User:Frahm

From Univention Wiki

Revision as of 12:13, 16 October 2012 by Frahm (talk | contribs)
Jump to: navigation, search

Jabber Server with UCs

This article describes the set up of different Jabber servers in UCS. The scope of functions in Jabber is quite large, therfore we only respond the following points in this article.

  • LDAP authentification
  • SSL/Plaintext (Port 5223)
  • vCard (from LDAP)
  • shared roster
  • Binding to other IM protocols (called 'transports' in the article)
  • Chatrooms

The needed software packages can be installed directly on UCS, or can be downloaded as a Debian sourcecode package then translated on the UCS system and installed with the usual UCS commands.

eJabberd

eJabberd is a Jabber server which is written in the pograming language "Erlang". By various modules he reached a wide range of functions. The eJabberd is configurable with the file /etc/ejabberd/ejabber.cfg. The following part shows the main parameters (HOSTNAME, LDAPBASE etc. have to be customized)

Hint: Maybe you have to install a few more packages, so that the description works correctly. The packages will be called in the section where there needed.

General settings

%% mapping the administrator account of the Jabber server to a normal administrator
{acl, admin, {user, "administrator", "HOSTNAME"}}.
..
%% The hostname of the Jabber server
{hosts, ["HOSTNAME"]}.
...

Authentification (LDAP)

...
% Uncomment!
%{auth_mehtod, internal}
%% LDAP authentification with localhost
%% LDAPBASE is the output from "ucr get ldap/base"
{auth_method, ldap}.
{ldap_servers, ["localhost"]}. %list of LDAP servers
{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
{ldap_base, "cn=user,LDAPBASE"}. %Search base of LDAP directory

vCard

%%Used modules:
{modules
[
%% To bind the cVcard to the LDAP server
%% More fields can be added.
 {mod_vcard_ldap, [
  {ldap_servers, ["localhost"]},
  {ldap_rootdn, ""},
  {ldap_password, ""},
  {ldap_base, "cn=user,LDAPBASE},
  {ldap_uids, [{"mail", "%u@mail.example.org"}]},
  {ldap_filter, ""},
  {ldap_vcard_map, [
   {"NIOKNAME", "%u", []},
   {"FN", "%s", ["cn"]},
   {"EMAIL", "%s", ["mailPrimaryAddress"]},
   {"DESC", "%s", ["description"]}
  ]},
  {ldap_search_fields, [
   {"User", "%u"},
   {"Name", "givenName"},
   {"Family Name", "sn"},
   {"Email", "mail},
  ]}
  {ldap_search_reported, [
   {"Full Name", "FN"},
   {"Nickname", "NICKNAME"},
   {"Description", "DESC"},
  ]}
 ]},
 ...
 %% The module "mod_vcard" should be commented out
 %{mod_vcard, []},
 ...
]}.

Shared roster

Shared roster distributes automaticly contactlists for the Jabber users, this doesn't work correctly with the binding on the LDAP database. There is antoher module "mod_ctlextra" by which one can at at least make known each account with each (push-alltoall). Hint: Here you need SVN and Erlang Packages!

cd /opt
svn co https://svn.process-one.net/ejabberd-modules
cd /opt/ejabberd-modules/mod_ctlextra/trunk
./build.sh
cp ebin/mod_ctlextra.beam /usr/lib/erlang/lib/ejabberd-1.2.2/ebin

After this, the module "mod_ctlextra" can be activated in the configuration file.

% Used modules: 
{modules, [
 ...
 {mod_ctlextra, []}, % !!!
 ...
 {mod_version, []}
]}.

After restarting the Jabber server

/etc/init.d/ejabberd restart

the commandlineprogramm from eJabberd "ejabberdctl" knows additional commands.

Personal tools