XMPP (eJabberd)

Yesterday I started to implement a chat into Kolab.

I decided to use an XMPP Server connected to the Kolab-Ldap and decided to use eJabberD.

Installation was quite simple and the connection to Kolab-Ldap as well.

Download and install with the following command:

apt-get install ejabberd

and follow the instructions.

Here are my specific parameter for the auth against Kolab-LDAP (the other remain as they are):

%%{auth_method, internal}.
{auth_method, ldap}.
{ldap_servers, ["localhost"]}.
{ldap_port, 389}.
{ldap_rootdn, "cn=Directory Manager"}.
{ldap_password, "DontEvenThinkAboutIt"}.
{ldap_filter, "(objectClass=mailrecipient)"}.
{ldap_uids, [{"mail", "%u@%d"}]}.
{acl, admin, {user, "admin", "domain.com"}}.
{hosts, ["domain.com"]}.
{ldap_base, "ou=People,dc=domain,dc=com"}.

It's not necessary to register user in eJabberd, just create one in your kolab-webadmin.

If you want to check your eJabberD, go to :

http://youraddress:5280/admin

and login with your full mail address and password which you use for Kolab.

It's necessary to have correct DNS Records for your domain.
For a proper s2s and c2s communication you need some SRV records in your DNS:

A proper A/CNAME for domain.com (no wildcard) and the following SRV records:

_xmpp-client._tcp.domain.com. 59 IN SRV   0 0 5222 domain.com.
_xmpp-server._tcp.domain.com. 59 IN SRV   0 0 5269 domain.com.
_jabber._tcp.domain.com. 59 IN    SRV     0 0 5269 domain.com.

When you change the DNS please add conference.domain.com for the MUC module :-)

In your client you should activate SASL-Auth, the service is domain.com and the uer is without the domain and port is the default one 5222.


If everything is fine, it's time to integrate into kolab/roundcubemail.

Following the instructions on http://permalink.gmane.org/gmane.comp.kde.kolab.devel/12092  I got it.

Well, not only following the instructions but also to setup some more things:
First of all the config from the plugin. The main parts are$config['converse_xmpp_bosh_prebind_url']= function($args) {
        return 'http://127.0.0.1:5280/http-bind';
};
$config['converse_xmpp_bosh_url']= function($args) {
        return '/http-bind';
};
$config['converse_xmpp_hostname']= function($args) {
        list($user,$host) = explode('@', $args['user']);
        return $host;
};
$config['converse_xmpp_username']= function($args) {
        list($user,$host) = explode('@', $args['user']);
        return $user;
};
To have the BOSH-Url available in roundcubemail, you have to redirect domain/http-bind to server:5280/htt-bind. My nginx config looks like this:
location /http-bind {
            proxy_pass  http://localhost:5280/http-bind;
            proxy_set_header Host $host;
            proxy_buffering off;
            tcp_nodelay on;
        }
And now the ejabberd.cfg. When you install ejabberd and connect it to kolab-ldap, binding also seems to work (domain:5280/http-bind) but it doesn't. You need explicitly to activate it in the "modules"-section!
I forgot this and struggled around nearly 4 hours to find the error.
So the changes in modules section are
  {mod_shared_roster,[
                {'ldap_base', 'ou=People,dc=example,dc=com'},
                {'ldap_rfilter', '(objectClass=kolabinetorgperson)'},
                {'ldap_memberattr', 'uid'},
                {'ldap_userdesc', 'cn'},
                {'ldap_filter', '(objectClass=kolabinetorgperson)'},
                {'ldap_useruid', 'uid'}
        ]},
  {mod_http_bind,[]}

Please check the variable name. It is in the config.inc.php from the plugin by default $rcmail_config, but the roundcubemail from kolab sources/binaries uses $config, so please change it :-)