Author Topic: Jabber ejabberd.yml file being populated with phantom LDAP credentials  (Read 604 times)

compumatter

  • Zen Apprentice
  • *
  • Posts: 13
  • Karma: +2/-0
    • View Profile
    Hello,

    Here is the crux of the cracker.  When I save my Jabber settings or reboot the server the configuration file for Jabber (/etc/ejabberd/ejabberd.yml) is generated by Zentyal and it is wrong.

    It ends up looking something like this:

    • ldap_rootdn: "CN=zentyal-jabber-mydomainname,CN=Users,DC=domainmatter,DC=lan"
    • ldap_password: ""rDDmdsjsQrzKM/EYdvvYPN9"

    There is no user by that name in my Users list. I don't know where that user comes from and why it has ldap credentials to being with. 

    So I manually edited that file and changed the rootdn="first last" name to a user that I know exists and has Domain Admin privileges and set their password to the same one as saved in Zentyal Users for that user.

    I then restarted Jabber with sudo service ejabberd restart

I was immediately able to validate with no problems from client Pidgin IM software !!!

However any time I save Jabber, or reboot the computer, this ejabberd.yml file is changed to the WRONG credentials.

I have searched the web over and have not found this to be resolved or even discussed.

Can someone tell me where o where is this being set and how can I modify the LDAP creds coming from the Jabber module so they are correct

Here is an important foot note:

I added a new user by the name that was falsely shown in the ejabberd.yml file ie; zentyal-jabber-mydomain figuring I could set a password and maybe it would use this user. 
  • I was surprised when it gave me error and said "Accoun name zentylal-jabber-... already exists !!

So I have a phantom user but no way to control it.

What sayeth the group ?

Jay[/list]
« Last Edit: June 30, 2017, 12:45:34 am by compumatter »

Laurent Dinclaux

  • Zen Monk
  • **
  • Posts: 80
  • Karma: +4/-0
    • View Profile
    • Gecka
Re: Jabber ejabberd.yml file being populated with phantom LDAP credentials
« Reply #1 on: August 13, 2017, 10:18:32 pm »
When I save my Jabber settings or reboot the server the configuration file for Jabber (/etc/ejabberd/ejabberd.yml) is generated by Zentyal and it is wrong.

It ends up looking something like this:

  • ldap_rootdn: "CN=zentyal-jabber-mydomainname,CN=Users,DC=domainmatter,DC=lan"
  • ldap_password: ""rDDmdsjsQrzKM/EYdvvYPN9"

There is nothing wrong with that. That user is a special user that has access to Zentyal's ldap with proper privileges in order to list/ authenticate normal users.
Laurent

compumatter

  • Zen Apprentice
  • *
  • Posts: 13
  • Karma: +2/-0
    • View Profile
Re: Jabber ejabberd.yml file being populated with phantom LDAP credentials
« Reply #2 on: August 14, 2017, 03:14:45 am »
Ah. I see.  Thank you for that follow up.  Now I know. !