Hey all. I'm posting to get this in the archive for future searchers...
After setting up a clean 10.5.1 server as a test machine, I noted that
none of our older clients, including Adium and iChat on 10.4.x, could
connect to the new service. Simply editing the /etc/jabberd/c2s.xml
file to comment out the "gssapi" authentication fixed it up swell. In
our case, Active Directory isn't an issue since we're an all-Mac shop,
so Apple's tech note at <http://docs.info.apple.com/article.html?artnum=306749
> doesn't apply, although it was clueful for me.
Here's the relevant section excerpted from c2s.xml:
<!-- Available authentication mechanisms -->
<mechanisms>
<!-- These are the traditional Jabber authentication mechanisms.
Comment out any that you don't want to be offered to clients.
Note that if the auth/reg module does not support one of
these mechanisms, then it will not be offered regardless of
whether or not it is enabled here.
Similarly, if <zerok/> is disabled, then zero-knowledge data
will not be created when a user is registered. -->
<traditional>
<plain/>
<cram-md5/>
<!--
<digest/>
<zerok/>
-->
</traditional>
<!-- SASL authentication mechanisms. Comment out any that you
don't want to be offered to clients. Again, if the auth/reg
module does not support one of these mechanisms, then it will
not be offered. NOTE: Ted Dively commented out the "gssapi"
authentication
method on 11/28/2007 in order to allow Adium and older iChat
clients to connect to this Jabber server. -->
<sasl>
<!-- <gssapi/> -->
<!--
<plain/>
<digest-md5/>
<anonymous/>
-->
</sasl>
</mechanisms>
And that, as they say, is that.
Ted
--
Group D Communications
Technology Consulting -- IT, Databases, Websites, Software, Hosting
www.groupd.com
PH 415.701.8331 x202
FX 415.701.8332
P.O. Box 170697
San Francisco, CA 94117-0697
