[Kolab-devel] Kolab XMPP Roundcube
Henning
henne.gwath at gmx.de
Thu Apr 10 10:21:46 CEST 2014
Hi!
Okay, I see I forgot to specify my question: authentication against ldap
is not the problem. But how to get all users in a "shared roster", so
everyone is able to see everyone else without having to manually add
users to their contact-list?
That is not that easy with ldap and recent ejabberd versions, as you
cannot just use the mod_shared_roster module (I think).
In the past it worked with just the
{mod_shared_roster,[]}
module, but it seems not to work anymore...
The config section I use now is
{mod_shared_roster_ldap,[
{ldap_base, "dc=domain,dc=eu"},
{ldap_rfilter, "(objectClass=posixGroup)"},
{ldap_filter, ""},
%{ldap_groupattr, "cn"},
{ldap_gfilter, "(&(objectClass=posixGroup)(cn=POSIXGROUPNAME))"},
{ldap_groupdesc, "description"},
%{ldap_memberattr, "memberUid"},
%{ldap_memberattr_format, "cn=%u,ou=People,dc=domain,dc=eu"},
{ldap_ufilter,
"(&(objectClass=inetOrgPerson)(objectClass=authorizedServiceObject)(uid=%u))"},
{ldap_useruid, "uid"},
{ldap_userdesc, "cn"}
]},
where my users are authorizedServiceObjects (to manage login-permissions
to different services). As you see I need to have at least one
Posix-group with cn=POSIXGROUPNAME, of which all users are member and
then are displayed in everyones XMPP contact-list.
You also can have different groups and all of them are added to the
contact list (replace POSIXGROUPNAME with %g).
But you have to manually manage those groups and make sure that all
users are member somewhere. I want to avoid this, but I don't know how I
just leave out the group part and have all users added to one, let's
say, master-group, e.g. "domain.eu".
Also I did not succeed using kolab-distgroups as ejabberd groups
(ldap_memberattr_format commented).
Any thoughts?
regards,
Henning
Am 10.04.2014 09:59, schrieb Andreas Cordes:
> Hi Henning,
>
> I didn't do too much config changes.
> Just the host/user/passwort of course and nothing else.
>
> One topic on my ToDo-List is multiple domain for Kolab and also for
> eJabberd.
>
> These are the main changes:
> %%{auth_method, internal}.
> {auth_method, ldap}.
> {ldap_servers, ["localhost"]}.
> {ldap_port, 389}.
> {ldap_rootdn, "cn=Directory Manager"}.
> {ldap_password, "DontEvenThinkAboutIt"}.
> {ldap_filter, "(objectClass=mailrecipient)"}.
> {ldap_uids, [{"mail", "%u@%d"}]}.
> {acl, admin, {user, "admin", "domain.com"}}.
> {hosts, ["domain.com"]}.
> {ldap_base, "ou=People,dc=domain,dc=com"}.
>
> (visit also whvneo.blogspot.com for this :-))
>
> SO the config is pretty straight forward. May be ldap_filter and
> ldap_uids is the point in your config.
>
> Is the eJabbed-Admin page working?
>
> regards
> Andreas
>
>
> Am 2014-04-10 09:16, schrieb Henning:
>> Hi,
>>
>> I did also use ejabberd to authenticate against kolab-ldap, but I had
>> problems. Which settings did you use as group filter? Did you create one?
>>
>> I use the authorizedService key to find users, that are allowed to use
>> different services on my ldap, but I had to create a posix groups with
>> all users in it to make it working with ejabberd. How did you solve this?
>>
>> Could you post your config-section?
>>
>> Henning
>>
>>
>> Am 10.04.2014 07:45, schrieb Andreas Cordes:
>>> Hi Rares,
>>>
>>> well "managed" is a bit too much right now.
>>>
>>> eJabberd authenticates against the kolab-Ldap. Next thing is to
>>> integrate realtime chat into roundcube. There are several plugins
>>> available for that.
>>>
>>> But as I'm using a RaspberryPI for kolab it must be powerful and mostly
>>> client oriented (meaning javascript).
>>> I think converse.js is the correct one but didn't had a look on that up
>>> to now, but will continue.
>>>
>>> regards
>>> Andreas
>>>
>>> Am 2014-04-10 07:24, schrieb Rares Benea:
>>>> Hi All, Andreas,
>>>>
>>>> I have seen big interest in Kolab XMPP integration in the last days
>>>> and that Andreas managed to integrate eJabberd with Kolab.
>>>>
>>>> My 2cent on searching for a XMPP plugin for Roudcube is that it would
>>>> be great to use something that has Video WebRTC implemented too.
>>>>
>>>> I did some basic work on this field with OpenFire and Kolab but did
>>>> not manage to get all the features going. I managed to have Jappix
>>>> (https://project.jappix.com/ [1]) woking but not the group, mini
>>>> jappix etc. I think that those DNS entries were not set correct.
>>>>
>>>> Andreas, I'm looking forward for you progress.
>>>>
>>>> Rares
>>>>
>>>> Links:
>>>> ------
>>>> [1] https://project.jappix.com/
>>>>
>>>> _______________________________________________
>>>> devel mailing list
>>>> devel at lists.kolab.org
>>>> https://lists.kolab.org/mailman/listinfo/devel
>>>
>> _______________________________________________
>> devel mailing list
>> devel at lists.kolab.org
>> https://lists.kolab.org/mailman/listinfo/devel
>
More information about the users
mailing list