[jadmin] freedom of choosing Jabber-ID with Ldap
Thorsten Kleindienst
thorsten.kleindienst at switch.ch
Wed May 24 10:02:10 CDT 2006
I am using jabberd2 which is attached to an Ldap server for
authentication,
A typical entry of a user in Ldap is:
dn: uid=joe,ou=People,dc=example,dc=com
objectClass: posixAccount
objectClass: shadowAccount
uid: joe
uidNumber: 100
gidNumber: 100
homeDirectory: /home/joe
loginShell: /bin/bash
sn: Hunter
It is correct that this fixes the first part of the Jabber-ID to be
"joe",
or the full JID to be: (if the server is running on
jabber.example.com):
Jabber-ID: joe at jabber.example.com
or it is possible to select a different attribute, e.g. "sn"
as first part of the Jabber-ID.
The configuration in x2s.xml looks like:
<binddn>cn=jabber,ou=admins,dc=example,dc=com</binddn>
<bindpw>secret</bindpw>
<!-- LDAP attribute that holds the user ID (default: uid) -->
<uidattr>uid</uidattr>
If I change this to
<uidattr>sn</uidattr>
the authentication process does not work any more. Why?
For which kind of searches is then <binddn>...</binddn> used?
So is there no freedom to choose the first part of the jabber-ID?
Thanks for any answers.
More information about the JAdmin
mailing list