I am unable to get mod_shared_roster_ldap to work. It does not populate the roster list.
I do have LDAP working to authenticate and login using ejabberd, but I've finding the mod_shared_roster_ldap very difficult for me to understand and set up. I never used or setup LDAP to me before so it's very new to me.
The LDAP server is Windows Server. Most of the LDAP structure seems to be very standard and hasn't changed from the default. I don't have access to this server.
Is there any debugging info that I should look for in the ejabberd logs? I tried looking through the log, but could not find anything that seemed related.
{mod_shared_roster_ldap,[
{ldap_group_base, "OU=SBSUsers,OU=Users,OU=MyBusiness,DC=COMPANY,DC=local"},
{ldap_rfilter, "((objectClass=organizationalUnit))"},
{ldap_groupattr, "name"},
{ldap_gfilter, "(objectGUID=%g)"},
{ldap_groupdesc, "cn"},
{ldap_member_selection_mode, group_children},
{ldap_ufilter, "((objectClass=user))"},
{ldap_userdesc, "displayName"},
{ldap_useruid, "sAMAccountName"}
]},
I tried this in my ejabberd.cfg, but it doesn't result in any roster list. What is the simplest setting I can use? I don't mind if I got all the users in the group bases without setting up groups.
What information can I provide to help you help me figure this out. Thank you!!
Your config may only be used
Your config may only be used with an unofficial patched msrl from EJAB-1480. You should make sure that you use that module, or use official documentation to configure the module.
Also, you should post a part of your data (ie hierarchy of objects you try to put to roster), and the desired result, to be able to understand what you want to achieve.
mikekaganski wrote: Your
Your config may only be used with an unofficial patched msrl from EJAB-1480. You should make sure that you use that module, or use official documentation to configure the module.
Also, you should post a part of your data (ie hierarchy of objects you try to put to roster), and the desired result, to be able to understand what you want to achieve.
Thanks. I was not aware that there was 2 version of this module. I unfortunately am not certain which version I have. I believe I'm using ejabberd 2.1.6 that comes default on Ubuntu 12.04, and 2.1.6 is supposed to include mod_shared_roster_ldap(?).
Would this be the documentation for it?https://git.process-one.net/ejabberd/mainline/blobs/raw/v2.1.6/doc/guide...
The base location for the groups/users is OU=Users,OU=MyBusiness,DC=Company,DC=local.
Under OU=Users, there's 3 groups. OU=JPUsers, OU=PSUsers, OU=SBSUsers.
For now as a start, I'd love to just be able to dump all the users from those groups into a single roster.
Ideally, it's be good to figure out how to filter out the users that had been deactivated.
I'm usually good at using google to look up information, but this subject has been difficult for me to find information on. Thanks again for your help.
update: I'm looked at the logs and realized that I'm using ejabberd 2.1.10.
Each of the 3 groups
Each of the 3 groups (JPUsers, PSUsers, SBSUsers) under OU=Users has the follow attributes: objectClass, instanceType, objectCategory, ou, distinquishedName, dsCorePropagationData, name, objectGUID.
The users in each group have the follow attributes: objectClass, cn, instanceType, objectCategory, displayName, distinquishedName, giveName, objectGUID, primaryGroupID, sAMAccountName, sAMAccountType, userAccountControl. (I left out fields that were for Exchange.)
I'm been trying to read:https://git.process-one.net/ejabberd/mainline/blobs/raw/v2.1.10/doc/guid... , however I can't seem to piece it all together successfully so it shows group names or any users.
This is what I'm trying to use in my ejabberd.cfg
{mod_shared_roster_ldap,[
{ldap_base, "OU=Users,OU=MyBusiness,DC=COMPANY,DC=local"},
{ldap_rfilter, "(objectClass=organizationalUnit)"},
{ldap_groupattr, "ou"},
{ldap_groupdesc, "description"},
{ldap_filter, "(objectClass=user)"},
{ldap_userdesc, "displayName"}
]},
When I'm looking at ejabberd admin page, it shows all the (171) users. It'd be a big step if that showed up on the roster.
Unfortunately, you cannot use
Unfortunately, you cannot use OUs as groups in vanilla msrl. This is its genuine limitation. This had been addressed inthe patched version (which documentation you used initially).
Thanks for letting me know
Thanks for letting me know about the limitation.
Can you point me in the direction of how to install that patched version? It is just a matter of getting the latest erl from that site, compiling and replacing the old beam file?
I just tried doing that and restarting, but it's still not populating the roster.
update: I copied settings from the EJAB-1480 page, and it seems to work. There aren't groups though. It's all in one group. I'll keep at it.