We currenttly run ejabberd 1.1.2_2 and use our Active Directory to provide authentication for users rather than letting ejabberd manage user accounts. What we have noticed is that as we delete the user in AD, there vcard entry still exists within ejabberd and we have no way of removing these obselete entries. I know there was a bug fixed in version 0.9 where vcard entries were left behind after removeing user's accounts but this seemed to only address deleting ejabberd managed accounts, not AD accounts. Has anyone else had this same problem and found a workaround? Could this potentially be a bug or am i just doing the wrong thing?
Regards,
John
Are you using
Are you using mod_vcard_ldap?
Not using mod_vcard_ldap
Hi Zinid,
Thanks for your reply. We are only using the standard "mod_vcard" and not "mod_vcard_ldap".
Regards,
John
I didn't try it, I just
I didn't try it, I just looked at the source code.
I know there was a bug fixed in version 0.9 where vcard entries were left behind after removeing user's accounts but this seemed to only address deleting ejabberd managed accounts, not AD accounts.
When ejabberd is told to remove an account, it also removes the vcard, offline messages, and any other information related to that account...
as we delete the user in AD, there vcard entry still exists within ejabberd and we have no way of removing these obselete entries.
... However, when you use an authentication method external to ejabberd and you remove an account, ejabberd is not informed, right?. Does it have a chance to remove the information related to that account?
To solve this, a solution would be to check for account existence when serving a vcard request. Or periodically check that all the users associated to vcards really exist. A more general solution: implement a command that the admin can run when he deletes an account. That command checks vcard, offline... and any other table, and checks the users exist. Those solutions may consume a lot of resources if the tables are quite populated.
I guess this isn't a bug or a misconfiguration. It's a feature request, right?