HannibalWiki

Jabberd2 stores some data like user profiles in a MySQL-database. User credentials will be checked against your LDAP-database. As the LDAP implementation of Jabberd2 does not seem to be able to check group membership of users at this moment, we'll configure Jabberd2 to make use of PAM for user access to its service.

So we need to have a MySQL-database, a LDAP-server and we need to configure PAM/NSSwitch on our server to connect to LDAP:

• Hannibal documentation on howto install a MySQL-database.
• Hannibal documentation on howto install a LDAP server for user authentication.
• Hannibal documentation on howto turn a server into a LDAP-client.

As the Jabberd2 package depends on some additional packages install them first on your server/virtual server:

apt-get install libidn11 jabber-common libmysqlclient15off mysql-common mysql-client

Logon to your database server and create a database and a database user for Jabberd2:

mysqladmin -u root -p create jabberd2
mysql -u root -p -e "grant all on jabberd2.* to jabdb@'your_jabber_server' identified by 'your_password'"
mysql -u root -p -e "flush privileges"

Although Debian Etch does not provide a binary package for Jabberd2, the source of the software is available in the Debian Experimental tree. To get the source code, log in to your development server and add a line for the Debian Experimental repository to /etc/apt/sources.list. You might want to read the Hannibal Development-server howto.

..
deb-src http://ftp.nl.debian.org/debian experimental main contrib non-free
..

Afterwards run:

apt-get update
cd /path_to_your_home
apt-get source jabberd2

We want to build a Jabberd2 package for Debian Etch (amd64-platform) that supports LDAP and MySQL. First we need to obtain the build dependencies of Jabberd2, then we can build the binary package:

cd /path_to_your_home/jabberd2-2.0s11
sudo apt-get build-dep jabberd2
dpkg-buildpackage -rfakeroot -b

Copy the Jabberd2 package to your server/virtual server and install the package like so:

dpkg -i /your_path/jabberd2-ldap-mysql_2.0s11-1_amd64.deb

The Jabberd2 package provides a jabberd2 database schema for starters, so install this schema:

cd /home
gzip -d /usr/share/doc/jabberd2-ldap-mysql/tools/db-setup.mysql.gz
mysql -u jabdb -p -h your_database_server
\. db-setup.mysql

The Jabberd2 software itself is configured via 6 xml-files in the directory /etc/jabberd2. Check the configuration-section on the Jabberd2 website for details on these files.

Configure sm.xml for your MySQL-environment:

...
    <mysql>
      <!-- Database server host and port -->
      <host>your_database_server</host>
      <port>3306</port>

      <!-- Database name -->
      <dbname>jabberd2</dbname>

      <!-- Database username and password -->
      <user>jabdb</user>
      <pass>your_password</pass>
    </mysql>
...

As we want to make Jabberd2 to check PAM for authorization of clients (we only grant access to members of the 'ircusers' group), configure the c2s.xml file to use pam as a module (remember we don't use the native LDAP-patch of Jabberd2):

...
<module>pam</module>
...

create a file /etc/pam.d/jabberd:

@include common-auth
account     required     pam_succeed_if.so debug user ingroup ircusers
@include common-account
@include common-password
@include common-session

Restart the Jabberd2:

/etc/init.d/jabberd2-ldap-mysql restart

As the XMPP-protocol is an open standard any IRC-client that supports XMPP might work. We use Pidgin and Gaim on Ubuntu desktops and Adium on MacOSX clients ourselves.

Check the Jabberd2 website or search the net for other alternatives.