Instant messaging might be a valuable service for your organization. Of course you might use an existing application service provider to address your needs, however we prefer to run our own instant messaging server based on open source software and supplying open standards. Furthermore we want to be able to use our existing LDAP-environment for user management. Jabberd2 meets our needs and is available for the Debian GNU/Linux platform. Jabberd2 provides the Extensible Messaging and Presence Protocol (XMPP), an IETF accepted open Internet Standard for XML based communications technology.
More information is available on the Jabberd2 website
Jabberd2 stores some data like user profiles in a MySQL-database. User credentials will be checked against your LDAP-database. As the LDAP implementation of Jabberd2 does not seem to be able to check group membership of users at this moment, we'll configure Jabberd2 to make use of PAM for user access to its service.
So we need to have a MySQL-database, a LDAP-server and we need to configure PAM/NSSwitch on our server to connect to LDAP:
As the Jabberd2 package depends on some additional packages install them first on your server/virtual server:
apt-get install libidn11 jabber-common libmysqlclient15off mysql-common mysql-client
Logon to your database server and create a database and a database user for Jabberd2:
mysqladmin -u root -p create jabberd2 mysql -u root -p -e "grant all on jabberd2.* to jabdb@'your_jabber_server' identified by 'your_password'" mysql -u root -p -e "flush privileges"
Although Debian Etch does not provide a binary package for Jabberd2, the source of the software is available in the Debian Experimental tree. To get the source code, log in to your development server and add a line for the Debian Experimental repository to /etc/apt/sources.list. You might want to read the Hannibal Development-server howto.
.. deb-src http://ftp.nl.debian.org/debian experimental main contrib non-free ..
apt-get update cd /path_to_your_home apt-get source jabberd2
We want to build a Jabberd2 package for Debian Etch (amd64-platform) that supports LDAP and MySQL. First we need to obtain the build dependencies of Jabberd2, then we can build the binary package:
cd /path_to_your_home/jabberd2-2.0s11 sudo apt-get build-dep jabberd2 dpkg-buildpackage -rfakeroot -b
Copy the Jabberd2 package to your server/virtual server and install the package like so:
dpkg -i /your_path/jabberd2-ldap-mysql_2.0s11-1_amd64.deb
The Jabberd2 package provides a jabberd2 database schema for starters, so install this schema:
cd /home gzip -d /usr/share/doc/jabberd2-ldap-mysql/tools/db-setup.mysql.gz mysql -u jabdb -p -h your_database_server \. db-setup.mysql
The Jabberd2 software itself is configured via 6 xml-files in the directory /etc/jabberd2. Check the configuration-section on the Jabberd2 website for details on these files.
Configure sm.xml for your MySQL-environment:
... <mysql> <!-- Database server host and port --> <host>your_database_server</host> <port>3306</port> <!-- Database name --> <dbname>jabberd2</dbname> <!-- Database username and password --> <user>jabdb</user> <pass>your_password</pass> </mysql> ...
As we want to make Jabberd2 to check PAM for authorization of clients (we only grant access to members of the 'ircusers' group), configure the c2s.xml file to use pam as a module (remember we don't use the native LDAP-patch of Jabberd2):
... <module>pam</module> ...
create a file /etc/pam.d/jabberd:
@include common-auth account required pam_succeed_if.so debug user ingroup ircusers @include common-account @include common-password @include common-session
Restart the Jabberd2:
As the XMPP-protocol is an open standard any IRC-client that supports XMPP might work. We use Pidgin and Gaim on Ubuntu desktops and Adium on MacOSX clients ourselves.
Check the Jabberd2 website or search the net for other alternatives.