Dnia 2012-12-11, wto o godzinie 17:11 +0100, Guido Winkelmann pisze: > For the services I have running so far, I was able to implement this > by creating a new LDAP group (with objectClass: groupOfNames) for each > service and having every service check whether a freshly authenticated > user is a member of the respective group for this service before > granting access.
Quoting https://github.com/jabberd2/jabberd2/blob/master/etc/c2s.xml.dist.in#L634 <!-- Alternatively to <uidattr/> and <append-realm/> you may specify full LDAP search <query/> that will be used to get user objects from directory. The following replacements take place: %u is replaced by user login name %r is replaced by user login realm When <query/> is specified, <uidattr/> and <append-realm/> are unused and take no effect. --> <!-- <query>(&(mail=%u@%r)(objectClass=inetOrgPerson))</query> --> Isn't this wat you are looking for?