Home

Admin Page Problem

Submitted by jsereda on Wed, 2006-08-30 17:22

I installed ejabberd on Windows server 2003.

Enabled support for LDAP and got that running.
I attempt to open the webadmin and login with the account that I specified as an admin, which exists in the LDAP (active directory) the services is pointed to. It seems to accept the login and attemps to open the admin page, but comes back with an error saying the page was not found. I'm attempting to access while logged on to the local machine with this url, http://127.0.0.1:5280/admin
I can't find anything in the config file that would doesnt seem right. Also, would I need to register the user even though I'm using LDAP? And how can I do this on a Windows box?

Heres the config file:

% $Id: ejabberd.cfg 347 2005-05-15 23:03:25Z alexey $

%override_acls.

% Users that have admin access. Add line like one of the following after you
% will be successfully registered on server to get admin access:
%{acl, admin, {user, "aleksey"}}.
%{acl, admin, {user, "ermine"}}.
{acl, admin, {user, "LDAPUser"}}.

% Blocked users:
%{acl, blocked, {user, "test"}}.

% Local users:
{acl, local, {user_regexp, ""}}.

% Another examples of ACLs:
%{acl, jabberorg, {server, "jabber.org"}}.
%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
%{acl, test, {user_regexp, "^test"}}.
%{acl, test, {user_glob, "test*"}}.

% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.

% Every username can be registered via in-band registration:
{access, register, [{allow, all}]}.

% After successful registration user will get message with following subject
% and body:
{welcome_message,
{"Welcome!",
"Welcome to Jabber Service. "
"For information about Jabber visit http://jabber.org"}}.
% Replace them with 'none' if you don't want to send such message:
%{welcome_message, none}.

% List of people who will get notifications about registered users
%{registration_watchers, ["admin1@localhost",
% "admin2@localhost"]}.

% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.

% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
{allow, all}]}.

% Set shaper with name "normal" to limit traffic speed to 1000B/s
{shaper, normal, {maxrate, 1000}}.

% Set shaper with name "fast" to limit traffic speed to 50000B/s
{shaper, fast, {maxrate, 50000}}.

% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
{normal, all}]}.

% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.

% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.

% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.

% This rule allows access only for local users:
{access, local, [{allow, local}]}.

% Authentification method. If you want to use internal user base, then use
% this line:
%{auth_method, internal}.

% For LDAP authentification use these lines instead of above one:
{auth_method, ldap}.
{ldap_servers, ["192.168.19.200"]}. % List of LDAP servers
{ldap_uidattr, "sAMAccountName"}. % LDAP attribute that holds user ID
{ldap_base, "ou=users,ou=company,dc=domain name,dc=com"}. % Base of LDAP directory
{ldap_rootdn, "LDAP Authenticator"}.
{ldap_password, "password"}.

% For authentification via external script use the following:
%{auth_method, external}.
%{extauth_program, "/path/to/authentification/script"}.

% Host name(s):
{hosts, ["domain name.com"]}.

% Default language:
{language, "en"}.

% Listened ports:
{listen,
[
{5222, ejabberd_c2s, [{access, c2s},
{shaper, c2s_shaper}]},

% To create selfsigned certificate run the following command from the
% command prompt:
%
% openssl req -new -x509 -days 365 -nodes -out ejabberd.pem -keyout ejabberd.pem
%
% and answer the questions.
% {5222, ejabberd_c2s, [{access, c2s},
% starttls, {certfile, "./ejabberd.pem"},
% {shaper, c2s_shaper}]},

% When using SSL/TLS ssl option is not recommended (it requires patching
% erlang ssl application). Use tls option instead (as shown below).
% {5223, ejabberd_c2s, [{access, c2s},
% tls, {certfile, "./ejabberd.pem"},
% {shaper, c2s_shaper}]},

{5269, ejabberd_s2s_in, [{shaper, s2s_shaper}]},

% {5555, ejabberd_service, [{access, all},
% {host, "icq.localhost", [{password, "secret"}]}]},

{5280, ejabberd_http, [http_poll, web_admin]}
]}.

% If SRV lookup fails, then port 5269 is used to communicate with remote server
{outgoing_s2s_port, 5269}.

% Used modules:
{modules,
[
{mod_register, [{access, register}]},
{mod_roster, []},
{mod_shared_roster, []},
{mod_privacy, []},
{mod_configure, []},
{mod_disco, []},
{mod_stats, []},
{mod_vcard, []},
{mod_offline, []},
{mod_announce, [{access, announce}]},
{mod_private, []},
{mod_irc, []},
% Default options for mod_muc:
% host: "conference." ++ ?MYNAME
% access: all
% access_create: all
% access_admin: none (only room creator has owner privileges)
{mod_muc, [{access, muc},
{access_create, muc},
{access_admin, muc_admin}]},
{mod_pubsub, []},
{mod_time, []},
{mod_last, []},
{mod_version, []}
]}.

% Local Variables:
% mode: erlang
% End:

By adding these lines to the

Submitted by jsereda on Wed, 2006-08-30 19:02.

By adding these lines to the top of the config file

override_global.
override_local.
override_acls.

Everything now works. I do not know why, but I'm just happy this is working.

»
Syndicate content

User login