1 (edited by aurel-son 2015-09-08 16:44:12)

Topic: ldap and ejabberd

======== Required information ====
- iRedMail version (check /etc/iredmail-release): lasted version
- Linux/BSD distribution name and version: Debian Jessie 64 bits
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====

Dear,

I looking for configure ejabberd with ldap. (iredmail and ldap they are same server).

My configuration ldap ejabberd :

## Authentication using LDAP
##
auth_method: ldap
##
## List of LDAP servers:
ldap_servers:
   - "127.0.0.1"
##
## Encryption of connection to LDAP servers:
## ldap_encrypt: none
##ldap_encrypt: tls
##
## Port to connect to on LDAP servers:
ldap_port: 389
## ldap_port: 636
##
## LDAP manager:
ldap_rootdn: "cn=vmail,dc=phs,dc=lan"
##
## Password of LDAP manager:
ldap_password: "Mypassword"
##
## Search base of LDAP directory:
ldap_base: "o=domains,dc=phs,dc=lan"
##
## LDAP attribute that holds user ID:
ldap_uids: "%u@phs.lan"
##
## LDAP filter:
ldap_filter: "(&(objectClass=mailUser)(accountStatus=active))"

When i configure ldap in ejabberd.yml and restart it's ok no error.
But when i want to connect with pidgin, i have this error :

Thanks you.

Post's attachments

ldap.png
ldap.png 12.03 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: ldap and ejabberd

This error message is helpless, Please turn on debug mode in ejabberd to get more detailed log.
You may want to turn on debug mode in OpenLDAP too, so that we can know the ldap filter and return value.
Reference:
http://www.iredmail.org/docs/debug.openldap.html

3

Re: ldap and ejabberd

log openldap :

Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=5 SRCH base="o=domains,dc=phs,dc=lan" scope=2 deref=0 filter="(&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=imapsecured)(|(mail=postmaster@phs.lan)(&(enabledService=shadowaddress)(shadowAddress=postmaster@phs.lan))))"
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=5 SRCH attr=mail allowNets
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=5 SEARCH RESULT tag=101 err=0 nentries=1 text=
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=6 BIND anonymous mech=implicit ssf=0
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=6 BIND dn="mail=postmaster@phs.lan,ou=Users,domainName=phs.lan,o=domains,dc=phs,dc=lan" method=128
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=6 BIND dn="mail=postmaster@phs.lan,ou=Users,domainName=phs.lan,o=domains,dc=phs,dc=lan" mech=SIMPLE ssf=0
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=6 RESULT tag=97 err=0 text=
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=7 BIND anonymous mech=implicit ssf=0
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=7 BIND dn="cn=vmail,dc=phs,dc=lan" method=128
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=7 BIND dn="cn=vmail,dc=phs,dc=lan" mech=SIMPLE ssf=0
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=7 RESULT tag=97 err=0 text=
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=8 SRCH base="o=domains,dc=phs,dc=lan" scope=2 deref=0 filter="(&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=imapsecured)(|(mail=postmaster@phs.lan)(&(enabledService=shadowaddress)(shadowAddress=postmaster@phs.lan))))"
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=8 SRCH attr=mail homeDirectory mailQuota
Sep  8 16:24:43 mail slapd[13848]: conn=1002 op=8 SEARCH RESULT tag=101 err=0 nentries=1 text=

log ejabberd :

2015-09-08 15:23:43.832 [error] <0.334.0>@eldap:connect_bind:1140 LDAP connection failed:
** Server: localhost:389
** Reason: closed
** Socket options: [{packet,asn1},{active,true},{keepalive,true},binary]

4

Re: ldap and ejabberd

aurel-son wrote:

2015-09-08 15:23:43.832 [error] <0.334.0>@eldap:connect_bind:1140 LDAP connection failed:

Looks like your ldap bind dn or password is wrong. Please double check it.

5

Re: ldap and ejabberd

ZhangHuangbin wrote:
aurel-son wrote:

2015-09-08 15:23:43.832 [error] <0.334.0>@eldap:connect_bind:1140 LDAP connection failed:

Looks like your ldap bind dn or password is wrong. Please double check it.

I give ldap user : vmail and password
maybe because i use localhost for hosts ?

6

Re: ldap and ejabberd

You can find bind dn/password of 'cn=vmail,dc=xx,dc=xx' in files under /etc/postfix/ldap/*.cf.