I have setup my Ejabberd server running on Ubuntu Server using the latest 2.0.5 build. Everything runs smooth except for the AD authentication. I am not certain if the method is being ignored, but I am having strange results and was looking for some help. I have looked at my web console at the users for my local machine, but I see nothing. I would expect Ejabber to show all the users from active directory, but I get nothing. When I try to add a user I just get an error message telling me its a bad format.
Here is my LDAP configuration:
{auth_method, ldap}.
{ldap_servers, ["x.x.x.x"]}. % List of LDAP servers
{ldap_base, "OU=users,DC=domain,DC=net"}. % Search base of LDAP directory
{ldap_rootdn, "CN=binder,OU=service,OU=users,DC=domain,DC=net"}. % LDAP manager
{ldap_password, "password"}. % Password to LDAP manager
{ldap_uids, [{"sAMAccountName"}]}.
{ldap_filter, "(memberOf=*)"}.When I look at the logs (in debug mode (5)) I can see that a bind connection is being made and that it is picking up all the users from the LDAP (I tailed the logs as I went to view the users through the web interface). However when I try to authenticate with a user it tells me that I am not authorized.
=INFO REPORT==== 2009-09-14 16:00:36 ===
D(<0.3379.0>:eldap:654) : {searchResDone,
{'LDAPResult',success,[],[],asn1_NOVALUE}}
=INFO REPORT==== 2009-09-14 16:00:36 ===
I(<0.3528.0>:ejabberd_c2s:576) : ({socket_state,gen_tcp,#Port<0.3824>,<0.3527.0>}) Failed authentication for
=INFO REPORT==== 2009-09-14 16:00:36 ===
D(<0.3528.0>:ejabberd_c2s:1352) : Send XML on stream = "<failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/></failure>"
To make the problem even harder to diagnose, some accounts work, but others do not. I have had 2 successful connections to the server. To ensure it was actually using the LDAP server I decided to change the password to one account. It took the new password, but also seemed to accept the old one as well. I tried putting in just a random string that was not the password and it did NOT authenticate to that, but I find it strange it would accecpt both the new and old password. This was happening before when the user was not registered with the server. Is there something I am doing wrong, or something I need to do to have ejabberd pick up these accounts?
