Invalid LDAP Authentication Method

Rajesh Dharmalingam rajesh.dharmalingam at gmail.com
Tue Dec 11 14:55:32 UTC 2007 

Hi,

On Dec 11, 2007 8:03 PM, Edward Rudd <erudd at netfor.com> wrote:

> The client must use plain text authentication, as I have not written
> SASL support in the LDAP plugin.  Also did you update the LDAPFilter to
> have %u in it? Second do you have the inetAuthorizedServices attribute?
> (Actually you should remove it, it was a *BAD* example as
> inetAuthorizedServices requires a full DN value).
>
> Try using just
>  (uid=%u) for (uid=abc)
> or
>  (uid=%u@%d) for (uid=abc at abc.com)
> as the LDAPFilter
>

This is my conf file:

  <Plugin DJabberd::Authen::LDAP>
        LDAPURI             ldap://192.168.1.11/
        LDAPBindDN          dc=abc,dc=com
        LDAPBindPW          test
        LDAPBaseDN          dc=abc,dc=com
        LDAPFilter          (uid=%d)  / LDAPFilter          (uid=%u) [Tried
with both]
  </Plugin>

and these are my ldap entries:

dn: dc=abc,dc=com
dc: dimdim
objectClass: dcObject
objectClass: organization
o: abc

dn: cn=abc, dc=abc,dc=com
userPassword:: abc
objectClass: top
objectClass: person
sn: Dimdim User
cn: abc

Regards,
-Rajesh


>
> Rajesh Dharmalingam wrote:
> > Hi,
> >
> > Thanks for the updates. I removed the LDAPMethod and tried, the user is
> > in "Connecting" status. The debug log is:
> >
> > DJabberd::Connection::ClientIn=ARRAY(0x8ee73ac):  Cipher `(NONE)'
> > 3909 DEBUG DJabberd.Connection.XML.ClientIn         1 > <?xml
> > version="1.0" encoding="UTF-8"?><stream:stream from='abc.com
> > <http://abc.com>' id="efe1bd9d700c68ca04de306be9a5bbd2c051a785"
> > version=' 1.0'  xmlns:stream="http://etherx.jabber.org/streams"
> > xmlns="jabber:client"><stream:features><auth xmlns='
> > http://jabber.org/features/iq-auth'/<http://jabber.org/features/iq-auth%27/>
> > <http://jabber.org/features/iq-auth'/<http://jabber.org/features/iq-auth%27/>
> >></stream:features>
> > 3909 DEBUG DJabberd.Connection.XML.ClientIn         1 < <iq type='get'
> > id='purpled510548c'><query
> > xmlns='jabber:iq:auth'><username>abc</username></query></iq>
> > 3909 INFO  DJabberd.Connection.XML.ClientIn         <iq type='result'
> > id='purpled510548c'><query
> >
> xmlns='jabber:iq:auth'><username></username><password/><resource/></query></iq>
> >
> > 3909 DEBUG DJabberd.Connection.XML.ClientIn         1 < <iq type='set'
> > id='purpled510548d'><query
> >
> xmlns='jabber:iq:auth'><username>abc</username><resource>Home</resource><password>abc</password></query></iq>
> >
> >
> > One clarification, there is no change from client side except that we
> > need to give the user name/password of what is available in the ldap?
> >
> > Regards,
> > -Rajesh
> >
> > On Dec 11, 2007 7:46 PM, Edward Rudd <erudd at netfor.com
> > <mailto:erudd at netfor.com>> wrote:
> >
> >     Rajesh Dharmalingam wrote:
> >     > Hi,
> >     >
> >     > I am trying to add the ldap plugin.
> >     >
> >     > The server configuration is
> >     >   <Plugin DJabberd::Authen::LDAP>
> >     >         LDAPURI             ldap://192.168.1.11/
> >     >         LDAPBindDN          dc=abc, dc=com
> >     >         LDAPBindPW          test
> >     >         LDAPBaseDN          dc=abc,dc=com
> >     >         LDAPFilter
> >      (&(inetAuthorizedServices=jabber)(uid="%d"))
> >     >         #LDAPFilter
> >      (&(inetAuthorizedServices=jabber)(uid="%u"))
> >     >         LDAPMethod          rebind
> >     >   </Plugin>
> >     >
> >     [snip]
> >     >
> >     > The debug log is
> >     > Use of uninitialized value in pattern match (m//) at
> >     > /usr/local/chat/djabberd/DJabberd/../DJabberd-
> >     Authen-LDAP-0.02/lib/DJabberd/Authen/LDAP.pm
> >     > line 101, <DATA> line 228.
> >     > 32599 ERROR DJabberd.Authen.LDAP                     Invalid LDAP
> >     > Authentication Method
> >     > Configuration error on line 44: Invalid LDAP Authentication Method
> at
> >     >
> >     /usr/local/chat/djabberd/DJabberd/../DJabberd-Authen-LDAP-0.02
> /lib/DJabberd/Authen/LDAP.pm
> >     > line 105
> >
> >     My guess is the extra spaces on the LDAPMethod config line are not
> taken
> >     into account by my code.. (oops).  Just removing the LDAPMethod line
> >     will fix it (since there is only one option it just happens to be
> the
> >     default)
> >
> >     And, I never actually tested anonymous binding, so it may be broken.
> >     I'll have to check into that.
> >
> >
> >
> >
> > --
> > Regards,
> > -Rajesh
> >
> > "Stick to our roots and not to forget where we come from"
>



-- 
Regards,
-Rajesh

"Stick to our roots and not to forget where we come from"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.danga.com/pipermail/djabberd/attachments/20071211/0e461a64/attachment.htm

More information about the Djabberd mailing list