I'm have tested with Swift and Gajim. AD authentication integration works, but the vcard search fails when run from both Swift and Gajim but succeeds from the command line. Gajim is from the nightly build from 6/11/2023 Any suggestions?
this works:
root@im:/etc/ejabberd# ejabberdctl get_vcard samsmith localhost FN
Sam Smith
The configuration is vanilla right out of the documentation here:
https://docs.ejabberd.im/admin/configuration/ldap/#active-directory
Pigdin works but does not have vcard search in it that I can see. It does work on searching for user info if you type in the userID but not for wildcard searches
All the other desktop XMPP clients I have tried seem to be old and use old SSL encryption and will not connect to ejabberd
Here's the relevant config:
auth_method: [ldap]
ldap_servers:
- "dc1.example.com"
ldap_encrypt: none
ldap_base: "dc=example,dc=com"
ldap_rootdn: 'cn=Administrator,ou="Administrative Accounts",ou="Information Technology",ou=Administration,dc=example,dc=com'
ldap_password: "guessme"
ldap_uids: ["sAMAccountName"]
ldap_filter: "(objectClass=user)"
.
.
.
mod_stream_mgmt:
resend_on_timeout: if_offline
mod_stun_disco: {}
mod_vcard:
search: true
db_type: ldap
ldap_vcard_map:
NICKNAME: {"%u": []}
GIVEN: {"%s": [givenName]}
MIDDLE: {"%s": [initials]}
FAMILY: {"%s": [sn]}
FN: {"%s": [displayName]}
EMAIL: {"%s": [mail]}
ORGNAME: {"%s": [company]}
ORGUNIT: {"%s": [department]}
CTRY: {"%s": [c]}
LOCALITY: {"%s": [l]}
STREET: {"%s": [streetAddress]}
REGION: {"%s": [st]}
PCODE: {"%s": [postalCode]}
TITLE: {"%s": [title]}
URL: {"%s": [wWWHomePage]}
DESC: {"%s": [description]}
TEL: {"%s": [telephoneNumber]}
ldap_search_fields:
User: "%u"
Name: givenName
"Family Name": sn
Email: mail
Company: company
Department: department
Role: title
Description: description
Phone: telephoneNumber
ldap_search_reported:
"Full Name": FN
Nickname: NICKNAME
Email: EMAIL
mod_vcard_xupdate: {}
mod_version: {}
.
.
Here is the error I get when I try a search from Gajim for Windows clicking Accounts Discover Services, vCard User Search vjud.im.example.com in the /var/log/ejabberd/error.log file
2023-06-11 21:22:27.776738+00:00 [info] <0.566.0>@ejabberd_c2s:bind/2:442 (tls|<0.566.0>) Opened c2s session for [email protected]/gajim.LW3ZEHS3
2023-06-11 21:23:08.430561+00:00 [error] <0.566.0>@gen_iq_handler:process_iq/4:116 Failed to process iq:
#iq{
id = <<"19500e8f-201c-461d-9021-eb5c2eb30f9d">>,type = set,lang = <<"en">>,
from =
#jid{
user = <<"samsmith">>,server = <<"im.example.com">>,
resource = <<"gajim.LW3ZEHS3">>,luser = <<"samsmith">>,
lserver = <<"im.example.com">>,lresource = <<"gajim.LW3ZEHS3">>},
to =
#jid{
user = <<>>,server = <<"vjud.im.example.com">>,resource = <<>>,luser = <<>>,
lserver = <<"vjud.im.example.com">>,lresource = <<>>},
sub_els =
[#xmlel{
name = <<"query">>,
attrs = [{<<"xmlns">>,<<"jabber:iq:search">>}],
children =
[#xmlel{
name = <<"x">>,
attrs = [{<<"xmlns">>,<<"jabber:x:data">>},{<<"type">>,<<"submit">>}],
children =
[#xmlel{
name = <<"title">>,attrs = [],
children = [{xmlcdata,<<"Search users in vjud.im.example.com">>}]},
#xmlel{
name = <<"instructions">>,attrs = [],
children =
[{xmlcdata,
<<"Fill in the form to search for any matching XMPP User (Add * to the end of field to match substring)">>}]},
#xmlel{
name = <<"field">>,
attrs =
[{<<"var">>,<<"%u">>},
{<<"type">>,<<"text-single">>},
{<<"label">>,<<"User">>}],
children =
[#xmlel{
name = <<"value">>,attrs = [],
children = [{xmlcdata,<<"samsmith*">>}]}]},
#xmlel{
name = <<"field">>,
attrs =
[{<<"var">>,<<"givenName">>},
{<<"type">>,<<"text-single">>},
{<<"label">>,<<"Name">>}],
children = []},
#xmlel{
name = <<"field">>,
attrs =
[{<<"var">>,<<"sn">>},
{<<"type">>,<<"text-single">>},
{<<"label">>,<<"Family Name">>}],
children = []},
#xmlel{
name = <<"field">>,
attrs =
[{<<"var">>,<<"mail">>},
{<<"type">>,<<"text-single">>},
{<<"label">>,<<"Email">>}],
children = []},
#xmlel{
name = <<"field">>,
attrs =
[{<<"var">>,<<"company">>},
{<<"type">>,<<"text-single">>},
{<<"label">>,<<"Company">>}],
children = []},
#xmlel{
name = <<"field">>,
attrs =
[{<<"var">>,<<"department">>},
{<<"type">>,<<"text-single">>},
{<<"label">>,<<"Department">>}],
children = []},
#xmlel{
name = <<"field">>,
attrs =
[{<<"var">>,<<"title">>},
{<<"type">>,<<"text-single">>},
{<<"label">>,<<"Role">>}],
children = []},
#xmlel{
name = <<"field">>,
attrs =
[{<<"var">>,<<"description">>},
{<<"type">>,<<"text-single">>},
{<<"label">>,<<"Description">>}],
children = []},
#xmlel{
name = <<"field">>,
attrs =
[{<<"var">>,<<"telephoneNumber">>},
{<<"type">>,<<"text-single">>},
{<<"label">>,<<"Phone">>}],
children = []}]}]}],
meta = #{ip => {0,0,0,0,0,65535,44048,65067}}}
** exception error: no function clause matching
eldap_utils:'-make_filter/2-fun-1-'({<<"givenName">>,[]}) (eldap_utils.erl, line 114)
in function lists:flatmap/2 (lists.erl, line 1254)
in call from lists:flatmap/2 (lists.erl, line 1254)
in call from eldap_utils:make_filter/2 (eldap_utils.erl, line 113)
in call from mod_vcard_ldap:search/4 (mod_vcard_ldap.erl, line 124)
in call from mod_vcard:search_result/4 (mod_vcard.erl, line 483)
in call from mod_vcard:process_search/1 (mod_vcard.erl, line 264)
in call from gen_iq_handler:process_iq/3 (gen_iq_handler.erl, line 131)
