Dan,
It seems your problem isn't related neither to SASL or ntlogon, nor to
TLS. It is the "bind" command problem that fails.
I'm not sure why it fails though but it may be StorageManager that
isn't running for your domain and which is responsible for binding
after successful authentication.
Make sure SM is running and its sm.xml sm/id matches c2s/local/id of
c2s.xml, checkout you got same domain and your components are
connected to router:
> c2s.log
Tue Feb 05 00:17:11 2008 [notice] [mydomain.com] configured;
realm=mydomain.com, registration disabled
Tue Feb 05 00:17:11 2008 [notice] connection to router established
> sm.log
Tue Feb 05 00:17:19 2008 [notice] id: mydomain.com
Tue Feb 05 00:17:19 2008 [notice] connection to router established
Note that domain setting is setting used for ntlogon to indicate which
ADS domain (or computer) should be used as auth source.
SEND: <iq type='set' id='1007'><bind
xmlns='urn:ietf:params:xml:ns:xmpp-
bind'><resource>[EMAIL PROTECTED]</resource></bind></iq>
RECV: <stream:error
xmlns:stream='http://etherx.jabber.org/streams'><internal-server-error
xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text
xmlns='urn:ietf:params:xml:ns:xmpp-streams'>internal server
error</text></stream:error></stream:stream>
SEND: </stream:stream>
@Tomasz: Do you have any clue what else may cause internal server
error? Would be nice if we could have more clear error reporting in
this case @ c2s.c:
/* route errors */
if(nad_find_attr(nad, 0, -1, "error", NULL) >= 0) {
log_debug(ZONE, "routing error");
sx_error(sess->s, stream_err_INTERNAL_SERVER_ERROR,
"internal server error");
sx_close(sess->s);
nad_free(nad);
return 0;
}
I think we could pass there some more meaningful error description to
the client? Like "sm for this domain is not running" or cannot connect
to sm.
Cheers,
--
Adam Strzelecki |: nanoant.com :|
