I want to run a single ejabbered server on linux authenticating against an AD server that has 2 separate AD domains with a bi-direction trust. I want users from both domains to be able to connect to the one server and communicate with one another.
here's my current ldap config:
{auth_method, ldap}.
{ldap_servers, ["ad1.company1.com"]}. % List of LDAP servers
{ldap_encrypt, none}.
{ldap_port, 389}.
{ldap_uids, [{"sAMAccountName", "%u"}]}.
{ldap_base, "DC=company1,DC=com"}.
{ldap_rootdn, "Company1\\ejabbered-bind"}.
{ldap_password, "<PASSWORD>"}. % Password to LDAP manager
{acl, admin, {user, "<DOMAIN ADMIN>", "company1.com"}}.
{ldap_filter, "(memberOf=CN=ejabberd,CN=Users,DC=company1,DC=com)"}.
now in my ejabbered group on the company1 domain i have users added from company1 and company2, however ejabbered will only see users from company1, none of the company2 users.
Is it possible to do this with 1 server? Or would i need to have 2 servers authenticate against each domain separately and then cluster them?