What's wrong with the ejabberd setup?

B

Benderatorr2016-10-06 23:54:50

ubuntu

Benderatorr, 2016-10-06 23:54:50

Installed ejabberd on Ubuntu 16.04, accounts pulled from AD 2008R2 In ~
ejabberd.log error
.med.local:389
Reason: invalidCredentials
sudo kinit -V -k -t /etc/ejabberd/ejabberd.keytab xmpp/[email protected]
Outputs:
Using default cache: /tmp/krb5cc_0
Using principal: xmpp /[email protected]
_
_
_
_
KVNO Principal
-------------------------------------------------------- ----------------------------
5 xmpp/[email protected] (arcfour-hmac)
LDAP section in ejabberd. yml
auth_method: ldap
ldap_servers:
- "rubel-s-000001.makcbelmed.local"
ldap_encrypt: none
ldap_port: 389
ldap_rootdn: "CN=jabra,CN=Users,DC=med,DC=local" - ??? or xmpp/jabra.med.local
ldap_password: "123456"
ldap_base: "dc=med,dc=local"
ldap_uids:
- "sAMAccountName" - or what is the principal?
ldap_filter: "(memberOf=CN=jabra-group,CN=Users,DC=med,DC=local)"
sasl_realm: "MED.LOCAL"
sasl_fqdn: "jabra.med.local"

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

R

Rsa97, 2016-10-07
@Rsa97

Here is a snippet of my working config:

auth_method: ldap
ldap_servers:
   - "10.149.0.209"
   - "10.149.0.211"
ldap_encrypt: none
ldap_port: 389
ldap_rootdn: "cn=readonly,cn=users,dc=domain,dc=local"
ldap_password: "password"
ldap_base: "cn=users,dc=domain,dc=local"
ldap_uids:
   "sAMAccountName": "%u"
ldap_filter: "(&(objectClass=user)(memberOf:1.2.840.113556.1.4.1941:=cn=JabberAccess,ou=Permissions,dc=domain,dc=local))"

Authorized without problems. The only thing that I had to add myself was a common roster (the native one is sharpened on openLDAP) and storing photos in AD.
Well, there is no NTLM user authorization in Ejabberd.