On 02/09/2012 06:48 AM, Dale Macartney wrote:
> 
> Morning all
> 
> I have a working setup of ejabberd authenticated to pam on an IPA client
> which works great..  However, unlike my other projects to provide
> details of integration with IPA, I am struggling with the SSO aspect of
> it, simply because of a lack of knowledge of jabber packages. (Currently
> I have used ejabberd and pidgin for testing, and from an end user view
> point, there doesn't appear to be an option to select kerberos to
> authenticate with).
> 
> My goal, like other services is to tap *a* jabber service (can be
> anything) into ipa for single sign on.
> 
> What is the general feeling in the community around jabber in the
> enterprise? (Useful or not? Best practices?)
> What is your preferred jabber software (server and client would be handy
> to know for testing) and why?
> Does it support GSSAPI?
> 
> Many thanks
> 
> Dale
> 
> 
> 
> 
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

Dale,
I built a setup using openfire (the IM server) that utilized kerberos.
It is slightly tricky unfortunately, kerberos has been the realm of
universities and big business for a long time so a lot of things are not
straight forward.

Pidgin does natively support kerberos so you can use that easily, the
way to use kerberos in pidgin is simply not to provide it with any
password info, it will try kerberos in the process. This works both on
windows (using kfw) and linux systems, probably macs too, but I have
never tested it on macs.

I will see if I can dig up some notes from configuring openfire.

-Erinn

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to