Zentyal Forum, Linux Small Business Server

Zentyal Server => Other modules => Topic started by: compumatter on June 29, 2017, 10:15:46 pm

Title: Jabber ejabberd.yml file being populated with phantom LDAP credentials
Post by: compumatter on June 29, 2017, 10:15:46 pm

Hello,

Here is the crux of the cracker.  When I save my Jabber settings or reboot the server the configuration file for Jabber (/etc/ejabberd/ejabberd.yml) is generated by Zentyal and it is wrong.

It ends up looking something like this:


• ldap_rootdn: "CN=zentyal-jabber-mydomainname,CN=Users,DC=domainmatter,DC=lan"
• ldap_password: ""rDDmdsjsQrzKM/EYdvvYPN9"

There is no user by that name in my Users list. I don't know where that user comes from and why it has ldap credentials to being with. 

So I manually edited that file and changed the rootdn="first last" name to a user that I know exists and has Domain Admin privileges and set their password to the same one as saved in Zentyal Users for that user.

I then restarted Jabber with sudo service ejabberd restart

I was immediately able to validate with no problems from client Pidgin IM software !!!

However any time I save Jabber, or reboot the computer, this ejabberd.yml file is changed to the WRONG credentials.

I have searched the web over and have not found this to be resolved or even discussed.

Can someone tell me where o where is this being set and how can I modify the LDAP creds coming from the Jabber module so they are correct

Here is an important foot note:

I added a new user by the name that was falsely shown in the ejabberd.yml file ie; zentyal-jabber-mydomain figuring I could set a password and maybe it would use this user. 

• I was surprised when it gave me error and said "Accoun name zentylal-jabber-... already exists !!

So I have a phantom user but no way to control it.

What sayeth the group ?

Jay[/list]

Title: Re: Jabber ejabberd.yml file being populated with phantom LDAP credentials
Post by: Laurent Dinclaux on August 13, 2017, 10:18:32 pm

Quote from: compumatter on June 29, 2017, 10:15:46 pm

When I save my Jabber settings or reboot the server the configuration file for Jabber (/etc/ejabberd/ejabberd.yml) is generated by Zentyal and it is wrong.

It ends up looking something like this:

• ldap_rootdn: "CN=zentyal-jabber-mydomainname,CN=Users,DC=domainmatter,DC=lan"
• ldap_password: ""rDDmdsjsQrzKM/EYdvvYPN9"

There is nothing wrong with that. That user is a special user that has access to Zentyal's ldap with proper privileges in order to list/ authenticate normal users.

Title: Re: Jabber ejabberd.yml file being populated with phantom LDAP credentials
Post by: compumatter on August 14, 2017, 03:14:45 am

Ah. I see.  Thank you for that follow up.  Now I know. !