There was a need to configure ejabberd for domain sso authentication. Miranda 96.04 is used Ejabberd server 23.04.
I ran into a problem when using sAMAccount name in AD authentication, users are uploaded to ejabberd + - shared roster ldap works, but SSO authorization does not work.
If you specify userPrincipalName. SSO is working. But users are not unloaded and Shared_roster_ldap does not work. Specifying in shared roster ldap ldap_uids does not help.
Am I missing something or is this a bug
Environment
ejabberd version: 23.04
OS: Ubuntu (20.04)
Installed from: Official Repositiry
Configuration ejabberd.yml
hosts:
localhost
example.com
host_config:
localhost:
auth_method:
internal
example.com:
auth_method:
ldap
anonymous
allow_multiple_connections: true
anonymous_protocol: both
ldap_servers:
There was a need to configure ejabberd for domain sso authentication. Miranda 96.04 is used Ejabberd server 23.04. I ran into a problem when using sAMAccount name in AD authentication, users are uploaded to ejabberd + - shared roster ldap works, but SSO authorization does not work. If you specify userPrincipalName. SSO is working. But users are not unloaded and Shared_roster_ldap does not work. Specifying in shared roster ldap ldap_uids does not help.
Am I missing something or is this a bug
Environment
Configuration ejabberd.yml
hosts:
ldap_uids: [sAMAccountName]
ldap_uids: [userPrincipalName]
Config share_roster_ldap
mod_roster: versioning: true mod_s2s_dialback: {} mod_shared_roster: {} mod_shared_roster_ldap: ldap_base: "ou=Users,dc=example,dc=com" ldap_rfilter: "(objectClass=user)" ldap_groupattr: "department" ldap_groupdesc: "department" ldap_memberattr: "sAMAccountName" ldap_userdesc: "displayName" ldap_uids: [sAMAccountName]