Hello!
ejabberd15 can not configure authentication ldap.
Now configuration of ejabberd2.
how to convert ejabberd15, there is a different syntax .
{loglevel, 5}.
{hosts, ["domen.local"]}.
{listen,
[
{5222, ejabberd_c2s, [{access, c2s},
{shaper, c2s_shaper},
{max_stanza_size, 65536},
starttls, {certfile, "/usr/local/etc/ejabberd/ssl.pem"}]},
{5223, ejabberd_c2s, [{access, c2s},
{certfile, "/usr/local/etc/ejabberd/ssl.pem"}, tls,
{max_stanza_size, 65536}]},
{5269, ejabberd_s2s_in, [{shaper, s2s_shaper},
{max_stanza_size, 131072}
]},
{5280, ejabberd_http, [http_poll, web_admin]},
{5281, ejabberd_http, [web_admin, tls, {certfile, "/usr/local/etc/ejabberd/ssl.pem"}]}
]}.
{s2s_use_starttls, true}.
{s2s_certfile, "/usr/local/etc/ejabberd/ssl.pem"}.
%%{outgoing_s2s_options, [ipv4, ipv6], 10000}.
{outgoing_s2s_port, 5269}.
{welcome_message,
{"Welcome!",
"Welcome to Jabber Service. "}
}.
{auth_method, ldap}.
{ldap_servers, ["192.168.1.4"]}.
%%
%% Encryption of connection to LDAP servers:
%%{ldap_encrypt, none}.
%%{ldap_encrypt, tls}.
%%
%% Port to connect to on LDAP servers:
%%{ldap_port, 389}.
%%{ldap_port, 636}.
%%
%% LDAP manager:
{ldap_rootdn, "cn=ldap,dc=domen,dc=local"}.
%%
%% Password of LDAP manager:
{ldap_password, "******"}.
%%
%% Search base of LDAP directory:
{ldap_base, "dc=domen,dc=local"}.
%%
%% LDAP attribute that holds user ID:
{ldap_uids, [{"userPrincipalName", "%u@domen.local"}]}.
%% LDAP filter:
{ldap_filter, "(objectClass=user)"}.
{shaper, normal, {maxrate, 1000}}.
{shaper, fast, {maxrate, 50000}}.
%%{max_fsm_queue, 1000}.
{acl, admin, {user, "ldapuser", "domen.local"}}.
{acl, local, {user_regexp, ""}}.
{access, pubsub_createnode, [{allow, all}]}.
{access, configure, [{allow, admin}]}.
{access, max_user_sessions, [{10, all}]}.
{access, max_user_offline_messages, [{5000, admin}, {100, all}]}.
{access, local, [{allow, local}]}.
{access, c2s, [{deny, blocked},
{allow, all}]}.
{access, c2s_shaper, [{none, admin},
{normal, all}]}.
{access, s2s_shaper, [{fast, all}]}.
{access, announce, [{allow, admin}]}.
{access, muc_admin, [{allow, admin}]}.
{access, register, [{deny, all}]}.
%% Only accounts of the local ejabberd server can create rooms:
{access, muc_create, [{allow, local}]}.
{access, muc, [{allow, all}]}.
%% Define specific Access Rules in a virtual host.
%%
%%{host_config, "localhost",
%% [
%% {access, c2s, [{allow, admin}, {deny, all}]},
%% {access, register, [{deny, all}]}
%% ]
%%}.
{language, "ru"}.
{modules,
[
{mod_adhoc, []},
{mod_announce, [{access, announce}]}, % recommends mod_adhoc
{mod_caps, []},
{mod_configure,[]}, % requires mod_adhoc
{mod_disco, []},
%%{mod_echo, [{host, "echo.localhost"}]},
%%{mod_irc, []},
{mod_http_bind, []},
%%{mod_http_fileserver, [
%% {docroot, "/var/www"},
%% {accesslog, "/var/log/ejabberd/access.log"}
%% ]},
{mod_last, []},
{mod_muc, [
%%{host, "conference.@HOST@"},
{access, muc},
{access_create, muc_create},
{access_persistent, muc_create},
{access_admin, muc_admin}
]},
%%{mod_muc_log,[]},
{mod_offline, [{access_max_user_messages, max_user_offline_messages}]},
{mod_ping, []},
{mod_privacy, []},
{mod_private, []},
%%{mod_proxy65,[]},
{mod_pubsub, [
{access_createnode, pubsub_createnode},
{ignore_pep_from_offline, true}, % reduces resource comsumption, but XEP incompliant
%%{ignore_pep_from_offline, false}, % XEP compliant, but increases resource comsumption
{last_item_cache, false},
{plugins, ["flat", "hometree", "pep"]} % pep requires mod_caps
]},
% {mod_register, [ {welcome_message, {"Welcome!",
% "Welcome to Jabber Service!!!!!!!"}},
% {access, register}
% ]},
{mod_roster, [{iqdisc, one_queue}]},
%%{mod_service_log,[]},
%% {mod_shared_roster,[]},
{mod_shared_roster_ldap, [
{ldap_base, "OU=test,DC=domen,DC=local"},
{ldap_filter, ""},
{ldap_rfilter, "(objectClass=group)"},
{ldap_gfilter, "(&(objectClass=group)(cn=%g))"},
{ldap_groupdesc, "name"},
{ldap_memberattr, "member"},
{ldap_memberattr_format_re, "CN=(\\w*),(OU=.*,)*DC=domen,DC=local"},
% {ldap_userdesc, "displayName"},
{ldap_userdesc, "description"},
{ldap_ufilter, "(&(objectClass=user)(cn=%u))"}]},
{mod_vcard_ldap, [
% {iqdisc, one_queue},
% {ldap_rootdn, "cn=ldap,dc=domen,dc=local"},
% {ldap_password, "*******"},
% {ldap_uids, [{"sAMAccountName", "%u"}]},
{ldap_vcard_map, [
{"NICKNAME", "%u", []},
{"FAMILY", "%s", ["sn"]},
{"GIVEN", "%s", ["givenName"]},
{"FN", "%s %s", ["givenName", "sn"]},
{"ORGNAME", "%s", ["o"]},
{"LOCALITY", "%s", ["l"]},
{"REGION", "%s", ["st"]},
{"PHOTO", "%s", ["jpegPhoto"]},
{"URL", "%s", ["homepage"]}
]},
{ldap_search_fields, [
{"User", "%u"},
{"Name", "givenName"},
{"Family Name", "sn"},
{"Region", "st"},
{"City", "l"}
]},
{ldap_search_reported, [
{"Name", "GIVEN"},
{"Family Name", "FAMILY"},
{"User", "NICKNAME"},
{"City", "LOCALITY"},
{"Region", "REGION"}
]}
]},
{mod_stats, [{iqdisc, one_queue}]},
{mod_time, [{iqdisc, one_queue}]},
%% {mod_vcard, [{iqdisc, one_queue}]},
{mod_version, [{iqdisc, one_queue}]}
]}.
with atuentifikatsiey domain
with atuentifikatsiey domain and ssl understood.
how to set it ejabbder15
{mod_shared_roster_ldap, [
{ldap_base, "OU=test,DC=domen,DC=local"},
{ldap_filter, ""},
{ldap_rfilter, "(objectClass=group)"},
{ldap_gfilter, "(&(objectClass=group)(cn=%g))"},
{ldap_groupdesc, "name"},
{ldap_memberattr, "member"},
{ldap_memberattr_format_re, "CN=(\\w*),(OU=.*,)*DC=domen,DC=local"},
% {ldap_userdesc, "displayName"},
{ldap_userdesc, "description"},
{ldap_ufilter, "(&(objectClass=user)(cn=%u))"}]},