Hi,
I'm trying to set up ejabber in our testlab to compare it with Openfire. Most things went well, but now I'm more or less stuck.
The ejabber server is a fully updated Ubuntu 8.04.1 server. Did not use the universe ejabber packages, because they seemed old. So I downloaded ejabberd-2.0.2_2-linux-x86-installer.bin which installed fine.
I started the application and tested the web admin, this worked without problems.
After that I edited /opt/ejabber-x.x/conf/ejabber.cfg for LDAP authentication and something with vcards, as per the docs at and restarted the server. The ldap server is a fully patched MS Windows 2003r2 server running Active Directory.
I than tried logging in again and noticed that I needed to enter the AD password for the "admin" account (this account does exists and is actually the renamed Administrator account). That worked OK.
Than I tried logging in with a IM client, I tried both Spark and Pidgin, giving the same results :
- logging in as admin works as expected. I'm able to change status and such. Good
- logging in as any other AD user does not work :-(, I feel so alone on my jabber server :-)
So that's some background. What to try next? Do I need to tweak an ACL entry? Is there any information I need to dig up? Hopefully someone here will be able to help me with this.
Thanks for your time
Eelco
The Netherlands
Increase the log level, maybe there is some clue
I know little of LDAP or AD. I just tried the feature and I could login with both LDAP accounts I had created :)
You can edit ejabberd.cfg and increase the verbosity of the logs:
{loglevel, 5}.But I am not sure if you will find any clue of the problem in all the amount of messages you will get at login.
One possibility is to login with the admin account, store the log messages. Then login with a regular account, store the log messages. And compare the log messages, maybe there's a notable difference that points you to the source of the problem.
I used openldap and it worked fine for me
Could you show your ldap config segments here?
LDAP / Active Directory authentication not fully operational
I'm experiencing the same issue. The administrator account will authenticate but no others. Did you find a solution?
Re: LDAP / Active Directory authentication not fully operational
I'm experiencing the same issue.
Could you show your config file (without comments, please)?
Verify ldap_base
Please check your config and verify ldap_base points to (or a level above) the OU where your users are.
If your ldap_base points to the users container, where admin is, but users are in another container, they will not be able to log in.
eg-
{ldap_base, "cn=users,dc=yourdomain,dc=local"}.
should be:
{ldap_base, "dc=yourdomain,dc=local"}.
or:
{ldap_base, "ou=My Users,dc=yourdomain,dc=local"}.