mod_shared_roster_ldap : Manually created shared roster needed beforehand?

Question

I'm fighting since long to make the mod_shared_roster_ldap (with an Active Directory LDAP) work to no avail, though I think I have read 72% of the complete world wide web, and tested too many combinations, including the ones found here and there marked as 'solved'.

Anyway, before detailing (surely in another question) my setup, I have to understand clearly the following point :

• When I'm creating a shared roster group, either via the "ejabberdctl srg_*" CLI commands, either via the web GUI, my clients (Pidgin and Gajim) are showing it, and its users. Fine.
• When I'm trying to achieve the same by using mod_shared_roster_ldap, nothing appears, no group, no name, no nothing.

Before going further, I have to understand if the methods described above are completely different things and should work on their own, or do I have to do something (either via cli ou web gui) BEFORE trying to configure mod_shared_roster_ldap?

Thank you.

Answer 1

Those modules are different and independent:

• mod_shared_roster can use mnesia or a sql database backend
• mod_shared_roster_ldap is a different implementation, using LDAP as backend.

For example, mod_shared_roster implements functions to push changes to the online clients (see funcions like push_user_to_members). I don't see equivalent functions in mod_shared_roster_ldap. This means the clients will get the updated roster after they logout and login.

Also worth noting is that mod_shared_roster_ldap doesn't depend on mod_shared_roster: No need to enable one to use the other. And this implies they are independent implementations of similar features.

Regarding srg_ API commands: those are implemented in mod_admin_extra, and they call directly mod_shared_roster.

And the pages displayed in ejabberd's WebAdmin? They are defined in mod_shared_roster (funcions webadmin_page, etc)

In summary:

• mod_shared_roster_ldap is expected to be configured in ejabberd.yml. Users get the shared roster only when login.
• mod_shared_roster has no configuration in ejabberd.yml, instead it's administered using WebAdmin or the srg_ API commands. And those changes are pushed to the corresponding clients

As you already have a user base in LDAP, the obvious path now is to use mod_shared_roster_ldap. In that case, disable mod_shared_roster, forget about its webadmin and API commands, and concentrate in mod_shared_roster_ldap configuration in ejabberd.yml

If this path were completely impossible (or if mod_shared_roster_ldap didn't exist), then you could try the long path: enable mod_shared_roster, and use API commands to create groups, add users to groups, etc.