A digital publication from the J. Willard Marriott Library

SASL Authentication Mechanism Errors on OS X Server Messages Service

29 Jan SASL Authentication Mechanism Errors on OS X Server Messages Service

Posted at 00:32h in Jabber, Messages, OS X Server, SASL by
0 Likes

os x yosemite, server, authentication

Overview

There is an issue with the SASL authentication mechanism configuration with OS X Server application version 3.0.3 and might happen in later versions.

This workaround has been tested with OS X client running the Messages application. Also, Adium works if you have “Force old-style SSL” security option is enabled.

adium-force old-style SSL

This is due to a issue with the included c2s.xml file. The c2s.xml file configures the client-to-server Jabberd component. The c2s component handles communications with Jabber clients, and the settings in c2s.xml are primarily concerned with client communication.

Workaround

On the OS X Server, stop the Messages service with the following command:

sudo serveradmin stop jabber

Enter the administrator password:

Password:

And you should get the following output if the Messages service has properly stopped:

jabber:state = "STOPPED"

Or turn OFF the Messages service using the Server application:

OS X Server - Messages Off

Then open the following c2s.xml file with your favorite text editor:

/Library/Server/Messages/Config/jabberd/c2s.xml

Edit the following text:

	<!-- SASL authentication mechanisms. Comment out any that you
   don't want to be offered to clients. Again, if the auth/reg
   module does not support one of these mechanisms, then it will
   not be offered. -->
	<sasl>
		<gssapi/>
		<digest-md5/>
		<!--
<plain/>
<anonymous/>
-->

Move the <digest-md5/> text into the commented section.

	<!-- SASL authentication mechanisms. Comment out any that you
   don't want to be offered to clients. Again, if the auth/reg
   module does not support one of these mechanisms, then it will
   not be offered. -->
	<sasl>
		<gssapi/>
		<!--
<plain/>
<anonymous/>
<digest-md5/>
-->

On the OS X Server, start the Messages service with the following command:

sudo serveradmin start jabber

Enter the administrator password:

Password:

And you should get the following output if the Messages service has properly started:

jabber:state = "RUNNING"

Or turn ON the Messages service using the Server application:

OS X Server - Messages On

Next, launch your Messages client software and test the modification is working properly.

Tags:
, , , ,
2 Comments
  • Leif Carlsson
    Posted at 20:35h, 04 February Reply

    Hello! I tried this in High Sierra, Server 5.5 but I (still) get:

    jabberd/c2s: auxpropfunc error no mechanism available
    jabberd/router: auxpropfunc error no mechanism available
    jabberd/s2s: auxpropfunc error no mechanism available
    jabberd/sm: auxpropfunc error no mechanism available

    The Messages server was working in Sierra, Server 5.3.1

    Any thoughts?

    • Richard Glaser
      Posted at 22:58h, 13 February Reply

      Hello Leif:

      I haven’t been running Message service for a while. So, are you saying Messages server isn’t working at all in High Sierra, Server 5.5? Or the blog workaround for issue with the SASL authentication mechanism configuration doesn’t work?

Leave a Reply to Richard GlaserCancel reply