[jitsi-users] users Digest, Vol 34, Issue 8


#1

Hello Stan,

CN is correct for us.

testsaslauthd -u xxx@yyy -p zzzz
0: OK "Success."

In case in wrong configuration, I should have something in /var/log/auth.log ; Souldn't I ?
But nothing at all (tail -f /var/log/auth.log) except service restart and wrong login/pssd with testsaslauthd command...

Any idea ?

Cédric

----- Mail original -----

···

De: users-request@jitsi.org
À: users@jitsi.org
Envoyé: Samedi 9 Janvier 2016 12:00:02
Objet: users Digest, Vol 34, Issue 8

Send users mailing list submissions to
users@jitsi.org

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.jitsi.org/mailman/listinfo/users
or, via email, send a message with subject or body 'help' to
users-request@jitsi.org

You can reach the person managing the list at
users-owner@jitsi.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of users digest..."

Today's Topics:

1. WebRTC - LDAP (cedm12@laposte.net)
2. Re: WebRTC - LDAP (Stanislav Kopp)

----------------------------------------------------------------------

Message: 1
Date: Fri, 8 Jan 2016 17:01:50 +0100 (CET)
From: cedm12@laposte.net
To: users@jitsi.org
Subject: [jitsi-users] WebRTC - LDAP
Message-ID:
<1510871365.1660809.1452268910857.JavaMail.zimbra@laposte.net>
Content-Type: text/plain; charset="utf-8"

I tried to add LDAP authentification with WebRTC jitsi solution via CYRUS SASL

Then I provisionned
- prosody conf (/etc/conf.avail/myconf.lua)
authentication = "cyrus"
sasl_backend = "cyrus"
cyrus_service_name = "xmpp"

- SASL (seems working fine)
testsaslauthd -u xxx@yyy -p zzzzz
0: OK "Success."

I have a correct behaviour with my jitsi webrtc website (I mean I have a correct popup asking login ans password), but authentification is failing.
No failure logs in /var/log/auth.log

Is anybody has LDAP configured ? Or Any idea ?

Cédric

----- Mail original -----

De: cedm12@laposte.net
À: users@jitsi.org
Envoyé: Jeudi 17 Décembre 2015 15:39:35
Objet: WebRTC - LDAP

Folks,

We have intalled Jitsi in order to do webconf between collegues.

Then, I installed Jitsi Meet / Nginx / Prosody / Jifoco and Jitsi VideoBridge.
It works well !!

Now, we tried to use our LDAP server, but without sucess.... And we found no errors into /var/log
We have follow this how-to :
http://booting-rpi.blogspot.fr/2015/09/using-ldap-authentication-with-jitsi.html

Any idea ?

For /etc/prosody/conf.avail/ldap.cfg.lua
authentication = 'ldap2'
ldap = {
hostname = 'Our LDAP Server',
use_tls = true,
bind_dn = 'cn=ldapreaderProxy,c=fr',
bind_password = 'XXX', -- Bind password (optional if anonymous bind is supported)

user = {
basedn = 'c=fr',
filter = '(&(objectClass=obmUser)(mail=$user))',
usernamefield = 'uid',
namefield = 'cn',
},
}

For /etc/prosody/conf.d/x.cfg.lua

VirtualHost "x"
authentication = "ldap2"
debug = true;

ssl configured

-- we need bosh
modules_enabled = {
"bosh";
"pubsub";
"ping"; -- Enable mod_ping
}

Thanks !

Cédric

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.jitsi.org/pipermail/users/attachments/20160108/6d88097b/attachment-0001.html>

------------------------------

Message: 2
Date: Fri, 8 Jan 2016 17:20:16 +0100
From: Stanislav Kopp <staskopp@gmail.com>
To: Jitsi Users <users@jitsi.org>
Subject: Re: [jitsi-users] WebRTC - LDAP
Message-ID:
<CAFddgf2ZYueiNDO+KwoRBX26XKunxPGk5m1=p402kgnk7HnU_w@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8

Hi Cedric,

I'm author of this how-to, your basedn looks wrong, it should be "dc",
what openldap version do you use?

Best,
Stan

2016-01-08 17:01 GMT+01:00 <cedm12@laposte.net>:

I tried to add LDAP authentification with WebRTC jitsi solution via CYRUS
SASL

Then I provisionned
- prosody conf (/etc/conf.avail/myconf.lua)
authentication = "cyrus"
sasl_backend = "cyrus"
cyrus_service_name = "xmpp"

- SASL (seems working fine)
testsaslauthd -u xxx@yyy -p zzzzz
0: OK "Success."

I have a correct behaviour with my jitsi webrtc website (I mean I have a
correct popup asking login ans password), but authentification is failing.
No failure logs in /var/log/auth.log

Is anybody has LDAP configured ? Or Any idea ?

Cédric

________________________________
De: cedm12@laposte.net
À: users@jitsi.org
Envoyé: Jeudi 17 Décembre 2015 15:39:35
Objet: WebRTC - LDAP

Folks,

We have intalled Jitsi in order to do webconf between collegues.

Then, I installed Jitsi Meet / Nginx / Prosody / Jifoco and Jitsi
VideoBridge.
It works well !!

Now, we tried to use our LDAP server, but without sucess.... And we found
no errors into /var/log
We have follow this how-to :
http://booting-rpi.blogspot.fr/2015/09/using-ldap-authentication-with-jitsi.html

Any idea ?

For /etc/prosody/conf.avail/ldap.cfg.lua
authentication = 'ldap2'
ldap = {
hostname = 'Our LDAP Server',
use_tls = true,
bind_dn = 'cn=ldapreaderProxy,c=fr',
bind_password = 'XXX', -- Bind password (optional if anonymous bind is
supported)

user = {
basedn = 'c=fr',
filter = '(&(objectClass=obmUser)(mail=$user))',
usernamefield = 'uid',
namefield = 'cn',
},
}

For /etc/prosody/conf.d/x.cfg.lua

VirtualHost "x"
authentication = "ldap2"
debug = true;

ssl configured

-- we need bosh
modules_enabled = {
"bosh";
"pubsub";
"ping"; -- Enable mod_ping
}

Thanks !

Cédric

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

------------------------------

Subject: Digest Footer

_______________________________________________
users mailing list
users@jitsi.org
http://lists.jitsi.org/mailman/listinfo/users

------------------------------

End of users Digest, Vol 34, Issue 8
************************************


#2

Have you already verified that Jitsi-Meet works with authentication enabled (but without LDAP)? If that does work, then the problem must be in the prosody LDAP-related configuration.

Regards,
Boris

···

On 11/01/16 14:33, cedm12@laposte.net wrote:

Hello Stan,

CN is correct for us.

testsaslauthd -u xxx@yyy -p zzzz
0: OK "Success."

In case in wrong configuration, I should have something in
/var/log/auth.log ; Souldn't I ?
But nothing at all (tail -f /var/log/auth.log) except service restart
and wrong login/pssd with testsaslauthd command...

Any idea ?