Hello all,
I am new to Openfire and really like the program. One issue i am having is I would like to have all of my users authenticate via Active Directory, but I would like to create my own groups within Openfire to add these users to.
Is this possible?
If so can someone help me out with my config?
Thanks in advance for any and all help you can give me.
I don’t think this is possible, unless someone knows different. However I’m guessing this is related to your previous post - about not being able to see AD groups in Openfire? I’m sure we can fix that issue - you’d just need to post your openfire.xml file.
I don’t really understand why you’d want to use AD for authentication but not use it for groups. You can create groups for Openfire in AD, and then Openfire picks them up. What I’ve done in my situation is for each group that I want Openfire to use as a “shared group” (ie. a group that will pre-populate users rosters in Spark with contacts) - I’ve created groups in AD that contain all the users, and named them “Openfire Shared Group - Department Name”. My openfire.xml then contains a simple LDAP filter to just pick up groups prefixed with “Openfire” - this cuts down massively on LDAP searches and performance is hugely increased.
If it helps, here is my openfire.xml file :
<?xml version="1.0" encoding="UTF-8"?>
<!–
This file stores bootstrap properties needed by Openfire.
Property names must be in the format: "prop.name.is.blah=value"
That will be stored as:
value
__ Most properties are stored in the Openfire database. A
property viewer and editor is included in the admin console.
–>
This is possible, but if you are having AD group issues it may be better to fix the problem there.