Arun Mallikarjunan | 1 Jan 05:41 2007
Picon

able to register but unable to login


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi All,
    Just installed ejabberd. The default ejabberd.cfg is what i am
using. I am running Ubuntu Edgy and installed ejabberd from the
repository.

   After installation, I tried to access it thru Gaim 2.0.0.Beta3.1. I
was able to register an admin account and also login to my web admin
page thru it after adding it to the admin tag in the cfg file. But I
am unable to login through Gaim. I am not sure what options I should
be selecting.

  This is the output of my ejabberd.log file

=INFO REPORT==== 2006-12-31 23:29:04 ===
I(<0.235.0>:ejabberd_listener:90): (#Port<0.727>) Accepted connection
{{192,168,0,107},1263} -> {{192,168,0,156},5223}

=ERROR REPORT==== 2006-12-31 23:29:04 ===
** State machine <0.735.0> terminating
** Last event in was {xmlstreamelement,
                         {xmlelement,"response",
                                     [{"xmlns",

"urn:ietf:params:xml:ns:xmpp-sasl"}],
                                     [{xmlcdata,

(Continue reading)

Arun Mallikarjunan | 1 Jan 05:50 2007
Picon

Re: able to register but unable to login


Oh, and this is the sasl.log file tail

=CRASH REPORT==== 31-Dec-2006::23:39:05 ===
  crasher:
    pid: <0.743.0>
    registered_name: []
    error_info: {badarg,[{ets,lookup,[crypto_server_table,port]},
                          {crypto,control,2},
                          {cyrsasl_digest,response,6},
                          {cyrsasl_digest,mech_step,2},
                          {cyrsasl,server_step,2},
                          {ejabberd_c2s,wait_for_sasl_response,2},
                          {gen_fsm,handle_msg,7},
                          {proc_lib,init_p,5}]}
    initial_call: {gen,init_it,
                      [gen_fsm,
                       <0.226.0>,
                       <0.226.0>,
                       ejabberd_c2s,
                       [{gen_tcp,#Port<0.732>},
                        [{access,c2s},
                         {max_stanza_size,65536},
                         tls,
                         {certfile,"/etc/ejabberd/ejabberd.pem"},
                         {shaper,c2s_shaper}]],
                       []]}
    ancestors: [ejabberd_c2s_sup,ejabberd_sup,<0.38.0>]
    messages: []
    links: [#Port<0.733>,<0.226.0>]
(Continue reading)

Jorge Luis Becerra Peraza | 1 Jan 08:38 2007
Picon

Active directory ldap auth problem

Hi:

 I am testing the ldap autentication using ejabber 1.1.2 on a debian 
Sarge,
there is some problem before to put on the production server i want to 
be
able to restrict the users who can use ejabberd as a client. Currently 
i
found no way to avoid administrator and others accounts to appear on 
the
roster and be able to login. I means accounts used by 
administrative
purpouses should not appear, maybe can be done using 
ldap_filter but i don't
find the way, if there is any help, i preciate 
it.

  I have no too many accounts , about 250 and five different 
organization
units on the Active Directory.
 Something i find hard to 
understand was that i need to put every user on
some group to appear, for 
that a global security group named jabberusers was
created, but any user who 
belongs to any other group also appear, that's
what i try to avoid. The 
administrative accounts also belongs to some groups
, i found no way to avoid 
this.
(Continue reading)

Mickael Remond | 1 Jan 12:30 2007
Picon

Re: Re: able to register but unable to login

Hello,

>From what I know the  Ubuntu packaging is broken as it does not seems to
have an Erlang compiled with crypto support.

--

-- 
Mickaël Rémond
 http://www.process-one.net/
Sergei Golovan | 1 Jan 12:46 2007
Picon

Re: Re: able to register but unable to login

On 1/1/07, Mickael Remond <mickael.remond <at> process-one.net> wrote:
> Hello,
>
> >From what I know the  Ubuntu packaging is broken as it does not seems to
> have an Erlang compiled with crypto support.

It's not exactly true. Erlang in Ubuntu is built with crypto, but
loading crypto fails. See
https://bugs.launchpad.net/distros/ubuntu/+source/erlang/+bug/68163
for details.

I would say that using erlang in Ubuntu is not so good idea. The
package is just a rebuild of Debian erlang package, and it isn't paid
any attention from Ubuntu people (at least Edgy was released with this
critical bug without any doubts).

--

-- 
Sergei Golovan
Alex Jones | 1 Jan 21:01 2007

Enabling verbose logging on Debian / Failing S2S with certain servers

Hi list

Does anybody know how I can enable verbose logging in Debian? The FAQ
says that I need to recompile ejabberd... surely there is an easier
way? :/

I need to debug something in ejabberd, as my server is failing to S2S
communicate with at least the servers operating on jabber.ru and
desrt.ca. The current logs just read:

=INFO REPORT==== 2007-01-01 14:59:26 ===
I(<0.6382.0>:ejabberd_s2s_out:106): started: {"weej.com",
                                              "conference.jabber.ru",
                                              {new,"3782444651"}}

=INFO REPORT==== 2007-01-01 15:00:35 ===
I(<0.6384.0>:ejabberd_s2s_out:106): started: {"weej.com",
                                              "desrt.ca",
                                              {new,"1709113412"}}

=INFO REPORT==== 2007-01-01 15:00:35 ===
I(<0.6384.0>:ejabberd_s2s_out:662): terminated: normal

Any help would be much appreciated.

Thanks!
--

-- 
Alex Jones <alex <at> weej.com>
Jonas Ådahl | 2 Jan 03:03 2007
Picon
Picon

Re: Re: able to register but unable to login

On mån, 2007-01-01 at 14:46 +0300, Sergei Golovan wrote:
> On 1/1/07, Mickael Remond <mickael.remond <at> process-one.net> wrote:
> > Hello,
> >
> > >From what I know the  Ubuntu packaging is broken as it does not seems to
> > have an Erlang compiled with crypto support.
> 
> It's not exactly true. Erlang in Ubuntu is built with crypto, but
> loading crypto fails. See
> https://bugs.launchpad.net/distros/ubuntu/+source/erlang/+bug/68163
> for details.
> 
> I would say that using erlang in Ubuntu is not so good idea. The
> package is just a rebuild of Debian erlang package, and it isn't paid
> any attention from Ubuntu people (at least Edgy was released with this
> critical bug without any doubts).
> 

One "solution" to the problem is installing the old erlang version from
dapper.

I tried compiling the newest otp*.tar.bz2 from erlang.org and using the
package from the ubuntu devel-verion, but the error didn't go away.

/Jonas
Arun Mallikarjunan | 2 Jan 21:10 2007
Picon

Re: ejabberd Digest, Vol 42, Issue 2

Thanks for the response guys, I did come across that link myself. I downloaded the 10B source and tried compiling it. I did the sudo apt-get build-dep erlang.

make didnt work initially, it was complaning about hipe so I did a configure --disable-hype . That didnt work. Then some more googling led me to a link that said gcc4.1 was the culprit. So i did configure --disable-hipe CC=/usr/bin/gcc-4.0 . And that didnt work either.

Currently the make stops with this message after compiling for about 30min.
/usr/bin/install -c -d /home/rowdy/downloads/otp_src_R10B-10/erts/start_scripts/tmp
( cd /home/rowdy/downloads/otp_src_R10B-10/erts/start_scripts/tmp && \
        erlc -W   -I/home/rowdy/downloads/otp_src_R10B-10/lib/kernel/ebin -I/home/rowdy/downloads/otp_src_R10B-10/lib/stdlib/ebin -I/home/rowdy/downloads/otp_src_R10B-10/lib/sasl/ebin -o /home/rowdy/downloads/otp_src_R10B-10/erts/start_scripts/start_clean.script /home/rowdy/downloads/otp_src_R10B-10/erts/start_scripts/start_clean.rel )
stdlib: File not found: "stdlib.app"

make[2]: *** [/home/rowdy/downloads/otp_src_R10B-10/erts/start_scripts/start_clean.script] Error 1
make[2]: Leaving directory `/home/rowdy/downloads/otp_src_R10B-10/erts/start_scripts'
make[1]: *** [local_setup] Error 2
make[1]: Leaving directory `/home/rowdy/downloads/otp_src_R10B-10/erts'
make: *** [local_setup] Error 2


What am I missing? Happy new year to those who I havent wished before.

Regards,
Arun

On 1/2/07, ejabberd-request <at> jabber.ru < ejabberd-request <at> jabber.ru> wrote:
Send ejabberd mailing list submissions to
        ejabberd <at> jabber.ru

To subscribe or unsubscribe via the World Wide Web, visit
        http://lists.jabber.ru/mailman/listinfo/ejabberd
or, via email, send a message with subject or body 'help' to
        ejabberd-request <at> jabber.ru

You can reach the person managing the list at
         ejabberd-owner <at> jabber.ru

When replying, please edit your Subject line so it is more specific
than "Re: Contents of ejabberd digest..."


Today's Topics:

   1. Re: Re: able to register but unable to login (Mickael Remond)
   2. Re: Re: able to register but unable to login (Sergei Golovan)
   3. Enabling verbose logging on Debian / Failing S2S with     certain
      servers (Alex Jones)
   4. Re: Re: able to register but unable to login (Jonas ?dahl)


----------------------------------------------------------------------

Message: 1
Date: Mon, 1 Jan 2007 05:30:57 -0600 (CST)
From: "Mickael Remond" <mickael.remond <at> process-one.net>
Subject: Re: [ejabberd] Re: able to register but unable to login
To: ejabberd <at> jabber.ru
Message-ID: <1167651057.v2.fusewebmail-66260 <at> f>
Content-Type: text/plain;charset=iso-8859-1

Hello,

>From what I know the  Ubuntu packaging is broken as it does not seems to
have an Erlang compiled with crypto support.

--
Mickaël Rémond
http://www.process-one.net/


------------------------------

Message: 2
Date: Mon, 1 Jan 2007 14:46:54 +0300
From: "Sergei Golovan" <sgolovan <at> gmail.com>
Subject: Re: [ejabberd] Re: able to register but unable to login
To: ejabberd <at> jabber.ru
Message-ID:
        <f60b7eb60701010346w3e0f3605p6333ea13f5166239 <at> mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

On 1/1/07, Mickael Remond <mickael.remond <at> process-one.net> wrote:
> Hello,
>
> >From what I know the  Ubuntu packaging is broken as it does not seems to
> have an Erlang compiled with crypto support.

It's not exactly true. Erlang in Ubuntu is built with crypto, but
loading crypto fails. See
https://bugs.launchpad.net/distros/ubuntu/+source/erlang/+bug/68163
for details.

I would say that using erlang in Ubuntu is not so good idea. The
package is just a rebuild of Debian erlang package, and it isn't paid
any attention from Ubuntu people (at least Edgy was released with this
critical bug without any doubts).

--
Sergei Golovan


------------------------------

Message: 3
Date: Mon, 01 Jan 2007 20:01:32 +0000
From: Alex Jones <alex <at> weej.com>
Subject: [ejabberd] Enabling verbose logging on Debian / Failing S2S
        with    certain servers
To: ejabberd <at> jabber.ru
Message-ID: <1167681692.5092.6.camel <at> localhost.localdomain>
Content-Type: text/plain

Hi list

Does anybody know how I can enable verbose logging in Debian? The FAQ
says that I need to recompile ejabberd... surely there is an easier
way? :/

I need to debug something in ejabberd, as my server is failing to S2S
communicate with at least the servers operating on jabber.ru and
desrt.ca. The current logs just read:

=INFO REPORT==== 2007-01-01 14:59:26 ===
I(<0.6382.0>:ejabberd_s2s_out:106): started: {" weej.com",
                                              "conference.jabber.ru",
                                              {new,"3782444651"}}

=INFO REPORT==== 2007-01-01 15:00:35 ===
I(<0.6384.0>:ejabberd_s2s_out:106): started: {"weej.com",
                                              " desrt.ca",
                                              {new,"1709113412"}}

=INFO REPORT==== 2007-01-01 15:00:35 ===
I(<0.6384.0>:ejabberd_s2s_out:662): terminated: normal

Any help would be much appreciated.

Thanks!
--
Alex Jones <alex <at> weej.com>



------------------------------

Message: 4
Date: Tue, 02 Jan 2007 03:03:00 +0100
From: Jonas ?dahl < tox <at> dtek.chalmers.se>
Subject: Re: [ejabberd] Re: able to register but unable to login
To: ejabberd <at> jabber.ru
Message-ID: < 1167703380.11597.3.camel <at> zion.kietsu>
Content-Type: text/plain; charset=utf-8

On mån, 2007-01-01 at 14:46 +0300, Sergei Golovan wrote:
> On 1/1/07, Mickael Remond < mickael.remond <at> process-one.net> wrote:
> > Hello,
> >
> > >From what I know the  Ubuntu packaging is broken as it does not seems to
> > have an Erlang compiled with crypto support.
>
> It's not exactly true. Erlang in Ubuntu is built with crypto, but
> loading crypto fails. See
> https://bugs.launchpad.net/distros/ubuntu/+source/erlang/+bug/68163
> for details.
>
> I would say that using erlang in Ubuntu is not so good idea. The
> package is just a rebuild of Debian erlang package, and it isn't paid
> any attention from Ubuntu people (at least Edgy was released with this
> critical bug without any doubts).
>

One "solution" to the problem is installing the old erlang version from
dapper.

I tried compiling the newest otp*.tar.bz2 from erlang.org and using the
package from the ubuntu devel-verion, but the error didn't go away.

/Jonas



------------------------------

_______________________________________________
ejabberd mailing list
ejabberd <at> jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd


End of ejabberd Digest, Vol 42, Issue 2
***************************************

_______________________________________________
ejabberd mailing list
ejabberd <at> jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd
Jaco Kroon | 2 Jan 21:22 2007
Picon

Re: Re: SSL/TLS with ICA

Jaco Kroon wrote:
>>Hello,
>>
>>Le 19 déc. 06 à 19:38, Jaco Kroon a écrit :
>>
>>
>>>Just applied to tlug.up.ac.za and the patch does indeed function
>>>correctly, by simply appending the intermediate certificate to the
>>>file
>>>the entire chain is properly passed to the client.
>>
>>Thank you for the feedback :)
>>We will also try it on our own production server, before considering
>>it for addition to the code base.
> 
> 
> However, it seems that the bug report had it correct.  After a while it
> simply stops responding.
> 
> tcpdump indicates that it actually does unclean teardowns of the
> connection, basically the SYN/ACK handshake happens, psi sends 124 bytes
> of data, the server ACKs it, and then immediate RSTs the connection. 
> Something dodgy is happening.

Hi guys,

I'm guessing it's time for some more feedback.

Not sure what the case was here, but it's been running for two weeks now
without issues, could simply be that the load was drastically lower of
Christmas/new-year and there might actually still be a problem or the
issue may have been caused by something else.

Jaco
Attachment (smime.p7s): application/x-pkcs7-signature, 4371 bytes
_______________________________________________
ejabberd mailing list
ejabberd <at> jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd
Nathan Faust | 4 Jan 16:05 2007

RE: Active directory ldap auth problem


Jorge,

You want to pick the ldap_filter to filter on the security group
jabberusers.

{ldap_base, "DC=lan,DC=hab,DC=desoft,DC=cu"}.
{ldap_filter, "(memberOf=Jabberusers)"}.

That should only authenticate just the members of the Jabberusers
security group.

You can also look at the AD with:
ldapsearch -x -b "dc=lan,dc=hab,dc=desoft,dc=cu" -D
user <at> lan.hab.desoft.cu -h lan.hab.desoft.cu -W

-----------------------
Nathan Faust
Systems Administrator
Merchant Warehouse
Two International Place
Fourth Floor
Boston, MA  02110 
Phone:  617.896.5558
Fax:    617.854.8923
http://www.merchantwarehouse.com/ 

-----Original Message-----
From: ejabberd-bounces <at> jabber.ru [mailto:ejabberd-bounces <at> jabber.ru] On
Behalf Of Jorge Luis Becerra Peraza
Sent: Monday, January 01, 2007 2:38 AM
To: ejabberd <at> jabber.ru
Subject: [ejabberd] Active directory ldap auth problem

Hi:

 I am testing the ldap autentication using ejabber 1.1.2 on a debian
Sarge, there is some problem before to put on the production server i
want to be able to restrict the users who can use ejabberd as a client.
Currently i found no way to avoid administrator and others accounts to
appear on the roster and be able to login. I means accounts used by
administrative purpouses should not appear, maybe can be done using
ldap_filter but i don't find the way, if there is any help, i preciate
it.

  I have no too many accounts , about 250 and five different
organization units on the Active Directory.
 Something i find hard to
understand was that i need to put every user on some group to appear,
for that a global security group named jabberusers was created, but any
user who belongs to any other group also appear, that's what i try to
avoid. The administrative accounts also belongs to some groups , i found
no way to avoid this.

the relarted ldap part of ejabberd.conf look
like:

{auth_method, ldap}.
{ldap_servers,
["lan.hab.desoft.cu"]}.
{ldap_uidattr, "sAMAccountName"}.
{ldap_base,
"DC=lan,DC=hab,DC=desoft,DC=cu"}.
{ldap_rootdn,
"CN=someuser,CN=Users,DC=lan,DC=hab,DC=desoft,DC=cu"}.
{ldap_filter,
"(memberOf=*)"}.
{ldap_password, "passwordofsomeuser"}.

  
{mod_vcard_ldap,
    [{ldap_vcard_map,
    [{"NICKNAME", "%u", []},

{"GIVEN", "%s", ["givenName"]},
    {"MIDDLE", "%s", ["initials"]},

{"FAMILY", "%s", ["sn"]},
    {"FN", "%s", ["displayName"]},
    {"EMAIL",
"%s", ["mail"]},
    {"ORGNAME", "%s", ["company"]},
    {"ORGUNIT", "%s",
["department"]},
    {"CTRY", "%s", ["c"]},
    {"LOCALITY", "%s",
["l"]},
    {"STREET", "%s", ["streetAddress"]},
    {"REGION", "%s",
["st"]},
    {"PCODE", "%s", ["postalCode"]},
    {"TITLE", "%s",
["title"]},
    {"URL", "%s", ["wWWHomePage"]},
    {"DESC", "%s",
["description"]},
    {"TEL", "%s", ["telephoneNumber"]}]},

{ldap_search_fields,
    [{"User", "%u"},
    {"Name",
"givenName"},
    {"Family Name", "sn"},
    {"Email", "mail"},

{"Company", "company"},
    {"Department", "department"},
    {"Role",
"title"},
    {"Description", "description"},
    {"Phone",
"telephoneNumber"}]},
    {ldap_search_reported,
    [{"Full Name",
"FN"},
    {"Nickname", "NICKNAME"},
    {"Email", "EMAIL"}]}

]
    }.

{host_config, "hab.desoft.cu", [{auth_method, [anonymous, ldap]}]}.

  {mod_vcard_ldap,      [{search, true},

{allow_return_all, true},
      {matches, infinity},
      {host,
"jud.hab.desoft.cu"}]},

_______________________________________________
ejabberd mailing list
ejabberd <at> jabber.ru
http://lists.jabber.ru/mailman/listinfo/ejabberd

Gmane