powered by Jive Software

Active Directory Domain Name - S2S

Hi All,

I’m having a problem with S2S due to using active directory for LDAP authentication.

Our domain name in Active Directory is domain.local but our domain on the internet is domain.com.au. We have setup S2S on the openfire server and configured the xmpp domain settings to be domain.com.au. When a S2S message is sent I can see successful connection to the recieving server then the dial back key is sent from our openfire server but the domain name it sends is the domain name specified in the users Active Directory usename which is domain.local.

Is there a way to tell openfire to use the domain specified under the xmpp.domain setting?

Another question - Our username format in Active Directory is different to our email address format, is there a way to have your screen name the same as your email address but still use AD for authetication?

Thanks a bunch

With no answers yet, I am expecting this is not possible. Does anyone know if there is something I can do to get around this issue other than renaming my domain???



Short of renaming your domain there is not much hope for success. The Openfire server is very dependent on DNS naming. Ideally your AD domain should be a subset of your real world domain (ie somedomain.com could be ad.somedomain.com). Secondly Microsucks says in their documentation that they do not recommend using the .local domain as it may cause problems.

the .local and other non routable internet domains are there for obvious security reasons - which is a smart move if you consider everything

as far as the repurcussions on OpenFire, this means an LDAP integrated installation isn’t going to be practical for a S2S topology with any .local intranet naming as is found in default AD installation of Windows Server products (including SBS) - perhaps leveraging ISA’s ability to replace headers could overcome this obstacle but it is only a thought