Services:XMPP:SASL downgrade
We are in the process of switching over the accounts to use LDAP. This page was created in order to document a warning that will occur on some clients after we enable LDAP authentication. The LDAP implementation in ejabberd doesn't support SASL authentication.
The implication is that the user does not send a salted & hashed password to ejabberd, so the ejabberd process has access to a user's password and sends it over to the LDAP server to authenticate. This is considered PLAIN
auth, even when both the XMPP c2s connection and the LDAP connect using TLS.
Some clients will display a warning because they detect that the auth used to be done with SASL, but not any longer. The most common one is Conversations, the Android client.
How to accept the warning in Conversations
In Conversations you can accept the warning by pressing "Accept" in the account details, that appears where the "Save" button is normally. [1]