ejabberd VS IBM Lotus SameTime:
1) Бесплатный клиент и сервер
2) Требует мало ресурсов (клиент и сервер)
3) win32 + linux
3) Работает пересылка файлой неограниченного размера
4) Клиент устанавливается за 2 клика, не требует административных прав
Итак:
1) Дополнительная настройка domino:
(Думаю имеет смысл предположить что домино у вас уже установлен и настроен)
небходимо настроить Directory Assistance что-бы получилось что-то вроде:
С домино сервером идет замечательная документация по настройки Directory Assistance, используйте ее.
Так-же необходимо настроить и включить службу domino сервера - LDAP, так-же процесс настройки описан в документации, я просто включил ее не делая никаких специфических настроек. Единственное, возможно вам придется создать Configuration Document, если вы этого еще не сделали, в любом случае его наличие очень рекомендуется.
(Не забываем открывать нужные порты в настройках брандмауэра)
Не обязательно, но очень рекомендую создать пользователя для управления ejabberd сервером, например im-admin, укажите у него email адрес: im-admin@company.ru
2) Установка jabberd:
Возможна установка на домино сервер, и вам НЕ потребуется дополнительное оборудование.
в моем случае (openSUSE 11.3) установка проста, установить пакет ejabberd из репозитария:
http://download.opensuse.org/repositories/server:/messaging/openSUSE_11.3/
Информацию по установке пакет легко можно найти используя поиск.
Если мне не изменяет память, ejabberd может работать под windows.
3) Настройка сервера ejabberd (самое интересное):
(если у вас используется кластер серверов domino, jabberd может использовать это)
версия сервера ejabberd - 2.1.0
все настройки ejabberd сервера находятся в 3-х файлах в /etc/ejabberd:
ejabberd.cfg, ejabberdctl.cfg и inetrc
вот действующие конфиги: (реальные значения изменены)
company.ru - условный домен компании
COMPANY - Notes домен компании
im-admin - имя пользователя в справочнике domino для управления ejabberd'ом
im-admin@company.ru - email пользователя в справочнике domino для управления ejabberd'ом
domino-1.company.ru - сервер domino с работающим сервисом LDAP
ejabberd.cfg:
%%% %%% ejabberd configuration file %%% %%%' %%% The parameters used in this configuration file are explained in more detail %%% in the ejabberd Installation and Operation Guide. %%% Please consult the Guide in case of doubts, it is included in %%% your copy of ejabberd, and is also available online at %%% http://www.process-one.net/en/ejabberd/docs/ %%% This configuration file contains Erlang terms. %%% In case you want to understand the syntax, here are the concepts: %%% %%% - The character to comment a line is % %%% %%% - Each term ends in a dot, for example: %%% override_global. %%% %%% - A tuple has a fixed definition, its elements are %%% enclosed in {}, and separated with commas: %%% {loglevel, 4}. %%% %%% - A list can have as many elements as you want, %%% and is enclosed in [], for example: %%% [http_poll, web_admin, tls] %%% %%% - A keyword of ejabberd is a word in lowercase. %%% The strings are enclosed in "" and can have spaces, dots... %%% {language, "en"}. %%% {ldap_rootdn, "dc=example,dc=com"}. %%% %%% - This term includes a tuple, a keyword, a list and two strings: %%% {hosts, ["jabber.example.net", "im.example.com"]}. %%% %%%. ======================= %%%' OVERRIDE STORED OPTIONS %% %% Override the old values stored in the database. %% %% %% Override global options (shared by all ejabberd nodes in a cluster). %% %%override_global. %% %% Override local options (specific for this particular ejabberd node). %% %%override_local. %% %% Remove the Access Control Lists before new ones are added. %% %%override_acls. %%%. ========= %%%' DEBUGGING %% %% loglevel: Verbosity of log files generated by ejabberd. %% 0: No ejabberd log at all (not recommended) %% 1: Critical %% 2: Error %% 3: Warning %% 4: Info %% 5: Debug %% {loglevel, 4}. %% %% watchdog_admins: Only useful for developers: if an ejabberd process %% consumes a lot of memory, send live notifications to these XMPP %% accounts. %% %%{watchdog_admins, ["bob@example.com"]}. %%%. ================ %%%' SERVED HOSTNAMES %% %% hosts: Domains served by ejabberd. %% You can define one or several, for example: %% {hosts, ["example.net", "example.com", "example.org"]}. %% {hosts, ["company.ru"]}. %% %% route_subdomains: Delegate subdomains to other XMPP server. %% For example, if this ejabberd serves example.org and you want %% to allow communication with a XMPP server called im.example.org. %% %%{route_subdomains, s2s}. %%%. =============== %%%' LISTENING PORTS %% %% listen: Which ports will ejabberd listen, which service handles it %% and what options to start it with. %% {listen, [ {5222, ejabberd_c2s, [ %% %% If TLS is compiled and you installed a SSL %% certificate, put the correct path to the %% file and uncomment this line: %% %%{certfile, "/path/to/ssl.pem"}, starttls, {access, c2s}, %% {shaper, c2s_shaper}, {max_stanza_size, 65536} ]}, %% %% To enable the old SSL connection method in port 5223: %% %%{5223, ejabberd_c2s, [ %% {access, c2s}, %% {shaper, c2s_shaper}, %% {certfile, "/path/to/ssl.pem"}, tls, %% {max_stanza_size, 65536} %% ]}, {5269, ejabberd_s2s_in, [ %% {shaper, s2s_shaper}, {max_stanza_size, 131072} ]}, %% %% ejabberd_service: Interact with external components (transports...) %% %%{8888, ejabberd_service, [ %% {access, all}, %% {shaper_rule, fast}, %% {ip, {127, 0, 0, 1}}, %% {hosts, ["icq.example.org", "sms.example.org"], %% [{password, "secret"}] %% } %% ]}, %% %% ejabberd_stun: Handles STUN Binding requests %% %%{{3478, udp}, ejabberd_stun, []}, {5280, ejabberd_http, [ %%{request_handlers, %% [ %% {["pub", "archive"], mod_http_fileserver} %% ]}, captcha, http_bind, http_poll, web_admin ]} ]}. %% %% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections. %% Allowed values are: true or false. %% You must specify a certificate file. %% %%{s2s_use_starttls, true}. %% %% s2s_certfile: Specify a certificate file. %% %%{s2s_certfile, "/path/to/ssl.pem"}. %% %% domain_certfile: Specify a different certificate for each served hostname. %% %%{domain_certfile, "example.org", "/path/to/example_org.pem"}. %%{domain_certfile, "example.com", "/path/to/example_com.pem"}. %% %% S2S whitelist or blacklist %% %% Default s2s policy for undefined hosts. %% %%{s2s_default_policy, allow}. %% %% Allow or deny communication with specific servers. %% %%{{s2s_host, "goodhost.org"}, allow}. %%{{s2s_host, "badhost.org"}, deny}. %% %% Outgoing S2S options %% %% Preferred address families (which to try first) and connect timeout %% in milliseconds. %% %%{outgoing_s2s_options, [ipv4, ipv6], 10000}. %%%. ============== %%%' AUTHENTICATION %% %% auth_method: Method used to authenticate the users. %% The default method is the internal. %% If you want to use a different method, %% comment this line and enable the correct ones. %% %% {auth_method, internal}. %%%%% ZZZZZZZZZZZZZZZZZZZZZZZZZZzz %% %% Authentication using external script %% Make sure the script is executable by ejabberd. %% %%{auth_method, external}. %%{extauth_program, "/path/to/authentication/script"}. %% %% Authentication using ODBC %% Remember to setup a database in the next section. %% %%{auth_method, odbc}. %% %% Authentication using PAM %% %%{auth_method, pam}. %%{pam_service, "pamservicename"}. %% %% Authentication using LDAP %% {auth_method, ldap}. %% %% List of LDAP servers: {ldap_servers, ["domino-1.company.ru"]}. %% %% Encryption of connection to LDAP servers: {ldap_encrypt, none}. %%{ldap_encrypt, tls}. %% %% Port connect to LDAP servers: {ldap_port, 389}. %%{ldap_port, 636}. %% %% LDAP manager: %%{ldap_rootdn, "dc=example,dc=com"}. {ldap_rootdn, "CN=im-admin,O=COMPANY"}. %% %% Password to LDAP manager: {ldap_password, ""}. %% %% Search base of LDAP directory: {ldap_base, "O=COMPANY"}. %% LDAP attribute that holds user ID: uid - username %%{ldap_uids, [{"mail", "%u@company.ru"}]}. %% {ldap_uids, [{"uid", "%u"}]}. %% {ldap_uids, [{"mail", "%u@company.ru"},{"uid", "%u@company.ru"}]}. {ldap_uids, [{"mail", "%u@company.ru"},{"uid"}]}. %% %% LDAP filter: {ldap_filter, "(objectClass=dominoPerson)"}. %% %% Anonymous login support: %% auth_method: anonymous %% anonymous_protocol: sasl_anon | login_anon | both %% allow_multiple_connections: true | false %% %%{host_config, "public.example.org", [{auth_method, anonymous}, %% {allow_multiple_connections, false}, %% {anonymous_protocol, sasl_anon}]}. %% %% To use both anonymous and internal authentication: %% %%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}. %%%. ============== %%%' DATABASE SETUP %% ejabberd uses by default the internal Mnesia database, %% so you can avoid this section. %% This section provides configuration examples in case %% you want to use other database backends. %% Please consult the ejabberd Guide for details about database creation. %% %% MySQL server: %% %%{odbc_server, {mysql, "server", "database", "username", "password"}}. %% %% If you want to specify the port: %%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}. %% %% PostgreSQL server: %% %%{odbc_server, {pgsql, "server", "database", "username", "password"}}. %% %% If you want to specify the port: %%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}. %% %% If you use PostgreSQL, have a large database, and need a %% faster but inexact replacement for "select count(*) from users" %% %%{pgsql_users_number_estimate, true}. %% %% ODBC compatible or MSSQL server: %% %%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}. %% %% Number of connections to open to the database for each virtual host %% %%{odbc_pool_size, 10}. %% %% Interval to make a dummy SQL request to keep alive the connections %% to the database. Specify in seconds: for example 28800 means 8 hours %% %%{odbc_keepalive_interval, undefined}. %%%. =============== %%%' TRAFFIC SHAPERS %% %% The "normal" shaper limits traffic speed to 1.000 B/s %% {shaper, normal, {maxrate, 1000000}}. %% %% The "fast" shaper limits traffic speed to 50.000 B/s %% {shaper, fast, {maxrate, 5000000}}. %%%. ==================== %%%' ACCESS CONTROL LISTS %% %% The 'admin' ACL grants administrative privileges to XMPP accounts. %% You can put as many accounts as you want. %% %%{acl, admin, {user, "aleksey", "localhost"}}. {acl, admin, {user, "im-admin", "company.ru"}}. %% %% Blocked users %% %%{acl, blocked, {user, "baduser", "example.org"}}. %%{acl, blocked, {user, "test"}}. %% %% Local users: don't modify this line. %% {acl, local, {user_regexp, ""}}. %% %% More examples of ACLs %% %%{acl, jabberorg, {server, "jabber.org"}}. %%{acl, aleksey, {user, "aleksey", "jabber.ru"}}. %%{acl, test, {user_regexp, "^test"}}. %%{acl, test, {user_glob, "test*"}}. %% %% Define specific ACLs in a virtual host. %% %%{host_config, "localhost", %% [ %% {acl, admin, {user, "bob-local", "localhost"}} %% ] %%}. %%%. ============ %%%' ACCESS RULES %% Maximum number of simultaneous sessions allowed for a single user: {access, max_user_sessions, [{10, all}]}. %% Maximum number of offline messages that users can have: {access, max_user_offline_messages, [{5000, admin}, {100, all}]}. %% This rule allows access only for local users: {access, local, [{allow, local}]}. %% Only non-blocked users can use c2s connections: {access, c2s, [{deny, blocked}, {allow, all}]}. %% For C2S connections, all users except admins use "normal" shaper {access, c2s_shaper, [{none, admin}, {normal, all}]}. %% All S2S connections use "fast" shaper {access, s2s_shaper, [{fast, all}]}. %% Only admins can send announcement messages: {access, announce, [{allow, admin}]}. %% Only admins can use configuration interface: {access, configure, [{allow, admin}]}. %% Admins of this server are also admins of MUC service: {access, muc_admin, [{allow, admin}]}. %% Only accounts of the local ejabberd server can create rooms: {access, muc_create, [{allow, local}]}. %% All users are allowed to use MUC service: {access, muc, [{allow, all}]}. %% Only accounts in the local ejabberd server can create Pubsub nodes: {access, pubsub_createnode, [{allow, local}]}. %% In-band registration allows registration of any possible username. %% To disable in-band registration, replace 'allow' with 'deny'. {access, register, [{allow, all}]}. %% By default frequency of account registrations from the same IP %% is limited to 1 account every 10 minutes. To disable put: infinity %%{registration_timeout, 600}. %% %% Define specific Access rules in a virtual host. %% %%{host_config, "localhost", %% [ %% {access, c2s, [{allow, admin}, {deny, all}]}, %% {access, register, [{deny, all}]} %% ] %%}. %%%. ================ %%%' DEFAULT LANGUAGE %% %% language: Default language used for server messages. %% {language, "ru"}. %% %% Set a different default language in a virtual host. %% %%{host_config, "localhost", %% [{language, "ru"}] %%}. %%%. ======= %%%' CAPTCHA %% %% Full path to a script that generates the image. %% %%{captcha_cmd, "/lib/ejabberd/priv/bin/captcha.sh"}. %% %% Host part of the URL sent to the user. %% %%{captcha_host, "example.org:5280"}. %%%. ======= %%%' MODULES %% %% Modules enabled in all ejabberd virtual hosts. %% {modules, [ {mod_adhoc, []}, {mod_announce, [{access, announce}]}, % recommends mod_adhoc {mod_caps, []}, {mod_configure,[]}, % requires mod_adhoc {mod_disco, []}, %%{mod_echo, [{host, "echo.localhost"}]}, {mod_irc, []}, {mod_http_bind, []}, %%{mod_http_fileserver, [ %% {docroot, "/var/www"}, %% {accesslog, "/var/log/ejabberd/access.log"} %% ]}, {mod_last, []}, {mod_muc, [ %%{host, "conference.@HOST@"}, {access, muc}, {access_create, muc_create}, {access_persistent, muc_create}, {access_admin, muc_admin} ]}, %%{mod_muc_log,[]}, {mod_offline, [{access_max_user_messages, max_user_offline_messages}]}, {mod_ping, []}, {mod_privacy, []}, {mod_private, []}, %%{mod_proxy65,[]}, {mod_pubsub, [ {access_createnode, pubsub_createnode}, {ignore_pep_from_offline, true}, {last_item_cache, false}, {plugins, ["flat", "hometree", "pep"]} % pep requires mod_caps ]}, {mod_register, [ %% %% After successful registration, the user receives %% a message with this subject and body. %% {welcome_message, {"Welcome!", "Hi.\nWelcome to Jabber (XMPP) server."}}, %% %% When a user registers, send a notification to %% these XMPP accounts. %% %%{registration_watchers, ["admin1@example.org"]}, {access, register} ]}, {mod_roster, []}, %%{mod_service_log,[]}, {mod_shared_roster,[]}, {mod_stats, []}, {mod_time, []}, %%%% {mod_vcard, []}, %% {mod_vcard, [{search, true}, %% {matches, infinity}, %% {allow_return_all, true}, %% {search_all_hosts, false}]}, {mod_vcard_ldap, [ {search, true}, {allow_return_all, true}, {matches, infinity}, {host,"domino-1.company.ru"}, %% We use the same server and port, but want to bind anonymously because %% our LDAP server accepts anonymous requests to %% "ou=AddressBook,dc=example,dc=org" subtree. {ldap_rootdn, "CN=im-admin,O=COMPANY"}, {ldap_password, ""}, %% define the addressbook's base {ldap_base, "O=COMPANY"}, %% uidattr: user's part of JID is located in the "mail" attribute %% uidattr_format: common format for our emails {ldap_uids, [{"mail","%u@company.ru"},{"uid"}]}, %% We have to define empty filter here, because entries in addressbook does not %% belong to shadowAccount object class {ldap_filter, "(objectClass=dominoPerson)"}, %% Now we want to define vCard pattern {ldap_vcard_map, %% [{"NICKNAME", "%u", []}, % just use user's part of JID as his nickname %% {"FIRST", "%s", ["givenName"]}, %% {"LAST", "%s", ["sn"]}, % {"FN", "%s, %s", ["sn", "givenName"]}, % example: "Smith, John" %% {"EMAIL", "%s", ["mail"]}, % {"BDAY", "%s", ["birthDay"]}] [ %% {"NICKNAME", "%u", []}, {"NICKNAME", "%s", ["uid"]}, %% {"NICKNAME", "%s", ["altfullname"]}, {"FN", "%s", ["displayName"]}, {"FIRST", "%s", ["givenName"]}, {"LAST", "%s", ["sn"]}, {"EMAIL", "%s", ["mail"]}, {"DESC", "%s %s", ["altfullname", "cn"]}, {"TEL", "%s", ["location"]} %% {"DESC", "%s", ["description"]}, %% {"TEL", "%s", ["telephoneNumber"]} %% {"MIDDLE", "%s", ["initials"]}, %% {"ORGNAME", "%s", ["o"]}, %% {"ORGUNIT", "%s", ["ou"]}, %% {"CTRY", "%s", ["c"]}, %% {"STREET", "%s", ["street"]}, %% {"REGION", "%s", ["st"]}, %% {"PCODE", "%s", ["postalCode"]}, %% {"TITLE", "%s", ["title"]}, %% {"URL", "%s", ["labeleduri"]}, %% {"LOCALITY", "%s", ["l"]}, %% {"BDAY", "%s", ["birthDay"]}, %% {"ROLE", "%s", ["employeeType"]}, %% {"PHOTO", "%s", ["jpegPhoto"]} ] } %% Search form ,{ldap_search_fields, %% [{"User", "%u"}, %% {"Name", "givenName"}, %% {"Family Name", "sn"}, %% {"Email", "mail"}, %% {"Birthday", "birthDay"}] [ {"User", "%u"}, %% {"Full Name", "displayName"}, {"Full Name", "FN"}, {"Given Name", "FIRST"}, {"Middle Name", "MIDDLE"}, {"Family Name", "LAST"}, %% {"Nickname", "%u"}, %% {"Nickname", "uid"}, {"Nickname", "NICKNAME"}, {"Birthday", "BDAY"}, {"Country", "CTRY"}, {"City", "LOCALITY"}, {"Email", "EMAIL"}, {"Organization Name", "ORGNAME"}, {"Organization Unit", "ORGUNIT"} ] } %% vCard fields to be reported %% Note that JID is always returned with search results ,{ldap_search_reported, %% [{"Full Name", "FN"}, %% {"Nickname", "NICKNAME"}, %% {"Birthday", "BDAY"}] [ {"Full Name", "FN"}, {"Given Name", "FIRST"}, {"Middle Name", "MIDDLE"}, {"Family Name", "LAST"}, {"Nickname", "NICKNAME"}, {"Birthday", "BDAY"}, {"Country", "CTRY"}, {"City", "LOCALITY"}, {"Email", "EMAIL"}, {"Organization Name", "ORGNAME"}, {"Organization Unit", "ORGUNIT"} ] } ]}, {mod_version, []} ]}. %% %% Enable modules with custom options in a specific virtual host %% %%{host_config, "localhost", %% [{{add, modules}, %% [ %% {mod_echo, [{host, "mirror.localhost"}]} %% ] %% } %% ]}. %%%. %%%' %%% $Id: ejabberd.cfg.example 2683 2009-10-19 17:02:37Z badlop $ %%% Local Variables: %%% mode: erlang %%% End: %%% vim: set filetype=erlang tabstop=8 foldmarker=%%%',%%%. foldmethod=marker:
ejabberdctl.cfg оставляем без изменений
inetrc:
{lookup,["file","native"]}. %%% {host,{127,0,0,1}, ["localhost","hostalias"]}. {host,{127,0,0,1}, ["company.ru","hostalias"]}. {file, resolv, "/etc/resolv.conf"}.
так-же см.:
http://ru.wikipedia.org/wiki/Ejabberd
http://habrahabr.ru/tag/ejabberd/
Вопросы в комменты.
Если кому интересно, могу отдельно рассказать как сформировать .exe с преднастроенным PSI, так чтобы пользователю осталось ввести только емаил и пароль.
ОтветитьУдалитьРасскажите, было бы интересно.
ОтветитьУдалить