Home » Forums » ejabberd & XMPP » ejabberd Administration

How do I set up LDAP groups?

Submitted by bmmcwhirt on Tue, 2013-06-25 18:15

I have ejabberd connected to an apple open directory server just fine.

I can not figure out how to get it to recognize the LDAP user groups and sort people into them making everyone in each group visible to everyone else in that group.

With a few thousand accounts and several hundred groups managing this outside of the apple server is not plausible.

‹ Ejabberd fails to start on Centos 6.4. Constant ssl_session_cache delete errors ›

You could use ejabberd and

Submitted by mikekaganski on Wed, 2013-06-26 00:55.

You could use ejabberd and its modules (and its documentation) to do it.

Or you could provide some useful information, e.g. your ejabberd version, your LDAP schema, your desired result details, the steps you already have tried, the results (and maybe errors) you got...

»

Well, I am using OS X 10.8.4

Submitted by bmmcwhirt on Wed, 2013-06-26 05:57.

Well, I am using OS X 10.8.4 Server's Open Directory and it's default (since you cant change it without a hacksaw) schema.

I'm not in the office at the moment so I will give you some slapcat output I have from earlier. This is broken up for space restraint, if you need to see something else pleas let me know.

dn: cn=users,dc=server,dc=myhhca,dc=com
cn: users
objectClass: container
dn: uid=bmmcwhirt,cn=users,dc=server,dc=myhhca,dc=com
mail: bmmcwhirt@myhhca.com
uid: bmmcwhirt
uidNumber: 1025
cn: Bryan McWhirt
sn: McWhirt
loginShell: /bin/bash
givenName: Bryan
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: top
objectClass: extensibleObject
objectClass: apple-user
gidNumber: 20
structuralObjectClass: inetOrgPerson
entryUUID: d1f29ac0-e182-4b85-9267-88624f74161a
creatorsName: cn=server.myhhca.com$,cn=computers,dc=server,dc=myhhca,dc=com
createTimestamp: 20130621211104Z
apple-generateduid: 54843AD3-75AA-4178-A5B4-E58B1BA322EB
authAuthority: ;Kerberosv5;;bmmcwhirt@SERVER.MYHHCA.COM;SERVER.MYHHCA.COM;
altSecurityIdentities: Kerberos:bmmcwhirt@SERVER.MYHHCA.COM
homeDirectory: /Network/Servers/server.myhhca.com/Users/bmmcwhirt
modifiersName: cn=server.myhhca.com$,cn=computers,dc=server,dc=myhhca,dc=com
modifyTimestamp: 20130621211432Z
dn: cn=hhca,cn=groups,dc=server,dc=myhhca,dc=com
apple-group-realname: Home Health Care Associates
gidNumber: 1042
objectClass: top
objectClass: posixGroup
objectClass: extensibleObject
objectClass: apple-group
cn: hhca
structuralObjectClass: posixGroup
entryUUID: f445c14c-8693-49f3-9a24-218297ac50c2
creatorsName: cn=server.myhhca.com$,cn=computers,dc=server,dc=myhhca,dc=com
createTimestamp: 20130621213522Z
apple-generateduid: D2600463-BA59-4D67-90ED-C43A673F331F
apple-group-memberguid: 54843AD3-75AA-4178-A5B4-E58B1BA322EB
memberUid: bmmcwhirt
memverUid: testuser
modifiersName: cn=server.myhhca.com$,cn=computers,dc=server,dc=myhhca,dc=com
modifyTimestamp: 20130621213548Z

Thats the best I can do for scheme at the moment.

There are instructions on limiting use to a group with ejabberd, but I did not see anything about actually creating XMPP groups based on LDAP server groups and auto exposing those users in the group to all other users in the group.

»
Syndicate content

User login