Hi, everyone
I'm trying to setup mod_shared_roster_ldap
the config I am using:
{mod_shared_roster_ldap,[
{ldap_servers, ["10.0.1.80"]},
{ldap_rootdn, "CN=ldapbind,CN=Users,DC=my,DC=domain"},
{ldap_password, "P@ssw0rd"},
%%{ldap_auth_check, "off"},
{ldap_base, "CN=Users,DC=my,DC=domain"},
{ldap_rfilter, "(objectClass=group)"},
{ldap_filter, ""},
{ldap_gfilter, "(&(objectClass=group)(cn=%g))"},
{ldap_groupdesc, "name"},
{ldap_memberattr, "member"},
{ldap_memberattr_format, "cn=%u,cn=Users,dc=my,dc=domain"},
{ldap_ufilter, "(&(objectClass=user)(cn=%u))"},
{ldap_userdesc, "displayName"}
]}
this was made using an example from official documentation "Deep DIT"
We are using Active Directory where we have 2 groups: "CN=social,CN=Users,DC=my,DC=domain" and "CN=Отдел разработки ПО,CN=Users,DC=my,DC=domain"
each group has a number of members, which are written in attributes (in these groups) "member"
and nothing appears in roster(((((
Also I tried to use Flat DIT example from documentation
with the following config:
{mod_shared_roster_ldap,[
{ldap_servers, ["10.0.1.80"]},
{ldap_rootdn, "CN=ldapbind,CN=Users,DC=my,DC=domain"},
{ldap_password, "P@ssw0rd"},
%%{ldap_auth_check, "off"},
{ldap_base, "CN=Users,DC=my,DC=domain"},
{ldap_rfilter, "(objectClass=user)"},
{ldap_groupattr, "department"},
{ldap_memberattr, "sAMAccountName"},
{ldap_filter, "(objectClass=user)"},
{ldap_userdesc, "displayName"}
]}
as I understand - ejabberd here should search AD for items "user" and then watch for "department" (which would be our roster groups), connecting rosteritems with accounts in AD by "sAMAccountName"
and still nothing happend(((
I should also say that we use custom external auth script, but I doubt it might be a problem
Please help!!
The problem was caused by
The problem was caused by disabling mod_roster(_odbc). The dependancy of shared roster modules on roster modules should be described in the guide, imho.