У ehabberda версия ejabberd-1.1.4_2.
Прикрутить аутентификацию через ldap не получилось - при попытке подключиться psi выдаёт Ошибка обмена данными с сервером. Подробности: ошибка авторизации. Не авторизован.
В логах ejabberd.log пишет:
Код: Выделить всё
=INFO REPORT==== 2010-02-27 13:06:15 ===
I(<0.197.0>:ejabberd_listener:90): (#Port<0.3915>) Accepted connection {{192,168,32,34},52744} -> {{192,168,32,3},5222}
Содержание ejabberd.cfg
Код: Выделить всё
override_global.
override_local.
override_acls.
% Users that have admin access. Add line like one of the following after you
% will be successfully registered on server to get admin access:
{acl, admin, {user, "admin", "mycompany.ru"}}.
{access, configure, [{allow, admin}]}.
% Everybody can create pubsub nodes
{access, pubsub_createnode, [{allow, all}]}.
% Only admins can use configuration interface:
{access, configure, [{allow, admin}]}.
% Every username can be registered via in-band registration:
% You could replace {allow, all} with {deny, all} to prevent user from using
% in-band registration
{access, register, [{allow, all}]}.
% After successful registration user will get message with following subject
% and body:
{welcome_message,
{"Welcome!",
"Welcome to Jabber Service. "
"For information about Jabber visit http://jabber.org"}}.
% List of people who will get notifications about registered users
%{registration_watchers, ["admin1@localhost",
% "admin2@localhost"]}.
% Only admins can send announcement messages:
{access, announce, [{allow, admin}]}.
% Only non-blocked users can use c2s connections:
{access, c2s, [{deny, blocked},
{allow, all}]}.
% Set shaper with name "normal" to limit traffic speed to 1000B/s
{shaper, normal, {maxrate, 1000}}.
% Set shaper with name "fast" to limit traffic speed to 50000B/s
{shaper, fast, {maxrate, 50000}}.
% For all users except admins used "normal" shaper
{access, c2s_shaper, [{none, admin},
{normal, all}]}.
% For all S2S connections used "fast" shaper
{access, s2s_shaper, [{fast, all}]}.
% Admins of this server are also admins of MUC service:
{access, muc_admin, [{allow, admin}]}.
% All users are allowed to use MUC service:
{access, muc, [{allow, all}]}.
% This rule allows access only for local users:
{access, local, [{allow, local}]}.
{hosts, ["mycompany.ru"]}.
% Authentication method. If you want to use internal user base, then use
% this line:
%{auth_method, internal}.
{host_config, "mycompany.ru", [
{auth_method, ldap},
{ldap_servers, ["mycompany.ru"]}, % List of LDAP servers
{ldap_port, 389},
{ldap_base, "ou=people,dc=mycompany,dc=ru"}, % Search base of LDAP directory
{ldap_rootdn, "cn=admin,dc=mycompany,dc=ru"}, % LDAP manager
{ldap_password, "admin_pass_to_access_web"}
% Password to LDAP manager
]}.
%% Define the maximum number of time a single user is allowed to connect:
{max_user_sessions, 10}.
% Default language for server messages
{language, "ru"}.
% Listened ports:
{listen,
[
{5222, ejabberd_c2s, [
starttls, {certfile, "/usr/local/etc/ejabberd/server.pem"}
]},
% Use these two lines instead if TLS support is not compiled
%{5222, ejabberd_c2s, [{access, c2s}, {shaper, c2s_shaper}]},
%{5223, ejabberd_c2s, [{access, c2s}, ssl, {certfile, "/usr/local/etc/ejabberd/server.pem"}]},
{5269, ejabberd_s2s_in, [
]},
{5280, ejabberd_http, [web_admin]}
]}.
% Use STARTTLS+Dialback for S2S connections
{s2s_use_starttls, true}.
{s2s_certfile, "/usr/local/etc/ejabberd/server.pem"}.
{outgoing_s2s_port, 5269}.
% Used modules:
{modules,
[
{mod_register, [{access, register}]},
{mod_roster, []},
{mod_privacy, []},
{mod_adhoc, []},
{mod_configure, []}, % Depends on mod_adhoc
{mod_configure2, []},
{mod_disco, []},
{mod_stats, []},
{mod_vcard, []},
{mod_offline, []},
{mod_announce, [{access, announce}]}, % Depends on mod_adhoc
{mod_echo, [{host, "echo.localhost"}]},
{mod_private, []},
{mod_irc, []},
% Default options for mod_muc:
% host: "conference." ++ ?MYNAME
% access: all
% access_create: all
% access_admin: none (only room creator has owner privileges)
{mod_muc, [{access, muc},
{access_create, muc},
{access_admin, muc_admin}]},
% {mod_muc_log, []},
% {mod_shared_roster, []},
{mod_pubsub, [{access_createnode, pubsub_createnode}]},
{mod_time, []},
{mod_last, []},
{mod_version, []}
]}.