid", "%u"}]}.
%%
%% LDAP filter:
{ldap_filter, "(objectClass=shadowAccount)"}.

Problem:
Accounts that are disabled in LDAP can still login.

Question:
Can I use some sort of filter to have it not allow disabled/expired accounts from LDAP or do I have to switch to PAM for this to happen?

Thanks
Petter

Petter Olsson
Systems Engineer
Max-Planck-Institute for Biogeochemistry
Hans-Knöll-Strasse 10, 07745 Jena, Germany

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4497 bytes
Desc: not available
URL: <http://lists.jabber.ru/pipermail/ejabberd/attachments/20130627/2ebf767a/attachment.bin>


More information about the ejabberd mailing list