[LDAP] @-Sign in username not working

I configured Jitsi to use LDAP via cyrus/saslauthd. Its working great but I wanted to allow the users email address for login.

Unfortunately, if I configure saslauthd like ldap_filter: (mail=%u), Jisti freezes at “Connecting…”. I see, that the LDAP query is sent to the LDAP, so no problems here. As soon as I change the filter to ldap_filter: (mail=%u*) (note the *) Iam able to only enter the first part just before the @ of my mails, which is working, so I think, the @ is the thing here.

Since prosody users have always an @ sign (like myuser@meet.my.tld) I thought it would work with my mails, too.

Any ideas?

Thanks!

Hey did you find any solution to this? We have a similar requirement.

No. Nothing new.

Same problem here too! Can login with ldap_filter: (sAMAccountName=%u) but change to mail and login with email address ends in an endless loading screen. Anyone with idea whats wrong?

Additional information:
I use jitsi-docker. When I change the ldap_filter to the mail field and try login with testsaslauthd, i got a success message. So, somehow is going wrong inside jtisi in my opinion.

I configured LDAP authentication for jitsi-meet via cyrus / saslauthd. but when creating a room, a login with a password is not requested. when I change the authentication = “cyrus” value in /etc/prosody/conf.avail/meet.jit.si.cfg.lua to authentication = “internal_hashed”, a login and password request is made. what am I doing wrong?

XMPP full logins are in the form user@server

So if your user is an email address, such as’myprecious@mysite.com’, Prosody will get an user in the form of ‘myprecious@mysite.com@server’ and it will not like it because it does not want more than one ‘@’ in an user specification.

To make this work it would be necessary for some adaptation layer to transcode the ‘@’ in the user name to something else. If there is none, the connection requests will fail.