I want ejabberd (ejabberd 14.12) to use Dovecot's table 'users' for authentication (which is done already) but keep all ejabberd's data in different mysql database.
Is there anything, like autocreation option? For example, if user was successfully authenticated via external script, create that user in ejabberd's database? Or I have to make this up by my own? Im new in ejabberd
For authentication, I have this in ejabberd.yml
auth_method: external
extauth_program: "/opt/ejabberd/bin/auth_mysql_dovecot.php"
Will this allow me to use odbc as back-end?
I went the simple way.. What I needed is a local replacement for gmail+google chat for corporate users:
Dovecot with mysql authentication
Roundcube with plugin converse.js
Ejabberd with external auth:
auth_method: external
extauth_program: "/opt/ejabberd/bin/auth_mysql_dovecot.php"
Here is my auth_mysql_dovecot.php script. It doesn't use SASL to connect to dovecot. Its just simply connecting to dovecot mysql database. Important: Dovecot password encryption MUST BE 'CRAM-MD5'. Sorry, its the third version of the script. I didn't put the notes, where did I steal the code
No any registration needed. Once users login to their roundcube, they automatically will be logged into to ejabberd. Similar to google chat. If they change their passwords for Dovecot/Roundcube, the password will be changed for ejabberd as well.
I just let ejabberd to use its own native database
Related
I am trying to configure a user defined parameter on a Windows host. All my hosts are configured with PSK encryption and Zabbix server is able to get data without any issues.
However I cannot figure out how to use the zabbix_get manually with PSK encryption enabled.
zabbix_get -s x.x.x.x -p 10050 -k "internet.connection.check" --tls-connect=psk --tls-psk-identity="name" --tls-psk-file=cannot find any psk file on zabbix server
The problem is I cannot locate any PSK file on the zabbix server. Can I pass the PSK somehow?
The serverside PSK is configured in the GUI and stored in the database.
The Zabbix agent stores the PSK in a file.
I see 3 options:
Manually create a psk-file.
Remember that a change of the key must be done in the GUI, at the agent and in your special file.
Make a script that reads the key from the database.
Remember that direct access to the database of an application is most times forbidden and can cause compatibility issues after updating the application. Read-only access should be possible.
Use the same keys for all your agents;
When you install a Zabbix Agent on the Zabbix Server (allowing you to monitor the server), you do have a file on a normal place.
I wouldn't try to use an API or some smart script during Discovery, this will make the solution hard to maintain. I withdraw my last remark, when you have thousands of servers to monitor and a team working with Zabbix.
I have a MySLQ running on a CentOS server with SSL enabled and it require SSL in order to connect to the databases. I created the certificates and keys using OpenSSL, getting this files:
ca.pem
ca-key.pem
client-cert-pem
client-key-pem
server-cert.pem
server-key.pem
Setup MySQL with this:
ssl-ca=/etc/certs/ca.pem
ssl-cert=/etc/certs/server-cert.pem
ssl-key=/etc/certs/server-key.pem
bind-address=*
require_secure_transport=ON
I created a user that require X509 on the MySLQ by using:
CREATE USER 'user'#'%' IDENTIFIED BY '<password>' REQUIRE X509;
Testing with the MySQL client console and MySQL Workbench providing the client certs and it works fine. Also works on a Java App that writes/reads the databases by importing certifitates to the keytores/trustores.
However, I cannot set up Power Bi Desktop version to connect to the MySQL server. I imported the certificates to the Trusted Root Autenticathion Authorities and a PKCS12 keystore and trustore (used also by the Java App). This image shows the certificate. It is in Spanish, but it says it has also the key and it is verified by the ca.pem.
This is according to the documentation, but the documentation about this is very old and very limited. Some of the process and/or tools are out of date.
This are the sources I could find:
https://github.com/Microsoft/PowerBI-visuals/blob/master/tools/CreateCertificate.md#generate-certificate-manually
https://github.com/Microsoft/PowerBI-visuals/blob/master/tools/CertificateAddWindows.md
https://powerbi.microsoft.com/es-es/blog/ssl-security-error-with-data-source/
However there is not much more info about how to properly connect (or I cannot find it).
The message I get on Power Bi is "We were unable to authenticate you with the credentials provided. Try again."
I must add that disabling SSL allows me to connect to the databases using Power Bi, without any issue, it is the SSL what doesn't work as I don't know how to properly provide the certificates and I cannot find anything that decribes the process.
I try install ejabberd on my server. Then i install it, i edit ejabberd.yml file. Add domain in hosts section. When I try to connect to the admin panel by domain, it just doesn’t connect. But if I connect by ip everything works. What should I do ? Where to look ?
it just doesn’t connect
Does ejabberd show the connection attempt in the ejabberd log file?
If yes: I guess the web browser also requests you an admin account and password. You will have to register a new account in ejabberd, grant it admin rights in the configuration file, and restart ejabberd.
If nothing shown in the log file, then maybe your web browser doesn't know how to connect to ejabberd. Maybe you need to setup DNS.
just two questions about Ejabberd. I saw and adapted PHP tool found through GitHub (https://github.com/leesherwood/ejabberd-php-auth) for external authentication, but I have a doubt: when exploiting external authentication, how Ejabberd links users (who are not stored into Ejabberd database but into an external mySQL database used for Web purposes) with conversations, please?
Second question. I have followed guidelines for setting external authentication. It works like a charm when testing by command line, mocking a command like 00auth:username:servername:password
But, when I try to connect to Ejabberd's administration web platform, I receive an error of connection. Instead, when I use internal authorization, the platform is reachable.
Do you figure out the reason, please?
how Ejabberd links users (who are not stored into Ejabberd database but into an external mySQL database used for Web purposes) with conversations, please?
How? With their username+hostname.
when I try to connect to Ejabberd's administration web platform, I receive an error of connection. Instead, when I use internal authorization, the platform is reachable.
Try to login with a Jabber client, does it work? In the WebAdmin, remember to provide the Jabber ID, which is username#hostname, not only the username.
I'm installing Windows Server AppFabric in a Windows 2008 R2 SP1 that is part of my domain. On the Configure Hosting Service, I would like to configure each AppFabric service on a separate Domain account. I've created the 3 necessary databases on a separate database server that is also part of my domain, and 3 domain users, and I've given each domain user db_owner privilege on it's respective database.
When I'm installing Windows Server AppFabric, and I try to set the monitoring configuration, and on the AppFabric Event Collection service account, I'm trying to use the domain user, but it keeps giving me Logon Failure: Unknown username or bad password, but the user and password are valid! On the same server, if I do a runas with the same domain user and password, I open any application I want.
Is there a restriction on using domain accounts for this? I've placed all 3 accounts as local admin and on AS_Administrators, to see if it helped, but it's no good.
After a LOT of troubleshooting, I found out how to configure it. Before the Windows Server AppFabric Configuration Wizard is opened, go to the Services, and configure the 3 services (AppFabricCachingService, AppFabricEventCollectionService and AppFabricWorkflowManagementService) with the domain users you want. Then, you open the Wizard, and the correct domain users will already be configured, and all you need to do is configure the database.
The post https://stackoverflow.com/questions/4733348/configuring-appfabric-with-remote-database also helped, along with the article http://msdn.microsoft.com/en-us/library/ff637739.aspx