powered by Jive Software

LDAP Auth and username problem

Dear All,

I’‘ve just downloaded messenger today (19/4/05) and I’'m having a few problems with LDAP authentication. We are using OpenLdap 2.1.29 and messenger 2.1.2.

The problem, in a nut shell, is that we user virtual servers and our ldap directory is set up to handle uid’'s in the format of username@domain e.g.

dn: uid=usnermae@xyz.com,ou=sales,ou=uk,ou=xyz.com,o=virtual_domain

Messenger doesn’'t seem to like anything after and includeing the @ symbol. If I set up and account with the format uid=username,ou=sales,ou=uk,ou=xyz.com,o=virtual_domain all works okay.

Another problem which could be related is that in the admin console in the user summary if displays the correct count for the number of users on the system but will only display in the userlist usernames which do not contain the @ symbol.

Any help greatfully received.




The “@” symbol isn’‘t a valid part of an XMPP name. Do you have any other fields in LDAP that you could use as a username that don’'t contain prohibited characters? Alternatively, does every user the same data after the @ symbol (e.g. xyz.com")? If so, you could change the LDAP code to only use the part of uid before @xyz.com.



I have the similar problem with two words username, and I want to put mail attribute in mail, but it doesn’‘t work. It only works with givenName, sn (Surname) and sAMAccountName. First and Last names doesn’'t work, because they need to be unique to be visible, so the only option is email alias.

What other Ldap (AD) attributes can be in


Hmm… I just remembered one other possible solution, which is to support JID escaping. I think that might work around this issue. This has already been filed as: JM-230.


Thanks Matt will have a look at that. Unfortunately I’‘m in the position that I have users from various domains accessing the system so I can’'t drop after the @ symbol.

Will let you know how I get on.



JID escaping is probably going to be your best bet then. Please vote for the issue if you’'d like to see the feature implemented!