c2s /var/run/jabberd_notification/c2s.pid 127.0.0.1 5348 jabberd @ROUTERPASSWORD@ 3 3 2 jabberd_notification/c2s log_user @HOSTNAME@ :: 5218 0 65536 1000 100 65535 allow,deny 0 0 0 /var/jabberd/modules/jabberd2 apple_od /private/var/jabberd/sqlite/jabberd2_notification.db 5000 localhost 3306 jabberd2 jabberd2 secret <!-- use crypt(3)ed passwords <crypt/> --> </password_type> </mysql> <!-- PostgreSQL module configuration --> <pgsql> <!-- PostgreSQL connection info. For the rest of the options see http://www.postgresql.org/docs/8.0/interactive/libpq.html --> <conninfo>dbname=jabberd2 user=jabberd2 password=secret</conninfo> <!-- Alternatively you may set connection settings separately. These are used only in absence of 'conninfo' --> <!-- Database server host and port --> <host>localhost</host> <port>5432</port> <!-- Database name --> <dbname>jabberd2</dbname> <!-- Database username and password --> <user>jabberd2</user> <pass>secret</pass> </pgsql> <!-- Oracle driver configuration --> <oracle> <!-- Database server host and port. --> <host>localhost</host> <port>1521</port> <!-- Database name --> <dbname>jabberd2</dbname> <!-- Database username and password --> <user>jabberd2</user> <pass>secret</pass> </oracle> <!-- Berkeley DB module configuration --> <db> <!-- Directory to store database files under --> <path>/usr/var/jabberd/db</path> <!-- Synchronize the database to disk after each write. If you disable this, database accesses may be faster, but data may be lost if jabberd crashes. --> <sync/> </db> <!-- LDAPFULL module configuration --> <ldapfull> <!-- LDAP server host and port (default: 389) --> <uri>ldap://localhost/ ldaps://ldap.example.com/</uri> <!-- DN to bind as for searches. If unspecified, the searches will be done anonymously. --> <!-- <binddn>cn=Directory Manager</binddn> <bindpw>secret</bindpw> --> <!-- Type of LDAP server. Currently "ad" for active directory and "ldap" for other ldap servers. If not specified, then it is ldap. --> <!-- <type>ad</type> --> <!-- LDAP attribute that holds the user ID (default: uid) --> <uidattr>uid</uidattr> <objectclass>posixAccount</objectclass> <!-- LDAP attribute that holds the cleartext or hashed password (not needed when pwscheme is set to 'bind') --> <pwattr>userPassword</pwattr> <!-- if you use included jabberd.schema use this: <uidattr>jid</uidattr> <objectclass>jabberUser</objectclass> <pwattr>jabberPassword</pwattr> --> <!-- Attribute that holds jabber account status. Must be TRUE for AD, and 1 for other LDAP server. If not specified, then it will not be used. --> <!-- <validattr>valid</validattr> --> <fulluid/> <!-- If pwscheme is not defined, then passwords are stored in clear text and digest authentication may be done. If passwords are hashed, then you cannot use digest authentication and should use plain text authentication. Any of sha, ssha, crypt, bind and clear may be specified. 'sha' specifies that the attribute in pwattr holds a base-64 encoded SHA-1 hashed password beginning with the string {SHA}. 'ssha' specifies that the attribute in pwattr holds a base-64 SHA-1 hashed password appended with 32 bits of salt and beginning with the string {SSHA}. 'crypt' specifies that the attribute in pwattr holds a UNIX-style crypt(3) hashed password. 'bind' specifies that the password is not stored in an attribute but is authenticated directly by the LDAP server by binding using the user's DN. This should be compatible with the widest variety of LDAP servers. --> <!-- <pwscheme>bind</pwscheme> --> <!-- base DN of the tree. You should specify a DN for each authentication realm declared in the <local/> section above, by using the realm attribute. --> <basedn realm='company'>o=Company.com</basedn> <basedn>o=Example Corp.</basedn> </ldapfull> <!-- LDAP module configuration --> <!-- Remember that you need to use PLAIN auth with LDAP backend --> <ldap> <!-- LDAP server host and port (default: 389) --> <host>ldap.example.com</host> <port>389</port> <!-- Use LDAP v3 if possible. If disabled, v2 will be used. Encryption options are only available if v3 is enabled. --> <!-- <v3/> --> <!-- Encryption. If enabled, this will create an encrypted channel to the LDAP server using the LDAP STARTTLS mechanism. --> <!-- <starttls/> --> <!-- Encryption. If enabled, this will create an encrypted channel to the server using the old-style "ldaps://" mechanism. It is recommended that you use <starttls/> instead of this. --> <!-- <ssl/> --> <!-- DN to bind as for searches. If unspecified, the searches will be done anonymously. --> <!-- <binddn>cn=Directory Manager</binddn> <bindpw>secret</bindpw> --> <!-- LDAP attribute that holds the user ID (default: uid) --> <uidattr>uid</uidattr> <!-- Enable the append-realm element if you want to append realm value (usernam@realm) to the uidattr value <append-realm/> --> <!-- Alternatively to <uidattr/> and <append-realm/> you may specify full LDAP search <query/> that will be used to get user objects from directory. The following replacements take place: %u is replaced by user login name %r is replaced by user login realm When <query/> is specified, <uidattr/> and <append-realm/> are unused and take no effect. --> <!-- <query>(&amp;(mail=%u@%r)(objectClass=inetOrgPerson))</query> --> <!-- base DN of the tree. You should specify a DN for each authentication realm declared in the <local/> section above, by using the realm attribute. --> <basedn realm='company'>o=Company.com</basedn> <basedn>o=Example Corp.</basedn> </ldap> <!-- if you want to configure more than one LDAP server create ldap1, ldap2 etc. sections <ldap1> </ldap1> --> <!-- Pipe module configuration --> <pipe> <!-- Program to execute --> <exec>/usr/bin/pipe-auth.pl</exec> </pipe> </authreg> </c2s> <!-- vim: syntax=xml -->