ejabberd - Comments for "auth_method ldap cn / displayName attribute? And mod_shared_roster_ldap for custom group?"

When I add a GMail buddy from

batfastad — Wed, 09 Nov 2011 17:10:49 +0000

When I add a GMail buddy from our ejabberd XMPP account, the GMail display name gets pushed.
But when I add an ejabberd buddy from my GMail account, the ejabberd display name doesn't get pushed.

So it seems GMail is doing something that ejabberd doesn't.

Had a look at the XMPP console in Pidgin as you suggested and it seems that GMail sends the following message...

My GMail Display Name

image/png
encoded binary photo data in here

But ejabberd doesn't send that.
I have mod_vcard_ldap enabled and it appears to return my mod_vcard_ldap mappings when I do a manual "Get Info" on the user.
But it seems that ejabberd doesn't send that vCard vcard-temp stanza on buddy auth, whereas GMail does.

My mod_vcard_ldap configuration is as follows...

    {mod_vcard_ldap, [
        {iqdisc, one_queue},
        {search, false},
        {ldap_vcard_map, [
            {"NICKNAME", "%s", ["displayName"]},
            {"FIRST", "%s", ["givenName"]},
            {"LAST", "%s", ["sn"]},
            {"FN", "%s", ["displayName"]},
            {"EMAIL", "%s", ["zimbraMailDeliveryAddress"]}
        ]},
        {ldap_search_reported,
            {"Nickname", "NICKNAME"},
            {"E-Mail", "EMAIL"}
        ]}
    ]},

Note that I have mod_vcard_ldap search set to false and I don't have mod_vcard configured.

Anyone know if the sending of vcard-temp by ejabberd is configurable?
Anyone been able to solve this?

Cheers, B

I may be totally wrong with

mikekaganski — Wed, 09 Nov 2011 01:25:34 +0000

I may be totally wrong with everything I'm going to write,
but I suppose that the problem that display name isn't pushed through s2s isn't caused bu LDAP. I guess that if you used any other DB (may it be internal mnesia, or ODBC, or whatever) you would get the same results. Maybe it's ejabberd that doesn't support some extended s2s protocol. Or you just didn't enable the module that implements that protocol. Or GMail may use some internal "cheating" when adding its own users (then you would see the same problem if you tried to add GMail buddy to another (not GMail) public XMPP account).

Maybe you could capture the XMPP exchanges when you add a GMail buddy, and when you add a buddy from your server to your GMail account. Then you could compare the differences, and maybe notice which requests your client sends to GMail to get display names. Then it could allow you to identify the protocol that is missing here.

@all@ in mod_shared_roster

batfastad — Tue, 08 Nov 2011 14:20:29 +0000

@all@ in mod_shared_roster doesn't work with LDAP. I can see why it doesn't work.

After some testing I still can't get an LDAP user's display name to be pushed to an external buddy, even with mod_vcard_ldap correctly configured.
When you add a GMail buddy in Pidgin, their display name gets pushed to you. But when I add an LDAP buddy from my GMail XMPP account, you only see the jid. Until you do a "Get Info" on the LDAP buddy and a display name is retrieved along with any other info specified in the mappings for mod_vcard_ldap.

Anyone got any ideas on this?
If it's not possible to have a display name pushed when using LDAP auth, then that's fine.
I'd just like to know so I don't waste time thinking about it!

Cheers, B

2. I haven't used

mikekaganski — Sun, 30 Oct 2011 00:17:15 +0000

2. I haven't used mod_shared_roster myself, but as far as I can read in the source code, this module is able to display the users' names correctly, if they are available using mod_vcard(_ldap). So the issue may be that you haven't configured the latter one correctly. Maybe the first question has the same solution...
With mod_shared_roster_ldap, all users are in some group in roster. This, however, doesn't mean that they must belong to a LDAP group. You may use any commom attribute as a grouping value.
However, your case would be better handled by mod_shared_roster, if it would support using @all@ with LDAP. Here on forum, there are posts that indicate that mod_shared_roster is unable to add @all@ LDAP users. I consider this as a bug, since web admin is able to display the LDAP users correctly. I suppose you should check if *all* works for you with mod_shared_roster, and if not, then file a bug.