ejabbered v.0.9.1 admin login

Hello,

I am trying to get ejabbered installed on a redhat 9 box, and it seems to install properly, but when I start he ejabberd server, it doesn't let me login.

I have tried logging in under the the user name admin, admin@localhost, and admin@default (which is the server name), and every time I enter the password it says it's invalid.

Having done this, I then checked the config file, and added another admin user named mike, and proceeded to try and register the user, which it will not let me do. I have the server started and running, but it won't let me register any users.

Any help is appreciated.
Thanks,
Mike

create/register the user with a jabber client!

Maybe you did not understand how that works, or I did not understand your explanation. Let's check:

  • You can create a Jabber account on your Jabber server with any Jabber client, with ejabberdctl or inside the webadmin (that you can't access yet).
  • Once your account exists, you give it admin rights on ejabberd.cfg and restart the server.
  • When, and only when the account exists and has admin rights you will be able to login to the webadmin using the full JID and password.

Okay. Now I understand why

Okay.

Now I understand why I can't login via the webadmin. That makes sense, but it still refuses to let me register users, either via /ejabbertctl register etc.. or through a client.

My config file looks as follows:
% $Id: $

%override_acls.

% Users that have admin access. Add line like one of the following after you
% will be successfully registered on server to get admin access:
{acl, admin, {user, "admin"}}.
{acl, admin, {user, "mike"}}.

% Blocked users:
%{acl, blocked, {user, "test"}}.

% Local users:
{acl, local, {user_regexp, ""}}.

% Another examples of ACLs:
%{acl, jabberorg, {server, "jabber.org"}}.
%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%{acl, test, {user_regexp, "^test"}}.
%{acl, test, {user_glob, "test*"}}.

% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

% Every username can be registered via in-band registration:
% You could replace {allow, all} with {deny, all} to prevent user from using in-band registration
{access, register, [{allow, all}]}.

% After successful registration user will get message with following subject
% and body:
{welcome_message,
{"Welcome!",
"Welcome to Instant Messaging server localhost"
"For information about ejabberd visit http://www.process-one.net/"}}.
% Replace them with 'none' if you don't want to send such message:
%{welcome_message, none}.

% List of people who will get notifications about registered users
%{registration_watchers, ["admin1@localhost",
% "admin2@localhost"]}.

% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.

% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
{allow, all}]}.

% Set shaper with name "normal" to limit traffic speed to 1000B/s
{shaper, normal, {maxrate, 1000}}.

% Set shaper with name "fast" to limit traffic speed to 50000B/s
{shaper, fast, {maxrate, 50000}}.

% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
{normal, all}]}.

% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

% This rule allows access only for local users:
{access, local, [{allow, local}]}.

% Authentification method. If you want to use internal user base, then use
% this line:
{auth_method, internal}.

% For LDAP authentification use these lines instead of above one:
%{auth_method, ldap}.
%{ldap_servers, ["localhost"]}. % List of LDAP servers
%{ldap_uidattr, "uid"}. % LDAP attribute that holds user ID
%{ldap_base, "dc=example,dc=com"}. % Search base of LDAP directory
%{ldap_rootdn, "dc=example,dc=com"}. % LDAP manager
%{ldap_password, "******"}. % Password to LDAP manager

% For authentification via external script use the following:
%{auth_method, external}.
%{extauth_program, "/path/to/authentification/script"}.

% For authentification via ODBC use the following:
%{auth_method, odbc}.
%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.

% Host name:
{hosts, ["allstate"]}.

% Default language for server messages
{language, "en"}.

% Listened ports:
{listen, [{5222, ejabberd_c2s, [{access, c2s},
{shaper, c2s_shaper}]},
%% Use this line to enable SSL:
%%{5223, ejabberd_c2s, [{access, c2s}, ssl, {certfile, "./ssl.pem"}]},
%%
%% Use those lines instead for TLS support:
%%{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper},
%% starttls, {certfile, "./ssl.pem"}]},
%% {5223, ejabberd_c2s, [{access, c2s},
%% tls, {certfile, "./ssl.pem"}]},

%% Remove this line if you want to prevent s2s connections:
{5269, ejabberd_s2s_in, [{shaper, s2s_shaper}]},

%% remove http_poll to remove support for http polling
%% remove web_admin to disable admin interface:
{5280, ejabberd_http, [http_poll, web_admin]}
%% This is an example on how to define an external service/transport:
%% {8888, ejabberd_service, [{access, all},
%% {hosts, ["icq.localhost", "sms.localhost"],
%% [{password, "secret"}]}]}
]}.

% If SRV lookup fails, then port 5269 is used to communicate with remote server
{outgoing_s2s_port, 5269}.

% Used modules:
{modules,
[
{mod_register, [{access, register}]},
{mod_roster, []},
{mod_privacy, []},
{mod_configure, []},
{mod_configure2, []},
{mod_disco, []},
{mod_stats, []},
{mod_vcard, []},
{mod_offline, []},
{mod_announce, [{access, announce}]},
{mod_echo, [{host, "echo.localhost"}]},
{mod_private, []},
{mod_irc, []},
% Default options for mod_muc:
% host: "conference." ++ ?MYNAME
% access: all
% access_create: all
% access_admin: none (only room creator has owner privileges)
{mod_muc, [{access, muc},
{access_create, muc},
{access_admin, muc_admin}]},
{mod_pubsub, []},
{mod_time, []},
{mod_last, []},
{mod_version, []}
]}.

% Local Variables:
% mode: erlang
% End:

Is there anything that I'm not configuring properly? Our network has a 10.0.10.1 default gateway, and 255.255.255.0 subnet mask. The IP of the computer is 10.0.10.6.

Thanks again,
Mike

To register a user put the full JID

To register a user using webadmin on ejabberd 0.9.1, put the fill JID, not only the name. It should work. What error does the webadmin and ejabberdctl report, if any?

Okay, maybe I'm not

Okay, maybe I'm not understanding properly what I have to do.

The JID is user@server@host correct?

>[root@dev2 bin]# ./ejabberdctl register mike default@localhost *(psswd)*
Usage: ejabberdctl node command

Available commands:
start start ejabberd
status get ejabberd status
stop stop ejabberd
restart restart ejabberd
reopen-log reopen log file
register user server password register a user
unregister user server unregister a user
backup file store a database backup to file
restore file restore a database backup from file
install-fallback file install a database fallback from file
dump file dump a database to a text file
load file restore a database from a text file
import-file file import user data from jabberd 1.4 spool file
import-dir dir import user data from jabberd 1.4 spool directory
registered-users list all registered users
delete-expired-messages delete expired offline messages from database

>Example:
ejabberdctl ejabberd@host restart

>Note that except the start command, all other commands require the ejabberd server to be running.

Is my command not correct?

Yes, there's something that

Yes, there's something that you did not understand because it's not explained anywhere. There are two identifiers, don't confuse them:

  • the JabberID identifies an user, as you already know: mike@jabberme.org
  • in Erlang, each node (each ejabberd node) has an identifier: dante@mynetwork. That ID has no relation to Jabber, it's an Erlang thing. It's usually specified on ejabberd startup (erl... -name dante@mynetwork), but it may be composed automatically.

Ejabberdctl can operate not only with a local ejabberd server, it can administrate any ejabberd node on the network, if properly configured. So, for any command in ejabberdctl you must indicate the Erlang node name. Additionally, some commands like 'register' require the JID.

So, I think this command looks better:

./ejabberdctl dante@mynetwork register mike jabberme.org hispa55w0rd

Anyway, don't forget you can register new users using the webadmin, too.

Possible Answer

Try this assuming your server is called allstate
To verify th ejabberd service is running

Ejabberdctl --node ejabberd@allstate status

If all is ok
Register the admin user (I noted you called it mike)
Ejabberdctl --node ejabberd@allstate register mike allstate password

When using the ejabberdctl tool always start the process with
Ejabberdctl --node ejabberd@allstate

Once the admin is registered you should be able to use the web tool
http://allstate:5280/mike
Then the user: mike@allstate
password: password

Of course change this password for security reasons on the web version

Another thing to check

Verify your hosts file contains the server name allstate

Syndicate content