[FUG-BR] (OT) ejabber

Rafael Floriano Sousa Sales rafael.sales em gmail.com
Sex Maio 26 18:21:56 BRT 2006 

Olá,

Segue a configuração para a integração via ldap:

{acl, admin, {user, "tompast"}}.
{acl, local, {user_regexp, ""}}.
{access, register, [{allow, all}]}.
{access, configure, [{allow, admin}]}.

{welcome_message,
 {"Welcome!",
  "Welcome to Jabber Service.  "
  "For information about Jabber visit http://jabber.org"}}.
% Replace them with 'none' if you don't want to send such message:
%{welcome_message, none}.

{access, announce, [{allow, admin}]}.
{access, c2s, [{deny, blocked},
               {allow, all}]}.

{shaper, normal, {maxrate, 1000}}.
{shaper, fast, {maxrate, 50000}}.
{access, c2s_shaper, [{none, admin},
                      {normal, all}]}.

{access, s2s_shaper, [{fast, all}]}.
{access, muc_admin, [{allow, admin}]}.
{access, muc, [{allow, all}]}.
{access, local, [{allow, local}]}.


%{auth_method, internal}.

{auth_method, ldap}.
{ldap_servers, ["ldap.intranet.tompast.org"]}.
{ldap_uidattr, "uid"}.
{ldap_base, "ou=people,dc=tompast,dc=org"}.
{ldap_rootdn, "cn=jabbermanager,dc=tompast,dc=org"}.
{ldap_password, "password"}.

{hosts, ["jabber.tompast.org"]}.
{language, "en"}.

{listen,
 [{5222, ejabberd_c2s,     [{access, c2s}, {shaper, c2s_shaper},
                            {max_stanza_size, 65536},
                            starttls, {certfile, "./ssl.pem"}]},
  {5223, ejabberd_c2s,     [{access, c2s},
                            {max_stanza_size, 65536},
                            tls, {certfile, "./ssl.pem"}]},
  {5269, ejabberd_s2s_in,  [{shaper, s2s_shaper},
                            {max_stanza_size, 131072}
                           ]},
  {5280, ejabberd_http,    [http_poll, web_admin]},
  {8888, ejabberd_service, [{access, all},
                            {hosts, ["icq.tompast.org", "sms.tompast.org"],
                             [{password, "secret"}]}]}
 ]}.

{s2s_use_starttls, true}.
{s2s_certfile, "./ssl.pem"}.
{outgoing_s2s_port, 5269}.


{modules,
 [
  {mod_register,   [{access, register}]},
  {mod_roster,     []},
  {mod_shared_roster, []},
  {mod_privacy,    []},
  {mod_adhoc,      []},
  {mod_configure,  []}, % Depends on mod_adhoc
  {mod_configure2, []},
  {mod_disco,      []},
  {mod_stats,      []},
  {mod_vcard,      []},
  {mod_offline,    []},
  {mod_announce,   [{access, announce}]}, % Depends on mod_adhoc
  {mod_echo,       [{host, "echo.localhost"}]},
  {mod_private,    []},
  {mod_irc,        []},
  {mod_muc,        [{access, muc},
                    {access_create, muc},
                    {access_admin, muc_admin}]},
  {mod_pubsub,     []},
  {mod_time,       []},
  {mod_last,       []},
  {mod_version,    []}
 ]}.

Note que o usuário admin do ejabber é (tompast) e que o mesmo deve
estar cadastrado na sua base ldap outra parte importante a a criação
do certificado ssl:

openssl req -newkey rsa:1024 -x509 -nodes -out ssl.pem -keyout ssl.pem -days 365

Uma feature bem utilizada para ambientes corporativos e a linha:

{mod_shared_roster, []},

Onde você pode criar listas segmentadas, com isso você não precisa
cadastrar todos os contatos de cada usuário.

Abraços

-- 
Rafael Floriano Sousa Sales
Segurança da  Informação
Tompast IT Services
e-mail: rafael.sales at tompast.org
+55-11-3207-2457
+55-11-8433-2281

Mais detalhes sobre a lista de discussão freebsd