Hi, all.
I'm configuring ejabberd to support two domains by using LDAP authentication.
One of them uses cn for uidattr. But the other does mail.
So, I configured ldap_uids as follows.
{host_config, "dom1.com", [{ldap_uids, [{"cn", %u"}]}]}.
{host_config, "dom2.com", [{ldap_uids, [{"mail", %u@%d"}]}]}.
Thus users of each domain can log in.
dom1.com doesn't have 'mail' attribute.
'name' attribute is common in both domains.
I want to search users of both domains in a single query using vcard_ldap.
However, when I log in as a dom1.com user and search users using name attribute, users in dom2.com don't show up.
How should I set up?
Please, Help me.
Not possible. See workaround
Disclaimer: I know little about LDAP or mod_vcard_ldap.
I don't see any simple solution to your problem.
Here is a workaround: in ejabberd you can define mod_vcard_ldap with some options for the first vhost, and the module with different options for the second vhost. Check in the Guide about host_config and {add, modules}. That way you have two separa vjuds that work correctly for each domain: vjud.dom1.com and vjud.dom2.com.
Then, in dom1 enable the module mod_disco with option extra_domains and put "vjud.dom2.com". And viceversa. That way users of dom1 have in Service Discovery both vjuds. And users of dom2 have both vjuds too.
They need to perform two searches, but that's the only workaround I could find for your wacky setup :P
Thanks for your advice
I solved the different LDAP attibutes problem, POLITICALLY. :-)
Making both domains have 'mail' attribute.
So, the mail attribute can be uid.
However, searching users in the other domain is not easy.
Is it possible to search users in other domains?
Thanks, in advance.
searching ldap users
I solved the different LDAP attibutes problem, POLITICALLY. :-)
Making both domains have 'mail' attribute.
So, the mail attribute can be uid.
However, searching users in the other domain is not easy.
Is it possible to search users in other domains?
Thanks, in advance.
If your directory is AD and your domains are in the same AD forest : no problem for searching users.
If you've got different independent domains, the same account is to be used for searching accounts in all different domains.