FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 04-22-2008, 01:39 AM
Rogelio
 
Default vectoring IRC / Jabber logins to AD?

Excuse my ignorance (I just got crap on the #centos IRC channel for this question), but is there a (easy!) way to have and IRC and/or Jabber server relay a login to a Microsoft Active Directory server for authentication?
If there's a better question to ask this question, please point me in that direction, and I'll be happy to do so
Thanks
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-22-2008, 01:48 AM
Matt Hyclak
 
Default vectoring IRC / Jabber logins to AD?

On Mon, Apr 21, 2008 at 06:39:45PM -0700, Rogelio enlightened us:
> Excuse my ignorance (I just got crap on the #centos IRC channel for this
> question), but is there a (easy!) way to have and IRC and/or Jabber server
> relay a login to a Microsoft Active Directory server for authentication?
> If there's a better question to ask this question, please point me in that
> direction, and I'll be happy to do so
>

Well, you probably want to ask in a support channel for your IRC and jabber
server software, and/or some sort of Microsoft channel.

The way you've posed the question, it has nothing to do with CentOS, so I am
unsurprised you got crap for it on IRC.

Matt

--
Matt Hyclak
Department of Mathematics
Department of Social Work
Ohio University
(740) 593-1263
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-22-2008, 02:04 AM
"Jim Perrin"
 
Default vectoring IRC / Jabber logins to AD?

On Mon, Apr 21, 2008 at 9:39 PM, Rogelio <scubacuda@gmail.com> wrote:
> Excuse my ignorance (I just got crap on the #centos IRC channel for this
> question), but is there a (easy!) way to have and IRC and/or Jabber server
> relay a login to a Microsoft Active Directory server for authentication?
>
> If there's a better question to ask this question, please point me in that
> direction, and I'll be happy to do so


Since Active Directory is mostly ldap, you can vary your search by
looking for ldap based authentication for jabber.

This will point you to
http://www.onlamp.com/pub/a/onlamp/2005/10/06/jabberd.html?page=1

You might also have a look at the ejabberd website and check there for
ldap/AD authentication info. See http://www.ejabberd.im/forum/7

The #centos channel is mostly for supporting the software shipped by
centos, and/or installation problems. Questions of your sort will have
a varied response based on channel mood, which is a bit bipolar to say
the least.


--
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-22-2008, 02:34 AM
Les Mikesell
 
Default vectoring IRC / Jabber logins to AD?

Matt Hyclak wrote:

On Mon, Apr 21, 2008 at 06:39:45PM -0700, Rogelio enlightened us:

Excuse my ignorance (I just got crap on the #centos IRC channel for this
question), but is there a (easy!) way to have and IRC and/or Jabber server
relay a login to a Microsoft Active Directory server for authentication?
If there's a better question to ask this question, please point me in that
direction, and I'll be happy to do so



Well, you probably want to ask in a support channel for your IRC and jabber
server software, and/or some sort of Microsoft channel.

The way you've posed the question, it has nothing to do with CentOS, so I am
unsurprised you got crap for it on IRC.


I thought one of the big deals in Centos was the ability to configure
PAM to authenticate anywhere you want and all the apps use the same
settings? Isn't that true, or aren't there any jabber/IRC servers that
are bundled properly into the distribution?


This sounds very much like a distro-centric question to me, even if the
answer turns out to be that Centos doesn't provide that.


--
Les Mikesell
lesmikesell@gmail.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-22-2008, 09:46 AM
Ralph Angenendt
 
Default vectoring IRC / Jabber logins to AD?

Les Mikesell wrote:
> I thought one of the big deals in Centos was the ability to configure PAM
> to authenticate anywhere you want and all the apps use the same settings?
> Isn't that true, or aren't there any jabber/IRC servers that are bundled
> properly into the distribution?

I know of neither. yum list "*jab*" only shows some perl-Jabber-*
packages, yum list "*irc*" gives back ircd-hybrid from the
kbs-CentOS-testing repository. So yes, ircd and jabberd aren't really in
CentOS.

And I have no idea if ircd-hybrid is being able to interface into an
already existing user database, as it has its very own ways managing
"users".

> This sounds very much like a distro-centric question to me, even if the
> answer turns out to be that Centos doesn't provide that.

Done.

Cheers,

Ralph
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-22-2008, 03:56 PM
Craig White
 
Default vectoring IRC / Jabber logins to AD?

On Mon, 2008-04-21 at 21:34 -0500, Les Mikesell wrote:
> Matt Hyclak wrote:
> > On Mon, Apr 21, 2008 at 06:39:45PM -0700, Rogelio enlightened us:
> >> Excuse my ignorance (I just got crap on the #centos IRC channel for this
> >> question), but is there a (easy!) way to have and IRC and/or Jabber server
> >> relay a login to a Microsoft Active Directory server for authentication?
> >> If there's a better question to ask this question, please point me in that
> >> direction, and I'll be happy to do so
> >>
> >
> > Well, you probably want to ask in a support channel for your IRC and jabber
> > server software, and/or some sort of Microsoft channel.
> >
> > The way you've posed the question, it has nothing to do with CentOS, so I am
> > unsurprised you got crap for it on IRC.
>
> I thought one of the big deals in Centos was the ability to configure
> PAM to authenticate anywhere you want and all the apps use the same
> settings? Isn't that true, or aren't there any jabber/IRC servers that
> are bundled properly into the distribution?
>
> This sounds very much like a distro-centric question to me, even if the
> answer turns out to be that Centos doesn't provide that.
----
actually no.

I am currently using ejabberd and it is not common to authenticate
'real' users but certain possible. The methodology of authenticating
'real' users would entirely depend upon the jabber server software which
varies widely from perl to java to erlang.

The point of authenticating against LDAP is rarely do you only want
user/id authentication but you also want address books/user lists and
other attributes that can be useful such as e-mail address.

In addition, jabber servers do have to store attributes about users so
there's little to be served by marrying PAM functions in.

What you should have noticed here Les, is that Windows AD users are
mostly clueless to how LDAP works and integrating Windows AD/LDAP into
other software is a challenge for them.

Craig

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-22-2008, 04:36 PM
"Matt Shields"
 
Default vectoring IRC / Jabber logins to AD?

On Tue, Apr 22, 2008 at 11:56 AM, Craig White <craig@tobyhouse.com> wrote:
>
> On Mon, 2008-04-21 at 21:34 -0500, Les Mikesell wrote:
> > Matt Hyclak wrote:
> > > On Mon, Apr 21, 2008 at 06:39:45PM -0700, Rogelio enlightened us:
> > >> Excuse my ignorance (I just got crap on the #centos IRC channel for this
> > >> question), but is there a (easy!) way to have and IRC and/or Jabber server
> > >> relay a login to a Microsoft Active Directory server for authentication?
> > >> If there's a better question to ask this question, please point me in that
> > >> direction, and I'll be happy to do so
> > >>
> > >
> > > Well, you probably want to ask in a support channel for your IRC and jabber
> > > server software, and/or some sort of Microsoft channel.
> > >
> > > The way you've posed the question, it has nothing to do with CentOS, so I am
> > > unsurprised you got crap for it on IRC.
> >
> > I thought one of the big deals in Centos was the ability to configure
> > PAM to authenticate anywhere you want and all the apps use the same
> > settings? Isn't that true, or aren't there any jabber/IRC servers that
> > are bundled properly into the distribution?
> >
> > This sounds very much like a distro-centric question to me, even if the
> > answer turns out to be that Centos doesn't provide that.
> ----
> actually no.
>
> I am currently using ejabberd and it is not common to authenticate
> 'real' users but certain possible. The methodology of authenticating
> 'real' users would entirely depend upon the jabber server software which
> varies widely from perl to java to erlang.
>
> The point of authenticating against LDAP is rarely do you only want
> user/id authentication but you also want address books/user lists and
> other attributes that can be useful such as e-mail address.
>
> In addition, jabber servers do have to store attributes about users so
> there's little to be served by marrying PAM functions in.
>
> What you should have noticed here Les, is that Windows AD users are
> mostly clueless to how LDAP works and integrating Windows AD/LDAP into
> other software is a challenge for them.
>
> Craig
>

Why not just install OpenFire which has the AD <-> Jabber
authentication stuff built right in?


--
-matt
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-22-2008, 04:39 PM
Craig White
 
Default vectoring IRC / Jabber logins to AD?

On Tue, 2008-04-22 at 12:36 -0400, Matt Shields wrote:
> On Tue, Apr 22, 2008 at 11:56 AM, Craig White <craig@tobyhouse.com> wrote:
> >
> > On Mon, 2008-04-21 at 21:34 -0500, Les Mikesell wrote:
> > > Matt Hyclak wrote:
> > > > On Mon, Apr 21, 2008 at 06:39:45PM -0700, Rogelio enlightened us:
> > > >> Excuse my ignorance (I just got crap on the #centos IRC channel for this
> > > >> question), but is there a (easy!) way to have and IRC and/or Jabber server
> > > >> relay a login to a Microsoft Active Directory server for authentication?
> > > >> If there's a better question to ask this question, please point me in that
> > > >> direction, and I'll be happy to do so
> > > >>
> > > >
> > > > Well, you probably want to ask in a support channel for your IRC and jabber
> > > > server software, and/or some sort of Microsoft channel.
> > > >
> > > > The way you've posed the question, it has nothing to do with CentOS, so I am
> > > > unsurprised you got crap for it on IRC.
> > >
> > > I thought one of the big deals in Centos was the ability to configure
> > > PAM to authenticate anywhere you want and all the apps use the same
> > > settings? Isn't that true, or aren't there any jabber/IRC servers that
> > > are bundled properly into the distribution?
> > >
> > > This sounds very much like a distro-centric question to me, even if the
> > > answer turns out to be that Centos doesn't provide that.
> > ----
> > actually no.
> >
> > I am currently using ejabberd and it is not common to authenticate
> > 'real' users but certain possible. The methodology of authenticating
> > 'real' users would entirely depend upon the jabber server software which
> > varies widely from perl to java to erlang.
> >
> > The point of authenticating against LDAP is rarely do you only want
> > user/id authentication but you also want address books/user lists and
> > other attributes that can be useful such as e-mail address.
> >
> > In addition, jabber servers do have to store attributes about users so
> > there's little to be served by marrying PAM functions in.
> >
> > What you should have noticed here Les, is that Windows AD users are
> > mostly clueless to how LDAP works and integrating Windows AD/LDAP into
> > other software is a challenge for them.
> >
> > Craig
> >
>
> Why not just install OpenFire which has the AD <-> Jabber
> authentication stuff built right in?
----
I'm actually planning to re-do one of my servers which is providing
jabber and I will test out OpenFire...

Ejabberd works pretty well all things considered and was fairly trivial
to integrated into my OpenLDAP setup not only for authentication but to
build 'lists' of people automatically and to pick other LDAP attributes.

Craig

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-22-2008, 06:00 PM
Les Mikesell
 
Default vectoring IRC / Jabber logins to AD?

Craig White wrote:

>

The way you've posed the question, it has nothing to do with CentOS, so I am
unsurprised you got crap for it on IRC.
I thought one of the big deals in Centos was the ability to configure
PAM to authenticate anywhere you want and all the apps use the same
settings? Isn't that true, or aren't there any jabber/IRC servers that
are bundled properly into the distribution?


This sounds very much like a distro-centric question to me, even if the
answer turns out to be that Centos doesn't provide that.

----
actually no.

I am currently using ejabberd and it is not common to authenticate
'real' users but certain possible.


Are you speaking for places that actually have all of their users in AD
when you say it is not common authenticate real users?



The point of authenticating against LDAP is rarely do you only want
user/id authentication but you also want address books/user lists and
other attributes that can be useful such as e-mail address.


But those may or may not be the same ones you'd find in AD.


In addition, jabber servers do have to store attributes about users so
there's little to be served by marrying PAM functions in.


I'd settle for not having yet another password.


What you should have noticed here Les, is that Windows AD users are
mostly clueless to how LDAP works and integrating Windows AD/LDAP into
other software is a challenge for them.


Which is why you'd want to set up PAM once, not
login/ssh/imap/pop/http/smtp/samba and all those other applications that
want a password. Especially when you want to be able to add local
accounts in addition to using a network authentication mechanism.


--
Les Mikesell
lesmikesell@gmail.com

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-22-2008, 06:22 PM
Craig White
 
Default vectoring IRC / Jabber logins to AD?

On Tue, 2008-04-22 at 13:00 -0500, Les Mikesell wrote:
> Craig White wrote:
> > >
> >>> The way you've posed the question, it has nothing to do with CentOS, so I am
> >>> unsurprised you got crap for it on IRC.
> >> I thought one of the big deals in Centos was the ability to configure
> >> PAM to authenticate anywhere you want and all the apps use the same
> >> settings? Isn't that true, or aren't there any jabber/IRC servers that
> >> are bundled properly into the distribution?
> >>
> >> This sounds very much like a distro-centric question to me, even if the
> >> answer turns out to be that Centos doesn't provide that.
> > ----
> > actually no.
> >
> > I am currently using ejabberd and it is not common to authenticate
> > 'real' users but certain possible.
>
> Are you speaking for places that actually have all of their users in AD
> when you say it is not common authenticate real users?
----
I'm talking about jabber implementations. I get the impression from the
couple I have set up that the authors don't consider authenticating
'system users' aka 'real users' as their primary usage
----
>
> > The point of authenticating against LDAP is rarely do you only want
> > user/id authentication but you also want address books/user lists and
> > other attributes that can be useful such as e-mail address.
>
> But those may or may not be the same ones you'd find in AD.
----
any reasonable LDAP implementation allows you to define the DN (or DN's)
to be used for various purposes
----
>
> > In addition, jabber servers do have to store attributes about users so
> > there's little to be served by marrying PAM functions in.
>
> I'd settle for not having yet another password.
----
sure - makes sense - how many different jabber servers are you running?
----
>
> > What you should have noticed here Les, is that Windows AD users are
> > mostly clueless to how LDAP works and integrating Windows AD/LDAP into
> > other software is a challenge for them.
>
> Which is why you'd want to set up PAM once, not
> login/ssh/imap/pop/http/smtp/samba and all those other applications that
> want a password. Especially when you want to be able to add local
> accounts in addition to using a network authentication mechanism.
----
sure - makes sense - how many different jabber servers are you running?

You are simply looking through a lens that says corporate users,
corporate login accounts, etc. That's fine but I get the distinct
impression that it is hardly the typical setup.

Craig

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 06:47 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org