On 02/09/2012 06:48 AM, Dale Macartney wrote: > > Morning all > > I have a working setup of ejabberd authenticated to pam on an IPA client > which works great.. However, unlike my other projects to provide > details of integration with IPA, I am struggling with the SSO aspect of > it, simply because of a lack of knowledge of jabber packages. (Currently > I have used ejabberd and pidgin for testing, and from an end user view > point, there doesn't appear to be an option to select kerberos to > authenticate with). > > My goal, like other services is to tap *a* jabber service (can be > anything) into ipa for single sign on. > > What is the general feeling in the community around jabber in the > enterprise? (Useful or not? Best practices?) > What is your preferred jabber software (server and client would be handy > to know for testing) and why? > Does it support GSSAPI? > > Many thanks > > Dale > > > > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users
Dale, I built a setup using openfire (the IM server) that utilized kerberos. It is slightly tricky unfortunately, kerberos has been the realm of universities and big business for a long time so a lot of things are not straight forward. Pidgin does natively support kerberos so you can use that easily, the way to use kerberos in pidgin is simply not to provide it with any password info, it will try kerberos in the process. This works both on windows (using kfw) and linux systems, probably macs too, but I have never tested it on macs. I will see if I can dig up some notes from configuring openfire. -Erinn
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
