OK, these may be addressed in the new documentation included with 2.1, but I’'m still running a beta.
What permissions does the jabber admin need?
When I tried LDAP integration before I couldn’'t log in to the web admin. Does the ‘‘admin’’ account no longer exist when you choose LDAP integration?
Can users exist outside of the AD if LDAP integration is enabled?
How many users do you need before you need a real database.
Thank you for your great product!
Alexander,
- What permissions does the jabber admin need?
The LDAP module requires you to configure an adminDN and password. This user must be able to read all users and perform searches. The LDAP module doesn’'t write to the directory. In 2.1.1, you can leave the adminDN blank in order to login anonymously (anonymous users would need full read access to make this work).
- When I tried LDAP integration before I couldn’'t
log in to the web admin. Does the ‘‘admin’’ account no
longer exist when you choose LDAP integration?
You must login using a username/password that is in the directory. From the 2.1.1 LDAP guide FAQ:
Q: I switched to LDAP and now cannot login to the admin console. What happened?
A: If you can no longer login to the admin console after switching, one of two things most likely happened:
By default, only the username “admin” is allowed to login to the admin console. Your directory may not contain a user with a username of “admin”. In that case, you should modify the list of usernames authorized to login to the admin console.
You may have set the baseDN to an incorrect value. The LDAP module recursively searches for users under the node in the directory specified by the baseDN. When the baseDN is incorrect, no users will be found.
You can also enable debugging to get more information from the LDAP module. To do this, add true to your conf/jive_messenger.xml file. Log statements will be written to the logs/debug.log file.
- Can users exist outside of the AD if LDAP
integration is enabled?
Not with the standard LDAP module. However, Jive Messenger lets you create your own implementation of the AuthProvider and UserProvider interfaces. You could make hybrid providers that way.
- How many users do you need before you need a real
database.
The exact performance differences are unknown at this point. We hope to be able to measure this through further testing. It’'s a tradeoff – the embedded database is easier to setup and maintain. However, an external database provides more flexibility and backup options.
Thank you for your great product!
Glad to have you as a user!
Regards,
Matt