Jabberd

From The Wiki

Jump to: navigation, search

jabberd-2.2.3

For RHEL5 it requires : mysql-server, mysql-devel, pam-devel, openldaa-devel, GNU SASL(gsasl, compiled from source), udns-devel(Dag Weeirs) 

./configure --enable-pam --enable-ldap --enable-mysql --enable-idn --enable-ssl
make
make install


Config is in /usr/local/etc/

sm.xml

<id>DOMAIN</id>

is the ID tag and will be the DOMAIN part of USER@DOMAIN. It's also refrenced in c2s.xml when configureing the realm.

mysql config also livs in sm.xml -- You must have password for the user you want use.

set 

<user>
<auto-create/>

In the user section to allow auto create of users when logging in.

c2s.xml

       <id realm=''
        pemfile='/usr/local/etc/server.pem'
        require-starttls='true'
        >DOMAIN</id>

When authing via pam_winbind.so set the "realm=' '"(That's two single quotes) and the DOMAIN to whatever you set in the sm.xml as the ID tag.


Set 

<authreg>
   <!-- 
  <path>/usr/local/lib/jabberd</path>
    -->  

<module>pam</module>


and remove the dynamic loading.

Set 

<traditional>
       <plain/>
     </traditional>

So that plain is the only auth type.

Normal mysql config.

Setup the mysql database with the file 

#mysql -u root 
mysql> \. /PATH/TO/JABBER/SOURCE/tools/db-setup.mysql

#cat /etc/pam.d/pam_jabberd
auth       required        pam_nologin.so
auth       sufficient      pam_winbind.so 
account    sufficient      pam_winbind.so
session    sufficient      pam_winbind.so
#ln -s /etc/pam.d/pam_jabberd /etc/pam.d/jabberd

generate TLS pem file, 

#openssl genrsa -out jabberd.key 2048
#openssl req -new -key jabberd.key -out jabberd.csr

Either sign your csr with your CA or do it with your own ca 

Self CA signed
 
 #openssl ca -config ca.config -keyfile ca.key -cert ca.crt -out jabberd.crt -infiles jabberd.csr

A pem is the key and crt in one file. 

cat jabberd.key jabberd.crt > server.pem

And put server.pem in /usr/local/etc/

Start jabberd with 

/usr/local/bin/jabberd

Which will make it run in the fore ground

logs are in 

/var/log/messages

winbind must be running and working etc.

Debug with, 

touch /etc/pam_debug
echo "*.debug > /var/log/debug"
touch /var/log/debug
/etc/init.d/syslog restart
tail -f /var/log/debug


User details will be "AD_USERNAME@ID_FROM_SM.XML" and change the server to your servername, port 5222, user SSL/TLS

Retrieved from "http://www.lubrical.net/wiki/index.php/Jabberd"
Personal tools
TOOLBOX
LANGUAGES