Open huhndev opened 5 months ago
duplicate of https://github.com/processone/ejabberd/issues/4029 ?
So, ldap_uids is not used in shared_roster_ldap at all, from what i see only things that are affecting jid of contacts in generated roster entries are ldap_memberattr (which will be used to together with hostname) and ldap_userjidattr which value will be parsed as full jid.
The docs show ldap_uids
as a valid option for mod_shared_roster_ldap
. Anyway, there seems something broken. If I set ldap_userjidattr
as mail
attribute of my ldap tree, then ldap_userdesc
gets ignored.
You both are right:
ldap_uids
in mod_shared_roster_ldap was added in https://github.com/processone/ejabberd/commit/a02cff0e780bb735531594c4ece81e8628f79782In summary: the option was never implemented or even planed, the documentation was mistakenly added when copying text from other modules to that one.
The documentation should get fixed: check if there are any other options that get also added by mistake, and remove mention to inexistent options.
And the next question is: is it worth implementing ldap_uids
in mod_shared_roster_ldap
, how hard would it be, when and who? And if it's done, then the documentation is added.
Many thanks for the clarification, @badlop.
As a workaround I have now set ldap_userjidattr
and try to set the common name/display name with ldap_userdesc
. Unfortunately this does not work either and display name is givenname.familyname
, as in the user part of the mail
attribute, instead of Givenname Familyname
as in cn
. At least the JID is now correct. Any idea why this is happening? Should this work at all? That's how it's described in the documentation.
Below is the modified configuration of which the last two lines are of interest:
mod_shared_roster_ldap:
ldap_auth_check: false
use_cache: false
ldap_base: "cn=accounts,dc=example,dc=com"
ldap_filter: "(|(objectClass=posixAccount)(objectClass=posixGroup))"
ldap_rfilter: "(&(objectClass=posixGroup)(cn=worker))"
ldap_gfilter: "(&(objectClass=posixGroup)(cn=%g))"
ldap_groupattr: "cn"
ldap_groupdesc: "cn"
ldap_memberattr: "member"
ldap_memberattr_format: "uid=%u,cn=users,cn=accounts,dc=example,dc=com"
ldap_ufilter: "(&(objectClass=posixAccount)(!(nsaccountlock=true))(uid=%u))"
ldap_useruid: "uid"
ldap_userjidattr: "mail"
ldap_userdesc: "cn"
@badlop, @prefiks: Do you have any feedback on the bug I described in my last message?
ldap_userdesc
has no effect if ldap_userjidattr
is set.
The best LDAP external dev who has contributed in ejabberd is @ethoms. Maybe he can help on this ticket...
Reproducible with ejabberd 23.10-1
.
Reproducible with ejabberd 24.02
.
Environment
21.12-1
Erlang (SMP,ASYNC_THREAS) (BEAM) emulator version 12.2.1
Configuration:
Errors from error.log/crash.log
No errors
Bug description
The usage of
ldap_uids
doesn't change the behavior ofmod_shared_roster_ldap
. Always the same composition ofuid
andhostname
(uid@example.com) gets into the roster of the users. Instead, I would assume thejid
would be a composition ofpager
andhostname
(pager@example.com).pager
looks likegivenname.familyname
while uid looks likegivenname + x
if this is relevant anyhow.ldap_uids
is set in mod_vcard and the top-level too, without any problems.Any ideas why
ldap_uids
gets ignored bymod_shared_roster_ldap
?