I’'ve successfully set up messenger using ldap as the authentication store which works great.
A couple of things need to be configurable to make this work in a large environment. Since messenger queries ldap, any users in ldap are deemed ‘‘valid’’ users. I’'ve got a samba domain in ldap with about 700 users and if we went live with this, we would need some way of filtering on an attribute or group who was allowed to login to use jabber.
A possible solution would be to use ldap groups as in JM-129 as white or black lists, or make a configuration option for an ldap search url matching on a specified ldap attribute.
Another issue I had was vcard information getting populated from ldap, but I see JM-121 will take care of that.