Turns out there are a few things to keep in mind when setting up an XMPP (Jabber) server. I had to change the domain name a couple times and add a couple service records but the system is now up and running in a standard open-federation configuration. Users on Siona can use their system login for user@dl.nibble.bz and then *poof* that's it. We can message eachother, message other users of different XMPP servers. Access for server-to-server in Jive can be configured eiher by white-list or black-list so I'm just running ours open for now.
And Google developers have said they will join the open federation as soon as possible. One of the sticking points they want to address is control over spammers and bots who could register on any server in the community that allows public registration and then spam the crap out of the Google Talk users. Which is a fair concern but we're all egerly awaiting Google's move to the open federation.
I've been spending more time working with Tocaraul as a front-end for the Icecast server I'm running from home. All the good Ogg encodings are in the library for a whopping total of 2377 songs. Tocaraul is a couple of Python scripts to handle song requests from a web interface. Basically, I'm learning Python :P It's pretty handy stuff. For info on Tocaraul progress, take a look at the WebSVN page there and there's both a change log and a TODO for upcoming features.
Monday 31 October 2005
Friday 21 October 2005
Things are Looking up in the Directory
Siona is now running a live LDAP directory and so far it is going pretty well. System authentication is all directory based. Logins and sessions and all that good fun. I configured a Jabber server (Jive Messenger) to auth users against the directory and it works swell! Any system users can login with their system account on the Jabber server and IM and that fun stuff.
I plan to migrate Samba next which is not a very big impact but would be good to get in the central user directory. Dovecot for IMAP and POP authentication after that. Postfix eventually as well which will be interesting. With Postfix, that will afect how mail is routed possibly making it easier to setup virtual domains or whatever. I think that about covers the auth stuff that's offered.
That Jabber server is a little special. I'll have to get some of the peeps using it so we can try to test some of the features. Just basic stuff like authorizing users and setting up or joining chat rooms. So far it seems a little sketchy. There are also some other handy features of the server like a searchable directory. I don't know how that will work out. I just know that I don't know how to get my IM client to even use that feature :P
At any rate, the LDAP works really great and after a bit of a rough start out of the gate, it is really going to be useful as heck. This Jabber we will have to see but it seems promising.
I plan to migrate Samba next which is not a very big impact but would be good to get in the central user directory. Dovecot for IMAP and POP authentication after that. Postfix eventually as well which will be interesting. With Postfix, that will afect how mail is routed possibly making it easier to setup virtual domains or whatever. I think that about covers the auth stuff that's offered.
That Jabber server is a little special. I'll have to get some of the peeps using it so we can try to test some of the features. Just basic stuff like authorizing users and setting up or joining chat rooms. So far it seems a little sketchy. There are also some other handy features of the server like a searchable directory. I don't know how that will work out. I just know that I don't know how to get my IM client to even use that feature :P
At any rate, the LDAP works really great and after a bit of a rough start out of the gate, it is really going to be useful as heck. This Jabber we will have to see but it seems promising.
Sunday 16 October 2005
Auth This...
Well, I'm finally going to try to get a working LDAP server up and running on Siona finally. There are so many services that would just work better with a working directory, I gots to put one in. I'm still struggling with bootstrapping the whole operation. I've read some stuff, looked for some tools, but basically unless it's part of a big enterprise package, it's a little, uh, heavy for most operation.
But basically I would be able to run everything through it. Users could save their contact lists online. Login info could come from the directory for any number of services inluding system logins, Samba, Jabber, email, the works! It's all patched together right now with a crude mix of pam, maintenance scripts, and just plain not working. The only common service that I have been able to find is LDAP. PAM is really promising but a bunch of services, like Samba, do a challenge type auth so the passwords have to be decryptable rather then a straight hash.
And all-in-all, setting LDAP as a n00b is really confusing. I just hope this all works out in the end and we'll have world peace and a fair distribution of wealth.
But basically I would be able to run everything through it. Users could save their contact lists online. Login info could come from the directory for any number of services inluding system logins, Samba, Jabber, email, the works! It's all patched together right now with a crude mix of pam, maintenance scripts, and just plain not working. The only common service that I have been able to find is LDAP. PAM is really promising but a bunch of services, like Samba, do a challenge type auth so the passwords have to be decryptable rather then a straight hash.
And all-in-all, setting LDAP as a n00b is really confusing. I just hope this all works out in the end and we'll have world peace and a fair distribution of wealth.
Subscribe to:
Posts (Atom)
Popular Posts
-
For anyone who's had to cleanup some mail problems with Postfix configuration (or more often with other things, like anti-spam, tied in ...
-
In the course of troubleshooting the office Jabber server the other day, I came across some interesting info about the various caches that O...
-
For everyone who uses cron, you are familiar with the job schedule form: min hr day-of-month month day-of-week <command> A problem...