annotate mod_lib_ldap/README.md @ 5263:381c62ef52aa

mod_http_oauth2: Group metadata section into OAuth and OpenID Could easily be confusing otherwise if you're reading one spec and see properties not defined there.
author Kim Alvefur <zash@zash.se>
date Tue, 21 Mar 2023 21:45:02 +0100
parents 71538875be48
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
809
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
1 # LDAP plugin suite for Prosody
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
2
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
3 The LDAP plugin suite includes an authentication plugin (mod\_auth\_ldap2) and storage plugin
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
4 (mod\_storage\_ldap) to query against an LDAP server. It also provides a plugin library (mod\_lib\_ldap)
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
5 for accessing an LDAP server to make writing other LDAP-based plugins easier in the future.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
6
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
7 # LDAP Authentication
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
8
1643
71538875be48 mod_lib_ldap: Update README to clarify discussion of auth / TLS... and discourage disabling TLS.
Paul Aurich <paul@darkrain42.org>
parents: 1466
diff changeset
9 **NOTE**: LDAP authentication currently only works with plaintext auth (as opposed to DIGEST-MD5 or SCRAM)
71538875be48 mod_lib_ldap: Update README to clarify discussion of auth / TLS... and discourage disabling TLS.
Paul Aurich <paul@darkrain42.org>
parents: 1466
diff changeset
10 If this isn't ok with you, don't use it! (Or better yet, fix it =) )
809
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
11
1643
71538875be48 mod_lib_ldap: Update README to clarify discussion of auth / TLS... and discourage disabling TLS.
Paul Aurich <paul@darkrain42.org>
parents: 1466
diff changeset
12 With that note in mind, if you need to allow (XMPP) clients to connect to your server without TLS and
71538875be48 mod_lib_ldap: Update README to clarify discussion of auth / TLS... and discourage disabling TLS.
Paul Aurich <paul@darkrain42.org>
parents: 1466
diff changeset
13 want to use this module, you need to set 'allow\_unencrypted\_plain\_auth' to true in your
71538875be48 mod_lib_ldap: Update README to clarify discussion of auth / TLS... and discourage disabling TLS.
Paul Aurich <paul@darkrain42.org>
parents: 1466
diff changeset
14 configuration. You probably don't actually want to do this, though.
809
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
15
862
675945ea2ed6 Change hoelzro's mod_auth_ldap to mod_auth_ldap2
Rob Hoelz <rob@hoelz.ro>
parents: 809
diff changeset
16 To enable LDAP authentication, set 'authentication' to 'ldap2' in your configuration file.
809
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
17 See also http://prosody.im/doc/authentication.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
18
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
19 # LDAP Storage
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
20
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
21 LDAP storage is currently read-only, and it only supports rosters and vCards.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
22
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
23 To enable LDAP storage, set 'storage' to 'ldap' in your configuration file.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
24 See also http://prosody.im/doc/storage.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
25
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
26 # LDAP Configuration
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
27
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
28 All of the LDAP-specific configuration for the plugin set goes into an 'ldap' section
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
29 in the configuration. You must set the 'hostname' field in the 'ldap' section to
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
30 your LDAP server's location (a custom port is also accepted, so I guess it's not strictly
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
31 a hostname). The 'bind\_dn' and 'bind\_password' are optional if you want to bind as
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
32 a specific DN. There should be an example configuration included with this README, so
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
33 feel free to consult that.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
34
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
35 ## The user section
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
36
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
37 The user section must contain the following keys:
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
38
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
39 * basedn - The base DN against which to base your LDAP queries for users.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
40 * filter - An LDAP filter expression that matches users.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
41 * usernamefield - The name of the attribute in an LDAP entry that contains the username.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
42 * namefield - The name of the attribute in an LDAP entry that contains the user's real name.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
43
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
44 ## The groups section
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
45
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
46 The LDAP plugin suite has support for grouping (ala mod\_groups), which can be enabled via the groups
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
47 section in the ldap section of the configuration file. Currently, you must have at least one group.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
48 The groups section must contain the following keys:
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
49
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
50 * basedn - The base DN against which to base your LDAP queries for groups.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
51 * memberfield - The name of the attribute in an LDAP entry that contains a list of a group's members. The contents of this field
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
52 must match usernamefield in the user section.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
53 * namefield - The name of the attribute in an LDAP entry that contains the group's name.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
54
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
55 The groups section must contain at least one entry in its array section. Each entry must be a table, with the following keys:
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
56
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
57 * name - The name of the group that will be presented in the roster.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
58 * $namefield (whatever namefield is set to is the name) - An attribute pair to match this group against.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
59 * admin (optional) - whether or not this group's members are admins.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
60
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
61 ## The vcard\_format section
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
62
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
63 The vcard\_format section is used to generate a vCard given an LDAP entry. See http://xmpp.org/extensions/xep-0054.html for
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
64 more information. The JABBERID field is automatically populated.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
65
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
66 The key/value pairs in this table fall into three categories:
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
67
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
68 ### Simple pairs
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
69
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
70 Some values in the vcard\_format table are simple key-value pairs, where the key corresponds to a vCard
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
71 entry, and the value corresponds to the attribute name in the LDAP entry for the user. The fields that
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
72 be configured this way are:
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
73
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
74 * displayname - corresponds to FN
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
75 * nickname - corresponds to NICKNAME
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
76 * birthday - corresponds to BDAY
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
77 * mailer - corresponds to MAILER
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
78 * timezone - corresponds to TZ
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
79 * title - corresponds to TITLE
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
80 * role - corresponds to ROLE
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
81 * note - corresponds to NOTE
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
82 * rev - corresponds to REV
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
83 * sortstring - corresponds to SORT-STRING
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
84 * uid - corresponds to UID
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
85 * url - corresponds to URL
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
86 * description - corresponds to DESC
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
87
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
88 ### Single-level fields
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
89
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
90 These pairs have a table as their values, and the table itself has a series of key value pairs that are translated
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
91 similarly to simple pairs. The fields that are configured this way are:
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
92
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
93 * name - corresponds to N
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
94 * family - corresponds to FAMILY
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
95 * given - corresponds toGIVEN
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
96 * middle - corresponds toMIDDLE
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
97 * prefix - corresponds toPREFIX
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
98 * suffix - corresponds toSUFFIX
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
99 * photo - corresponds to PHOTO
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
100 * type - corresponds to TYPE
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
101 * binval - corresponds to BINVAL
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
102 * extval - corresponds to EXTVAL
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
103 * geo - corresponds to GEO
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
104 * lat - corresponds to LAT
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
105 * lon - corresponds to LON
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
106 * logo - corresponds to LOGO
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
107 * type - corresponds to TYPE
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
108 * binval - corresponds to BINVAL
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
109 * extval - corresponds to EXTVAL
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
110 * org - corresponds to ORG
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
111 * orgname - corresponds to ORGNAME
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
112 * orgunit - corresponds to ORGUNIT
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
113 * sound - corresponds to SOUND
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
114 * phonetic - corresponds to PHONETIC
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
115 * binval - corresponds to BINVAL
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
116 * extval - corresponds to EXTVAL
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
117 * key - corresponds to KEY
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
118 * type - corresponds to TYPE
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
119 * cred - corresponds to CRED
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
120
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
121 ### Multi-level fields
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
122
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
123 These pairs have a table as their values, and each table itself has tables as its values. The nested tables have
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
124 the same key-value pairs you're used to, the only difference being that values may have a boolean as their type, which
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
125 converts them into an empty XML tag. I recommend looking at the example configuration for clarification.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
126
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
127 * address - ADR
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
128 * telephone - TEL
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
129 * email - EMAIL
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
130
1466
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
131 For example, to get something like this in your vCard:
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
132
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
133 <TEL>
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
134 <WORK />
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
135 <VOICE />
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
136 <NUMBER>555-555-5555</NUMBER>
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
137 </TEL>
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
138
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
139 Your configuration for `telephone` will probably look something like this:
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
140
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
141 telephone = {
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
142 work = {
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
143 voice = true,
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
144 number = 'telephoneNumber',
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
145 },
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
146 }
9da03e45c6be Update LDAP docs for telephone and similar fields
Rob Hoelz <rob@hoelz.ro>
parents: 1224
diff changeset
147
809
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
148 ### Unsupported vCard fields
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
149
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
150 * LABEL
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
151 * AGENT
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
152 * CATEGORIES
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
153 * PRODID
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
154 * CLASS
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
155
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
156 ### Example Configuration
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
157
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
158 You can find an example configuration in the dev directory underneath the
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
159 directory that this file is located in.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
160
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
161 # Missing Features
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
162
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
163 This set of plugins is missing a few features, some of which are really just ideas:
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
164
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
165 * Implement non-plaintext authentication.
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
166 * Use proper LDAP binding (LuaLDAP must be patched with http://prosody.im/patches/lualdap.patch, though)
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
167 * Non-hardcoded LDAP groups (derive groups from LDAP queries)
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
168 * LDAP-based MUCs (like a private MUC per group, or something)
1d51c5e38faa Add LDAP plugin suite
rob@hoelz.ro
parents:
diff changeset
169 * This suite of plugins was developed with a POSIX-style setup in mind; YMMV. Patches to work with other setups are welcome!
1224
0b72b8fe4591 Add another TODO for mod_*_ldap
Rob Hoelz <rob@hoelz.ro>
parents: 862
diff changeset
170 * Add ability for users to change their vCard/passwords/etc from within Prosody