On Tue, 2008-04-22 at 12:36 -0400, Matt Shields wrote: > On Tue, Apr 22, 2008 at 11:56 AM, Craig White <craig@xxxxxxxxxxxxx> wrote: > > > > On Mon, 2008-04-21 at 21:34 -0500, Les Mikesell wrote: > > > Matt Hyclak wrote: > > > > On Mon, Apr 21, 2008 at 06:39:45PM -0700, Rogelio enlightened us: > > > >> Excuse my ignorance (I just got crap on the #centos IRC channel for this > > > >> question), but is there a (easy!) way to have and IRC and/or Jabber server > > > >> relay a login to a Microsoft Active Directory server for authentication? > > > >> If there's a better question to ask this question, please point me in that > > > >> direction, and I'll be happy to do so > > > >> > > > > > > > > Well, you probably want to ask in a support channel for your IRC and jabber > > > > server software, and/or some sort of Microsoft channel. > > > > > > > > The way you've posed the question, it has nothing to do with CentOS, so I am > > > > unsurprised you got crap for it on IRC. > > > > > > I thought one of the big deals in Centos was the ability to configure > > > PAM to authenticate anywhere you want and all the apps use the same > > > settings? Isn't that true, or aren't there any jabber/IRC servers that > > > are bundled properly into the distribution? > > > > > > This sounds very much like a distro-centric question to me, even if the > > > answer turns out to be that Centos doesn't provide that. > > ---- > > actually no. > > > > I am currently using ejabberd and it is not common to authenticate > > 'real' users but certain possible. The methodology of authenticating > > 'real' users would entirely depend upon the jabber server software which > > varies widely from perl to java to erlang. > > > > The point of authenticating against LDAP is rarely do you only want > > user/id authentication but you also want address books/user lists and > > other attributes that can be useful such as e-mail address. > > > > In addition, jabber servers do have to store attributes about users so > > there's little to be served by marrying PAM functions in. > > > > What you should have noticed here Les, is that Windows AD users are > > mostly clueless to how LDAP works and integrating Windows AD/LDAP into > > other software is a challenge for them. > > > > Craig > > > > Why not just install OpenFire which has the AD <-> Jabber > authentication stuff built right in? ---- I'm actually planning to re-do one of my servers which is providing jabber and I will test out OpenFire... Ejabberd works pretty well all things considered and was fairly trivial to integrated into my OpenLDAP setup not only for authentication but to build 'lists' of people automatically and to pick other LDAP attributes. Craig _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos