Страница 1 из 1
Openfire - джаббер сервер не выводит группы
Добавлено: 2008-02-15 16:59:49
f0s
Код: Выделить всё
[f0s@mail] /var/db/mysql/> uname -a
FreeBSD mail.artpaint 6.2-RELEASE-p7 FreeBSD 6.2-RELEASE-p7 #0: Fri Aug 10 17:07:31 MSD 2007 root@mail.artpaint:/usr/obj/usr/src/sys/mail.kern-2007-10-08 amd64
[f0s@mail] /var/db/mysql/> java -version
java version "1.5.0"
Java(TM) 2 Runtime Environment, Standard Edition (build diablo-1.5.0-b01)
Java HotSpot(TM) 64-Bit Server VM (build diablo-1.5.0_07-b01, mixed mode)
[f0s@mail] /var/db/mysql/> pkg_info | grep openfire
openfire-3.4.4 Openfire (formerly Wildfire) is an enterprise instant messa
настраиваю с MySQL в кач-ве БД и OpenLDAP в кач-ве хранилища пользователей. Вся инфа о юзерах берется из лдапа.
трабл какой-то.. не понимаю, где накосячил.
Не выводятя группы:
- Он видит группы (16 штук), но почему-то их не отображает
- если сделать поиск по группе он находит ее (надпись 1 группа), но опять-таки не выводит ее
- точно также при просомтре юзеров не пишется какая у них группа
- настройки подклбючения к лдапу
- настройки
Re: Openfire - джаббер сервер не выводит группы
Добавлено: 2008-02-15 17:02:06
f0s
Re: Openfire - джаббер сервер не выводит группы
Добавлено: 2008-02-15 21:47:29
Alex Keda
надо запрос писать хитрый.
у меня такой - для АД:
Код: Выделить всё
<searchFilter>(&(objectClass=organizationalPerson)(sAMAccountType=805306368)(!(msExchUserAccountControl=2))(!(objectClass=computer)))</searchFilter>
но если честно - сам намучался...
Re: Openfire - джаббер сервер не выводит группы
Добавлено: 2008-02-18 13:47:43
f0s
вот мой конфиг:
Код: Выделить всё
[f0s@mail] /usr/local/etc/openfire/> cat openfire.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
This file stores bootstrap properties needed by Openfire.
Property names must be in the format: "prop.name.is.blah=value"
That will be stored as:
<prop>
<name>
<is>
<blah>value</blah>
</is>
</name>
</prop>
Most properties are stored in the Openfire database. A
property viewer and editor is included in the admin console.
-->
<!-- root element, all properties must be under this element -->
<jive>
<adminConsole>
<!-- Disable either port by setting the value to -1 -->
<port>9090</port>
<securePort>9091</securePort>
</adminConsole>
<admin>
<!-- Use this section to define users that will have admin privileges. Below,
you will find two ways to specify which users are admins. Admins will
have access to the admin console (only local users) and may have also access
to other functionalities like ad-hoc commands. -->
<!-- By default, only the user with the username "admin" can login
to the admin console. Alternatively, you can specify a comma-delimitted
list usernames that should be authorized to login to the admin console
by setting the <authorizedUsernames> field below. -->
<!-- <authorizedUsernames></authorizedUsernames> -->
<!-- Comma-delimitted list of bare JIDs. The JIDs may belong to local
or remote users. -->
<!-- <authorizedJIDs></authorizedJIDs> -->
<authorizedUsernames>admin</authorizedUsernames>
</admin>
<locale>en</locale>
<!-- Network settings. By default, Openfire will bind to all network interfaces.
Alternatively, you can specify a specific network interfaces that the server
will listen on. For example, 127.0.0.1. This setting is generally only useful
on multi-homed servers. -->
<!--
<network>
<interface></interface>
</network>
-->
<connectionProvider>
<className>org.jivesoftware.database.DefaultConnectionProvider</className>
</connectionProvider>
<database>
<defaultProvider>
<driver>com.mysql.jdbc.Driver</driver>
<serverURL>jdbc:mysql://127.0.0.1:3306/JABBER</serverURL>
<username>jabber</username>
<password>jabber</password>
<minConnections>5</minConnections>
<maxConnections>15</maxConnections>
<connectionTimeout>1.0</connectionTimeout>
</defaultProvider>
</database>
<ldap>
<host>127.0.0.1</host>
<port>389</port>
<baseDN>dc=artpaint,dc=spb,dc=ru</baseDN>
<adminDN>cn=root,dc=artpaint,dc=spb,dc=ru</adminDN>
<adminPassword>password</adminPassword>
<connectionPoolEnabled>true</connectionPoolEnabled>
<sslEnabled>false</sslEnabled>
<ldapDebugEnabled>false</ldapDebugEnabled>
<autoFollowReferrals>true</autoFollowReferrals>
<usernameField>uid</usernameField>
<vcard-mapping><![CDATA[
<vCard xmlns="vcard-temp">
<N>
<GIVEN>{displayName}</GIVEN>
</N>
<EMAIL>
<INTERNET/>
<USERID>{mail}</USERID>
</EMAIL>
<FN>{displayName}</FN>
<NICKNAME>{uid}</NICKNAME>
<ADR>
<HOME/>
<STREET>{homePostalAddress}</STREET>
</ADR>
<ADR>
<WORK/>
<STREET>{postalAddress}</STREET>
<LOCALITY>{l}</LOCALITY>
<REGION>{st}</REGION>
<PCODE>{postalCode}</PCODE>
</ADR>
<TEL>
<HOME/>
<VOICE/>
<NUMBER>{homePhone}</NUMBER>
</TEL>
<TEL>
<WORK/>
<VOICE/>
<NUMBER>{telephoneNumber}</NUMBER>
</TEL>
<TEL>
<WORK/>
<CELL/>
<NUMBER>{mobile}</NUMBER>
</TEL>
<TEL>
<WORK/>
<PAGER/>
<NUMBER>{pager}</NUMBER>
</TEL>
<TITLE>{title}</TITLE>
<ORG>
<ORGUNIT>{departmentNumber}</ORGUNIT>
</ORG>
</vCard>]]></vcard-mapping>
<nameField>displayName</nameField>
<emailField>mail</emailField>
<groupNameField>cn</groupNameField>
<groupMemberField>memberUid</groupMemberField>
<groupDescriptionField>description</groupDescriptionField>
<posixMode>true</posixMode>
<groupSearchFilter>(&(objectClass=posixGroup)(memberUid={0}))</groupSearchFilter>
<searchFields>(&(objectClass=posixAccount)(uid={0}))</searchFields>
</ldap>
<provider>
<vcard>
<className>org.jivesoftware.openfire.ldap.LdapVCardProvider</className>
</vcard>
<user>
<className>org.jivesoftware.openfire.ldap.LdapUserProvider</className>
</user>
<auth>
<className>org.jivesoftware.openfire.ldap.LdapAuthProvider</className>
</auth>
<group>
<className>org.jivesoftware.openfire.ldap.LdapGroupProvider</className>
</group>
</provider>
<setup>true</setup>
</jive>
Re: Openfire - джаббер сервер не выводит группы
Добавлено: 2008-02-26 10:43:43
f0s
разобрался.. написал хитрый код:
Код: Выделить всё
<ldap>
<host>127.0.0.1</host>
<port>389</port>
<baseDN>dc=artpaint,dc=spb,dc=ru</baseDN>
<adminDN>cn=root,dc=artpaint,dc=spb,dc=ru</adminDN>
<adminPassword>pass</adminPassword>
<connectionPoolEnabled>true</connectionPoolEnabled>
<sslEnabled>false</sslEnabled>
<ldapDebugEnabled>false</ldapDebugEnabled>
<autoFollowReferrals>true</autoFollowReferrals>
<usernameField>uid</usernameField>
<vcard-mapping><![CDATA[
<vCard xmlns="vcard-temp">
<N>
<GIVEN>{displayName}</GIVEN>
</N>
<EMAIL>
<INTERNET/>
<USERID>{mail}</USERID>
</EMAIL>
<FN>{displayName}</FN>
<NICKNAME>{uid}</NICKNAME>
<ADR>
<HOME/>
<STREET>{homePostalAddress}</STREET>
</ADR>
<ADR>
<WORK/>
<STREET>{postalAddress}</STREET>
<LOCALITY>{l}</LOCALITY>
<REGION>{st}</REGION>
<PCODE>{postalCode}</PCODE>
</ADR>
<TEL>
<HOME/>
<VOICE/>
<NUMBER>{homePhone}</NUMBER>
</TEL>
<TEL>
<WORK/>
<VOICE/>
<NUMBER>{telephoneNumber}</NUMBER>
</TEL>
<TEL>
<WORK/>
<CELL/>
<NUMBER>{mobile}</NUMBER>
</TEL>
<TEL>
<WORK/>
<PAGER/>
<NUMBER>{pager}</NUMBER>
</TEL>
<TITLE>{title}</TITLE>
<ORG>
<ORGUNIT>{departmentNumber}</ORGUNIT>
</ORG>
</vCard>]]></vcard-mapping>
<nameField>displayName</nameField>
<emailField>mail</emailField>
<groupNameField>cn</groupNameField>
<groupMemberField>memberUid</groupMemberField>
<groupDescriptionField>description</groupDescriptionField>
<posixMode>true</posixMode>
<groupSearchFilter><![CDATA[(&(|(objectClass=posixGroup))(!(cn=*$))((cn={0}))))]]></groupSearchFilter>
<searchFields>Username/uid,Name/displayName</searchFields>
<searchFilter><![CDATA[(&(|(objectClass=posixAccount))(!(uid=*$))(!(uid=guest))((uid={0}))))]]></searchFilter>
</ldap>
теперя все ок
Re: Openfire - джаббер сервер не выводит группы
Добавлено: 2009-10-27 10:46:54
f0s
самый последний конфиг выложу.
хотя в новой версии 3.6* теперь все харнитяс в БД, но все же из этого конфигу инфу выцепить важную можно. Этот конфиг для тех, у кого домена на фрибсд с опенлдап.
Код: Выделить всё
[f0s@mail] /usr/local/etc/openfire/> cat /home/f0s/tmp/openfire.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
This file stores bootstrap properties needed by Openfire.
Property names must be in the format: "prop.name.is.blah=value"
That will be stored as:
<prop>
<name>
<is>
<blah>value</blah>
</is>
</name>
</prop>
Most properties are stored in the Openfire database. A
property viewer and editor is included in the admin console.
-->
<!-- root element, all properties must be under this element -->
<jive>
<adminConsole>
<!-- Disable either port by setting the value to -1 -->
<port>9090</port>
<securePort>9091</securePort>
</adminConsole>
<admin>
<!-- Use this section to define users that will have admin privileges. Below,
you will find two ways to specify which users are admins. Admins will
have access to the admin console (only local users) and may have also access
to other functionalities like ad-hoc commands. -->
<!-- By default, only the user with the username "admin" can login
to the admin console. Alternatively, you can specify a comma-delimitted
list usernames that should be authorized to login to the admin console
by setting the <authorizedUsernames> field below. -->
<!-- <authorizedUsernames></authorizedUsernames> -->
<!-- Comma-delimitted list of bare JIDs. The JIDs may belong to local
or remote users. -->
<!-- <authorizedJIDs></authorizedJIDs> -->
<authorizedUsernames>admin</authorizedUsernames>
</admin>
<locale>en</locale>
<!-- Network settings. By default, Openfire will bind to all network interfaces.
Alternatively, you can specify a specific network interfaces that the server
will listen on. For example, 127.0.0.1. This setting is generally only useful
on multi-homed servers. -->
<!--
<network>
<interface></interface>
</network>
-->
<connectionProvider>
<className>org.jivesoftware.database.DefaultConnectionProvider</className>
</connectionProvider>
<database>
<defaultProvider>
<driver>com.mysql.jdbc.Driver</driver>
<serverURL>jdbc:mysql://127.0.0.1:3306/JABBER</serverURL>
<username>jabber</username>
<password>jabber</password>
<minConnections>5</minConnections>
<maxConnections>15</maxConnections>
<connectionTimeout>1.0</connectionTimeout>
</defaultProvider>
</database>
<ldap>
<host>127.0.0.1</host>
<port>389</port>
<baseDN>dc=artpaint,dc=spb,dc=ru</baseDN>
<adminDN>cn=root,dc=artpaint,dc=spb,dc=ru</adminDN>
<adminPassword>password</adminPassword>
<connectionPoolEnabled>true</connectionPoolEnabled>
<sslEnabled>false</sslEnabled>
<ldapDebugEnabled>false</ldapDebugEnabled>
<autoFollowReferrals>true</autoFollowReferrals>
<usernameField>uid</usernameField>
<vcard-mapping><![CDATA[
<vCard xmlns="vcard-temp">
<N>
<GIVEN>{displayName}</GIVEN>
</N>
<EMAIL>
<INTERNET/>
<USERID>{mail}</USERID>
</EMAIL>
<FN>{displayName}</FN>
<NICKNAME>{uid}</NICKNAME>
<ADR>
<HOME/>
<STREET>{homePostalAddress}</STREET>
</ADR>
<ADR>
<WORK/>
<STREET>{postalAddress}</STREET>
<LOCALITY>{l}</LOCALITY>
<REGION>{st}</REGION>
<PCODE>{postalCode}</PCODE>
</ADR>
<TEL>
<HOME/>
<VOICE/>
<NUMBER>{homePhone}</NUMBER>
</TEL>
<TEL>
<WORK/>
<VOICE/>
<NUMBER>{telephoneNumber}</NUMBER>
</TEL>
<TEL>
<WORK/>
<CELL/>
<NUMBER>{mobile}</NUMBER>
</TEL>
<TEL>
<WORK/>
<PAGER/>
<NUMBER>{pager}</NUMBER>
</TEL>
<TITLE>{title}</TITLE>
<ORG>
<ORGUNIT>{departmentNumber}</ORGUNIT>
</ORG>
</vCard>]]></vcard-mapping>
<nameField>displayName</nameField>
<emailField>mail</emailField>
<groupNameField>cn</groupNameField>
<groupMemberField>memberUid</groupMemberField>
<groupDescriptionField>description</groupDescriptionField>
<posixMode>true</posixMode>
<groupSearchFilter>(&(|(objectClass=posixGroup))(!(cn=*$))((cn={0}))))</groupSearchFilter>
<searchFields>Username/uid,Name/displayName</searchFields>
<searchFilter>(&(|(objectClass=posixAccount))(!(uid=*$))(!(uid=guest))((uid={0}))))</searchFilter>
</ldap>
<provider>
<vcard>
<className>org.jivesoftware.openfire.ldap.LdapVCardProvider</className>
</vcard>
<user>
<className>org.jivesoftware.openfire.ldap.LdapUserProvider</className>
</user>
<auth>
<className>org.jivesoftware.openfire.ldap.LdapAuthProvider</className>
</auth>
<group>
<className>org.jivesoftware.openfire.ldap.LdapGroupProvider</className>
</group>
</provider>
<setup>true</setup>
</jive>